Tarus Balog : 2017 Dev-Jam – Day 3

July 20, 2017 08:36 PM

By Day 3 we’ve settled into a rhythm, so I don’t have much to report from the actual OpenNMS side of things. Personally, I spent way too much time trying to figure out why Twitter is blocking links to this blog. It’s been ad-free for over a decade, yet Twitter thinks it is spam.

We believe it was because we were using dlvr.it to post things I write here to the OpenNMS Twitter feed and thus it got flagged as automation (which is, apparently, bad). I can understand it, but my complaint is that there is no clear process for getting it resolved. I think I’ve submitted the proper request and I’ve even tried to back-channel some help through friends of friends, but I think I’m just going to focus on posting on Google Plus from here on out, unless I need to complain. (grin)

So the gang worked while I bitched at Twitter. Oh, I do have a picture of a Canadian food product: ketchup flavored potato chips, modeled by Jeff.

Dev-Jam: Ketchup Potato Chips - photo credit Jessica

I can report on what we did in the evening. Usually Dev-Jam involves seeing a Major League Baseball game, specifically the Minnesota Twins. However, the only MLB team ever in Montréal, the Expos, played their last season here a year before Dev-Jam started (2004).

However, Montréal does host an international fireworks competition, so we got tickets. It’s held at La Ronde, which is an amusement park in the Six Flags chain. La Ronde is located on the northern end of St. Helen’s Island (Île Sainte-Hélène). While the park itself wasn’t very crowded, it turns out that Metallica fans, including our own Alejandro, were descending on the southern part of the island for a concert.

To get there from Grey Nuns, we took the Metro. The Metro station on St. Helen’s Island is near a museum called The Biosphere, complete with a geodesic dome created by Buckminster Fuller. Might be worth a return visit.

Dev-Jam: Montréal Biosphere - photo credit Mike

We took a free shuttle to get to the park, and our tickets also granted us admission. Out of habit I had taken my grandfather’s pocket knife, not realizing they would have metal detectors, but they had a cool system where I could drop it off and pick it up later (so I didn’t have to hide it in the bushes).

As soon as we got into the park, the sky opened up and poured on us. Some of us found shelter under building overhangs, some on rides and some just got wet. One of the rides was the carousel, where Ben, Seth and Cynthia seemed to have fun.

Dev-Jam: La Ronde Carousel - photo credit Mike

Luckily, the rain didn’t last too long. Since it was National Hot Dog Day, we decided to find some. As a fan of the show Silicon Valley, I suggested we try out the “Not Hotdog” app. Seems to work.

Dev-Jam: Not Hotdog - screenshots Mike

Afterward there was just enough time for a ride on Le Vampire.

Dev-Jam: Le Vampire Rollercoaster - photo credit Chris

Jessica is in the back of this shot, with Ronny and Jesse in the front.

Then it was time to see the show. There are three seating sections: Bronze, Silver and Gold. Gold had free beer but we had been told that the Silver section (Argent) had the best views. I wasn’t disappointed. And this being Quebec, there had to be clowns.

Dev-Jam: Fireworks Clowns - photo credit Ben

In section 307 we were on an elevated platform looking out over a lake. The fireworks were launched from the other side of the lake and synchronized with music. As this is an international competition, the presenter for our show was Germany. They played the German national anthem and introduced the performers.

Dev-Jam: Fireworks Introductions - photo credit Ben

The show … it was amazing.

And when I say it was amazing, I mean it was like I had never seen fireworks before, and I’ve seen them at places like EPCOT at Disney World. Since we were pretty close to the launch site, it was like they took up your whole field of vision. Plus, I never knew there were so many different types. They used the whole area, from high overhead down to the lake itself (at one point in time it was if the water was ablaze in green fire). Shells would explode overhead in a burst of color, followed by a second color and when those faded there would be a ring left that slowly faded away.

Dev-Jam: Fireworks Above - photo credit Ben

Sometimes the sky would just be a fountain of gold, and at other times the action would be at ground level. At times I felt they were telling a story. Not exactly one I understood, such as the red fountain thingies seem to be fighting the shooty yellow thingies, but it still evoked an emotional response.

Dev-Jam: Fireworks Down Low - photo credit Ben

The emotional high point for me was when they played Pachelbel’s Canon. I know it is cliché but the “Canon in D” is one of the most beautiful things ever made, and to see it illustrated in fire was simply breathtaking.

Speaking of things to take your breath away, soon after the show started the air was filled with smoke and ash from the fireworks. While it really didn’t detract from the show, people with health issues related to breathing should think carefully about attending.

Dev-Jam: The Bridge at Night - photo credit Ben

The show was 30 minutes long, and by the time we headed out to leave so did 40,000 Metallica fans. This was further complicated by the bridge to the island being closed so people could watch the fireworks. Rather than waiting for buses to arrive once the bridge was reopened, we decided to walk. There was a great view from the top, and the bridge itself was lit in green.

Dev-Jam: View from Bridge - photo credit Ben

We got back to the dorm around midnight, having had a great time. I hope I get a chance to see the fireworks show again, perhaps at next year’s Dev-Jam.

Tarus Balog : 2017 Dev-Jam – Day 2

July 19, 2017 03:50 PM

Dev-Jam was fully underway by Tuesday morning, starting with another Canadian tradition, Tim Hortons.

Dev-Jam: Tim Hortons Box

Lots of great discussions were going on. Ronny demonstrated Project Atlas, more formally known as the GraphML Topology Provider. This allows you to use GraphML to create topologies within the OpenNMS user interface.

Dev-Jam: Ronny Doing a Demo of Atlas

There is also a topology.xml file on the OpenNMS Forge github repository that can be used as an example.

Jesse gave us a demonstration of Project Helm. This is a Grafana plugin that let’s you combine fault and performance data from multiple instances of OpenNMS on one dashboard.

Dev-Jam: Jesse Doing a Demo of Helm

While it is just in alpha, the goal is to let users manage alarms directly from the dashboard, including acknowledging them, adding “sticky” and journal notes, etc. We have been working for years now on making a robust ReST interface for OpenNMS and it is really paying off by allowing us to create features like this. Since all of the communication between Grafana and the OpenNMS system (or systems) is via ReST, there is no need to store and manage data locally.

Dev-Jam: Helm Screenshot

If you want to play with Helm, you should be running the latest Horizon 21 snapshot.

We have a person named Roberto attending Dev-Jam for the first time and I was eager to find out why he was interested in OpenNMS, so I spent some time talking with him. His company deploys underwater fiber-optic cable. Their customers used to be large telecommunications providers, but now they deal mainly with very large Internet companies, and those companies are requesting a higher level of monitoring information. It was one of those “very large Internet companies” that suggested they use OpenNMS, and it was interesting to learn about the challenges of running and managing undersea fiber.

Only a small part of the cable contains the fiber as most of it consists of a thick protective sleeve. The sleeve has to be thicker near shore since there is a greater chance of damage from things like ships’ anchors. Also, electrical current flows through the sleeve which attracts sharks, who then proceed to bite the cable. Here’s a video:

I’m eager to see how they end up using OpenNMS.

As I mentioned before, we are staying in the Grey Nuns Residence at Concordia University. According to Wikipedia there is a crypt in the basement where nearly 300 bodies are buried, most of them nuns who had lived at the Grey Nuns Motherhouse. It is off limits to visit, but I wanted to see if I could at least find the entrance.

Our conference is being held in a large room called E104, and most of the rooms of the people attending are also on the east side of the residence. My room, however, is on the west side and to get there I have to walk about 200 meters (it is a big place). You go out of E104, down to the basement and along a very long corridor before heading up several floors.

Along this corridor you will see a nondescript door,

Dev-Jam: Door to Grey Nuns Crypt

and if you peek through the little round window you can see into the crypt.

Dev-Jam: Image of Grey Nuns Crypt

The graves are marked with plain wooden crosses, and the one nearest the door died in 1885, although there are certain to be much older graves in the crypt. Apparently there was a project to move the bodies out of Grey Nuns but the government balked due to the fact that some of the people buried there died of infectious diseases (the history of the Grey Nuns [pdf] confirms that several nuns died of the Spanish Flu of 1918).

It is a pretty solemn place and in stark contrast to the rest of the dormitory.

Speaking of things definitely not solemn, for dinner we all headed to a Japanese restaurant nearby called Kinka Izakaya. Izakaya means a pub, and the menu consists of lots of small plates, kind of like Japanese tapas.

Dev-Jam: Dinner at Kinka Izakaya

The place met a number of criteria: good food, can seat 24 people and close to the dorm. We also had to try a “Sake Bomb” in which a small amount of sake is suspended over a glass of beer. You then drop the sake into the beer and drink. Yes, there is video:

Good times.

Tarus Balog : 2017 Dev-Jam – Day 1

July 18, 2017 04:00 PM

Dev-Jam is an unstructured conference. Our goal is to simply put a bunch of incredibly smart people in a room and see what happens. That said, we do officially start and end the conference. On Monday morning we get together to make introductions and to talk about projects that we want to pursue during the week. This allows people with similar interests to work together if they want. On Friday we have presentations on what got accomplished.

Dev-Jam: People Around a Table

I usually start off the week, and then turn it over to Jesse White (our CTO and GM of The OpenNMS Group Canada).

Dev-Jam: Jesse White in an MC Frontalot shirt

I thought it was cool that he was wearing an MC Frontalot T-shirt as we commissioned him to produce a free software song that we released on Independence Day (July 4th).

Another cool thing about OpenNMS is that we try to work as transparently as possible. While a lot of projects allow public access to their git repository, I believe OpenNMS is the only one that has a repository for every branch that automatically builds packages as commits are made (the list can be found at http://yum.opennms.org/repofiles/ but be patient as there are so many it can take a minute or so to load). We also publish a weekly newsletter called “This Week in OpenNMS” (or TWiO). This week Ben posted some ideas bouncing around this year’s Dev-Jam which include:

  • updating packaging (yum/Debian) infrastructure including better support of upstream PostgreSQL packages
  • improved wifi link support in Enlinkd and topology
  • improving the opennms.com and opennms.org web sites
  • simplifying collection of OCAs
  • integrating DigitalOcean and Xen requisition tools
  • Spark chat integration
  • ReST infrastructure improvements
  • discussing how to improve Docker image generation
  • grafana dashboard for UPS data
  • northbound interfaces for Drools (scriptd-like interface for alarms)
  • structured data monitor (using the XML collector infrastructure)
  • Cisco ACI integration
  • OSGi deployment of ReST services
  • donut charts on the front page
  • rewrite the node list page
  • migrate documentation to AsciiBinder
  • trigger IFTTT events when alarms change
  • porting the Go version of the minion to a new platform

Dev-Jam: Laptop and Can of Cheerwine

I should note that Ben is also a fan of that North Carolina export, Cheerwine.

Dev-Jam: People Meeting to Discuss the Website

Jessica, our graphic designer, pulled together a meeting to discuss our web presence. We recently revamped the opennms.com website and we are looking to determine improvements needed for the opennms.org website.

Speaking of Jessica, she also designed our Dev-Jam shirts.

Dev-Jam: Front of Dev-Jam Shirt

The front is meant to represent summer camp.

Dev-Jam: Back of Dev-Jam Shirt

The top symbol is for Montréal, the bottom is Ulf the OpenNMS mascot, the tag to the left represents coding and the right image is for fireworks (we are attending the competition on Wednesday).

It’s not all work. Recently I read about a restaurant very close to Concordia (where we are holding the conference) that offered free meals to people who need them. I wanted to support that, so for lunch a group of us went to Marché Ferdous, which had been written up on sites such as CNN, the BBC and Huffington Post.

Dev-Jam: Marché Ferdous Entrance

It’s a small shop a couple of blocks away from our dorm, and I got the falafel platter.

Dev-Jam: Marché Ferdous Falafel Platter

My meal was about CAD$10 so I paid with a $20 bill and told them to keep the change. Always gotta pay it forward, yo. (grin)

The falafel was just okay (I’m spoiled as I get to eat Angie’s falafel on a regular basis – some of the best falafel on the planet and I should know as I’ve had it pretty much all over the planet) but the sides were excellent. Everyone else got meat and really enjoyed it.

After lunch we took a side trip to a SAQ store to check out the spirit selection. Later that evening there was a tasting …

Dev-Jam: Monday Whiskey Selection

… which probably had something to do with the decision to screen Strange Brew, eh?

Dev-Jam: Strange Brew on Screen

Tarus Balog : 2017 Dev-Jam – Day 0

July 18, 2017 01:46 AM

♬ It’s the most wonderful time of the year ♬

It’s hard for me to believe that we are getting ready for our twelfth annual OpenNMS developers conference, Dev-Jam.

Dev-Jam: Welcome to Montreal Sign

This year we changed venues from our normal spot at Yudof Hall at the University of Minnesota to Concordia University in Montréal, Quebec, Canada. We have to plan these things out months in advance, and back in January there was talk of greatly increasing the effort required to enter the United States, especially for visitors from other countries, requiring them to, among other things, reveal social media passwords. Since a large portion of people attending Dev-Jam come from outside the US, we thought it prudent to move the conference. Plus, The OpenNMS Group now has a corporation in Canada, so it also seemed to be a nice way to mark that development.

After searching around for a place to hold the event, we settled on the Grey Nuns Residence, a large dormitory. While the individual rooms are not as nice as Yudof, the conference space is really large and should work out well. Plus, Grey Nuns is considered one of the most haunted places in Montréal, although so far no one has reported anything unusual.

We have over 20 people attending this year, which is down a little bit from normal. We have several people from Minneapolis who attend, and by moving it to Canada it became difficult for them to make it. In an ironic twist our friend Muthu from India was unable to get his visa to Canada approved in time to make the conference. But outside of some weather delays everyone else made it here safely.

So did the Cheerwine. It has become a Dev-Jam tradition for me to bring the North Carolina made cherry-flavored soda to share with everyone, and sometimes it gets a little, soggy, in transit. All 48 cans made it to Montréal, although it won’t last all that long.

There is a bit of adjustment to being in Quebec. I get to practice my (poor) French, and I love the fact that it is like everything has subtitles (legally, English should appear under the French in no more than half the size). Plus we’re having to get used to things distinctly Canadian such as Thrills chewing gum. Flavored with rosewater, the taste has been compared to soap, a fact that is proudly displayed on the box.

Dev-Jam: Thrills Gum Box

Another Montréal tradition is poutine. This is a dish of thin french fries topped with cheese curds and gravy.

Dev-Jam: Poutine

The one I tried was a variation that included chicken and a whiskey BBQ sauce. This was from a restaurant chain called St-Hubert which specializes in chicken (seriously, the set menu offered chicken, chicken, chicken, chicken, ribs, chicken, chicken, and, you guessed it, chicken). It was good, and it was nice to find a place to serve 20+ people comfortably.

Dev-Jam: Dinner at St. Hubert

While change can be challenging, I think this is going to be a great week. Outside of David and myself, both Mike and Craig have made all twelve Dev-Jams, and DJ has made all but one. One of my goals with OpenNMS is to built something that lasts, and it is nice to have traditions that have continued for this long.

Mark Turner : Life before the Taliban: Photos show Afghanistan before it plunged into hell | Daily Mail Online

July 18, 2017 12:49 AM

These fascinating photographs from Afghanistan in the 1960s are a far cry from the war-torn images in the news today. The eye-opening collection was captured by university professor Dr Bill Podlich from Arizona, who swapped life in America to travel to Kabul with his wife, Margaret, and two teenage daughters, Jan and Peg. Using his Kodachrome film, his images show a peaceful Afghanistan making strides towards a more liberal and Westernised lifestyle – a stark contrast to harrowing sights seen during the Taliban regime.

Source: Life before the Taliban: Photos show Afghanistan before it plunged into hell | Daily Mail Online

Mark Turner : Chasin’ Jesus: Guns, guns, guns

July 18, 2017 12:48 AM

Interesting commentary on guns.

Reading about guns every day, and — of course — seeing them on TV and in films as instruments of redemption. The perennially armed cops in the US are already heading to fatal shootings in excess of one thousand before the end of 2017; and there is the development of the Redneck Revolutionary movement — supposedly antifascist — in which ostensibly antiracist white people remain rooted in, and celebrate, gun culture. “Racism no – Guns yes” is their mantra apparently.

American culture is Baudrillard on steroids and acid. The simulacra has taken over as we withdraw into our electronic life-support and hallucination dens. We come to believe that what we read and see in audiovisual media is true, in part because we have eschewed real experience as too troublesome or risky. We need a reality check on guns.

Source: Chasin’ Jesus: Guns, guns, guns

Mark Turner : 43 stunned reactions to Donald Trump Jr.’s damning emails

July 14, 2017 12:16 PM

My favorite is this one from Sal Gentile: “Donald Trump Jr. is like a Scooby Doo villain who wears a mask of his own face.”

On Tuesday, Donald Trump Jr. released a June 2016 email chain with Rob Goldstone in which the pair set up a meeting between Trump Jr. and a Kremlin-linked Russian lawyer. While the decision to publish the chain was apparently a hasty attempt to get ahead of a damning New York Times story that detailed the emails, many observers were left stunned that the president’s son published the most concrete evidence yet of possible collusion between the Trump campaign and Russia’s government.

In the email exchanges, Goldstone explicitly stated the existence of “official documents and information that would incriminate Hillary [Clinton] and her dealings with Russia and would be very useful” to Trump. “This is obviously very high-level and sensitive information but is part of Russia and its government’s support for Mr. Trump,” Goldstone wrote.

“If it’s what you say I love it,” Trump Jr. responded.

Source: 43 stunned reactions to Donald Trump Jr.’s damning emails

Mark Turner : Trump’s Russian Laundromat | New Republic

July 13, 2017 08:22 PM

This story and the links in it offer a very detailed look at Trump’s troubling connections to Russian organized crime.

In 1984, a Russian émigré named David Bogatin went shopping for apartments in New York City. The 38-year-old had arrived in America seven years before, with just $3 in his pocket. But for a former pilot in the Soviet Army—his specialty had been shooting down Americans over North Vietnam—he had clearly done quite well for himself. Bogatin wasn’t hunting for a place in Brighton Beach, the Brooklyn enclave known as “Little Odessa” for its large population of immigrants from the Soviet Union. Instead, he was fixated on the glitziest apartment building on Fifth Avenue, a gaudy, 58-story edifice with gold-plated fixtures and a pink-marble atrium: Trump Tower.

A monument to celebrity and conspicuous consumption, the tower was home to the likes of Johnny Carson, Steven Spielberg, and Sophia Loren. Its brash, 38-year-old developer was something of a tabloid celebrity himself. Donald Trump was just coming into his own as a serious player in Manhattan real estate, and Trump Tower was the crown jewel of his growing empire. From the day it opened, the building was a hit—all but a few dozen of its 263 units had sold in the first few months. But Bogatin wasn’t deterred by the limited availability or the sky-high prices. The Russian plunked down $6 million to buy not one or two, but five luxury condos.

Source: Trump’s Russian Laundromat | New Republic

Mark Turner : Q&A: Garry Kasparov on the press and propaganda in Trump’s America – Columbia Journalism Review

July 12, 2017 07:29 PM

Insightful commentary on Trump and the press from Russian democracy activist and chess legend Garry Kasparov.

while all traditional politicians understand the importance of messaging and perception, they realize that avoiding substantive questions only leads to more of them. During the campaign, and during his presidency, Trump has attempted—with considerable success—to transcend that norm, as with so many others. He responds instead with counterattacks and bold statements and accusations, knowing they will get more attention than subsequent fact-checks. It’s one of many ways that Americans are learning from Trump that much of their democracy was run on the honor system, on agreed standards, not laws, and now there’s someone who isn’t going to play by those rules.

Source: Q&A: Garry Kasparov on the press and propaganda in Trump’s America – Columbia Journalism Review

Tarus Balog : Freedom Feud

July 10, 2017 06:25 PM

My official title at OpenNMS is CEO, but I’ve worn several hats in the last 12+ years, including accountant, receptionist, HR manager and janitor. Now I get to add record producer to the list.

I guess it all started back in 2012. OpenNMS was doing pretty well and I wanted us to give a little something back to the community. As a fan of MC Frontalot I came across his FAQ and found out that you could actually book him for things like conferences, kids parties, bar mitzvahs and the like. We were sponsoring the Ohio Linuxfest (by the way, I’m a keynote speaker there this year along with the ever amazing Karen Sandler) and I decided to see if I could book him to play a show. Turns out he is pretty affordable (for contrast, Henry Rollins starts out at $10,000 per event, which isn’t unreasonable but doesn’t count as affordable for us just yet). I booked him to play a solo gig and finally got to meet the man. He did a great show, everyone seemed to enjoy it, and we became friends of a sort.

While Front is very much a nerd, he had not had much exposure to free software. A lot of musicians rely on Windows-based software to create their music (Front mainly uses Reaper and Professor Kliq is such an Ableton fan he has their logo tattooed on his wrists) and thus they aren’t used to using open source. The OLF event went so well I hired him a few more times, and I think it was at SCaLE when I suggested he write a free software song. His reply was, well, why don’t you commission one.

Front is talent for hire. He did a couple of tracks for New Relic, “Nerd Life” and “Small Data“, and while we don’t have anywhere near the budget of that company we felt that free software deserved to be examined under his lyrical microscope, so we started the process.

Note that this was a couple of years ago, back in 2015, so it took awhile. Front and I had a number of conversations about free software and I started him on his education. I pointed him to the works of Richard Stallman and Eric S. Raymond (notably The Cathedral and the Bazaar), as well as Lawrence Lessig and organizations such as the Free Software Foundation (FSF) and the Electronic Frontier Foundation (EFF). We also talked about the classic “free as in beer” vs. “free as in freedom” confusion that arises out of the term “free software”, which ended up forming the basis of the song.

Later in 2015 I wanted to do something special for the OSCON show in Portland. This time I decided to hire Front along with his band. In the previous shows he’d done for us it was him and “DJ CPU” providing the music, and while those were great shows I was unprepared for the “live band” experience. It took it to another level. During that show Front performed a bit of the song, but it wasn’t until last year’s All Things Open that the whole song was played for the first time (again with the band, since, awesome).

With the song almost complete we now how to figure out how to present it to the world. I wanted a video, so I decided to turn to animator Chad Essley. Chad had done the video for “Shudders” off of Question Bedtime and we had gotten to know each other through a fund raising promotion he did for the EFF where we sponsored adding OpenNMS references to that video. I felt he could do a good job with it, since he is both talented and he gets the subject matter.

Now when I said “record producer” above I basically meant I signed the checks, but it was cool watching artists such as Front and Chad work out even small details when it came to the video. Animation can take a really long time, so we debated on combining it with some live action, etc., to both speed up the process and reduce the cost. It was at this point that I was introduced to the concept of a “lyric video”.

Ed Sheeran had just come out with a new song, and in order to promote it as quickly as possible he released a video that pretty much consisted of just the song’s lyrics. While at this point in our process we had a portion of the animation completed, I thought that adding the lyrics to it would both speed things up as well as improve the experience, as Front’s rhymes on this track are some of the tightest he’s ever written. The end result is both a video that is fun to watch as well as one that gets the message across in an entertaining manner.

It seems to have been well received, and as I write this it has had over 10,000 views and mostly positive comments, and we got a shout out on Boing Boing.

Speaking of lyrics, the phrase that has gotten the most comments is the line “Pull down capitalism till it’s rubble and chain”. When asked about it, Front commented:

I thought it was funny to equate Free Software with that dirty commie yearning for collectivized well-being and shared responsibility! Those two realms of thought are not directly in line with each other as far as I can tell. But I imagined the kind of business dude who is reflexively distrustful of free software, and I pictured him saying, “you mean… LIKE COMMUNISM??” Thought I’d give him a little dig at the end there.

I can’t remember if I shared my story with Front when we were first talking about creating this song, but when I got started with OpenNMS I was called a communist a number of times on various message boards. It confused me, since it came mainly from people who made their living as network management consultants. I was thinking, hey, here is a tool that lets you provide better solutions for your customers while showcasing your unique talents via your ability to deliver them, and that’s communism? Sounds like good business to me. But there is still that element of “anti-capitalism” associated in free software (I blame the phrase “so you can help your neighbor” in the Free Software Definition, but that’s just me).

The whole process was a lot more work than I thought it would be, but I’m very pleased with the result. Check out the video as there are a lot of in-jokes and Easter eggs, and I’ve been told that “floppy head Lawrence Lessig” was met with approval by the man himself.

Oh, in the spirit of free software, Front has published the song under the Creative Commons (CC BY-SA) license, and I am hoping to see a few cool remixes come out of this. I’ve reached out to both Professor Kliq and Raccoon Fink and if they find time to play with it, I’ll be sure to let you know (and let me know if you find some out there). Front is working on a new album tentatively entitled The Internet Sucks so maybe this track will make the cut.

Warren Myers : update: keeping your let’s encrypt certs up-to-date

July 10, 2017 04:57 PM

Last year I posted a simple script for keeping your Let’s Encrypt SSL certificates current.

In conjunction with my last post sharing the “best” SSL configs you can use with Apache on CentOS, here is the current state of the cron’d renewal script I use.

systemctl stop httpd.service
systemctl stop postfix
~/letsencrypt/letsencrypt-auto -t -n --agree-tos --keep --expand --standalone certonly --rsa-key-size 4096 -m user@domain.tld -d domain.tld
# you can append more [sub]domains to a single cert with additional `-d` directives ([-d otherdomain.tld [-d sub.domain.tld...]])
#...repeat for every domain / domain group
systemctl start httpd.service
systemctl start postfix

I have this script running @weekly in cron. You should be able to get away with doing it only every month or two .. but I like to err on the side of caution.

I’m stopping and starting Postfix in addition to httpd (Apache on my system) for only two reasons: first, I am using some of the LE-issued certs in conjunction with my Postfix install; second, because I don’t know if Dovecot and my webmail system need to make sure Postfix is restarted if underlying certs change.

Mark Turner : When Will Climate Change Make the Earth Too Hot For Humans?

July 10, 2017 12:26 PM

Terrifying commentary on climate change.

It is, I promise, worse than you think. If your anxiety about global warming is dominated by fears of sea-level rise, you are barely scratching the surface of what terrors are possible, even within the lifetime of a teenager today. And yet the swelling seas — and the cities they will drown — have so dominated the picture of global warming, and so overwhelmed our capacity for climate panic, that they have occluded our perception of other threats, many much closer at hand. Rising oceans are bad, in fact very bad; but fleeing the coastline will not be enough.

Indeed, absent a significant adjustment to how billions of humans conduct their lives, parts of the Earth will likely become close to uninhabitable, and other parts horrifically inhospitable, as soon as the end of this century.

Source: When Will Climate Change Make the Earth Too Hot For Humans?

Warren Myers : tech news channel on telegram

July 09, 2017 03:18 AM

I have started a Tech News channel on Telegram.

Follow it at @datente.

Warren Myers : ssl configuration for apache 2.4 on centos 7 with let’s encrypt

July 07, 2017 03:36 PM

In follow-up to previous posts I’ve had about SSL (specifically with Let’s Encrypt), here is the set of SSL configurations I use with all my sites. These, if used correctly, should score you an “A+” with no warnings from ssllabs.com. Note: I have an improved entropy package installed (twuewand). This is adapted from the Mozilla config generator with specific options added for individual sites and/or to match Let’s Encrypt’s recommendations.

Please note: you will need to modify the config files to represent your own domains, if you choose to use these as models.

[/etc/httpd/conf.d/defaults.conf]

#SSL options for all sites
Listen 443
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
Mutex sysvsem default
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom  1024
# requires twuewand to be installed
SSLRandomSeed startup exec:/bin/twuewand 64
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 1024
SSLCryptoDevice builtin
# the SSLSessionTickets directive should work - but on Apache 2.4.6-45, it does not
#SSLSessionTickets       off
SSLCompression          off
SSLHonorCipherOrder	on
# there may be an unusual use case for enabling TLS v1.1 or 1 - but I don't know what that would be
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLOptions +StrictRequire
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache        shmcb:/var/run/ocsp(128000)

#all unknown requests get domain.tld (over http)
<VirtualHost *:80>
    DocumentRoot /var/html
    ServerName domain.tld
    ServerAlias domain.tld *.domain.tld
    ErrorLog logs/domain-error_log
    CustomLog logs/domain-access_log combined
    ServerAdmin user@domain.tld
    <Directory "/var/html">
         Options All +Indexes +FollowSymLinks
         AllowOverride All
         Order allow,deny
         Allow from all
    </Directory>
</VirtualHost>

SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css text/php

[/etc/httpd/conf.d/z-[sub-]domain-tld.conf]

<Virtualhost *:80>
    ServerName domain.tld
# could use * instead of www if you don't use subdomains for anything special/separate
    ServerAlias domain.tld www.domain.tld
    Redirect permanent / https://domain.tld/
</VirtualHost>

<VirtualHost *:443>
    SSLCertificateFile /etc/letsencrypt/live/domain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
# if you put "fullchain.pem" here, you will get an error from ssllabs
    SSLCertificateChainFile /etc/letsencrypt/live/domain.tld/chain.pem
    DocumentRoot /var/www/domain
    ServerName domain.tld
    ErrorLog logs/domain-error_log
    CustomLog logs/domain-access_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    ServerAdmin user@domain.tld

# could put this in defaults.conf - I prefer it in each site config
    SSLEngine on

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

    <Directory "/var/www/domain">
         Options All +Indexes +FollowSymLinks
         AllowOverride All
         Order allow,deny
         Allow from all
    </Directory>

</VirtualHost>

I use the z....conf formatting to ensure all site-specific configs are loaded after everything else. That conveniently breaks every site into its own config file, too.

The config file for a non-https site is much simpler:

<VirtualHost *:80>
    DocumentRoot /var/www/domain
    ServerName domain.tld
    ServerAlias domain.tld *.domain.tld
    ErrorLog logs/domain-error_log
    CustomLog logs/domain-access_log combined
    ServerAdmin user@domain.tld
    <Directory "/var/www/domain">
         Options All +Indexes +FollowSymLinks
         AllowOverride All
         Order allow,deny
         Allow from all
    </Directory>
</VirtualHost>

If you’re running something like Nextcloud, you may want to turn on Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" in the <VirtualHost&gt directive for the site. I haven’t decided yet if I should put this in every SSL-enabled site’s configs or not.

Tarus Balog : Rhythmbox: Repeat One Song

July 06, 2017 08:00 PM

I use Linux Mint as my default desktop environment. One of the reasons I started using it was that the default applications for many functions were the default applications I would choose if I were making a distro.

Their choice for music player used to be Banshee. I really liked Banshee – it reminded me of the early versions of iTunes before that application became too complex. Unfortunately, Banshee is no longer under active development, and the last release was back in 2014.

As the underlying libraries have changed and matured, Banshee has not kept up. For example, if I plugged in my handy Banshee would hang if the MTP mount was being accessed elsewhere. Mint recently decided to switch to Rhythmbox, and I’ve finally made the decision to start using it.

One of the things I’ve learned about open source is to be patient learning a new app. The reason there are often numerous open source solutions for various tasks is that people do things differently, and it can take awhile to understand how a particular application is designed to work. I’ve found that many features I thought were lacking in Rhythmbox were there, just implemented differently than I expected. If the feature is, indeed, missing, you can often add it with a plugin.

I’ve recently been exposed to the music of Imogene Heap, starting with her album Sparks. I really like the sixth track “Lifeline” and I wanted to listen to it a couple of times on repeat. There is a repeat button on the menu, so I clicked it, but that just repeats the playlist. In other apps you can click that icon multiple times and it will rotate through various options: i.e. repeat playlist, repeat song, etc. Not so with Rhythmbox.

A quick search and I found a plugin hosted on Github to add this feature. I downloaded the repository, unzipped the file, and then copied it to ~/.local/share/rhythmbox/plugins/. I then went to Tools -> Plugins and enabled “Repeat One Song” (no restart of the app needed). Now, under the Edit menu, I have the option to repeat the current song.

Repeat One Song Screenshot

Not quite as nice or intuitive as clicking on a button, but it works.

While I see this as a great example of the awesomeness of open source, it also brought out the downside of free software. There was this comment:

This should not be a plugin.. It should be there by default if rhythmbox wants to call itself a music player.

Seriously? A bunch of people write a complex piece of software, give it away for free, build in a way to extend it, but no, that’s not enough. This guy isn’t satisfied that these folks didn’t cater to his every need, even though edumucelli has gone to the trouble to add it.

Free software isn’t a free solution, and I just wanted to post this to remind people, including myself, that often it takes an investment of time to really get to understand how an application works.

In open source, often our first goal is to make something that works before we make something that is easy to use. I’m not proud of this, but quite frequently the motivation behind the developers of free software is to solve a problem important to them and it just happens to be useful to others. And even companies that focus heavily on UI and try to build intuitive interfaces can get it wrong. I’ve had to work with recent versions of iTunes and find it rather difficult to do simple things, although I’m certain that if I used it more I would learn what I needed to do, just like I have with Rhythmbox.

Which I’ve grown to like. It works well with my mobile device and I’m eager to watch it improve even more in the future.

Mark Turner : At the Crossroads

July 06, 2017 12:14 PM

Dark money headquarters


I couldn’t end another visit to Warrenton without visiting the belly of the beast. On the first floor of this nondescript office building, tucked behind a small bank on a quiet Warrenton street, is the law firm of Holtzman Vogel Josefiak Torchinsky. This is where billionaires go to buy elections. Hundreds of millions of dollars in dark money have passed through these doors on their way to skewing elections towards conservative candidates across the nation.

Forty-Five N. Hill Drive is the legal address of Karl Rove’s Crossroads GPS PAC, American Crossroads, and several other right-leaning advocacy groups. Crossroads GPS, if you’ll recall, contributed nearly 99 percent of the funding to Dallas Woodhouse’s CarolinaRising group, which in turn spent 97 percent of its money to get Thom Tillis elected to the Senate. This appears to play fast and loose with IRS and election laws though as of yet regulators have taken no action. HVJT was also instrumental in filing voter challenges during McCrory’s failed reelection attempt. Several voters falsely accused of fraud have filed suit against a McCrory campaign official.

I plan to learn more about HVJT and the ways of bleeding edge campaign finance and law because what’s being done here undermines democracy.

Mark Turner : Mike “Bo” Boran

July 05, 2017 06:12 PM

Mike “Bo” Boran

Speaking of Herndon High School, last month one of my favorite teachers at Herndon, Mike “Bo” Boran, passed away. Bo was my Government teacher in senior year and a great listener to his students. Before he went into teaching, Bo was an up-and-coming musician whose former bandmates went on to form The Mamas and the Papas. I was always blown away by this.

The advent of Facebook gave me the ability to reconnect with Bo and I enjoyed hearing what was on his mind. He still remembered me after all these years. He was particularly impressed that my great uncle was Fred Turner, of Gideon v. Wainwright fame.

Bo inspired me and so many other students who were lucky to be in his class. He made it easier for me to survive high school and taught me to have a clear view of what was really going on in government. I am grateful to have known him.

Bo in The Smoothies, upper left, performing as Michael Rand

Mark Turner : Fourth of July with the in-laws

July 05, 2017 05:59 PM

I spent the long Fourth of July weekend with the family and in-laws in Virginia. We spent the weekend playing games (including ping pong), cycling town the W&OD bike path into DC, shooting fireworks, and playing card games (Spoons). Oh, and we watched as Travis created a few videos: one for his grandparents’ wedding anniversary and another just for fun. It was a hot weekend but sure was fun.

On the biking trip to DC, I bailed out early due to an irritated eye. After getting a Doc-in-a-Box to tell me it was okay, I wandered around my old Holly Knoll neighborhood snapping pictures. Hard to believe it was 30 years ago that I lived there.

The Herndon High School Class of 1987’s 30-year reunion is this October so we’ll soon be back in town.

Mark Turner : President Trump is out of his mind

July 05, 2017 12:12 PM


Yesterday, President Donald Trump lost his way from the stairs of Air Force One to the limo parked directly in front of him. Fox News captured the video of him confusedly walking away from the limo.

I don’t know how you can explain how this is the behavior of a sound mind. He is either high as a kite, drunk, demented, or suffering under some other frighteningly-incapacitating disease. The limo is as big as a bus. It’s RIGHT THERE. Why in the world would you take a right turn?

Congressional Republicans need to answer for this. It’s time to invoke the 25th Amendment.

Mark Turner : Why I don’t like Nextdoor, part 4,671

July 05, 2017 11:20 AM

A friend of mine recently posted this observation about NextDoor:

Not sure why I still use Nextdoor. Someone asked about the round reflective stickers you sometimes see on mailboxes. From the paper deliver, etc. A response:

I’ve been hearing about something like that happening in other areas where homes that have dogs are targeted to be stolen, the. re-sold for sparing with fighting dogs & for medical research.

#myneighborsareidiots

If you’re only seeing the world through the lens of paranoid neighborhood Nextdoor posts you’re liable to freak out at everything. The Internet and television’s greatest blessing – bringing news from far away – is also its curse. The obscure crime that happened once and thousands of miles away is brought to your doorstep. The folks across the street could be terrorists. Dead people really can come back to life as zombies and eat your brain.

Well, something has clearly eaten these people’s brains. I keep hoping people will take a deep breath and realize, as a great president once proclaimed, “we have nothing to fear but fear itself.”

Warren Myers : raas – the failure of “-as-a-service” in the physical world

June 26, 2017 05:31 PM

Roads are empty something like 90% of the time.

8% of the time, they’re rightly-sized. 1.5% of time, they’re a little tight

1.5% of time, they’re a little tight.But that .5%? Holy CRAP

But that .5%? Holy CRAP are they ever too small when they’re too small.

Imagine if the “*-as-a-Service” model could be applied to roads: expand their capacity on-demand as use requires. It works for businesses expanding and contracting their technical needs (a la cloud computing).

It [could] work for getting fancy dentures when you need them.

I guess this is what flying cars are supposed to alleviate – but with ~220,000,000 registered drivers in the US, imagine even 0.1% of them driving flying cars. That’d be 220,000 flying cars. If even 1% of them decided to utilize the “flight” aspect at any given time, that’d be 2200 vehicles in the air. 2200 vehicles with no flight plans. 2200 vehicles in an unknown state of fueling, repair, etc. Air travel is currently the safest form of transport. Would that still be true with 2200 angry drivers trying to escape from the traffic they find themselves in at the same time? Especially given the non-uniform distribution of those vehicles (they’ll dominantly simultaneously appear in ultra-densely-populated areas and ultra-rural ones), this wouldn’t be the utopia of George Jetson. It’s be the insanity of Back to the Future Part II when the Delorean arrives in 2015 from 1985. But worse.

My best professor once said, “no one has gotten elected saying they want to eliminate roads”. But followed that up with, “every time roads are expanded, they get just as busy during busy times, and waste an awful lot of concrete the other 23.2 hours of the day”.

What we need is a way to carry-over the technological paradigm of “*-as-a-Service” into physical infrastructure. Because it sucks. Bad.

I don’t know best to approach that. Certainly the “sharing economy” models of Uber & Lyft are a component.

And self-driving cars will help.

But only when they’re not only “self-driving”, but when they’re actively communicating and optimizing with other vehicles. But what happens when you are “optimized” into a “slower” path because other vehicles were “optimized” into “faster” ones?

It’s certainly a thorny area of societal thinking to wade into. And one that needs lot of thoughtful input and consideration from many quarters.

Warren Myers : the jetsons used cash

June 25, 2017 05:56 PM

They had flying cars. That would fold-up into a briefcase.

They had magic bubbles that’d pop out from their fingers to shroud themselves on their floaty-seats that delivered them to school or the mall.

But they used cash. Really? With all the crazy futuristic stuff they tried to wedge into that program, the creators thought we’d still be using cash in a flying-car future?

Maybe they were onto something. Cash does have the value of being tangible, and not being tracked.

Mark Turner : Cops, the public, and stereotypes

June 24, 2017 01:34 AM

A friend recently drove by a traffic stop conducted by the Raleigh Police Department and was surprised at the number of officers who responded. Four units were there and the driver, a black male, had his hands firmly and safely planted on the side of the car from his place in the driver’s seat. My friend turned around a few minutes later to see what happened and came across the driver still parked there, but now alone and doubled-over sobbing on the steering wheel. She shared her experience on social media.

I respect my friend tremendously and I take comfort that she cares so much for our neighbors. Nobody wants to see an incident in Raleigh like those that have taken place in various places in the country, where innocent black men – doing everything right – get shot to death by hotheaded cops. My black friends are understandably concerned about being pulled over and in an instant possibly losing their life.

I also know a few cops, and I’ve paid close attention to the Raleigh Police Department (RPD) since I moved here. I’ve gone on midnight ridealongs through some of the roughest neighborhoods in Raleigh, protected only by a bulletproof vest and my trust in the cop taking me along. From what I’ve seen, RPD is a professional police force. RPD’s force is one of the best-trained in the country and has the national accreditation to prove it. The officers I’ve interacted with (willingly and, on seldom occasions, unwillingly) have always been polite and treated me with respect. The interactions I witnessed on my ridealongs were also unfailingly respectful, no matter what the transgression. This was not always reciprocated, though, by those pulled over.

Why did police respond the way they did to the driver my friend saw? There could be any number of reasons but it probably wasn’t due to the driver’s race. Unfortunately, my friend didn’t ask the driver or the officers so we’re left to speculate.

And also to assume, and it’s this that can really twist things out of proportion. We think we know what happened when we don’t. The media arrives on scene, races to piece together what happened as quickly as possible and more often than not presents a distorted view. Then their audience takes the pieces they are given and they weave their own truth out of it. It’s Telephone Tag, writ large and fueled by hysteria.

The shooting of Akiel Denkins is a case in point. Media interviews of Denkins’ friends often painted a rosy picture of him. Bumper stickers urge “Remember Akiel Denkins” as if this was another case of officer overreach. In truth Denkins was a convicted drug dealer. Yeah, he may have been taking GED classes but he was skipping those classes the day an RPD officer found him out “hustling” drugs in a known drug area. Officer D.C. Twiddy noticed Denkins had a warrant for arrest and tried to arrest him. Denkins ran and then foolishly pulled a gun on the arresting officer, who shot him. Pulling a gun on an officer is a sure path to getting killed.

On the other hand, obeying Minnesota officer Jeronimo Yanez’s commands should not have gotten Philandro Castille killed and there is no excuse for his death. It haunts me and I feel for my friends of color who deal with this kind of profiling every day. I can’t say I know what it’s like – I’ll never know what it’s like – but I can say I understand their pain.

It is wrong to stereotype people, whether they be another race or on the other side of the badge. It’s wrong to assume we know the full story, or we know intentions, when often we don’t. I know both that many friends have been unfairly profiled and that police officers are often unfairly maligned.

And it’s okay to be against both. As Jon Stewart explained, “You can truly grieve for every officer who’s been lost in the line of duty in this country, and still be troubled by cases of police overreach, those two ideas are not mutually exclusive. You can have great regard for law enforcement and still want them to be held to high standards.”

So I’d be happy if some police didn’t lump all black people together and some of the public didn’t lump all police officers together. Let’s get away from the stereotypes and take people for who they are. It’s not easy to do but the stakes are far too high to keep repeating the same mistakes.

Mark Turner : Washington Monthly | The Ossoff-Parnell Lesson: Stop Chasing Romney Voters

June 22, 2017 05:48 PM

The lesson of the special elections around the country is clear: Democratic House candidates can dramatically outperform Clinton in deep red rural areas by running ideological, populist campaigns rooted in progressive areas. Poorer working class voters who pulled the lever for Trump can be swayed back to the left in surprisingly large numbers—perhaps not enough to win in places like Kansas, Montana and South Carolina, but certainly in other more welcoming climes. Nor is there a need to subvert Democratic principles of social justice in order to accomplish this: none of the Democrats who overperformed Clinton’s numbers in these districts curried favor with bigots in order to accomplish it.

But candidates like Clinton and Ossoff who try to run inoffensive and anti-ideological campaigns in an attempt to win over supposedly sensible, wealthier, bourgeois suburban David-Brooks-reading Republican Romney voters will find that they lose by surprisingly wide margins. There is no Democrat so seemingly non-partisan that Romney Republicans will be tempted to cross the aisle in enough numbers to make a difference.

The way forward for Democrats lies to the left, and with the working classes. It lies with a firm ideological commitment to progressive values, and in winning back the Obama voters Democrats lost to Trump in 2016 without giving ground on commitments to social justice. It does not lie in the wealthy suburbs that voted for Romney over Obama in 2012, or in ideological self-effacement on core economic concerns.

Source: Washington Monthly | The Ossoff-Parnell Lesson: Stop Chasing Romney Voters

Mark Turner : Biggest Credit Bubble in History – simplest way to strip cash – BMC software – most insatiable buyers leveraged-loan mutual funds

June 22, 2017 11:48 AM

BMC software borrowed $750 million via one of the riskiest forms of debt, payment-in-kind (PIK) notes, where, if push comes to shove, BMC can chose to pay interest not with cash but with more of the same debt.

The amount it owes gets larger, as its chances of survival shrivel. Instead of defaulting, the company will simply hand the lender more paper that’s increasingly worthless.BMC promptly forwarded the $750 million to its owners, a group of PE firms let by Bain Capital that had acquired BMC only seven months earlier.

Time is of the essence. Platinum Equity, which had acquired Volvo’s rental car division, waited only a week after closing the deal before sucking $262 million out that the company had obtained by issuing PIK debt.

So far this year, these already overleveraged companies have issued nearly $21 billion in junk-rated debt for the purpose of paying special dividends to the PE firms that own them — the most since the bubble of 2007, before it all blew up spectacularly.Of that, $3.5 billion were these reeking PIK notes.When a default occurs, the PE firms have the cash, and the lenders get stuck with largely worthless paper.

Source: Biggest Credit Bubble in History – simplest way to strip cash – BMC software – most insatiable buyers leveraged-loan mutual funds    

Mark Turner : Tech Mega-Buyouts Edge Toward Comeback as BMC, CA Plot Deal – Bloomberg

June 22, 2017 11:31 AM

Don’t miss this little fact: Bain and Golden Gate helped themselves to their own $750 million dividend from BMC a year after buying the company.

Four years after Blackstone Group LP and Silver Lake Management battled to take Dell Inc. private, buyout firms are back in the market for big leveraged technology deals.

BMC Software Inc., owned by Bain Capital and Golden Gate Capital, and CA Inc. are considering a potential deal that would see the software companies combine as part of a transaction to take CA private, according to people familiar with the process. CA shares rose as much as 16 percent Tuesday, valuing the New York-based company at more than $15 billion.

If a deal goes ahead, and if it’s structured as a leveraged buyout by the private equity firms followed by a combination with BMC, it would be the biggest LBO of a tech company since Silver Lake and Michael Dell won the fight to buy Dell in 2013 in a transaction valued at almost $25 billion.

Source: Tech Mega-Buyouts Edge Toward Comeback as BMC, CA Plot Deal – Bloomberg

Tarus Balog : A Brief History of an Open Source Company

June 21, 2017 06:26 PM

I’ve been invited to give a keynote at this year’s Ohio Linuxfest being held in Columbus, Ohio, on 29-30 September. I am both excited and humbled as this is one of my favorite conferences of the year and I know a lot of amazing people will be there to share their knowledge of free and open source software.

Ohio Linuxfest Logo

I take my presentations pretty seriously, especially keynotes, so I wanted to come up with something that was both funny and interesting. They asked me to speak on running a business around open source software, and I immediately thought I should come up with some click-bait title like “Ten Things About Open Source Business, Four of Them Will Shock You!” but it just didn’t feel right. Then I thought about Hawking’s A Brief History of Time and that seemed more fitting.

My most popular talk so far has been on starting an open source business, but that focuses mainly on the mechanics of the process. For this talk I want to trace my history with OpenNMS starting with my first day on the job and then describing how it grew to become what it is today. In those 15+ years I’ve had a lot of adventures, some good and some bad, and I’ve met a some wonderful people. It is the work of many of those people that actually make OpenNMS what it is – I act more like a “crap umbrella” with my one job being to block all of the things that might keep the team from being productive – and I want to talk how that came about. This presentation will consist almost entirely of real world examples of the problems we encountered and our decision process for solving them.

I hope it will be entertaining and useful, and look forward to seeing you there.

Mark Turner : Swarm of 464 earthquakes hits Yellowstone National Park | Daily Mail Online

June 21, 2017 03:46 PM

It’s low risk but low-risk doesn’t generate clicks. 🙂

Hundreds of earthquakes have hit Yellowstone National Park in the space of a week, according to experts.

A total of 464 quakes have been recorded over the past week at Yellowstone, which sits above one of the world’s most dangerous supervolcanoes.

This is the highest number of earthquakes at the park within a single week in the past five years.The recent activity has raised fears that the supervolcano is about to blow.

If it were to erupt, the Yellowstone supervolcano would be one thousand times as powerful as the 1980 Mount St Helens eruption, experts claim – although they say the risk is ‘low’.

Source: Swarm of 464 earthquakes hits Yellowstone National Park | Daily Mail Online

Mark Turner : A Massive Lake Of Molten Carbon The Size Of Mexico Was Just Discovered Under The US

June 21, 2017 03:43 PM


The Yellowstone volcano has a massive chamber the size of Mexico.

A recent scientific discovery has drastically changed our view of the global carbon cycle and identified a new significant risk. Researchers have discovered a giant lake or reservoir made up of molten carbon sitting below the western US.

The molten carbon (primarily in the form of carbonate) reservoir could drastically and immediately change the global climate for over a decade if it were to be released. Thankfully there is little risk in the near future of this happening. The carbon sits 217 miles beneath the surface of the Earth in the upper mantle and has no immediate pathway to the surface. In total the lake covers approximately 700,000 square miles, approximately the size of Mexico. This has redefined how much carbon scientists believe sits locked away in the Earth’s mantle and its interaction with surface and atmospheric carbon.

Source: A Massive Lake Of Molten Carbon The Size Of Mexico Was Just Discovered Under The US

Mark Turner : Greed and Debt: The True Story of Mitt Romney and Bain Capital – Rolling Stone

June 21, 2017 12:59 PM

And this is where we get to the hypocrisy at the heart of Mitt Romney. Everyone knows that he is fantastically rich, having scored great success, the legend goes, as a “turnaround specialist,” a shrewd financial operator who revived moribund companies as a high-priced consultant for a storied Wall Street private equity firm. But what most voters don’t know is the way Mitt Romney actually made his fortune: by borrowing vast sums of money that other people were forced to pay back. This is the plain, stark reality that has somehow eluded America’s top political journalists for two consecutive presidential campaigns: Mitt Romney is one of the greatest and most irresponsible debt creators of all time. In the past few decades, in fact, Romney has piled more debt onto more unsuspecting companies, written more gigantic checks that other people have to cover, than perhaps all but a handful of people on planet Earth.

Source: Greed and Debt: The True Story of Mitt Romney and Bain Capital – Rolling Stone

Mark Turner : Route to Air Travel Discomfort Starts on Wall Street – The New York Times

June 20, 2017 10:12 PM

When an unlucky passenger was violently dragged off a full United Airlines flight in Chicago in April, setting off a public-relations nightmare for the company, the blame naturally fell on the cabin crew, the police and eventually airline executives.But ultimately, the episode was set in motion elsewhere — on Wall Street.Relentless pressure on corporate America is creating an increasingly Dickensian experience for many consumers as companies focus on maximizing profit. And nowhere is the trend as stark as in the airline industry, whose service is delivered in an aluminum tube packed with up to four different classes, cheek by jowl, 35,000 feet in the air.

Source: Route to Air Travel Discomfort Starts on Wall Street – The New York Times

Tarus Balog : When Not To Start an Open Source Company

June 20, 2017 03:10 PM

Over the weekend, Chris Aniszczyk posted a link on Twitter to a very interesting article by Matt Klein about his decision not to start an open source company around his project, Envoy. I thought it raised a number of interesting points worth a few comments.

First off, Matt works for Lyft, which, in case you haven’t heard of it, is Uber without the moral decay. I abandoned Uber some time ago, despite being an early adopter, and I’ve been very happy with Lyft. One of the main differences is that Lyft allows you to tip your driver, which I almost always do with few exceptions. The fact that Lyft is able to keep and motivate people like Matt speaks volumes for their corporate culture.

It also demonstrates a wonderful trend of commercial companies starting and maintaining open source projects. I’ve been working with open source for almost two decades and I can remember when any software developed at a company was considered confidential. To this day there are a number of vendors who consider their SNMP MIB files (which, I should point out, are really only useful to people who have purchased their products) proprietary information. Companies like Lyft, Paypal and Facebook, none of which would self-identify as open source companies, have gained a lot of value for little cost by making the tools they use open source.

When talking about open source for the enterprise, I often talk about the fact that it is the processes that a company uses to serve its customers that make it unique and define its value, not the tools used by the company. So often with commercial software you have to change those process to fit how the application thinks you should work, and in the process you lose some part of what makes you special to your customers. With open source you can fit the application to those processes. It is how you use the tools and not the tools themselves that is important, and so there is a lot to gain and little to lose by making them open source.

Getting back to Matt’s article, he is a project maintainer for Envoy, which is a “high performance C++ distributed proxy and communication bus designed for large service oriented architectures.” While I don’t consider myself a coder so I don’t claim to fully understand the its advantages, I do recognize enough buzzwords in that sentence to know that it would attract some attention from investors, and Matt was approached about leaving Lyft to start a commercial business around Envoy. He decided not to, and as I read his article about his decision I realized I’d found a kindred soul, someone who was more interested in creating something of value that would last versus making a quick buck.

He had me with this paragraph:

In my opinion, the best opportunity to commercialize OSS lies with projects that can be easily turned into SaaS products. Ultimately, even if software is completely open, many customers are happy to pay for a turnkey solution that “just works” and has a defined SLA with 24/7 monitoring and support. In some sense, customers pay for the operational expertise that comes from deeply understanding and running the software, versus the software itself.

Amen.

I’ve been making a living on open source for 15 years now working with OpenNMS, and I’ve spent a lot of time thinking about business models. We started out with the “service and support” model, which kept the doors open but limited growth. Then our clients started asking us for features, so we added custom development, which was time intensive but allowed us to finance OpenNMS features which attracted even more customers as the platform became more powerful. When we hit the problem of trying to balance the “release early, release often” philosophy of open source with the need for stability, we adopted the Red Hat model of splitting our application into a feature-rich, rapidly developed release (which we call Horizon™, similar to Fedora) and a more stable, subscription-based release that may lag in features but is better suited production environments (which we call Meridian®, similar to RHEL). But ultimately we came to the decision that what we really wanted to do was to offer OpenNMS as a service.

One company that inspired that decision was Automattic, maintainers of WordPress. I don’t think I know of a more powerful piece of software that is easier to install. They have a famous “5 Minute Install” that is quite simple. First, you drop the software into the webroot of your web server of choice. Next, you create a database account on your database of choice with certain permissions. Then you navigate to a web page and follow the prompts.

However, for a lot of people, terms like “webroot” are gibberish, and even with WordPress you still need some minimal database skills to maintain it. So Automattic offers up WordPress as a service. For a small monthly fee they’ll do everything for you, and this has generated revenues on the order of tens of millions of dollars per year.

OpenNMS is way more complicated, thus the value of a hosted version should be greater. In order to do so we needed some way to access the client’s network in a secure fashion, so with Horizon 20 we introduced the Minion. The Minion software allows for OpenNMS functionality to be distributed. It is built on the Karaf container, so once installed all of its features can be remotely managed. For smaller networks, the Minion can be sold as an appliance and talk to a hosted version of OpenNMS. It can bring a complex and powerful tool like OpenNMS into the hands of the masses.

For larger companies it solves issues of scale as Minions can be deployed to cover even the largest networks (our goal is IoT scale). We’ve had them in production at one client for months now handling over 2 million events an hour. That translates to around 555 events per second, although the system itself can handle over 10,000 events per second so they have room to grow. If they ever hit that limit, we can simply add more Minions. They have the option of hosting all of OpenNMS in their own data center, or they could choose a hybrid model where some of the functionality is outsourced.

For pretty much the first time in the history of OpenNMS, we are seriously and actively seeking investment. There are a number of companies entering this space who have raised enormous amounts of money, and we think we can be competitive for far less money and provide a better solution. Plus, also for the first time in the history of OpenNMS, we have a reason to make it easier to use versus spending all of our resources making it more powerful.

Matt talks about investment in his post (remember Matt? As usual, I’ve made this all about me. Meeee!) It was actually his stories about dealing with investors that prompted me to write this. As Envoy started to get some traction, investors wanted him to leave and start a company. He writes:

Over the last few months I’ve been told by several investors that no OSS has become ubiquitous without having explicit commercial backing. I think this is false and is situation dependent. If anything, I would argue that if I were to leave Lyft now and start a platform company around Envoy, it will decrease the chance of Envoy becoming ubiquitous, primarily because it would negate all of the reasons laid out above.

That first sentence is interesting, since “ubiquitous” and “commercial” are a little vague. I would make the claim that the Apache web server was ubiquitous until its success spawned NGINX, and it was backed by the Apache Software Foundation which is a non-profit. Is a foundation “commercial”? The idea that for a project to become successful it needs a number of people to spend a lot of time working on it seems obvious, and the best way to achieve that is to pay those people to work on it.

He goes on to write:

It took me a lot of time to ultimately understand the previous simple point. Investors are extremely persuasive. They capitalize on “fear of missing out.” However, it’s important to realize that the opportunity cost is hugely mismatched between investor and company.

When he writes “investors” above I believe he means specifically venture capitalists. We’ve talked with a few VCs in the past and I can remember the almost “strong arm” tactics they used. If I hear “a rising tide lifts all boats” one more time, I might have to hit somebody. I’m not saying that all VCs are the same, but many of them come across as gamblers and not investors. I’m risk friendly but I don’t gamble. I’m heavily invested in wanting to build something with OpenNMS that outlasts me (it is already much bigger than me as the team I work with has way more to do with its success than I do) and I don’t want to gamble with it.

I do hope that there are some investors out there that can appreciate that aspect of our company as well as the fact that we’re profitable, have mature products and wonderful customers. Perhaps private equity or perhaps another company that shares our vision and wants to advance the project through acquisition. In any case we’re looking for them.

When I was a young man, old guys like I am now would tell me “work on something you love, not just for the money”. I always dismissed it with the thought that with enough money I can buy love. When you immerse yourself in something as personal as an open source project for ten to twelve hours a day, year after year, you really do have to love it and the satisfaction you get just can’t be bought. Matt’s thoughts are similar:

Ultimately, on a personal level I’m just having too much fun solving tough computer science problems at large scale at Lyft and building a community around Envoy. The bar to do something different is therefore extremely high, and it took a long time to realize that it’s perfectly OK to accept that and keep going down the existing path that I’m on. On another level, leaving now to start a company would feel very much like not following through on my original goal of open sourcing Envoy; the industry desperately needs a high quality and community-driven solution to microservice networking. Follow-through is something I take very seriously.

With that attitude the success of Envoy is almost assured.

Mark Turner : BBC – Capital – Why you should manage your energy, not your time

June 20, 2017 02:15 PM

Interesting approach.

Many of us will have had that sense of there just not being enough hours in the day to do everything we need to do. Tasks that should take only a few minutes can stretch into hours, all while other work mounts up.

For most, the solution is to work later into the evening or even over the weekend, which leaves many of us feeling exhausted, stressed and burned out. But what if working less were the key to getting more done?

Source: BBC – Capital – Why you should manage your energy, not your time

Mark Turner : Is North Carolina the Future of American Politics? – The New York Times

June 20, 2017 02:11 PM

Welcome to North Carolina circa 2017, where all the passions and pathologies of American politics writ large are played out writ small — and with even more intensity. Ever since 2010, when Republicans seized control of the General Assembly for the first time in a century, and especially since 2012, when they took the governor’s mansion, the state’s politics have been haywire. “There’s been a bigger and quicker shift to the right here than in any other state in the country,” says Rob Christensen, a longtime political writer for The News and Observer newspaper in Raleigh.

Source: Is North Carolina the Future of American Politics? – The New York Times

Mark Turner : Oh Columbia, you haven’t aged well

June 20, 2017 12:58 PM

2400 Bee Ridge Road, July 2016.


As an IBM Brat I moved around a lot as a kid (the inside joke is that IBM stands for “I’ve Been Moved”). This made it tough for me to think of home those times I was homesick while in the Navy but it also sort of locked in a time with a place in my memories. In my head, the places I’ve lived will always have a strong association with the brief time I’ve lived there.

Such is the case with Columbia, South Carolina. Columbia was my home for my 3rd grade to 7th grade school years, or 1979 to 1983. There was an actual city with Columbia, different than coming from Spanish Fort, Alabama, though our neighborhood of Spring Valley in northeast Columbia was definitely suburban. Spring Valley is a relatively wealthy, gated community with a private security guard and country club. My brothers and I would walk together with no attending parents to elementary school at Lonnie B. Nelson and we would ride our bikes all over the sprawling neighborhood to visit friends. It was a great place to grow up and provided me with important opportunities that helped make me who I am today.

My Uncle Bill’s death last year provided me the opportunity to catch a new glimpse of my old neighborhood as my brothers and I drove through on our way to his funeral. We lingered long enough to take photos of our old home and our school before continuing on, driving out Two Notch Road to continue our journey on I-20.

During my time there Two Notch Road was the big commercial road, leading from Spring Valley to the new (in 1979) Columbia Mall. Even then it was dotted with the ubiquitous flashing-light-arrow advertising signs, fast-food joints, and the like. These business would sprout up like weeds – wherever they could and seemingly with no thought to how they all fit together.

One of the benefits of the Internet (and Facebook) is the ability to connect with like-minded folks. When I joined Facebook I joined a group called “You Know You Grew Up In Dentsville when …” where people who grew up in that part Columbia can reminiscence. It’s been sad to read how the area has really gone downhill over the years. Dentsville is not far from Columbia Mall and its shopping centers that once beckoned with shiny new goods are now run down and crime-ridden, it seems.

I was in the E.L. Wright Middle School Chorus in the early 1980s and one night after a performance we met in Dentsville at what was then one of the newest, fanciest restaurants in Columbia called Applegate’s Landing on Decker Boulevard. Just for background, in best-restaurant polls Columbia residents often give Red Lobster the top marks so fancy restaurants there are relatively rare. Applegate’s Landing couldn’t compete with Red Lobster, apparently, and after a while the restaurant folded. While I was there, though, it was high class.

It was depressing to see how untamed Two Notch Road still is, decades after I lived there. I can’t help but think the lack of strong zoning rules kept it from reaching its potential. If developers don’t focus on anything but their own little patch of land they may trade their short-term gain for a long term decline of the area as a whole. What results is a run-down area like Two Notch Road that long ago lost its shine.

At least my Spring Valley home and the subdivision still looked good (and the home looks much better than it did when we lived there).

Bonus link: Check out the Columbia Closings blog for more depressing walks down memory lane.

Mark Turner : That time I got a Florida driver’s license without knowing it

June 18, 2017 02:33 AM

One day a few weeks ago I was poking around my Facebook message inbox, looking for those messages that get stuck there when they are sent from someone who isn’t a Facebook Friend. Several messages were weeks or months old but one of them had been sent three days prior in an urgent attempt to contact me.

Reading further, the sender owned a store in western North Carolina and said she wanted to warn me of someone’s possible attempt to steal my identity. She didn’t want to discuss it online, she said, but left me her number so I could call.

Identity theft? Urgent matter? Wouldn’t discuss it online? I was quite skeptical of the whole thing; not only quite sure that my identity hadn’t been stolen, but also how and why was this woman contacting me through Facebook? Deciding I had nothing to lose, I picked up the phone the next day.

The store owner was indeed who she said she was, and mentioned that an online customer of her store had tried to order some merchandise and pay by credit card. The store owner was suspicious of this transaction for whatever reason, so she demanded the customer send her a scanned driver’s license to verify identity. She said she received an image of a Florida driver’s license with my photograph attached, but something about the drive r’s license didn’t look right to her. She put my photo into Google and the photo matched a photo I have on my blog. Now armed with my name, she found me on Facebook and reached out to me there.

I thanked her for letting me know and assured her I was in no danger of identity theft. I also congratulated her for spotting the fraud and for her amazing feat of finding me. It took some mad Google Image skills for her to do that, and I know because I pride myself on my GoogleFu. Before ending the call, I asked if she could send me the photo she had been sent and she told me she would.

About a week later I got it. As you can see, it’s a pretty amateurish forgery.

I don’t remember changing my name

As for the photo, it comes from my years-ago blog post on passport photos. For a moment, I considered maybe scrubbing the photo from my blog. Then I realized that wouldn’t do any good. I have hundreds if not a thousand photos of me on the Internet. My face is just one of millions out on the Internet – not unique and certainly not any more valuable to a crook than anyone else’s. This is more of a fluke than anything, I decided.

I thought it would be fun to put my Google Image Search skills to the test and see where else my photo might be being used. Some of the hits show that I am being advertised as a Master’s degree graduate of a South Korean diploma factory. My face is also attached to a fake English teacher at a Bangladeshi high school and a “Security Guard” at another, similar site (interesting). I had no idea these were out there and while I could probably ask for them to be taken down I don’t see much harm in them. Material on my blog is licensed via Creative Commons for anyone to use, so one complaint I could make is that I wasn’t given proper attribution.

The moral to this story? Not sure there is one. Once stuff gets out on the Internet it’s there forever? Don’t post photos if you don’t want them being stolen for other things? If you’re going to forge an ID maybe spend more than 5 minutes doing it? Or perhaps the moral is that it’s getting easier to track down the source of fake material on the Internet. What one person can uncover on the Internet others can, too.

That’s not such a bad thing, after all.

Warren Myers : it’s not a better apple tv

June 16, 2017 06:41 PM

But the HomePod is an interesting take on my suggestion of making the Apple TV better.

Mark Turner : D.C. police issue warrant for 12 on Turkish security team in May brawl – The Washington Post

June 15, 2017 07:23 PM

DC Police are looking for these thugs. With any luck they’ll never set foot in America again.

Authorities in the District said Thursday that they have criminally charged a dozen members of Turkish President Recep Tayyip Erdogan’s security team who authorities say attacked protesters outside the ambassador’s residence in May.

At a news conference, D.C. Mayor Muriel E. Bowser (D) and Police Chief Peter Newsham explained the charges against the suspects, who are all believed to be in Turkey.

“I condemn this attack,” Bowser said, vowing that the city will “defend the First Amendment.”

The charges come nearly a month after the clashes at Sheridan Circle along Massachusetts Avenue’s Embassy Row, outside the residence of the Turkish ambassador. Police and other officials say various members of the visiting Erdogan’s security team, some of them armed, attacked a group protesting his regime as police struggled to restore order and bystanders recorded the scene with phones.

Source: D.C. police issue warrant for 12 on Turkish security team in May brawl – The Washington Post

Tarus Balog : CubaConf 2017

June 15, 2017 07:22 PM

UPDATE: Today the United States administration announced tougher restrictions on travel to Cuba. While nothing has changed at the moment, there will be some changes in the next 30 days. This should not impact people attempting to go to Cuba for this conference as it should fall under the “professional” or “educational” travel categories. This may change again before November and I’ll be sure to post updates.

While tourist travel remained officially banned, Obama also allowed a broad category of “people to people” visits to Cuba. Trump’s new directive still allows individual travel in all but that category, and reverts to an earlier policy of requiring “people to people” visits only in a Treasury-licensed group.

Free and open source software is as close to a true meritocracy than anything else I’ve found. It doesn’t matter what is the color of your skin, your gender or where you live, your value is judged simply by your contributions to the project. I wrote up my favorite instance of that for opensource.com concerning my friend Alejandro who got involved with OpenNMS when he lived in Venezuela. He and his wife are now permanent residents in the US due to his work on our project.

I actually forget how I came across CubaConf, but I was immediately interested in attending. This is an annual free software conference held in Havana, Cuba.

CubaConf

It has been illegal for US Citizens to travel to Cuba since before I was born. Last year the Obama administration eased some of those restrictions, so it is now possible, under certain conditions, to travel to Cuba as well as to use US Dollars while there.

Cuba has been pretty isolated since the 1960s, and as it races to catch up with the rest of the world it will need access to modern technology, especially software. I see an opportunity for free software to play a huge role in the future of that country, and I am eager to meet the people who will help make that happen.

I want to use this post to encourage all of my free and open source software friends to come to CubaConf. This is a three-day event that follows a format similar to one we used for our OpenNMS user conferences. The first day is a normal conference, with various tracks and presentations set to a schedule. The second day is a “barcamp” style conference where the attendees will set the agenda, and the third day is a hackathon.

Presentations are welcome in both Spanish and English, so I’ve submitted two talks (both in English). One is on starting an open source business. This will be different from my usual talk as I want to focus on how someone in Cuba could both spread the use of free software while getting paid to do it, without as much focus on setting up a corporation or other formal business entity. The second talk is on OpenNMS. While business transactions are still difficult between the US and Cuba, I really want to bring the magic that is OpenNMS to their attention so that when things ease between our countries people will be familiar with it.

I plan to attend all three days, and Alejandro is coming with me to help with any language issues (my Spanish is passable but not nearly as fluent as a native speaker). Note that the Call for Papers is open until the end of August.

Since you might be hesitant to consider going to Cuba from the United States, I wanted to share with you how it works.

First, tourism to Cuba for Americans is still illegal. However, the State Department has come up with a list of 12 categories which qualify for visiting.

12 Visa Categories for Cuba

In the case of CubaConf, you will choose either number four “Professional research and professional meetings” or number five “Educational activities”. I guess number six might work “Public performances, clinics, workshops, athletic and other competitions, and exhibitions” since it is kind of a workshop, but I’d stick with the first two. Since I am a free software professional, I plan to use number four, as I consider this a professional meeting.

Note that Cuba could care less about why you are there – this is a requirement of the US government.

Second, once you have a legal travel category, you’ll need a visa. In speaking with my favorite airline, American Airlines (they offer direct flights to Havana from Charlotte, NC, and Miami, FL), once you book your travel they will outsource the visa process to Cuba Travel Services who will handle the whole thing via e-mail. The visa costs $50 and it looks like there may be a $35 fee, but I’m not sure if the fee applies if you are referred via the airline and it may be built into the price of the ticket.

Speaking of things included in the price, the third thing to consider is that all Americans traveling to Cuba must have non-US health insurance. This is included as a $25 charge when you purchase your ticket.

That covers much of the “getting there” part. The fourth, and in my mind most important thing to know is that Cuba is still very much a cash-only country. American banks are still not doing business there so your credit cards won’t work, nor will the ATM, so you’ll need to bring cash. I verified this with calls to Bank of America, Chase and Citi – currently none of those banks have cards that work in that country.

There are two types of currency in use: The Cuban National Peso (CUP) and the Cuban Convertible Peso (CUC) or “kook”. The CUC is pegged to the dollar and is the currency used by most visitors. Luckily, Havana is a pretty safe place, although I still won’t want to carry around a lot of money if I can avoid it.

I’m not sure where I will stay. Being a big Marriott fan I do have the option to stay at the Four Points Sheraton, but it seems to be pretty far away from the Colegio Universitario San Gerónimo where the conference will be held. Most people visiting stay in a “casa particular” which is a room in someone’s house, and it appears that Airbnb is also in Cuba.

I plan to use the open source way and just ask my friends organizing the conference where I should stay. It is very easy to do, as they have set up a Telegram channel for the conference. While Spanish is the main language in the channel, English is welcome, and if you are thinking about coming to CubaConf I would consider going there first.

I am very exited about the opportunity to visit Havana in November. Despite the modern history between the US and Cuba, I know I’ll make some new friends.

Software libre crea amistades inmediatas.

Mark Turner : As early as 2007, analysis demonstrated that 400-V dc distribution had advantages; Now there’s a way to implement it.

June 15, 2017 06:40 PM


Is DC power the wave of the future for computing environments?

Power distribution in data centers used to emulate the architecture of old telephone central offices. A “rectifier” would step down and rectify the ac from the power line and use it to charge banks of batteries that provided an unregulated 48 V dc, which was distributed around the facility to run the telephone equipment in the racks.

Since at least 2007, data-center engineers have been talking about distributing 400 V dc (sometimes 380 V). Data centers are bigger and use a lot more power than telco central offices. At a minimum, higher voltage distribution would mean lower I2R losses and/or thinner power-distribution cables.

Source: As early as 2007, analysis demonstrated that 400-V dc distribution had advantages; Now there’s a way to implement it.

Mark Turner : Jumpseat: It’s All About the APU | Flying Magazine

June 15, 2017 06:02 PM

I enjoyed this pilot’s story of how a broken APU on his aircraft caused a mess.

For more than 50 years of jet airliner operation, the APU has been an integral part of airplane independence. The APU is a small jet engine located within the structure of the fuselage. With today’s airliners, the unit is operable both on the ground and in flight. In flight, the APU provides both a backup source of electric power and a limited amount of air pressure at lower altitudes — usually below 20,000 feet.

On the ground, the APU is capable of being the sole source of electricity and the sole source of air pressure. Air pressure from the APU is the standard method utilized in starting the engines. When air is not available, starting becomes problematic. On this particular trip, an inoperative APU became more problematic than my copilot and I could have ever imagined.

Source: Jumpseat: It’s All About the APU | Flying Magazine

Mark Turner : Even moderate drinking can damage the brain, claim researchers | Society | The Guardian

June 14, 2017 09:48 PM

Drinking even moderate amounts of alcohol can damage the brain and impair cognitive function over time, researchers have claimed.

While heavy drinking has previously been linked to memory problems and dementia, previous studies have suggested low levels of drinking could help protect the brain. But the new study pushes back against the notion of such benefits.

“We knew that drinking heavily for long periods of time was bad for brain health, but we didn’t know at these levels,” said Anya Topiwala, a clinical lecturer in old age psychiatry at the University of Oxford and co-author of the research.

Source: Even moderate drinking can damage the brain, claim researchers | Society | The Guardian

Warren Myers : what is happening with news publishers?

June 13, 2017 06:34 PM

I think, closer to the lines of thought that Ben Thompson of Stratechery has laid-out, that news publishing is about to undergo a major nichification – the days of everyone trying to report everything is over.

“Local” (whether by geography, interest, or some other grouping mechanism) publishing in narrowly-defined niches is basically going to finish gobbling the Old Line news publishers in the next 3-5 years. And I see automated “curation” (though, if it’s automated, it’s technically not “curating”) as a clever way to cross-cut unforeseen niches from other niches (and from the handful of “major” publishers that will refuse to die – even through they’re going to dramatically shrink very soon) – think applying pivot table data anaysis concept to news and publishing, rather than mere data.

Jean-Louis Gassée wrote in February the following about Facebook, & Google, about news publishers: “If they are really willing to contribute to a sustainable news ecosystem, as they claim, both should allow publishers to sell subscriptions on their platforms (while collecting a fee, obviously).” 

And that’s certainly an interesting idea – but one that I think will only last, if it even comes to fruition, for a very short period of time. It’s the Napster of news publishing.

I see news publishing undergoing the same sea change the music industry did starting in the late 90s with the rise of #Napster. Until Napster came along, if you wanted to listen to a specific song, you had to either a) wait for it to be on the radio, b) get the vinyl/tape/CD, c) get a friend to record it for you from the radio or some media they had. Then Napster and its ilk came along with peer-to-peer file-sharing, crazy lawsuits from the #RIAA, and services like #Apple’s #iTunes charging a mere $0.99 per track (and $9.99 per digital album) made file-sharing (which became a major attack vector for malware)

Then Napster and its ilk came along with peer-to-peer file-sharing, crazy lawsuits from the #RIAA, and services like #Apple’s #iTunes charging a mere $0.99 per track (and $9.99 per digital album) made file-sharing (which became a major attack vector for malware) far far less interesting: why spend hours searching for and downloading songs (which might be lousy quality, not the “real” song, etc) when you could just go to iTunes and get what you want in a couple minutes for 99¢?

Then came Pandora. And Spotify. And probably all kinds of other services I don’t know anything about. Why? Because people wanted what they wanted when they wanted it.

The same is true for “news”. How much of an average newspaper issue does the historically-average newspaper reader actually read? 10%? 30%? 50%? I’d bet anything north of 20% is highly unlikely overall.

And what do you have to do to “read” the news in a newspaper? You need to skip past ads, you need to flip between pages (and sometimes sections), you need to physically get the paper. And on and on. Paginated websites (like diply, just to name one) try to replicate the newspaper feel (flipping pages, skipping ads, not being able to see everything until you get to the end, etc) in a move to make money by selling ads and forcing eyeballs to look at them. (To combat that, folks like me run tools like pihole and ublock origin.)

Nichifying news is going to be a huge thing very soon: somewhat akin to the idea of targeted newsletters, but for “real” news, and not just something related to a website.

Mark Turner : 50 Years Ago: NSA’s Deadliest Day | Observer

June 10, 2017 03:49 PM

June 8, 1967 was the worst day in the history of the National Security Agency. On that date, Israeli airplanes and torpedo boats mauled and nearly sank an American spy ship in international waters, killing or maiming most of its crew. This tragedy appears as a footnote to Israelis, an unpleasant sideshow of their victorious Six Day War, while official Washington preferred the embarrassing episode be forgotten. But NSA has never let the Liberty and her ill-fated crew disappear from memory altogether.

Source: 50 Years Ago: NSA’s Deadliest Day | Observer

Tarus Balog : Horizon™ Version 20 Released

June 09, 2017 06:41 PM

Just a heads up that version 20 of Horizon has been released.

Since version 20 coincides with the 20th anniversary of the film The Fifth Element, we’ve decided to use characters from that movie as codenames for this release. Version 20.0.0 is called “Leeloo”.

This release continues our commitment to rapid releases in the Horizon product line, and is mainly focused on bug fixes, small enhancements and code cleanup. We have removed all use of Castor for the parsing of XML files and replaced it with JAXB, and number of deprecated events have been removed from the system.

Probably the biggest new feature is a topology provider that can be used to create custom maps. The Asset Topology Provider generates a GraphML topology based on node metadata including asset fields.

You can read the announcement and for more information, check out the release notes.

Tarus Balog : Why the FCC’s Title II is so Important (Spectrum Rant)

June 08, 2017 06:47 PM

Here is a rant about Time Warner/Charter/Spectrum or whatever the heck they call themselves these days. It illustrates how this large company can have a huge negative impact on a small business, and why treating Internet providers as common carriers is so important.

Our company wouldn’t exist without the Internet. Outside of the fact that our products are mainly used to monitor Internet resources, we host a number of servers from our office and about half of the staff works remotely so we rely on the Internet to communicate and coordinate.

Back in 2012 I contracted with Time Warner to provide Internet access to our office. We had fiber to the building and while our service was considerably more expensive than coax, I liked the fact that it was symmetrical and expandable. We started of with 20 Mbps but soon increased that to 50 Mbps. Over five years we only had one outage, due to a misconfiguration of our Customer Premise Equipment (CPE), and they corrected it within 20 minutes. I love the fact that when you called in the person who answered the phone understood terms like “duplex” and they were always very helpful.

Note the scenario: happy customer who is happy paying a premium for enterprise-level service.

Now let me tell you why all that goodwill has gone away.

Earlier this year we decided to move our office from Pittsboro, NC to Apex, NC. The first thing I did was contact Time Warner (well, Charter at the time) to insure that they could provide fiber to the new location. They said they could, although it would take 45 to 60 days. As our new office space needed to be completed, we were targeting an April 1st move in date anyway, so on February 15th I placed the order for the new service. At best, it would be available on the 1st and at worst it would be ready by the 15th. We told the old landlord we’d be out by April 30th just in case and to give us more time to move.

Finally, Spectrum doubled our speed and cut the price in half. I was feeling pretty good about the whole thing.

The feeling didn’t last.

As we got closer to April, things started to go wrong, most of it due to the fact that Spectrum is now such a behemoth that they have no idea what they are doing. In order to get fiber into our new building, they needed what is called a “Right of Entry”. They sent it to our landlord who promptly completed the form and sent it back. However, that person didn’t let the project manager know the form had been received, so he did absolutely nothing. Ten days (!) later I get a note that our build out had been suspended because of the lack of the ROE form. A form, I should point out, that was sent to them, twice.

At the end of March I’m told that our new date is May 11th. I’m unhappy – due to their poor processes I now have a new office that I can’t use for six weeks (remember, we took possession and started paying rent on April 1st). We also had to be out of the old office by the end of April. Luckily I work with a great team that is able to be productive when working from home, so I decided to suck it up and live with it.

On April 12th I get an update – the new date for the end of construction is now May 15th due to processes within Spectrum taking too long to finalize the work with a contractor. Now the actual date we’ll have Internet has been pushed out to the week of May 29th.

I am livid. By this point I’m ready to switch to the other option, AT&T. Unfortunately, they also need 45 to 60 days for service installation so I realize at this point I’m stuck with Spectrum.

I ask my salesperson for options and he suggests we get coax installed for a month (for a fee, of course). Since our office is right next to a large housing development they can get coax in the following week. I sign off on it.

It didn’t happen. When May arrived some of us started working in the new office mooching off the neighbor’s Wi-Fi from AT&T (with permission of course). I ended up traveling for a couple of weeks so I completely forgot about the coax option (it’s not like Spectrum was keeping me updated on anything – I’d have to reach out to them for an update). I did get a note on May 10th that all construction had been completed for the fiber and another note on May 18th that our new install date was June 2nd.

(sigh)

So, 45 days late, we have a firm install date. Wonderful.

Imagine how I felt when on the 24th of May I received a note that more construction was needed and that it would be pushed out another 30 days at least. When I get extremely angry I refer to it as going “non-linear” as that how fast my blood pressure rises. As I was ranting to pretty much everyone I’d ever interacted with at Spectrum it dawned on me that this could be for the coax order. Turns out that was the case. Apparently our crack project manager on the coax side decided to route our service from a point several miles away instead of from the one nearly across the street. This is why it was delayed and why the construction was needed. By this time we are about a week out from having fiber so I canceled the order. I did get a very apologetic call from the coax salesperson which I appreciated (under Spectrum, fiber [Enterprise] is handled by one sales team and coax [Business] is handled by another), and I made it clear that I’d be okay with everything as long as the fiber was delivered as promised on the 2nd.

It was. Around noon on June 2nd we had our 100 Mbps service and on the 3rd we moved all of our devices from the old office in Pittsboro to the new one in Apex. I informed my salesperson that they could disconnect the old service and despite all of the problems, I was happy with the new service.

So the whole process cost me two months rent and a few years off my life, but it was finally over.

Not so fast – the other shoe fell today.

I get an e-mail that I need to confirm my disconnect request. That didn’t bother me, in fact I appreciated it, but what did bother me was an additional note that it would be done within 30 days. When I replied I asked for clarification – would I be *paying* for the service I wasn’t using until they could disconnect it? The answer was “yes”.

I experienced a new word – apoplectic.

Due to the fact that the bureaucracy behind the new merged Spectrum company is so bad, I’m out nearly ten thousand dollars. That is the real money – it’s probably cost us twice that again in lost productivity from lack of network access and dealing with them throughout this process. We’re not one of those companies that is too big to fail so this really impacts us negatively. Had it been explained to me that I’d have to pay for the service until it was disconnected, I would have put the disconnect order in a month ago, but then had I used the date I was originally promised, our servers would have been off-line for over a month. That would have been catastrophic to our company.

Finally, I’ve gone from a happy customer to an extremely pissed off one who will be actively looking for options. Based on my experience I would suggest any business looking for network access look elsewhere.

Access to the Internet has become as important as other utilities such as electricity, water and sewer and just like those utilities it needs to be regulated as one. This is why the decision by the new industry-picked head of the FCC to reverse the decision to classify Internet access under Title II as a “common carrier” is so devastating to businesses like mine. Our company is small, yet we put millions of dollars into the local economy each year. You multiply that by the number of other small businesses and it can have a great impact to any community. Barriers put up by companies like Spectrum demonstrate that they can’t self-regulate and the government needs to take a firmer hand (and this is coming from a left-leaning libertarian).

I will be protesting that final bill for Internet access and I would welcome any advice on how to deal with a company like Spectrum. Let’s hope that there is a change soon so that other businesses can focus on creating value and not have to deal with the crap we had to endure.

I’m not holding my breath.

Mark Turner : Amazon kills unlimited Amazon Cloud Drive option

June 08, 2017 12:17 PM

Recently I had a scare when our home storage server went on the fritz. Years of photographs, videos, and files were suddenly in jeopardy as they appeared to vanish. Being a resourceful geek, once I caught my breath I was able to revive everything. Still, it was enough of a scare that I accelerated my quest for a good, offsite place to back up our files.

Part of this quest was getting gigabit fiber Internet at home, which I recently did when I could no longer wait for Google Fiber and signed up with AT&T Fiber. Untangling this brave new world has kept me busy recently, not leaving much time for blogging. I will have lots to say about this in the near future but suffice to say that having a fat pipe at home makes it easier to do any kind of backup to the cloud.

Enter Amazon Cloud Drive. When it was first announced in 2015, Amazon Cloud Drive (ACD) promised unlimited storage of all types of files (photos and others) for a mere $59.99 per year. Sounds too good to be true? Well, it was. This morning without any warning, Amazon killed Cloud Drive’s unlimited plan, updating its FAQ page with this blurb:

New Amazon Cloud Drive FAQ

1) What is changing?
Amazon is now providing options for customers to choose the storage plan that is right for them. Amazon will no longer offer an unlimited storage plan. Instead, we’ll offer storage plans of 100 GB for $11.99 and 1 TB for $59.99, up to 30 TB for an additional $59.99 per TB. Any customer that signs up for storage with Amazon automatically gets 5 GB for free, and Prime members receive free unlimited photo storage. You can see storage plan rates and find additional information here.

2) When will the change happen?
On June 8, 2017. Current customers will keep their existing unlimited storage plan through its expiration date. At the end of their existing subscription, customers with auto-renew turned on and 1TB or less of data stored will be renewed into the 1 TB plan for $59.99 per year. Customers with auto-renew off, or who have more than 1 TB of data stored, will need to visit their account’s Manage Storage page to opt in to one of the new plans. Prime members will continue to get unlimited photo storage, so photo storage won’t be counted against Prime members’ storage limits.

Poof! There goes my plan for cloud backup.

So what happened? Pure speculation on my part, since Amazon hasn’t really said much publicly about this significant change, but it was one infrastructure service Amazon wasn’t metering. Amazon Web Services (AWS) will let you spin up nearly unlimited virtual computers, for instance, as long as you’re willing to pay pennies for each and every CPU operation, every IO operation, and every megabyte of storage. Cloud Drive, almost certainly build on top of this AWS infrastructure, was an affordable way around these per-operation charges. Third-party applications (acd_cli, rclone, ARQBackup, etc.) with far more functionality than Amazon’s own, pathetic Cloud Drive client, made Cloud Drive much easier to use, some turning Cloud Drive into a virtual hard drive that made backups as easy as dragging-and-dropping. Automated backup tools could dump massive amounts of data into Cloud Drive with nearly the same reliability as Amazon’s AWS services. None of these were helping Jeff Bezos fuel his rockets.

So just when I finally have a speedy Internet connection with which to do cloud backups, Amazon pulls the plug on my cloud backup option. This has only me look more longingly at Google Fiber and Google’s own brand of cloud services known as Google Compute Engine. I’ve long thought that Google’s storage offerings could be the “killer app” that drives Google Fiber adoption and this could be Google’s opportunity. Unlike Google, Amazon doesn’t offer consumer Internet service. Google offers both Internet and cloud services. Google’s offering customers a blazing-fast link to cheap online storage and other cloud resources could really chip away at Amazon’s dominance in cloud services.

For now, I will draw down my Amazon Cloud Drive files and migrate them to Google Drive or some other service. I don’t necessarily need unlimited storage but I do need a long-term online storage option that’s not going to radically change after just two years.

Tarus Balog : Service Outage Tomorrow, Saturday June 3rd

June 02, 2017 10:03 PM

Wonder of wonders, Time Warner/Charter/Spectrum/whatever has finally delivered connectivity to our new office, albeit a month late.

So, we’ll be moving a number of servers from our old location to the new one, which means certain things, such as demo and Bamboo will be down for a few hours. Almost everything else is hosted elsewhere and redundant, so we shouldn’t have any other issues.

Sorry for the outage and thanks for your patience.

Tarus Balog : Monitoring? Meh.

June 01, 2017 12:17 PM

Recently, I was talking to a person in the tech industry and describing all of the cool things we are doing with OpenNMS, when he kind of cut me off and went “Oh, monitoring? Meh.”

Well, I can’t remember if there was an actual “meh” but that’s how it came across, and I’m afraid the reaction is probably more common that I would think. Monitoring isn’t sexy, but it surprises me that people can’t see how critical it will be to the future of any business.

IoT Devices Over Time

While forecasts vary, by 2020 there are expected to be over 30 billion devices on the Internet, and that figure will skyrocket to over 75 billion by 2025. Just knowing what is connected to your business network is going to become critical, as well as making sure it belongs there in the first place and, if so, is functioning properly.

Outside of the obvious security concerns, as people began to transact business more and more through devices rather than people, faults in those devices will directly impact revenue as people search for other options when faced with a bad experience.

Here are a couple of examples.

One of the greatest inventions in my lifetime is the ability to buy fuel at the pump. You just pull up, swipe your card, pump and then leave. You used to have to pay inside, and some places made you pay first which meant two trips in if you were paying by credit card. It could be cold or rainy, and not only did you have to wait in line behind people buying food or lottery tickets, you had to leave your car out by the pump possibly blocking the next customer.

The only problem I’ve experienced with this process concerns the receipt. Quite frequently I need a receipt, but it seems the pumps I choose are always out of paper. The little red indicator mark when the paper roll is almost finished isn’t visible to the cashier since there really isn’t one out by the pump. It is frustrating, but it is not like I have a choice at the moment. If there was some way to monitor the pump for a “low paper” alarm, it would improve my shopping experience.

One shopping experience that did result in my leaving the store without a purchase happened yesterday at a Lowe’s Home Improvement store. I needed some florescent lights for the new office so I went by on my way home. I picked up four bulbs (two that I needed and two spares) and went to the checkout area.

I walked past several unmanned cash registers until I got to the “Self Checkout” section, which was the only thing open. Of the four machines, two had red blinking lights on them (that are green when things are functioning normally) and the one lone, overworked cashier was doing her best to help people out. I usually don’t mind using Self Checkout and when I noticed one of the two machines was open (everyone else was waiting for the attention of the lone cashier) I went to it and started my purchase.

I scanned my “My Lowe’s” card and then the first bulb. “Eight ninety-five” piped up the voice and I placed it in a bag.

Here is where the problems started. First, I hate the fact that with these Self Checkout kiosks they don’t trust you to use a “quantity” key. I was buying four identical items but I was required to scan each one. Next, the bulb was light enough that it didn’t register as having been bagged, so the interface yelled at me and presented me with a button marked “Skip Bagging Item?”.

I sighed and, having no other option, hit the button. I then went on to scan the next three bulbs. However, as I bagged the fourth bulb, the scale must have started working since the whole unit went into some kind of alarm mode, screeching “Unidentified Object in the Bagging Area!” and the screen was locked until the cashier had time to come and fix it.

I looked around the area, and by this time all four kiosks had a flashing red light, there were at least three shoppers lined up to use them in addition to those of us already there, and our valiant cashier was busy helping a guy ring up his plumbing supply purchase which consisted of a ton of small copper fittings which most likely wouldn’t be registered by the scale.

I gave up. I picked up my bulbs and returned them to the Lighting section, passing three employees in the customer service area helping zero customers. Before I reached the car I’d ordered the same bulbs on Amazon at a fraction of the price, and they’ll be here on Friday.

Yes, I’m complaining, but how could monitoring have helped here? First, there is some sort of monitoring – those little red lights. When they all light up you would assume someone, or perhaps multiple someones, would come by to help. A monitoring system could have made sure that happened by using an additional notification system outside of the lights, and escalating it until the problem was addressed.

A more long term solution would be to collect information on the purchasing experience and the problems people encountered and to make changes to the automated kiosk software. I’m certain that Lowe’s didn’t write that software but instead bought it, and like most proprietary software solutions they now have to fit their processes to the application instead of the other way around. It probably wasn’t designed for a store that sells a lot of small, light things which is central to the issues I have using it.

With the rise of IoT devices, robotics and other forms of automation, monitoring is going to become extremely important. Lowe’s lost out on a $40 sale, but think of something like an assembly line where a problem could result in the loss of thousands of dollars a minute. Our goal at OpenNMS is to be ready for it, and to build products that make people go “Monitoring? Oh yeah!”.

Mark Turner : Singing the praises of MusicBrainz

May 30, 2017 12:26 PM

MusicBrainz


Can I tell you how much I love MusicBrainz? I have been dabbling on online radio for a few years now and the challenge is always finding interesting content. One of the most cost-effective ways to find varied content is in compilation albums or soundtracks. One-hit wonders that were one staples of radio make good radio content but buying a one-hit wonder’s shitty album just to get their only hit isn’t cost-effective. With MusicBrainz, I can look up a one-hit wonder and find out exactly what compilation albums or soundtracks it’s a part of. I can buy that compilation and not only get the song I want but most likely other good one-hit wonders along with it. Awesome!

Another good use of MusicBrainz is finding just the right mix of a song. Often, record companies will release a remixed or edited song as a single, either designed to fit on a 45 or to be more radio-friendly. For example Steppenwolf’s Magic Carpet Ride has a great break that goes on and on in the album version but is often cut short in versions played on the radio (2:55 vs. the original 4:27). This drives me nuts! MusicBrainz knows which versions are which, though! I can find the entire catalog of Steppenwolf, find their The Second album, click on Magic Carpet Ride, and see all the versions of the song that have been released. Goodbye, hacked-up, radio-edit song versions!

MusicBrainz would’ve come in handy with a recent purchase I made at the (now defunct) Ed McKay store earlier this year. I picked up what I thought was a compilation album of early 70’s hits. I expected these to be the original master recordings of the songs but that’s not what I got! The entire album was re-recordings of the hits, none of them sounding the same as the ones I know and love. I was disappointed I hadn’t noticed the small print on the CD cover, and that I hadn’t gone to MusicBrainz first!

MusicBrainz is an open source project as well as a 501c(3). It’s worthy of your time and contributions!