The Random Ramblings of Joe Philipps

Hey, you EU folks: there's some cookie laws which stipulate Alphabet/Google (owners of Blogger and Blogspot) needs to disclose some stuff to you, which, unfortunately might not show up if you have JavaScript disabled. It's not my fault they're that stupid, that they'd require JS to be on to display that notice, but whatever. You have been forewarned there may be some cookie monkey business going on which you might not like, and Google informs me it's my responsibility to tell you about that.

27 February, 2022

On Balance, One of the Stupidest Services Ever: Kolide

I have been hearing ads recently on the "Security Now!" podcast for Kolide. In one sense, I get it. You attract more flies with honey than with vinegar. It's better to make your employees partners in your endeavors than an adversary. The whole idea behind Kolide is that you make device compliance issues a bunch of warnings rather than enforce them. "Hey, you don't have a complex enough lock screen unlock code!" Big deal. I can ignore that all day long. Now on the other hand, "you can't use your device unless you enter a complex enough unlock code"... that is nearly infinitely more difficult to ignore. I wonder how many companies who need strict protections (like the one I work for now, a health insurance provider) trusted Kolide and paid their $6 per month per device and subsequently had a data breach as a result of not having device standards compliance. The whole idea of using something like InTune is so you don't have your data disclosed unnecessarily. Merely suggesting is not nearly good enough. Data security is too important.

Another aspect which this totally ignores is that the people who tend to something like InTune are supposed to be security professionals. While many people who carry around these InTune-managed devices may be security-oriented, it's not their job, only an aspect of their job. Subscribing to Kolide is like assuming the device carrier and the security professional are peers, whereas in many, many cases they are not. You're in effect giving the end user, who may not be informed or educated enough, the status of someone authorized to make policy.

English is a difficult enough language to interpret correctly when its rules are followed, let alone when the speaker or writer chooses not to follow those rules.

"Jeopardy!" replies and randomcaps really suck!

29 December, 2021

SARS-CoV2: The Smartest Virus Ever! Part 2

This will be a short-ish one, a followup to SARS-CoV2: The Smartest Virus Ever!

Uncle Mark said yesterday that we had a record-setting (reported) one day infection rate for COVID-19, 17% or something like that. Yes, that's quite high. The omicron variant is doing what viruses do, become better at spreading themselves. But as previously stated, although it spreads much more easily, thankfully its effects are markedly less severe. Along with this, in the same press conference, Uncle Mark said that the mask mandate is working, because hospitalizations are down.

Admittedly, credit for this thought goes to WBEN-AM host Brian Mazurowski, who presented this at the beginning of the 29-Dec-2021 "B-Maz and Beamer" show.

So wait...the purpose of the mask mandate was to reduce spreading of COVID-19. But you JUST said infection rates are record high. Again, holding to your control-the-public policy without any apparent logic behind it is eroding our confidence in you. Now...I don't think Mark Poloncarz has sinister intent, I really don't. But I don't understand his insistence on these mandates.

By the by, Uncle Mark also accused our County Comptroller of foul play by bringing up that the Erie County Health Commissioner got paid a LOT of money for handling the pandemic, particularly the overtime claimed. He went so far as to accuse Stefan Mychajliw of antisemitism, simply because the Health Commissioner is Jewish. It's just deflection, Uncle Mark didn't address the amount, which is apparently more than anyone else in a similar job in NYS, just chose to throw around accusations, to the point of uttering profanity.

26 December, 2021

SARS-CoV2: The Smartest Virus Ever!

Look...I hate to sound like the latest right-wing zealot to spout governmental conspiracy theories about COVID-19, but in the past few months, the various governments under which I live seem to be making it easier and easier to conclude that. Still, I cannot lay claim to being a totally original thinker on this stuff; admittedly, a lot of my thinking has been shaped by what is on WBEN-AM and Premiere Networks (in particular, Clay and Buck). I apologize in advance if this seems a bit unorganized, there is just so much to say/write on such a wide variety of subjects that it's difficult to put them in any particularly good order.

Let's just start getting to it by expanding on a comment made by WBEN's Tom Bauerle (paraphrased), and the title of this blog post:

This virus has to be the most intelligent, smartest virus in history.

I live in Cheektowaga, NY, US, which is the suburb to the immediate east of Buffalo, which is in Erie County (or "EC" for short). Near the beginning of the COVID-19 pandemic, to my recollection, it was EC which imposed a 10 pm curfew. I understand their motivation: they wanted to limit human interaction, they didn't want people hanging out at the bars to the normal 4 am the next day as the legally required closing time, therefore less chance of spreading the virus. But why 10? I guess it's because this virus is so smart, it knows when 10 pm rolls around, and almost instantly becomes more communicable. There were limits on size of gatherings. Again, the virus is so incredibly smart, it knows the difference between 10 people gathering and 11. It also magically knows the difference between 50% occupancy and 51% occupancy.

I mean....I sort of get it. Most times, governement does indeed have really good intentions. But it needs some exposition.

Let's just take the view back a notch or two, and think about what the fundamental purpose of government is supposed to be. First and foremost, it is the embodiment of the behaviors that a majority (plurality?) of its citizenry, or more succinctly put, the law. At the next level, it's what we agree we should not be allowed to do and what we should be obligated to do. For example, we all collectively agree it's quite wrong to take a human life, with the exception of self defense. We therefore have disincentives like taking away your personal freedom (imprisonment) if you somehow convince yourself you need to murder. Notice this doesn't prevent murder, it only heavily disincentivizes it. Similarly, government sets forth certain obligations that the citizenry is somewhat uninclined to do. Those who choose not to fulfill their lawful obligations are similarly punished for not meeting those obligations. An example might be paying taxes. If paying taxes were totally voluntary, the vast majority of people would likely not pay, but the thought of reprisals such as fines and jail compels most people to do it.

To bring this back around to an attempt at reducing COVID-19 spread, it seemed like good ideas at the time. Let's not fill public places to capacity, that will put more bodies in one place, therefore reduce the barriers for transmission from person to person. Let's not hang around each other for longer, because the longer we congregate, the more of a chance the virus has to hop from person to person. We do it this way because people, as individuals, are presumed not smart enough or motivated enough to do it on their own, that they need to be governed by the representatives of society, the constabulary, to do or not do things like congregate for the greater good of the society as a whole. And to that end, sometimes arbitrary limits have to be chosen, like 50% capacity, 10 or fewer people at once, or 10 pm curfew, to act as an easily understood and enforced limit.

The whole idea behind making these restrictions mandatory was in part in the interest of the government itself, to "flatten the curve" as the saying is. Erie County Medical Center for example did not want so many people to get so infected that they would be overrun by people all requiring a ventilator to survive. And then they would have to make some extremely unpleasant decisions, literally who would live and who would die due to lack of treatment resources. This is also by extension to limit the expenditure of finite resources such as Medicaid and Medicare. Again, the presumption is made that we are too dumb or too reckless if these decisions are left up to the individual, that in essence we can't be trusted to do the right things.

But along the way, we see government taking greater and greater liberties with our liberty. Take for example former Governor Cuomo. He wrote many executive orders under the emergency powers granted to him under the law. Several months later, many NY citizens expressed to their representatives that enough was enough, power/authority needed to be returned to the legislative branch, Uncle Andy can't go on pontificating like a monarch forever. Being a Democrat governor and having a basically Democrat legislature, nothing substantive was done, power was not returned. Oh, there was political theatre kind of like, "we told him he'd better back down!" But no, power was not really taken back, he still basically got to rule by fiat. Auntie Kathy is really not that different. And seemingly not that particularly smart either.

Take for example the edict that all medical personnel will be vaccinated, or they're out of a job. Wait...so, the very medical people who are trying to help reduce the suffering of people, and presumably have FAR greater medical knowledege than any governor or legislator, are not capable of making an informed decision as to whether they should be vaccinated or not? Are they actually somehow motivated to do evil to our society? They wish for our citizens to suffer? I find that extraordinarily tough to believe. NY is awfully big, and you're telling these people that in order to work at their chosen profession, they can't work in all of NYS? Look, not at all to belittle people who work at so-called unskilled jobs, but the somewhat harsh fact is that darned near anyone can do what you do with little training, you're interchangable. Not so much for the medical profession, it is not at all easy to become a licensed physican, nurse, or what have you. (And again, we have a goverment in place so that not anyone can claim to be a physician, we make sure you're qualified before you're allowed to work on people. We as a society have agreed that checking the qualifications of a physician before allowing them to do anything to us is just too burdensome and complex to do alone, so we have society do it for us and have licensures.)

At the same time, those in power have to realize the waning confidence we have in you.

You imposed restrictions on congregation and travel. Hello? I didn't think the US Constitution Amendment I was allowed to be suspended just because of viruses. Doesn't it apply at all times? I used to be rather annoyed at these proclamations for that reason. But then...well...let's just say, it came to light that certain cases of COVID-19 can be asymptomatic, that the person carrying it would have no idea they're infecting others. That tempered my anger quite a bit, and thought, yes, it was reasonable for society to impose this restriction because I was genuinely too dumb to decide for myself. Yes, I could be a dummy, not so smart. I can admit it.

Ah, but later on, along came vaccines. The promise was that if you got vaccinated, you wouldn't have to wear a mask anymore, you could congregate to your heart's content, travel wherever you like, life would pretty much begin returning to normal. It seemed like we were starting to get it under control. Yay! In fact, government was stepping in and acting as our agent to make sure the developers of these vaccines were compensated out of public funds, to take away the objection that it was too expensive to get vaccinated. And I can somewhat support that, it's one of the very few things I think government can do to really, really help us. Again, we're mostly too self interested to willingly spend on vaccination help, a hypothetical "help the unvaccinated get vaccinated" charity of sorts. The caveat to that support, and the danger, is when the pharmaceutical companies have the economic incentive to push their wares as it were. (I know, that sounds like a typical "Big Pharma" opposition. It's not really intended as such.) I have heard of cases of death where the cause was listed as COVID-19, even though it was fairly obvious it was something more like heart failure or blunt trauma, simply because reimbursements would be different.

But now, it seems as if the goalposts are being moved on us. We now have booster shots. For now they're optional, but Auntie Kathy has put forth the idea, get ready for "fully vaccinated" to mean "boosted." Again, the implications run deep as this might mean even MORE medical professionals will be told to take a hike. Sadly, the US Supreme Court has ruled that these NY vaccination mandates are not unconstitutional, as in not against Amendment I's protections of religious freedom. I refer to the well reasoned, well written dissent by Justice Neil Gorsuch. It's these very acts of making a continuously changing legal landscape and be willing to throw fundamental freedoms out the window in the name of the pandemic that is really eroding our trust in you.

Now, I do find it necessary here to explain that not keeping up with developments and relying STRICTLY on the past is somewhat dangerous. While I generally like and agree with much of what Clay and Buck talk about, c'mon, guys, this needs to be tempered with a willingness to be flexible about recent revelations. But I do get ya. It seems like government will take any opportunity to usurp just a little more control, whenever they can, in the name of pandemic control. You do make a compelling argument though that it will be decreed that booster after booster will be necessary, and possibly at some point be legally required for certain circumstances (e.g., NY medical profession). There HAS to be a better defined end. We can't really go on like this indefinitely.

I'm also quite miffed at how these fiefdoms of government are trying to exert influence whenever and wherever they think they can. I cite as an example that you cannot go to Highmark Stadium or KeyBank Center, which are EC owned properties, unless you're vaccinated, because EC's Uncle Mark said so. I was offered the chance to go to a Sabres game, but due to that edict, at the time I could not.

What really bugs me the most is that it seems we've already begun to go down the road where unvaccinated people are second-class citizens.

Again, we have to step back a couple of notches and ask the question, what is the end goal? Is our end goal really to inject people? Again, there is the economic incentive for "Big Pharma" to hawk their vaccine products (and get paid for them). But really, shouldn't the end goal be immunity? Vaccination is not the SOLE means of conferring immunity. Some sources state that the immunity from contracting COVID-19 and recovering from it is several times more effective than getting vaccinated. Not only that, I've even heard that getting vaccinated after recovering from COVID-19 reduces immune response in some people.

I had a severe illness lasting about 2 weeks in late Feb. 2020. The symptoms of it were influenza symptoms. At no point during that did I feel in grave danger, like not being able to get enough breath, but it was approaching that. All I remember is that for the first couple of days, my eyes hurt a little to move, and I did not wake up fully. I had a cough for months after that. It very well could have been COVID-19. I never had a formal test for it, but colloquially, virtually everyone I converse with about that episode seems to think it was. The timing seems to have been just too good for it not to have been, in their minds. But now that I have had my "Janssen jab" as I like to call it, I guess I'll never know. Any antibodies I have could have been from a COVID-19 infection, could have been from the vaccine. I don't know if medical science could tell the difference at this point.

Considering all the reports of side effects of getting vaccinated, such as injection site pain and being laid low for a couple of days, I really did not want to get vaccinated, partly due to that aforementioned belief that I had COVID-19 already and therefore natural immunity. Also, for a while now, I have had a sore upper left arm. Put those two together, and I really, really wanted to wait for my sore arm to heal up so that they could inject that. I did not want to add the pain of injection to something that has been so chronically sore, and I did not want them to inject my dominant arm. But alas, the let's go, Brandon we have as a President demanded the serfs in his fiefdom were to get vaccinated. Since where I work now is de facto a federal contractor, this has direct applicability to me.

I want to take an aside for a second to explain that I think I have been responsible for precisely three jobs in my entire over-half-century life. Every other job I've had has been the product of someone else's influence. Even delivering newspapers in my early teens is the result of a friend of mine recommending to the Courier Express that I be the one. I think Kwik Fill/United Refining Company of PA only hired me because my oldest sister recommended me. I think Radio Shack/Tandy only hired me because of the recommendation of my friend. Similarly, I think I only delivered for Domino's due to the influence of my friends. I only worked that summer for Al Boxall's Concessions due to one of my friend's urging. I never had to interview for Information First or for ExuCom because my friends and acquaintences ran them. I only worked at UCA&L/SSG/ClientLogic/Sitel because of urging of one of my college instructors (thank you, Vince Wood), and for a second stint because of a director level person I befriended in the first go around. No, the only jobs I really got for myself were, supervising the computer lab for a few hours per week in college, working for a few years for a guy I met at a mutual friend's wedding, and for Amazon when they first opened up their sortation center in Lancaster, NY. And the latter was frankly anyone who could show up on time and pass a drug test; I don't think they rejected too many folks for that one. I'm reasonably certain I would not be working where I am now unless that aforementioned friend I met at the wedding called me up when somebody left. (He had closed down his business and decided to work more conventional jobs instead of being self-employed.) I've applied for and been interviewed for many more jobs, but for whatever reasons, it was not to be my path. Jobs that I think I should have been perfect for, I have been rejected. I guess this is quite a long way of saying that for whatever reasons, work is not particularly easy to find for me, seemingly more so than average. So....I like to be warm...and dry...and not be hungry...so a job is particularly precious to me. Not having one is unsustainably not an option. Yes, I have enough savings that, barring once in a decade events like needing to buy a vehicle or replacing my furnace, I could live comfortably for several years. But again, that's not sustainable, long term. Anyways...enough of the aside.

So, much as I am not anti-vaccine at all, I had little choice but to get jabbed. I very highly doubt that my sore arm would have qualified as a medical exemption. I also looked at my company's religious exemption form. It wants an attestation signature from my spiritual leader. I think this presumes it would be an imam, a priest, a rabbi, a pastor, or similar. I am a nondenominational Christian. Sorry, my spiritual leader is Jesus Christ, so it's more or less impossible to get His signature for that form. Besides, as Justice Gorsuch points out, I don't think it needs to be any religion at all, just a sincerely held moral objection. But just the same, I hear that the objection of using fetal stem cell lines to develop the vaccines is the main objection by Catholics. However, I see on the Vatican's Web site that Pope Francis is even encouraging vaccination. (And He is said by Catholics to be infallible.) See, having at one time considered myself a Catholic, it's extremely tough for me to square that with the Vatican's pronouncement that it considers this research morally objectionable, and the only reason they think vaccination is morally acceptable is because there is no other vaccine available. This implies that the pandemic poses a greater danger to the faithful. This is the sort of thing that leads me to declare myself nondenominational.

What I am is pro-vaccine choice. But apparently, according to a few lexicographers such as Merriam-Webster, I am an anti-vaxxer merely because I oppose a mandate. That's just blatantly incorrect.

This let's go, Brandon mandate is just wrong from the word "go." It's logically ludicrous. Again, what is the goal? As before, the real goal should be immunity, not vaccination. But even trying to consider the goal of "vaccines for everyone so we can have herd immunity" falls painfully flat. There is no explanation as to why OSHA needs to enforce this for the magical number of 100 or more employees. Again, it is the most smart virus in human history if it knows that you work with 99 or fewer people and therefore pass you by. In my own case, it's ludicrous to mandate I get a vaccine; I work out of my home, I have ZERO virus-transmitting interaction with vendors, contractors, my coworkers, or even the public. It's medical insurance company theatre, with the only audience being the federal government. This virus is also so extremely smart that it knows that you're unemployed or retired, and won't bother you if you are. Otherwise, the mandate wouldn't be for ONLY people working for companies of 100 employees or more, it would be for EVERYONE. To me, there is no sane way around that; it's either everyone medically eligible, with Amendment I exceptions, or no mandate at all.

Yet another thing that makes no logical sense is Uncle Mark's mandate that masks be worn in all indoor public places. The stated goal is to reduce the COVID-19 spread so that hospitals are not overrun with new cases. Let's start with its start. If it's so darned important, why was it not enacted immediately? Why wait until 6 am the next day? If the goal is to reduce new hospital admissions, why is the criterion for the mandate to end a tentative date, and not when admissions numbers drop?

Even the prospect of wearing a mask is dubious at best. The majority of sources I have read or heard state that the gear that everyone goes around in is so ineffective (maybe 5%, 10% at ABSOLUTE BEST) as to be negligible in containing coronavirus. You'd have to have everyone in an N-95 to even approach being effective. The typical mask is little more than a chin diaper. Besides, the way a lot of people wear it is nothing short of knee-slapping hilarious. They must think they never breathe through their noses at all, because they're not covered at all.

Last year, Uncle Andy was urging (heh, oddly not mandating) everyone to wear a mask. What the heck, make it of whatever colors you like, put whatever artwork (or advertising?) you like on it. What's the big deal? Well, I'll tell you what the big deal is. Apparently, Andy, you've never had to wear corrective lenses in your life. If you did, you'd realize that especially fall through spring, the very act of breathing will fog them up, making it impossible to see at all clearly. Could you be that daft?

What's even more funny about Uncle Mark's mandate is some towns and villages, primarly on county borders (such as Marilla), whose heads of government publicly said, yeah, nah, we're not doing that, we're not eforcing jack, good luck with that. We're not going to force our businesses to lose business due to the fact potential customers can just travel a few more minutes down the road into, say, Wyoming County, and shop there. It became even MORE hilarious when Auntie Kathy likewise decreed a state-wide masking mandate, with the responsibility for enforcement being the counties. And several county sheriffs' offices likewise said publicly, yeah, about that...we have no intention of enforcing your silly mandate.

It has also struck me as almost Marxist-Leninist to call keeping spread out as "social distancing." The implication to me is, "hey, I don't want to be antisocial. I'd better do it for the community good." While that is kind of true, I have always thought of it as "personal distancing," and putting the word "social" in it was a weird turn of phrase, but sort of carefully chosen. Besides...it's a joke how it is being followed by a LOT of people. They are either woefully bad at judging what 2 meters or 6 feet is, or they just don't really give a damn. People stand IN THE MIDDLE OF aisles that are 2 or 3 meters wide. How am I supposed to keep 2 meters away from you if the aisle is not at least 4 meters wide? I ALWAYS try to be mindful of where I am, and my surroundings. Stores were not built for personal distancing, the aisles were spaced for reasonable density of product. As a result, many firms decided to make all their aisles one way. People also seemed to not be able to grasp that and follow it.

What even further erodes confidence in public officials is the fact that even vaccinated, and if applicable, boosted people are dying of COVID-19. Yet the media narrative continues to pound that this is a disease of the unvaccinated. Guess what? It is therefore now proven fact that contracting the disease is not the sole province of the unvaccinated. This again does not take into account that a lot of immunity is conferred by recovering from the disease, but it is nonetheless possible in all these cases to get, transmit, and sometimes die of COVID-19. I will have to emphasize, though, that either natural immunity or vaccination statistically does help quite a bit. It's not all doom and gloom for the vaccinated, it's just not the panacea that the media seem to think it is.

Another erosion of the public trust occurs when you use misleading statistics. From the very beginning of the South African announcement of the next significant mutation, the omicron variant, yes, it's somewhat concerning that it is many more times communicable than the delta variant. But at the same time it is much, much less virulent. Virtually all research since has proven this to be the case. So why do you continue to try to justify your actions and mandates solely on infection rates? If, for example, 1000 more people contract delta, and 60 of them need hospitalization, but when 1000 more people get omicron, yet only 15 of them need hospitalization, what's the difference? That base rate of 1000 new infections is meaningless without the companion severity statistic. Omicron is 4 times less of a problem in our example. You need to start thinking and talking more in terms of what matters, namely our capacity to handle it. You're making us conjure up the old phrase, lies, damned lies, and statistics.

Speaking of statistics, why is it that the "more free" states, like FL, TX, TN, etc. are having much less infection rates now, but in states with more controls imposed seem to be worse off? Could it be that their more hands-off approach is working better, that initially letting people be more free has had the side effect of more people being naturally immune?

Anyhow...there's really no good way to wrap this up. As mentioned in the beginning, there are so many interrelated subjects to cover, there is no particularly good way I know of to organize it all. The thing to keep in mind is that although control measures seemed by most to be the thing to do early on, we are getting awfully weary of your explanations of why you think we need to continue to live such restricted lives.

By the by....in case you couldn't tell, "Uncle Andy" would refer to former NY Governor Andrew Cuomo, "Auntie Kathy" to current Governor Kathy Hochul (pronounced like "HOE-cull"), and "Uncle Mark" to EC Excecutive Mark Poloncarz.

23 December, 2019

(updated) I Am Eligible for a General Class Amateur Radio License

This should be a quick one, possibly with an update after the initial post.

This past Monday evening, 16-Dec-2019, I went to T-S-K Electronics in North Tonawanda, NY, and took the tests for FCC Technician Class, then General Class, Amateur Radio license. Unfortunately, the Volunteer Examiners (VEs) are not permitted to show you which questions were answered wrong, but they will tell you how many you missed (2 for Tech, 5 for General in my case). When talking about license grants, my Technician course instructor (Kevin Kedzierski, WA2FKV) said the VEs will send out the documents that night, and should start to be processed by the Postal Service on Tuesday. Kevin's prediction was that I would have my call sign by Friday (20-Dec). Well...not to be; although I have proven my authorization to operate, it's not official until a call sign shows up on the FCC's licensing site. (That's actually one of the questions in the Technician Class question pool, how soon after passing your exams are you allowed to get on the air, and the (correct) answer is, when your license grant appears in the ULS database.)

Before someone takes the test(s), they may create an FCC Registration Number (FRN), in lieu of using one's Social Security Number (which I have done). It is that account which you may log into to download a PDF of your license for printing. I've been logging in virtually all week just to see if perchance my application has been processed. Although...when you pass, you get a document called a Certificate of Successful Completion of Examination (CSCE). One of the blanks you can fill in on that form is an email address, which I think the FCC will use once they have made your license grant. Every time I hear that I have new email, I keep hoping that it's the FCC, but at the moment I'm a little skeptical, because one, it's hand-printed on the form (and people screw up my surname, Philipps, all the time, too many Ls and not enough Ps, which is part of the address), and two, because I suspect they wouldn't do anything on weekends (it's Saturday as I write this).

So...I wait for things to happen, over which I have little control obviously. But still, I'm thinking almost like The Chipmonks, with their "hurry, Christmas, hurry past."

UPDATE: 27-Dec-2019, the FCC processed my license application. Hello, world, from KD2TFB.

17 December, 2019

Knowing the Details Is a Lot Better Than Not

I apologize in advance for a bit of rambling, but there's just no good way I know of to write everything I want.

It's one of those unfortunate things that's money-driven (of the many, I know, I know...). In order to display ODB II, you have to have, you guessed it, a display. For almost all passenger vehicles, the only display available is plugging a scan tool into the ODB II port. Boy, I with that wasn't so.

Let's flash back for a moment to when I owned a Plymouth Acclaim. This thing was a beauty with respect to ODB II. Turn the key to the run position three times within 5 seconds of being off, and the malfunction indicator lamp (MIL), a.k.a. "'check engine' light," would start flashing 2 digit codes, and end with the pseudocode 55. Of course, unless you have a ready reference (thank goodness these days for DuckDuckGo, Bing, Google, Yahoo!, etc., but not back then, as well as for cellular data) you'd still be in the dark as to what the two digit codes mean. But at least you can memorize a few of either the more dire or the more benign ones.

Today I had a little bit of a scare. At first I noticed a light was on on my dash which ordinarily isn't on. I don't know why, but for no particular reason, my mind first interpreted it as a brake warning light. But then on closer inspection a few seconds later, I realized it was the MIL. The first thought after that was that the motor could refuse to run at any time, and I'd be stuck. I happened to be on my way to my Amateur Radio FCC license exams (hey! Got two wrong on Technician and five on General, so I am effectively a General and just awaiting my call sign) so was a tad worried about how I would get home (although to a large extent, it's less of a worry because I'm an AAA Plus member). Would it even start after my tests? Would it conk out on the way home?

Turns out, no, it didn't, although my trip home was longer because I decided to avoid a highway (I-290 east for locals to Amherst, NY). Ironically, before going to my exams, I talked, in person, to the manager of the aforementioned repair shop about coming in on the 19th for other work (brakes, battery, and oil change). We had also talked about the possible causes of poor fuel economy, oh the irony (stay tuned :-)). I was thinking, should I just drive the car to the shop and walk home? Geez, Louise, who knows what's wrong? I may not even make it that far. But then after I got home and settled a while, I remembered...a long, long time ago, I can still remember how I--made a trip to Harbor Freight. And I knew if I had a chance, to use that ODB II reader tool I bought....OK, OK, enough with the unrhymed "American Pie" parody :-). I had to think for a second, where I might have put it, lo those many years ago.

Eventually the memory cells kicked in long and hard enough so that I could retrieve said ODB II scan tool, and I did hie to the waiting Elantra with it. Drat. I bought the tool when I had a Lumina sedan; I didn't know eactly where Hyundai chose to hide their connector. But eventually I found it. But alas...it'd also been so long ago that I did not remember how to use the darned thing! Back into the house I did go, once again to consult first the product documentation, and then Google University. Hint: it doesn't quite work right unless the key is in the run position. (Hey! Shout out to you Cen-Tech manual writers! How's about bolding some "quick start on using our product" instructions on that one? I gave up after trying to read your "how to use this tool" section). One nasty neck kink later trying to look up under my dash for the ODB II connector, and I was in like Flynn.

Hmmmm....the display shows "A/T". Oh, no...my transmission is toast? Well, no...that's just a discovered "query-able" endpoint as I might call it (not sure what the formal term would be; I tend to think in more general IT/client/serer terms as that is my profession). Thankfully there was nothing to read under "A/T". "Engine" on the other hand...that was a P0455. OK I'll spare you the extra Googling and just tell you it's a large evaporative system leak.

So no, it was highly unlikely the engine would just quit. It would cause a decrease in fuel economy, because those fuel vapors are no longer being collected in the canister for that purpose, they'd just go, unburned, wasted, into the air. If I did give into my fears, I would have walked home in the mid December cold for nothing.

Alas, the reason information is withheld is no doubt economic, possibly in two ways. First, it's more expensive to incorporate a display into a car, at least one from the 2008 era when this car was made. Not only that, but then there would need to be extra time for programmers to make that display useful, much as Plymouth had to have done. And people's time costs money. Second, you think some segments of the car repair industry wants such empowering information? I hate to be cynnical, but Idunno, there could be big repair sort of like there is big oil and big pharma.

So...armed with the knowledge of what the implications of a P0455 are, I can more confidently go on and do some errands, and not...welll....cower in fear? Maybe that's a little harsh. But nonetheless, once again, knowledge is power.

27 September, 2019

Amazon Is Getting Really Smart: Amazon Locker

About a year or so ago, while shopping on Amazon, I first saw a delivery option of "Amazon Locker," or for the rest of this post, "AL" for short. If you've ever heard of the term "porch pirate," you'll know that this no-additional-cost service was designed to combat just that. I don't think I have to worry about this personally because of the character of the neighborhood I live in, but I imagine there are quite a few people to which this happens all too frequently (thank you, oh so much, Mark Rober). (OK, OK...I'll admit, crime can happen anywhere, so no neighborhood is totally safe or free of it.) There's quite a few things that I have ordered that make me worry about someone coming along and just helping themselves to it, not to mention leaving cardboard boxes out in the rain (which is another problem AL solves).

With Amazon's acquisition of Whole Foods, that was a natural choice for one of my area's first ALs. It is really nice and fairly well secured (6 digit code required for retrieval). I have retrieved many an item from there over the past months, but going to Whole Foods is kind of out of my way. So imagine my surprise when I was wandering through Rite Aid on my way home from my employer's office looking for something to treat my nascent cold and I see an Amazon logo.

What's more, there was a label "Aldo" on it. Aldo. Why "Aldo" of all things? This is the really smart part: it looks like newer ALs have names. Amazon is thinking I'll do exactly what I did, seeing a new (to me) AL, go home and search for it on Amazon's site. When I did, I could correlate the name seen in person on the Locker with the one on the Web site. And that's a good thing too. I would have guessed Rite Aid's address to be on Sheridan Dr. Since it turns out it's actually on Evans St., I would have been looking for "Sheridan" in the listing of search results for ZIP code 14221. But there it is in the list: "Amazon Hub Locker - Aldo". Also in the listing is Karriem, Langu, Minerva, and Aliva. I don't know what the variety of names that they use is, but if each has a unique name, all the better. As well, consider that for my part of the world, these names are not common, but they look enough like names for them to be at least a little memorable. You're not wondering, was the name I saw John? Nancy? Bob? Sally? Greg? Diane? Mike? Darlene? No, at least for me it's esoteric, so possibly more memorable.

But alas, as you might imagine, there are some minor downsides. For one, there are limitations on the size of things that will ship there, which you will find at checkout time. Certain classes of goods (hazardous materials, shipped from other countries, etc.) cannot be shipped to one. Sometimes at the time of your order, it will be predicted that there will be no more locker space left. You're automatically limited by the hours of the retailer, but in Rite Aid's case, that's 0800 to 2100, quite a wide range indeed. You have 3 days to pick up, after which time your order goes back. At least at my Whole Foods, I've never gotten the barcode on an iPhone or 8" Android tablet to work. But all these niggles pale in comparison to the assurance that stuff will not be setting in my driveway, open to anyone who might see it and be inclined to help themselves, as well as generally being guaranteed the boxes will not be soggy. (well...you never know due to package leaks, flooding, overhead plumbing gone wrong, etc.)

I hope as many businesses as possible strike deals with Amazon for these alternate pickup arrangements (looks like they also have "Amazon Hub Counter," which as it sounds, you pick up from a person instead of just electronically unlocking a locker). Then it won't matter much where I'm going, there will be one close by. The businesses can benefit too. Like Rite Aid, put it far from the entrance, and you now have potential customers seeing your wares as they go to pick up their Amazon stuff. There's still those impulse buys that will happen, even if it's cheaper on Amazon :-).

20 December, 2018

Chrome: More From the "My Way or the Highway" Department

Google, in their infinite "wisdom," decided a few months ago that when you sign into Google, you also sign into Chrome. I in particular do not really want my Google credentials being cached in a whole lot of software, and in particular, not within Chrome (or Chromium for that matter). When Chrom(e|ium) exits, I don't want either to stay logged in.

A number of security- and privacy-focused folks pointed this out, the fact that they didn't take too kindly to logging into the Google services meant logging into their browser. So Google said, OK, folks, don't worry, if you really, really want to separate these two functions out, all you have to is go into your flags and disable identity consistency. That way, if you want to sign out of Gmail (or other services), you can, and still have your Chrome signed in and syncing settings, extensions, or whatever else you've configured to sync. Or conversely, you can be signed out of Chrome, but still be able to log in and pick up your Gmail.

Now you know, this is the company which by default has a "remember me" style checkbox on their credentials dialog, which defaults to "on." Similarly, if you've enabled RFC6238 TOTP multifactor authentication, there is a by-default-checked option so that you don't have to enter a TOTP for 30 days. After all, they're trying to make using Google and its services as convenient and frictionless as possible...why authenticate when you can be remembered? But of course, I can't tell you for sure, but the odds are pretty good the reason Google wants you to stay signed in is so that you can be tracked by them and other sites. After all, that's extremely valuable data; they've made an entire very successful business of collecting, curating, and somewhat interpreting that data.

But here's the thing...in a subsequent Chrome release, that flag has no effect. No, instead of being hidden away in some internal browser configuration page, it has "graduated" to the normal settings UI page, as "Allow Chrome sign-in". Great,then! Fixed, right? Well...no, not really.

The "identity consistency flag" allowed nearly complete separation of in browser and Chrome "logged in status". You didn't have to go into chrome://flags and toggle it on or off in order to log in or log out of Chrome; you could log into Gmail and not log into Chrome, or vice-versa. If you did adjust that flag, you'd have to restart Chrome for it to take effect. But no, this new toggle simply allows logging into Chrome, or disables the ability to log into Chrome and all its syncing goodness. This is at first subtle, but really is profound in the implications of its implementation. No longer can I just log into Chrome without logging into Gmail, if I log into one, I am logged into the other. Sure, if I don't want to be logged into Chrome, I can go back into the settings ( == friction) and pull the slide switch the other way. But then when I do want to log in, to get a sync going, I have to go into settings and slide the switch again.

And again...I understand the dual implication: they want me logged in/identified as much as humanly and inhumanly possible for their business, and basically their cover story is that they want it to be convenient and as frictionless as possible for the end user. But to the security and privacy minded, conscientious end user, it is less convenient and more friction.

So...it's Sundar's way or the highway. Sure...I suppose you could download the Chromium source, slice out these nasty bits, and build it yourself, but who wants that badly to take on that maintenance responsibility?

Idunno...I'm actually tempted to do this, because I'm sick and tired of all the goddamn stoopid animations...like you can't even open the main menu without a stoopid bloom of the 3 dots, and you can't visit a subsection without the page being slid all around, either horizontally or vertically. This is DESPITE many requests to remove UI animations, usually from folks accessing computers with Chrome on them remotely (and the slow update times that entails sometimes).

19 December, 2018

Everything Old is New Again Department, Part 2 for Today

My, it certainly is true that there are no new novels, no new movies, no new TV programs. It's the same thing retold in different ways, which I guess is what keeps us watching and listening, trying to figure out what that "new" way is.

One of my favorite movies is "Sneakers." I have listened to the soundtrack CD many, many times. One of my favorites from that is "Cosmo… Old Friend," particularly in the one part with a strings crescendo I think in a major key, followed by a decrescendo in a minor key, followed by a piano (meaning soft) replaying of the major key, and this 3 (or 4) measure figure is repeated. All that is with a really great bass behind it (not sure what instrument; maybe a bunch of double basses arco). I was kind of wondering what scene in the movie was this put behind. And I found a "Movieclips" YouTube video of at least part of the scene. That part I'm talking about is where Marty/Robert Redford says, "...small countries?" at about 1:40.

Then Cosmo/Ben Kingsley nods smilingly and says, "I might even be able to crash the whole damn system...destroy all records of ownership. Think of it, Marty: no more rich people, no more poor people, everybody's the same. Isn't that what we said we always wanted?"

Upon seeing that again, I thought, gee...isn't that one of the story arcs in "Mr. Robot," fsociety taking down E Corp? The aim of fsociety was to compromise totally all the world's financial systems, so everything is "level" again.

From the Everything Old is New Again Department

A local talk show host, WBEN-AM's Tom Bauerle, had a good point: we are going back to the time of the ancient Egyptians, who used hieroglyphs to communicate. The modern day equivalent is emoji! In fact, Matt Gray and Tom Scott launched (and not too long afterward took down) a Web site dedicated to communicating with no text, only emoji. (OK, that was gratuitous use of linking using Blogspot to link to 3 different YouTube videos.)

09 December, 2018

Don't Trust Your Disk Enclosures to Assess Disk Health

For the second time, I have removed a disk from its purchased enclosure (the first was IEEE1394/FireWire, yesterday's was USB 2). The result both times is that the disk was exhibiting wonky behavior in the enclosure, either outright throwing errors or hearing the read/write heads being repositioned a lot of times (you experienced computing folks know exactly what I heard), and after being extracted, work just fine on its own. The lamentable part is both of them were intended as backup disks, and the next-to-last thing you want to go wonky is your backups (with your first thing you don't want to go wonky is the computer itself). A case-in-point follows.

Almost ever since I got my 2 TB Seagate FreeAgent, it would have that tell-tale "I'm having trouble reading the platters" thonking of the heads. However, Seagate will not take warranty claims unless their utility (ugh...Windows only, .NET 4 requiring) tests it and the utility pronounces it defective (or put another way, it sounded like if you tried sending it in for a warranty claim without their utility finding it defective, you'd be economically responsible, not Seagate). At the time, I should have taken that as a hint that lots of folks found these disks dodgy, probably with the same almost unmistakable "help! I'm having read problems!" head thrashing, and had their warranty claims shot down. After all, why would Seagate even have to caution people about that on their site? But I digress. Recently I pressed it into service as the storage for MythTV recordings attached to a Raspberry Pi. Finally, this past week I had had enough of sitting there during recordings, and at times during viewings, of hearing the thwacka...thwacka...thwacka of repositionings/retries. I bought a 2 TB Toshiba USB disk (essentially it's a laptop drive with a case and a USB to SATA converter). While copying the MythTV videos from one disk to the other, there were plenty of times I heard that head banging. I then put the Toshiba drive in Myth service, with seemingly the only detriment being that if you plug it into the running Pi, it makes the voltage dip below threshold (making the red LED go dark for half a second or so) during the time the disk motor spins up. (After all, the Pi is only USB 2, the Toshiba is a USB 3.x unit, therefore has those higher allowable current draws.) I then proceeded to tear apart the Seagate case.

After putting the Seagate drive on a Sabrent USB 3 disk converter (turns out it's a Barracuda LP at heart), I did the same rsync copy where I heard the clackity-clacks before, but this time, there was no such noise. Soooo.....did it remap sectors and now it was getting a clean read? Was it overheating in the enclosure? Was the Seagate USB converter board wonky? Was the power supply unstable? Without some professional diagnostic tools, and maybe a clean room, it will be VERY difficult to tell for sure, but I'm guessing it's unstable power to the drive, like the 160 GB LaCie FireWire drive that preceeded it.

That's OK...the FreeAgent power suppy is being used for a different purpose, on some audio gear, where it doesn't seem to make a difference. Whatever glitches it might have had do not seem to be audible. My money's on the traces on the USB to SATA converter board just weren't up to scratch, and didn't provide enough stable current for the disk.

14 November, 2018

Recent systemd Update May Make Your Service Units Not Start Properly

I had set up a MythTV on a Raspberry Pi using the mythtv-light repository. I even used a lot of the suggestions from the MythTV wiki advising how to formulate a systemd service unit file. It seemed to be working fine, I was watching programs, pulling content from a SiliconDust HDHomeRun Quatro and dutifully recording streams from it to a USB HDD. Then TV enjoyment disaster struck.

Today I decided to set up another Pi to do the commercial flagging and any transcoding (although currently not doing it, although I may start due to things like Roku not supporting the native format, which may be either its own Nupple format or MPEG-TS, not sure). The plan is also to include MariaDB replication to the new Pi so that the database is fault tolerant too. I'd like to a make note here that I do like to do my own OS updates rather than have them done automatically; that way it's far simpler to relate something that starts breaking to a recently performed update rather than having to go back into some log files and figure out what changed. This would be for Raspbian Stretch (FYI, Raspian releases follow Debian releases, and Stretch is the current stable release as of writing this.) And once again this policy decision proved quite useful. I remember that there was a systemd update very recently, probably between the last start of my mythbackend and now. Having a User= directive in my unit file worked just fine, up until today when I restarted MariaDB, then the Myth backend (don't know if it tolerates the DB being restarted too well).

Suddenly mythfrontend was complaining that it could not connect to the backend. huh....That's odd. Does systemctl show that it's running? Indeed, it's running, and it's not exiting and respawning, because its PID is not changing (the unit file specifies it is to be restarted after 3 seconds if it exits for any reason other than systemd telling it to do so). But was there a listening socket? Darn, netstat -tln told me that no, there was not. There was nothing much to go on in the log file or systemcl status output, just something about not having data in a files cache in order to process expirations. A weird thing was that the HDD activity LED indicated frequent disk access, yet there was very little/no activity indicated on the network switch LED for the HDHomeRun. I had no idea what else it would be trying to do with the disk other than recording a program.

I thought, OK, slow way, way down, this is just too freaky. Even stopping the backend was taking a really long time. I got impatient and just used killall to try to stop it directly. That seemed to "help." So I wanted to see if something would be written to stdout if I ran the backend manually, from an XTerm command line. And of course, while doing that, I would not use the loglevel clause. But an odd thing happened: it ran normally. OK, might this have been a temporary anomaly? I tried once again to start via systemctl , and no, it was consistent. Listening sockets were never being opened. watch netstat -tln confirmed that. Starting via the command line (which worked) and watching for the sockets to open showed it was only a few seconds.

I must say, I have had a lot of experience in things running differently depending on whether they have been started from an interactive login versus by the system (from init). It's all in the execution environment. Unix/POSIX/Linux has so many process properties, but more often than not it's environment variables (LD_LIBRARY_PATH and PATH are two of the most common which are different between system and interactive invocation and therefore cause things to fail). So the next thing to try was removing User=mythtv (with "#") and adding /bin/su - mythtv -c to the command specifying how to start this unit. Bingo, there you go; it started, stayed running, and even more importantly opened the socket listeners. So hmmmm....what else does the system do for interactive logins? Why, not only does it set HOME (which was already being done in the unit file) but it also sets your current working directory (cwd) to that value! So hmmm....does a unit file have any directive like that? Yes, yes it does, WorkingDirectory=. So I set that to /home/mythtv, and it worked! For some really oddball reason, mythbackend will not open its sockets/operate normally unless the cwd is set like that. I have to wonder what systemd will choose for a service's cwd if you don't specify it, maybe the root. Moreover, I don't know if User= previously changed the cwd to that listed for the user (usually in /etc/passwd) or not.

Hopefully this story will help someone whose service daemons have stopped working.

Google+ Shuts Down, so This Will Have To Do for "Microblogging"

grrr...Oh, well, I'm glad for how long it lasted, but as of next year sometime, G+ will be going away. So therefore, I see no reason to continue posting there, even though it is very much more convenient than posting here. That's OK. I didn't post particularly frequently over there anyway.

07 August, 2017

Descriptive, Not Prescriptive: Why I Agree With Much of the Google Memo

Wow, there is an awful lot being said about the Google memo leaked last week. (UPDATE 08-Aug-2017: Motherboard (motherboard.vice.com) has pieced together a PDF of this memo which is much easier to read because of its formatting. I see Motherboard might be lefty too, because they refer to this as an anti-diversity memo, which if anything it is pro-diversity if one reads it critically and fully.) I think when an awful lot of people read it, they read into it what they want. The memo says as much:

"We all have biases and use motivated reasoning to dismiss ideas that run counter to our internal values."

When someone dares to point out any discrepancies which contradict the reader's beliefs and practices, no matter how well reasoned, and sometimes no matter how filled with caveats, they will denounce the piece as being racist, sexist, discriminatory, etc.

For example, if you dare to point out that there are differences between men and women (and despite explicitly stating that a lot of those characteristics are only generalizations and there is a lot of variation with respect to individuals), the subject person is excoriated and told they are wrong and a horrible person, for essentially pointing out the truth. In other words, some people read into it that all people conform to these tendencies, instead of taking the proposition at face value, that they're just tendencies. I'm reminded of Eric S. Raymond's blog post, which if I read it correctly, advocates just looking at the code, and never mind the identities attached to that code. Yes, eventually give credit where credit is due, but only after the code is judged for its merit, and consider nothing about from whom it comes.

While a seemingly laudible goal, to see roughly equal representation of gender, all races, all faiths, all <insert characteristic here>, is fairly unlikely for the foreseeable future to see that realized. A stance of total equality (of outcome) denies the points in the memo, that it's just the way things are. That doesn't mean that's the way things always have to be, it just means it's often easy to see that's how we are now as a society. The memo's author even states:

"I hope it’s clear that I’m not saying that diversity is bad, that Google or society is 100% fair, that we shouldn’t try to correct for existing biases, or that minorities have the same experience of those in the majority. My larger point is that we have an intolerance for ideas and evidence that don’t fit a certain ideology. I’m also not saying that we should restrict people to certain gender roles; I’m advocating for quite the opposite: treat people as individuals, not as just another member of their group (tribalism)."

But of course, this will get glossed over and dismissed. Again, someone needs to be judged on their merits and actions, not their gender, not their race, not their religion, not to whom they're attracted, not their class of any sort. This includes not being given any favoritism. In other words, like the memo author, since I am male, I would feel a certain amount of frustration and anger if a company hires or promotes a woman because they seem to be low on their female quota, thus passing over me.

In the last large corporate IT environment in which I worked, we were about 75% men and 25% women. I saw no hint whatsoever that women were oppressed in any way. I could detect no way in which the company had favoritism for anyone, other than for what they had a demonstrated aptitude (some better at backups/archiving, some better at server adminstration, some better at databases, and so on). For the most part, we all got along very well indeed. We saw each other first as people, as IT pros, and secondarily as men and women. Except for only one case in the late 1990s, it didn't matter that my supervisor was female, my supervisors were all the same professionally to me. And in that exception, I thought she was fine as a person, just wasn't as good as I would hope at her job. (That also applies just about equally to two men I had as supervisors at that same company, they were really agreeable guys, just less-than-stellar supervisors.)

Come on...all I'm asking for is equal treatment. This includes that I don't want favoritism towards others just for being female, or black, or anything else. It's about equality of opportunity, not equality of outcome. It's in no way negative that an IT staff is mostly men. It's just the way IT society is right now. I certainly hope more women do enter into and succeed in the field. But it must not be because they are women, it must be because they're good IT people.

ADDITION 08-Aug-2017: There was something pointed out on "The Glenn Beck Program" this morning, which is quite relevant: The fix for discrimination is not discrimination. In other words, the fix for discriminating against women is not to discriminate against men, it's to remove discrimination.

Another thing on this morning's program which was in the back of my mind while writing yesterday, but I didn't put it in here, is this: When, if ever, is Google's lefty bias going to bleed over into search results? Will the indexer look at the page contents and decide it's not the sort of page it wants me to see, because of these biases? What we really need is a search engine superclass, one that goes out to Oath, Bing, Google, maybe others, and combines the results somehow. The challenge may be to find search engines maintained by companies who aren't lefites. The point is, diversity in search engines would be good too.

Their bias is sometimes manifest in what they choose to Doodle. There are a few times where the radio personalities I enjoy point out that Google will bother to Doodle something which it knows is served to Americans that is some overseas event, but when it comes to recognizing something in our culture, pffft, forget that. It's not even necessarily a seeming lack of patriotism. Looking back at the Google Doodle archive, there is no Doodle for Easter, no Doodle for Memorial Day, and there's one for Fourth of July, which....come on....everyone around the world has 04-Jul...I have to wonder why it's not labeled US Independence Day or something like that. Oddly enough, there is a Doodle for Veterans Day 2016.

Direct all comments to Google+, preferably under the post about this blog entry.

06 March, 2017

Xorg Voodoo, and It Really Pays to Practice Your Backups and Restores

I wish Xorg/Wayland/Weston was not so much black magic voodoo juju.

For some experimentation and hacking fun, I installed gdm3 on my Xubuntu desktop system. I set up gdm as my default DM (dpkg-reconfigure lightdm and select gdm from the list), and then I ran systemctl stop lightdm and systemctl start gdm. That was somewhat of a visual shock, because I had never run gdm3 before, but nonetheless, it was usable. I logged in as my normal user.

I had some "normal" logins, where GDM started up my "normal" Xfce session. Then I decided, I wanted to see if the "Weston" option worked, as it had not under LightDM. Shazam, whatever GDM does that LightDM doesn't, I don't know, but that entry worked. Likewise I fiddled a little with "GNOME on Wayland", which was interesting. It's the first time I've ever used (I think it's called) the Lens. Meh. It's OK I guess, but I miss my menus of applications and such. I don't like the Lens so much.

One of the first things I noticed is, "log out" was not part of the dialog like it was under Xfwm/LightDM. There was only poweroff, reboot, and suspend. Huh? That seems kind of weird. Eventually, I found out (don't remember where) that there was a separate logout option. Then I hopped on over to tty1, and did systemctl stop gdm (might have had a 3 too). Then systemctl start gdm. Wow, that's really weird. GDM didn't start, but it looked like several times per second, it was trying. It was even difficult to type systemctl stop gdm because a couple of times a second, input was being stolen by the process trying to start GDM (or Xorg, not sure which). In fact, I don't know what the deuce was going on, but I could start neither gdm nor lightdm.

At this point I reasoned, I had seen the systemd file for lightdm and remembered it had a test for the default display manager. I would have figured dpkg-reconfigure would just use systemctl enable and systemctl disable because it "knows" the list of DMs, but it writes /etc/X11/default-display-manager anyway. Okeydokey, I did anoher dpkg-reconfigure lightdm and selected lightdm. That still wouldn't start either. Well, neither would gdm, so I rebooted.

The first surprise came when LightDM started really soon. I had set up lightdm to be disabled, because I want all the stuff which happens at boot to settle down first, then start the display server. I do this in rc.local by backgrounding a shell script which sleeps 20 seconds then does the appropriate thing for the service. It used to use an appropriate Upstart command, but of course when upgrading Xubuntu LTS 14 to 16, it had to be updated to use systemctl(8) instead. But it seems the dpkg-reconfigure had undone any enable or disable, since I had not even gotten the prompt on tty1 before the VT was changed to tty7 to start the X server. Meh, OK, I recognized this and just disabled lightdm.

I had fun experimenting with starting Weston (like loading different modules in the [core] section). One thing that didn't work too well was using drm-backend.so for Weston. That not only killed Weston, but also whacked Xorg too. That got a little whacky in that I had problems after that switching VTs. I had to log into another host on my network, SSH to the workstation, and systemctl reboot. After all, a computer isn't particularly useful if you can't type at it, if that's the way you normally give input to it.

I got tired of going through dpkg-reconfigure to switch DMs, so I just edited /etc/X11/default-display-manager directly. That seemed to be OK, but eventually, I got to a point where GDM wouldn't start, and LightDM wouldn't start either. Huh, that's weird. So I restarted the whole system.

Then there was the chilling realization that systemctl start lightdm did not do a whole lot except throw errors I could not understand in to the systemctl status lightdm and journalctl outputs, like stuff about some assertion failing. I'm sure if I wanted to take the time to download the ENTIRE SOURCE package for Xorg, I might see what that assertion does, and why its failure was happening, but I was not about to take all that time to futz around with that. What I thought might have helped is, I have an Xorg "prestart" script which sets the screen saver timeout and DPMS, changes the root window background color so that I know Xorg is running but before LightDM can initialize, and use some xrandr commands to set up the resolutions and refresh rates of the two framebuffers/monitors. (Xorg cannot read EDID information because the switches through which both monitors are connected mangle EDID, so it uses defaults...and that's just really ugly.) While I was writing that prestart script, I redirected stderr to an unused tty. All I got on that VT was messages about "can't open display." In retrospect, what I really should have peeked at was /var/log/Xorg.0.log for clues, but it would not necessarily have revealed anything I could understand.

I tried another dpkg-reconfigure to make sure whatever needs to be done to switch DMs is done, figuring it might be more than just rewriting the /etc/X11/default-display-manager file. That, unfortunately, was no help whatsoever. Restarting the system did not help either. I remove/purge'd the gdm3 package; no help. I reinstalled the lightdm package; that wasn't any help either. Sigh. It was going to be a really bad day if the only thing which is going to get my dailly driver back is a Xubuntu reinstallation and reconfiguration. At least the vast, vast majority of my personal settings and data is on a separate /home logical volume. I could very likely keep all the logical volumes, filesystems (but remade filesystems, except for /home of course) and stuff, so it wouldn't be like a blank disk installation. I have to imagine there will unfortunately be a somewhat large portion of *buntu users where that would be their only option because they're just not that experienced or learned in operations at this level. Most folks don't need it because their systems just work, they get their work done, and the amount of experimentation, especially at the system level, is minimal.

Next I did something I do very rarely, which is select the entry for system recovery at system boot. I figured I needed as little as possible running for what I was about to do next. Ugh. That is really ugly because of the nomodeset option. I am really, really used to the VTs coming up 1920x1080 (or 240x67). So, I restarted and edited the default entry instead, adding "single" to the end of the kernel command line. I figured pretty much all the configuration is held in /etc, so I figured out which disk and logical volume I used for backups last (which was right around midnight Sunday, started it up and went to bed) and mounted it. Then I did rsync -av --delete /mnt/bkup/thishost/etc/. /etc/. to get the /etc directory back to how it was. That went really quickly, as you can imagine. Then I just hit Ctrl-Alt-Del. That's of course going to umount the LV on the USB disk, deactivate all the USB LVs, everything buttoned up and ready to restart.

Except that didn't help either. I even tried unplugging my computer for a while figuring it was some really weird juju with how the video controller was being initialized..hoping letting the capacitors discharge would unstick this lack of Xorg starting. No, as I could have predicted, that really wasn't it either.

The semi-weird thing is, while logged in as the superuser on tty1, I could run Xorg :0 just fine. Of course, that's not particularly useful, but at least it proved it was not a hardware denial, or corrupted driver .so'es, or something like that. The X server itself would start, it's just that lightdm couldn't start it and use it. Well...come to think of it, the screen was initialized to all black, not the gray dot pattern it usually does, and no big X cursor appeared. Not sure what was up with that. At least it didn't go, as it sometimes will when it's failing, to VT 7 and do nothing but leave the blinking text mode cursor there.

I was getting really discouraged (and a little panicked to be honest) at this point. I thought it was going to be hours before being up and running again. I was starting to think of, how am I going to fetch the ISO to do another installation? Can I get one effectively with one of my other systems, likely with Lynx? I mean, as IT disasters go, this is pretty mild because at least there is a "known way out" (namelly OS reinstallation) which is nearly guaranteed to get the blasted thing working again. It's just the thought of the long, long time it was going to take to make that happen, with all the work that would need to be done in terms of installing the packages I like which basically has to happen after the standard installation was finished. It could be a lot worse; it could be the CPU itself which doesn't work, and I'd have to go back to a LOT slower machine (from a Core 2 Duo to a Pentium IV).

Sigh. OK, I wasn't too sure about using my complete backup. I do a number of --exclude= directives when I do the backups. But I'm never quite sure if I am excepting enough. For example, it'd probably be less than a good result if the LVM information was overwritten (so actually, that's already excluded). And sometimes the presence of files can make a difference, so of course you're going to have to use the --delete directive. I'm thinking, if this obliterates the wrong things, it's going to be a long, arduous reinstallation process, but hey, it's at least worth a try to do a full restore. After all, like YouTuber AvE often says, if it's broken, how can it hurt a whole lot to break it some more? Worst thing that happens is, my restore methodology overwrites zeroes over everything, and I have to reinstall everything anyway. Surely it will take not a whole lot of time to MUNG things to the point where OS reinstallation becomes a certainty.

So with some trepidation, in single user mode again, I mounted up the last backup, but I was still unsure of what I was about to mangle, so I added the --dry-run option to rsync. And boy am I glad I did. When you go about deleting things like lost+found, and bad things™ happen, even worse things tend to happen when fsck is trying to set things right and it can't write to lost+found because it's not there. It's also not particularly useful to go mucking about in /sys or /proc. I definitely didn't want to get into a loop trying to do untoward things with /mnt/bkup/thishost so I knew enough to mount the backup read-only, but still figured out what I really wanted to do is exclude everything under /mnt. I also chose to exclude everything under my $HOME but it would still be possible that some of the session files under there could screw with logging in under Xfce (or who knows, one time I got auto-logged into Weston when I didn't mean to, it must have stuck as the last thing I tried in the greeter).

So eventually I settled on a pretty significant set of --exclude's and let it rip. As I had been experimenting with --dry-run a number of times, there already was significant information in the block cache that really, it was only a few minutes later that rsync said it was finished. I restarted, unplugged the backup disk's PSU while the BIOS screen was showing (yep, it's that old, not UEFI), and let GrUB do its thing. And...

Success!!

I killed my little delayed DM starter script, did systemctl start lightdm, and the system once again looked normal. Of course, since the system is on a conventional SATA disk (not an SSD), it took agonizingly long to initialize, but I knew things were likely going to work OK because I got my normal prompt from ssh-agent to enter in the passphrase for my private keys in an XTerm.

What I'd really, really like to know is, what caused LightDM not to be able to start Xorg? That's the voodoo juju part of all this. You'd really hope that something particularly helpful woud be in the journalctl output, or systemctl status. But alas, no help was forthcoming. These days, if you don't have a working graphics environment where you can run a browser with JavaScript capabilities, lamentably you're at quite a disadvantage in researching possible causes and remedies. The usual copying/pasting of an error message into a Google search is going to be quite difficult.

Long and the short of it is, it's really a particularly good idea to practice restores every now and again. It will point out deficiencies in either your backup or your restore methodology, or maybe both. In any case, with such practice, it shoud speed up recovery from being in a jam.

Direct all comments to Google+, preferably under the post about this blog entry.

02 March, 2017

Yesterday, I knocked myself off the Internet

Yesterday, I spent some time poking about the Actiontec MI424WR (Rev I) that Verizon supposedly provided "for free" as an incentive to subscribe to FiOS. Supposedly, in order to be (fully) supported, you need a Verizon approved router, including one of these. I'm not sure their site allows one to complete the online (service) order without agreeing to rent, purchase, or otherwise prove you have (or will have) one of Verizon's routers. You may be able to finish the order these days, but as I recall, two years ago when I was ordering, their maze of forms and JavaScript wouldn't allow a submission without one. Anyhow...I read a recent thread on DSL Reports with regards to residential class accounts being able to have static IP addresses (they don't allow that) and the workaround of using dynamic DNS services prompted me to start poking around to see what services (dyndns.org, noip.com, etc.) that the Verizon router supports directly.

I have VLANs set up on my switch, one for TWC/Spectrum WAN (although I don't subscribe to any of their services presently), one for my VOIP LAN, one for most of the rest of my LAN, one for FiOS WAN, and one for the FiOS LAN. The nexus for everything is a PC running Linux functioning as a router. I knew there was the possibility of an address "conflict" if I plugged in the WAN port on the Actiontec (because Verizon only allows one DHCP lease at a time) so initially I powered up the Actiontec with the WAN cable unplugged.

After puttering about with a lot of its settings (ugh, I hate the Actiontec Web interface), I'm not sure what possessed me, but I thought, hey, my Linux router has a DHCP lease, and since Verizon's systems will only allow one lease at a time, I thought plugging in the Actiontec WAN cable should be no problem. If it tries to obtain a lease it will just be denied, whether by DHCPNAK or just timing out.

Emmmm....wrong! Very shortly after plugging in the WAN cable, the "Internet" LED came on. First I thought, "wait, what?" That was shortly followed by "oh, crap!" Sure enough, I logged onto my "production" router, tried the usual "ping 8.8.8.8", and there were no replies whatsoever. There isn't anything of consequence connected to the LAN ports of the Actiontec; it was pretty much just connected so that I could get in to configure it, and possibly switch things up a bit if a Verizon TSR demanded to have it online. So either the lease which Linux had obtained was somehow "transferred" to the Actiontec, or the lease Linux had was invalidated, and at any rate, in that state the Linux router was of no (WAN) use. (It still routed just fine between all the LANs.) I basically knocked myself off the Internet, because nothing on my network is set up to operate through the Actiontec. I thought, you idiot, you should have logged onto the switch and issued "shutdown" to the interface for the Actiontec WAN port first.

As you may gather from some of my previous postings, here on the I Heart Libertarianism blog or on Google+, I get pretty anxious about not having Internet connectivity, so to lift a line from Dickens, this was not the best of times. I think this is mostly because I have the family's email server here, not to mention virtually all the important notifications I have would go to a philipps.us or joe.philipps.us address. It's also the DNS master for a number of my domains, including philipps.us. I know, I know...the TTLs on the SOA records themselves should make them valid for two weeks, so even without Internet for an extended-ish time, things should not fall apart entirely.

Email servers very typically keep retrying for several days, maybe even as much as a week, so that should not be so terrible. As a further mitigation of any failure of my email server here, it just so happens I was one of the people who got in on the "ground floor" when Google was beta testing Google Apps (the Web services, not the usual meaning these days of the apps to access Google on Android). As a consequence, I have a "no cost" G Suite configuration as a less preferred MX. Therefore, it would be somewhat messy from an email history standpoint, but a catchall account on G Suite would have any email which my setup cannot suck in. Still...I think it's the thought that without Internet, even that backup setup is no good because I can't get to it. I would have to "borrow" someone else's Internet access even to see what's over at my G Suite account.

This would be compounded by the fact that these days, many of my access passwords are utter gibberish, thanks to KeePass and KeePassX. The database is in my Google Drive, but also backed up on my local computer. The implication is, it's another one of those "bootstrap" problems, without Internet, I don't have access to the master KeePass database, and even if I work from the copy, say from a computer at the Erie County library, it's going to be a LOT of tedious typing because the library's computers are likely not going to be able to run the KeePass software. I'd be working with revealing the decrypted passwords on KeePassDroid on my Nexus 7. For any Web services which will accept it, I turn on basically everything printable except space for the KeePass generator, and typically 20 characters. So yeah....lots of tedious typing if I have to use another computer.

Despite the minor panic I was in, I thought, come on, this shouldn't be that difficult, you really should have a way out of this. You can try ifdown on the Internet interface (happens to be eth3), followed by ifup. Nope, that didn't really do anything. Just calm down a little, and work the problem. If you get back on the Actiontec, you should be able to pick and prod your way around it, and find the "release DHCP lease" button, which you know is in there somewhere. That would at least mollify Verizon's backend(s) (or the ONT) into letting Linux get a usable address again. That was in fact the key. After hitting "release" on the Actiontec, I was able to ifdown/ifup one more time, and Linux got an address/lease. However...it was not the IPv4 address I had before. Rats.

As mentioned, the whole exercise started with wondering about Actiontec's implementation of dynamic DNS. This is precisely what I needed to do. This happens so infrequently that I have a Google Keep checklist for IPv4 address changes (which I have exported to a Google Doc for linking in this blog entry). I have that accessible on my Nexus 7, so all I have to do is find it on there, and I'm good to go. I copied the list, renamed it with "1-Mar-2017" in the title, and went about executing its items.

There were items on the checklist that I still had to figure out on the spot. For example, for some of the items, I did not know the pathnames of what needed changing, or what item in the relevant file. So in a sense, it's good this happened, because it has made me refine the process and therefore improve it. Still, it's a pain whenever my address changes. Some of it could probably be scripted or automated, but it's one of those things that happens so infrequently, I have to wonder how much utility there is in writing anything.

Anyhow...obviously, I'm back online, or I couldn't be posting this. Hopefully I'll be better prepared for the next time my address changes.

Direct all comments to Google+, preferably under the post about this blog entry.