thewayne: (Default)
Originated by: Oktoberfest Hero @Palle_Hoffstein

A whole lot of folks on here believe society doesn't owe anyone a job or health care but somehow believe women owe them a date.

Sep 22, 2017

I know I couldn't have said it better meownself.
thewayne: (Default)
I learned last night that apparently my iPad can take the update, so apparently it is an iPad Mini 2. So that's cool. And I may go ahead and risk upgrading my phone. I'm pushing my departure back to Thursday from Wednesday: I didn't get everything done that I needed to do, including reviewing five long boxes of comics in case there's anything that I want to keep (possible but not very likely), and the difficulty of loading my car since I recovered four banker boxes of comics from my storage unit yesterday afternoon. I'm not sure if it's all of my comics, I know there's three or more long boxes at my parent's that I'll deal with when I get there, but that'll be a vast bulk of them and a lot of space recovered.

On top of that, only 3 hours of sleep last night. AND one of the nose pads fell out of my reading glasses. Found the nose pad, fortunately I have a spare screw from a previous broken set of reading glasses.

I forgot to mention a new feature of iOS 11 that should be interesting: you have a Do Not Disturb mode for driving: anyone texting you receives an autoreply saying that you're driving and will get back to them later. I like that. Definitely appealing when you're about to set out on a 500 mile drive. I'm doing a different outbound route that a friend says is much more picturesque, so we'll see. It's also rather cellular dead, which causes me a slight amount of apprehension. Just need to fuel up and hit the restroom before hitting that 200 mile stretch.
thewayne: (Default)
Maybe that was midnight Cupertino time, I don't know. Regardless, both of our iPads are too old, as is my wife's iPhone 4S. That leaves my iPhone 6 as the only device that can run it, and since I'm about to head for Phoenix and I won't have my iMac with me for a system restore should something glitch, I think I'll hold off a bit. For that matter, the new MacOS is supposed to drop in a couple of days, and I won't be upgrading to that until I get back from Phoenix, so I'll probably just do a device upgrade frenzy when I get back.

Some of the features in iOS 11 are pretty cool. I like the 'press the power key 5 times to disable the fingerprint reader', definitely cool. It doesn't materially affect me as I don't use the fingerprint reader to unlock my phone, but that's OK. And they've apparently made the reverse video mode more intelligent for not reversing images, which is good. I really wish they had an override for web pages and such so you could force white letters on black background, for example. That's what I love about Ars Technica and hate about most others, I find white on black to be much easier on my eyes.

But I DO NOT like updating my phone apps over WiFi (as I wrote about last week), I thought loading apps through iTunes was easy and one-stop syncing. They've just increased the hassle and it's likely to increase the time between me doing updates from daily to weekly or monthly or whenever. Which increases potential security vulnerabilities, which ticks me off. iTunes should be a framework that supports plug-ins, then all they'd have to do is write a plug-in that reads the app store for just iPhone/iPad/Watch apps, and re-casts them in to the iTunes framework. It's still just one app store, it just looks like two.


GET OFF MY LAWN! Kids these days.

(In a totally unrelated incident, I got "Sir'd" last week! I was sitting in a barber shop waiting for my guy to finish with his current client, and the other guys started talking about horror movies. I'm not a big horror movie fan, so I didn't participate until later. Now, this barber shop is an actual barber shop, not a hair salon, run by 30-somethings with tattoos up to their necks and possibly beyond, smoking their e-cigs and playing that reissued Nintendo Classic that came out last year when they're slow. I don't really care. So what if they're young. I piped up about some movie, I don't remember what, throwing in my $0.002 worth, and this one barber later comes over and apologizes, saying that he didn't know that he had an older gentleman in the shop and they wouldn't have been talking like that if they'd known! Yes, dude, I'm 55, and some day you'll be there, too, if you're lucky. Maybe I'm moving towards the far side of middle-age, but trust me, though I am growing older I definitely have not remotely grown up. In my headspace I'm still a 30-something, though my body constantly reminds me that I am not. I laughed at him, reassured him that I was not offended, then told them a pretty grizzly story about a quietly spectacular suicide that happened while I was working for the police department. The crime lab was in the basement as was computer services, and the car that this guy offed himself in was so pungent that finally I told my boss that I'm taking off for the day. The fire department later used that car as burn practice.

I'll go in to no further details, unless people want it, in which case I'll put it in a new post under a cut.)
thewayne: (Default)
Apparently. In March they brought in the company that is investigating the May-July breech. These seem to be the same intruders.

From Slashdot:
Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed (
Posted by BeauHD on Monday September 18, 2017 @05:20PM from the earlier-than-expected dept.
Bloomberg is reporting that Equifax, the credit reporting company that recently reported a cybersecurity incident impacting roughly 143 million U.S. consumers, learned about a breach of its computer systems in March -- almost five months before the date it has publicly disclosed. The company said the March breach was unrelated to the recent hack involving millions of U.S. consumers, but one of the people familiar with the situation said the breaches involve the same intruders. From the report:

Equifax hired the security firm Mandiant on both occasions and may have believed it had the initial breach under control, only to have to bring the investigators back when it detected suspicious activity again on July 29, two of the people said. Equifax's hiring of Mandiant the first time was unrelated to the July 29 incident, the company spokesperson said. The revelation of a March breach will complicate the company's efforts to explain a series of unusual stock sales by Equifax executives. If it's shown that those executives did so with the knowledge that either or both breaches could damage the company, they could be vulnerable to charges of insider trading. The U.S. Justice Department has opened a criminal investigation into the stock sales, according to people familiar with the probe.

In early March, they said, Equifax began notifying a small number of outsiders and banking customers that it had suffered a breach and was bringing in a security firm to help investigate. The company's outside counsel, Atlanta-based law firm King & Spalding, first engaged Mandiant at about that time. While it's not clear how long the Mandiant and Equifax security teams conducted that probe, one person said there are indications it began to wrap up in May. Equifax has yet to disclose that March breach to the public.

The Bloomberg original story has auto-start videos.
thewayne: (Default)
A proof of concept of this was revealed some months ago when a Burger King TV commercial said "Siri, tell me about the Whopper". Maybe it was Hey Google, I don't remember. Anyway, it was rapidly blocked, then BK came out with another commercial and they had a little war back and forth. And BBC apparently tries it with "Hey Siri, remind me to watch Doctor Who on BBC America." I was particularly amused at "Hey Siri, remind me to watch Broadchurch on BBC America" during the final episode of the series. I burst out laughing when that ad aired and had to explain it to the spousal unit. And as Sam Clemens said, or is alleged to have said, 'Analyzing humor is like dissecting a frog: you can do it, but the frog isn't good for much afterwards.'

Well, the Chinese have found another way: pitch the audio above the range of human hearing. The microphones can still catch it, and the command works. Now, I don't have voice-activated Siri on my iPhone, I have to hold down the button because I find that, for me, for the most part Siri is garbage. I don't think it's my enunciation, but maybe it is.

Makes me wonder if they'll put in a filter to cap mic input to 18-20 kHz or so to prevent this sort of abuse.

I read about this last week, perhaps on the day that I went down to help out that medical practice with their ransomware attack. The clinic was handling their last patients of the day, and the office manager was running the front desk, and was using his iPhone with Siri voice commands. He looked a little shocked when I told him about this attack.

Here's the Slashdot summary:

Chinese researchers have discovered a vulnerability in voice assistants from Apple, Google, Amazon, Microsoft, Samsung, and Huawei. It affects every iPhone and Macbook running Siri, any Galaxy phone, any PC running Windows 10, and even Amazon's Alexa assistant. From a report:

Using a technique called the DolphinAttack, a team from Zhejiang University translated typical vocal commands into ultrasonic frequencies that are too high for the human ear to hear, but perfectly decipherable by the microphones and software powering our always-on voice assistants. This relatively simple translation process lets them take control of gadgets with just a few words uttered in frequencies none of us can hear. The researchers didn't just activate basic commands like "Hey Siri" or "Okay Google," though. They could also tell an iPhone to "call 1234567890" or tell an iPad to FaceTime the number. They could force a Macbook or a Nexus 7 to open a malicious website. They could order an Amazon Echo to "open the backdoor." Even an Audi Q3 could have its navigation system redirected to a new location. "Inaudible voice commands question the common design assumption that adversaries may at most try to manipulate a [voice assistant] vocally and can be detected by an alert user," the research team writes in a paper just accepted to the ACM Conference on Computer and Communications Security.
thewayne: (Default)
and apparently did not have an IT background. Her LinkedIn profile has been deleted, and apparently an effort is being made to purge her from the internet. It won't be entirely successful, but it'll slow information retrieval down. The article mentions that she spent 14 years in industry, we don't know in what industry, which means she could have picked up a fair amount of IT knowledge, but not as much as if she'd studied IT and gotten a degree and a CISSP cert.

Also, scammers are calling people at random, claiming to be Equifax, wanting to verify your information. Obviously Equifax has better things to do right now than call you. Just hang up, don't give them your name or the time of day.

ETA:Apparently the Internet Archive Wayback Machine never cached her LinkedIn page, more's the pity. It says it has a page from September 9, but nothing is retrieved when you click on it.
thewayne: (Default)
It is indeed a doozy, perhaps the largest data privacy leak in history. Equifax has been collecting information on people for decades, and they do it without our express permission. But at the same time, they are used for credit scores and to generate bank decisions for our getting loans and such. Yet I never signed a contract with Equifax allowing them to collect information on me.

And they have, through zero fault of my own, personally screwed me over.

A couple of years ago my wife and I decided to shop car insurance. Our current insurer was doing some corporate shenanigans that we didn't care for, and it should have been possible to shave some bucks off our premiums, and it never hurts to shop. I called the car club AAA, we ran through my information, and they told me that they couldn't take me because I had three accidents on my record. I'm accident-free. Equifax had taken three accidents OF MY FATHER, whose name is Andrew Donald, and put them on my record, where my name is Donald Wayne. We lived at the same address some years back, but I was living in New Mexico at the time of the accidents and have never owned a Buick. As it happens, we were born in the same month, but not on the day and clearly not in the same year. No two digits in our birth date or year are the same. There's no reason to conflate us and put the accidents on to my record, except for pure sloppy processes.

So I have a pretty poor opinion of these credit bureaus.

What happened to Equifax is pretty simple. They built their data framework on an open source software package called Apache Struts. Like virtually all software packages, bugs are found and patches are issued. A particularly big problem with Struts was first patched in March, but the intruders were in Equifax's system from mid-March through July - approx 2.5 months. Thus it is perfectly reasonable for Equifax to blame open source software for its breach. [sarcasm off] Struts is a framework for Java programs to run either on servers or web browsers, and after updating the framework you have to recompile literally hundreds of programs, and doing that would be a tremendous PITA, but it MUST be done, otherwise shit like this happens. Apparently some management at Equifax didn't like to pay overtime, and now they have to cope with a tremendous amount of shit.

In some late-breaking news from this afternoon, Equifax's Chief Information Officer and Chief Security Officer are both "retiring", proving that for once, shit started at the top. In "there is occasionally some justice, or perhaps there will be" news, the Federal Trade Commission is investigating the breech. It will be interesting to find out what they learn, assuming they ever issue a report. I wonder if Congress will hold public hearings. The breech is being compared by some news agencies to Enron. According to the Reuter's story, "Shares of Equifax fell 2.4 percent on Thursday and trading volume hit a record high. The shares have lost 32 percent since the company disclosed the hack on Sept. 7.

Senate Democratic leader Chuck Schumer compared Equifax to Enron, the U.S. energy company that filed for bankruptcy in 2001 after revelations of a widespread accounting fraud."

But you see, this is not just a problem for people in the USA. Equifax holds information for people in Canada and Mexico. And Argentine, and possibly other Latin American countries. And the BBC is reporting that 400,000 UKians have information that was compromised in the theft, but their information exposure was minimal and should not lead to identity theft. Well, we'll see about that! In Argentine, apparently Equifax's software used the highly-[in]secure account/password combination of admin/admin.

This is one of my favorite stories, and it may be behind a paywall since it's from the Wall Street Journal. Here's the Slashdot summary:

Equifax was lobbying lawmakers and federal agencies to ease up on regulation of credit-reporting companies in the months before its massive data breach. Equifax spent at least $500,000 on lobbying Congress and federal regulators in the first half of 2017, according to its congressional lobbying-disclosure reports. Among the issues on which it lobbied was limiting the legal liability of credit-reporting companies. That issue is the subject of a bill that a panel of the House Financial Services Committee, which oversees the industry, discussed the same day Equifax disclosed the cyberattack that exposed personal financial data of as many as 143 million Americans. Equifax has also lobbied Congress and regulatory agencies on issues around "data security and breach notification" and "cybersecurity threat information sharing," according to its lobbying disclosures. The amount Equifax spent in the first half of this year appears to be in line with previous spending. In 2016 and 2015, the company's reports show it spent $1.1 million and $1.02 million, respectively, on lobbying activities. While the company had broadly similar lobbying issues in those years, the liability matter was new in 2017.

The title of the story is "Equifax Lobbied for Easier Regulation Before Data Breach", it's by Michael Rapoport and AnnaMaria Andriotis. f you do a little searching, you might be able to find a copy.

Now, the breech itself is extremely bad. If you were compromised, and there's a very good chance that you were, then the information that was stolen includes: your full name, social security number, previous addresses, list of jobs, all sorts of amazing things. Information about you that never changes. Information about you that you use to apply for credit cards, loans, mortgages, JOBS. The best thing you can do is to approach all four credit bureaus and put a FREEZE, not monitor, but FREEZE your credit. That means that no credit can be taken out in your name without postal correspondence going back and forth with your house. No credit reports can be pulled. It's about the best that you can do. Brian Krebs has an excellent post that he has to pull out a few times every year to discuss this. Definitely worth a read. Me? I'm unemployed. Banks would have to be idiots to issue credit under my information, still, I plan on freezing my accounts.

But that's not the worst.

For reasons unknown, Equifax had credit card transaction information, 200,000 transactions worth dating back to last November, sitting on their servers, apparently unencrypted. Massive violation of PCI compliance rules.

And who knows, there may be more yet to come.

I won't bother providing links to the stories about your surrendering your right to sue if you signed up for their monitoring service, that's been rescinded. There were at least two class-action law suits in development, along with a couple of States Attorneys General beginning investigation.

One more thing to mention: an op ed piece by Bruce Schneier, a very well-known and respected expert on encryption and privacy. He has some facts wrong, I think he wasn't as well-versed on the scope of the breech as perhaps he should have been when he wrote it. But at the beginning of the piece he talks about how the public are not customers of Equifax, we are what is being sold, and we have no say in the matter. And there are THOUSANDS of data brokers out there that we can't come close to naming all of them.

Equifax's feet will be in the fire for some time, I imagine.
thewayne: (Default)
[ETA: probably applies if you use Windows also, I just don't know how iTunes and iPhone/iPad apps update on that platform]

Well, you can if you want, but you need to be aware of what it means.

The update is is intended for iOS 11, which is due later this month when the new iPhones release, so you don't need it right now, and it REALLY changes one thing that's really important to me: app updates. In the brave new world, you will now have to open the App Store app on your device, click on Updates, then update individually or click on Update All. Personally I think this will greatly reduce the rate at which people update their apps.

Myself, I don't like this. I use iTunes every morning to refresh podcasts and update apps, then I resync my phone. All done. Now I still have to go through the iTunes process, but now I have to go through an additional process on my phone and iPad? And where is the phone/iPad backup stored in case I need to restore it from scratch, admittedly a rare procedure. I DO NOT want to store an iPhone backup in the cloud as that is something that could be made available to government, I want that backup on my personal computer.

I hope there's enough caterwauling that Apple backs off on this and re-integrates app updates in to iTunes. Maybe they will, maybe they won't. I'm definitely not happy with their decision.

Just be aware that the App page is no longer present in the new version of iTunes. Now I have to decide if I want to do a backup reversion on my laptop to get the old version of iTunes back.
thewayne: (Default)

We have a casino about an hour north of us called Inn of the Mountain Gods. They had Bobby Flay a couple of months ago, for which I was *meh*. I'm not a huge Flay fan, though I love his meatloaf recipe with roasted vegetables and balsamic vinegar. And I saw billboards for Flay for a month or more before his show.

But Irvine? Didn't hear a peep.

We went out for lunch today to this amazing local BBQ joint. People drive up from El Paso to go to this place. And these two women went to this Irvine show last night and raved about how good it was, both his presentations and the food. And they said that the comments from the Flay show were just terrible: lousy personality and minuscule food samples, not remotely a full meal.

Supposedly Irvine will be returning next year....

I really miss seeing him on Food Network. He now has a daytime talk show along the lines of Sally Jesse and those ilk, and I can't be bothered to watch such. If he does a food show, I'm there. Otherwise, I'm not.
thewayne: (Default)
Wednesday night I got an email from a friend whom I used to work with. She'd gone to a doctor that afternoon and their office was in a kind of chaos: the office had been hit by at least two different kinds of ransomware attacks. She wanted to know if I could help.

That night I did some research on the particular attacks, found out they were variants of the same core and both were based on exploiting weak Windows RDP (Remote Desktop Protocol) passwords. RDP is a back door to a server that techs use for management. It should NEVER be left open! There are other, more secure, ways to manage servers. If it must be left open, then it should have a VERY secure, i.e. LONG and complicated, password on it.

Obviously it did not.

A friend of the doctor's is their main IT guy, but he's not local, and he's decent but not top drawer. This problem apparently was discovered before Wednesday, and their guy (let's call him Bob) was making a new server for them with the latest version of Windows Server and SQL Server. The software that their clinic uses is mainly based in SQL Server, and here's the really suckie part: it was running Windows Server 2008 R2 and SQL Server 2008. And plugged straight in to a router to the internet. No hardware firewall, vendor-provided router.


I didn't bother checking to see the patch level on their Windows Server 2008, it was kind of pointless. I did note that their SQL Server 2008 was well below the final patches that were released for it, not that it mattered as all of its databases had been encrypted.

The new router, though consumer grade, is fully patched. The new server is fully patched. A new Cisco firewall is on order. That's the best that we can do right now.

I was there Thursday from 11am to 8pm, then worked at home from 10pm to midnight copying, compressing (7zip), and uploading a big analytics file to a forensics company who sent us a utility to try and figure out what happened. Friday I only put in five hours, finishing up an inventory of all of the computers (which they didn't have) to figure out what should be tossed and what could be upgraded to get them all up to Windows 10 Pro and writing up some reports.

One woman complained to us that her computer was really slow. And it was. It was absolutely horribly slow! I was afraid that it had something nasty running under the covers, then I opened up Control Panel and did some poking around and found that it was a Pentium 4 with 2 gig of memory running Windows 10. The Performance Index, Satisfaction Index, whatever index, was 1.0. So we ordered her a new computer.

I always had a three-step plan when it came to buying computers to make them last longer and save money. When a new OS came out and the original started slowing down: add memory. That usually sped things up. Next OS comes out: install a better video card. Next OS comes out: buy a new computer. All of their computers are running at least 4 gig of memory, odds are they're all running a motherboard-based video card. I'm hoping we might be able to do memory upgrades and install some video cards and upgrade some of these for about $100-150 instead of tossing them. We shall see. I'll do some more inventory work next week now that we have a better idea as to what's out there.

This weekend I'm writing up a report more detailed than the single page invoice that just had bullet points as to what I did, I'm also burning a DVD with bootable malware/virus inspection software that'll look deeper in to the OS than something like Symantec can do, and since you're booting from read-only media, it'll look for boot kits that are otherwise invisible. I'll get to inspect all of the workstations! That'll make everyone oh so very happy to have their computer denied to them for however long it takes.

The tragic thing is that their backups weren't running properly because they had a terrible internet connection that couldn't handle the transfer. The software did a nightly backup to their vendor, but it had been failing. And they weren't doing anything locally, so they didn't really have a fall-back point to recover from. Their practice software vendor was able to restore from an earlier backup, but I don't know how successful that was in terms of how old and was there any corruption in it. I'll be finding that out Monday. This gets their patient information back, which is critical. And their insurance information is also processed online, so that should be safe. But anything stored locally may be lost.

And the horrible thing about that is the way the database is configured! I'm a database guy, I've been working with SQL Server for 25 years, since the first Microsoft version came out running on Lan Man/OS2. And the vendor has a VERY bad configuration. And I won't improve it unless they say it's OK. We're going to set up local backups, I've stressed upon the office manager the importance of rotating backup media and having a fire-proof safe in-house for storing said media. So eventually they'll be in a much better place.

The big question is whether or not they have to notify all their patients. I don't think this represents a HIPAA information spill. These ransomware encryptions are fully automated attacks by bots, I've never heard of data being exfiltrated and used for further extortion, that's a much more targeted attack. I'm going to have to tell the doctor who owns the practice to talk to his attorney and discuss this point because that's far outside of my ability to give him a recommendation.
thewayne: (Default)
Or a computer geek with something to prove!

I succeeded in sucking the files off my wife's computer, though it took some time to configure it. I couldn't do it with a Win 10 computer, so I dug out the OOOOOOLD box -- XP. Only two generations newer than the Compaq. They both spoke the concept of Workgroups, which 10 does not. Once I set up a common workgroup and confirmed they could see each other through the router with a ping, I created a share on my XP box, linked the Compaq to it and had no problem copying stuff to it. I even went and xcopy'd her bookmark*.html to it so if she had anything interesting there, it'll be preserved.

I even found her PhD thesis from 20 years ago in LaTex files!

It was pretty small, only 100 meg. Copied it on to a flash drive, then up to Dropbox.

Mission accomplished. I'm leaving everything set up so she can review the Compaq before I break it down, then we have to figure out what we'll do with the old beastie.
thewayne: (Default)
I've been on a mission of late to purge a storage locker to eliminate (A) a bunch of crap that I don't want or need, and (ii) a monthly debt that we definitely don't need as I'm in my 14th month of being unemployed. To further get rid of clutter, and to get some files off of my wife's ancient Compaq desktop (Windows 98 anyone?), I ordered a Vantec IDE/SATA to USB 3 adapter from NewEgg for $20 with free shipping. That allowed me to check A LOT of hard drives that have been sitting around for files that I might be interested in. Only one, clearly labeled BAD, was not readable. Some had already been wiped. Unfortunately pretty much all of them are unusable: the smallest is an 800 MEGABYTE laptop drive (HUGE amount of space in DOS days), and aside from an old 4 TB drive from my previous iMac, the largest was only 8 gig. So I'll end up opening them up, stripping some of them for their magnets and platters because it's fun, and tossing the rest.

My wife's Compaq posed a different sort of problem. First, let it be proclaimed far and wide, that as a rule I HATE COMPAQ COMPUTERS! HP also falls under this broad proclamation. This goes back to the '80s when I first had to open them up and work in their guts. They're notorious for being fickle in their configuration and requiring that you buy components only from their makers. Well, this one is not much different. It's running Win 98, and I didn't want to try and put it on a network since the concept of trying to find network drivers for such an old OS, not to mention an OS CD!, was pretty much unthinkable. And I had just bought this spiffy Vantec adapter, so I figured I'd just remove the hard drive and suck it in to my iMac and copy the contents on to a USB stick for my wife.

Fat chance. First off, they secured the hard drive with screws on both sides. The motherboard is on the far side, so those screws are inaccessible. So remove the entire hard/flopy drive cage! They even secured THAT with screws on both sides! So without removing the motherboard, I can't get the damn hard drive out. I tried undoing the ribbon cable header and plugging in the Vantec adapter, but for reasons unknown that did not work: I used the Compaq itself to power the drive during that experiment. Now I'm going to grab my Windows 7 box and my router, plug both computers in to the router side-by-side, and get them talking to a local workgroup so I can just suck the files directly to the Win 7 computer. THEN I can copy the files to a USB stick. I couldn't even get the 98 machine to recognize a 256 meg USB stick without it wanting additional drivers!

Hopefully this will work. If not, I have an even older XP machine sitting in the corner that should boot.

But here's the clever bit.

I had an old 15" CRT VGA monitor sitting around, so a monitor for the Compaq was set. I was able to find a PS/2 keyboard in its original box, so that's set. Couldn't find a mouse. Not a big deal, I can navigate old Windows with a keyboard just fine, it's just easier with a mouse. But while cleaning out my storage shed, i found a full box of Belkin mice! I'm talking an actual factory box with something like 10 mice in it, all of them PS/2 or serial! I brought one home and plugged it in!

And it only moved the cursor sideways.

Being the geek that I am, and more than a little handy with a screwdriver, I took it apart.

The vertical sensor axle had popped out of its far side. Simply popped it back in to place, snapped the housing back together, popped the ball back in (yes, pre-optical mice), and it worked just fine. THEN I put the screw back in.

So for the first time in almost 35 years of working with IBM PCs, I fixed a mouse.

Now let's hope my little networking misadventure works. My previous wireless access point had the radio die, but the router side continues to work just fine, so I've kept it in service for that use as my Apple wireless router has only one user ethernet port.

(Tech lesson: the way that the original mice worked when they had the little rubber balls was that they had two sensors, X and Y axes, connected to rods that were in physical contact with the ball and rotated as you moved the mouse. Electronics in the mouse and software translated the rotation of the rods for the computer to move the mouse pointer on the screen correspondingly to the mouse movements. Very clever design. Then they went to optical mice, 'rubber eraser' pointers, and trackpads. Trackballs were just upside-down mice with billiard balls, nothing particularly innovative there. The rubber eraser pointers used strain transducers to sense where the pointer was being bent and how hard it was being pushed to provide mouse pointing information, trackpads use a similar strain transducer tech.)
thewayne: (Default)
I could weep. Truly, I could weep. It includes a video of a guy destroying a Canon Digital Rebel XL by pointing it at the sun through a bigass Canon telephoto without a filter on the lens, purely as a demonstration. Burns right through the sensor, damages the mirror: you can see wisps of smoke when he removes the body from the lens.

One camera was protected by a drop-in filter. No damage to the camera. The lens, however, had to have the diaphragm replaced.

thewayne: (Default)
I enjoy cooking. I don't particularly like cleaning the kitchen up, in particular I really don't like washing knives. And I DON'T run them through the dishwasher -- I have very good knives and the high temperature of dishwashers, especially my dishwasher with its disinfect cycle -- can do nastiness to the tempering.

Nevertheless, knives must be washed.

I try not to put it off more than a day, but I'm a slacker and they sometimes accumulate. And I don't let sticky crud adhere: I'll at least rinse them and use a scrubber to remove residue.

Today, before I head off to work on the storage locker, I'm going to prep pork tacos with toasted almonds and chopped golden raisins. Wonderful stuff, an America's Test Kitchen recipe. The only alteration that I've done is increased the amount of raisins: the original had 1 tablespoon, and it just wasn't detectable. I kicked it up to 3 and that's the amount that my wife and I like. And I always use golden raisins: I detest any other type. No idea why, that's just the way it is.

Anyway, I was going to prep the onion/garlic and raisins, then I can do the remaining prep (simmering liquid (tomato sauce/chicken stock/apple cider), toast the almonds) and get the cooking done in probably half an hour.

So I have to wash knives. Four of 'em. Three Henckels (8" chef, 6" chef, and a really cute 3" santoku that's great for cheese) and a 6" Pampered Chef chef's knife. I sold, or failed at selling, Pampered Chef for a couple of years, but I acquired some great gear in doing so, including this knife. Excellent grip, great balance, great edge, AND it comes with a really nice plastic sheath for travel! And the Pampered Chef had visible rust.


I don't know what happened. It was on the dry sink side, so there shouldn't have been any water there, but accidents happen and we use the sprayer occasionally. So I washed the three Henckels and put them away, grabbed the PC, gave it a good scrubbing, and the rust was GONE. Absolutely no trace of it. I didn't use a steel pad: I have a small rectangular refrigerator container that I fill with soapy dishwater and I have a dedicated scrub brush that gives me good leverage which I use only for knives. And the rust came right off. I must have caught it before it got too deep in to the blade.

Absolutely awesome. I have been lucky and none of my other knives have gotten rust on them, and so far that record continues.

thewayne: (Default)
I went to Walgreens today to pick up some meds, and they are putting up their halloween stuff.

thewayne: (Default)
It's been bugging me for a long time.

My wife and I have been members for MANY years. I frequently get complimented on the age of my membership card. Yet I am very disappointed at something that happened several months ago: the removal of the New section from apparently all book sections, yet not from your video section.

I read A LOT. On average, I read a book about a book a week. I also follow a lot of different authors, and some post photographs of the ARCs that they receive. This gives me a heads-up of what I can expect to see on shelves in the near future. Except I can't see them on your shelves because the new releases are now intermixed among all the old releases and I have to dive deep, author by author, to find specific titles. And that's assuming that they're in the specific section that I'm looking for: many has been the time that I've looked for an author in science fiction only to find that they've been put under YA.

You have created a losing proposition for me. I avoid buying books on Amazon because I want physical book stores. We just lost our two local book stores, now I have to drive 90-120 minutes to get to one, and that means three of your stores in Las Cruces or El Paso. And that means frustration of not being able to easily see what's new. So where's the advantage of being able to easily see what's new? There is none. There's nothing prominently displayed to whet my appetite and lure me in to opening my wallet for a $30 hardback.

You've made your stores no longer a destination. Before, when I drove to Phoenix, I ALWAYS made it a point to hit one or two of your stores to see what's new. But that's no longer true, because you no longer display what's new. So what's the point? If I have to go online to find out what's new, THEN go to a store to buy it, I might as well buy it online.

I avoid buying books online to support local book stores and jobs. I don't buy my medications by mail to support local jobs. These are things that are important to me. But what you've done is encouraging me to channel money that I reserve for books in to online venues, and that may not go to B&N.

I've been shopping at B&N since the 1970s at B. Dalton in Christown and Metrocenter in Phoenix. The stores back then had sections for both Science Fiction and Fantasy, then ultimately merged them. I used to buy old copies of Analog magazine by the grocery sack. I am a book hound. I am not a casual reader, I am a ravenous reader, and you are frustrating me.

As I said, you've made it so that your stores are no longer a primary destination. I still stop there if I happen to be in the area and have other places to go, or obviously, if my wife wants to go. But now my personal itch must be scratched online.

I really hope that you put the New Releases area back in your stores. That would make me quite happy indeed.
thewayne: (Default)
I just downloaded 78 books and PDFs on SQL Server, Power Shell, Windows Server, Azure, development, and a lot of other topics that caught my eye. There’s no indication as to how long the giveaway will be going on, so get ’em while the getting is good.

Words of warning and advice: many of the offerings are only as PDF, some are just DOC, others are also as MOBI or EPUB. So don’t expect to be able to load everything to your iPad or Kindle and be able to have lovely reflowable and resizable text. Obviously it’s easy to run the DOCs through Calibre or other programs and convert them to your favorite ebook format, not so easy with the PDFs. One major problem for me is that some of the links just give you a file with an ISBN#.epub, or a really bad file name, so personally I’d recommend doing a copy of the book title as it appears in the giveaway blog post, then a right click Save As on the link, and paste in the nicely formatted title.
thewayne: (Default)
A Tweet from the Mighty John Kovalic of Dork Tower fame and the illustrator of a bajillion Munchkin cards:

Nero fiddled while Rome burned because he could not yet Tweet.
thewayne: (Default)
Was a bit of work. Roasted vegetable balsamic glaze meatloaf, glazed carrots, and mashed potatoes with a Josephsbrau Radler. I did cheat and used instant mashed potatoes, I go the full distance for Thanksgiving and Xmas when it comes to mashed.

Quite yummy. Sadly, my iPhone did a lousy job photographing it. I told it to focus on my plate, instead it focused on the plate that we were serving the meatloaf from.

The meatloaf is a Bobby Flay recipe from Throwdown With Bobby Flay. He lost, but I love the recipe. It contains two bell peppers, a zuchini, balsamic vinegar, panko bread crumbs. It calls for a pound of ground chuck, a half a pound of pork and half a pound of veal, but it's hard to get veal 'round these parts, so I use a pound of pork. Tastes great! The carrots is an Alton Brown recipe where the carrots are cooked in butter and gingerale and also contain chili powder! It calls for the carrots to be cut 1/4" thick, but I now use a mandoline to slice them 2mm thick.
thewayne: (Default)
First, the car strangeness. The transmission seems OK, so crossable body parts crossed.

I listen to LOTS of podcasts when driving, sometimes lots of music. Depends on the mood. Yesterday, I was working through my short backlog of Intelligence Squared US podcasts through my car stereo when suddenly the sound died. Initially I thought maybe the podcast had been poorly produced and the audio had dropped from the recording. Nope, car battery had died! And this battery was about a year old! If I lived in Phoenix full-time, I might have accepted it as a dead battery, but not up here. I had been planning on finishing up and leaving soon, but that was definitely out of the question. Fortunately, after letting the car sit for another half an hour or so it started up.

I think the thing that killed it was that I forgot to turn the headlights off and the key was in the accessory position. I normally run with the headlights on all the time, so I'll have to be a little more mindful of that. Still, I'll get the battery and alternator tested today, just in case.

I've been working on clearing out the storage locker to eliminate $45 from our monthly expenses, and to just get rid of a bunch of crap and a lot of books that I have no interest in reading again. And I found two little treasures: Harvard Lampoon's Bored of the Rings, and National Lampoon's Doon. I have to admit that I carefully cut out the very first page inside the cover of Bored of the Rings: it had a scene that does not appear in the book that was sort of a bodice ripper of a dark elf seducing Frodo, and I was afraid that my parents might throw it away if they saw that page.

I wonder when I bought it? First publication date is 1969, but I know I didn't get it when I was in the second grade. Still, mid '70s? Must've been something like that.

If I can work on my storage locker for a couple of hours daily, I think I can finish clearing it in 2-3 weeks. Lots of stuff to throw out, lots of books and stuff to take down to Alamogordo to a thrift shop, and then other stuff to bring up to the house. The thrift shop is only open until 3:00, so usually it's work on locker, then next day go to thrift shop to drop stuff off, then work on locker.

Then I have address our "library" in our house in order to clear out the storage pod in our front yard that we had to get after The Great Tree Incident of 2012. Once I can get rid of that, aside from saving another $65 a month, I can get our handyman up here and we can clear some scrub oak from our back yard which I suspect may be harboring a tick colony: we found one on our poodle Dante a couple of days ago. But I have a feeling that, while I might be able to clear the pod before the snow starts this year, the scrub oak won't get touched before next spring. Maybe I can get an exterminator up here in October to spray it down before the snow starts, but they're going to need a long hose.

September 2017

3 4 5678 9
101112 1314 15 16
1718 19 202122 23


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 24th, 2017 11:04 pm
Powered by Dreamwidth Studios