Warren Myers : sometimes i’m off

April 27, 2021 09:23 PM

It took Apple 5.5 (or 6, if you count last week as really hitting it) years to introduce what I called the MacBook Flex back in 2015.

With the 13″ MacBook Pro available in an M1-powered edition (which is so much better than the top-end MBP from 2019…it’s not even funny), and now a 5G-enabled iPad Pro running on the M1 … it’s here.

Mark Turner : Practicing my OSINT skills

April 18, 2021 02:23 AM

Yesterday, a story went viral of a North Carolina man and woman who fought off an attack by a rabid bobcat. This story made news all over the world (it was a slow news Friday, I suppose) but I became annoyed that none of the stories mentioned who the victims were. I thought this might make a good opportunity to use my Open Source Intelligence (OSINT) skills to try to identify them based on what was known so far. And what do you know, I managed to do it!

Since I hadn’t seen that the couple had granted any interviews anywhere, I figured they were not interested in publicity and I opted not to mention their names publicly. I now see that Wilmington station WECT has interviewed them so I can reveal my work. The folks involved are good people and I don’t want my post to be used to harass them so I will focus on my techniques rather than their identity.

So, at the start of this journey all I had was the video. You see them leaving their house in the morning and getting attacked by the bobcat as they attempt to get into their car. The man pulls the animal off of his wife and flings it into the yard before they escape. It’s quite wild.


We can learn a lot from studying this video.

1. We know it’s morning. On the audio, we hear the man greet the passing jogger with “Good morning.” He puts his coffee on his car.
2. Sunlight is visible on the homes in the background. Since it’s morning, we know we are facing west.
3. Key identifying items are visible. The home is near a curve. The sidewalk ends on the right side of their yard. There is a storm catch basin directly across from the driveway.

All these things help separate this home from others in the neighborhood.

Listening carefully to the clip we hear the wife frantically calling her husband’s name, Happy.

An additional bit of information came to me. Someone mentioned it happened in North Carolina; Pender County to be exact. Another person mentioned a bulletin recently put out by the Pender County Sheriff’s Department. It was a notice warning that a rabid bobcat had attacked people and to make sure all of your pets are vaccinated. It said the attack occurred on April 9th, the dead bobcat was tested at N.C. State, and the bobcat was found to have had rabies. It also mentioned that this had happened in the Creekside Subdivision of Burgaw, NC.

So, bobcats are normally extremely shy. They are nocturnal and avoid people at all costs. Interactions with people are thus very rare. It looked like the Pender County Sheriff’s bulletin must have been referring to the attack in the video.

So we know a few things so far:
1. Distinctive features of Happy and his wife’s home.
2. That their home faces west.
3. That the home is likely in the Creekside Subdivision of Pender County.

Time to go to Google Maps and see what we can find.

I put “Creekside Burgaw, NC” in to the search bar and I’m presented with a promising result:

This is a nice, compact subdivision so it shouldn’t take long to narrow down the house. Unfortunately Google Street View has not yet snapped on-the-ground photographs so we’ll have to figure this out ourselves. The subdivision only has one turn on the west side, so immediately I’m looking in the lower right corner for our house.

There is only one house shown on the street map that meets our criteria. But the video shows houses to the left of our house, among others. Where are the houses? It appears Google is not up-to-date on the construction here.

Let’s check the satellite view, as sometimes these two can differ:

No luck. We see an image of the home under construction that’s shown on the street map but none of the surrounding houses. Time to look for a more up-to-date map of the area.

Let’s check the Pender County GIS site. Local governments tend to have GIS systems to maintain more accurate maps for their tax assessments, first responders, and the like. Pender County is no exception and has a very easy to use GIS system. Let’s see what the subdivision looks like in county records:

Bingo. We now have a map showing all the lots in the Creekside subdivision. There’s a home on the western side and in the correct spot in relation to the curve. It also abuts a pond and thus has the sidewalk ending at the property line.

Perfect. This is our house.

GIS tells us the owner, too. In case you were wondering, Happy is only a nickname. Happy’s formal name is Leon H. Wade III. It is common for family members who share names to become known primarily by nicknames. To be sure this is the person we want, A search on his nickname and last name (which is not a common name and thus has higher confidence if we find a match) turns up a LinkedIn page for a gentleman who works in Wilmington, NC, which is the largest city in Pender County.

We can now say with some confidence that we found the person we were looking for. These same techniques can be used to help locate other photographs (for instance, photos of an adversary) and identify the persons in those photographs. It’s also fun.

Warren Myers : think-read-speak

March 24, 2021 09:12 PM

deeply-broadly-carefully

think-read-speak deeply-broadly-carefully

Please feel free to use/share/copy/adapt this image

Tarus Balog : OpenNMS Resources

February 25, 2021 07:22 PM

Getting started with OpenNMS can be a little daunting, so I thought I’d group together some of the best places to start.

When OpenNMS began 20+ years ago, the main communication channel was a group of mailing lists. For real time interaction we added an “#opennms” IRC channel on Freenode as well. As new technology came along we eagerly adopted it: hosting forums, creating a FAQ with FAQ-o-matic, building a wiki, writing blogs, etc.

The problem became that we had too many resources. Many weren’t updated and thus might host obsolete information, and it was hard for new users to find what they wanted. So a couple of years ago we decided to focus on just two main places for community information.

We adopted Discourse to serve as our “asynchronous” communication platform. Hosted at opennms.discourse.group the goal is to migrate all of our information that used to reside on sites like FAQs and wikis to be in one place. In as much as our community has a group memory, this is it, and we try to keep the information on this site as up to date as possible. While there is still some information left in places like our wiki, the goal is to move it all to Discourse and thus it is a great place to start.

I also want to call your attention to “OpenNMS on the Horizon (OOH)”. This is a weekly update of everything OpenNMS, and it is a good way to keep up with all the work going on with the platform since a lot of the changes being made aren’t immediately obvious.

While we’ve been happy with Discourse, sometimes you just want to interact with someone in real time. For that we created chat.opennms.com. This is an instance of Mattermost that we host to provide a Slack-like experience for our community. It basically replaces the IRC channel, but there is also a bridge between IRC and MM so that posts are shared between the two. I am “sortova” on Mattermost.

When you create an account on our Mattermost instance you will be added to a channel called “Town Square”. Every Mattermost instance has to have a default channel, and this is ours. Note that we use Town Square as a social channel. People will post things that may be of interest to anyone with an interest in OpenNMS, usually something humorous. As I write this there are over 1300 people who have signed up on Town Square.

For OpenNMS questions you will want to join the channel “OpenNMS Discussion”. This is the main place to interact with our community, and as long as you ask smart questions you are likely to get help with any OpenNMS issues you are facing. The second most popular channel is “OpenNMS Development” for those interested in working with the code directly. The Minion and Compass applications also have their own channels.

Another channel is “Write the Docs”. Many years ago we decided to make documentation a key part of OpenNMS development. While I have never read any software documentation that couldn’t be improved, I am pretty proud of the work the documentation team has put into ours. Which brings me to yet another source of OpenNMS information: the official documentation.

Hosted at docs.opennms.org, our documentation is managed just like our application code. It is written in AsciiDoc and published using Antora. The documentation is versioned just like our Horizon releases, but usually whenever I need to look something up I go directly to the development branch. The admin guide tends to have the most useful information, but there are guides for other aspects of OpenNMS as well.

The one downside of our docs is that they tend to be more reference guides than “how-to” articles. I am hoping to correct that in the future but in the meantime I did create a series of “OpenNMS 101” videos on YouTube.

They mirror some of our in-person training classes, and while they are getting out of date I plan to update them real soon (we are in the process of getting ready for a new release with lots of changes so I don’t want to do them and have to re-do them soon after). Unfortunately YouTube doesn’t allow you to version videos so I’m going to have to figure out how to name them.

Speaking of changes, we document almost everything that changes in OpenNMS in our Jira instance at issues.opennms.org. Every code change that gets submitted should have a corresponding Jira issue, and it is also a place where our users can open bug reports and feature requests. As you might expect, if you need to open a bug report please be as detailed as possible. The first thing we will try to do is recreate it, so having information such as the version of OpenNMS you are running, what operating system you are using and other steps to cause the problem are welcome.

If you would like us to add a feature, you can add a Feature Request, and if you want us to improve an existing feature you can add an Enhancement Request. Note that I think you have to have an account to access some of the public issues on the system. We are working to remove that requirement as we wish to be as transparent as possible, but I don’t think we’ve been able to get it to work just yet. I just attempted to visit a random issue and it did load but it was missing a lot of information that shows up when I go to that link while authenticated, such as the left menu and the Git Integration. You will need an account to open or comment on issues. There is no charge to open an account, of course.

Speaking of git, there is one last resource I need to bring up: the code. We host our code on Github, and we’ve separated out many of our projects to make it easier to manage. The main OpenNMS application is under “opennms” (naturally) but other projects such as our machine learning feature, ALEC, have their own branch.

While it was not my intent to delve into all things git on this post, I did want to point out than in the top level directory of the “opennms” project we have two scripts, makerpm.sh and makedeb.sh that you can use to easily build your own OpenNMS packages. I have a video queued up to go over this in detail, but to build RPMs all you’ll need is a base CentOS/RHEL install, and the packages “git” (of course), “expect”, “rpm-build” and “rsync”. You’ll also need a Java 8 JDK. While we run on Java 11, at the moment we don’t build using it (if you check out the latest OOH you’ll see we are working on it). Then you can run makerpm.sh and watch the magic happen. Note the first build takes a long time because you have to download all of the maven dependencies, but subsequent builds should be faster.

To summarize:

For normal community interaction, start with Discourse and use Mattermost for real time interaction.

For reference, check out our documentation and our YouTube channel.

For code issues, look toward our Jira instance and our Github repository.

OpenNMS is a powerful monitoring platform with a steep learning curve, but we are here to help. Our community is pretty welcoming and hope to see you there soon.

Tarus Balog : Open Source Contributor Agreements

February 24, 2021 04:41 PM

I noticed a recent uptick in activity on Twitter about open source Contributor License Agreements (CLAs), mostly negative.

Twitter Post About CLAs

The above comment is from a friend of mine who has been involved in open source longer than I have, and whose opinions I respect. On this issue, however, I have to disagree.

This is definitely not the first time CLAs have been in the news. The first time I remember even hearing about them concerned MySQL. The MySQL CLA required a contributor to sign over ownership of any contribution to the project, which many thought was fine when they were independent, but started to raise some concerns when they were acquired by Sun and then Oracle. I think this latest resurgence is the result of Elastic deciding to change their license from an open source one to something more “open source adjacent”. This has caused a number of people take exception to this (note: link contains strong language).

As someone who doesn’t write much code, I think deciding to sign a CLA is up to the individual and may change from project to project. What I wanted to share is a story of why we at OpenNMS have a CLA and how we decided on one to adopt, in the hopes of explaining why a CLA can be a positive thing. I don’t think it will help with the frustrations some feel when a project changes the license out from under them, but I’m hoping it will shed some light on our reasons and thought processes.

OpenNMS was started in 1999 and I didn’t get involved until 2001 when I started work at Oculan, the commercial company behind the project. Oculan built a monitoring appliance based on OpenNMS, so while OpenNMS was offered under the GPLv2, the rest of their product had a proprietary license. They were able to do this because they owned 100% of the copyright to OpenNMS. In 2002 Oculan decided to no longer work on the project, and I was able to become the maintainer. Note that this didn’t mean that I “owned” the OpenNMS copyright. Oculan still owned the copyright but due to the terms of the license I (as well as anyone else) was free to make derivative works as long as those works adhered to the license. While the project owned the copyright to all the changes made since I took it over, there was no one copyright holder for the project as a whole.

This is fine, right? It’s open source and so everything is awesome.

Fast forward several years and we became aware of a company, funded by VCs out of Silicon Valley, that was using OpenNMS in violation of the license as a base on which to build a proprietary software application.

I can’t really express how powerless we felt about this. At the time there were, I think, five people working full time on OpenNMS. The other company had millions in VC money while we were adhering to our business model of “spend less than you earn”. We had almost no money for lawyers, and without the involvement of lawyers this wasn’t going to get resolved. One thing you learn is that while those of us in the open source world care a lot about licenses, the world at large does not. And since OpenNMS was backed by a for-profit company, there was no one to help us but ourselves (there are some limited options for license enforcement available to non-profit organizations).

We did decide to retain the services of a law firm, who immediately warned us how much “discovery” could cost. Discovery is the process of obtaining evidence in a possible lawsuit. This is one way a larger firm can fend off the legal challenges of a smaller firm – simply outspend them. It made use pretty anxious.

Once our law firm contacted the other company, the reply was that if they were using OpenNMS code, they were only using the Oculan code and thus we had no standing to bring a copyright lawsuit against them.

Now we knew this wasn’t true, because the main reason we knew this company was using OpenNMS was that a disgruntled previous employee told us about it. They alleged that this company had told their engineers to follow OpenNMS commits and integrate our changes into their product. But since much of the code was still part of the original Oculan code base, it made our job much more difficult.

One option we had was to get with Oculan and jointly pursue a remedy against this company. The problem was that Oculan went out of business in 2004, and it took us awhile to find out that the intellectual property had ended up Raritan. We were able to work with Raritan once we found this out, but by this time the other company also went out of business, pretty much ending the matter.

As part of our deal with Raritan, OpenNMS was able to purchase the copyright to the OpenNMS code once owned by Oculan, granting Raritan an unlimited license to continue to use the parts of the code they had in their products. It wasn’t cheap and involved both myself and my business partner using the equity in our homes to guarantee a loan to cover the purchase, but for the first time in years most of the OpenNMS copyright was held by one organization.

This process made us think long and hard about managing copyright moving forward. While we didn’t have thousands of contributors like some projects, the number of contributors we did have was non-trivial, and we had no CLA in place. The main question was: if we were going to adopt a CLA, what should it look like? I didn’t like the idea of asking for complete ownership of contributions, as OpenNMS is a platform and while someone might want to contribute, say, a monitor to OpenNMS, they shouldn’t be prevented from contributing a similar monitor to Icinga or Zabbix.

So we asked our our community, and a person named DJ Gregor suggested we adopt the Sun (now Oracle) Contributor Agreement. This agreement introduced the idea of “dual copyright”. Basically, the contributor keeps ownership of their work but grants copyright to the project as well. This was a pretty new idea at the time but seems to be common now. If you look at CLAs for, say, Microsoft and even Elastic, you’ll see similar language, although it is more likely worded as a “copyright grant” or something other than “dual copyright”.

This idea was favorable to our community, so we adopted it as the “OpenNMS Contributor Agreement” (OCA). Now the hard work began. While most of our active contributors were able to sign the OCA, what about the inactive ones? With a project as old as OpenNMS there are a number of people who had been involved in the project but due to either other interests or changing priorities they were no longer active. I remember going through all the contributions in our code base and systematically hunting down every contributor, no matter how small, and asking them to sign the OCA. They all did, which was nice, but it wasn’t an easy task. I can remember the e-mail of one contributor bounced and I finally hunted them down in Ireland via LinkedIn.

Now a lot of the focus of CLAs is around code ownership, but there is a second, often more important part. Most CLAs ask the contributor to affirm that they actually own the changes they are contributing. This may seem trivial, but I think it is important. Sure, a contributor can lie and if it turns out they contributed something they really didn’t own the project is still responsible for dealing with that code, but there are a number of studies that have shown that simply reminding someone about a moral obligation goes a long way to reinforce ethical behavior. When someone decides to sign a CLA with such a clause it will at least make them think about it and reaffirm that their work is their own. If a project doesn’t want to ask for a copyright assignment or grant, they should at least ask for something like this.

While the initial process was pretty manual, currently managing the OCAs is pretty automated. When someone makes a pull request on our Github project, it will check to see if they have signed the OCA and if not, send them to the agreement.

The fact that the copyright was under one organization came in handy when we changed the license. One of my favorite business models for open source software is paid hosting, and I often refer to WordPress as an example. WordPress is dead simple to install, but it does require that you have your own server, understand setting up a database, etc. If you don’t want to do that, you can pay WordPress a fee and they’ll host the product for you. It’s a way to stay pure open source yet generate revenue.

But what happens if you work on an open source project and a much bigger, much better funded company just takes your project and hosts it? I believe one of the issues facing Elastic was that Amazon was monetizing their work and they didn’t like it. Open source software is governed mainly by copyright law and if you don’t distribute a “copy” then copyright doesn’t apply. Many lawyers would claim that if I give you access to open source software via a website or an API then I’m not giving you a copy.

We dealt with this at OpenNMS, and as usual we asked our community for advice. Once again I think it was DJ who suggested we change our license to the Affero GPL (AGPLv3) which specifically extends the requirement to offer access to the code even if you only offer it as a hosted service. We were able to make this change easily because the copyright was held by one entity. Can you imagine if we had to track down every contributor over 15+ years? What if a contributor dies? Does a project have to deal with their estate or do they have to remove the contribution? It’s not easy. If there is no copyright assignment, a CLA should at least include detailed contact information in case the contributor needs to be reached in the future.

Finally, remember that open source is open source. Don’t like the AGPLv3? Well you are free to fork the last OpenNMS GPLv2 release and improve it from there. Don’t like what Elastic did with their license? Feel free to fork it.

You might have detected a theme here. We relied heavily on our community in making these decisions. The OpenNMS Group, as stewards of the OpenNMS Project, takes seriously the responsibilities to preserve the open source nature of OpenNMS, and I like to think that has earned us some trust. Having a CLA in place addresses some real business needs, and while I can understand people feeling betrayed at the actions of some companies, ultimately the choice is yours as to whether or not the benefits of being involved in a particular project outweigh the requirement to sign a contributor agreement.

Tarus Balog : The Server Room Show Podcast

February 23, 2021 04:05 PM

A couple of weeks ago I had the pleasure to chat with Viktor Madarasz on “The Server Room Show” podcast.

The Server Room Podcast Graphic

Viktor is an IT professional with a strong interest in open source, and we had a fun and meandering conversation covering a number of topics. As usual, I talked to much so he ended up splitting our conversation across two episodes.

You can visit his website for links to the podcast from a large variety of podcast sources, or you can listen on Youtube to part one and part two.

It was fun, and I hope to be able to chat again sometime in the future.

Note: Viktor is originally from Hungary, as was my grandfather. I tried to make getting some Túró Rudi part of my appearing on the show, but unfortunately we haven’t figured out how to get it outside of Hungary, and we all know that I’d talk about open source for free pretty much any time and any place.

Tarus Balog : Thoughts on Security and Open Source Software

February 22, 2021 02:15 PM

Due to the recent supply-chain attack on Solarwinds products, I wanted to put down a few thoughts on the role of open source software and security. It is kind of a rambling post and I’ll probably lose all three of my readers by the end, but I found it interesting to think about how we got here in the first place.

I got my first computer, a TRS-80, as a Christmas present in 1978 from my parents.

Tarus and his TRS-80

As far as I know, these are the only known pictures of it, lifted from my high school yearbook.

Now, I know what you are thinking: Dude, looking that good how did you find the time off your social calendar to play with computers? Listen, if you love something, you make the time.

(grin)

Unlike today, I pretty much knew about all of the software that ran on that system. This was before “open source” (and before a lot of things) but since the most common programming language was BASIC, the main way to get software was to type in the program listing from a magazine or book. Thus it was “source available” at least, and that’s how I learned to type as well as being introduced to the “syntax error”. That cassette deck in the picture was the original way to store and retrieve programs, but if you were willing to spend about the same amount as the computer cost you could buy an external floppy drive. The very first program I bought on a floppy was from this little company called Microsoft, and it was their version of the Colossal Cave Adventure. Being Microsoft it came on a specially formatted floppy that tried to prevent access to the code or the ability to copy it.

And that was pretty much the way of the future, with huge fortunes being built on proprietary software. But still, for the most part you were aware of what was running on your particular system. You could trust the software that ran on your system as much as your could trust the company providing it.

Then along comes the Internet, the World Wide Web and browsers. At first, browsers didn’t do much dynamically. They would reach out and return static content, but then people started to want more from their browsing experience and along came Java applets, Flash and JavaScript. Now when you visit a website it can be hard to tell if you are getting tonight’s television listings or unknowingly mining Bitcoin. You are no longer in charge of the software that you run on your computer, and that can make it hard to make judgements about security.

I run a number of browsers on my computer but my default is Firefox. Firefox has a cool plugin called NoScript (and there are probably similar solutions for other browsers). NoScript is an extension that lets the user choose what JavaScript code is executed by the browser when visiting a page. A word of warning: the moment you install NoScript, you will break the Internet until you allow at least some JavaScript to run. It is rare to visit a site without JavaScript, and with NoScript I can audit what gets executed. I especially like this for visiting sensitive sites like banks or my health insurance provider.

Speaking of which, I just filed a grievance with Anthem. We recently switched health insurance companies and I noticed that when I go to the login page they are sending information to companies like Google, Microsoft (bing.com) and Facebook. Why?

Blocked JavaScript on the Anthem Website

I pretty much know the reason. Anthem didn’t build their own website, they probably hired a marketing company to do it, or at least part of it, and that’s just the way things are done, now. You send information to those sites in order to get analytics on who is visiting your site, and while I’m fine with it when I’m thinking about buying a car, I am not okay with it coming from my insurance company or my bank. There are certain laws governing such privacy, with more coming every day, and there are consequences for violating it. They are supposed to get back to me in 30 days to let me know what they are sending, and if it is personal information, even if it is just an IP Address, it could be a violation.

I bring this up in part to complain but mainly to illustrate how hard it is to be “secure” with modern software. You would think you could trust a well known insurance company to know better, but it looks like you can’t.

Which brings us back to Solarwinds.

Full disclosure: I am heavily involved in the open source network monitoring platform OpenNMS. While we don’t compete head to head with Solarwinds products (our platform is designed for people with at least a moderate amount of skill with using enterprise software while Solarwinds is more “pointy-clicky”) we have had a number of former Solarwinds users switch to our solution so we can be considered competitors in that fashion. I don’t believe we have ever lost a deal to Solarwinds, at least one in which our sales team was involved.

Now, I wouldn’t wish what happened to Solarwinds on my worst enemy, especially since the exploit impacted a large number of US Government sites and that does affect me personally. But I have to point out the irony of a company known for criticizing open source software, specifically on security, to let this happen to their product. Take this post from on of their forums. While I wasn’t able to find out if the author worked at Solarwinds or not, they compare open source to “eating from a dirty fork”.

Seriously.

But is open source really more secure? Yes, but in order to explain that I have to talk about types of security issues.

Security issues can be divided into “unintentional”, i.e. bugs, and “intentional”, someone actively trying to manipulate the software. While all software but the most simple suffers from bugs, what happened to the Solarwinds supply chain was definitely intentional.

When it comes to unintentional security issues, the main argument against open source is that since the code is available to anyone, a bad actor could exploit a security weakness and no one would know. They don’t have to tell anyone about it. There is some validity to the argument but in my experience security issues in open source code tend to be found by conscientious people who duly report them. Even with OpenNMS we have had our share of issues, and I’d like to talk about two of them.

The first comes from back in 2015, and it involved a Java serialization bug in the Apache commons library. The affected library was in use by a large number of applications, but it turns out OpenNMS was used as a reference to demonstrate the exploit. While there was nothing funny about a remote code execution vulnerability, I did find it amusing that they discovered it with OpenNMS running on Windows. Yes, you can get OpenNMS to run on Windows, but it is definitely not easy so I have to admire them for getting it to work.

I really didn’t admire them for releasing the issue without contacting us first. Sending an email to “security” at “opennms.org” gets seen by a lot of people and we take security extremely seriously. We immediately issued a work around (which was to make sure the firewall blocked the port that allowed the exploit) and implemented the upgraded library when it became available. One reason we didn’t see it previously is that most OpenNMS users tend to run it on Linux and it is just a good security practice to block all but needed ports via the firewall.

The second one is more recent. A researcher found a JEXL vulnerability in Newts, which is a time series database project we maintain. They reached out to us first, and not only did we realize that the issue was present in Newts, it was also present in OpenNMS. The development team rapidly released a fix and we did a full disclosure, giving due credit to the reporter.

In my experience that is the more common case within open source. Someone finds the issue, either through experimentation or by examining the code, they communicate it to the maintainers and it gets fixed. The issue is then communicated to the community at large. I believe that is the main reason open source is more secure than closed source.

With respect to proprietary software, it doesn’t appear that having the code hidden really helps. I was unable to find a comprehensive list of zero-day Windows exploits but there seem to be a lot of them. I don’t mean to imply that Windows is exceptionally buggy but it is a common and huge application and that complexity lends itself to bugs. Also, I’m not sure if the code is truly hidden. I’m certain that someone, somewhere, outside of Microsoft has a copy of at least some of the code. Since that code isn’t freely available, they probably have it for less than noble reasons, and one can not expect any security issues they find to be reported in order to be fixed.

There seems to be this misunderstanding that proprietary code must somehow be “better” than open source code. Trust me, in my day I’ve seen some seriously crappy code sold at high prices under the banner of proprietary enterprise software. I knew of one company that wrote up a bunch of fancy bash scripts (not that there is anything wrong with fancy bash scripts) and then distributed them encrypted. The product shipped with a compiled program that would spawn a shell, decrypt the script, execute it and then kill the shell.

Also, at OpenNMS we rely heavily on unit tests. When a feature is developed the person writing the code also creates code to “test” the feature to make sure it works. When we compile OpenNMS the tests are run to make sure the changes being made didn’t break anything that used to work. Currently we have over 8000 of these tests. I was talking to a person about this who worked for a proprietary software company and he said, “oh, we tried that, but it was too hard.”

Finally, I want to get back to that other type of security issue, the “intentional” one. To my understanding, someone was able to get access to the servers that built and distributed Solarwinds products, and they added in malware that let them compromise target networks when they upgraded their applications. Any way you look at it, it was just sloppy security, but I think the reason it went on for so long undetected is that the whole proprietary process for distributing the software was limited to so few people it was easy to miss. These kind of attacks happen in open source projects, too, they just get caught much faster.

That is the beauty of being able to see the code. You have the choice to build your own packages if you want, and you can examine code changes to your hearts content.

We host OpenNMS at Github. If you check out the code you could run something like:

git tag --list

to see a list of release tags. As I write this the latest released version of Horizon is 26.0.1. To see what changed from 26.0.0 I can run

git log --no-merges opennms-26.0.0-1 opennms-26.0.1-1

If you want, there is even a script to run a “release report” which will give you all of the Jira issues referenced between the two versions:

git-release-report opennms-26.0.0-1 opennms-26.0.1-1

While that doesn’t guarantee the lack of malicious code, it does put the control back into your hands and the hands of many others. If something did manage to slip in, I’m sure we’d catch it long before it got released to our users.

Security is not easy, and as with many hard things the burden is eased the more people who help out. In general open source software is just naturally better at this than proprietary software.

There are only a few people on this planet who have the knowledge to review every line of code on a modern computer and understand it, and that is with the most basic software installed. You have to trust someone and for my peace of mind nothing beats the open source community and the software they create.

Mark Turner : Not throwing away my shot

February 13, 2021 05:28 PM

Durham VA COVID Clinic sign

Durham VA COVID Clinic sign


I got the first of two COVID-19 vaccination shots on Saturday. For several years the Veterans Administration (VA) has been providing my healthcare. About two weeks ago I asked my doctor there if it was possible to get a shot. I stressed that I did not want to take one away from anyone else but if one were available I would love to get it. Thankfully, the VA has made it a priority that every veteran who wants a shot can get a shot. To my surprise, I got a call a day later! I was to be at the Durham VA on Saturday, 6 February at 9 AM to get my COVID-19 vaccination.

Our son Travis has been eager to get his vaccination, too, so in the offchance that he could pick up a shot, too, he accompanied me to the Durham VA. We hit the road shortly after 8 AM and drove through mostly-empty streets to Durham.

We arrived to a somewhat chaotic scene. One of the VA’s parking decks has been undergoing repairs for the past several months and parking has been tight even on a usual day. This day, there was a stream of veteran patients all arriving at the same time for their COVID shots. Though we got there at 8:35 for a 9 AM appointment, it took several minutes to find an open parking spot. Reaching the top level of the deck, we hopped out and headed to the walkway.

It was at the start of the walkway that I stopped to read the sign on the floor. No walk-in shots would be available. Regretfully, I turned to Travis and told him today would not be his day. With sadness, he turned back and waited for me in the car.

I joined a scrum of people waiting in line after line. First was the typical COVID risk screening at the entrance. A woman studied the masks worn by the visitors and switched out ones that didn’t meet her standards. I was amused when I was asked to trade the NIOSH-certified N95 mask that has protected me for months for an uncertified KN95 mask I was given. This was even more amusing when visitors with surgical masks that are not nearly as protective as my N95 were allowed to continue wearing them. Could it be that I know more about mask protection than healthcare workers?

The vaccination line at Durham VA

The vaccination line at Durham VA

After being asked travel and symptom questions and being scanned by an infrared temperature checker, I was given a green sticker to wear and joined a long line snaking through the first floor of the hospital. First I was handed a vaccination card and asked to fill out my name, birthdate, and last four of my SSN. I soon presented this to a woman with a laptop who was checking people in while they waited in line. This earned me an additional pink sticker to wear. Then I waited as the socially-distanced line slowly made its way down the hallways to the clinic area of the hospital.

I was happy to see so many people of color in line, too. Some Black people are wary of vaccinations and that is understandable, given the horrifying policies and experiments that were carried out on Black communities in the past. While I am not Black, I, too was once cautious of government vaccinations. I’ve often wondered whether the shots and pills I received in the military prior to Desert Storm might be responsible for the mysterious health issues I suffer from today. While I may never fully know about those military shots, I have no qualms about taking the COVID vaccine as I fully recognize that whatever side effects the vaccine brings on are trivial compared to the damage COVID-19 can ravage on my body. This is an easy call.

I was now at a crossroads of sorts. A woman with a paddle sign stood in the middle of the clinic hallway, watching a staffer at either the end of hall. Each had paddle signs that had a red “thumbs down” on one side and a green “thumbs up” sign on the other. When one of the end-hallway staffers would give the signal indicating an open seat, the gatekeeper staffer would direct the patient to that end. I was sent to the left, where I took a seat at the end a long hallway with clinic rooms on either side and veterans seated outside of each room. I spent the next ten minutes or so watching as newly-vaccinated vets walked out of each room while the vets still waiting made small talk.

The next thing I knew, the door next to me opened and a veteran exits. I was invited in.

Two women technicians wearing Duke Hospital pullovers greeted me and had me take a seat. I handed my vaccination card to one, who entered it into a computer and verified my information. While she did this, the other asked if I had allergies, gave me vaccine information, informed me of my second shot appointment, and offered to answer any questions.

“Do you know if there are more mass vaccination events like this one going on?” I asked while I waited.

She told me she wasn’t sure but knew that Duke Hospital and other big area hospitals in the area are doing big pushes right now.

Then the tech at the computer turned to me. She filled her syringe, let me pick the shoulder, and administered my shot of Pfizer vaccine. I feel, well … nothing, really. In two seconds it was over, so quickly I don’t think to snap a photo.

“This is more for show since there’s never any blood,” the tech explained as she tried in vain to get a bandaid to stick on hairy arm.

A supervisor or doctor entered the room and double-checks their work, making sure that the dosage information was properly entered on my vaccination card. Someone slapped yet another sticker on me, this one a paper label with “9:40” written on it. This is the time of my shot plus fifteen minutes. Then I was cheerfully directed down the hall to a waiting area where I would spend the next fifteen minutes in case there were immediate adverse reactions. I snapped my first post-vaccination photo here.

Post-vaccination photo

Newly vaccinated!


“Any one with 9:38 or 9:40, you are free to leave,” called out the staffer at the end of the hall. With that, I hopped up, wove my way through the throng of veterans still arriving, and rejoined Travis for the ride home. In an effort to cheer him up, I bought him lunch on the way home.

And that was it. Seems I was in and out like clockwork. I had no pain in my arm and in fact no reaction whatsoever to the vaccine. It was stressed to me that I still must mask and distance as I am still vulnerable until my body’s natural defenses ramp up, but the process has now begun. Data shows that even the first shot alone is capable of preventing serious COVID-19 disease; one shot alone is enough to keep me out of the hospital should I catch COVID. The full protection won’t kick in until two weeks after my second shot, which comes three weeks after the first (27 February for me). Thus, I should be at full protection by 13 March.

What does “full protection” mean? Dr. Fauci and other experts say that vaccinated people can be around other vaccinated people with no fear of infection. Among them, life can go on as if there were no COVID. A vaccinated person with an unvaccinated person are still suggested to mask up as at this date experts are still unsure how much protection the vaccine affords. I expect we’ll soon see further studies which fill in our understanding of this.

Now the wait begins for getting the rest of my family vaccinated. This may take a while but when our turn arrives we will not hesitate to step up. As for me, my vaccination has given me the security to volunteer with NC DHHS to assist with getting more people vaccinated. Before my opportunity for a shot opened up I couldn’t have considered stepping up and helping. Now that’s become possible.

Leaving Durham VA

I also have noticed a change in my mental health, too. I am hopeful and excited again. One of the few things that kept me going though this endless quarantine was the visualization of getting that shot in my arm. I pictured it in my mind on those days when I feeling down and felt like crying. I knew the day would come and if I held on to that I would make it. And so I have.

Now I want to bring that hope and relief to others. Hope is on the horizon! Biden announced this week that 200 million more vaccine doses have been secured, so by this summer anyone who wants a shot can get one. Heck, it might be sooner than that, even.

We can make it! The vaccine is here and within weeks or mere months everyone can be protected. Hang in there!

Warren Myers : remembering sqrt

February 08, 2021 07:16 PM

A couple weeks ago some folks in the splunk-usergroups.slack helped me using accum and calculating with a modulus to make a grid menu from a list.

My original search had been along the lines of:

| inputlookup mylookup
| stats count by type
| fields - count
| transpose
| fields - column

Which was great … until my list grew more than about 12 entries (and scrolling became a pain).

A couple folks here helped me flip it to this format:

| Inputlokup mylookup
| stats count by type
| eval num=1
| accum num
| eval num=num-1
| eval mod=floor(num/12)
| eval type.{mod}=type
| fields - mod num type count
| stats list(*) as *

Which works awesomely.

Unless the modulus value (currently 12) gets too small (if the total list grows to more than modval^2 .. each individual box is no longer in alphabetical order (and then alpha from box to box).

So I made this modification so that regardless of the size of the list, the grid will automanage itself:

| inputlookup mylookup
| stats count by type
| eventstats count as _tot
| eval modval=ceil(sqrt(_tot))
| eval num=1
| accum num
| eval num=num-1
| eval mod-floor(num/modval)
| eval type.{mod}=type
| fields - modval mod num type count
| stats list(*) as *

Dunno if that’ll help anyone else, but wanted to share-back that self-managing aspect I added in case anyone was interested :slightly_smiling_face:

Mark Turner : I was the fox

February 05, 2021 02:41 AM

A fox at Glacier National ParkAt a recent conference, an African American speaker told an inspiring story of an interaction with law enforcement, when he had expected the worst intentions from the officer but his worry proved unfounded. Our speaker had been walking to the local gym after an early-morning run. Soon he became aware that a police car was slowly following him. Immediately he assumed he was being profiled.

“Did you know you were being followed?” the officer asked. The speaker feigned ignorance.

“You were being followed by a rabid fox back there,” the officer replies. “I was just watching out for you.”

The happy moral of the speaker’s story is not to assume bad intentions, see?

When I learned of this speech something didn’t seem right. Then I remembered an incident several years ago.

A few years back, my family and I had been out walking around East Mordecai neighborhood one sunny weekend afternoon. A Raleigh police car drove by and, being the helpful sort I am, I asked them if they were looking for someone.

“Nah, just a rabid fox,” came the reply from the partner. I laughed and we all went on their way.

I am not only the helpful type, I am also the curious type. I pride myself on knowing what is going on in the neighborhood. I had to know more about the fox! Who had seen it? Where did it go? Why hadn’t I not seen any mention of it on the neighborhood listserver? Normally when a fox is seen acting weird in the neighborhood it gets the neighbors pretty excited.

The lack of chatter confused me. I might have even gone as far as checking the call records at 911 center to see what more I could find. But there were no reports anywhere. I determined that the cop had lied to me.

For the longest time, I wondered why a cop would make up a story about looking for a fox. Today I realized that I was the fox.

Mark Turner : Highlights of 2020: Wings of Carolina ground school

January 05, 2021 03:13 PM

In the spring of 2020, Travis and I took a virtual ground school from a local flying club, the Wings of Carolina (WoC). It was the second time I’d gone through ground school, the first one being in the mid 1990s. That time I never got around to taking the FAA exam and I’d hoped to complete it all this time around.

Travis has expressed his interest in becoming a pilot. He has excellent vision and would spend lots of time using my flight simulator. I’d promised him long ago if he completed ground school I would be happy to pay for it, but still he was on the fence. When dates opened up for the virtual ground school, I prodded him multiple times about signing up but he was noncommittal. Finally, I signed myself up with the goal of finally finishing what I started. This was all it took to convince Travis to sign up, too, and we were off!

Twice a week, we would gather in front of our playroom TV to “attend” class. For three hours per night we’d be on Zoom as our instructor, John, filled out formulas and sketches on a whiteboard in WoC’s classroom. About 30 other classmates joined in, too. There were some technical glitches, fewer opportunities to interrupt with a question, and more of a distant feel to it than I would’ve hoped.

There was also a lot to learn. Being that this was near the beginning of the pandemic, shouldering the needs of this course while still panicking about potentially getting sick and going through work changes was a lot to take on. I did the best I could but I found I was not as engaged as I should’ve been. I was happy to see Travis really get into it, though. Towards the end when we were tasked with planning a virtual flight, Travis did his weight-and-balance calculations like he’d been doing it all his life. He arrived at his answers long before the rest of the class (and instructor!) had worked out their solutions. It seemed to me that he had a knack for it. I was so proud!

When it came time for the final exam, though, Travis confessed that he felt he wasn’t ready. Like me, he didn’t feel like he had learned what he needed. I was disappointed but I certainly understood. And so, neither one of us wound up taking our FAA final exams. I believe that to this date there is still a tab open on my mail app for the class exam email.

In hihdsight, I think it would’ve been helpful to slow down when trying to teach a course virtually that is normally taught in person. Classmate interaction suffers in virtual classes, so offering one night each week where classmates could chat together in a virtual study hall would’ve helped. And finally, being much closer to actual aircraft (as we would’ve been had we taken the course in person) would’ve really helped us picture ourselves as pilots. With nearly no one traveling right now, it was hard to consider going through this training and then not using it anytime soon (though now I know that this would actually be the best of both worlds – the convenience of air travel without the hazards of a boarding process).

For Travis’s October birthday, I gave him the gift of an “introductory flight” at a local flight school. When I spoke with him to schedule the flight, to my surprise he turned it down. Well, postponing is more like it. He did not feel comfortable spending even an hour crammed into the tiny cockpit of a Cessna with a flight instructor.

And, he’s right. To do this for 20+ hours while training for a private pilot license would certainly not be safe from what we now know about SARSCoV2.

So, it’s not the right time to take this on. Perhaps this year or next.

Mark Turner : Highlights of 2020: The Election

January 05, 2021 02:50 PM

One absolutely wonderful thing that happened in 2020 was the U.S. Presidential Election. Elections bookended the pandemic for me. In March 2020, I volunteered to be an inside poll observer for the Wake County Democratic Party. This gave me insight into how elections are carried out. Being one of those rare people who have never missed an election, I was already well-familiar with how the process worked from the public point of view but learning more about the various checks put in place was quite educational.

COVID was a thing in the March primary but not taken as seriously. Spending so long in a school classroom turned polling place, packed with dozens of strangers seems like suicide to me now. The general election was far more strict, with volunteers carefully limiting the number of people indoors.

I was also disappointed to be restricted in my movement during the general election. Chief judges would corral the observers into one area rather than letting us do our jobs. After some cajoling I managed to get this largely fixed. I’m sure part of the issue was the threat of violence that was on everyone’s mind due to heightened tensions.

Without exception, though, the interactions I had with the Republican poll observers I spent time with were positive. We had good chats about the state of the community and the country. In the past I would’ve posed for pictures with them but the pandemic made that unworkable.

Joe Biden criss-crossed the country, drumming up votes. One weekend afternoon in the summer of 2020, at the depths of his support at the time, Biden spoke at St. Augustine University. We found about it too late to see the whole speech but Travis insisted in going over there, anyway. He walked over and entered the gym which was mostly empty as everyone had left. Biden was there and Travis simply walked up to him and got a selfie. That means that during the campaign, Travis had his photo with Elizabeth Warren, Bernie Sanders, and Joe Biden (Hallie also got snaps with Warren and Sanders).

I recall Hillary Clinton rallying at St. Aug in 2016 and I couldn’t be bothered to walk two blocks to see her. I should be more welcoming when politicians show up on my doorstep, I suppose!

Trump crimed all he could to keep Biden from winning the election but Trump still lost in a landslide. His campaign team filed 62 lawsuits challenging the results and has so far lost 61 of them. The Rudy Guiliani press conference from Philadelphia’s Four Seasons Total Landscaping will go down in history as a highlight of Trump stupidity.

When news organizations finally, finally called the election in Biden’s favor on Nov 7th I was working in the yard. Suddenly I was startled by fireworks in the neighborhood. Spontaneous celebrations broke out among neighbors – something I had never, ever seen before in my life. I put down my tools and wandered down the street to drink champagne and holler in the street with my neighbors as we cheered democracy’s victory.

Results have now been certified in all the states, the election has been called the most secure in America’s history, and it’s all but over. Biden takes office in 15 days, whether Trump likes it or not. Still, several U.S. Senators intend to object to the certification of the electoral votes. They are seditious bastards in my opinion.

I look forward to mind-numbing normalness from a Biden administration. I look forward to being enraged at Biden over totally minor quibbles. I am happy, though, that a criminal family will no longer be in the White House.

And I hope justice catches up with Donald Trump, his family, and his criminal friends.

Mark Turner : Highlights of 2020: Bermuda sod

January 04, 2021 03:53 AM

I got sick of having a disaster of a lawn. Over a decade ago I had vowed to hang up my hoses and not waste money on grass, but something had to be done. I decided that drought-resistant “Celebration” hybrid Bermuda sod was what we needed.

At the end of summer, I killed all the weeds and grass in our front and back yards. A few weeks later I had a giant tractor trailer deliver 11 pallets of sod. It was pouring down rain when the driver arrived. In his efforts to place mulch in our backyard his forklift quickly got mired in the mud at the end of our driveway. For two hours we struggled to get enough traction to free his forklift, only succeeding when my neighbor Chris arrived to help steer as we pulled.

The damage to the back yard had been done, though. A 6,000 pound forklift cut deep ruts in our muddy yard and those ruts had to be repaired before the sod could be put down.

It took back-breaking, Herculean effort by myself, Kelly, and Travis to repair the yard and get the sod put down while it was still alive. I personally pushed myself past the point of exhaustion many nights. I was a wreck. Surprised I didn’t have a heart attack, actually.

It was a stupid, stupid amount of work. But. We. Got. It. Done!

And it looked incredible! For once we had a strong turf grass that didn’t mind the sun or the shade! It’s been perfect.

With the first freeze, the sod has gone dormant and some weeds have appeared but overall it will look fantastic in the spring when it greens up. I won’t have to do much with it to maintain it, either. So far it’s been a great investment in our home.

Mark Turner : Highlights of 2020: Sleep apneas

January 04, 2021 03:41 AM

There are some things about my health that aren’t yet going in the right direction. When the pandemic began, I saw a tip to get a pulse oximeter to measure one’s lung health. It has been great in tracking my sleep apnea. Most nights I sleep with no apnea events but it continues to happen. When it does happen I pop wide awake, frustrated not trusting that I won’t stop breathing again.

I still haven’t found any good solutions. I am not sure there are any. I hope that this gets better this year because I am useless without a good night’s sleep.

Mark Turner : Highlights of 2020: Welcome, weigh bench

January 04, 2021 03:37 AM

With gyms closed across the country it’s been tough to get in a workout. Not that I want to work out in a gym. Kinda shy when it comes to my workouts.

I took weight training for a few years in high school, both at South Meck and again at Herndon. To my surprise, it was a really supportive environment. There were guys who could life twice the weight I could but everyone seemed to applaud when someone bested their own record, whatever that may have been. When I arrived at Herndon in 1986 I could bench press 200 pounds, quite significantly more than my weight at the time!

Other than a brief gym membership in the late 1990s, I hadn’t pumped any iron since then. So, when Hallie and Travis started asking if I could find a weight bench for the house, I figured it was time.

I scoured Craigslist and Facebook Marketplace for benches and weight sets. Anything posted would be gone within minutes. I searched for weeks to find something that would work, even being willing to rent a truck and drive two hours to pick up a set.

One afternoon, though, I had finished up work and was browsing Facebook Marketplace. A guy in Creedmoor had just posted an ad for a weight bench and weights. Literally within 15 minutes. It was everything I was looking for, so I jumped on it. Travis tagged along with me as we weaved through rush hour traffic to rent a truck and bring it home. While we were loading it into our truck, the seller’s cellphone was blowing up with potential offers. Too late!

So now we have a professional weight bench and weights. Travis works out regularly, adding muscle to his 6’4″ frame. And I love being able to step away from my desk and do a few reps just to clear my head. I’m nowhere near what I used to be able to do yet but I intend to do whatever I can to get back in shape. It’s a great investment in health. I’ve got no excuses now!

Mark Turner : Highlights of 2020: Exercise, exercise, exercise!

January 04, 2021 03:24 AM

Strava 2020 totals


Not all has been doom and gloom for 2020. It was a year that I likely put more miles on my bike than ever before. Quarantining indoors (a.k.a, sitting around feeling powerless) has a way of negatively affecting one’s mental health. One of the few safe things (as well as one of the BEST things) we could do was get outside for some fresh air! Kelly and I biked Raleigh’s greenways on a regular basis (sometimes joined by Travis), knocking out 20 mile rides on a regular basis. We even rode the Neuse River greenway from Anderson Point down to its end in Clayton and back. I had signed up for the paid version of Strava before the pandemic started and, coupled with the sweet Garmin watch Kelly got me for Christmas last year, I was able to track all my progress.

I was amazed to feel the progress I made in my cycling, watching new personal records set on segments I’d ridden for many years. Kelly and I took a more leisurely ride just yesterday and afterward I felt better than I have in months. Cycling has kept me sane, that’s for sure. Daily dog walks don’t hurt, either.

Strava tells me that for 2020 I walked or rode a total of 1,182 miles, being active for 318 days of the year for a total of 266 hours. Overall, I feel great and hope to build on this for even more exercise this year.

Mark Turner : Highlights of 2020: Raleigh’s Confederate monument comes down

January 04, 2021 03:11 AM

Raleigh’s Confederate monument comes down

The George Floyd protests were a Godsend for one particular reason: they paved the way for Raleigh’s Confederate monument to come down. A group of protestors managed to pull down some portions of the monument and Governor Cooper stepped in to do the rest, declaring the monument a safety hazard (which is absolutely was). Travis and I set up chairs across the street from the work crew as they wrestled the granite monument to the ground.

Several attempts were made before the right technique was found to disassemble the thing and cart it to some state warehouse somewhere. It was late that evening in June when the first section was successfully removed. We were tired but it was so worth it to watch this history being made.

I have long hated the monument, considering it a giant middle finger to the idea of integration and equality. Not only was it a monument to hate, it was also an architectural eyesore, out of scale for the State House Grounds where it stood. It took up half of the sidewalk that passed in front of it. One could not simply walk by and not acknowledge it.

But now it’s gone. The State quickly dug up the rest of it, planted grass in the spot, and extended the sidewalk to its original dimensions. I’m only disappointed that with my downtown office closed, I will not get the chance to smile daily as I walk past its former place of honor.

It was one of the best parts of 2020.

Good riddance, Confederate monument. Traitors deserve no place of honor.

Mark Turner : Highlights of 2020: George Floyd protests rock Raleigh

January 04, 2021 02:59 AM

Like many American cities, Raleigh was rocked this summer by street protests decrying the murder of George Floyd by a Minneapolis police officer. Peaceful protesters downtown were replaced by more agitated protestors after the sun set. Raleigh Police and Wake deputies showed up in riot gear, deputies immediately sent pepper gas flying, and a fray soon commenced. Instead of engaging the public, police and deputies used an iron-fist approach to clear the streets. As a result, those supposedly there to prevent a riot essentially guaranteed a riot. It was the first time in many decades that gas was used on a crowd in Raleigh.

The next morning downtown Raleigh looked like a war zone. Broken glass was everywhere. Spray painted graffiti covered buildings. A convenience store had been set on fire. At the same time, though, Raleighites from all walks of life came downtown to help clean up. Folks who were strangers only minutes ago were teaming up to put planters back in place and sweep up. It was great to see.

Travis and I went downtown to snap photos and view the damage. As I lingered to view the damage to a shattered storefront, a Black couple was passing me on the sidewalk. The man, looking pained at the destruction, locked eyes with me and gave a quiet, somber “good morning” and I returned it. I was so happy that he had thought to reach out and I was thrilled to return the favor. It was a simple gesture but made me smile the rest of the day, in spite of all the chaos. I love my Raleigh family.

Not all was peace and love, though. I passed one contractor, a white man, who was yelling at the nearest Black people he could find, blaming them for the destruction. I shook my head. That man doesn’t know those folks and ignorance fuels his fear.

Mayor Mary-Ann Baldwin was apparently asleep when the chaos took place. I have to wonder who was coordinating the efforts. On subsequent nights, Baldwin declared a curfew but by then the damage was done. Raleigh Police Chief Cassandra Deck-Brown was publicly critical of Wake Sheriff’s deploying gas, as she should be. Witnesses I spoke with confirmed that it was deputies who first filled the streets with smoke. That’s a genie that can’t be put back in the bottle.

To RPD’s credit, the department committed to reviewing its methods. Later protests had a much lighter touch, allowing legitimate First Amendment demonstrations without amping things up. I applauded this more enlightened approach. The less adversarial approach helped avoid needless violence and property damage. If the first night had been handled this way there would’ve been far less destruction.

One unfortunate victim of the police’s rough handling was to change Travis’s attitude about the police. Before the Floyd protests, he had assisted RPD in creating a video about the dangers of teens bringing guns on campus. He and his classmates were recognized by Chief Deck-Brown at a Raleigh City Council meeting. All that goodwill went up in smoke when the gas canisters starting flying downtown. That heavy-handed approach was pretty much the quickest way to destroy community trust. It was so, so stupid.

There were other protests, more curfews, and eventually things settled down. A recent N&O story reported that extra security provided outside the home of the Chief as a result of the protests cost taxpayers over $160,000. Chief Deck-Brown announced her retirement last week.

Mark Turner : Highlights of 2020: Working from home

January 04, 2021 02:20 AM

When Broadcom purchased CA (after CA purchased Rally), word came down that the Raleigh office would soon be closing. Broadcom CEO Hock Tan is a big fan of putting the butts of his employees into seats in his existing offices. Thus, he closed CA’s beautiful office in Boulder, Colorado for the drab suburb of Broomfield. Raleigh’s team got moved to a drab office park in Durham, and so I parted ways with Broadcom, not wanting to add a stupid, needless commute to my life.

I landed at my current job when it seemed to check all the boxes for me. Interesting work in an interesting location, downtown Raleigh. I could’ve worked somewhere remotely but having done that in the past I soon grew tired of missing the action going on in an office.

Fast forward to 2020. The COVID pandemic hits and it is suddenly not safe to spend 8 hours at a time crammed together with colleagues in a small office. This summer, my Tennessee-based employer shuttered its Raleigh office and set us up to work 100% remotely. To avoid shipping them (and because there really wasn’t any use to shipping them) I volunteered to store the company’s computer monitors until a new office could be opened.

I have since pressed a few of those monitors into service for our home workstations. Now Kelly and Travis could never go back to just their laptop monitors.

So once again I am back to working from home (WFH), only it’s different when WFH is the rule and not the exception. I don’t feel like I’m missing the action in an office since it’s a level playing field now. I have all the tools I need to manage my servers. Slack and Zoom keep me in touch every day. Occasionally my fellow engineers hang out on a video call just for fun. My gigabit-symmetrical fiber Internet connection is three times as fast as the old office’s.

I am a big believer in naps, now that I’m old. Working from home allows me to tack on a short nap to my lunch break, something I couldn’t do at an office.

Do I miss going into the office? You bet. I rode the bus into work most days. Other days I walked or rode my bike. My desk overlooked Davie Street facing south. I miss lunchtime walks around Fayetteville Street, meeting visitors to the city and giving them tips of things to see. I miss my “bus family” – the folks I saw every morning on the way in. I miss the team lunches and the team happy hours. Yet the office didn’t offer me any chances to collaborate that I don’t have here at home, since I’m essentially a one-man team.

The thing about working from home is to set clear expectations to yourself and others on when you work and when you don’t. It’s fine to step away to run errands or get fresh air but it’s also important to know when it’s “me” time. Just because you’re at home does NOT mean you’re available 24/7. Some work can be done “asynchronously,” sure, but coworkers can sometimes take advantage of you being at home and abuse this.

Kelly’s office also closed this summer, so she’s working full time here as well. As I mentioned earlier, this has set up some contention for our only office. We are lucky that we added new space to our home right before the pandemic hit, giving us more space to spread out. I can now work in the spare bedroom while Kelly does her calls in our office.

I can’t imagine how we would be managing this, though, if we had small children. It would be a herculean task to get anything done at my job while keeping young kids on track for schoolwork. My hat is off to those parents who are doing their best out there.

I hope I do get to return to an office someday. Being at home has its advantages but I need to let my extrovert side show some, too. With any luck this will be safe again this summer. Here’s hoping!

Mark Turner : Highlights of 2020: Karaoke!

January 03, 2021 05:38 PM

I’ve always loved to sing, I have moments of greatness even, and I’m known never to pass up an opportunity to crank up a karaoke machine. We spent New Years Eve 2019 at Panama City Beach, Florida, for a short few days. The bar across the street from our condominium had karaoke nights and I wasn’t going to miss another chance to perform. This is the same place I sang with my extended family a year earlier. It was raining that night and the wait was long but we got in for food and drinks and then made our way over to the karaoke area where many of us belted out tunes for mainly our own enjoyment and that of anyone else who cared to care.

Earlier in the fall of 2019, Kelly and I had made a trip to Nashville where we stopped into a karaoke bar near downtown. I performed a few songs and did okay but flubbed a few, too. It made me feel that if I was going to do this I needed to do it right. This thought began to grow in my mind.

Fast forward to January 2020 or so. I am searching Spotify for a particular song and notice that a karaoke version appeared in the search results. Suddenly I realize there is a huge library of karaoke music on Spotify: everything I need other than the lyrics. Well, lyric sites are plentiful on the Internet, so that wasn’t a problem. I had a PA speaker and microphone I could use. All of a sudden everything clicked!

I began with my usual songs such as John Mellencamp’s Hurt So Good and soon expanded to hundreds of selections. My full-volume practice annoyed the family so I moved my practice studio to the bedroom above the garage, the most sound-isolated place in the house. Whenever I have an hour alone in the house (which is rare in pandemic-land), I fire up the PA, flip open my lyric binder, and bust out a few songs.

I have found that songs that seemed fine to sing while I’m alone in the car just don’t fit my voice or vocal style. I had to learn to pass on songs I love simply because my voice couldn’t do them justice. It has been a hard lesson but an important one. I want to entertain people when I sing, not try to fit my voice into something that won’t work. I trimmed down dozens of songs from my repertoire to focus on the ones I can sing best.

I have spent over a hundred hours working on karaoke songs and perfecting my singing. Each time, I pretend I’m on a stage somewhere post-pandemic, working hard to sing my very best. I look forward to that day or night where I can finally take this show on the road.

Mark Turner : Highlights of 2020: Abbott and Tobin join the family

January 03, 2021 05:22 PM

Abbott and Tobin  play tug-of-war

Abbott and Tobin


It was hard losing our last dog, Rocket. He went downhill quickly and we beat ourselves up questioning whether we had let him suffer too long. Someone once described owning a dog as an “emotional time bomb” and I agree. You invest so much love and affection in your pet to the point where you may take it for granted. But the bomb is always ticking and when it goes off it can really hurt. It took a while to get over the pain and consider getting another critter.

In February 2020, we began to get the itch to get another dog. One neighbor friend works with rescues and brought over one pup she was trying to home. While we chatted in the backyard, this dog went tearing around the yard, following the scent of our porch cat. The dog never paid any attention to us! I could tell this wasn’t the dog for us so we politely declined.

Then Kelly mentioned a neighbor friend had two dogs she was looking to home. The neighbor runs a kennel a.k.a. “pet spa” and had acquired the dogs from another kennel where the foster group seemed to abandon them. We set up an opportunity for the neighbor to bring them over so we could decide. Once again we chatted while getting to know the dogs, only this time they were friendly and interested in us! We laughed as they went tearing around, chasing each other around our backyard.

“This is progress!” I thought. We agreed to keep them over the weekend. That was March first and they have never left.

We weren’t in the market for TWO dogs. It never even crossed our minds. One dog was enough to handle, after all. But these boys, rescues who were named Abbott and Toby, had had some trauma and had spent the past 9-12 months in the same kennel. On our first walks with them, if one got out of sight of the other the first would slam on brakes and look longingly for his companion. It was clear that if they came with us they would have to come as a team.

So we got the set! It’s been great. Their phobias are slowly melting away, Toby soon became Tobin and has now largely mastered house training. They motivate Kelly and me to take them for twice-daily neighborhood walks and provide entertainment as the wrestle each other on the floor. Tobin still occasionally growls unprovoked when we encounter a dog on our walks and he gets obsessed with barking at the dogs in the yard behind ours but we’re slowly working on better behavior.

Being hounds, they also instinctively howl when a fire truck rolls by. This is problem since we live less than a mile away from a fire station. This is cute in the daytime and supremely frustrating at night! Eventually I hit upon setting up a nighttime noisemaker which has greatly stopped the early-morning howling but it isn’t perfect. Occasionally, Abbott will start howling in his sleep and then Tobin joins in! No noisemaker can keep these pups from dreaming about sirens, unfortunately!

They can be a handful but the dogs bring joy to our family. They’ve helped make the quarantine so much more fun!

Mark Turner : Highlights of 2020: COVID-19 pandemic

January 03, 2021 04:46 PM

Ah yes, No account of 2020 would be complete without telling the story of the COVID-19 coronavirus pandemic of 2020.

I’ve mentioned before some of the routine we’d gotten into but as time has gone on that routine has changed a bit. I spent a lot of time in the early days of the pandemic and subsequent self-quarantine just “doomscrolling,” trying to learn as much as I could about COVID. I learned earlier than most I think that the riskiest COVID situation is an indoor gathering. I stopped wiping down our groceries and mail when science showed no evidence that anyone had ever gotten infected via touching things (i.e., fomites). I could focus more fully on my job rather than feeling obsessed with finding out the latest science on COVID.

Even so, there is no doubt that the experience has changed me. I am still healthy and virus-free but the stress of watching society nearly collapse has affected my decision-making abilities to some extent, I think. Or at least things that once seemed important, like household stuff lying around that needs to be put away, don’t seem to be as important as they used to be.

The stark reminder that we individuals may be within weeks of our deaths has forced to think more long-term about my life’s goals. If I only had weeks to live, how would I want to live it? How would I like to be remembered? It has led me to be more honest in my opinions too, I think, where I am now more likely to say what I think instead of sugarcoating something. This may be a natural progression for me as I’ve always admired the Dutch’s penchant for telling it like it is. I am far more comfortable with this now.

I wanted to document what life has been like in a pandemic so early on I began to spend a few minutes of every weekday morning with my laptop and webcam, just updating where I was (and we were) quarantine-wise. As these are some more personal musings I have kept these to myself, though perhaps some day I will be comfortable sharing them. For now they are a video time capsule into this crazy world of self-quarantining.

Since we did our first home renovation and built out an upstairs bedroom/office from our attic, this has been our sole home office. Kelly and I both have desks in it and it was workable as we would usually not overlap too much and get in each other’s way. The pandemic has changed all that, with the addition of video calls to what were phone calls. Now that Kelly’s primary work space is our upstairs office I was frequently an unwilling participant in her video calls. To keep the peace, I shifted my work space across the hall to our spare bedroom where fortunately I have the use of a desk and a borrowed monitor from work. Nothing puts a focus on your relationships like enforcing them 24/7/365. Though I miss working in front of our office’s big double windows, we are now in positions to work without aggravating each other. So that’s good.

Travis is doing remote school work and hanging in there. It’s not ideal but we’re both proud of how he’s sticking with it. When he’s not doing school work, he will hop in the car and drive around town for half an hour. Sometimes it’s good to change up the scenery.

Shopping is for the most part the same as before the pandemic, only 99.9% of customers and staff wear face masks. Some stores wipe down carts but this isn’t as big of a showy thing as it was when this all started. I’m not concerned of getting infected from anything I touch since – number one – no documented fomite infections exist, and – number two – I am wearing a mask which helps keep me from touching my nose and face. When this all began, we were fortunate to have a box of about a dozen unused N95 masks that I’d purchased long ago to use with house projects. I have worn out 3 or 4 of these so far and am the only family member who prefers them. Kelly, Travis, and Hallie prefer the comfort of cloth masks. When I am going out, I will grab my mask from the kitchen counter, slap it on as soon as I get out of the car, do my shopping, slather on some hand sanitizer when I return to the car, and only then take my mask off. Seems safe.

I read early on that medical studies have shown that Vitamin D helps protect against respiratory infections. In 2019, after routine labs at the VA, I was told I was deficient in Vitamin D. This is a fairly-common problem among Americans but particularly among people of color who don’t easily synthesize sunlight into this wonder vitamin. When one of the infectious disease experts I follow on Twitter mentioned the medical study showing VitD’s protective role, I made sure I took my vitamin supplement every day. Recent labs show I now have adequate levels and I am hopeful this will keep me healthy. Dr. Fauci also recommends taking a zync supplement, which is part of the multivitamin I take. Are these wonder solutions? Maybe, maybe not. But they’re cheap, easy, and harmless. So why not?

While there are certain things I do miss, I’ve found that my introvert self has managed the pandemic very well. I do enjoy the company of others, of course, and am happy to run meetings and make things happen but there is no doubt that I am happy to retreat into thought and be left alone for a while. I’ve made use of the library’s book pick up service and have torn through some e-books available on Scribd. And of course the Internet has provided plenty of entertainment as well. A friend shared a story this week of a man who took a job as the sole caretaker of a Pacific island atoll for a year and wound up staying eight years. This might drive many people nuts but I have a feeling I would be just fine having an island to myself.

I can’t help but get angry when I walk through the neighborhood and come across a neighbor hosting a big indoor party. I’ve seen this a few times, mainly neighbors I don’t know. It’s as if no one has been paying attention over the last 10 months.

We also have some kind of church group that is living in the house across the street. Generally they keep to themselves but there is absolutely NO social distancing going on there. People come and go all the time. No masks are ever worn. It’s a disaster waiting to happen. I just smile and wave from a distance because I want nothing to do with this. I call it the COVID Church. Fortunately they don’t hold services there but there were a few mornings where there were a dozen people there working out in the garage and then going running through the neighborhood packed closely together with no masks on. I’ve been happy to see they stopped doing this after I called them out on my Facebook page and another neighbor tipped them off to my rant. I chatted with them afterward and stressed that I just don’t want to see anyone hurt. While the running has largely stopped, the maskless crowding continues.

Last week, my neighbor who is a neonatal nurse got her first shot of the Pfizer vaccine. Thus the vaccine has arrived of sorts at my door step. We quizzed her right afterward about her experience, any side-effects, etc. Sadly, some of her colleagues are of the conspiracy-minded and are refusing the shot. I have concerns about some vaccines, too, but in the case of COVID-19 any ill effects of the vaccine pale in comparison to the damage SARS COv2 would do. I’m far down the list of vaccine recipients and I’m happy to wait my turn. Realistically it could be summer before I get my chance.

In short, the pandemic has colored everything we have done in 2020, beginning in March (or as one friend called it, Marchfinity). Be sure to view the rest of my 2020 entries in this light.

Mark Turner : Highlights of 2020

January 03, 2021 01:23 PM

Hi folks. I’m still alive – still thriving, really – and figure it’s time to do some blog updating to account for the infamous year known as 2020. Though I have not been doing much updating here, a lot has gone one behind the scenes and I will share some of this with you in the next several posts. Unlike some prior years, I will not limit myself to top ten events because there are too many important things to mention.

So, here goes, and best wishes to everyone reading this for a happy and safe 2021.

Warren Myers : 4 places to test your internet connectivty

December 05, 2020 03:34 PM

Warren Myers : a poor user’s guide to accelerating data models in splunk

November 18, 2020 04:39 PM

Data Models are one of the major underpinnings of Splunk’s power and flexibility.

They’re the only way to benefit from the powerful pivot command, for example.

They underlie Splunk Enterprise Security (probably the biggest “non-core” use of Splunk amongst all their customers).

Key to achieving peak performance from Splunk Data Models, though, is that they be “accelerated“.

Unfortunately (or, fortunately, if you’re administering the environment, and your users are mostly casually-experienced with Splunk), the ability to accelerate a Data Model is controlled by the extensive RBACs available in Splunk.

So what is a poor user to do if they want their Data Model to be faster (or even “complete”) when using it to power pivot tables, visualizations, etc?

This is something I’ve run into with customers who don’t want to give me higher-level permissions in their environment.

And it’s something you’re likely to run into – if you’re not a “privileged user”.

Let’s say you have a Data Model that’s looking at firewall logs (cisco ios syslog). Say you want to look at these logs going back over days or weeks, and display results in a pivot table.

If you’re in an environment like I was working in recently, where looking at even 100 hours (slightly over 4 days) worth of these events can take 6 or 8 or even 10 minutes to plow through before your pivot can start working (and, therefore, before the dashboard you’re trying to review is fully-loaded).

Oh!

One more thing.

That search that’s powering your Data Model? Sometimes (for unknown reasons (that I don’t have the time to fully ferret-out)), it will fail to return “complete” results (vs running it in Search).

So what is a poor user to do?

Here’s what I’ve done a few times.

I schedule the search to run every X often (maybe every 4 or 12 hours) via a scheduled Report.

And I have the search do an outputlookup to a CSV file.

Then in my Data Model, instead of running the “raw search”, I’ll do the following:

| inputlookup <name-of-generated-csv>

That’s it.

That’s my secret.

When your permissions won’t let you do “what you want” … pretend you’re Life in Ian Malcom‘s mind – find a way!

Mark Turner : Overnight pulse oximeter tracks sleep apnea

October 07, 2020 02:15 AM

Sleep apnea graph

At the start of the pandemic, I read a suggestion from a nurse that having a pulse oximeter would be a good idea. I’ve also had issues sleeping for some years including mild (and some not-so-mild) sleep apnea so I figured it might be good to document these. I bought a model which can be worn comfortably overnight and track the full night’s sleep, the Wellue/ViaTom SleepU P03.

The data it’s shown me is alarming. I have been having apnea events almost every night, some of these lasting long enough to dramatically drop my oxygen saturation. I’d been wondering why I’d suddenly find myself wide awake at 3 AM. Now I know it’s because I’d stopped breathing and my body struggled itself awake.

Though I’ve collected months of graphs showing a problem, I’ve not been successful demonstrating this during the VA sleep studies I’ve had done. I don’t do this every night but it happens with enough frequency that it makes it hard for me to feel rested in the morning. I’m hopeful that a future study will open the door to some treatment. A good night’s sleep is a fantastic gift.

Along my sleep apnea journey, I found the excellent OSCAR app, an open-source data visualization tool that gathers data from CPAP machines and pulse oximeters like mine.

Getting old is not for wusses.

Mark Turner : Oh, and this is sadly still true

October 07, 2020 01:51 AM

Writing for me has become harder.

Mark Turner : COVID-19 life

October 07, 2020 01:50 AM

It’s October 6th, day whatever of our home quarantine thanks to the COVID-19 novel coronavirus and President Trump’s utterly abysmal failure to confront it early on. We’ve been essentially holed up since March going out only for essential shopping, medical appointments, takeout or curbside food, and little else. My company shuttered its downtown Raleigh office in favor of an everyone-work-from-home model. I haven’t hugged my mom or dad in over seven months.

We do get out for exercise every weekend possible. Kelly and I have put a few hundred miles on our bikes riding the greenways. But I still won’t go into an office building or an enclosed space for any longer than necessary.

We’ve learned so much about COVID-19 since those early days. Poorly-ventilated spaces are the worst, particularly if they’re crowded. Outdoor activity is safest. Experts roll their eyes at the photos of people at beaches used to illustrate pandemic news stories, as those scenarios are among the safest.

Yet, here in North Carolina Governor Cooper is about to open businesses even wider than before, this in spite of cases continuing to peak here. I know Gov. Cooper’s got to balance the science with the business needs but there’s no way I’m going to spend an hour in a restaurant full of people not wearing masks, regardless of whether they’re spaced apart or not. Not gonna happen.

Japan has done an excellent job of conveying the best way to fight this pandemic. I smack my head at the U.S. Government’s incompetency to do the same.

As for me, I’ve been trying to put my energy into my day job, trying to keep my nerves steady from being around my family 24/7 for months on end, and spending other time “doomscrolling” to find out what fresh hell has been unleashed upon us. Doomscrolling is a perfect word that was coined this year to describe the feeling of helplessness many feel. And it’s an emotional toll on you, the feeling of powerlessness. I end my work day and don’t have energy for much else. I may retreat to my bed to read a book but that’s about it. Just keeping it together takes some serious effort.

While I haven’t written much here during this time (blogging is among the things I’ve just not been motivated to do), I have been keeping a near-daily video diary of what life has been like in Shelter-In-Place Land. I hope it informs my mindset when I look back on it in the future. I am still not sharing it with the public, sorry!

I spent some time yesterday sorting through photos from this year. I was amazed that our beach vacation to North Topsail Island was in July. It seemed simultaneously like yesterday and so long ago. Time has lost its meaning when you stare at the same four walls day in and day out. I looked back with fondness at our trip to the beach over New Year’s, while we were all blissfully unaware of what we would soon face.

But we will get there again. It may still be months away, or a year away, but we will get to a point where society is safe again. I try to keep focused on that light at the end of the tunnel. My spot on the couch is not the most exciting, but staying in a holding pattern is the absolute best way to come out of this safely. I suppose I can hang on.

Mark Turner : Samsung Galaxy spying defeated?

October 07, 2020 01:20 AM

As I’ve written before, I kept noticing ads pop up on Facebook and Twitter which seemed suspiciously as if they were triggered by conversations held around my phone. I got so fed up with this this summer that I briefly listed my Samsung Galaxy phone on Craigslist. And yet, something pulled me back. A friend pointed out that certain apps – even system ones – could be removed from the phone without actually rooting it. I have always been impressed with the Galaxy’s hardware; it was Samsung’s bloatware that drew my suspicion. Samsung’s locked my phone down so tightly that rooting it is out of the question. Perhaps this other method might work?

After carefully examining apps in Android’s app permissions page, paying particular attention to system apps (which usually are firmly entrenched and can’t be removed), my eyes focused on one quite innoculous one that called itself SmartThings.

I already tweeted my discovery of two separate SmartThings apps, each with wildly different permissions, but a search of the phone’s packages never turned up any of the more entrenched, system version of SmartThings.

After more Googling, I found the name of the offender, a mysterious package called com.samsung.android.beaconmanager.

I had gotten a crash course in Bluetooth beacons a few years ago when a local hacker was building an app/contest for DEFCON which relied on beacons. Marketers use Bluetooth beacons to track shoppers around stores. Even though an Android user may turn off Bluetooth on their phone, this only disables the transmitter, not the receiver. The receiver happily continues to snarf up any beacons within the phone’s range, documenting where you have been so Google can sell this to marketers (“scrubbed” of identifying information wink wink nudge nudge). A quick scan of my local Target store using a freely-available beacon scanner app showed over 1,000 Bluetooth beacons in the store. Target has embedded these beacons in their light fixtures to make their shopping app know how to guide you to what you’re looking for. That is a smart and legit way to use beacons.

SmartThings permissions

L:SmartThings user app. R:SmartThings system app.

But what about a beacon app on your phone that you can’t uninstall? That’s always on, always tracking you? What if it also had permission to your Contacts, Location, Microphone, and Phone and these could not be revoked? I could think of no good reason for this outrageous access, access that clearly goes above and beyond anything a marketing beacon app should have. I decided I’d found my spy app.

Some searches showed a method I’d never tried before: disabling an app for a user. This is different from deleting it as it simply disappears the app for the user. The app is still installed but does not run. What’s more, it can be easily restored if needed. Perfect for my needs!

I followed the instructions on the XDA-Developer forums. It uses the Android debugging interface (adb) available by enabling Developer Options on your phone and connecting it to your computer using a USB cable. Then this command will make the offending app disappear:

./adb shell pm disable-user --user 0 package_to_disable

Super-easy. I searched the web for lists of Samsung Galaxy bloatware, looking for apps which could be cleanly disabled without affecting the features I wanted to keep. Goodbye, Bixby, and goodbye com.samsung.android.beaconmanager, a.k.a the system app SmartThings.

Since I’ve done this surgery on my phone, the incidents where a spoken conversation summons an ad have greatly diminished. I don’t recall the last time I’ve seen this happen, actually. Can’t say I’ve proven definitively that beaconmanager was spying on me but it sure seems like my privacy leak has been halted. I’d call that a win.

Warren Myers : libraries should be print-on-demand centers – especially for old/unusual works

September 26, 2020 05:13 PM

Want to reinvigorate old texts and library patronage? Turn libraries into print-on-demand book “publishers” for works in the public domain and/or which aren’t under copyright in the current country and/or some kind of library version of CCLI churches use for music!

This idea came to me after reading this blog post from the Internet Archive (famous for the Wayback Machine).

Libraries have always bought publisher’s products but have traditionally offered alternative access modes to these materials, and can again. As an example let’s take newspapers. Published with scoops and urgency, yesterday is “old news,” the paper it was printed on is then only useful the next day as “fish wrap”– the paper piles up and we felt guilty about the trash. That is the framing of the publisher: old is useless, new is valuable.

…the library is in danger in our digital world. In print, one could keep what one had read. In digital that is harder technically, and publishers are specifically making it harder.

So why not enable a [modest] money-making function for your local library? With resources from places like the Internet Archive, the Gutenberg Project, Kindle free books, blog posts, and on and on – there’s a veritable cornucopia of formerly-available (or only digitally-available) material that has value, but whose availability is sadly lacking: especially for those who don’t have reliable internet access, eReaders, etc. (Or folks like me who don’t especially like reading most books (especially fiction) on a device.)

I’d wager Creative Commons could gin-up some great licenses for this!

Who’s with me‽

Warren Myers : chelsea troy – designing a course

September 24, 2020 03:56 PM

Via the rands-leadership Slack (in the #i-wrote-something channel), I found an article written on ChealseaTroy.com that was [the last?] in her series on course design.

While I found part 9 interesting, I was bummed there were no internal links to the other parts of the series (at least to previous parts (even if there may be future parts not linked in a given post)).

To rectify that for my 6 readers, and as a resource for myself, here is a table of contents for her series:
  1. What will students learn?
  2. How will the sessions go?
  3. What will we do in a session?
  4. Teaching methods for remoteness
  5. Why use group work?
  6. Dividing students into groups
  7. Planning collaborative activities
  8. Use of surveys
  9. Iterating on the course
She also has some other related, though not part of the “series”, posts I found interesting:
  1. Learning to teach a course
  2. Planning and surviving a 3-hour lecture
  3. Resources for programming instructors
  4. Syllabus design

If you notice future entries to this series (before I do), please comment below so I can add them 🤓

Warren Myers : comparing unique anagrams?

August 30, 2020 05:42 PM

How useful would determining similarity of words by their unique anagrams be? For example: “ROBERT” uniquely anagrams to “BEORT”; “BOBBY” and “BOOBY” both uniquely anagram to “BOY”.

Is there already a comparison algorithm that uses something like this?

What potentially “interesting” discoveries might be made about vocabularical choices if you analyzed text corpora with this method?

Warren Myers : splunk: match a field’s value in another field

August 28, 2020 08:14 PM

Had a Splunk use-case present itself today on needing to determine if the value of a field was found in another – specifically, it’s about deciding if a lookup table’s category name for a network endpoint is “the same” as the dest_category assigned by a Forescout CounterACT appliance.

We have “customer validated” (and we all know how reliable that kind of data can be… (the customer is always wrong) names for network endpoints.

These should be “identical” to the dest_category field assigned by CounterACT … but, as we all know, “should” is a funny word.

What I tried (that does not work) was to get like() to work:

| eval similar=if(like(A,'%B%') OR like(B,'%A%'), "yes", "no")

I tried a slew of variations around the theme of trying to get the value of the field to be in the match portion of the like().

What I ended-up doing (that does work) is this:

| eval similar=if((match(A,B) OR match(B,A)), "yes", "no")

That uses the value of the second field listed to be the regular expression clause of the match() function.

Things you should do ahead of time:

  • match case between the fields (I did upper() .. lower() would work as well)
  • remove “unnecessary” characters – in my case, I yoinked all non-word characters with this replace() eval: | eval A=upper(replace(A,"\W",""))
  • know that there are limitations to this comparison method
    • “BOB” will ‘similar’ match to “BO”, but not “B OB” (hence removing non-word characters before the match())
    • “BOB” is not ‘similar’ to “ROB” – even though, in the vernacular, both might be an acceptible shortening of “ROBERT”
  • if you need more complex ‘similar’ matching, checkout the JellyFisher add-on on Splunkbase

Thanks, also, to @trex and @The_Tick on the Splunk Usergroups Slack #search-help channel for working me towards a solution (even though what they suggested was not the direction I ended up going).

Warren Myers : vampires *can* coexist with zombies

August 22, 2020 02:01 PM

I made a mistake 4 years ago.

I said vampires and zombies couldn’t [long] coexist. Because they’d be competing for the same – dwindling – food source: the living (vs them both being undead).

But I was wrong.

If the universe in which they exist is a mash-up of that of Twilight and iZombie … it could work.

The iZombie universe has zombies that can avoid going “full Romero” by maintaining a steady supply of brains – and it’s not much they need to eat to stay “normal”.

The Twilight universe has vampires that can survive on animal blood (or, one presumes, by hitting-up blood banks).

So if you were to have “brain banks” the way you have “blood banks” – I could see it working.

Now we just need some iZombie-Twilight hybrid vambie/zompire creatures running around.

Warren Myers : how-to timechart [possibly] better than timechart in splunk

August 18, 2020 06:52 PM

I recently had cause to do an extensive trellised timechart for a dashboard at $CUSTOMER in Splunk.

They have a couple hundred locations reporting networked devices.

I needed to report on how many devices they’ve reported every day over the last 90 days (I would have liked to go back further…but retention is only 90 days on this data).

My initial instinct was to do this:

index=ndx sourcetype=srctp site=* ip=* earliest=-90d
| timechart limit=0 span=1d dc(ip) by site

Except…that takes well over an hour to run – so the job gets terminated at ~60 minutes.

What possible other approaches could be made?

🤔

Well.

Here are a few that I thought about:

  1. Use multisearch, and group 9 10d searches together.
    • I’ve done things like this before with good success. But it’s … ugly. Very, very ugly.
    • You can almost always accomplish what you want via stats, too – but it can be tricky.
  2. Pre-populate a lookup table with older data (a la option 1 above, but done “by hand”), and then just append “more recent” data onto the table in the future.
    • This would give the advantage of getting a longer history going forward
    • Ensuring “cleanliness” of the table would require some maintenance scheduled searches/reports … but it’s doable
  3. Something else … that “happens” to work like a timechart – but runs in an acceptable time frame.
  4. Try binning _time
    1. Tried – didn’t work 🤨

So what did I do?

I asked for ideas.

If you’re regularly (or irregularly) using Splunk, you should join the Splunk Usergroups Slack.

Go join it now, if you’re not on it already.

Don’t worry – this blog post will be here when you get back.

You’ve joined? Good good. Look me up – I’m @Warren Myers. And I love to help when I can 🤠.

I asked in #search-help.

And within a couple minutes, had some ideas from somebody to use the “hidden field” date_day and do a | stats dc(ip) by date_day site. Unfortunately, this data source is JSON that comes-in via the HEC.

Poo.

Lo and behold!

I can “fake” date_day by using strftime!

Specifically, here’s the eval command:

| eval date=strftime(_time,"%Y-%m-%d")

This converts from the hidden _time field (in Unix epoch format) to yyyy-mm-dd.

This is the 🔑!

What does this line do? It lets me stats-out by day and site (just like timechart does … but it runs way faster (Why? I Don’t Know. He’s on third. And I Don’t Give a Darn! (Oh! That’s our shortstop!)).

How much faster?

At least twice as fast! It takes ~2200 seconds to complete, but given that the timechart form was being nuked at 3600 seconds, and it was only about 70% done … this is better!

The final form for the search:

index=ndx sourcetype=srctp site=* ip=* earliest=-90d@ latest=-1d@
| table site ip _time
| eval date=strftime(_time,"%Y-%m-%d")
| stats dc(ip) as inventory by date site

I’ve got this in a daily-scheduled Report that I then draw-into Dashboard(s) as needed (no point in running more often, since it’s summary data that only “changes” (at most) once a day).

Hope this helps somebody – please leave a comment if it helps you!

Warren Myers : following-up to my ubi mindwalk

August 03, 2020 04:49 PM

I omitted something kinda big when I wrote my one-time UBI proposal last year.

I neglected to address welfare reform.

Welfare would have to be changed for UBI to even have a half a prayer of working.

The “easy” way to do this would be to phase-in reduced welfare benefits on a prorated-equivalent basis for the UBI payment you receive.

Surely there are many other ways to address welfare as part of the one-time universal basic income – suggest them below!

Do I have to participate?

And I missed a second point, too – this should be something you can opt-out of. Just like I wrote about Social Security lo those many moons ago.

No one should be forced to participate – though I strongly suspect most people would rather participate than not.

What about when the program starts?

A third missed point in last year’s thought experiment – a prorated one-time UBI for every citizen over 18 when the program starts. Take the average life expectancy of a USian of, say, 75 years. Subtract 18 to get 57 – there is your basis “100%” one-time payment.

There also needs to be a phase-out cap on one-time benefits at age 74 (ie, when you turn 75, you are no longer eligible to receive a payout).

Now take your age, subtract 18, and divide by 57, and subtract from 100% to get your prorated payment. Are you 27? (27-18)/57 = ~15.8%. 100%-15.8% = 84.2%.

84.2% of $100,000 is $84,200.

Same process if you’re 50: (50-18)/57 = ~56.1%. 100%-56.1% = 43.9%.

43.9% of $100,000 is $43,900.

What if you’re 80? Congratulations! You’ve outlived the average American!

Warren Myers : geroge carlin – fear of germs

July 22, 2020 02:21 AM

What we have now is a completely neurotic population obsessed with security and safety and crime and drugs and cleanliness and hygiene and germs… there’s another thing… germs.

Where did this sudden fear of germs come from in this country? Have you noticed this? The media, constantly running stories about all the latest infections – salmonella, e-coli, hanta virus, bird flu – and Americans, they panic easily so now everybody’s running around, scrubbing this and spraying that and overcooking their food and repeatedly washing their hands, trying to avoid all contact with germs. It’s ridiculous and it goes to ridiculous lengths. In prisons, before they give you a lethal injection, they swab your arm with alcohol! It’s true! Yeah! Well, they don’t want you to get an infection! And you could see their point; wouldn’t want some guy to go to hell and be sick! It would take a lot of the sportsmanship out of the whole execution. Fear of germs… why these fucking pussies! You can’t even get a decent hamburger anymore! They cook the shit out of everything now cause everybody’s afraid of food poisoning! Hey, where’s your sense of adventure? Take a fucking chance will you? You know how many people die in this country from food poisoning every year? 9000… that’s all; it’s a minor risk! Take a fucking chance… bunch of goddamn pussies! Besides, what do you think you have an immune system for? It’s for killing germs! But it needs practice… it needs germs to practice on. So listen! If you kill all the germs around you, and live a completely sterile life, then when germs do come along, you’re not gonna be prepared. And never mind ordinary germs, what are you gonna do when some super virus comes along that turns your vital organs into liquid shit? I’ll tell you what you’re gonna do… you’re gonna get sick, you’re gonna die, and you’re gonna deserve it cause you’re fucking weak and you got a fucking weak immune system!

Let me tell you a true story about immunization okay?

When I was a little boy in New York City in the 1940s, we swam in the Hudson River and it was filled with raw sewage okay? We swam in raw sewage! You know… to cool off! And at that time, the big fear was polio; thousands of kids died from polio every year but you know something? In my neighbourhood, no one ever got polio! No one! Ever! You know why? Cause we swam in raw sewage! It strengthened our immune systems! The polio never had a prayer; we were tempered in raw shit! So personally, I never take any special precautions against germs. I don’t shy away from people that sneeze and cough, I don’t wipe off the telephone, I don’t cover the toilet seat, and if I drop food on the floor, I pick it up and eat it! Yes I do. Even if I’m at a sidewalk café! In Calcutta! The poor section! On New Year’s morning during a soccer riot! And you know something? In spite of all that so-called risky behaviour, I never get infections, I don’t get them, I don’t get colds, I don’t get flu, I don’t get headaches, I don’t get upset stomach, you know why? Cause I got a good strong immune system and it gets a lot of practice. My immune system is equipped with the biological equivalent of fully automatic military assault rifles with night vision and laser scopes, and we have recently acquired phosphorous grenades, cluster bombs, and anti-personnel fragmentation mines.

So when my white blood cells are on patrol recon ordering my blood stream seeking out strangers and other undesirables, if they see any, ANY suspicious looking germs of any kind, they don’t fuck around!
They whip out their weapons; they wax the motherfucker and deposit the unlucky fellow directly into my colon! Into my colon! There’s no nonsense, there’s no Miranda warning, there’s none of that “three strikes and you’re out” shit, first defense, BAM… into the colon you go! And speaking of my colon, I want you to know I don’t automatically wash my hands every time I go to the bathroom okay? Can you deal with that? Sometimes I do, sometimes I don’t. You know when I wash my hands? When I shit on them! That’s the only time. And you know how often that happens? Tops, TOPS, 2-3 times a week tops! Maybe a little more frequently over the holidays, you know what I mean? And I’ll tell you something else my well-scrubbed friends… you don’t need to always need to shower every day, did you know that? It’s overkill, unless you work out or work outdoors, or for some reason come in intimate contact with huge amounts of filth and garbage every day, you don’t always need to shower. All you really need to do is to wash the four key areas; armpits, asshole, crotch, and teeth. Got that? Armpits, asshole, crotch, and teeth. In fact, you can save yourself a whole lot of time if you simply use the same brush on all four areas!

https://www.youtube.com/watch?v=X29lF43mUlo https://www.lingq.com/sv/lesson/george-carlin-fear-of-germs-235986

Warren Myers : apparently I do this about every 4.5 years

June 23, 2020 05:48 PM

4.5 years ago, I switched hosts (though not providers (that had happened 4.5 years prior to that)) for my “big” server.

Now I’m about to do it again.

Mark Turner : How to perform music together virtually

June 20, 2020 01:39 AM

Musicians together virtually


A retired music teacher friend, Ruth Johnsen, needed help setting up a virtual performance by her music students. Because I was eager to learn a new video editor and because it’s really impossible to say no to Ruth, I stepped up and took it on. For the past few weeks, videos from each musician has been filtering over to me and I’ve been learning all I can about stitching them together. Fortunately, the occasional karaoke videos I’ve created have given me a little insight into the best way to get this done. Here’s my recipe for successfully recording musical parts for a virtual performance.

Consistency is key. The video clips I was given all look and sound different. That’s to be expected from so many musicians and no way to use identical hardware and software. There are some aspects that can be easily standardized, such as:

Video orientation. Have everyone use either portrait or landscape mode. It will look much better. Purists insist on landscape but portrait can work, too. Whichever you choose, it’s best if everyone uses it.

Distance.
Be consistent with camera distance. If your phone or camera is too close, you will overwhelm the microphone; too far and you won’t be heard at all. You’ll also make work for the video editor as she has to scale or crop the video to make everyone look consistent.

Use the same gear. For the ultimate in quality, figure out a way that all musicians can use the same equipment. Mail or ship a common microphone or other recording gear to each musician and have them set it up the same way. Your ears will thank you.


Use a click track.
Have a track in which the conductor conducts and calls out the measures along with a metronome. This will become the foundation for all of the mixing. Also, when creating the click track the editor’s job becomes much easier if you provide an audible and visual cue of that synchronization. Ruth and her students counted to four and said “click.” A few beats later the music began. This method works well enough but since this performance is prerecorded, you should take advantage of editing! Record a 10 second long or so prelude to the music where everyone’s hands start empty. On cue from the conductor’s click track, everyone counts to four and then claps on camera! They then pick up their instruments in the remaining seconds and play their parts. Your musicians are now human clapper boards, providing a powerful sync signal for your editor to work with.

No, really, use the click track! Have the musicians wear headphones/earbuds while listening to the click track. It’s easy for the beat to get lost when you’re the only one playing. Some musicians winged it and got completely out of sync, making their hard work practically unusable.

Work around sync issues. There were cases where the videos submitted by some musicians just wouldn’t stay in sync. Many phones are different in how they record audio and video. In a few cases I had to ask some musicians if they could rerecord using a different smartphone. This seemed to help.

Post your resulting videos to a cloud storage system like Google Drive and share them with your editor.

For my video editing, I found Shotcut to be very powerful, fast, and stable. I was easily able to crop, scale, and resize each clip into one happy screen filled with musicians. Going into the details of video editing is several posts in itself so I won’t go into that here. Luckily, Shotcut has many tutorials on YouTube and elsewhere that show you how this is done. After a little while of using Shotcut, I found many of its features to be pretty intuitive.

Now, one of my first jobs was as a recording engineer. I want my videos not only to look good but to sound good, too. Video editing software may get you close to the good sound you’re seeking but if you really want to squeeze the best sound out of your editing consider using and audio editor. I use Audacity for my karaoke videos, which allows me to mix everything exactly the way I like it. Then I lip-sync to this track in my videos and mix it all together. For the best virtual performance, you’ll get the best result if you treat the audio and video as separate pieces, each to be perfected in its own right.

These tips should get you started towards some great virtual performances. If you make a video and found my tips useful, I’d love to see your work! Happy playing and editing!

Mark Turner : Bypassing the AT&T Pace 5268AC Residential Gateway, Part I

June 15, 2020 01:25 PM

Turn this into a high-tech doorstop


I’d been dreaming of getting fiber to my home for over a decade. It was that long ago that I spent my days hooking up ten-gigabit fiber connections to massive file servers at NetApp. I led a successful grassroots effort to lure Google Fiber to Raleigh, because competition can be a great way to spur innovation and investment. You can imagine in 2018 how excited I was to learn that fiber was coming to my neighborhood. While it wasn’t Google, it was AT&T. I swallowed my pride, quietly rescinded my ban of ever doing business with AT&T again, and signed up for their fastest package: symmetrical gigabit fiber. Cost was $80/month initially and thereafter $90/month. I’m sure I’m one of the few in my area who max it out. Hey, geeks gotta geek.

Why bother?

While I’m happy to use up as many AT&T bits as possible, I still don’t entirely trust the company (though I do trust them more than Time Warner Cable (TWC), a.k.a. Spectrum, and this as you know is not saying much). While providing direct access to my home network to a major telco may be a bit on the paranoid side, a number of security vulnerabilities have been discovered with other AT&T devices. Though AT&T might not be snooping around my network, I could not be entirely comfortable that hackers wouldn’t. AT&T’s RGs were discovered to have the built-in ability to do deep packet inspections (DPI) themselves, being able to snoop on the network traffic of its customers. For this and many other reasons, I just don’t trust any devices on my home network that I do not control.

I kept a firewall between TWC and my network for this reason. AT&T wants you to use their device, which they call a “Residential Gateway” or RG, as the firewall. It also acts as a WiFi point, DHCP server, and the like. This may be fine for most people, but I am an uber power user. As an engineer, I want to squeeze the maximum performance out of my networking. I will happily void the warranties on my networking gear. I didn’t spend time tuning my home firewalls for maximum throughput just to discard them when some corporate box comes along. This just won’t do, you see.

The Power User’s approach

My first approach was to switch things over to my TP-Link AC1750 access ponits, running OpenWRT. While my AC1750s could keep up with the slow (300 Mbps) speeds of cable Internet, they were balking at gigabit speeds. The hardware acceleration the AC1750s utilize require proprietary drivers which OpenWRT does not provide. It was time to list them on Craigslist and try something new.

After much research, I purchased an Ubiquiti EdgeRouter Lite 3 (ERL3). It is a fantastic unit that can easily run at gigabit wire speeds (with a small caveat of forgoing deep packet inspection). I can put the ERL behind my Internet connection and, because it is Debian Linux-based, customize it practically any way I want to. Pure heaven! Yet there is still the issue of having to front the ERL by AT&T’s RG box, the Pace 5268AC in my case.

Could I make AT&T’s RG live in harmony with my gear? Yes if safely firewalled, but performance would take a hit. The RG would be doing network address translation (NAT) and then my firewall would be doing it again. This introduces latency and the chance for errors. I use Voice over IP (VoIP) at home, which can be very sensitive to NAT issues. The RG’s wireless signal would also interfere with my home’s existing wireless signals, causing network congestion. I turned off the RG’s WiFi right away. With the RG in bridge mode you could still use your one firewall, passing packets through the RG, but the RG would still be duplicating everything I was already doing. I couldn’t wait to make it completely redundant.

The RG performs one crucial function that can be challenging to duplicate and this is 802.1 network authentication. AT&T usually delivers a residential customer’s fiber into a little box called an optical network termination (ONT). The size of a pack of cigarettes, it takes the fiber signal and converts it to Ethernet, plugging into the RG. The RG is loaded with AT&T’s cryptographic certificates and presents these to AT&T’s switches whenever the ONT link comes up, validating that the device (in this case, the RG) is authorized to connect.

802.1x authentication is usually a one-time thing. Should the ONT never lose its fiber link to the remote switch and also never lose its connection to the RG, the authentication process will not be needed again. This has provided some clever ways to bypass the RG:

  1. Connecting the RG side by side with the real firewall and using a switch to filter all but 802.1x traffic to it,
  2. Connecting the ONT to a switch and swapping out the RG for the firewall after the 802.1x authentication is done, or
  3. Putting AT&T’s certs on your own firewall and making the RG redundant.

Let’s look at each of these approaches.

Filtering all but 802.1x

This has been done by many. By using a VLAN-aware switch, the VLAN2-based 802.1x packets get sent to the RG, which does the auth and then basically gets ignored. I decided this wasn’t an approach I wanted to take since I wanted to unplug the RG completely. For those who want to take this route, there are plenty of Internet resources that step you through it.

Swapping out the RG for your firewall

This is the approach I have been using for years and it’s such a simple method that anyone could do it. Here’s how you do it:

  1. Check the label on your RG for the RG’s MAC address. A MAC address is a six-digit hexidecimal string that is a unique address for every network device.
  2. Configure your firewall or router box’s Internet port to “spoof” this MAC address. This will all depend on the type of network gear you are using, so consult your product manual or consult the search engines.
  3. Place a gigabit switch between your ONT and your RG. This “outside switch” does not have to be a fancy switch or a smart swich. A “dumb” one will do. It could simply be a typical, cheap, 5-port gigabit switch like a Netgear, etc. The important thing is that the switch be at least as fast as your Internet connection.
  4. Now, with the RG and the firewall presenting the same MAC address, plug in the RG to the outside switch and let it go through the authentication process. You’ll know it’s done when you see the green “Service 2” light go solid.
  5. Plug your firewall into an open port on the outside switch and remove the RG from the switch.

If you’ve done everything properly, your Internet connection should now be flowing through your firewall and you can set the RG aside.

NOTE: The secret here is to maintain the Ethernet link between the ONT and your outside switch. If for some reason the ONT or your outside switch loses power, the 802.1x authentication process will need to be completed again before you get your connection back. You will need to complete steps 4 & 5 again to restore your connection. For this reason, I place both my ONT and my outside switch on a uninterruptible power supply (UPS). This has been proven highly reliable, with usually only physical damage to AT&T’s cables causing a need to resync.

In part two, I’ll be covering the third way I mentioned, using AT&T’s certs on your own devices.

Mark Turner : The Evocacs Deebot Orzo 920 robot vacuum

June 07, 2020 04:16 PM

The Evocacs Deebot Orzo 920

My membership warehouse company, Costco, sells both the iRobot models but also the Ecovacs brand. I was intrigued so I brought home the Ecovacs Deebot Orzo 920. What do I have to lose, with Costco’s generous return policy protecting me? I ordered the Orzo 920 online and waited patiently for it to arrive.

The Orzo 920 is almost perfect as far as robot vacuums go, though I’m not sure why is has such a long name (how many brand names does one robot need?). A Chinese model, it nevertheless has clearly-written documentation and labels. The box contained the robot, charging dock, booklet, two HEPA filters and a tool for cleaning the brushes. Instinctively I set up the charging dock and put the robot on it, not realizing I had to flip the red switch on top to actually turn it on.

Modern robot vacuums need Internet access, so I had to go through steps to connect it to my home network. I downloaded the Evovacs app for my Android phone and set the vacuum up to advertise its WiFi signal. Connecting it to the app was simple and quick.

Once the Orzo was charged, I used the app to set it up. The Orzo uses LIDAR laser ranging to map the floors of your home. It maps your home the first time it’s run, after which you can edit the map to divide areas, mark off spots with “virtual boundaries,” and make other adjustments. Different advanced vacuums use different technologies to map rooms (iRobots use a visual camera) but in my experience the LIDAR is tough to beat. It was a treat to watch as the app filled in walls as the robot proceeded around the room. It does an amazingly accurate job figuring out where it is and what the room looks like. I could tell this was not a robot that would ever get lost on the way back to the dock.

One thing I learned right away is that the initial mapping takes longer than a normal cleaning. This may just be my experience but I wanted it to be thorough in its mapping at the expense of deep cleaning the first time. I discovered an option in the app’s settings which allows you to set the vacuum’s power on the “Quiet” setting. This uses far less battery than the normal power modes so I was able to get the vacuum to completely map my floor without having to stop and charge mid-way.

Multiple floors are supported, so once the Orzo had mapped the downstairs I moved the dock and vacuum upstairs and had the Orzo map it, too. Only two maps seem to be in the app so if your home has more than two you might be out of luck.

The cleaning process works well. I can tell a lot of thought was put into it. Once the maps are built, you can specify the order in which the “rooms” the vacuum has discovered are cleaned. The vacuum will proceed through this list in order, usually circling the boundary of the particular room one time before dutifully proceeding to vacuum it row-by-row. In open floor plan homes, the vacuum tends to obsess on these arbitrary boundaries (say, between a kitchen area and a den). So, you might have a simple open floor between your kitchen and den but because the vacuum’s virtual boundary runs through it it will get cleaned twice as often as other parts of the floor. Got it?

The virtual wall feature works well, too. I can cordon off the dogs’ food and water dishes so that the robot doesn’t bump them. I can block off a lightly-used table so that the vacuum doesn’t spend time getting stuck in-between its chairs when it’s likely not to have dust or dirt underneath it. One thing I had difficulty in doing is dividing some rooms in the map. The line used to cut rooms into smaller ones seems very sensitive to position and I basically gave up on it.

The vacuum tracks the strength of its Wifi signal and even maps the access point.

I am impressed with how the Orzo changes vacuum power when it detects a change between carpet and bare floors. Bare floors don’t need as much suction so the Orzo economizes. Nice.

I also like the dual brushes the Orzo sports – it seems to do very well scooping up dirt and objects into the path of the vacuum.

As for the mopping feature, I haven’t tried it and am in no hurry to. The thought of letting a robot spread water around my floor is a bit scary to me. My floor needs vacuuming far more often than it needs mopping, so I find its usefulness to be vacuuming not mopping. That said, in the time since I’ve had the Orzo I am more confident that it knows what it’s doing. It might be time to test this part out.

The only thing I am disappointed with is the smallish dustbin the Orzo 920 comes with. My dogs shed a lot of hair each day and the vacuum needs to be emptied daily just to keep up. If I were designing this, I would’ve used the space on the vacuum devoted to mopping and used it to accommodate a bigger dustbin. Still, if my biggest complaint with a robot vacuum is that it picks up too much dirt I suppose I can live with that!

Since all Chinese businesses are ultimately owned by the Chinese government, now do I feel about a robot vacuum building a map of my home for the People’s Liberation Army? It’s not as bad as you think. The Orzo seems to exchange date between the vacuum and the app and not store it in the could anywhere. On my home Internet router, I was easily able to block access to the outside domains it used to check in and the vacuum continued to operate. There are also open-source alternative firmwares and apps available on Github which can further isolate the vacuum and extend its functionality. I have not tried these yet but I’m happy to know they’re available.

Overall, the Evovacs DeeBot Orzo 920 is a great robot vacuum. It has a clever, easy-to-use app, does an excellent job cleaning the house, and other than needing to be emptied frequently it’s just about perfect. I give it 4.5 our of 5 stars.

Mark Turner : Robot vacuums – The Ecovacs Deebot Orzo 920 vs. Roborock S4

June 07, 2020 04:15 PM

Many years ago through a “Woot-off” clearance sale, I became the owner of a first-generation iRobot Roomba robot vacuum. It was novel advanced for its day, bouncing randomly around the room, but it frequently either got stuck somewhere or lost its way back to the charging dock, sending me on a whole-house search to find it. When the battery died I packed it away and switched to old-fashioned vacuuming.

With the recent addition of two dogs to the family vacuuming has become a priority again. To keep up without spending an hour manually pushing a vacuum around the floor, I revisited the state-of-the-art for robot vacuums. I quizzed my friends with vacuums to see what they liked about theirs. I read several web reviews and product reviews.

iRobot’s latest models seemed okay but didn’t wow me. They seemed to have a high price tag for what they offered. iRobot is no longer the only game in town, so I thought I’d look at the competition. The Evocacs Deebot Orzo 920 is sold at Costo and seemed like a good candidate, so I ordered one. I also read some great online reviews of the Roborock S4 so I ordered one of those, too. After a few weeks with each I’ve decided to post my reviews of them, starting with the Orzo 920. I’ll post the link to my Roborock review here once it’s done, too.

Mark Turner : Dogs join the family

June 07, 2020 03:37 PM

January marked a year since we said goodbye to our Black Lab, Rocket. The house has been clean but quiet since then but facing the prospect of an emptier nest this fall, Kelly and I began kicking around the idea of another dog.

In February, a friend who is a volunteer dog rescuer brought over a dog she was trying to home. While this female dog seemed okay, she was unusually focused on tracking down our porch cat and seemed to pay us little attention. It would have been nice to help our friend out by taking in this dog but that spark I expected to feel just wasn’t there with this particular dog. Our search resumed.

One of Kelly’s friends mentioned to her that there were two dogs needing a home. These dogs had been abandoned at a neighbor’s boarding service ad were part of a trio of dogs, one of which found a home with another neighborhood friend. We arranged for them to visit us so that we could decide which one we would adopt.

Our boarding service friend Laura brought the dogs, Abbot and Tobin, over March 1st and gave us their long backstory. Both are hounds who had been in the kennel for the best part of a year. One was a stray and the other was part of some kind of dog-hoarding situation. They’d been together for months.

Laura turned them loose in our backyard and we watched them race around. They would take time out to come greet us. We kept them for the weekend and got them through the initial mistakes they made learning how to become house-trained.

One thing that was evident right away was that they go together. When out walking with them if we took one dog in a different direction, the other dog would plant his feet and not move. How could we possibly separate these two dogs who were obviously thick as thieves? We decided we could only take them both.

So now we’re the owners of not just one dog but two! In fact, we are finding it hard to imagine having just one dog. While there are disadvantages to owning multiple dogs, like increased food, vet, and boarding bills, more dog hair, and other issues; the benefits outweigh the drawbacks. They entertain each other, chasing each other around the yard for hours. They each have distinct personalities and both are very sweet. It’s fun to watch them sleep with one paw resting on the other dog.

Kennel habits still show up every now and then. One dog is still quite skittish around loud noises and anxious around dogs encountered on our dog walks but even so we’ve come a long way since that March 1st day. Hopefully we can get them together soon with their long-lost, nearby brother for a doggy playdate.

We look forward to many more years with these two in our family.

Warren Myers : dorss

May 14, 2020 01:16 PM

After years of thinking about it, I finally got around to it.

I’ve rewritten my RSS feed driven website https://datente.com to run on Python from PHP.

I’m sure there is much room for improvement in the approach – and would appreciate any constructive feedback you may have. Here’s the GitHub repo: https://github.com/volcimaster/dorss.

Mark Turner : On another planet

May 10, 2020 02:13 AM

One friend on Facebook who normally stays genteel watched one of Trump’s coronavirus press conferences and then unloaded on him in a post:

Watching the daily Presidential press conference on the Corona virus. Sorry Trump fans but how pathetic can one be. So far its been me, me, me!! How great I am, how much I’ve done, previous administrations are responsible, Governor’s are totally responsible. Everyone but me is responsible!! Forget the 30,000 dead, 700,000 infected and continuing. Outrageous!! Sorry for venting on my few posts.

Most of the responses to his post were in agreement, but one of his friends responded with this:

He’s actually none of those things and he’s doing a great job he’s he is talking himself and the task force up a lot but only because this is his only chance to defend himself the media totally lies. They are blaming him for a delayed response to the handling of the virus when in fact Dr. Fauci said on Feb. 29th that there was no need to change our behavior. Dr. Birx also supported the White House response and timeline at the press conference the other day. No one has a crystal ball and no one knew how bad the virus would be our president took decisive action and he was a genius in partnering private and public partnerships to get all the PPE and ventilators and things that we need acted very quickly he does deserve a little credit and he’s been working really hard and it’s very unfair shouldn’t matter what your politics are we should all be coming together in this time of crisis.

This totally blows my mind. It’s like this person is on another planet, viewing a different president than I am.

Doing a great job? How could anyone possibly think Trump is “doing a great job?” What possible measure could one use that would reveal this to be great? We have topped 77,000 deaths now after Trump assured us it’s “going to be down to close to zero” and “it’s going to disappear. One day, it’s like a miracle, it will disappear.”

No one knew how bad the virus could be? This sounds much like what Trump said himself: “Nobody knew there would be a pandemic or epidemic of this proportion.” However, the Obama administration crafted a 69-page pandemic playbook which the Trump administration promptly ignored. Trump also ignored intelligence warnings from as far back as November 2019 that warned of an imminent pandemic. Of course, he never reads his daily intelligence briefings and gets his news from the la-la land of Fox News. Out of all the people in the world, he should have better ability than almost anyone to get answers to his questions. If he ever had any.

You’ll also note that this person believes Trump is being treated unfairly by the media. Trunp – the bully – being picked on. And saying that Trump is working hard? When Trump spends some mornings doing nothing but sending dozens of rambling tweets?

It would be laughable if it weren’t so sad, but this is what passes for reality for Trump supporters. It’s what they’re spoon-fed by Fox News.

I have gamely tried to talk to these people, walking them through their assumptions in an effort to show them where they diverge from reality. It is like talking to a brick wall. They have their source of facts and anything differing from that are lies. Finding common ground was once a worthy goal but Fox has taken these folks so far off the reservation that there is little or no common ground left.

I keep hoping that one day I hit upon the perfect plan to gently walk them out of Crazytown but I worry that there is little to be done here. What will it take for them to see that their emperor has no clothes?

Warren Myers : a little cooking humor

May 03, 2020 06:43 PM

Ready to wok and roll!

Mark Turner : Karaoke is my quarantine creative outlet

May 02, 2020 03:48 PM

After a public performance or two over our New Years trip I thought I’d take my singing more seriously. I quickly realized the huge library of karaoke songs on Spotify and that could use this and some Googled lyrics to turn a PA speaker into a karaoke machine. I’ve posted two of my songs to YouTube already (“(The Angels Wanna Wear My) Red Shoes” By Elvis Costello and “Pink Cadillac” By Bruce Springsteen) and have gotten positive feedback. It feels good to be able to try something new, share it with the world, and get feedback on it.

It’s been a good lesson on how I sing, too. I sang in chorus in middle school and sang in my church’s youth choir around that time, too. I’ve been singing along to my favorite music whenever I’m alone at home or in the car. Once my colleagues caught me singing in the server room when I thought the roar of machines was drowning me out! Rarely did I sing for an audience before.

I have learned that singing with the goal of sounding the best is new to me. I realized that many of the songs I’ve been singing along to, ones that I’ve enjoyed singing, are not necessarily songs fit for my vocal range or style. When I’ve tried to do karaoke versions of these songs I quickly realized the ways in which my voice came up short. You know what? I have learned to be fine with this. I can’t nail every song but there are still hundreds or even thousands where my voice fits just fine. My list of karaoke songs is now well into the hundreds and I can easily organize a hefty, interesting set list to cover any performances.

So, this is one way that the quarantine situation has helped my singing. If I were performing songs in front of an audience in a bar, I could sing poorly and blame it on drinking, a bad PA system, a surly audience, or any number of things. When I’ve got the ability to record my performances, and edit them, and do as many takes as needed to get something I like, the aspect of quality becomes much more important. The two I’ve posted so far certainly aren’t perfect, and I’ve tempered my perfectionist ways a bit to compromise on something that’s pretty good but still worthy to be shared with the world. I can just trust I’ll get better as I go.

It’s also been fun to hone my recording engineering skills and video editing skills, too. I’ve put lots of effort into getting the right mix when I add my vocals to the backing tracks. I’m also getting better at syncing my prerecorded audio with the video clip that I subsequently add. Good skills to have, all of them.

I hope these entertain someone. I hope to add more soon.

Mark Turner : Week 7 of Coronavirus quarantine

May 02, 2020 03:09 AM

Wednesday marked the start of our seventh week in COVID-19 coronavirus quarantine. Not much has changed in our situation, which is good. We have gotten into a bit of a routine, with Kelly and me sharing an upstairs office, the kids doing remote classroom work in their rooms in the morning, and everyone retreating to quiet areas of our home when needed. Our new dogs (did I mention we now have dogs?) have taken to this routine very well as it’s the only routine they’ve known since we brought them home from the kennel. Having them around has provided us good company.

I still go out on occasion for groceries, braving the line at Costco about every two weeks. I try to get there when it first opens to minimize contact with potentially sick people. At the start of the pandemic, I might wait outside for 30 minutes while the store metered the number of people inside at one time. By my last visit on last weekend, the wait was down to six minutes.

The routine is this: wait in a “socially distant” line outside of the store, with 6 or more feet suggested between people in line. Get to front, show card, get let in in a group of two or fewer at a time. Grab a freshly-sanitiz3ed cart, then shop as normal except for following the taped arrorws on the floor, indicating what direction traffic should flow in each aisle. When it’s time to check out, wait 6 feet behind the person in front of you (helpfully marked again with tape on the floor), then put your items on the conveyor, being careful not to mix them as the plastic dividing sticks have been removed. Stand in front of the cashier with a large plastic shield between you. Take your items to the door, where your receipt is placed on a small cart in front of the inventory checkers. Walk out of the store through the “exit” area that’s been set up and back to your car.

Costco announced this week that effective May 4th it will require everyone in the store to be wearing masks. The “freedom” crowd is up in arms about this, whining that it’s somehow an infringement of their rights. I’m not sure why a privately-owned business can’t choose to abide by expert health advice in an effort to keep its employees and customers safe has somehow turned into an infringement on someone’s rights, but there you go.

As the pandemic has worn on I’ve become increasingly pessimistic about society’s chances, particularly American society. Trump has pretty much fucked this up every which way he could. We still have little to no testing, Trump continues to agitate the “freedom” crowds in each state, and alarming but credible reports have emerged that not only is the federal government failing to assist the states, the Feds are actively thwarting them by confiscating states’ own orders of protective personal equipment (PPEs) allegedly for use by the federal government! Governors in some states have told tales of sourcing and receiving orders of N95 masks from China and Korea, just to hachve federal agents show up and seize them without explanation.

To ensure Maryland got the masks it ordered from Korea, the governor secretly reached out to South Korea (even ROK’s ambassador) and had the shipment flown directly to Baltimore-Washington Airport so that it did not cross state lines. There, it was met by a contingent of National Guardsmen and State Police to prevent it from being swiped. It is now being guarded in an undisclosed location.

Yes, that’s the insane world in which we live. State governments are using troops to prevent federal agents from stealing their supplies.

North Carolina’s efforts might not be the best (I’ve read we are down the list of effective state responses), but Governor Roy Cooper had an 84% approval rating in a recent poll conducted by the conservative John Locke Foundation. Yes, these free-market types love to bias their poll questions and still Cooper blew the lights out. Republicans here are grateful for his leadership, too. I wrote before how Cooper was the most popular politician in North Carolina and this crisis shows many people still agree.

One of my ways of releasing some stress has been to take up karaoke. It gives me a moment where I can pretend I’m someone else, standing before a crowd in some bar and belting out songs. It’s not easy to rehearse karaoke during a pandemic and not annoy my family in the process. I had to wait until the rest of the crew went for a walk before I could crank up the amplifier. Recently I moved the setup to a spare bedroom which provides more noise isolation. So far no one’s strangled me yet, which is a plus.

I’ve been enjoying discovering all of the hidden talents my friends and family have been sharing, such as baking, cooking, knitting, music, photography, gardening, and the like. Many have been skills and abilities of which I was unaware. I believe several of my friends were unaware that I can sing, so it’s been fun to have them discover that about me, too.

One thing I am not happy about, though, are all the posts on social media intent to shame people into feeling guilty that they’re not doing something great with this time, acting as if this is some big vacation or something. In all honesty, I’ve not been nearly as productive in my work as I once was, and this is not simply a factor of working from home (WFH). I’ve worked from home for many years and can often get more done at home than at work.

Only, these aren’t normal times. The world we all knew is in the midst of collapsing and giving birth to something completely new. So panic, acknowledged or unacknowledged, is a real part of our lives at the moment. I spend a huge amount of time each day scrolling through the news to make sure I don’t miss hearing of the latest ongoing disaster, I check in with my friends and family to make sure they’re alive and well, and I work to ensure my own household is safe and secure.

Do I get work done in-between all of this? Sometimes. There have been plenty of days where, once dinner is over, I’ll head for my bed, totally wiped. If I’m lucky, I might get some sleep but lately sound sleep has been a scarce commodity. Nightmares have turned into ordinarily-innocuous dreams of being in public and mistakenly hugging someone or shaking their hand. The only bright side is waking in the morning to the sound of chirping birds instead of angry drivers racing to work.

If I hear another person promoting herd immunity I will punch them in their N95 mask, too. Herd immunity means getting over 80% of the public immune to the SARS-COV-2 coronavirus. The sane way to do this is via vaccine. The insane way is to sacrifice millions of people to needless illness or death so that they become either immune or dead. Since the best case scenario for the delivery of a virus is still 18 months away, those pushing to open the states and country are essentially advocating for a widespread slaughter. This seems to be a Republican point of view, many of whom were all too happy to raise the spectre that Obamacare would implement “death panels” yet are now themselves advocating for the sacrifice of the weak. Funny how these pro-life perspectives don’t value Grandma’s life as much as the unborn, isn’t it?

Oh, I got bored the other day and kicked off a video chat with some friends, just to hang out. I soon found myself interviewing one of my friends about his new hobby. Later I realized how much fun that was to get him talking and guide the conversation. It was a reminder that I should pursue this further.

I’ve kept up the video diary since our quarantine, sometimes skipping weekend updates. Still not totally ready to share it publicly but this might happen some day.

This has become a book so I’ll close for now. I pledge to do more blogging as this is just a crazy time.

Warren Myers : calvin coolidge on watching your words

April 27, 2020 06:50 PM

Warren Myers : three keys to success, from travis chappell

April 24, 2020 06:49 PM

invest your time wiselyInvest Your Time Wisely