Mark Turner : N&O’s Colin Campbell writes hit piece on Crowder

July 28, 2014 10:56 AM

Well, that was predictable.

Days after Raleigh City Councilman Thomas Crowder defended against the recent attack on planning documents our city and citizenry spent millions of dollars and many years crafting, News and Observer reporter Colin Campbell writes a hit piece on Crowder’s pursuit of parking lawbreakers.

Objectivity does not appear to be Campbell’s strong suit. He needs a new beat, pronto. And shame on the News and Observer editors for condoning this tripe.

On a related note, I have been doing some research on Campbell’s reporting that is providing some interesting insights. Stay tuned.

RALEIGH — Two years ago, Raleigh City Councilman Thomas Crowder spearheaded an effort to ban front-yard parking in his district. These days, he’s filing dozens of complaints to make sure parking scofflaws are held accountable.Crowder has asked city zoning staffers via email to investigate 26 possible front-yard parking violations – many within blocks of his house – in his Southwest Raleigh district during the past year. Crowder’s complaints represent nearly 30 percent of the parking ordinance reports received in Raleigh since July 2013, according to city records.

“I have complaints regarding the above referenced property,” Crowder says in many of the emails, sometimes including a photo of the offense. “Please investigate and notify me of your findings and action taken.”

via RALEIGH: Raleigh councilman turns in neighbors under controversial parking ban | Wake County |

Mark Turner : Vladimir Putin’s circle of fear

July 27, 2014 03:48 PM

I enjoyed this account of the current state of Russia’s political opposition.

The tragedy of Malaysian Airlines Flight MH17 has brought the conflict between Russia and Ukraine back into the headlines. This crisis, and the accompanying crackdown on domestic dissent in Russia, represents a new and frightening phase in a process that began 15 years ago: Vladimir Putin’s reversal of the freedoms Russia gained after the fall of communism in 1991 and the creation of a new authoritarian Kremlin regime.

Consider it a predictive metaphor for recent events in Russia, a quarter century after the country’s awakening from communism. The neo-authoritarian Kremlin regime of Vladimir Putin is squeezing the air out of the remaining pockets of dissent, cranking up the propaganda machine to Soviet levels, and setting up the conditions for a new Iron Curtain.

The spring of 2014 featured a high-water mark for Putin’s post-Soviet restoration, with its belligerent rejection of ‘‘Western values,’’ its confrontational stance toward NATO, and its aggressive claims towards former Soviet territories. As Komsomolskaya Pravda columnist Ulyana Skoibeda rhapsodised after the mostly unchallenged Russian annexation of the Ukrainian territory of Crimea, ‘‘It’s not about the Crimea coming back to us. It’s we who have come back. Home, to the USSR.’’

via Vladimir Putin's circle of fear.

Scott Schulz : Tweet: Looks like we are about to get hammered with some…

July 27, 2014 02:22 PM

Looks like we are about to get hammered with some rain/wind #ncwx


Warren Myers : despise the free lunch – law 40 – #48laws by robert greene

July 27, 2014 12:18 PM

Law 40

What is offered for free is dangerous – it usually involves either a trick or hidden obligation. What has worth is worth paying for. By paying your own way you stay clear of gratitude, guilt, and deceit. It is also often wise to pay the full price – there is no cutting corners with excellence. Be lavish with your money and keep it circulating, for generosity is a sign and a magnet for power. –Robert Greene, The 48 Laws of Power (review)

Scott Schulz : Tweet: Um earnest, park much?

July 26, 2014 10:29 PM

Um earnest, park much?


Mark Turner : BBC News – US says evidence shows Russia fired artillery into Ukraine

July 26, 2014 12:35 PM

While the United States government has been investing billions of dollars so it can listen to Grandma’s phone calls, Russia has been busy boosting its military and invading neighboring countries.

Hey, DoD, the threat is over THERE.

The US says it has evidence that Russia has fired artillery across the border targeting Ukrainian military positions.

Russia also intends "to deliver heavier and more powerful multiple rocket launchers" to pro-Russian separatists in Ukraine, the state department said.

Russia has frequently denied sending any rocket launchers into Ukraine.

The US comment comes a week after Malaysia Airlines flight MH17 crashed in eastern Ukraine, with the rebels widely accused of shooting it down.

via BBC News – US says evidence shows Russia fired artillery into Ukraine.

Mark Turner : Copious free time? What’s that?

July 24, 2014 11:02 AM

I’ve been burning the midnight oil on both ends lately. My new job is keeping me plenty busy (and engaged) but had led to several early Sunday mornings spent doing server maintenance. On top of that, I’ve spent the last few weeks putting together the Ligon PTA newsletter when the parent who had volunteered to do it declined at the last minute. Oh, and family life has also been squeezed in there whenever possible.

Don’t worry, I’ve been saving up a few things to say since then. I’ll get to posting them when I can.

Scott Schulz : Tweet: Blog: Daily WTF from Foursquare…

July 24, 2014 12:56 AM

Blog: Daily WTF from Foursquare

Tarus Balog : ♫ It’s Hard Out Here for a (Free Software) Pimp ♫

July 23, 2014 05:09 PM

In thinking about a title for this particular screed, I almost went with “Papa’s Got a Brand New Phone” but that didn’t really encompass what I was after as much as a play on the Oscar winning “Best Original Song” by the Three 6 Posse.

When I first got involved in free software, I thought it was too good to be true. I thought “free” implied “no work” but I was confusing free (gratis) with free (libre).

Sometimes freedom takes work.

It takes effort and no small commitment to run as much free software as possible, and no where is that more evident than when it comes to choosing hardware.

I used to be a big Apple fanboy, and thus my personal technology decisions were easy: buy the newest shiny from Apple. When I decided to divorce myself from them, it took awhile to adjust to the fact that, quite frequently, the new shiny is not the best choice for a free software advocate.

But I’ve been stymied time and time again. When looking for a new laptop, I bought the latest Lenevo X1 Carbon and ended up sending it back. It was just too new to support my operating system of choice, whereas my old, second generation Dell XPS 13 “Sputnik” runs Linux Mint Debian Edition (LMDE) just fine.

So I tried a new tact.

When I was in the market for a new phone, I figured the best bet was to work backwards.

I had been using a Samsung Galaxy S3 running Cyanogenmod. However, right after I upgraded the baseband to run Kit Kat, the phone would constantly and randomly reboot. I tried everything I knew of to fix it and tried out just about every major ROM there was but it would still crash. Only by running Jelly Bean could I mitigate the issue somewhat. Then instead of bouncing every hour or so, it would only reboot once or twice a day.

Now I play a game called Ingress … a lot. It is a heavy user of the display, the CPU, the network and the GPS. While these reboots might have been acceptable to a casual user, they were killing me. While I may have somehow corrupted my S3, it was probably due to some other hardware problem, so I decided to get a new phone.

One of the pluses about putting in the time to use free software is quite frequently you learn how things work. I would never have even known about baseband versions, bootloaders, recovery, etc. if I hadn’t played with my phone. I also get a lot of options, such as which ROM to run. In all my research I decided that my philosophy matches up best with the team behind OmniROM.

OmniROM doesn’t have as many options as, say, AOKP, but they are dedicated to keeping it as open as possible and I admire that. Plus they have a pretty decent OpenDelta update application that makes staying on the latest release pretty simple.

Once I decided that I wanted to run OmniROM, I just worked backwards to pick out a phone.

Here’s where I had to make a choice about freedom.

What I loved about my S3 was that it had a replaceable battery and a microSD slot. Some days I’m a heavy user of my phone and even the best phones can’t last the day on a single charge. The microSD slot made it easy to transfer data from my phone to my computer as well as easily and cheaply expanding the available memory.

Not many phones have these two features. In fact, the only modern phones I could find were both from Samsung: the S4 and the S5.

The S5 is not supported by OmniROM, so my choice was simple: get the S4. I ordered an unlocked S4 from Amazon and got ready to enjoy the new-ish shiny.

It was not to be.

While the description on Amazon said that it was “unlocked” it turns out that Samsung has decided to block third party bootloaders, even on the S4, with an update issued last November, so it is impossible to replace their default operating system with a free one. While there are some ways to “dual boot” the phone, this was unacceptable to me, so I sent it back with the reason “item did not match web site description”. Just being carrier unlocked is not enough to merit the term “unlocked”.

In looking over the remaining options, I ended up settling on last year’s HTC One (m7). And I do mean settle: the One has no microSD slot nor does it have a replaceable battery. But these are things I can work around in the pursuit of freedom. I got a microSD to microUSB connector and an external battery pack that can keep my phone running for days. It also has a somewhat lo-rez camera at 4 megapixels, but it seems to take pictures just fine.

You do have to jump through an extra hoop in order to unlock the bootloader, but HTC made it pretty simple. You just have to log in to their developer site and post a code and they’ll send you back a file to run to unlock your particular phone. Not as easy as, say, a Nexus phone, but it isn’t too much extra work.

Now I have the latest Kit Kat running flawlessly on the phone. I’m able to remove the Google search bar, which in my case just takes up space, and I can modify the number of icons displayed per page.

It’s pretty awesome.

Is the HTC One a perfect phone, especially for playing Ingress? No – it is not perfect. But it is pretty darn good. At the Gettysburg anomaly it held up all day with zero reboots, whereas other people were reporting them with usually stable phones such as the Nexus 5. Note that if I didn’t have any other considerations I would have gotten a Nexus phone, but since I play Ingress with my spouse and she has one I wanted another brand in order to diversify the radio technology. In some places her phone gets signal where mine does not, and vice versa, and thus we can tether if needed.

I like to vote with my wallet and I buy products from companies that support freedom. I don’t understand why Samsung felt the need to lock down their devices. In part I think it is Apple-envy, but they just lost out to those of us who want to truly own their hardware. I’m not sure if it is enough to affect the bottom line, but it has soured me on Samsung products as a whole and I do buy a lot of technology.

So, remember that freedom takes work, but it’s worth it in the end.

Tarus Balog : Oh Nos! My Wireless Stopped Working!

July 23, 2014 04:15 PM

I just had something a little scary happen, so I thought I’d share it in case anyone else hits this problem.

I’m in Portland for OSCON and suddenly the wireless networking on my laptop stopped working. The wireless status showed as “off” but it wouldn’t turn on. I’m running Linux Mint Debian Edition (LMDE) and no interfaces were showing up.

Now, one thing I like about open source is I always tend to learn something when trying to solve a problem. A quick search on my phone introduced me to the “rfkill” command:

# rfkill list
0: phy0: Wireless LAN
	Soft blocked: no
	Hard blocked: yes

For some reason, the interface was “Hard blocked”. I then figured out what must have happened.

I was trying to bring up a shell to diagnose another issue. On Linux this tends to be ALT+CTL+Fx where the function key chosen is the virtual terminal you want (i.e. F1 for the first one, F2 for the second, etc.). On my normal keyboard, which is an old Apple keyboard, the function keys default to softkeys and you have to hold down the Fn key to actually trigger F1, F2, etc.

This is not the case with my laptop, so when I hit Fn+F2 it turned on “airplane mode”. This was causing the hard block.

I hit it again:

# rfkill list
0: phy0: Wireless LAN
	Soft blocked: yes
	Hard blocked: no
1: hci0: Bluetooth
	Soft blocked: no
	Hard blocked: no

And then turned off the soft block:

orcrist interfaces.d # rfkill unblock 0

And it fixed my issue:

orcrist interfaces.d # rfkill list
0: phy0: Wireless LAN
	Soft blocked: no
	Hard blocked: no
1: hci0: Bluetooth
	Soft blocked: no
	Hard blocked: no

It would have really sucked to be on the road and have some serious software issue to repair with no network access, so I was extremely relieved to figure this out.

Mark Hinkle : OSCON 2014 – Crash Course in Open Source Cloud Computing

July 20, 2014 11:16 PM

I’ll be presenting an updated version of my Crash Course on Open Source Cloud Computing presentation at OSCON 2014. I have some new material on Docker and SDN along with the latest updates on cloud software. Here’s the official excerpt:

The open source mantra is to release early and release often. That means software velocity can be difficult to keep up with. This discussion will expand on the latest open source software used to deliver and manage cloud computing infrastructure. Topics covered include virtualization (KVM, Xen Project, LXC), orchestration (OpenStack, CloudStack, Eucalyptus), and other complimentary technology.

Here’s the link to the slides on Slideshare.

Technorati Tags: , , , , ,

Scott Schulz : Tweet: Time for some more @scottsigler – Starting INFECTE…

July 20, 2014 06:28 PM

Time for some more @scottsigler – Starting INFECTED, bring it

Scott Schulz : Tweet: Pretty impressed that when I type TWC into iPhone…

July 20, 2014 12:35 AM

Pretty impressed that when I type TWC into iPhone it autocorrects to “Tax” – Couldn’t have said it better myself #TimeWarnerCable

Scott Schulz : Tweet: Really? ‘docker build’ fails if there are IPv6 nam…

July 16, 2014 11:37 PM

Really? ‘docker build’ fails if there are IPv6 nameservers in resolv.conf? What the heck…

Scott Schulz : Tweet: First annoyance with @overcastfm is the lack of la…

July 16, 2014 07:43 PM

First annoyance with @OvercastFM is the lack of last update time on the main screen when searching for podcasts by term.

David Cafaro : Hardware Hacking: Solar Panels and Battery Chargers

July 15, 2014 02:29 AM

I wanted to find a way to easily charge a couple of AA and AAA batteries from a solar panel for camping, hiking, and geo-caching.  Thought it would be nice to charge via the sun vs carrying around extra batteries charged up from the grid.  Turns out it wasn’t as easy as I had hoped, and yes, the solution involves pulling out the soldering iron, see below.

Finding a solar cell was actually pretty easy, doing some looking around I found this Anker 14W Portable Panel on Amazon:

Anker 14W Solar Panel

Cheap at about $70 and a full 14W with two USB ports.  All I needed to do was find a USB powered AA/AAA charger.

Yeah, sure, no problem…

So, after a LOT of searching turns out about the only good one I could find was the Guide 10 Plus charger by Goal Zero:

Goal Zero Guid 10 Plus Charger

One big draw back, it’s designed to work “best” with their own 7W solar panel, which costs more than the Anker for half the wattage.  They say that it will charge in 3-6 hours using their special connector to their solar panel, or 6-10 hours from a USB port.  It seems they put in a charging limiter on the USB in port (likely lower allowable current) vs the special solar port.

So what to do?  Build my own special solar cable that will allow USB to charge to the solar port on the battery charger instead of the USB port on the battery charger.  Two things to worry about, simulating the proper voltage and current on the solar port and having the right size adapter.  Taking some measurements I found that the solar port seemed to be a pretty standard 2.5mm x 0.7mm dc jack (High Speed USB 2.0 to DC 2.5mm Power Cable for Mp3 Mp4).  To handle the power issues I noticed that the box and literature stated that the solar port input specs were 6.5V at up to 1.1 to 1.3A (depending on which document of Goal Zero you read).  Standard USB is 5V at 2A (standard 2.0), so just needed to convert this to the required solar port specs.  To accomplish this I did some searching and found this:

Pololu Adjustable Boost Regulator - Converter

This boost regular can take in the 5V 2A from USB and using a small screwdriver I was able to adjust the trimmer potentiometer to a measured 6.5V ~1.1A output.  My cable looked like this after my soldering work:

Back of Converter Soldering Converter and USB Plug Front of Converter Soldering

With a little bit of electrical tape to cover up the sensitive parts I had this:

Finished Custom Cable

At this point there was only one thing left, to cross my fingers hook it up and give it a shot (oh and I did run this by an Electrical Engineering friend of mine first to make sure my plans were sound given how long it’s been since my college electrical engineering classes.  He approved and gave me an A- on the soldering job).

And it worked! Not only did it work, with the 14W panel and the regulated 5v 2A from that, I got faster more consistent charging times than the Goal Zero setup.  I know this because, shortly after buying the 14W panel and all my parts to build my own charger an incredible deal came up to buy the Goal Zero 41022 Guide 10 Plus Solar Recharging Kit
which included the 7W panel and another USB/Panel AA/AAA battery charger, plus mine came with the portable Rock Out speakers.  It was a VERY good deal or I wouldn’t have done it.  But it made for some great testing and comparison.

So happy and successful hardware hack!  And now I have two very effective portal solar powered battery charging systems.  The Anker based one for heavy lifting and fast strong charging of USB devices and batteries.  The Goal Zero for flexibility (USB, 12Volt, and Solar Port) and lightness (but slow charger).

The final Results:

Anker Solar Panel, Custom USB Cable, Goal Zero Guide 10 Charger

Warren Myers : apps on the network

July 14, 2014 12:30 PM

{This started as a Disqus reply to Eric’s post. Then I realized blog comments shouldn’t be longer than the original post :) }

The app-on-network concept is fascinating: and one I think I’ve thought about previously, too.

Hypothetically, all “social networks” should have the same connections: yet there’s dozens upon dozens (I use at least 4 – probably more, but I don’t realize it). And some folks push the same content to all of them, while others (including, generally, myself) try to target our shares and such to specific locations (perhaps driving some items to multiple places with tools like IFTTT).

Google’s mistake with Google+ was thinking they needed to “beat” Facebook: that’s not going to happen. As Paul Graham notes:

“If you want to take on a problem as big as the ones I’ve discussed, don’t make a direct frontal attack on it. Don’t say, for example, that you’re going to replace email. If you do that you raise too many expectations…Maybe it’s a bad idea to have really big ambitions initially, because the bigger your ambition, the longer it’s going to take, and the further you project into the future, the more likely you’ll get it wrong…the way to use these big ideas is not to try to identify a precise point in the future and then ask yourself how to get from here to there, like the popular image of a visionary.”

That’s where folks who get called things like The Idea Guy™ go awry: instead of asking questions, you try to come up with ideas – like these 999. And if you can’t/don’t, you think you’ve failed.

Social networks should be places where our actual social interactions can be modeled effectively. Yet they turn into popularity contests. And bitch fests. And rant centers. Since they tend towards the asymmetric end of communication, they become fire-and-forget locales, or places where we feel the incessant need to be right. All the time. (Add services like Klout and Kred, and it gets even worse.)

I would love to see a universal, portable, open network like the one Eric describes. All the applications we think run on social networks (like Farmville) don’t. They run on top of another app which runs on “the network”.

Layers on layers leads to the age-old problem of too many standards, and crazy amounts of abstraction. Peeling-back the layers of the apps atop the network could instead give us the chance to have a singular network where types of connections could be tagged (work, fun, school, family, etc, etc – the aspect of G+ that everyone likes most: “circles”). Then the app takes you to the right subset of your network.

Of course – this all leads to a massive problem: security.

If there is only One True Social Network, we all end up entrusting everything we put there to be “safe”. And while some of still follow the old internet mantra, “if you wouldn’t put it on a billboard, don’t put it on a website,” the vast majority of people – seemingly especially those raised coincident to technology’s ubiquitization – think that if they put it somewhere “safe” (like Facebook), that it should be “private”.

After all, the One True Social Network would also be a social engineer’s or identity thief’s Holy Grail - the subversive access to all  of someone’s personal information would be their nirvana.

And that, I think, is the crux of the matter: regardless of what network (or, to use Eric’s terminology, what app-atop-the-network) we use, privacy, safety, and security are all forefront problems.

Solve THAT, and you solve everything.

Or maybe you just decide privacy/security doesn’t matter, and make it all public.

Scott Schulz : Tweet: <— look at that idiot. He decides to mow th…

July 13, 2014 02:41 PM

<— look at that idiot. He decides to mow the lawn not realizing the humidity is 83%!!

Warren Myers : stir up waters to catch fish – law 39 – #48laws by robert greene

July 13, 2014 12:18 PM

Law 39

Anger and emotion are strategically counterproductive. You must always stay calm and objective. But if you can make your enemies angry while staying calm yourself, you gain a decided advantage. Put your enemies off-balance. Find the chink in their vanity through which you can rattle them and you hold the strings. –Robert Greene, The 48 Laws of Power (review)

Proverbs 14:29

He who is slow to anger has great understanding,
But he who is quick-tempered exalts folly.

Proverbs 16:32

He who is slow to anger is better than the mighty,
And he who rules his spirit, than he who captures a city.

Mark Turner : Solar has won. Even if coal were free to burn, power stations couldn’t compete | Giles Parkinson | Comment is free |

July 09, 2014 10:54 AM


Last week, for the first time in memory, the wholesale price of electricity in Queensland fell into negative territory – in the middle of the day.For several days the price, normally around $40-$50 a megawatt hour, hovered in and around zero. Prices were deflated throughout the week, largely because of the influence of one of the newest, biggest power stations in the state – rooftop solar.

“Negative pricing” moves, as they are known, are not uncommon. But they are only supposed to happen at night, when most of the population is mostly asleep, demand is down, and operators of coal fired generators are reluctant to switch off. So they pay others to pick up their output.

That’s not supposed to happen at lunchtime. Daytime prices are supposed to reflect higher demand, when people are awake, office building are in use, factories are in production. That’s when fossil fuel generators would normally be making most of their money.

via Solar has won. Even if coal were free to burn, power stations couldn't compete | Giles Parkinson | Comment is free |

Mark Turner : Segway Inventor Dean Kamen Thinks His New Stirling Engine Will Get You Off The Grid For Under $10K

July 09, 2014 10:53 AM

For the new issue of Forbes Magazine I wrote an article about David Crane, the visionary CEO of NRG Energy. When I met Crane for lunch a couple weeks ago, no sooner had we sat down than he began singing the praises of this new contraption he had in his basement. The machine — which can generate 10 kilowatts of continuous power, fed by Crane’s natural gas line — is a new iteration of an old creation, the Stirling engine. This version, called the Beacon 10, was created after a decade of engineering by famed inventor Dean Kamen.

With the Beacon 10, says Kamen, “you don’t have to feel guilty heating up the pool.” That’s because of the highly efficient nature of the Stirling engine. First conceived in 1816 by Scottish minister Robert Stirling, the device in its simplest form consists of applying an external heat source to a closed cylinder where the cyclical expansion and compression of air inside the cylinder drives the pistons up and down. Unlike your car, where fuel is combusted inside the engine, the Stirling is an external combustion engine; it can work with any external heat source.

via Segway Inventor Dean Kamen Thinks His New Stirling Engine Will Get You Off The Grid For Under $10K.

Magnus Hedemark : John Willis at Triangle DevOps, Hosted by Bronto

July 08, 2014 05:39 PM

Magnus Hedemark:

My latest contribution to the Bronto Engineering Blog is about a talk that John Willis delivered to Triangle DevOps on Software Defined Networking.

Originally posted on Engineering @ Bronto:

Here at Bronto, we’re very proud to support the local community in many ways. One of the facets of that spirit of community support is in hosting a number of meetup groups. One of the meetup groups that we’ve been hosting for over a year now is Triangle DevOps. We love this group so much that two members of our engineering team, Doug Hairfield and myself, actively help to keep the group running smoothly along with Mark Mzyk of Chef, Mark Imbriaco of Digital Ocean, and Nathan Walls of WebAssign. We often host the group’s meetings in our Thunderdome, which has a maximum capacity of 200 people.

Back in May, before this Engineering Blog was live, we were very proud to host John Willis who is the VP of Customer Enablement at Stateless Networks. John is an early adopter of DevOps, and has…

View original 461 more words

Jesse Morgan : muahahah

July 07, 2014 10:02 PM

Lets see if this cuts down on the random spam.

Mark Turner : 10 Words Every Girl Should Learn | Soraya Chemaly

July 06, 2014 01:37 AM

A friend posted this article on Facebook, generally agreeing with it. I, on the other hand, could only smirk at its premise that goes along the lines of “when women get interrupted by men it’s men being sexist.”

Baloney. The author says “ask any woman” if they’ve ever been interrupted. Well, no shit, they probably have. Men get interrupted all the damn time, too. Did she question if this was sexist?

It always irks me when someone wails about being oppressed: “they took my power away” and the like. No one can take you power away unless you let them. The key is to claim your power.

I think the author has a self-confidence issue that get overlaid onto a gender gap issue. If someone is interrupting her then perhaps she needs to learn to be more assertive instead of blaming someone else. Or she could simply be drawn to dumbshit men who like interrupting people, in which case she should ask herself why she likes to hang out with them. Either way, whining will get her nowhere.

And, oh, I say this as a father raising a fiercely self-confident daughter in complete control of her destiny who could kick anyone’s ass at anything she chooses.

I routinely find myself in mixed-gender environments life where men interrupt me. Now that I’ve decided to try and keep track, just out of curiosity, it’s quite amazing how often it happens. It’s particularly pronounced when other men are around.This irksome reality goes along with another — men who make no eye contact. For example, a waiter who only directs information and questions to men at a table, or the man last week who simply pretended I wasn’t part of a circle of five people I was the only woman. We’d never met before and barely exchanged 10 words, so it couldn’t have been my not-so-shrinking-violet opinions.

These two ways of establishing dominance in conversation, frequently based on gender, go hand-in-hand with this last one: A woman, speaking clearly and out loud, can say something that no one appears to hear, only to have a man repeat it minutes, maybe seconds later, to accolades and group discussion.

via 10 Words Every Girl Should Learn | Soraya Chemaly.

Scott Schulz : Tweet: Sad that when you filter out the ads & trackin…

July 04, 2014 10:13 PM

Sad that when you filter out the ads & tracking pieces of the @Target website, links and search no longer work. Okay, @amazon it is.

Scott Schulz : Tweet: July 4th cook out, or at least my part. #july4th -…

July 04, 2014 09:53 PM

July 4th cook out, or at least my part.


Scott Schulz : Tweet: Woohoo! Now that USMNT is out and I put lederhose…

July 04, 2014 05:56 PM

Woohoo! Now that USMNT is out and I put lederhosen back on, way to go #GER !! 1-0 vs France

Scott Schulz : Tweet: NC-JH-23 received 1.35 inches of rainfall, but it…

July 04, 2014 11:34 AM

NC-JH-23 received 1.35 inches of rainfall, but it sounds like OBX got hammered with water from Arthur #ncwx

Mark Turner : Feds raid CIA-connected air charter in Fort Lauderdale | MadCow Morning News

July 04, 2014 01:58 AM

I spent a little time learning from the Internet how to track planes, just ’cause I’m one of those meddling kids. I turned up an interesting report on a Miami-based drug investigation last year which has some ties (albeit tenuous) to a CIA “rogue operation.” The affidavit provided by the DEA agent in charge of the investigation reads like a “Breaking Bad” script.

Don’t know if I subscribe to every conclusion on the site but it makes for interesting reading.

They combed through the trash. They searched dozens of planes. And while TV cameras from all the Miami TV network affiliates looked on, they loaded box after box filled with aviation records into government SUV’s parked in plain sight on the tarmac in front of the office.

But today— more than two weeks after more than 100 Federal agents from the FBI, the Drug Enforcement Administration and Homeland Security descended on the headquarters of the infamous and notorious World Jet Inc. at the Fort Lauderdale Executive Airport—if you want to know why they were there or what they were looking for, you’re two weeks too late.

That’s because the detailed 35-page affidavit supporting the request for a search warrant of Don and Bill Whittington’s air charter company filed at the United States District Court in Grand Junction Colorado has been sealed.

But not, thankfully, before it was discovered and leaked onto the Internet in an exclusive story by reporter Joe Hamel from The Durango Herald in Durango Colorado.

via Feds raid CIA-connected air charter in Fort Lauderdale | MadCow Morning News.

Mark Turner : CIA rendition jet was waiting in Europe to SNATCH SNOWDEN • The Register

July 04, 2014 01:55 AM

When this story broke last month that the Feds had dispatched an extradition plane to fetch Edward Snowden, I followed it with interest. I have just begun tinkering with plane tracking through their ADS-B transponders.

There are plenty of aircraft who would prefer not to broadcast their position. These include, among others, the rendition/extradition planes used by our government. Rather than use the position-broadcasting ADS-B transmitters, these aircraft use Mode-S transponders which don’t include position.

Usually these planes can only be tracked by radar, however some enterprising folks have figured out the technology needed to triangulate these planes positions, using multiple ground-based receivers. Called multilateration, hobbyists using tools like PlanePlotter can combine their receiver data to plot the position of a mystery plane. This technique has been used by activists to “out” the black ops aircraft which would normally fly below the radar (well, technically above the radar above 45,000 feet). The same technique was used to get the approximate position of Malaysian Airlines Flight 370.

You can read how PlanePlotter uses multilateration here. I find it fascinating and would like figure out how to participate.

On the evening of 24 June 2013, as Snowden arrived in Moscow from Hong Kong intending to fly on to Cuba, an unmarked Gulfstream V business jet – tail number N977GA – took off from a quiet commercial airport 30 miles from Washington DC. Manassas Regional Airport discreetly offers its clients "the personal accommodations and amenities you can’t find at commercial airports"

.Early next morning, N977GA was detected heading east over Scotland at the unusually high altitude of 45,000 feet. It had not filed a flight plan, and was flying above the level at which air traffic control reporting is mandatory."The plane showed up on our system at 5:20 on 25 June," according to our source, a member of an internet aircraft-tracking network run by enthusiasts in the UK. "We knew the reputation of this aircraft and what it had done in the past."


via CIA rendition jet was waiting in Europe to SNATCH SNOWDEN • The Register.

Scott Schulz : Tweet: Here come That Dude Albert #ncwx…

July 03, 2014 05:59 PM

Here come That Dude Albert #ncwx


Scott Schulz : Tweet: Now these are bad to the bone!! #k9 #tombaker #Do…

July 02, 2014 06:35 PM

Now these are bad to the bone!! #k9 #tombaker #DoctorWho


Jesse Morgan : The Case of the Truncated Syslog Program Field

July 02, 2014 05:31 PM

The Problem

Data was going in to my logging server and getting mangled somewhere along the line. To complicate matters,  only the windows hosts were affected, and even then it was sporadic. The truncated data was in the middle of the string, which left me to believe logstash was trying (and failing) to parse it.

To fully grasp my setup, perhaps a diagram is in order:


My wonderful pocket logserver

The flow went something like this:

NXLog -> Rsyslog -> Logstash -> Redis -> Logstash -> Elasticsearch -> Kibana

When manifested, this was spit out of rsyslog into a temp logfile:

Jul 2 10:40:25 Microsoft-Windows-TerminalServices-RemoteConnectionManager[2272]: Remote Desktop Services: User authentication succeeded: User: jesse.morgan Domain: derp Source Network Address:

And this is what ended up in rediss (note the missing bold):

Jul 2 10:40:25 Microsoft-Windows-TerminalServic Remote Desktop Services: User authentication succeeded: User: jesse.morgan Domain: derp Source Network Address:

For some reason, the middle of the line was missing!

The Culprit

With the help up my trusty sounding board Will, “Logstash guru” thegreenrobot, and nxlog dev b0ti, I was able to figure out the root cause- the problem wasn’t with Logstash at all, it was broken when rsyslog handed it to logstash. Complicating matters was when rsyslog was munging it- when it wrote the entries to a temp file, they were fine, but when it passed them to logstash, it truncated them on the way out the door.


Why? Because they’re invalid in the first place!


NXLog (the logging forwarder on windows) was collecting eventlog data and shipping it out with the full program names despite it being too long. That’s right- Section 4.1.3 of RTF3164 states:

This has traditionally been a freeform message that
gives some detailed information of the event.  The TAG is a string of
ABNF alphanumeric characters that MUST NOT exceed 32 characters.

While you could (and I still do) consider this a bug in nxlog, b0ti pointed out that fixing this bug could potentially break many stable implementations to fix an edge case. While I don’t fault B0ti for not fixing it, I still needed to work around it.

The Fix

We need to shrink down that program name to 32 characters or less before it leaves nxlog… but there’s a catch.

It’s not *just* the program name, but the PID as well that gets truncated. So we have to adjust accordingly. The msdn documentation says the PID is a DWORD, which turns out to be an unsigned 32-bit integer, which can potentially be 10 characters.  Add on another two for brackets and one for a colon and you’re already losing potentially 13 characters of the 32 characters allowed.

To help stretch our remaining 19 characters, lets see what we can axe. Most of the Microsoft processes either begin with “Microsoft_” or “Microsoft-Windows-”, which we honestly don’t need on the program name.  By removing those, we get down to the nitty gritty of the actual program name.

Since it may STILL be too long (I’m looking at you Microsoft-Windows-TerminalServices-RemoteConnectionManager[2272]:), we need to strip those off the front, THEN take the 19 character substring of what remains. The result is an eventlog input in nxlog that looks something like this:


<Input eventlog>
 Module im_msvistalog
 Exec if ($Channel == 'Security') drop(); \
 if ($SourceName =~ /^Microsoft[-_]/) $SourceName = substr($SourceName, 10);\
 if ($SourceName =~ /^Windows[-_]/) $SourceName = substr($SourceName, 8);\
 $SourceName = substr($SourceName,0, 19);


And with that, rsyslog no longer truncates, logstash can parse the string, and all is right with the world (as far as I can tell.) A big thanks to everyone who’s helped me troubleshoot this issue.



If you found this useful, please let me know in the comments.




Eric Christensen : Wanted: A small crew for working on security bugs in Fedora

July 02, 2014 03:07 PM

Do you hate security vulnerabilities?

Do you want to help make Fedora more secure?

Do you have a little extra time in your week to do a little work (no coding required)?

If you answered yes to the questions above I want you for a beta test of an idea I have to help make Fedora more secure.  I’m looking for just a few people (maybe five) to sort through security bugs and work with upstream and packagers to get patches or new releases into Fedora and help make everyone’s computing experience a little safer.  If you’re interested please contact me ( 0x024BB3D1) and let me know you’re interested.

Mark Turner : Downtown summit? First things first

July 02, 2014 01:21 PM

The News and Observer wrote an editorial about the need for a downtown summit. I’ve been pondering it for a while and have a few comments.

Revitalization has been a success, to be sure. But with that success comes challenges the city now must address. Yes, the City Council is doing so in working on a “downtown plan,” but a broader effort is needed, because the boom has brought up some issues.

Therefore, council members can lead the way in calling for a downtown summit of sorts, bringing in not just the dedicated advocates from places like the Downtown Raleigh Alliance, but residents from North, South, East and West Raleigh, people who perhaps, even now, don’t come downtown all that much. Even with all the hoopla, it’s still not uncommon to meet North Raleighites who have never been downtown, period.

Actually, some people will never visit downtown and it doesn’t matter what you try to do to change this. There are suburbanites who don’t “get” downtown and likely won’t ever. And you know what? That’s okay. Raleigh is a big city now and offers something for everyone – for downtown fans and others. You can get by just fine if you never go downtown.

The challenges include: an increasing problem with what to do about trash pickups in the downtown area to ease the frequent sight, particularly on weekends, of big blue barrels on sidewalks or on the street. Perhaps it’s a matter of pickup times, or zoning rules to force new property owners to provide space to store trash. This much is certain: With more people actually living downtown, the city can’t be sending trucks out in the wee hours anymore.

This is the most perplexing issue the N&O raises. What to do about the unsightly blue barrels? You mean, like … I don’t know … maybe pick them up before anyone sees them??? Well, that would require trash trucks to roll before anyone is awake, meaning the wee hours. Or build a giant recycling pipeline and bury it under city streets. Or, we could simply suspend our recycling program around downtown and buy up the rest of Wake County property for new landfills. Barring any of that, though, a truck will have to pick up the recycling and that means it likely will be doing this in the morning.

People who move downtown expect an urban experience. They don’t expect solitude. Heck, my Indian coworkers are so accustomed to living in cities with noise that they are actually uncomfortable if its too quiet. So if trash trucks are out on the streets in the early morning, that’s part of the experience.

And it’s not like the trash trucks that serve my suburban neighborhood are any quieter. The difference is that I have better windows than many of the older buildings found in downtown. Yet there’s nothing keeping the builders of these new downtown condos and apartments from installing good, quality windows in their projects. Unless they’re cheapskates.

And what about parking? There are decks, and on-street parking, and city officials note it’s still possible to park for free on the evenings. But policies seem inconsistent, and the perception on the part of many people who don’t come downtown often is that it’s inconvenient and expensive. The city can change that.

There is plenty of parking downtown, and there always has been. There are parking decks galore. I have never had trouble finding a place to park. The only question is how much are you willing to pay.

I totally agree, though, that policies are inconsistent. Signs on city decks clearly say that parking is free on weekends and evenings, yet these decks are often charging $7 to park during these times. This drives me nuts, so much so that I will soon be scrutinizing the parking contract the city signed with McLauren Parking. If the city wants to charge for special events, it should explicitly tell the public when these fees are in effect – the $7 sign at the parking deck entrances should not be their first inkling. And the parking deck signs need to change to remove the “free on weekends” wording if the city doesn’t intend to honor it. More often than not, it seems when I want to spend an evening downtown I am faced with an unexpected charge for parking when I thought it would be free.

As for road races, I’m all for them. I’m writing a lengthy blog post which explains why. The tl;dr is that we’re a city on its way to 1,000,000 citizens. We are big enough to handle big events, and should be honored that we are attracting them. But more on that later.

Overall, though, the N&O editorial is pointing in the wrong direction. Downtown growth is fine, and it will be fine, because the city has plenty of stakeholders who care about it and because the city has solid development plans to guide its growth. Downtown will be fine.

On the other hand, the newspaper should be asking why the city spent millions of dollars and untold hours of staff and citizen time developing a Unified Development Ordinance that makes development predictable for everyone involved, yet some city councilmembers happily kick it to the curb when the first big development get proposed on Hillsborough Street. The paper might also question why its own stories seem to encourage this kind of behavior.

Our success is no accident – it comes not only from years of planning but from sticking with the plans! The News and Observer should be holding our elected leaders accountable for sticking with these plans and refrain from its recent “any development, anywhere” approach to reporting. Until then I’ll take the N&O’s development advice with a large grain of salt.

via Raleigh’s downtown needs a summit on its future | Editorials |

Magnus Hedemark : Homelab Update

July 01, 2014 06:31 PM

I’ve not been a generous blogger, and for that I apologize.

The homelab is still a work in progress. The Dell cabinet is in place, I’ve got all of one server for it (for now) which is racked up and running. There’s another server being built out now for it, which I’ll also break down for you.

The first server that is up and running is an HP Proliant DL160 G6. It’s got two Intel Xeon X5650 hex core processors running at 2.67GHz, 72GB of RAM, and a couple of small boot disks that came with it (which I’ve mirrored). I’ve also installed four 1TB SAS disks in a RAID 10 array for /var/lib/libvirt to be mounted. The whole point of this machine is to host virtual machines, and the point of many of the virtual machines will be for hosting Docker containers. This is not a toy; this is a tool by which I continue to learn and hone my craft.

The next server that is being staged is a Dell PowerEdge 1950 III, with dual E5410 quad core Xeons running at 2.33GHz, only 8GB of RAM, and (for the moment) a single 73GB disk. Another disk of identical specs will be added for RAID purposes. This machine is a utility server, meant to provide basic services to the virtual machines and containers. It will be responsible for dhcp, dns, ntp, Foreman, Puppet, etc.

There’s quite a lot going in here, which I’m sure will be fodder for future posts. I’ll also be writing for the new Bronto Engineering Blog about cool things we’re doing at work.

Mark Turner : The Day We Set the Colorado River Free

June 29, 2014 04:02 PM

This is a wonderful read in about this spring’s temporary unleashing of the Colorado River. Our food choices and environmental decisions have consequences, folks.

This story makes me want to strap on a backpack and head west.

Back in the era of massive dam building, farmers and city planners were only too happy to see the wild Colorado transformed into a domesticated delivery system. Denver, Las Vegas, Phoenix, Tucson, Albuquerque, Los Angeles, San Diego, Mexicali, and many more municipalities drink the Colorado every day.

As do you. Most of America’s winter veggies are grown in the irrigated valleys of Southern California and Arizona. Your fridge is filled with Colorado River greens. Your beef was fattened on Colorado River alfalfa. Even your milk may well be the Colorado transformed. We all nurse from the mother river.

via The Day We Set the Colorado River Free | Nature |

Scott Schulz : Tweet: Are the @twitter folks just trying to drive away u…

June 29, 2014 11:26 AM

Are the @twitter folks just trying to drive away users? Can’t add another of my accounts to a client?


Scott Schulz : Tweet: In what nightmarish hell does @rdio believe that E…

June 28, 2014 05:52 PM

In what nightmarish hell does @Rdio believe that E.S.G – Sangin’ and Bangin’ is even remotely interesting to an Evanescence listener? #fail

Scott Schulz : Tweet: Blog: Weather Unlocked – An Interesting API http:/…

June 27, 2014 07:34 PM

Blog: Weather Unlocked – An Interesting API

Scott Schulz : Tweet: Ooh, I want a @DLoesch “Dana Show” koozie!

June 27, 2014 06:31 PM

Ooh, I want a @DLoesch “Dana Show” koozie!

Jesse Morgan : rsyslogd-3003: error -3003 compare value property – ignoring selector

June 27, 2014 03:08 PM

If you ever come across this message:

Jun 27 10:52:52 detc6ut002 rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="30899" x-info=""] start
Jun 27 10:52:52 detc6ut002 rsyslogd-3003: error -3003 compare value property - ignoring selector [try ]
Jun 27 10:52:52 detc6ut002 rsyslogd: the last error occured in /etc/rsyslog.conf, line 65:":programname, regex, 'ASA-[65432]-' ~"
Jun 27 10:52:52 detc6ut002 rsyslogd: warning: selector line without actions will be discarded
Jun 27 10:52:52 detc6ut002 rsyslogd-2124: CONFIG ERROR: could not interpret master config file '/etc/rsyslog.conf'. [try ]

Make sure you’re using double quotes on your regex string.

:programname, regex, "ASA-[65432]-" ~


This took me far longer than it should have to figure out. Let me know if you find this helpful.

Warren Myers : think as you like but behave as others – law 38 – #48laws by robert greene

June 27, 2014 12:18 PM

Law 38

If you make a show of going against the times, flaunting your unconventional ideas and unorthodox ways, people will think that you only want attention and that you look down upon them. They will find a way to punish you for making them feel inferior. It is far safer to blend in and nurture the common touch. Share your originality only with tolerant friends and those who are sure to appreciate your uniqueness. –Robert Greene, The 48 Laws of Power (review)

Mark Turner : One Parks board meeting left

June 27, 2014 12:59 AM

Raleigh's Parks board at the Fred Fletcher awards, May 2014.

Raleigh’s Parks board at the Fred Fletcher awards, May 2014.

At last week’s Parks board meeting, I did some calculations and realized I have exactly one meeting left: July 17th. Has it been six years already? Where does the time go?

So much has been accomplished during my time with the board. I recall how contentious my early board meetings were, with lots of strong opinions and little sense of compromise. I contrast that to the last few years, where my fellow boardmembers have voted unanimously on nearly every issue. I don’t think that all votes should necessarily be unanimous but I’m so glad to have been on a board where the members try to work together.

I’m working up a speech to give for my two minutes of member comments at the end of every meeting. There’s a lot to cover for these six years so I’ll have to choose my words carefully.

While July 17th will be my last meeting, my term doesn’t officially end until September 5th. Thus I have one more dedication left to attend: the Mount Hope Cemetery dedication on September 4th. After that, who knows where life will lead me?

Here’s a photo from one of my earliest Parks board gigs: the Lions Park dedication of 2010:

Lions Park Playground Dedication

Lions Park Playground Dedication

Here’s one from my latest dedication, this week’s Halifax Community Center’s rededication:

Halifax Community Center Rededication, June 2014

Halifax Community Center Rededication, June 2014

Magnus Hedemark : Docker Meetup at Bronto

June 26, 2014 11:27 PM

Magnus Hedemark:

I’m blogging for Bronto now. Here’s my first published article for them.

Originally posted on Engineering @ Bronto:

The June 2014 Triangle DevOps meetup was once again hosted at Bronto. This particular event was one for the books; it’s not only the most highly attended Triangle DevOps event ever, but the largest event ever hosted in Bronto’s Thunderdome! Additionally, this was the official kick-off for the Docker Raleigh meetup group. If attendance and engagement were any indication, technology professionals in Raleigh and Durham are very ready to learn more about Docker and how to leverage it for their own benefit. We were very fortunate to have Aaron Huslage from Docker come to speak to us on this topic.

Aaron Huslage begins with a brief introduction to Docker

View original 388 more words

Scott Schulz : Tweet: Happy 10th Birthday to @dokuwiki – good stuff!

June 26, 2014 03:28 PM

Happy 10th Birthday to @dokuwiki – good stuff!

Scott Schulz : Tweet: How in the heck do you save a screen cap to a file…

June 25, 2014 09:53 PM

How in the heck do you save a screen cap to a file in @evernote Skitch? Save sends to Evernote

Warren Myers : who wants an “all-star team” anyway?

June 25, 2014 11:57 AM

A friend sent me this job listing recently, and I see it suffers from a wrong-headed (though well-intentioned) institutional fixation that hiring managers seem to have: that of wanting an “all-star team”.

“we are building an all-star team”

Sigh. This mentality is promoted by smart, successful people like Joel Spolsky:

“You’re going to see three types of people in your interviews. At one end of the scale, there are the unwashed masses, lacking even the most basic skills for this job. They are easy to ferret out and eliminate, often just by asking two or three quick questions. At the other extreme you’ve got your brilliant superstars who write lisp compilers for fun, in a weekend, in Assembler for the Nintendo DS. And in the middle, you have a large number of “maybes” who seem like they might just be able to contribute something. The trick is telling the difference between the superstars and the maybes, because the secret is that you don’t want to hire any of the maybes. Ever.”

What’s wrong with the premise? Easy – just watch any sports all-star game: they all, each and every one, stink. Why? There is rarely ever such a thing as an “all-star team”. Stars, by definition, are individuals.

Sure – you have the anomalies: the 1927 Yankees, for example. That one magical time when all the stars aligned, the wind blew in the right direction, the grass bent just so, and everyone did exactly what they needed to do every time. They had 6 future Hall-of-Famers on the roster – names you know (and some you don’t): Babe Ruth, Lou Gehrig, Earle Combs, Herb Pencock, Waite Hoyt, Tony Lazzeri. They won 110 games and only lost 44 (it was before the 162 game season).

But even the 1927 Yankees didn’t win every year. Just the next year they still won, but lost a player from tuberculosis. And the next year they only won 88 games.

In 1927, Lou Gehrig batted .375. In 1929 it was only .300.

In 1927 Babe Ruth hit 60 home runs. In 1929 only 46.

What happened? Other teams learned to adapt, the rosters changed, the weather was different, the grass grew differently … in short: the “magic” wasn’t a formula – it was just magic.

In baseball, the All-Star Game is ostensibly a show for the fans (though, given the shortness of each players’ appearance in the game, and how managers might be inclined to less-heavily (or more-heavily) use players from their own teams, you wonder how much of a “show” it really is). A bunch of excellent baseball players who normally play against each other are brought together for a few hours to play with each other… and then go back to being opponents two days later.

I saw this at Opsware: they had a hiring philosophy that you should “never hire someone dumber than yourself” (if you were an interviewer). Theoretically, this should have lead to a corporate environment of smart people. And it did – mostly (I’ll leave-out some of the less-than-stellar hires Opsware made while I was there). But it also lead to having a roomful of smart people – ones who weren’t necessarily really “smart” when it came to talking to other people .. a distinct problem. (Take a look at this Quora entry on things smart people do that are dumb.)

Smart people sitting in a room and solving ideas tend to lead to the architecture astronaut view of the world. (Ironically, the same Joel who only wants to hire the best-of-the-best also realizes that super smart people will tend to get so enamored of their own ideas that they’ll craft little silos where they can sit and happily yammer-on about their pet interest.

I’ve had the privilege of working with some scary-smart people. And I’ve had the horror of working with some scary-smart people.

Sadly, it is far more often the case that the super smart people I’ve known and worked with have been horrors and not privileges.

We all want to work in the best environments we can – we want good benefits, interesting work, quality family time, great coworkers, awesome bosses … We all like to think that the folks we work with are amazingly brilliant – among the best in their fields. But what is the statistical likelihood of that? Pretty small.

If IQ were the only guide for potential success, you’d think that everyone would want to gravitate towards places that have masses of high-IQ folks. Like Mensa. Like we think Google must be. Or like Dave Eggers’ fictional company The Circle.

But IQ isn’t the only determinant of success – we can see that clearly with some of our most famous politicians, business leaders, cultural influences, etc.

Putting a bunch of smart (or athletic or fast or whatever other term/factor you want to use to quantify “all-star”) folks together in one room to become a team isn’t really realistic. What makes a good team is complex – there’s shared vision, good interpersonal skills, knowing whom to contact for what, and more. It’s not merely having a bunch of people who are “the best” at what they do. It’s having people who can be [close to] “the best” together.

Scott Schulz : Tweet: Woot! @DLoesch is filling in for Glenn Beck tonig…

June 24, 2014 11:27 PM

Woot! @DLoesch is filling in for Glenn Beck tonight! This should be awesome.

Eric Christensen : YouTube, now with less RC4

June 24, 2014 01:45 PM

Eric Christensen:

This is awesome news. Passing it along.

Originally posted on securitypitfalls:

After everybody said not to use RC4 any more, Google finally enabled one additional cipher on Google video servers: TLS_RSA_WITH_AES_128_GCM_SHA256.Unfortunately, this cipher is not supported either by Firefox 30 nor by Internet Explorer on Windows 8.1 or earlier.

Users of Firefox will have to wait for the bug 1029179 to be fixed.

This cipher is though supported by Google Chrome and Chromium, so if you’re a user of those browsers, you can finally disable RC4 for everyday browsing. You can do it either by creating a wrapper script, or modifying the shortcut you use to run those browsers to have one additional option:

chrome --cipher-suite-blacklist=0x0003,0x0004,0x0005,0x0017,0x0018,0x0020,0x0024,0x0028,0x002B,0x0066,0x008A,0x008E,0x0092,0xC002,0xC007,0xC00C,0xC011,0xC016,0xC033

This will disable following cipher suites:

  • 0×0003 – TLS_RSA_EXPORT_WITH_RC4_40_MD5
  • 0×0004 – TLS_RSA_WITH_RC4_128_MD5
  • 0×0005 – TLS_RSA_WITH_RC4_128_SHA
  • 0×0017 – TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
  • 0×0018 – TLS_DH_anon_WITH_RC4_128_MD5
  • 0×0020 – TLS_KRB5_WITH_RC4_128_SHA
  • 0×0024 – TLS_KRB5_WITH_RC4_128_MD5
  • 0×0028 – TLS_KRB5_EXPORT_WITH_RC4_40_SHA
  • 0x002B – TLS_KRB5_EXPORT_WITH_RC4_40_MD5
  • 0×0066 – SSL_DHE_DSS_WITH_RC4_128_SHA
  • 0x008A – TLS_PSK_WITH_RC4_128_SHA
  • 0x008E – TLS_DHE_PSK_WITH_RC4_128_SHA
  • 0×0092 –…

View original 87 more words