91.x.x.x/8 is banned.

I just spent a piece of my (very beautiful in Denver, tankuveddymuch) morning cleaning up after a r0dent hammered the hell out of feedle.net’s webserver and brought a few things down. I don’t know if it was a DDoS targeted specifically at me, or at my hosting provider in general (it’s worth noting none of the other boxes at the same company seem impacted, however they are hosted in Texas where the webserver is in Northern California).

So, after getting things restarted, I went digging in my hosts.deny file. The great thing about running things like “Denyhosts” is you get a pretty clear picture of who the bad actors are. And one /8 keeps showing up in my hosts.deny file: 91./8. So, for the first time in my entire life of running feedle.net (15 years and counting) I’ve banned an entire chunk of the Internet from even accessing my site.

The last time I did anything close to this was when I added microsoft.com to my apache configs as “personæ non gratæ”, and that was for a short time until their bot started behaving and doing reasonable crawls and not taking up a significant chunk of my entire monthly transit. However, in digging around a bit, 91./8 is responsible for almost 3% of all bogosity against feedle.net servers. That’s a lot for one network, and it’s a lot for feedle.net to bear.

So, effective immediately, 91./8 is permanently banned from feedle.net servers. If you have a reason to be accessing anything on my personal network from that network please contact me via a Google service (ie. Gmail or Hangouts, or comment on the eventual propagation of this to G+) and I’ll whitelist your individual IP. Note that if you get a DHCP address that may change I will be very unlikely to whitelist multiple addresses or anything larger than a /26.

Anaheim and change

I have a huge dose of the crank today. It may be because I spent the afternoon chatting with an old friend from The OC, found out a big mixed bag of news (most of it not good), and communally cried over the loss of things we both loved about growing up in Anaheim. I suspect maybe my last piece of childhood innocence may have gotten killed on that phone call.

The place I grew up has changed, and the place I moved to and loved in my early 30’s has changed, too… and when I’m REALLY old and grey I won’t recognize either one I suspect. And that really upsets me: I want things to change for the better, not for the worse, and all I feel anymore is the wind continuing to smell foul when it blows.

I suspect the winds of this change were already blowing when I was a teenager. Anaheim was never as idyllic as perhaps I thought it was, Portland was always a little too hip for its britches back at the turn of the century when I moved there. 1  Recent events in Anaheim harken back to its history (not only the written history, but the verbal history passed to me by my maternal adopted family) of Ku Klux Klan.  Today it is different only in which side the Klan is on, not their presence in Anaheim’s ever-evolving story.  From German utopia, to Klan-controlled, to the Autopia designed by a mouse, to the auto-centric city of my childhood, and who knows where it will go.  Maybe ARTIC will undue the freeway snarls (ha, yeah, that’ll happen).  Maybe.  Around the time Portland becomes affordable again.

Ultimately this is likely the fact that I’m getting old.  My beard is now salt-and-pepper, and now and then I find a silver strand in my otherwise dark-brown-to-black hair.  I’ve already noticed I’m getting less tolerant, more gruff, and certainly grumpier.  My normal humorous curmudgeonly exterior is becoming darker and more sinister.

I’m becoming an old man.

How ironic it is to this soul that seems.  And it feels… a bit scary.  I don’t want to be that old man sitting on the bench at Pearson Park I remember from my childhood, feeding the birds from a loaf of bread grumbling about this, that, or the other thing (I remember rants ranging from Jimmy Carter to the teardown of the Fox Theater).  I want to stay vibrant and ever changing.

I want to keep growing.  And not for the worse.

Show 1 footnote

  1. Yes, we can say that now, it’s ok, I checked.

Thoughts on the FBI, Apple, and a side order of WTF…

OK, so I’ve been thinking about this whole kerfuffle (or has it elevated to a brouhaha at this point?) about the FBI going to court and forcing Apple to (as I understand it) develop a special version of iOS that doesn’t have the “10 attempts and data self-destructs” option.  I’ve got thoughts, believe me, and some of them disturb even me.

Let’s start with the whole request in the first place.  Tim Cook is right: not only is the request potentially improper on its face, but even the creation of a special software stack that doesn’t have the self-destruct feature opens a big can of worms probably nobody wants to open.  It’s not that the Fed would use it improperly: they would, no questions asked.  It’s that the moment Apple creates it there’s the potential for naer-do-wells to get the code.  No airlock is ever 100% airtight, and even as secure as I know Apple’s campus to be it would leak out somehow.  It’s … pun totally intended here … forbidden fruit almost worthy of a 007 movie-plot scenario to get.  Somebody would, you know it.

But then I start thinking of the implications here.  The FBI can’t unlock it?  Now, I know more than one person is saying “oh, it’s not that they can’t, they just want the legal precedent!”  I can accept that, but it still lingers in the back of my mind that all my life as a hacker and somebody who often skirts right up to the edge of “legal” on certain things that I’ve wasted a hell of a lot of time covering my tracks.  I mean, think about this seriously. Going to court, especially in northern California (Apple’s home turf) to get this writ required some pretty serious lawyering.  If you’ve read the docket, it actually is a novel approach to the problem, and that wasn’t done by some first-year law intern.  Real lawyers had to craft those briefs, and to this armchair legal scholar I can honestly say it was VERY well done.  It had the hallmarks of someone who knew exactly what they were doing.

And the Fed never wastes lawyers on trivial shit.  I believe that the FBI can’t crack it, or at least crack it easily.

As a teenager I heard horror stories of the FBI using data recovery techniques to do discovery on hard drives of BBSes and the like to get evidence of warez that were deleted.  I’ve heard some wild theories as to how the FBI did some of these things, probably fueled by too many teenagers watching too many X-Files episodes.  But even saner and cooler heads thought the FBI had some pretty good tech, and could do some pretty impressive things with the then-primitive tech of the 80s.  Hell, some of the equipment we regularly used back then was so dodgy even the owner couldn’t guarantee his files were there at any given moment.

So here we have the FiBbys asking Apple to help them crack this with (what amount to) a copy protection defeat just about any skript kiddie could hack.

I’ve pointed this out glibly in my Facebook post, but.. don’t they have code crackers at the FBI?  I mean, really.  How hard is it to JMP instruction around the 10-times-and-your-out code?  Isn’t there some way you could just pull the WRITE line from the memory store so that a delete couldn’t happen?

Oh, wait.  Mmmmmmaybe it’s not that simple.  Maybe Apple not only won’t code around this, maybe they can’t.

Consider this possibility.  Apple now does most of their own chip design and production.  And we know that newer models of the iPhone use some of the more advanced techniques to guard sensitive data in a secure part of the machine with its own rings and stuff.  But the 5C (the phone in question) doesn’t have that protected partition.

But what if the crypto is handed off to an internal cypher chip that has a “bad password” function INSIDE THE CHIP, not easily rewritable in the firmware, that destroys the data after 10 password attempts are recorded?  There’s no signals to mine on the bus, and no easy way to just (theoretically) fiddle with IO pins and get the behavior to stop.  Ten passwords, data store is corrupted, all done inside Apple’s A6 little magic box.  It may even be coded in the microcode of either the CPU or GPU portions of the chip, and that’s not likely easily changed (assuming it can be changed at all).

This is theory.  But I think it’s a valid point: Apple thought this through. They’re going to fight this in the courts, and if they lose they’re going to throw their hands up and then publically say “we can’t even do it, and here’s why.”  Congress will argue, and we’ll wind up with another lousy key-escrow proposal (or something even more idiotic), it’s already starting.  But in the end there’s millions of iPhones out there that CAN’T BE HACKED.

Steve Jobs may have been an ok guy after all.  One of his (likely) design decisions may cause McAfee to eat a shoe.

Fuck UPS (both the verb and a noun…)

Sometimes you can do nothing wrong, customer service wise, and still lose a customer. Thus is my saga with PillPack.

It all begins when my employer rather abruptly a few months back stopped allowing us to ship personal packages to work. Up until that point I was getting my medications largely from PillPack, and generally happy with their level of service. But when that changed, I tried working with PillPack to figure out a way to get my meds delivered to me, and it proved to be a fiasco regardless of what I did.

First off, medication cannot be delivered without a signature. I actually understand this, and generally don’t have a serious problem with the “law” that restricts medication shipments this way.

The problem is UPS. See, the Post Office has ways of dealing with this: if you have something shipped to you Priority Mail, Signature Required, and you aren’t home, you get one of these magical salmon-colored slips in your mailbox and you pick it up at the nearest Post Office. If you have a PO Box, it’s even easier. Same thing, pink slip, wait in line, get package. Done, and done.

UPS purchased Mail Boxes Etc. some time ago, so in theory they can provide the same level of service, no?

No, they can’t, apparently. It seems like every time I have a package fall into this “Exception Wonderland” something weird happens to it. It becomes Schrodinger’s Package: existing in a state of Delivery and Non-Delivery, existing but not existing; lost in the bowels of United Parcel Service’s nearest “warehouse” and it seems to take a minor miracle before UPS is able to arrange a time and place for you to pick it up.

At some point recently UPS launched a “My UPS” product. You can poke in your address and (in theory) have packages re-routed to the nearest UPS Store “automatically” rather than go through the old way (attempt delivery, tag door, you get package from nearest customer service counter).

So, this was working for a short while. I got a couple of PillPacks and my insulin this way without incident, re-routed to my nearest UPS Store. It’s nice and convenient: it is literally right around the corner from where I live.

Then, my most recent PillPack happened. PillPacks are shipped in small, brown boxes no bigger than a kid’s lunchbox, and are typically light: they have about two weeks worth of meds in the box packed in individual plastic envelopes on a roll, so they’re 1/4 of a cubic foot in size and maybe 1 and 1/2 pounds. I (and PillPack) were both hoping that using the My UPS tools I could just intercept the package and pick it up from the UPS Store.

That didn’t happen. My most recent PillPack couldn’t be delivered to the UPS Store, for whatever reason. I was told there was “no room at the UPS Store”, but that’s preposterous: there’s no room for a small box the size of a loaf of bread (and about as heavy)? C’mon, I’ve been to that UPS Store. It’s largely empty. I have another guess as to what happened, but I’ll go into that conspiracy theory later. 1

What did happen is the most frustrating thing that could have happened. UPS at that point couldn’t tell me where my package was, where it was going, or anything about it. It was if my package fell off the UPS truck.

PillPack ships their packages out so they will be delivered on Monday, for your meds that begin on Wednesday. Now, personally, this is awfully close spaced (and I’ve expressed to them that this is a problem, too, precisely because my experience with UPS is that when they fuck up, they fuck up royal and it can take 2-3 days to unfuck it up). A couple of the meds I take are of the type that “not taking this med regularly and on-time can result in some serious side effects”, I’ve been warned by my doctors. One of them (a blood pressure medication) is known for causing heart palpitations if stopped suddenly, for example.

Um… no.

So, this sets up the expectation that if I don’t have my meds in my hands by a few days before I run out I better start worrying. And believe me, I worry when that happens ever since receiving my aortic diagnosis. Aortic dissection is not my idea of a Good Day Starter and keeping my overall blood pressure low and my heart beating normally is how we keep my Big Ass Artery from going bewm.

When getting my meds conventionally (ie. typically from the local Kroger brand’s pharmacy) I’ve kept a week’s buffer of meds on hand. I start looking for next month’s refills once I get down to about 7 pills in the bottle. So PillPack’s “two-day buffer” is very uncomfortable. But, I’ll be honest, if the delivery vehicle was reliable enough and worked like clockwork (package was THERE someplace I could get it on Monday, for example, every time all the time) I wouldn’t sweat it.

So, you can imagine me starting to panic when it not only wasn’t where I was expecting it (the UPS Store), but UPS couldn’t even tell me where it was.

After talking to UPS “Customer Service” on the phone, they told me I could get it from the Customer Counter in nearby Commerce City, CO, in the evening.

I missed that window. We had a snowstorm blow into Denver Monday, I couldn’t get to said customer counter before they closed. No worries, I thought, it’ll be there tomorrow morning and I’ll just get it then.

Yeah, about that. When I went there on Tuesday, it wasn’t there. And they couldn’t find it. I waited around the UPS Customer Counter for over an hour and they couldn’t find it.

That brings me to my point. Sometimes you can do everything right as a company and have your best laid plans fucked up by an incompetent subcontractor who can’t find their ass with both hands and a road map.

That’s how I feel about PillPack. They insist on using UPS for reasons. UPS perpetually fucks up my packages, almost like they know I’m the son of a USPS Postmaster and every time they see “Baumann, Archturiat” on a package they TRY to fuck it up. I recently shipped my Macintosh from Portland to Denver and that was an exercise in frustration, as my attempts to use the same My UPS tool to redirect it was foiled by the UPS Store in Portland putting “A BAUMANN” as the addressee on the package (and I didn’t have “A BAUMANN” as an alias, so therefore… NO PACKAGE FOR YOOO!). Before that I had that series of incidents when I lived in Oregon City and I would watch as the UPS driver would walk up to my apartment complex door with nothing but a yellow post-it in his hand claiming attempted delivery, and UPS never doing anything about this even when I had VIDEO EVIDENCE that this was being done.

I like PillPack. I like the fact that my meds came in easy-to-use little plastic sleeves. I like the fact that every day my medication was laid out for me, pre-dispensed, so that even if I had to travel I could peel off the next four days of meds off the spool and go on. It wasn’t without bumps, but they were all minor except for UPS, well, becoming “OOPS” again in my mind and raining brown turds on my already grumpy disposition. What can brown do for me?  Let’s start by not ruining my day.

And that is why I would behoove ANY shipper to never hitch your wagon to one horse, regardless of who it is. I know people have Postal Service horror stories… my love for the USPS and the proud men and women of blue notwithstanding. And I’ve had FedEx foul things up too. If PillPack would ship USPS Priority Mail EVEN IF THEY CHARGED $10 PER PILLPACK I’d gladly pay it, give them my PO Box number, and I’d be happy. But they won’t ship USPS (even if I’m willing to pay for it). So they just lost me as a customer, and I’m going back to the monthly chore of King Sooper’s Pharmacy and metering out my meds into my own teeny little Ziplock baggies.

Even though I really don’t want to.



Show 1 footnote

  1.  Theory: Since UPS Stores are franchises, independently owned and operated, I suspect the owner got sick of seeing the same name on deliveries and just said “fuck this guy in particular”, because I wasn’t paying for a mail box from his CMRA.  Well, guess what, now I’m NEVER going to use your store even to ship things, so go out of business.  Please.

Kill amateur radio. Put it out of its misery once and for all.

As a lot of you out there know, I’m a ham radio operator. It’s a passing fancy of mine that goes very well with the general modus operandi of “tinkerer”: it’s allegedly a hobby about building and experimenting with radio technologies.

A whole lot of people (most of whom have nothing to do with the hobby of amateur radio as defined by regulatory bodies) have discovered that the Raspberry Pi can do a great job of generating a FM signal suitable for basically making a “pirate radio throwie“: a disposable device that generates a modest signal that can be heard on FM radios within a short radius.

“Huzzah!” I say to these experimenters and their toys. I salute any effort to promote the radio arts.. and I would love to take every one under my wing and show them how with a few simple extra parts (a low-pass filter and a transistor or two) they can make their signal slightly stronger.. and a whole lot cleaner for everyone on the radio dial.

So I recently get the crazy idea that, since this is in essence a 100% “software defined radio” it should be trivial to rework the “pifm” software into doing some bidding for me as an APRS device. If a wideband FM stereo signal can be generated, it’s just a matter of tweaking the bandwidth down to “narrowband” FM. I would as a matter of course add aforementioned “filtering” before I ever put this thing in amateur radio usage… but fundamentally it seems to me to be a logical conclusion, a fun weekend project, and even more importantly something to dust off the old brain cells and improve my skills as a radio geek.

God help me for the responses I’ve been getting on Reddit for *gasp* even considering it and vocalizing my intentions (and also wondering if I was reinventing the wheel).

Out came the Old Men of Henry Radio types, blasting me for even suggesting it. “Go buy a $20 transmitter that pretends it’s a real radio,” one response said.

So with that tone and attitude I simply have come to the conclusion that I can no longer support amateur radio as a hobby, and further, it needs to be killed. “Ham radio operators” are killing inventive ideas actively, and discouraging experimentation? What crazy wacko world do I live in where the very place we’re supposed to be innovative and cutting edge is the place I’m discouraged from even thinking about something that is expanding our knowledge of how to put a signal on the air.

So, since that’s the attitude of most hams nowadays, I can no longer support this hobby in any shape or form. And to that end, I’m even going to encourage its destruction. The next time there’s a Notice regarding the ham spectrum, my response to the FCC is going to be:

[ham] radio no longer serves the general good and has become nothing more than a waste of spectrum: mostly because the denizens of the spectrum today no longer encourage active experimentation and expanding of the radio art and instead discourage experiments and are hostile to young minds wanting to explore.

It’s time for these old men to turn off their old radios, hang up their antique microphones, and get out of the way of progress.

Generic update is generic…

So, just a generic update. The Oregon number (503-451-0714) got seperated from the Google Voice account I use day to day, for reasons.

If you have a (720) number for me, you have the current phone number that’s tied to my Google Voice/Hangouts that actually will ring me phones. If you don’t have the (720) number let me know and I’ll get it to you.

It’s amazing!

I actually got something of a good night’s sleep last night!

I’ve been trying to get things done so I can have a proper sleep study and get a CPAP (or a BiPAP) machine and actually get some sleep at night. My cardiology team has helped that process along, and last night I had a sleep study that involved the use of a CPAP machine.

I actually am able to make it through my workday feeling somewhat alert and not fighting off the drowsies. And I can actually apply some brainpower and get a few things done.

The frustrating thing is it may be a few weeks until I have my own CPAP, and it is going to be hard to wake up the next few weeks after feeling what even a partial night of sleep can do for my overall attitude and mental strength.

Now I just have to clean all this goop from the electrodes out of my hair…

Goodbye, Steelhead..

.. and with that, it seems another door from my past is closing. This seems to be a theme lately: things that I was fond of are slowly dissolving to black.

I’m not depressed per se, just a big melancholy. My life is taking some pretty interesting turns the past year, and while I’ll miss things from the last chapter of my life the next chapter looks to be just as interesting.

One chapter ends, another begins.