search
top
Currently Browsing: Technology

Tech Open Thread

It’s Friday, and I’m writer’s blocking trying to write up something persuasive defending the concept of Immutable Infrastructure in DevOps. Really, the client in question has at best Semi-Immutable Infrastructure: updates can be applied via the deployer for the systems that are now working under that paradigm. They don’t tear down the and rebuild their VMs for patches and security updates. And they still have a lot of stuff that works under the traditional “mutable” model.

But we are pushing the idea of eventually having all IT infrastructure adopt DevOps principles. For major OS or software releases, or in the event of a security breach or other problems with the system, tearing the system down and rebuilding it should be done. I approach DevOps from a traditional IT background. Most of my colleagues approach it from developer backgrounds. I’ve found that traditional IT folks are more resistant to DevOps principles than people with developer backgrounds. So I feel like when IT people exhibit skepticism, having “come to Jesus” myself from the same heresy, I should be the one to preach to them the DevOps gospel.

I’m curious if anyone out there has worked in this area. My current focus is doing a large, legacy database system as Immutable Infrastructure. Or at least Semi-Immutable Infrastructure if you’re a real purist (which I am not).

Slate: 80% Lowers a Bigger Threat

This Slate article actually shows a reasonable degree of understanding on the home build issue. They correctly point out that home manufacturing is legal in most of the United States, provided they are intended for personal use by the person who makes it. Manufacturing for sale requires an FFL.

If lawmakers are concerned about threats having to do with 3D-printed weaponry, they might consider banning 3D-printed bump stocks, too, which are attachments that can be added to semi-automatic rifles to make them fire faster. Those might work better than a fully 3D-printed gun. But 80 percent lower kits remain a much bigger threat—and should be a higher priority for lawmakers.

If they reclassify bump stocks as machine guns, it will be illegal to 3D print one, just as it’s currently illegal to 3D print a machine gun. However this is feel good nonsense. Of course someone unconcerned with following the law can print a machine gun receiver, or machine a machine gun receiver from an 80% billet, or go to Home Depot and buy all the parts you need for a home made submachine gun. A lot of these fools just don’t get this: you can make this shit illegal, but it’s not going to stop someone who’s intent on committing murder, robbery, or some kind of terrorist act. It’s not going to stop people from manufacturing them for the black market. There couldn’t be a more plain case for, “This is only going to deter hobbyists who are no threat to anyone.”

But as I’ve said, that’s the idea. Stopping criminals is not the purpose of this. That’s just a bullshit pretext. The idea that anyone could just make a gun? Scare bleu! The peasants, in their basement? They might even have fun doing it! They might make a mockery of us, and wouldn’t that be the worst thing ever.

And what about the 80% issue?

Understand the fundamental issue: Generally, our law is structured around the idea that gun parts can break, and owners ought to be able to order replacement parts without having go through a background check and fill out paperwork just to get a replacement spring, firing pin, bolt, etc. This is not a loophole in the Gun Control Act. It was intentionally set up this way.

So we pick one part that is the critical piece, and call it “the gun.” Most of the time, that’s the receiver, which some designs divide into upper and lower receivers, either of which can be “the gun,” depending. There’s a certain stage of manufacturing where ATF considers a piece of metal machined enough to qualify as a firearm even if it’s not fully finished. ATF is generally clear on what those machining steps are.

So how do you “fix” this “loophole?” Say you make ATF remove a few machining steps to qualify as unfinished, and now “80% lowers” are illegal, and we now have the “70% lower.” Think hobbyists won’t get around that? How far do you go? Where does it end? At what point do you start demanding billets of aluminum get regulated? Don’t be ridiculous.

What drives me nuts about the political climate today is what I’ve seen dubbed “aggressive ignorance,” driven largely by social media. Put enough people in an echo chamber, where dissenting opinion is driven out, and the answers become simple. We live in an easy world to the aggressively ignorant. They have charlatans parading easy answers at them all day, and who are you to say it wouldn’t work? What do you know about the topic? You’re part of the evil gun lobby! If it weren’t for people like you, we could solve these problems.

Everyone wants easy answers, and god damn anyone who tries to say there aren’t any. It’s madness.

People Will Lose Their Gun Rights Over This

I’ve already largely stopped posting Facebook on my personal timeline. I still keep my account for my blog and club, and the occasional comment thrown around. But this makes me want to swear it off entirely.

This is software to save lives. Facebook’s new “proactive detection” artificial intelligence technology will scan all posts for patterns of suicidal thoughts, and when necessary send mental health resources to the user at risk or their friends, or contact local first-responders. By using AI to flag worrisome posts to human moderators instead of waiting for user reports, Facebook can decrease how long it takes to send help.

I can’t really tell you how much I loathe social media. I’d love to see these companies crash and burn. They are doing nothing to make our lives better. When I was growing up, I was promised my future would be all Mars bases and Flying Cars, and Facebook is what I get? OK, sure, I got the Star Trek PADD and communicators, but what do we use them for? That’s right. Cat videos.

You see, it’s not that I am now or have ever been suicidal. I’ve said before, that I will never be suicidal is something I can pretty much guarantee. I like existence too much. But I don’t trust this not to have a lot of false positives, and there are very real consequences to alerting the authorities that someone might be a danger to themselves or others; loss of gun rights being the primary issue for this blog.

In many states, even an observational trip to the loony bin will land you a state and federal prohibition. Pennsylvania is one of them. If you ever find yourself in a situation where first-responders show up concerned that the Facebook AI has determined you’re going off the deep end, make sure you go voluntarily. Make sure you tell everyone you deal with you’re there voluntarily. Because if they take you against your will, now you have much bigger issues if you own guns. Even if they let you go, if you haven’t made arrangements, if you arrive home to a safe full of guns, congratulations, you’ve just made yourself a felon in addition to having to endure contact with the state mental health system.

Camera Bleg

It’s always interesting how many things my readers collectively know, hence why I ask. My club is looking to replace an old CCTV system with a new IP high-definition system. I’m interested in whether I have anyone among my readership that does this for a living and can offer advice.

We have a few quotes from vendors. One is for Hikvision gear, which is cheap, but Hikvision is also owned by the Chinese Communist Government and has been responsible for a number of security problems as of late. There have been accusations of outright espionage, but I’m not sure how much stock I put in those. But either way, their reputation is of being careless with security, and that rubs me the wrong way.

I have a vendor that resells Panasonic, but that stuff is expensive. Samsung and Axis seem to be cheaper options, but I have no experience with how well their NVRs work. These brands are the market leaders. Is there any up-and-comers I might want to look into? In theory I like Ubiquiti, but their solution seems to have a low end feel.

It seems to me like a lot of camera installers don’t really understand IP networking very well, and only have a few installation types they are comfortable with and don’t want to deviate from it. This is becoming a frustration for me, but maybe it’s my IT bias. They all seem to love microwave extenders, which I loathe. I like wires. That’s largely why I took up evaluating doing fiber on my own.

A lot has changed in the industry switching from analog CCTV to IP, and a lot of the IP camera vendors seem to cater to that mentality by building PoE switches into their NVRs like the old DVR systems used to be bristling with BNC connectors. To me this seems unnecessary. I expect to have only one or two LAN connectors on the back of an NVR, and put my PoE switches out where I have clusters of cameras. Is there any reason to bring 32 Cat6 cables back to one NVR rather than cluster and trunk? I can’t think of any reason not to, given that a 1080p H.264 stream is only like 8Mb/sec. A gigabit IP network seems to be a firehose compared to the needs of IP cameras.

Fiber Optics Bleg

It’s been some time since I had anything to do with fiber optic cabling, and my experience years ago was with Gigabit Ethernet over good old fashioned OM1 with no run greater than a few hundred feet. Back when I started with that, companies were just getting settled on 100Base-T for their LAN drops and there wasn’t yet any Cat6. Gigabit was something new and exciting.

So here I find myself years later looking to wire up my gun club for cameras, property-wide WiFi, and an access card system.

I know I’ll get people who will say “microwaves!” but we have large berms separating parts of the property, and I’d have to trench a good bit of new cable and clear a good bit of brush to get a clean line of sight to the places I need to go. Plus, I like wires. You can’t jam wires. I don’t have to worry about clearing and maintaining brush with wires. I can also get full GigE speed with wires.

The convention wisdom has been, and if you search the Internet still seems to be: “Multimode for short distances, and single mode for long distances.” Why? Well, cost, and MM is easier to terminate and more tolerant of poor field terminations.

As best as I can tell, the cost difference between a good quality OM3 or OM4 multimode fiber and OS2 single-mode fiber is trivial. Additionally, the SFP transceivers for 1000Base-SX and 1000Base-LX are not terribly different from the vendor I’m looking at. I’m also not planning to do any field terminations: there are plenty of vendors who sell pre-terminated fiber, and I was careful to measure the obsolete or non-functioning copper cables I pulled out of all the runs.

My question to anyone out there who’s well-versed and current with fiber: why would anyone use multi-mode fiber for campus length runs when there’s little price difference? Keep in mind I have a few runs that push the limits of multi-mode fiber at 1Gb/sec (550m) and would be right on the very edge with OM4 multi-mode fiber for 10Gb/sec (400m). So why not use single-mode? I can go 10km with single-mode, and 10Gb/sec is no problem. Am I missing something? It seems that maybe multi-mode has advantages if you’re looking to do field terminations, but the price advantage it might have once had isn’t’ really there anymore.

Addendum question: There are a handful of vendors out there selling pre-terminated cables. Price differences seem to be substantial. Are there any vendors to prefer? To avoid?

Club Management

If posting has been light, one reason is I’m spending nearly all my non-working hours trying to sort out a new membership management system for my club. I consider this part of the “local engagement” I was speaking about earlier.

We largely decided not to go with a cloud-based solution, which is fine with me. Maybe this will be my curmudgeon technology issue, because the young folks seem to love the cloud, and even I have to admit, having worked with Amazon Web Services professionally, and helped a few clients through migrations, Bezos has built one hell of a nice ecosystem. But I like the saying, “There is no cloud. There’s just someone else’s computer.” I don’t like the idea of trusting personal data to an entity I don’t really know or trust, and who only sees me as one of many income sources. Also, AWS is damned expensive. So are most other Cloud solutions.

We have an existing card access system for the gate and for the various doors around the property. The old system worked off an Access database. Recently we upgraded that software, and the new version is backed by SQL Server. The old card access system was a mess. There were people in the system who had been dead for some time and still had active cards. People were missing from the system who were members. I think some of them may be grandfathered lifers who just never bothered picking up an access card. It took another trustee helping me sort that out, and I’m still not sure all the cards are assigned correctly.

Originally I had chosen to put the member database in MySQL. Since I already have SQL Server running, why not just use that? Saves having to run a Linux machine and cuts down on the number of skill sets needed to maintain the system. As long as I’m cutting MySQL out of the picture, I might as well also cut OpenLDAP and set up Active Directory to use with Google Cloud Directory Sync (GCDS). I’m teaching myself a bit of PowerShell to make a script that will push out changes in the member database to the card access system, to QuickBooks (via qODBC), and to Active Directory.

After working with PowerShell scripting a bit, I’ve decided I hate it with a burning white hot passion. At this point I’ll probably stick to it because I’ve already invested the time, but the future of that function will probably be with Python if serious changes are ever required in the future. So in the end the system has ended up being far more Microsoft than I expected going in, because I had no idea what the new card system would look like. Our new card system will even work with an ID card printer to manage and print member badges, so we got one of those too.

I think what I’m coming up with will be a decent platform for the next decade or so. It will certainly make managing dues processing for our 1300 members easier than the old paper process.

Club Membership Management

I don’t often talk about my local gun club on these pages, but in this case I’m seeking some advice. You, dear readers, often have ideas I didn’t think of, or know of products I haven’t come across. I have been the club’s secretary since, I think 2009 at this point, and now I am tasked with rethinking some of the club’s processes. Let me give you some background:

  • For years our club was run by a small handful of dedicated people who did most of the work, including handling dues processing every year. This was a very manual, paper process.
  • Those people have either died, been voted out of office, or stepped aside. The people coming in don’t have that kind of time to dedicate, so we’re going to be much more dependent on process and automation than we have in the past.
  • I am now helping to devise a system for invoicing members via e-mail, allowing them to pay online with a card, and only doing paper invoicing for people who prefer that.
  • Whatever new system I come up with needs to be usable by people with average computer skills for baby boomers. It’s OK if it takes mad skill to set up, but beyond that it mostly has to just work.
  • We need a secure way to back up data. I was thinking maybe using an encrypted S3 bucket at Amazon. Off site storage at my house is another option, and wouldn’t cost anything except the cost of a machine and disk, but we’re trying to move away from the club’s processes depending on single people.
  • We’ve long wanted to use a “members only” forum. I like Google Groups, but I don’t want to have to manage accounts on Google and on club systems.

At the center of this, our new Financial Secretary has chosen to manage his role using QuickBooks. I have managed to enter our membership information into it, but I’m disappointed by how bad some of Intuit’s user interface is. For instance, I can’t sort the customer list by member number. It sorts it alphabetically, rather than numerically. There doesn’t seem to be any good way to change this.

QuickBooks may be a good accounting tool, but it sucks as a way to manage members. I’ve been looking at this product, to possibly sync certain fields in QuickBooks with a MySQL database, using Access as a front end to MySQL. This way membership information can be managed in two places, and it also would offer a means to set up MySQL-backed OpenLDAP for use with Google Cloud Directory Sync so we could set up “members only” Google Groups. I want a single place to manage membership information, and have it automatically update in QuickBooks, LDAP, etc, without someone having to manually update this information in multiple places.

I’m curious if anyone has any experience with this. I know another area club uses Wild Apricot, but our Financial Secretary was worried its QuickBook integration was tedious. I am also a bit wary about cloud applications, both because of security issues, and because if it goes under, or they make a major feature change that we’re not prepared for, we could be stuck up a creek without a paddle. I’m OK with using Google Groups, since that’s not a core function. We could live without it a while. But dues invoicing and managing membership information is critical.

If anyone has done anything like this, or something similar, I’d be curious to hear whether you think my idea is sound, or maybe there’s a better way.

Truer Words Have Never Been Spoken

David Burge on Social Media:


The background of his multi-part Twitter rant is that someone gave him crap for posting hot rod pictures while the world burned. Yeah, that would set me off too. His entire rants speaks to me more than I wish it did. Go to his feed  and start at /1

The perils of going it alone

Commenter Patrick suggests that using “commercial” social media platforms leaves the user subject to being censored by the platform owner, and that to be more free one should use blogs and RSS.

The problem with this is amply illustrated by the recent (temporary) takedown of Brian Krebs’ self-hosted blog. His analysis is here. At least with a commercial hosting solution, you’re at the mercy of one, somewhat predictable, potential censor. One that can be named and shamed, or even sued for breach of contract if necessary. If you go it alone, you’re a lot more vulnerable to attack.

It’s all very well and good to say “well, this shouldn’t be possible.” But when you get down into the nitty gritty, it gets a lot more complex. And the easiest (and therefore cheapest) way for your upstream provider to protect their own interests is to cut you off. Facebook, Twitter, and Google can afford to pay for world-class DDoS protection. And, in fact, their “normal” traffic would look like a DDoS attack to Sebastian’s self-hosted solution.

There is no perfect solution, no magic bullet. But the reason people have gravitated towards Facebook and Twitter (and the rest) is because it makes a lot of the problems of running an internet presence Somebody Else’s Problem.

Science Nerd Post: Reactionless Drive

EM DriveI’ve been very intrigued by this supposed reactionless EM drive. When I first heard of it, I was very skeptical, since it violates every law of physics we think we know. Hell, I’m still skeptical. But the fact is that several teams have built one of these contraptions and have measured thrust being generated. Now in MIT Technology Review, we’re offered a theory by which this drive could legitimately be producing thrust. As much as I think there’s probably something else going on here, I really hope this is true. At the risk of people accusing me of being a Debbie Downer again, this late election season has convinced me the only long term hope for libertarian-minded people is getting the hell off this rock and leaving the world’s troubles behind. I’m becoming more convinced that free people need a frontier, because without one, eventually, the meddlers, swindlers, and sycophants of the world catch-up to us.

« Previous Entries

top