Warren Myers : a poor user’s guide to accelerating data models in splunk

November 18, 2020 04:39 PM

Data Models are one of the major underpinnings of Splunk’s power and flexibility.

They’re the only way to benefit from the powerful pivot command, for example.

They underlie Splunk Enterprise Security (probably the biggest “non-core” use of Splunk amongst all their customers).

Key to achieving peak performance from Splunk Data Models, though, is that they be “accelerated“.

Unfortunately (or, fortunately, if you’re administering the environment, and your users are mostly casually-experienced with Splunk), the ability to accelerate a Data Model is controlled by the extensive RBACs available in Splunk.

So what is a poor user to do if they want their Data Model to be faster (or even “complete”) when using it to power pivot tables, visualizations, etc?

This is something I’ve run into with customers who don’t want to give me higher-level permissions in their environment.

And it’s something you’re likely to run into – if you’re not a “privileged user”.

Let’s say you have a Data Model that’s looking at firewall logs (cisco ios syslog). Say you want to look at these logs going back over days or weeks, and display results in a pivot table.

If you’re in an environment like I was working in recently, where looking at even 100 hours (slightly over 4 days) worth of these events can take 6 or 8 or even 10 minutes to plow through before your pivot can start working (and, therefore, before the dashboard you’re trying to review is fully-loaded).

Oh!

One more thing.

That search that’s powering your Data Model? Sometimes (for unknown reasons (that I don’t have the time to fully ferret-out)), it will fail to return “complete” results (vs running it in Search).

So what is a poor user to do?

Here’s what I’ve done a few times.

I schedule the search to run every X often (maybe every 4 or 12 hours) via a scheduled Report.

And I have the search do an outputlookup to a CSV file.

Then in my Data Model, instead of running the “raw search”, I’ll do the following:

| inputlookup <name-of-generated-csv>

That’s it.

That’s my secret.

When your permissions won’t let you do “what you want” … pretend you’re Life in Ian Malcom‘s mind – find a way!

Mark Turner : Overnight pulse oximeter tracks sleep apnea

October 07, 2020 02:15 AM

Sleep apnea graph

At the start of the pandemic, I read a suggestion from a nurse that having a pulse oximeter would be a good idea. I’ve also had issues sleeping for some years including mild (and some not-so-mild) sleep apnea so I figured it might be good to document these. I bought a model which can be worn comfortably overnight and track the full night’s sleep, the Wellue/ViaTom SleepU P03.

The data it’s shown me is alarming. I have been having apnea events almost every night, some of these lasting long enough to dramatically drop my oxygen saturation. I’d been wondering why I’d suddenly find myself wide awake at 3 AM. Now I know it’s because I’d stopped breathing and my body struggled itself awake.

Though I’ve collected months of graphs showing a problem, I’ve not been successful demonstrating this during the VA sleep studies I’ve had done. I don’t do this every night but it happens with enough frequency that it makes it hard for me to feel rested in the morning. I’m hopeful that a future study will open the door to some treatment. A good night’s sleep is a fantastic gift.

Along my sleep apnea journey, I found the excellent OSCAR app, an open-source data visualization tool that gathers data from CPAP machines and pulse oximeters like mine.

Getting old is not for wusses.

Mark Turner : Oh, and this is sadly still true

October 07, 2020 01:51 AM

Writing for me has become harder.

Mark Turner : COVID-19 life

October 07, 2020 01:50 AM

It’s October 6th, day whatever of our home quarantine thanks to the COVID-19 novel coronavirus and President Trump’s utterly abysmal failure to confront it early on. We’ve been essentially holed up since March going out only for essential shopping, medical appointments, takeout or curbside food, and little else. My company shuttered its downtown Raleigh office in favor of an everyone-work-from-home model. I haven’t hugged my mom or dad in over seven months.

We do get out for exercise every weekend possible. Kelly and I have put a few hundred miles on our bikes riding the greenways. But I still won’t go into an office building or an enclosed space for any longer than necessary.

We’ve learned so much about COVID-19 since those early days. Poorly-ventilated spaces are the worst, particularly if they’re crowded. Outdoor activity is safest. Experts roll their eyes at the photos of people at beaches used to illustrate pandemic news stories, as those scenarios are among the safest.

Yet, here in North Carolina Governor Cooper is about to open businesses even wider than before, this in spite of cases continuing to peak here. I know Gov. Cooper’s got to balance the science with the business needs but there’s no way I’m going to spend an hour in a restaurant full of people not wearing masks, regardless of whether they’re spaced apart or not. Not gonna happen.

Japan has done an excellent job of conveying the best way to fight this pandemic. I smack my head at the U.S. Government’s incompetency to do the same.

As for me, I’ve been trying to put my energy into my day job, trying to keep my nerves steady from being around my family 24/7 for months on end, and spending other time “doomscrolling” to find out what fresh hell has been unleashed upon us. Doomscrolling is a perfect word that was coined this year to describe the feeling of helplessness many feel. And it’s an emotional toll on you, the feeling of powerlessness. I end my work day and don’t have energy for much else. I may retreat to my bed to read a book but that’s about it. Just keeping it together takes some serious effort.

While I haven’t written much here during this time (blogging is among the things I’ve just not been motivated to do), I have been keeping a near-daily video diary of what life has been like in Shelter-In-Place Land. I hope it informs my mindset when I look back on it in the future. I am still not sharing it with the public, sorry!

I spent some time yesterday sorting through photos from this year. I was amazed that our beach vacation to North Topsail Island was in July. It seemed simultaneously like yesterday and so long ago. Time has lost its meaning when you stare at the same four walls day in and day out. I looked back with fondness at our trip to the beach over New Year’s, while we were all blissfully unaware of what we would soon face.

But we will get there again. It may still be months away, or a year away, but we will get to a point where society is safe again. I try to keep focused on that light at the end of the tunnel. My spot on the couch is not the most exciting, but staying in a holding pattern is the absolute best way to come out of this safely. I suppose I can hang on.

Mark Turner : Samsung Galaxy spying defeated?

October 07, 2020 01:20 AM

As I’ve written before, I kept noticing ads pop up on Facebook and Twitter which seemed suspiciously as if they were triggered by conversations held around my phone. I got so fed up with this this summer that I briefly listed my Samsung Galaxy phone on Craigslist. And yet, something pulled me back. A friend pointed out that certain apps – even system ones – could be removed from the phone without actually rooting it. I have always been impressed with the Galaxy’s hardware; it was Samsung’s bloatware that drew my suspicion. Samsung’s locked my phone down so tightly that rooting it is out of the question. Perhaps this other method might work?

After carefully examining apps in Android’s app permissions page, paying particular attention to system apps (which usually are firmly entrenched and can’t be removed), my eyes focused on one quite innoculous one that called itself SmartThings.

I already tweeted my discovery of two separate SmartThings apps, each with wildly different permissions, but a search of the phone’s packages never turned up any of the more entrenched, system version of SmartThings.

After more Googling, I found the name of the offender, a mysterious package called com.samsung.android.beaconmanager.

I had gotten a crash course in Bluetooth beacons a few years ago when a local hacker was building an app/contest for DEFCON which relied on beacons. Marketers use Bluetooth beacons to track shoppers around stores. Even though an Android user may turn off Bluetooth on their phone, this only disables the transmitter, not the receiver. The receiver happily continues to snarf up any beacons within the phone’s range, documenting where you have been so Google can sell this to marketers (“scrubbed” of identifying information wink wink nudge nudge). A quick scan of my local Target store using a freely-available beacon scanner app showed over 1,000 Bluetooth beacons in the store. Target has embedded these beacons in their light fixtures to make their shopping app know how to guide you to what you’re looking for. That is a smart and legit way to use beacons.

SmartThings permissions

L:SmartThings user app. R:SmartThings system app.

But what about a beacon app on your phone that you can’t uninstall? That’s always on, always tracking you? What if it also had permission to your Contacts, Location, Microphone, and Phone and these could not be revoked? I could think of no good reason for this outrageous access, access that clearly goes above and beyond anything a marketing beacon app should have. I decided I’d found my spy app.

Some searches showed a method I’d never tried before: disabling an app for a user. This is different from deleting it as it simply disappears the app for the user. The app is still installed but does not run. What’s more, it can be easily restored if needed. Perfect for my needs!

I followed the instructions on the XDA-Developer forums. It uses the Android debugging interface (adb) available by enabling Developer Options on your phone and connecting it to your computer using a USB cable. Then this command will make the offending app disappear:

./adb shell pm disable-user --user 0 package_to_disable

Super-easy. I searched the web for lists of Samsung Galaxy bloatware, looking for apps which could be cleanly disabled without affecting the features I wanted to keep. Goodbye, Bixby, and goodbye com.samsung.android.beaconmanager, a.k.a the system app SmartThings.

Since I’ve done this surgery on my phone, the incidents where a spoken conversation summons an ad have greatly diminished. I don’t recall the last time I’ve seen this happen, actually. Can’t say I’ve proven definitively that beaconmanager was spying on me but it sure seems like my privacy leak has been halted. I’d call that a win.

Warren Myers : libraries should be print-on-demand centers – especially for old/unusual works

September 26, 2020 05:13 PM

Want to reinvigorate old texts and library patronage? Turn libraries into print-on-demand book “publishers” for works in the public domain and/or which aren’t under copyright in the current country and/or some kind of library version of CCLI churches use for music!

This idea came to me after reading this blog post from the Internet Archive (famous for the Wayback Machine).

Libraries have always bought publisher’s products but have traditionally offered alternative access modes to these materials, and can again. As an example let’s take newspapers. Published with scoops and urgency, yesterday is “old news,” the paper it was printed on is then only useful the next day as “fish wrap”– the paper piles up and we felt guilty about the trash. That is the framing of the publisher: old is useless, new is valuable.

…the library is in danger in our digital world. In print, one could keep what one had read. In digital that is harder technically, and publishers are specifically making it harder.

So why not enable a [modest] money-making function for your local library? With resources from places like the Internet Archive, the Gutenberg Project, Kindle free books, blog posts, and on and on – there’s a veritable cornucopia of formerly-available (or only digitally-available) material that has value, but whose availability is sadly lacking: especially for those who don’t have reliable internet access, eReaders, etc. (Or folks like me who don’t especially like reading most books (especially fiction) on a device.)

I’d wager Creative Commons could gin-up some great licenses for this!

Who’s with me‽

Warren Myers : chelsea troy – designing a course

September 24, 2020 03:56 PM

Via the rands-leadership Slack (in the #i-wrote-something channel), I found an article written on ChealseaTroy.com that was [the last?] in her series on course design.

While I found part 9 interesting, I was bummed there were no internal links to the other parts of the series (at least to previous parts (even if there may be future parts not linked in a given post)).

To rectify that for my 6 readers, and as a resource for myself, here is a table of contents for her series:
  1. What will students learn?
  2. How will the sessions go?
  3. What will we do in a session?
  4. Teaching methods for remoteness
  5. Why use group work?
  6. Dividing students into groups
  7. Planning collaborative activities
  8. Use of surveys
  9. Iterating on the course
She also has some other related, though not part of the “series”, posts I found interesting:
  1. Learning to teach a course
  2. Planning and surviving a 3-hour lecture
  3. Resources for programming instructors
  4. Syllabus design

If you notice future entries to this series (before I do), please comment below so I can add them 🤓

Warren Myers : comparing unique anagrams?

August 30, 2020 05:42 PM

How useful would determining similarity of words by their unique anagrams be? For example: “ROBERT” uniquely anagrams to “BEORT”; “BOBBY” and “BOOBY” both uniquely anagram to “BOY”.

Is there already a comparison algorithm that uses something like this?

What potentially “interesting” discoveries might be made about vocabularical choices if you analyzed text corpora with this method?

Warren Myers : splunk: match a field’s value in another field

August 28, 2020 08:14 PM

Had a Splunk use-case present itself today on needing to determine if the value of a field was found in another – specifically, it’s about deciding if a lookup table’s category name for a network endpoint is “the same” as the dest_category assigned by a Forescout CounterACT appliance.

We have “customer validated” (and we all know how reliable that kind of data can be… (the customer is always wrong) names for network endpoints.

These should be “identical” to the dest_category field assigned by CounterACT … but, as we all know, “should” is a funny word.

What I tried (that does not work) was to get like() to work:

| eval similar=if(like(A,'%B%') OR like(B,'%A%'), "yes", "no")

I tried a slew of variations around the theme of trying to get the value of the field to be in the match portion of the like().

What I ended-up doing (that does work) is this:

| eval similar=if((match(A,B) OR match(B,A)), "yes", "no")

That uses the value of the second field listed to be the regular expression clause of the match() function.

Things you should do ahead of time:

  • match case between the fields (I did upper() .. lower() would work as well)
  • remove “unnecessary” characters – in my case, I yoinked all non-word characters with this replace() eval: | eval A=upper(replace(A,"\W",""))
  • know that there are limitations to this comparison method
    • “BOB” will ‘similar’ match to “BO”, but not “B OB” (hence removing non-word characters before the match())
    • “BOB” is not ‘similar’ to “ROB” – even though, in the vernacular, both might be an acceptible shortening of “ROBERT”
  • if you need more complex ‘similar’ matching, checkout the JellyFisher add-on on Splunkbase

Thanks, also, to @trex and @The_Tick on the Splunk Usergroups Slack #search-help channel for working me towards a solution (even though what they suggested was not the direction I ended up going).

Warren Myers : vampires *can* coexist with zombies

August 22, 2020 02:01 PM

I made a mistake 4 years ago.

I said vampires and zombies couldn’t [long] coexist. Because they’d be competing for the same – dwindling – food source: the living (vs them both being undead).

But I was wrong.

If the universe in which they exist is a mash-up of that of Twilight and iZombie … it could work.

The iZombie universe has zombies that can avoid going “full Romero” by maintaining a steady supply of brains – and it’s not much they need to eat to stay “normal”.

The Twilight universe has vampires that can survive on animal blood (or, one presumes, by hitting-up blood banks).

So if you were to have “brain banks” the way you have “blood banks” – I could see it working.

Now we just need some iZombie-Twilight hybrid vambie/zompire creatures running around.

Warren Myers : how-to timechart [possibly] better than timechart in splunk

August 18, 2020 06:52 PM

I recently had cause to do an extensive trellised timechart for a dashboard at $CUSTOMER in Splunk.

They have a couple hundred locations reporting networked devices.

I needed to report on how many devices they’ve reported every day over the last 90 days (I would have liked to go back further…but retention is only 90 days on this data).

My initial instinct was to do this:

index=ndx sourcetype=srctp site=* ip=* earliest=-90d
| timechart limit=0 span=1d dc(ip) by site

Except…that takes well over an hour to run – so the job gets terminated at ~60 minutes.

What possible other approaches could be made?

🤔

Well.

Here are a few that I thought about:

  1. Use multisearch, and group 9 10d searches together.
    • I’ve done things like this before with good success. But it’s … ugly. Very, very ugly.
    • You can almost always accomplish what you want via stats, too – but it can be tricky.
  2. Pre-populate a lookup table with older data (a la option 1 above, but done “by hand”), and then just append “more recent” data onto the table in the future.
    • This would give the advantage of getting a longer history going forward
    • Ensuring “cleanliness” of the table would require some maintenance scheduled searches/reports … but it’s doable
  3. Something else … that “happens” to work like a timechart – but runs in an acceptable time frame.
  4. Try binning _time
    1. Tried – didn’t work 🤨

So what did I do?

I asked for ideas.

If you’re regularly (or irregularly) using Splunk, you should join the Splunk Usergroups Slack.

Go join it now, if you’re not on it already.

Don’t worry – this blog post will be here when you get back.

You’ve joined? Good good. Look me up – I’m @Warren Myers. And I love to help when I can 🤠.

I asked in #search-help.

And within a couple minutes, had some ideas from somebody to use the “hidden field” date_day and do a | stats dc(ip) by date_day site. Unfortunately, this data source is JSON that comes-in via the HEC.

Poo.

Lo and behold!

I can “fake” date_day by using strftime!

Specifically, here’s the eval command:

| eval date=strftime(_time,"%Y-%m-%d")

This converts from the hidden _time field (in Unix epoch format) to yyyy-mm-dd.

This is the 🔑!

What does this line do? It lets me stats-out by day and site (just like timechart does … but it runs way faster (Why? I Don’t Know. He’s on third. And I Don’t Give a Darn! (Oh! That’s our shortstop!)).

How much faster?

At least twice as fast! It takes ~2200 seconds to complete, but given that the timechart form was being nuked at 3600 seconds, and it was only about 70% done … this is better!

The final form for the search:

index=ndx sourcetype=srctp site=* ip=* earliest=-90d@ latest=-1d@
| table site ip _time
| eval date=strftime(_time,"%Y-%m-%d")
| stats dc(ip) as inventory by date site

I’ve got this in a daily-scheduled Report that I then draw-into Dashboard(s) as needed (no point in running more often, since it’s summary data that only “changes” (at most) once a day).

Hope this helps somebody – please leave a comment if it helps you!

Warren Myers : following-up to my ubi mindwalk

August 03, 2020 04:49 PM

I omitted something kinda big when I wrote my one-time UBI proposal last year.

I neglected to address welfare reform.

Welfare would have to be changed for UBI to even have a half a prayer of working.

The “easy” way to do this would be to phase-in reduced welfare benefits on a prorated-equivalent basis for the UBI payment you receive.

Surely there are many other ways to address welfare as part of the one-time universal basic income – suggest them below!

Do I have to participate?

And I missed a second point, too – this should be something you can opt-out of. Just like I wrote about Social Security lo those many moons ago.

No one should be forced to participate – though I strongly suspect most people would rather participate than not.

What about when the program starts?

A third missed point in last year’s thought experiment – a prorated one-time UBI for every citizen over 18 when the program starts. Take the average life expectancy of a USian of, say, 75 years. Subtract 18 to get 57 – there is your basis “100%” one-time payment.

There also needs to be a phase-out cap on one-time benefits at age 74 (ie, when you turn 75, you are no longer eligible to receive a payout).

Now take your age, subtract 18, and divide by 57, and subtract from 100% to get your prorated payment. Are you 27? (27-18)/57 = ~15.8%. 100%-15.8% = 84.2%.

84.2% of $100,000 is $84,200.

Same process if you’re 50: (50-18)/57 = ~56.1%. 100%-56.1% = 43.9%.

43.9% of $100,000 is $43,900.

What if you’re 80? Congratulations! You’ve outlived the average American!

Warren Myers : geroge carlin – fear of germs

July 22, 2020 02:21 AM

What we have now is a completely neurotic population obsessed with security and safety and crime and drugs and cleanliness and hygiene and germs… there’s another thing… germs.

Where did this sudden fear of germs come from in this country? Have you noticed this? The media, constantly running stories about all the latest infections – salmonella, e-coli, hanta virus, bird flu – and Americans, they panic easily so now everybody’s running around, scrubbing this and spraying that and overcooking their food and repeatedly washing their hands, trying to avoid all contact with germs. It’s ridiculous and it goes to ridiculous lengths. In prisons, before they give you a lethal injection, they swab your arm with alcohol! It’s true! Yeah! Well, they don’t want you to get an infection! And you could see their point; wouldn’t want some guy to go to hell and be sick! It would take a lot of the sportsmanship out of the whole execution. Fear of germs… why these fucking pussies! You can’t even get a decent hamburger anymore! They cook the shit out of everything now cause everybody’s afraid of food poisoning! Hey, where’s your sense of adventure? Take a fucking chance will you? You know how many people die in this country from food poisoning every year? 9000… that’s all; it’s a minor risk! Take a fucking chance… bunch of goddamn pussies! Besides, what do you think you have an immune system for? It’s for killing germs! But it needs practice… it needs germs to practice on. So listen! If you kill all the germs around you, and live a completely sterile life, then when germs do come along, you’re not gonna be prepared. And never mind ordinary germs, what are you gonna do when some super virus comes along that turns your vital organs into liquid shit? I’ll tell you what you’re gonna do… you’re gonna get sick, you’re gonna die, and you’re gonna deserve it cause you’re fucking weak and you got a fucking weak immune system!

Let me tell you a true story about immunization okay?

When I was a little boy in New York City in the 1940s, we swam in the Hudson River and it was filled with raw sewage okay? We swam in raw sewage! You know… to cool off! And at that time, the big fear was polio; thousands of kids died from polio every year but you know something? In my neighbourhood, no one ever got polio! No one! Ever! You know why? Cause we swam in raw sewage! It strengthened our immune systems! The polio never had a prayer; we were tempered in raw shit! So personally, I never take any special precautions against germs. I don’t shy away from people that sneeze and cough, I don’t wipe off the telephone, I don’t cover the toilet seat, and if I drop food on the floor, I pick it up and eat it! Yes I do. Even if I’m at a sidewalk café! In Calcutta! The poor section! On New Year’s morning during a soccer riot! And you know something? In spite of all that so-called risky behaviour, I never get infections, I don’t get them, I don’t get colds, I don’t get flu, I don’t get headaches, I don’t get upset stomach, you know why? Cause I got a good strong immune system and it gets a lot of practice. My immune system is equipped with the biological equivalent of fully automatic military assault rifles with night vision and laser scopes, and we have recently acquired phosphorous grenades, cluster bombs, and anti-personnel fragmentation mines.

So when my white blood cells are on patrol recon ordering my blood stream seeking out strangers and other undesirables, if they see any, ANY suspicious looking germs of any kind, they don’t fuck around!
They whip out their weapons; they wax the motherfucker and deposit the unlucky fellow directly into my colon! Into my colon! There’s no nonsense, there’s no Miranda warning, there’s none of that “three strikes and you’re out” shit, first defense, BAM… into the colon you go! And speaking of my colon, I want you to know I don’t automatically wash my hands every time I go to the bathroom okay? Can you deal with that? Sometimes I do, sometimes I don’t. You know when I wash my hands? When I shit on them! That’s the only time. And you know how often that happens? Tops, TOPS, 2-3 times a week tops! Maybe a little more frequently over the holidays, you know what I mean? And I’ll tell you something else my well-scrubbed friends… you don’t need to always need to shower every day, did you know that? It’s overkill, unless you work out or work outdoors, or for some reason come in intimate contact with huge amounts of filth and garbage every day, you don’t always need to shower. All you really need to do is to wash the four key areas; armpits, asshole, crotch, and teeth. Got that? Armpits, asshole, crotch, and teeth. In fact, you can save yourself a whole lot of time if you simply use the same brush on all four areas!

https://www.youtube.com/watch?v=X29lF43mUlo https://www.lingq.com/sv/lesson/george-carlin-fear-of-germs-235986

Warren Myers : apparently I do this about every 4.5 years

June 23, 2020 05:48 PM

4.5 years ago, I switched hosts (though not providers (that had happened 4.5 years prior to that)) for my “big” server.

Now I’m about to do it again.

Mark Turner : How to perform music together virtually

June 20, 2020 01:39 AM

Musicians together virtually


A retired music teacher friend, Ruth Johnsen, needed help setting up a virtual performance by her music students. Because I was eager to learn a new video editor and because it’s really impossible to say no to Ruth, I stepped up and took it on. For the past few weeks, videos from each musician has been filtering over to me and I’ve been learning all I can about stitching them together. Fortunately, the occasional karaoke videos I’ve created have given me a little insight into the best way to get this done. Here’s my recipe for successfully recording musical parts for a virtual performance.

Consistency is key. The video clips I was given all look and sound different. That’s to be expected from so many musicians and no way to use identical hardware and software. There are some aspects that can be easily standardized, such as:

Video orientation. Have everyone use either portrait or landscape mode. It will look much better. Purists insist on landscape but portrait can work, too. Whichever you choose, it’s best if everyone uses it.

Distance.
Be consistent with camera distance. If your phone or camera is too close, you will overwhelm the microphone; too far and you won’t be heard at all. You’ll also make work for the video editor as she has to scale or crop the video to make everyone look consistent.

Use the same gear. For the ultimate in quality, figure out a way that all musicians can use the same equipment. Mail or ship a common microphone or other recording gear to each musician and have them set it up the same way. Your ears will thank you.


Use a click track.
Have a track in which the conductor conducts and calls out the measures along with a metronome. This will become the foundation for all of the mixing. Also, when creating the click track the editor’s job becomes much easier if you provide an audible and visual cue of that synchronization. Ruth and her students counted to four and said “click.” A few beats later the music began. This method works well enough but since this performance is prerecorded, you should take advantage of editing! Record a 10 second long or so prelude to the music where everyone’s hands start empty. On cue from the conductor’s click track, everyone counts to four and then claps on camera! They then pick up their instruments in the remaining seconds and play their parts. Your musicians are now human clapper boards, providing a powerful sync signal for your editor to work with.

No, really, use the click track! Have the musicians wear headphones/earbuds while listening to the click track. It’s easy for the beat to get lost when you’re the only one playing. Some musicians winged it and got completely out of sync, making their hard work practically unusable.

Work around sync issues. There were cases where the videos submitted by some musicians just wouldn’t stay in sync. Many phones are different in how they record audio and video. In a few cases I had to ask some musicians if they could rerecord using a different smartphone. This seemed to help.

Post your resulting videos to a cloud storage system like Google Drive and share them with your editor.

For my video editing, I found Shotcut to be very powerful, fast, and stable. I was easily able to crop, scale, and resize each clip into one happy screen filled with musicians. Going into the details of video editing is several posts in itself so I won’t go into that here. Luckily, Shotcut has many tutorials on YouTube and elsewhere that show you how this is done. After a little while of using Shotcut, I found many of its features to be pretty intuitive.

Now, one of my first jobs was as a recording engineer. I want my videos not only to look good but to sound good, too. Video editing software may get you close to the good sound you’re seeking but if you really want to squeeze the best sound out of your editing consider using and audio editor. I use Audacity for my karaoke videos, which allows me to mix everything exactly the way I like it. Then I lip-sync to this track in my videos and mix it all together. For the best virtual performance, you’ll get the best result if you treat the audio and video as separate pieces, each to be perfected in its own right.

These tips should get you started towards some great virtual performances. If you make a video and found my tips useful, I’d love to see your work! Happy playing and editing!

Mark Turner : Bypassing the AT&T Pace 5268AC Residential Gateway, Part I

June 15, 2020 01:25 PM

Turn this into a high-tech doorstop


I’d been dreaming of getting fiber to my home for over a decade. It was that long ago that I spent my days hooking up ten-gigabit fiber connections to massive file servers at NetApp. I led a successful grassroots effort to lure Google Fiber to Raleigh, because competition can be a great way to spur innovation and investment. You can imagine in 2018 how excited I was to learn that fiber was coming to my neighborhood. While it wasn’t Google, it was AT&T. I swallowed my pride, quietly rescinded my ban of ever doing business with AT&T again, and signed up for their fastest package: symmetrical gigabit fiber. Cost was $80/month initially and thereafter $90/month. I’m sure I’m one of the few in my area who max it out. Hey, geeks gotta geek.

Why bother?

While I’m happy to use up as many AT&T bits as possible, I still don’t entirely trust the company (though I do trust them more than Time Warner Cable (TWC), a.k.a. Spectrum, and this as you know is not saying much). While providing direct access to my home network to a major telco may be a bit on the paranoid side, a number of security vulnerabilities have been discovered with other AT&T devices. Though AT&T might not be snooping around my network, I could not be entirely comfortable that hackers wouldn’t. AT&T’s RGs were discovered to have the built-in ability to do deep packet inspections (DPI) themselves, being able to snoop on the network traffic of its customers. For this and many other reasons, I just don’t trust any devices on my home network that I do not control.

I kept a firewall between TWC and my network for this reason. AT&T wants you to use their device, which they call a “Residential Gateway” or RG, as the firewall. It also acts as a WiFi point, DHCP server, and the like. This may be fine for most people, but I am an uber power user. As an engineer, I want to squeeze the maximum performance out of my networking. I will happily void the warranties on my networking gear. I didn’t spend time tuning my home firewalls for maximum throughput just to discard them when some corporate box comes along. This just won’t do, you see.

The Power User’s approach

My first approach was to switch things over to my TP-Link AC1750 access ponits, running OpenWRT. While my AC1750s could keep up with the slow (300 Mbps) speeds of cable Internet, they were balking at gigabit speeds. The hardware acceleration the AC1750s utilize require proprietary drivers which OpenWRT does not provide. It was time to list them on Craigslist and try something new.

After much research, I purchased an Ubiquiti EdgeRouter Lite 3 (ERL3). It is a fantastic unit that can easily run at gigabit wire speeds (with a small caveat of forgoing deep packet inspection). I can put the ERL behind my Internet connection and, because it is Debian Linux-based, customize it practically any way I want to. Pure heaven! Yet there is still the issue of having to front the ERL by AT&T’s RG box, the Pace 5268AC in my case.

Could I make AT&T’s RG live in harmony with my gear? Yes if safely firewalled, but performance would take a hit. The RG would be doing network address translation (NAT) and then my firewall would be doing it again. This introduces latency and the chance for errors. I use Voice over IP (VoIP) at home, which can be very sensitive to NAT issues. The RG’s wireless signal would also interfere with my home’s existing wireless signals, causing network congestion. I turned off the RG’s WiFi right away. With the RG in bridge mode you could still use your one firewall, passing packets through the RG, but the RG would still be duplicating everything I was already doing. I couldn’t wait to make it completely redundant.

The RG performs one crucial function that can be challenging to duplicate and this is 802.1 network authentication. AT&T usually delivers a residential customer’s fiber into a little box called an optical network termination (ONT). The size of a pack of cigarettes, it takes the fiber signal and converts it to Ethernet, plugging into the RG. The RG is loaded with AT&T’s cryptographic certificates and presents these to AT&T’s switches whenever the ONT link comes up, validating that the device (in this case, the RG) is authorized to connect.

802.1x authentication is usually a one-time thing. Should the ONT never lose its fiber link to the remote switch and also never lose its connection to the RG, the authentication process will not be needed again. This has provided some clever ways to bypass the RG:

  1. Connecting the RG side by side with the real firewall and using a switch to filter all but 802.1x traffic to it,
  2. Connecting the ONT to a switch and swapping out the RG for the firewall after the 802.1x authentication is done, or
  3. Putting AT&T’s certs on your own firewall and making the RG redundant.

Let’s look at each of these approaches.

Filtering all but 802.1x

This has been done by many. By using a VLAN-aware switch, the VLAN2-based 802.1x packets get sent to the RG, which does the auth and then basically gets ignored. I decided this wasn’t an approach I wanted to take since I wanted to unplug the RG completely. For those who want to take this route, there are plenty of Internet resources that step you through it.

Swapping out the RG for your firewall

This is the approach I have been using for years and it’s such a simple method that anyone could do it. Here’s how you do it:

  1. Check the label on your RG for the RG’s MAC address. A MAC address is a six-digit hexidecimal string that is a unique address for every network device.
  2. Configure your firewall or router box’s Internet port to “spoof” this MAC address. This will all depend on the type of network gear you are using, so consult your product manual or consult the search engines.
  3. Place a gigabit switch between your ONT and your RG. This “outside switch” does not have to be a fancy switch or a smart swich. A “dumb” one will do. It could simply be a typical, cheap, 5-port gigabit switch like a Netgear, etc. The important thing is that the switch be at least as fast as your Internet connection.
  4. Now, with the RG and the firewall presenting the same MAC address, plug in the RG to the outside switch and let it go through the authentication process. You’ll know it’s done when you see the green “Service 2” light go solid.
  5. Plug your firewall into an open port on the outside switch and remove the RG from the switch.

If you’ve done everything properly, your Internet connection should now be flowing through your firewall and you can set the RG aside.

NOTE: The secret here is to maintain the Ethernet link between the ONT and your outside switch. If for some reason the ONT or your outside switch loses power, the 802.1x authentication process will need to be completed again before you get your connection back. You will need to complete steps 4 & 5 again to restore your connection. For this reason, I place both my ONT and my outside switch on a uninterruptible power supply (UPS). This has been proven highly reliable, with usually only physical damage to AT&T’s cables causing a need to resync.

In part two, I’ll be covering the third way I mentioned, using AT&T’s certs on your own devices.

Mark Turner : The Evocacs Deebot Orzo 920 robot vacuum

June 07, 2020 04:16 PM

The Evocacs Deebot Orzo 920

My membership warehouse company, Costco, sells both the iRobot models but also the Ecovacs brand. I was intrigued so I brought home the Ecovacs Deebot Orzo 920. What do I have to lose, with Costco’s generous return policy protecting me? I ordered the Orzo 920 online and waited patiently for it to arrive.

The Orzo 920 is almost perfect as far as robot vacuums go, though I’m not sure why is has such a long name (how many brand names does one robot need?). A Chinese model, it nevertheless has clearly-written documentation and labels. The box contained the robot, charging dock, booklet, two HEPA filters and a tool for cleaning the brushes. Instinctively I set up the charging dock and put the robot on it, not realizing I had to flip the red switch on top to actually turn it on.

Modern robot vacuums need Internet access, so I had to go through steps to connect it to my home network. I downloaded the Evovacs app for my Android phone and set the vacuum up to advertise its WiFi signal. Connecting it to the app was simple and quick.

Once the Orzo was charged, I used the app to set it up. The Orzo uses LIDAR laser ranging to map the floors of your home. It maps your home the first time it’s run, after which you can edit the map to divide areas, mark off spots with “virtual boundaries,” and make other adjustments. Different advanced vacuums use different technologies to map rooms (iRobots use a visual camera) but in my experience the LIDAR is tough to beat. It was a treat to watch as the app filled in walls as the robot proceeded around the room. It does an amazingly accurate job figuring out where it is and what the room looks like. I could tell this was not a robot that would ever get lost on the way back to the dock.

One thing I learned right away is that the initial mapping takes longer than a normal cleaning. This may just be my experience but I wanted it to be thorough in its mapping at the expense of deep cleaning the first time. I discovered an option in the app’s settings which allows you to set the vacuum’s power on the “Quiet” setting. This uses far less battery than the normal power modes so I was able to get the vacuum to completely map my floor without having to stop and charge mid-way.

Multiple floors are supported, so once the Orzo had mapped the downstairs I moved the dock and vacuum upstairs and had the Orzo map it, too. Only two maps seem to be in the app so if your home has more than two you might be out of luck.

The cleaning process works well. I can tell a lot of thought was put into it. Once the maps are built, you can specify the order in which the “rooms” the vacuum has discovered are cleaned. The vacuum will proceed through this list in order, usually circling the boundary of the particular room one time before dutifully proceeding to vacuum it row-by-row. In open floor plan homes, the vacuum tends to obsess on these arbitrary boundaries (say, between a kitchen area and a den). So, you might have a simple open floor between your kitchen and den but because the vacuum’s virtual boundary runs through it it will get cleaned twice as often as other parts of the floor. Got it?

The virtual wall feature works well, too. I can cordon off the dogs’ food and water dishes so that the robot doesn’t bump them. I can block off a lightly-used table so that the vacuum doesn’t spend time getting stuck in-between its chairs when it’s likely not to have dust or dirt underneath it. One thing I had difficulty in doing is dividing some rooms in the map. The line used to cut rooms into smaller ones seems very sensitive to position and I basically gave up on it.

The vacuum tracks the strength of its Wifi signal and even maps the access point.

I am impressed with how the Orzo changes vacuum power when it detects a change between carpet and bare floors. Bare floors don’t need as much suction so the Orzo economizes. Nice.

I also like the dual brushes the Orzo sports – it seems to do very well scooping up dirt and objects into the path of the vacuum.

As for the mopping feature, I haven’t tried it and am in no hurry to. The thought of letting a robot spread water around my floor is a bit scary to me. My floor needs vacuuming far more often than it needs mopping, so I find its usefulness to be vacuuming not mopping. That said, in the time since I’ve had the Orzo I am more confident that it knows what it’s doing. It might be time to test this part out.

The only thing I am disappointed with is the smallish dustbin the Orzo 920 comes with. My dogs shed a lot of hair each day and the vacuum needs to be emptied daily just to keep up. If I were designing this, I would’ve used the space on the vacuum devoted to mopping and used it to accommodate a bigger dustbin. Still, if my biggest complaint with a robot vacuum is that it picks up too much dirt I suppose I can live with that!

Since all Chinese businesses are ultimately owned by the Chinese government, now do I feel about a robot vacuum building a map of my home for the People’s Liberation Army? It’s not as bad as you think. The Orzo seems to exchange date between the vacuum and the app and not store it in the could anywhere. On my home Internet router, I was easily able to block access to the outside domains it used to check in and the vacuum continued to operate. There are also open-source alternative firmwares and apps available on Github which can further isolate the vacuum and extend its functionality. I have not tried these yet but I’m happy to know they’re available.

Overall, the Evovacs DeeBot Orzo 920 is a great robot vacuum. It has a clever, easy-to-use app, does an excellent job cleaning the house, and other than needing to be emptied frequently it’s just about perfect. I give it 4.5 our of 5 stars.

Mark Turner : Robot vacuums – The Ecovacs Deebot Orzo 920 vs. Roborock S4

June 07, 2020 04:15 PM

Many years ago through a “Woot-off” clearance sale, I became the owner of a first-generation iRobot Roomba robot vacuum. It was novel advanced for its day, bouncing randomly around the room, but it frequently either got stuck somewhere or lost its way back to the charging dock, sending me on a whole-house search to find it. When the battery died I packed it away and switched to old-fashioned vacuuming.

With the recent addition of two dogs to the family vacuuming has become a priority again. To keep up without spending an hour manually pushing a vacuum around the floor, I revisited the state-of-the-art for robot vacuums. I quizzed my friends with vacuums to see what they liked about theirs. I read several web reviews and product reviews.

iRobot’s latest models seemed okay but didn’t wow me. They seemed to have a high price tag for what they offered. iRobot is no longer the only game in town, so I thought I’d look at the competition. The Evocacs Deebot Orzo 920 is sold at Costo and seemed like a good candidate, so I ordered one. I also read some great online reviews of the Roborock S4 so I ordered one of those, too. After a few weeks with each I’ve decided to post my reviews of them, starting with the Orzo 920. I’ll post the link to my Roborock review here once it’s done, too.

Mark Turner : Dogs join the family

June 07, 2020 03:37 PM

January marked a year since we said goodbye to our Black Lab, Rocket. The house has been clean but quiet since then but facing the prospect of an emptier nest this fall, Kelly and I began kicking around the idea of another dog.

In February, a friend who is a volunteer dog rescuer brought over a dog she was trying to home. While this female dog seemed okay, she was unusually focused on tracking down our porch cat and seemed to pay us little attention. It would have been nice to help our friend out by taking in this dog but that spark I expected to feel just wasn’t there with this particular dog. Our search resumed.

One of Kelly’s friends mentioned to her that there were two dogs needing a home. These dogs had been abandoned at a neighbor’s boarding service ad were part of a trio of dogs, one of which found a home with another neighborhood friend. We arranged for them to visit us so that we could decide which one we would adopt.

Our boarding service friend Laura brought the dogs, Abbot and Tobin, over March 1st and gave us their long backstory. Both are hounds who had been in the kennel for the best part of a year. One was a stray and the other was part of some kind of dog-hoarding situation. They’d been together for months.

Laura turned them loose in our backyard and we watched them race around. They would take time out to come greet us. We kept them for the weekend and got them through the initial mistakes they made learning how to become house-trained.

One thing that was evident right away was that they go together. When out walking with them if we took one dog in a different direction, the other dog would plant his feet and not move. How could we possibly separate these two dogs who were obviously thick as thieves? We decided we could only take them both.

So now we’re the owners of not just one dog but two! In fact, we are finding it hard to imagine having just one dog. While there are disadvantages to owning multiple dogs, like increased food, vet, and boarding bills, more dog hair, and other issues; the benefits outweigh the drawbacks. They entertain each other, chasing each other around the yard for hours. They each have distinct personalities and both are very sweet. It’s fun to watch them sleep with one paw resting on the other dog.

Kennel habits still show up every now and then. One dog is still quite skittish around loud noises and anxious around dogs encountered on our dog walks but even so we’ve come a long way since that March 1st day. Hopefully we can get them together soon with their long-lost, nearby brother for a doggy playdate.

We look forward to many more years with these two in our family.

Warren Myers : dorss

May 14, 2020 01:16 PM

After years of thinking about it, I finally got around to it.

I’ve rewritten my RSS feed driven website https://datente.com to run on Python from PHP.

I’m sure there is much room for improvement in the approach – and would appreciate any constructive feedback you may have. Here’s the GitHub repo: https://github.com/volcimaster/dorss.

Mark Turner : On another planet

May 10, 2020 02:13 AM

One friend on Facebook who normally stays genteel watched one of Trump’s coronavirus press conferences and then unloaded on him in a post:

Watching the daily Presidential press conference on the Corona virus. Sorry Trump fans but how pathetic can one be. So far its been me, me, me!! How great I am, how much I’ve done, previous administrations are responsible, Governor’s are totally responsible. Everyone but me is responsible!! Forget the 30,000 dead, 700,000 infected and continuing. Outrageous!! Sorry for venting on my few posts.

Most of the responses to his post were in agreement, but one of his friends responded with this:

He’s actually none of those things and he’s doing a great job he’s he is talking himself and the task force up a lot but only because this is his only chance to defend himself the media totally lies. They are blaming him for a delayed response to the handling of the virus when in fact Dr. Fauci said on Feb. 29th that there was no need to change our behavior. Dr. Birx also supported the White House response and timeline at the press conference the other day. No one has a crystal ball and no one knew how bad the virus would be our president took decisive action and he was a genius in partnering private and public partnerships to get all the PPE and ventilators and things that we need acted very quickly he does deserve a little credit and he’s been working really hard and it’s very unfair shouldn’t matter what your politics are we should all be coming together in this time of crisis.

This totally blows my mind. It’s like this person is on another planet, viewing a different president than I am.

Doing a great job? How could anyone possibly think Trump is “doing a great job?” What possible measure could one use that would reveal this to be great? We have topped 77,000 deaths now after Trump assured us it’s “going to be down to close to zero” and “it’s going to disappear. One day, it’s like a miracle, it will disappear.”

No one knew how bad the virus could be? This sounds much like what Trump said himself: “Nobody knew there would be a pandemic or epidemic of this proportion.” However, the Obama administration crafted a 69-page pandemic playbook which the Trump administration promptly ignored. Trump also ignored intelligence warnings from as far back as November 2019 that warned of an imminent pandemic. Of course, he never reads his daily intelligence briefings and gets his news from the la-la land of Fox News. Out of all the people in the world, he should have better ability than almost anyone to get answers to his questions. If he ever had any.

You’ll also note that this person believes Trump is being treated unfairly by the media. Trunp – the bully – being picked on. And saying that Trump is working hard? When Trump spends some mornings doing nothing but sending dozens of rambling tweets?

It would be laughable if it weren’t so sad, but this is what passes for reality for Trump supporters. It’s what they’re spoon-fed by Fox News.

I have gamely tried to talk to these people, walking them through their assumptions in an effort to show them where they diverge from reality. It is like talking to a brick wall. They have their source of facts and anything differing from that are lies. Finding common ground was once a worthy goal but Fox has taken these folks so far off the reservation that there is little or no common ground left.

I keep hoping that one day I hit upon the perfect plan to gently walk them out of Crazytown but I worry that there is little to be done here. What will it take for them to see that their emperor has no clothes?

Warren Myers : a little cooking humor

May 03, 2020 06:43 PM

Ready to wok and roll!

Mark Turner : Karaoke is my quarantine creative outlet

May 02, 2020 03:48 PM

After a public performance or two over our New Years trip I thought I’d take my singing more seriously. I quickly realized the huge library of karaoke songs on Spotify and that could use this and some Googled lyrics to turn a PA speaker into a karaoke machine. I’ve posted two of my songs to YouTube already (“(The Angels Wanna Wear My) Red Shoes” By Elvis Costello and “Pink Cadillac” By Bruce Springsteen) and have gotten positive feedback. It feels good to be able to try something new, share it with the world, and get feedback on it.

It’s been a good lesson on how I sing, too. I sang in chorus in middle school and sang in my church’s youth choir around that time, too. I’ve been singing along to my favorite music whenever I’m alone at home or in the car. Once my colleagues caught me singing in the server room when I thought the roar of machines was drowning me out! Rarely did I sing for an audience before.

I have learned that singing with the goal of sounding the best is new to me. I realized that many of the songs I’ve been singing along to, ones that I’ve enjoyed singing, are not necessarily songs fit for my vocal range or style. When I’ve tried to do karaoke versions of these songs I quickly realized the ways in which my voice came up short. You know what? I have learned to be fine with this. I can’t nail every song but there are still hundreds or even thousands where my voice fits just fine. My list of karaoke songs is now well into the hundreds and I can easily organize a hefty, interesting set list to cover any performances.

So, this is one way that the quarantine situation has helped my singing. If I were performing songs in front of an audience in a bar, I could sing poorly and blame it on drinking, a bad PA system, a surly audience, or any number of things. When I’ve got the ability to record my performances, and edit them, and do as many takes as needed to get something I like, the aspect of quality becomes much more important. The two I’ve posted so far certainly aren’t perfect, and I’ve tempered my perfectionist ways a bit to compromise on something that’s pretty good but still worthy to be shared with the world. I can just trust I’ll get better as I go.

It’s also been fun to hone my recording engineering skills and video editing skills, too. I’ve put lots of effort into getting the right mix when I add my vocals to the backing tracks. I’m also getting better at syncing my prerecorded audio with the video clip that I subsequently add. Good skills to have, all of them.

I hope these entertain someone. I hope to add more soon.

Mark Turner : Week 7 of Coronavirus quarantine

May 02, 2020 03:09 AM

Wednesday marked the start of our seventh week in COVID-19 coronavirus quarantine. Not much has changed in our situation, which is good. We have gotten into a bit of a routine, with Kelly and me sharing an upstairs office, the kids doing remote classroom work in their rooms in the morning, and everyone retreating to quiet areas of our home when needed. Our new dogs (did I mention we now have dogs?) have taken to this routine very well as it’s the only routine they’ve known since we brought them home from the kennel. Having them around has provided us good company.

I still go out on occasion for groceries, braving the line at Costco about every two weeks. I try to get there when it first opens to minimize contact with potentially sick people. At the start of the pandemic, I might wait outside for 30 minutes while the store metered the number of people inside at one time. By my last visit on last weekend, the wait was down to six minutes.

The routine is this: wait in a “socially distant” line outside of the store, with 6 or more feet suggested between people in line. Get to front, show card, get let in in a group of two or fewer at a time. Grab a freshly-sanitiz3ed cart, then shop as normal except for following the taped arrorws on the floor, indicating what direction traffic should flow in each aisle. When it’s time to check out, wait 6 feet behind the person in front of you (helpfully marked again with tape on the floor), then put your items on the conveyor, being careful not to mix them as the plastic dividing sticks have been removed. Stand in front of the cashier with a large plastic shield between you. Take your items to the door, where your receipt is placed on a small cart in front of the inventory checkers. Walk out of the store through the “exit” area that’s been set up and back to your car.

Costco announced this week that effective May 4th it will require everyone in the store to be wearing masks. The “freedom” crowd is up in arms about this, whining that it’s somehow an infringement of their rights. I’m not sure why a privately-owned business can’t choose to abide by expert health advice in an effort to keep its employees and customers safe has somehow turned into an infringement on someone’s rights, but there you go.

As the pandemic has worn on I’ve become increasingly pessimistic about society’s chances, particularly American society. Trump has pretty much fucked this up every which way he could. We still have little to no testing, Trump continues to agitate the “freedom” crowds in each state, and alarming but credible reports have emerged that not only is the federal government failing to assist the states, the Feds are actively thwarting them by confiscating states’ own orders of protective personal equipment (PPEs) allegedly for use by the federal government! Governors in some states have told tales of sourcing and receiving orders of N95 masks from China and Korea, just to hachve federal agents show up and seize them without explanation.

To ensure Maryland got the masks it ordered from Korea, the governor secretly reached out to South Korea (even ROK’s ambassador) and had the shipment flown directly to Baltimore-Washington Airport so that it did not cross state lines. There, it was met by a contingent of National Guardsmen and State Police to prevent it from being swiped. It is now being guarded in an undisclosed location.

Yes, that’s the insane world in which we live. State governments are using troops to prevent federal agents from stealing their supplies.

North Carolina’s efforts might not be the best (I’ve read we are down the list of effective state responses), but Governor Roy Cooper had an 84% approval rating in a recent poll conducted by the conservative John Locke Foundation. Yes, these free-market types love to bias their poll questions and still Cooper blew the lights out. Republicans here are grateful for his leadership, too. I wrote before how Cooper was the most popular politician in North Carolina and this crisis shows many people still agree.

One of my ways of releasing some stress has been to take up karaoke. It gives me a moment where I can pretend I’m someone else, standing before a crowd in some bar and belting out songs. It’s not easy to rehearse karaoke during a pandemic and not annoy my family in the process. I had to wait until the rest of the crew went for a walk before I could crank up the amplifier. Recently I moved the setup to a spare bedroom which provides more noise isolation. So far no one’s strangled me yet, which is a plus.

I’ve been enjoying discovering all of the hidden talents my friends and family have been sharing, such as baking, cooking, knitting, music, photography, gardening, and the like. Many have been skills and abilities of which I was unaware. I believe several of my friends were unaware that I can sing, so it’s been fun to have them discover that about me, too.

One thing I am not happy about, though, are all the posts on social media intent to shame people into feeling guilty that they’re not doing something great with this time, acting as if this is some big vacation or something. In all honesty, I’ve not been nearly as productive in my work as I once was, and this is not simply a factor of working from home (WFH). I’ve worked from home for many years and can often get more done at home than at work.

Only, these aren’t normal times. The world we all knew is in the midst of collapsing and giving birth to something completely new. So panic, acknowledged or unacknowledged, is a real part of our lives at the moment. I spend a huge amount of time each day scrolling through the news to make sure I don’t miss hearing of the latest ongoing disaster, I check in with my friends and family to make sure they’re alive and well, and I work to ensure my own household is safe and secure.

Do I get work done in-between all of this? Sometimes. There have been plenty of days where, once dinner is over, I’ll head for my bed, totally wiped. If I’m lucky, I might get some sleep but lately sound sleep has been a scarce commodity. Nightmares have turned into ordinarily-innocuous dreams of being in public and mistakenly hugging someone or shaking their hand. The only bright side is waking in the morning to the sound of chirping birds instead of angry drivers racing to work.

If I hear another person promoting herd immunity I will punch them in their N95 mask, too. Herd immunity means getting over 80% of the public immune to the SARS-COV-2 coronavirus. The sane way to do this is via vaccine. The insane way is to sacrifice millions of people to needless illness or death so that they become either immune or dead. Since the best case scenario for the delivery of a virus is still 18 months away, those pushing to open the states and country are essentially advocating for a widespread slaughter. This seems to be a Republican point of view, many of whom were all too happy to raise the spectre that Obamacare would implement “death panels” yet are now themselves advocating for the sacrifice of the weak. Funny how these pro-life perspectives don’t value Grandma’s life as much as the unborn, isn’t it?

Oh, I got bored the other day and kicked off a video chat with some friends, just to hang out. I soon found myself interviewing one of my friends about his new hobby. Later I realized how much fun that was to get him talking and guide the conversation. It was a reminder that I should pursue this further.

I’ve kept up the video diary since our quarantine, sometimes skipping weekend updates. Still not totally ready to share it publicly but this might happen some day.

This has become a book so I’ll close for now. I pledge to do more blogging as this is just a crazy time.

Warren Myers : calvin coolidge on watching your words

April 27, 2020 06:50 PM

Warren Myers : three keys to success, from travis chappell

April 24, 2020 06:49 PM

invest your time wiselyInvest Your Time Wisely

Warren Myers : don’t worry about the mules…

April 20, 2020 11:58 AM

Don't worry about the mules...Just load the wagon

Tarus Balog : It Was Twenty Years Ago Today …

March 30, 2020 09:03 PM

On March 30th, 2000, the OpenNMS Project was registered on Sourceforge. While the project actually started sometime in the summer of 1999, this was the first time OpenNMS code had been made public so we’ve always treated this day as the birth date of the OpenNMS project.

Wow.

OpenNMS Entry on Sourceforge

Now I wasn’t around back then. I didn’t join the project until September of 2001. When I took over the project in May of 2002 I didn’t really think I could keep it alive for twenty years.

Seriously. I wasn’t then nor am I now a Java programmer. I just had a feeling that there was something of value in OpenNMS, something worth saving, and I was willing to give it a shot. Now OpenNMS is considered indispensable at some of the world’s largest companies, and we are undergoing a period of explosive growth and change that should cement the future of OpenNMS for another twenty years.

What really kept OpenNMS alive was its community. In the beginning, when I was working from home using a slow satellite connection, OpenNMS was kept alive by people on the IRC channel, people like DJ and Mike who are still involved in the project today. A year or so later I was able to convince my business partner and good friend David to join me, and together we recruited a real Java programmer in Matt. Matt is no longer involved in the project (people leaving your project is one of the hardest things to get used to in open source) but his contributions in those early days were important. Several years after that we were joined by Ben and Jeff, who are still with us today, and through slow and steady steps the company grew alongside the project. They were followed by even more amazing people that make up the team today (I really want to name every single one of them but I’m afraid I’ll miss one and they’ll be rightfully upset).

I can’t really downplay enough my lack of responsibility for the success of OpenNMS. My only talent is getting amazing people to work with me, and then I just try to remove any obstacles that get in their way. I get some recognition as “The Mouth of OpenNMS” but most of the time I just stand on the shoulders of giants and enjoy the view.

Warren Myers : sshuttle – a simple transparent proxy vpn over ssh

March 23, 2020 05:34 PM

I found out about sshuttle from a random tweet that happened to catch my eye.

Here’s the skinny (from the readme):

  • Your client machine (or router) is Linux, FreeBSD, or MacOS.
  • You have access to a remote network via ssh.
  • You don’t necessarily have admin access on the remote network.
  • The remote network has no VPN, or only stupid/complex VPN protocols (IPsec, PPTP, etc). Or maybe you are the admin and you just got frustrated with the awful state of VPN tools.
  • You don’t want to create an ssh port forward for every single host/port on the remote network.
  • You hate openssh’s port forwarding because it’s randomly slow and/or stupid.
  • You can’t use openssh’s PermitTunnel feature because it’s disabled by default on openssh servers; plus it does TCP-over-TCP, which has terrible performance.

Here’s how I set it up on my Mac

Install homebrew:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"

Install sshuttle (as a regular user):

brew install sshuttle

Test the connection to a server you have:

sudo sshuttle -r <user>@host.tld -x host.tld 0/0 -vv

I also made sure that my target server could be connected-to via certificate for my local root user – but you can use a password if you prefer.

Check your IP address:

curl https://ipv4.cf

Once you make sure the connection works, Ctrl-C to end the session.

Then setup an alias in your shell’s .profile (for me, it’s .bash_profile):

alias vpn='sudo sshuttle -r <user>@domain.tld -x domain.tld 0/0'

Other things you can do

According to the full docs, there are a lot more things you can do with sshuttle – including running it on your router, thereby VPN’ing your whole LAN through an endpoint! You can also run it in server mode.

This is a super useful little utility!

Warren Myers : basic dockerized jitsi deployment with an apache reverse proxy on centos

March 20, 2020 09:02 PM

After a friend of mine told me he wanted to deploy Jitsi on my main webserver, and me saying “sure”, I decided I wanted to get it up and running on a new server both so I knew how to do it, and to avoid the latency issues of videoconferencing from central North America to Germany and back.

Before I go into how I got it working, let me say that the official Quick Start guide is good – but it doesn’t cover anything but itself.

Here’s the basic setup:

What To Do:

Once you have your new CentOS instance up and running (I used Vultr), here’s everything you need to install:

yum -y install epel-release && yum -y upgrade && yum -y install httpd docker docker-compose screen bind-utils certbot git haveged net-tools mod_ssl

I also installed a few other things, but that’s because I’m multi-purposing this server for Squid, and other things, too.

Enable Apache, firewalld, & Docker:

systemctl enable httpd && systemctl enable docker && systemctl enable firewalld

Now get your swap space setup:

fallocate -l 4G /swapfile && chmod 0600 /swapfile && mkswap /swapfile && swapon /swapfile

Add the following line to the bottom of your /etc/fstab:

/swapfile swap swap default 0 0

Restart your VPS:

shutdown -r now

Get your cert from Let’s Encrypt (make sure you’ve already setup appropriate CAA & A records for your domain and any subdomains you want to use):

certbot -t -n --agree-tos --keep --expand --standalone certonly --must-staple --rsa-key-size 4096 --preferred-challenges dns-01,http-01 -m <user>@<domain.tld> -d <jitsi.yourdomain.tld>

Create a root crontab entry to run certbot frequently (I do @weekly ~/renew-le.sh)

Go to the home directory of whatever user you plan to run Jitsi as:

su - <jitsi-user>

Begin the Quick Start directions:

  • git clone https://github.com/jitsi/docker-jitsi-meet && cd docker-jitsi-meet
  • mv env.example .env
  • Change the timezone in .env from Europe/Amsterdam if you want it to show up in a sane timezone (like Etc/UTC)
  • mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb}
  • docker-compose up -d

Now configure Apache for SSL. Start with this reference I posted.

But in the [sub]domain-specific conf file z-[sub]domain-tld.conf, add proxy and authentication lines (so that only people you allow to use your video conference can actually use it):

ProxyPreserveHost on
ProxyPass / http://localhost:8000/ nocanon
ProxyPassReverse / http://localhost:8000/
ProxyRequests       off
ServerAdmin warren@warrenmyers.com
AllowEncodedSlashes NoDecode
<Proxy http://localhost:8000/*>
    Order deny,allow
    Allow from all
    Authtype Basic
    Authname "Password Required"
    AuthUserFile /etc/httpd/.htpasswd
    Require valid-user
</Proxy>
RewriteEngine       on
RewriteRule        ^/meetwith/(.*)$ http://%{HTTP_HOST}/$1 [P]
ProxyPassReverseCookiePath /meetwith /

Reload your configs, and make sure they’re happy, fixing any errors that may exist:

apachectl graceful

Setup at least one user who’ll be able to access the site:

htpasswd -B -c /etc/httpd/.htpasswd <user>

You should also configure firewalld to allow only what you want (http, https, ssh):

firewall-cmd --zone=public --add-service=http && firewall-cmd --zone=public --add-service=https && firewall-cmd --zone=public --add-service=ssh

With any luck, when you now navigate to https://[sub.]domain.tld in your web browser, and enter your username and password you created with htpasswd, you’ll get the Jitsi welcome page!

Other Resources:

Mark Turner : The SARS-CoV-2 coronavirus takes over the world

March 19, 2020 02:35 AM

SARS-CoV-2


Life as we know it has changed in an astonishingly quick moment. Last week it was fairly normal when it looked like China might be able to contain the virus but then panic set in across the country. Sports leagues like the NBA, NCAA, ACC, and NHL canceled their games. Raleigh’s Saint Patrick’s Day parade was called off. Then Wake County Public Schools decided last Friday to not count absences before turning around on Saturday and closing schools. A week ago I worked my first day at home and have not been back to the office except for a brief time Saturday to retrieve the plants off my desk.

We are doing what is termed “social distancing,” where we interact with as few people as possible. The kids are at home, Kelly and I are at home and we have largely given up any trips outside of the house except for dire emergencies. It is frightening and surreal. In an instant life has changed drastically.

It has been day three of our all being at home. Our home is big enough that we can find our own corners and not disturb each other. When we’re sharing our home office, Kelly has complained about how loudly I chew gum (narrator: it’s not that loud). Spirits are high now but the realization is setting in that this will not be over any time soon. We may have to shelter in place like this for months.

The saving grace is that we are not strictly confined to our homes. At least, not yet. We can go for drives, walks, bike rides, dog walks. Whatever. We are just encouraged to maintain that six-foot distance experts suggest will keep us safe from getting the SARS-CoV-2 coronavirus that causes COVID-19.

Funny how my computer was unaware of how to spell “coronavirus” just now and flagged it.

Hallie’s been going off to run in Umstead State Park in the mornings. Travis has been in the driveway shooting baskets and occasionally going on walks. Kelly and I have been walking our newly-acquired dogs. This afternoon we went for a bike ride to Anderson Point and back, setting a Personal Record for me for our ride out. Getting some fresh air and exercise makes this different from your typical snowstorm, or hurricane, or wartime siege. The least dangerous place one can be is in the outdoors away from people. It could be worse.

I am fortunate to have an awesome home office setup. My company is well-versed in remote working, using Slack and Zoom regularly. Most of us haven’t missed a beat with the shift away from the office. There’s a feeling of all being in this together.

Even so, the infection numbers keep climbing globally, nationwide, and locally. North Carolina has reported 63 cases as of today, which is a growth of about 25% per day. Troubling reports from Italy and the Netherlands suggest perfectly healthy people are falling deathly ill to this disease, not just the elderly or those with “comorbidities.” Fox News has spent weeks downplaying the threat, calling it a Democratic hoax, and now has completely changed its tune (albeit too little, too late). Trump denied it was a threat all the way up until this week when he made a sober statement that it was true. This was not enough to keep the stock market from tanking as wealth has evaporated with every word he has spoken. The Market knows that no one is really in charge. Uncertainty abounds.

This whole situation is quite a lesson for me as I’m the kind of guy who likes to be prepared. Hurricane on the horizon? I know about it a week before my friends. Power outage? I can rig up a generator in the blink of an eye. The local nuke plant melts down? I can be on my way to a neighboring state in 10 minutes or less.

But a plague? A global pandemic? What can be done besides hiding out? It’s not like I can buy a surplus ventilator on eBay, much less choose a different planet on which to take shelter. I have to trust that someone is working on a vaccine, or building more hospital capacity, or that I won’t accidentally expose myself to someone who’s infected (and who would know as it can spread asymptomatically?).

My fate has been taken completely out of my hands. It’s not a comforting place to be.

There is much doom and gloom on the horizon. I am reading dozens of news stories a day, almost all bad news. America is several weeks away from the peak of infections. Millions will be impacted. Hospitals will soon be overwhelmed. To top it off, no one has any immunity to this virus and each victim typically infects two others (as I mentioned before, often without knowing it). Any one of us may be mere weeks away from our deaths. If this isn’t a sobering thought I don’t know what is.

This week I’ve begun doing some video blogging to help record my mindset and document the situation. I hope to share these stories with my grandkids someday when the world is far less crazy. For now I don’t plan to share them publicly.

The one bright spot I have in all of this is that our society will likely look much different when we get to the other side of it. America’s lack of health care has been laid bare, as well as the unfairness of the massive gap between the haves and the have nots. SARS-CoV-2 doesn’t care whether your Democrat or Republican, white or black, Asian or American, or anything at all. It attacks humanity. I hope that humanity comes together and fights back. It will take all of us.

Whereever you are, I hope you’re dealing with this abrupt change as best you can. Hang in there and stay positive. One day the madness will be over.

Jesse Morgan : DD Blocksize

March 07, 2020 09:33 PM

I’ve been working with Linux for 20 years, and dd has always been that dangerous tool that makes me nervous to use. While trying to burn a series of SD cards through a USB adapter, I decided to performance test various Block Size (BS) settings, and figured I’d share the results.

The following transfer rates were the result of copying the RancherOS from my local SSD to a microcenter XC 64GB SD card using a USB adapter.

Block SizeImage SizeImage NameTransfer Rate
2.0K2.1Gbuild/rancheros-raspberry-pi64.img11.1 MB/s
4.0K2.1Gbuild/rancheros-raspberry-pi64.img11.4 MB/s
8.0K2.1Gbuild/rancheros-raspberry-pi64.img11.5 MB/s
16K2.1Gbuild/rancheros-raspberry-pi64.img11.5 MB/s
32K2.1Gbuild/rancheros-raspberry-pi64.img10.3 MB/s
64K2.1Gbuild/rancheros-raspberry-pi64.img11.2 MB/s
128K2.1Gbuild/rancheros-raspberry-pi64.img10.5 MB/s
256K2.1Gbuild/rancheros-raspberry-pi64.img10.6 MB/s
512K2.1Gbuild/rancheros-raspberry-pi64.img12.0 MB/s
1.0M2.1Gbuild/rancheros-raspberry-pi64.img9.8 MB/s
2.0M2.1Gbuild/rancheros-raspberry-pi64.img11.5 MB/s
4.0M2.1Gbuild/rancheros-raspberry-pi64.img11.1 MB/s
8.0M2.1Gbuild/rancheros-raspberry-pi64.img11.0 MB/s
16M2.1Gbuild/rancheros-raspberry-pi64.img11.0 MB/s
32M2.1Gbuild/rancheros-raspberry-pi64.img11.0 MB/s
64M2.1Gbuild/rancheros-raspberry-pi64.img11.0 MB/s

As you can see, at that size with this configuration, it really doens’t matter much.

Mark Turner : A Requiem for Raleigh’s Citizens Advisory Councils – Letter to the Editor

February 12, 2020 06:18 PM

After some back and forth with the N&O editorial staff, I have trimmed my CAC op-ed into more of a long letter. Hopefully it will run in Friday’s edition.

A Requiem for Raleigh’s Citizens Advisory Councils

Amid concerns that rapid growth was distancing city leaders from the community, Raleigh launched its Citizens Advisory Councils (CACs). For 46 years, CACs were a forum where citizens and government officials could exchange information and concerns until Raleigh City Council abruptly ended this decades-long partnership in a vote that demonstrated a shocking lack of transparency and good governance.

Much has been made of the (merely advisory) role played by CACs in rezoning cases but CACs were so much more. CACs stepped in when neighbors needed help, organized school supplies drives, and provided a forum where wary neighbors met with Raleigh Police officers to build connections, and the list goes on. It didn’t matter who you were, if you were a resident your voice counted.

All other city advisory boards get their direction from the top; work must first be approved by the City Council. In this model, how do we ensure citizen concerns are adequately addressed? Who’s doing the listening and who’s doing the talking? Absent the independence of CACs, community engagement quickly devolves into a one-way conversation. The partnership is no more.

CACs had their challenges but they also represented one of the most basic forms of democracy: neighbors coming together to work things out. We will be hard-pressed to do better.

Mark Turner : Do not lose heart. We were made for these times. | Clarissa Pinkola Estés, Ph.D.

February 11, 2020 12:48 AM

The reason is this: In my uttermost bones I know something, as do you. It is that there can be no despair when you remember why you came to Earth, who you serve, and who sent you here. The good words we say and the good deeds we do are not ours: They are the words and deeds of the One who brought us here.

In that spirit, I hope you will write this on your wall: When a great ship is in harbor and moored, it is safe, there can be no doubt. But … that is not what great ships are built for.

This comes with much love and prayer that you remember Who you came from, and why you came to this beautiful, needful Earth.

Source: Do not lose heart. We were made for these times. | Clarissa Pinkola Estés, Ph.D.

Mark Turner : Writing has become harder

February 10, 2020 03:03 AM

Writing tonight’s CAC op-ed was the first several-hundred-word piece I’ve written in a while. Looking through my blog shows that I used to do this on a regular basis. Used to do it with ease.

It’s difficult to pin down what has changed. Certainly I’m older and It’s harder than it used to be to string words together. My suspected Gulf War Illness could be another factor. Still, it’s also true that the nature of online communications has changed.

Many people started their Internet experience using America Online (AOL). Nothing wrong with that, of course, but my beef with AOL was the beautiful walled garden that it provided: people would log on and think there was no world beyond AOL.

Today the same could be said about Facebook. Facebook has captured much of the attention that used to be on blogs like mine, only now it’s also walled off and shot through with conniving advertisements. It’s all built to encourage short attention spans, while blogging can be as robust as I feel like making it.

Facebook (and to a lesser extent Twitter) has worked hard to try to turn me from a producer back into a consumer again. It is an easy trap to fall into – “there are so many voices out there, what can I add with mine?”

And yet, people still visit my site. I still have many gems I’ve written here and I can tell the story of my life exactly the way I want to tell it. This is more valuable than ever.

Maybe I still have it, maybe I don’t, but there’s no doubt of the value of my words here. Let me know if you want to see more.

Mark Turner : A Requiem for Raleigh’s Citizens Advisory Councils

February 10, 2020 02:52 AM

Update 12 Feb: After some back-and-forth with the N&O editorial staff, I have trimmed my op-ed into a long letter.

I wrote and submitted this 500-word Op-Ed to the News and Observer tonight. I hope they run it. I will be forever passionate about citizen engagement (real citizen engagement) and oppose any efforts to water it down.

A Requiem for Raleigh’s Citizens Advisory Councils

In 1974, amid concerns that Raleigh’s rapid growth was distancing city leaders from the community they served, Mayor Clarence Lightner launched Raleigh’s Citizens Advisory Councils (CACs). CACs offered a forum where citizens and government officials could share information and concerns. For over 46 years, the city’s 18 CACs and their parent organization, the Raleigh Citizens Advisory Council (RCAC) was the only advisory board not appointed by City Council, a unique status that granted neighbors the freedom to discuss what was important to them and a means to provide unfiltered insight to City Council. Sadly, in a vote that demonstrated a shocking lack of transparency and good government, Raleigh’s mayor and City Council abruptly ended this decades-long partnership with nothing ready to take its place.

Much has been made of the (merely advisory) role CACs played in rezoning cases but CACs were so much more. When a neighbor lost her home and husband in a tragic fire, CAC neighbors pulled together to collect clothes and furniture. After the April 2011 tornadoes ripped through Raleigh, CAC volunteers were in the streets clearing debris and distributing water. In response to crime concerns, CACs worked with landlords to implement after-school activities for their teen residents and worked with the Raleigh Police Department to open neighborhood offices. CACs provided a neutral forum where police could meet with wary neighbors and build new connections and trust. CACs organized community events that promoted health and distributed school supplies to neighborhood kids. With CACs it didn’t matter what race you were, how wealthy you were, what your age was, or whether you rented or owned your home: if you were a resident your voice counted. You had a seat at the table.

Like any organization, CACs had their challenges. The unvarnished feedback CACs gave was not always welcome (especially to some developers, though almost all projects won CAC favor). CACs faced a continual fight for shrinking city resources and support. And, yes, CACs were known to butt heads at times but it is precisely this independence that gave CACs their strength: chairs were answerable only to their neighbors.

It is this independence that Raleigh will miss the most. Every other city advisory board is driven from the top down; its work must first be approved by the City Council. How can we ensure citizen concerns will be adequately addressed when city council alone controls the conversation? Who will be doing the listening and who will be doing the talking? Without the crucial independence enjoyed by CACs, community engagement quickly devolves into a one-way conversation. Partnership has been fatally wounded.

Raleigh’s CACs represented one of the most beautiful forms of democracy: neighbors coming together to work things out. Our city will be hard-pressed to improve on it.

Mark Turner : The Oral History of Prince’s Super Bowl XLI Halftime Show – The Ringer

February 02, 2020 02:15 PM

This is a fantastic oral history of the greatest Super Bowl Halftime show ever, the 2007 show performed by Prince, of course.

Coplin: I would be watching the monitors and trying to factor my own opinion about the show, but no matter what you see in the television truck, you have no sort of sense of what people at home are experiencing. And I remember just my phone started blowing up. Like, “OMG, this is the greatest thing I’ve ever seen.” I just had all these people, friends, colleagues, people in the business, just really losing their minds on my texts. And that’s when I knew that this thing was really maybe even better than we thought it was gonna be.

Nathan Vasher (Bears cornerback): The last two or three minutes, I peeked out of the tunnel. I didn’t want to go all the way out there, but for two or three minutes I got to witness greatness. I haven’t experienced that greatness again.

Source: The Oral History of Prince’s Super Bowl XLI Halftime Show – The Ringer

Mark Turner : Excuse me, but Oculan did a great job explaining its usefulness

January 26, 2020 05:33 PM

I was wandering through my MT.Net archives and noticed I had linked to a Triangle Business Journal story on the revival of Oculan. The story included this quote, which for some reason I just noticed was a slap in the face to me (hey it’s only been 18 years, right?):

Where Oculan stumbled, said independent analyst Richard Ptak, of Ptak, Noel & Associates in Amherst, N.H., was in the marketing.

“They had a very nice solution and a good strategy, but were never able to communicate why it was a good product,” Ptak said. “A lot of tech entrepreneurs think all they need is a better mousetrap, but nobody buys technology for the sake of technology anymore. They buy it because it’ll solve a problem.”

Well, Mr. Ptak, Oculan did a fantastic job communicating why it was a good product. Not only did it have an outstanding team of sales engineers out pitching it, the damn product sold itself. Your quote about a better mousetrap shows your ignorance.

So there.

Tarus Balog : Once Again Into the Breach – Back with Apple

January 23, 2020 05:43 PM

After almost a decade since my divorce from Apple, I find myself back with the brand, and it is all due to the stupid watch.

TL;DR: As a proponent of free software, I grouse at the “walled garden” approach Apple takes with its products, but after a long time of not using their products I find myself back in, mainly because free software missed the boat on mobile.

Back in 2011, I stopped using Apple products. This was for a variety of reasons, and for the most part I found that I could do quite well with open source alternatives.

My operating system of choice became Linux Mint. The desktop environment, Cinnamon, allowed me to get things done without getting in the way, and the Ubuntu base allowed me to easily interact with all my hardware. I got rid of my iMac and bought a workstation from System 76, and for a time things were good.

I sold my iPhone and bought an Android phone which was easier to interact with using Linux. While I didn’t have quite all of the functionality I had before, I had more than enough to do the things I needed to do.

But then I started to have issues with the privacy of my Android phone. I came across a page which displayed all of the data Google was collecting on me, which included every call, every text and every application I opened and how long I used it. Plus the stock Google phones started to ship with all of the Google Apps, many of which I didn’t use and they just took up space. While the base operating system of Android, the Android Open Source Project (AOSP), is open source, much of the software on a stock Android phone is very proprietary, with questionable motives behind gathering all of that data.

Then I started playing with different Android operating systems known as “Custom ROMs”. Since I was frequently installing the operating system on my phone I finally figured out that when Google asks “Would you like to improve your Android experience?”, and you say “yes”, that is when they start the heavy data collection. Opt-out and the phone still works, but even basic functionality such as storing your recent location searches in Google Maps goes away. Want to be able to go to a previous destination with one click? Give them all yer infos.

The Custom ROM world is a little odd. While there is nothing wrong with using software projects run by hobbyists, the level of support can be spotty at best. ROMs that at one time were heavily supported can quickly go quiet as maintainers get other interests or other handsets. For a long time I used OmniROM with a minimal install of Google Apps (with the “do not improve my Android experience” option) and it even worked with my Android Wear smartwatch from LG.

I really liked my smartwatch. It reminded me of when we started using two monitors with our desktops. Having things like notifications show up on my wrist was a lot easier to deal with than having to pull out and unlock my phone.

But all good things must come to an end. When Android Wear 2.0 came out they nerfed a lot of the functionality, requiring Android Assistant for even the most basic tasks (which of course requires the “improved” Android experience). I contacted LG and it wasn’t possible to downgrade, so I stopped wearing the watch.

Things got a little better when I discovered the CopperheadOS project. This was an effort out of Canada to create a highly secure handset based on AOSP. It was not possible (or at least very difficult) to install Google Apps on the device, so I ended up using free software from the F-Droid repository. For those times when I really needed a proprietary app I carried a second phone running stock Android. Clunky, I know, but I made it work.

Then CopperheadOS somewhat imploded. The technical lead on the project grew unhappy with the direction it was going and left in a dramatic fashion. I tried to explore other ROMs after that, but grew frustrated in that they didn’t “just work” like Copperhead did.

So I bought an iPhone X.

Apple had started to position themselves as a privacy focused company. While they still don’t encrypt information in iCloud, I use iCloud minimally so it isn’t that important to me. It didn’t take me too long to get used to iOS again, and I got an Apple Watch 3 to replace my no longer used Android Wear watch.

This was about the time the GDPR was passed in the EU, and in order to meet the disclosure requirements Apple set up a website where you could request all of the personal data they collected on you. Now I have been a modern Apple user since February of 2003 when I ordered a 12-inch Powerbook, so I expected it to be quite large.

It was 5MB, compressed.

The majority of that was a big JSON file with my health data collected from the watch. While I’m not happy that this data could be made available to third parties as it isn’t encrypted, it is a compromise I’m willing to make in order to have some health data. Now that Fitbit is owned by Google I feel way more secure with Apple holding on to it (plus I have no current plans to commit a murder).

The Apple Watch also supports contactless payments through Apple Pay. I was surprised at how addicted I became to the ease of paying for things with the watch. I was buying some medication for my dog when I noticed their unit took Apple Pay, and the vet came by and asked “Did you just Star Trek my cash register?”.

Heh.

For many months I pretty much got by with using my iPhone and Apple Watch while still using open source for everything else. Then in July of last year I was involved in a bad car accident.

In kind of an ironic twist, at the time of the accident I was back to carrying two phones. The GrapheneOS project was created by one of the founders of Copperhead and I was once again thinking of ditching my iPhone.

I spent 33 nights in the hospital, and during that time I grew very attached to my iPhone and Watch. Since I was in a C-collar it made using a laptop difficult, so I ended up interacting with the outside world via my phone. Since I slept off and on most of the day, it was nice to get alerts on my watch that I could examine with a glance and either deal with or ignore and go back to sleep.

This level of integration made me wonder how things worked now on OSX, so I started playing with a Macbook we had in the office. I liked it so much I bought an iMac, and now I’m pretty much neck deep back in the Apple ecosystem.

The first thing I discovered is that there is a ton of open source software available on OSX, and I mainly access it through the Homebrew project. For example, I recently needed the Linux “watch” command and it wasn’t available on OSX. I simply typed “brew install watch” and had it within seconds.

The next major thing that changed for me was how integrated all my devices became. I was used to my Linux desktop not interacting with my phone, or my Kodi media server being separate from my smartwatch. I didn’t realize how convenient a higher level of integration could be.

For example, for Christmas I got an Apple TV. Last night we were watching Netflix through that device and when I picked up my iPhone I noticed that I could control the playback and see information such as time elapsed and time remaining for the program. This happened automatically without the need for me to configure anything. Also, if I have to enter in text, etc. on the Apple TV, I can use the iPhone as a keyboard.

I’ve even started to get into a little bit of home automation. I bought a “smart” outlet controller that works with Homekit. Now I don’t have the “Internet of Things”, instead I have the “LAN of Things” as I block Internet access for most of my IoT-type things such as cameras. Since the Apple TV acts as a hub I can still remotely control my devices even though I can’t reach them via the Internet. All of the interaction occurs through my iCloud account, so I don’t even have to poke a hole in my firewall. I can control this device from any of my computers, my iPhone or even my watch.

It’s pretty cool.

It really sucks that the free and open source community missed the boat on mobile. The flagship mobile open source project is AOSP, and that it heavily controlled by Google. While some brave projects are producing Linux-based phones, they have a long way to go to catch up with the two main consumer options: Apple and Google. For my piece of mind I’m going with Apple.

There are a couple of things Tim Cook could do to ease my conscience about my use of Apple products. The first would be to allow us the option of having greater control of the software we install on iOS. I would like to be able to install software outside of the App Store without having to jailbreak my device. The second would be to enable encryption on all the data stored in iCloud so that it can’t be accessed by any other party than the account holder. If they are truly serious about privacy it is the logical next step. I would assume the pressure from the government will be great to prevent that, but no other company is in a better position to defy them and do it anyway.

Mark Turner : The Misfit Awesomeness of Neil Peart and Rush | The New Yorker

January 12, 2020 10:36 PM

Neil Peart, legendary Rush drummer, died on Friday from brain cancer at the age of 67. I’ve seen Rush in concert a few times and enjoyed most of their music. I especially enjoyed their “Rush: Behind the Lighted Stage” documentary.

In spite of their misfit nature ad limited radio airplay, Rush sold a ton of albums.

Here’s a great piece by the New Yorker about Neil and Rush. Rest in peace, Neil.

Neil Peart, the lyricist and virtuosic drummer of the Canadian progressive-rock band Rush, died on Tuesday, in Santa Monica, California. He was sixty-seven, and had been fighting brain cancer for several years. Rush formed in Toronto, in 1968 (Peart joined in 1974), and released nineteen studio albums, ten of which have sold more than a million copies in the U.S. According to Billboard, Rush presently ranks third, behind the Beatles and the Rolling Stones, for the most consecutive gold or platinum albums by a rock band.

Peart was wildly literate, and his earnest love of science fiction informed Rush’s singular aesthetic. Along with the singer Geddy Lee and the guitarist Alex Lifeson, he helped pioneer an audacious strain of brainy, intricate hard rock that perhaps borrowed more voraciously from Ayn Rand than the blues. Though the band’s influence was vast, something about its music seemed to speak deeply and directly to marginalized young men. Both Lee and Lifeson were the children of immigrants who had left Europe following the Second World War (Lee’s parents were Holocaust survivors; Lifeson’s fled Yugoslavia after the war), and a person gets the sense that the members of Rush had internalized a certain degree of cultural exclusion. Rather than retreating, they embraced ideas that eschewed convention.Rush was struggling commercially when, in 1976, it made “2112,” an intense, ambitious, and unrelenting record about a dystopian future. The band had spent the previous year playing small, grimy venues. (In the 2010 documentary “Rush: Beyond the Lighted Stage,” the band jokingly referred to this stretch of shows as the “Down the Tubes” tour.) No one seemed particularly energized about the next album. Rush’s manager, Ray Danniels, had to cajole Mercury Records into not dropping the band entirely.

“2112” was a Hail Mary, but rather than dutifully capitulating to the marketplace—making something more aligned, spiritually and compositionally, with, say, Steely Dan’s “The Royal Scam” or the Rolling Stones’s “Black and Blue,” two of the most beloved commercial rock records of 1976—Rush instead assumed a kind of fuck-it abandon. The band had not assembled an audience via extensive radio play or critical adulation or corporate positioning but by people tapping each other on the shoulder and saying, “Dude, check this out.” For “2112,” the band leaned further into its idiosyncrasies rather than trying to curb them.

Source: The Misfit Awesomeness of Neil Peart and Rush | The New Yorker

Mark Turner : Iran believed to have deliberately missed U.S. forces in Iraq strikes, Western sources say – Iran – Haaretz.com

January 10, 2020 03:05 AM

Called this yesterday, too. Iran was fully capable of killing many Americans here but chose not to. They may be saner than Trump.

Iran is believed to have deliberately sought to avoid U.S. military casualties in missile strikes on bases housing American troops in Iraq launched in retaliation for the U.S. killing of an Iranian general, according to U.S. and European government sources familiar with intelligence assessments.

The sources, speaking on condition of anonymity, said on Wednesday the Iranians were thought to have targeted the attacks to miss U.S. forces to prevent the crisis from escalating out of control while still sending a message of Iranian resolve. A source in Washington said overnight that early indications were of no U.S. casualties, while other U.S. officials declined comment.

Source: Iran believed to have deliberately missed U.S. forces in Iraq strikes, Western sources say – Iran – Haaretz.com

Mark Turner : Iranian Missile Accidentally Brought Down Ukrainian Jet, Officials Say – The New York Times

January 10, 2020 03:03 AM

Called this yesterday. Loss of a single engine won’t down a plane and Iranian officials declared it a mechanical problem before the fires were even out. Condolences to the victims.

WASHINGTON — An Iranian missile accidentally brought down a Ukrainian jetliner over Iran this week, killing everyone aboard, American and allied officials said on Thursday, adding a tragic coda to the escalated military conflict between Washington and Tehran.

Prime Minister Justin Trudeau of Canada said his country had intelligence that an Iranian surface-to-air missile brought down the jetliner, which was carrying 63 Canadians among its some 176 passengers and crew. Mr. Trudeau said his conclusion was based on a preliminary review of the evidence but called for a full investigation “to be convinced beyond all doubt.”

Source: Iranian Missile Accidentally Brought Down Ukrainian Jet, Officials Say – The New York Times

Mark Turner : Who are Pat and Alex and why are they texting people about their homes?

January 10, 2020 02:51 AM

Earlier this week, two separate neighbors received a curious text. A person calling themselves Pat expressed interest in buying their homes.

One from 919-373-6758 read:

“Hey there, so sorry if I have the wrong number. I am Pat and would love to contact [homeowner]. Regarding a property in [homeowner address], in order to determine if there is interest in selling. Do I have the right number?”

the other from 919-769-6879, read:

“Hey there, This is Pat, I am trying to reach out [homeowner – sic]. Regarding a property in [homeowner address], to see if selling it would be an option. You wouldn’t know the owner or would you?”

Both were sent at the same time of day, 9:33 AM, but on two separate days. They were from two different phone numbers as well. Another neighbor received a similar text on Nov 20th, I’m told. (Coincidentally, I’ve been getting and ignoring scammy calls at home from 919-769-68xx numbers for several weeks now).

Being the curious sort, I did a few Google searches for this text and came across a number of similar texts, only from different alleged people. A search of the venerable 800notes.com shows only one other similar text, this one from “Alex” from the number 832-934-9960:

“Hello, apologies if this is not a good number. This is Alex, I am looking for [homeowner]. Regarding a property in [homeowner address], in order to see if selling it would be an option. You don’t know the owner or do you?”

Obviously these are connected. How many people are getting them? How come there isn’t more information about them online? How is it that both my friends got the texts on separate days but at 9:33 AM on those days? And what’s the ultimate goal here? Is this just some bot that is out there, doing data cleanup to match phone numbers with names and addresses?

I’ll keep you posted as I learn more about this supposed scam.

Update 10 Jan:

I found another Internet hit, this thread on the City-Data website. This one’s from someone in Minnesota and dates from November 2018:

Over the past several months, I have been getting texts asking if I want to sell my house in Maricopa County. Each one has a different phone #. each message has a different message. My wife has gotten a couple as well (again, a different phone # and message each time).

Today, I got this one which is pretty typical:
Exact words:
“Hi (and my actual 1st name)! My name is Alex, I’m a local home buyer reaching out to see if you’re interested in an offer for your home on (my actual address)? Thx

I refuse to text back. But a couple of times, I called with my Google Phone # (same phone but with a hidden #) and got a vmail message asking to leave my name and address. I left out the address but gave my google, non-traceable #) and said that I wanted to sell my property”. No response….

I googled the number that came in on the text just today which is 480-531-6397. Another time from 623-295-0692 (he was “looking to buy a house in our neighborhood”). There are other phone #’s. I’m not alone with the 623 extension https://800notes.com/Phone.aspx/1-623-295-0692

Does anybody know what their scam might be? People who have called or texted back haven’t gotten a call back. Something smells fishy.

The most recent entry (again, November 2018) on that 800notes page adds a new name to the mystery, a “Tim.”

Got a text message. Says his name is Tim with Home Buyers. Wanted to see if I wanted to sell my house.
Scam?

The user “superstition480” on the City-Data thread says the outfit is “1 800 Fair Offer”:

The main company doing this, is called “1 800 Fair Offer”. They illegally robocall consumers trying to buy their houses FAR below market value. The company is owned by an arrogant guy named Sean Terry. This goof actually has videos posted on YouTube to teach his followers how to illegally robocall for more leads. I am in the process of filing a complaint with the Arizona State Attorney General’s office, and am also considering a class action suit against this company for their illegal robocalling.

I’m going to see what I can find out about “1 800 Fair Offer” and if there have been any complaints against them for illegal robocalling/texting.

Mark Turner : Facebook bans ads from The Epoch Times after huge pro-Trump buy

January 10, 2020 02:06 AM

Facebook kicked these guys off their ad platform in August 2019. Apparently that didn’t last long as I got two ads for The Epoch Times in my Facebook feed today:

Back by popular demand?


I guess Zuckerberg loves money more than morals.

Facebook has banned The Epoch Times, a conservative news outlet that spent more money on pro-Trump Facebook advertisements than any group other than the Trump campaign, from any future advertising on the platform.

The decision follows an NBC News report that The Epoch Times had shifted its spending on Facebook in the last month, seemingly in an effort to obfuscate its connection to some $2 million worth of ads that promoted the president and conspiracy theories about his political enemies.

“Over the past year we removed accounts associated with the Epoch Times for violating our ad policies, including trying to get around our review systems,” a Facebook spokesperson said. “We acted on additional accounts today and they are no longer able to advertise with us.”Facebook’s decision came as a result of a review prompted by questions from NBC News. The spokesperson explained that ads must include disclaimers that accurately represent the name of the ad’s sponsors.

Source: Facebook bans ads from The Epoch Times after huge pro-Trump buy

Mark Turner : Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

January 10, 2020 01:58 AM

This is some sneaky shit on Facebook’s part.

After pondering it for a day, I think its audience wasn’t Teen Vogue but actually Congress. Not that anyone in Congress reads Teen Vogue, but Facebook COO Sheryl Sanberg was all too happy to crow about this puff piece. I think Facebook was trying desperately to show Congress its serious about policing itself when in actuality it only cares about money.

I feel bad for Teen Vogue as the teen magazine has been running really good stories explaining cybersecurity. Of course, they also run stories telling teens about the joys of anal sex, so it’s a wash I guess. At any rate,any credibility Teen Vogue may have had is gone now. Hope the money was worth it.

Here’s the original story, captured by The Internet Archive’s magnificent Wayback Machine.

(Also, that’s the least clickbait-y headline EVER. Obviously it wasn’t meant for teens.)

An uncritical story in Teen Vogue about Facebook’s efforts to secure its social network ahead of the 2020 election caused bewilderment over contradictory messages about whether it was paid for by Facebook — before it just disappeared completely.

On Wednesday, Teen Vogue published “How Facebook Is Helping Ensure the Integrity of the 2020 Election.” It’s a 2,000-plus-word story comprising a series of interviews with various senior Facebook employees about how the Silicon Valley tech giant is working to avoid nefarious political activity in the US’s coming presidential election.

The positive tone of the piece, and lack of byline indicating who wrote it, led some on Twitter to speculate that it was a piece of sponsored content — that is, an article paid for and overseen by Facebook to promote itself.

This suspicion was seemingly confirmed when, some time after publishing, Teen Vogue appended a note to the top of the story, reading: “Editor’s note: This is sponsored editorial content.”

The note raised questions about editorial ethics — why wasn’t this disclosed from the start? — but the saga didn’t end there. Facebook instead denied that it was sponsored content, saying it was just a regular article, and the note disappeared from the top of the story again.

Source: Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

Mark Turner : bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

January 08, 2020 11:22 AM

Reverse image search is one of the most well-known and easiest digital investigative techniques, with two-click functionality of choosing “Search Google for image” in many web browsers. This method has also seen widespread use in popular culture, perhaps most notably in the MTV show Catfish, which exposes people in online relationships who use stolen photographs on their social media.

However, if you only use Google for reverse image searching, you will be disappointed more often than not. Limiting your search process to uploading a photograph in its original form to just images.google.com may give you useful results for the most obviously stolen or popular images, but for most any sophisticated research project, you need additional sites at your disposal — along with a lot of creativity.

This guide will walk through detailed strategies to use reverse image search in digital investigations, with an eye towards identifying people and locations, along with determining an image’s progeny. After detailing the core differences between the search engines, Yandex, Bing, and Google are tested on five test images showing different objects and from various regions of the world.

Source: bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

Mark Turner : How Lindsey Graham Lost His Way – Rolling Stone

January 08, 2020 12:22 AM

Lindsey Graham and Donald Trump were born nine years and one month apart. Trump came first, but when they appear side by side, as they often do these days, the men look about the same age. On November 6th, in the East Room of the White House, the president held an event to mark the record number of federal judges his administration has appointed, and Graham was there, having played a critical role in the achievement as chairman of the Senate Judiciary Committee. Trump’s staff had scheduled the event in part to shift focus from the House impeachment investigation, to remind any wobbly Republicans of the reason they’d held their noses and voted for the guy in the first place.

Over the course of his three terms representing South Carolina in the Senate, Graham had become predominantly known for two things: extreme hawkishness on foreign policy, following the lead of his close friend and mentor, the late Arizona Sen. John McCain, and a bipartisan streak that resulted in high-profile attempts to cut big deals on issues like immigration reform and climate change. A former senior staffer for a Democratic senator who has worked alongside Graham on bipartisan legislation tells me, “Like John McCain, he was a conservative Republican, but it was always worth asking where he was going to be on a particular issue, because he wasn’t completely beholden to party orthodoxy. He’d often be way out ahead of his staff, negotiating on the Senate floor unbeknownst to them, and they would be playing catch-up.

Will Folks, a conservative political blogger in South Carolina, says, “The joke here is Graham has a ‘count to six’ approach to governing: He spends the first four years of his term doing whatever he wants, veering off toward the left, and then the last two years, when the electorate is paying more attention, he comes right.

”Graham is “never flustered, and just a natural at dealing with people who don’t like him,” says David Woodard, a political-science professor at Clemson University who ran Graham’s first two campaigns for the House of Representatives and recalls the first-term congressman as quickly becoming the unofficial social director for his freshman class, though he added, “You’re going to find Lindsey knows a lot of people, but he’s not close to anybody.”

Source: How Lindsey Graham Lost His Way – Rolling Stone

Mark Turner : ‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age

January 07, 2020 11:14 PM

When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014, no one inside that federal agency could have predicted the potential scale and magnitude of the damage. Over the next six months, those hackers — later identified as working for the Chinese government — stole data on nearly 22 million former and current American civil servants, including intelligence officials.

The data breach, which included fingerprints, personnel records and security clearance background information, shook the intelligence community to its core. Among the hacked information’s other uses, Beijing had acquired a potential way to identify large numbers of undercover spies working for the U.S. government. The fallout from the hack was intense, with the CIA reportedly pulling its officers out of China. (The director of national intelligence later denied this withdrawal.)Personal data was being weaponized like never before. In one previously unreported incident, around the time of the OPM hack, senior intelligence officials realized that the Kremlin was quickly able to identify new CIA officers in the U.S. Embassy in Moscow — likely based on the differences in pay between diplomats, details on past service in “hardship” posts, speedy promotions and other digital clues, say four former intelligence officials. Those clues, they surmised, could have come from access to the OPM data, possibly shared by the Chinese, or some other way, say former officials.

The OPM hack was a watershed moment, ushering in an era when big data and other digital tools may render methods of traditional human intelligence gathering extinct, say former officials. It is part of an evolution that poses one of the most significant challenges to undercover intelligence work in at least a half century — and probably much longer.The familiar trope of Jason Bourne movies and John le Carré novels where spies open secret safes filled with false passports and interchangeable identities is already a relic, say former officials — swept away by technological changes so profound that they’re forcing the CIA to reconsider everything from how and where it recruits officers to where it trains potential agency personnel. Instead, the spread of new tools like facial recognition at border crossings and airports and widespread internet-connected surveillance cameras in major cities is wiping away in a matter of years carefully honed tradecraft that took intelligence experts decades to perfect.

Source: ‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age

Ben Reed : Remembering Haku

December 28, 2019 07:43 PM

On Monday we had to let Haku go.

I couldn’t bring myself to talk about it at the time, and with the holidays and family visiting it got busy enough to distract myself, but he was my buddy and he deserves a proper eulogy.

Haku had a rough start as a kitten. He had some kind of infection that was giving him a rash on his ears and appeared to be eating a portion of his nose. We treated it but honestly the vet was never quite sure what it was and we think it just cleared up eventually on its own.

He is named after the water spirit from Spirited Away. When we first got him, he and Saru were locked in the bathroom while we acclimated them. I had turned the sink on and he CLIMBED my leg to get up there and immediately jumped into the water.

Haku from Spirited Away

He loved to drink from the sink, but he was comically bad at it. He’d stick his head right under the stream, or let it just run over his face while he tilts his head.

Haku drinking from the sink

His favorite toy was a round scratcher that has a ball that runs around it. He had a weird little head flip he would do when he got super excited while he played and it never failed to crack me up.

He could not RESIST clothes on the bed, especially my pants. He would jump up and rub his face on my belt incessantly.

Haku on my pants Haku on my pants

He also, like most cats, could not resist a good box. But his favorite was the laundry basket.

Haku bathing in a laundry basket Haku in a box
The Haku stare, in a laundry basket

Even more than that, he loved bags. Didn’t matter if he was in it, or smashing it down and laying on it.

Haku stretched out on a crushed paper bag
Haku sitting comfortably in a paper bag Haku in a plastic bag

In the mornings when we were working at home, Haku would jump up on Cynthia’s desk and then walk over wanting to be in her lap. She would have to put a leg up across her other so he had a spot and then he'd hang out there for a while.

Haku in Cynthia's lap

Later in the day he’d cross her desk behind me and want to get on my legs, then I’d turn back to my desk and pet him on my lap. Usually he’d put his front paws up on my chest and settle while I rubbed his ears and chin.

Chin scritches at my desk Haku settles on my chest

If there was something new or confusing in the house, he did this hilarious head dip thing. He was especially weirded out by hats, even more so when I was wearing one.

He loved to stretch and roll. He’d often get himself stretched out and then roll himself violently back and forth, licking his paws in between. This was (of course) called “lick-rolling”. #NeverGonnaGiveYouUp

Haku stretched impossibly in the hallway helping us wrap presents
Haku stretched out by the screen door at our old house

As anyone who has followed me for a bit knows, he loved loved LOVED leg time. We’d sit downstairs at the TV, I’d stretch my legs out along the couch, and he’d jump up and lay on them, contorting himself into more and more ridiculous poses as he got more comfortable.

leg time more leg time
even more leg time even even *more* leg time

He had mastered the art of “puppy dog eyes”. While he was in the midst of all his emergency hospital visits, he’d have a different doctor each day. Every. single. one. talked about how beautiful he was and how striking his eyes were. He could trap you in them.

the Haku stare Haku glamor shot

He was the most graceful klutz I’d ever seen. One minute he’d slip while walking along a table. The next he’d jump right up to the fridge, up on top of the cabinets, and then across the chasm to the cabinets across the way.

We first discovered he was getting up on those cabinets when we found a paw print on the range hood. 🙀

It wasn’t all grace and beauty, though. Sometimes when he’d fall asleep, he’d close his inner lids but his eyes would stay mostly open, and his mouth would hang open, derpily. (Is derpily a word?) It always made me laugh.

Haku's inner eyelids derp

For some reason, when he was just hanging out in the hall or something, he’d pose in a standard-form cat rug-duck, but would put one arm straight out. I used to joke about it before it stopped being abstractly funny to me to make alt-right jokes. 😐


He had MASSIVE bunny feet. They were so damn cute.

I know I mentioned it on Twitter recently, but part of the bedtime routine was that after I brushed my teeth, I would head to bed and he would RUN to follow me and sniff at my minty breath and then go crazy rolling around. I recently managed to get a little bit of video of it.

There are probably tons of things I’m forgetting to add. He was an exceptionally photogenic cat, and I have about eleven billion photos of him, all either hilarious or cute, or both.

I hate that his body betrayed him even as his personality managed to hold on through changes in food, tons of pills, & way too many vet visits. But in the end there was no sign things would actually improve; it was likely some form of cancer in addition to other things.

It’s hard letting a pet go, but it’s even harder when the choice when to end it isn’t clear-cut. We had made the choice to do it a couple of times in the last few months, each one hit-wrenching. Each time, we had a new reason to hope and pulled back from the brink.

In the end, we did so much to try to get his insides settled, only to come right back to the same cycle of symptoms. After a few days dwelling on it, I still think it was the right time, but that doesn’t mean it was any easier to actually do.

All I know is, he was a wonderful kitty, and I’m going to miss him more than I can possibly say.

Goodbye, buddy.

😭

Share on Facebook

Mark Turner : A Letter From Gary Larson | TheFarSide.com | TheFarSide.com

December 18, 2019 02:22 AM

Gary Larson has finally arrived online and the promise of new The Far Side cartoons is in the air, yet I don’t know how I feel about this. I will always love The Far Side but I cringe at the thought of the new stuff not measuring up to old stuff. I also miss seeing the cartoon nestled in the comics pages of an actual newspaper. And, truth be told, Larson’s hero status fell in my eyes when he aggressively chased his cartoons off the Internet.

Twelve years after I wrote that I still feel the same way. Now that Larson wants to join the party is he still welcome? Does The Far Side belong on the Internet at all, even if it’s Larson’s own doing? Or should it ride off into the sunset along with the newspaper industry?

I kinda wish I hadn’t had to ponder this question.

Truthfully, I still have some ambivalence about officially entering the online world — I previously equated it to a rabbit hole, although “black hole” sometimes seems more apropos — but my change of heart on this has been due not only to some evolution in my own thinking, but also in two areas I’ve always cared about when it comes to this computer/Internet “stuff”: security and graphics.

Source: A Letter From Gary Larson | TheFarSide.com | TheFarSide.com