Category Archives: Uncategorized

Random Post 03 August 2020

Optimist vs Pessimist

Optimist vs Pessimist


The light through the wine glass looks like a disgruntled alien.

The light through the wine glass looks like a disgruntled alien.


Photojournalism is exhausting work.

Photojournalism is exhausting work.


A bold fashion statement.

A bold fashion statement.


Hehe, my phone got so baked on 4/20 it got the time backwards.

Hehe, my phone got so baked on 4/20 it got the time backwards.


On a recycling bin at the transfer station.

On a recycling bin at the transfer station.


I buy unrelated stuff that would look odd together but "frequently"?

I buy unrelated stuff that would look odd together but “frequently”?

It’s just a battery. Honest!

Sometimes I watch Youtube videos on a channel called “The 8-Bit Guy”. I originally saw one on restoring an Osborne 1 “portable” computer. When I started at Computerland going on two score years ago, they’d been without a service department guy for a while. I walked in to a stack of Osbornes needing repair and learned fast. Any way it caught my eye.

I watched a video on rebuilding the battery pack in an old Apple laptop. Afterward, what happened was so bizarre, I had to comment on the video:

“You can’t make this up. Our smart TV asked me to rate this video with this dialog:

I put a link to the photo in the Youtube comment. I don't think you can add attachments to comments.

I put a link to the photo in the Youtube comment. I don’t think you can add attachments to comments.

I’m in the US, don’t log in on the TV, and I’ve never been asked to rate a video before. I think Youtube’s algorithm may have thought the batteries were, um, something else. At the risk of getting agency attention, I gave it 5 stars. Great content BTW.”

If anyone needs me, I’ll be at a black site somewhere.

Got My Turbo-Charged Cranky Pants On

I need to re-do a small porch deck. First, I need a post to replace the rotten one I pulled out.
Lowes is an OK store for a big box but their web site is a freaking train wreck. It asks if it can use your location (I have that set to always ask) but it doesn’t do anything with it. You still have to set which store using a zip code.

Three copies of the same item and one other.

Three copies of the same item and one other.


Make sure there are plenty before I brave the virus-laden hordes.

Make sure there are plenty before I brave the virus-laden hordes.


There were not 47. There were two sad, bowed pieces. This is supposed to be tied to the inventory, that’s why it matters which store you’re looking at. I can understand it might be stale if things are off the shelf and on the way to the register but the store wasn’t crowded. They’re letting in 35 people at a time (kudos for that) and there were not 45 4″x4″x10′ posts in transit. There weren’t any I could see. I didn’t get all pee-pee hearted over this one time. Their item count is never even close. Calling doesn’t help. If “customer service” picks up, they just do the same lookup I did and parrot the web site to you over the phone.

Back to the web site…

I was also pricing some deck material.

Stay in school kids. You will need math.

Stay in school kids. You will need math.


To be fair, I’ve seen the same “buy more, pay more” pricing on Amazon too but…
They were told about the problem six months ago and haven't done anything about it.

They were told about the problem six months ago and haven’t done anything about it.


This next part is only sort of a Lowes problem.
"Clamshell" color. In person it's more the color of asphalt and really uneven. Lowes just used the Trex graphics.

“Clam Shell” color. In person it’s more the color of asphalt and really uneven. Lowes just used the Trex graphics.


From Trex's web site. It looks solid but it's not.

From Trex’s web site. It looks solid but it’s not.


This is the zoom function on the Lowes web site. This is a different board – the non-notched version – but the zooms are the same. It just blows up the Trex JPEG nice and fuzzy.
Pretty sure these are renderings and not actual pictures of the product.

Pretty sure these are renderings and not actual pictures of the product.


I left my phone in the car so I didn’t get pictures but the gray is a super-thin plastic coating on top. Underneath, it looks like the sawdust in the laminate floor we put in the house. That stuff warps like crazy with a teaspoon of cat vomit. Does this really survive outdoors? The warranty is for 25 years (I haven’t read the fine print) so maybe it does last. It’s butt-ugly IRL though, so I’ll keep looking.

Glutton for punishment that I am, I also need a 1/8 inch diameter masonry bit.

It's in quotes but I don't think they have 1871 different 1/8 inch masonry bits.

It’s in quotes but I don’t think they have 1871 different 1/8 inch masonry bits.


Raw search results give bit diameter as a filter. No useful options, but the function is there.
The "3-in" is a giant auger bit for digging holes in the dirt.

The “3-in” is a giant auger bit for digging holes in the dirt.


If you go down the categories so you don’t get things like 3 inch auger bits, you get far fewer results than 1871. Maybe it’s nit picking, but “1/8 inch masonry drill bit” is not the same as “1/8” or “inch” or “masonry” or “drill” or “bit”.
1871 <> 322.

1871 <> 322.


When selecting a tool to make a hole, what are the two questions you have to ask? 1) What are you making a hole in? and 2) How big a hole? You can drill down (no pun intended) to “Masonry Drill Bits” to answer the first question but when you use the categories, the bit diameter filter isn’t there.
No bit diameter filter. For drill bits. Really? The code is already written for cryin' out loud.

No bit diameter filter. For drill bits. Really? The code is already written for cryin’ out loud.


The search bar is always global. It does not search within the selected category so you have to scroll and scroll within the category. The images don’t help except to weed out “not even close” and the descriptions are short and vague so you have to guess, click, scroll down to the specs, expand the specs menu, read what the diameter is, hit the back button, wait for the page to reload, and repeat until you’ve pissed away more time than it would’ve taken to just drive to the store and see for yourself.

I ended up buying nothing. Got out of the house and took a drive to the store so I got that going for me.

Tougodo Hit Teardown

Camera video with images is here.

The camera was working on bulb (B) most of the time but not instant (I). The lens was in dire need of cleaning too.

This isn’t a complete tear-down. I didn’t open the viewfinder or remove the wind knob. This started just as notes for myself so there are some gaps in the images. I’ll try to fill in with text instructions.

Remove the lens ring inside the body. It's a left hand thread. I couldn't get a lens wrench past the film gate so I used a couple of small screwdrivers.

Remove the lens ring inside the body. It’s a left hand thread. I couldn’t get a lens wrench past the film gate so I used a couple of small screwdrivers.


The lens ring also holds the inner copper (?) body. It won't quite come out without removing the wind knob but it wasn't necessary for getting to the shutter & lens.

The lens ring also holds the inner copper (?) body. It won’t quite come out without removing the wind knob but it wasn’t necessary for getting to the shutter & lens.


The lens/shutter assembly comes out after removing the ring. The little screw is the Instant/Bulb selector. It didn't need to come off but I didn't know that at the time. The trim plate acts as a washer so it might be part of the lens distance as well as being cosmetic.

The lens/shutter assembly comes out after removing the ring. The little screw is the Instant/Bulb selector. It didn’t need to come off but I didn’t know that at the time. The trim plate acts as a washer so it might be part of the lens distance as well as being cosmetic.


The lens surround is press-fitted to the shutter. A gentle squeeze to the shutter body near the I/B selector (there's a little bump out on the shutter body) while pulling with your thumbnail near the shutter switch will pop it off.

The lens surround is press-fitted to the shutter. A gentle squeeze to the shutter body near the I/B selector (there’s a little bump out on the shutter body) while pulling with your thumbnail near the shutter switch will pop it off.


There's the culprit. The spring had come off of its post. Sitting there without tension for however many years may be why my shutter is fast. If it didn't need cleaning (and if I wasn't curious) I could have put the spring on the post and reassembled here.

There’s the culprit. The spring had come off of its post. Sitting there without tension for however many years may be why my shutter is fast. If it didn’t need cleaning (and if I wasn’t curious) I could have put the spring on the post and reassembled here.


The I/B selector screw screws into this springy copper bit. The springy bit provides friction so the selector doesn't flop around. The end of the screw blocks the spring post on the inner (brass) shutter to provide bulb.

The I/B selector screw screws into this springy copper bit. The springy bit provides friction so the selector doesn’t flop around. The end of the screw blocks the spring post on the inner (brass) shutter to provide bulb.


The big brass screw holds the outer shutter and the outer shutter return spring. The upper part of the spring presses against the shutter body and the lower part presses against the edge of the outer shutter blade (the black part). See the previous image for its proper location.

The big brass screw holds the outer shutter and the outer shutter return spring. The upper part of the spring presses against the shutter body and the lower part presses against the edge of the outer shutter blade (the black part). See the previous image for its proper location.


The copper springy bit. This is reversed from how it goes in. The round part goes in first toward the back of the shutter body, away from the lens.

The copper springy bit. This is reversed from how it goes in. The round part goes in first toward the back of the shutter body, away from the lens.


The inner shutter pivots on this flatter brass screw. It has an unthreaded part that acts as a spacer and shaft for the shutter.

The inner shutter pivots on this flatter brass screw. It has an unthreaded part that acts as a spacer and shaft for the shutter.


With the inner shutter removed, you can see the aperture. It's held in with the small brass screw.

With the inner shutter removed, you can see the aperture. It’s held in with the small brass screw.


Finally, all the way to the bottom. The screw also acts as a spacer for the aperture. That's some quality blackening on the aperture.

Finally, all the way to the bottom. The screw also acts as a spacer for the aperture. That’s some quality blackening on the aperture.

Not shown: 1) Cleaned the shutter parts. I used cotton swabs and lighter fluid. 2) Re-blackened the aperture with a permanent marker. 3) Cleaned the lens front and back with lens cleaner. I doubt if it is coated so window cleaner might be OK.

I tried pre-fitting the inner shutter screw but I couldn't seem to get the screw lined up with the hole in the aperture.

I tried pre-fitting the inner shutter screw but I couldn’t seem to get the screw lined up with the hole in the aperture.


Instead, I used a tapered lens wrench piece to line up the aperture in the inner shutter and the aperture and then inserted the screw.

Instead, I used a tapered lens wrench piece to line up the aperture in the inner shutter and the aperture and then inserted the screw.


That’s pretty much it. Do the steps in reverse to reassemble. Before I put the lens/shutter assembly back on the body I did shutter speed tests.

This is a sequence of stills from a 240 frames per second video. I did about 12 shutter tests. Shutter opening didn't vary much - most were open for four frames.

This is a sequence of stills from a 240 frames per second video. I did about 12 shutter tests. Shutter opening didn’t vary much – most were open for four frames.

1/240 frames per second = 0.004166666666667 seconds per frame (~4.2ms).
Open for 4 frames = shutter open for 0.016666666666667 (~16.7ms).
Turn it into a nice shutter speed style fraction: 1/X = 0.0167. X = 60.
If I’d been thinking, since 240 is a multiple of 60 and 4 and the shutter was open for 4 frames, I could have just done it in my head. Duh.

In my defense, I do this for a lot of old, slow shutters and it’s rarely this clean.

A minor mod of a SodaStream® Jet

Update 20 Jan 2020:
I emailed SodaStream with two questions. I didn’t save the emails so I can’t quote exactly.

1) Where are the dishwasher safe bottles? If you searched, you got a hit for the bottles at the SodaStream site (they’ve fixed this for the US site, a UK hit still shows up). If you went to their site and browsed for them, there were no dishwasher safe bottles. They answered that they no longer make the bottles. Kudos for fixing the site and for responding honestly and quickly.

2) I asked them to improve the labeling. I don’t know if they will but they wrote that they wanted to keep their customers happy. They asked for my address and sent me two of the correct bottles for free. I didn’t even have to pay shipping.

I have no financial interest in SodaStream. I don’t hesitate to nuke companies when they treat me poorly so it’s only fair that I offer praise when I’m treated well.


Back story: I stopped drinking sweetened sodas a long time ago but I still polish off about a liter a day of plain or flavored/unsweetened fizz water. That adds up money-wise and worse, it’s a lot of plastic. Santa Fe has a decent recycling program but it’s at the mercy of the market and it only takes one lazy moron to contaminate the drop-off dumpster and divert a lot of material to the landfill. M had given me a SodaStream Jet a long time ago. I used it for a while, got lazy, and stopped using it. For the new year, I decided to find more ways to reduce my footprint and dug out the carbonator.



They’ve expanded the product line a lot and there is a bewildering array of options.
Compatibility matrix - I should have taken this to the store with me.

Compatibility matrix – I should have taken this to the store with me.


By mistake, I bought the 1L Slim instead of the 1L Classic bottles. For whatever liability reason, the bottles are not returnable. A 2-pack is $20. Buying (licensing actually) a new gas cartridge was another $30. If I bought another set of the right bottles, I’d be in for $70 and have 2 plastic bottles I don’t want or need.
Not gonna do it. Wouldn't be fiscally prudent.

Not gonna do it. Wouldn’t be fiscally prudent.


In my defense, all the packaging just says "Carbonating Bottles".

In my defense, all the packaging just says “Carbonating Bottles”.


Have to read the fine print. Not that I remembered the model name any way.
Never shop without reading glasses.

Never shop without reading glasses.


The slim bottles are a little bit taller.

The slim bottles are a little bit taller.


Maybe I can slip the bottle in from the bottom? Nope.

Maybe I can slip the bottle in from the bottom? Nope.


The threads are the same on the slim bottles so I just have to be able to get it into the machine. Enlarging the hole to insert the bottle through the bottom would mean removing a lot of plastic and the swing-out mechanism releases the pressure for unscrewing the bottle.
The bottle can fit, it just won't swing in.

The bottle can fit, it just won’t swing in.


Measuring for the cuts.

Measuring for the cuts.


I should have used the Dremel tool but I want my fizz NOW!

I should have used the Dremel tool but I want my fizz NOW!


I used a coping saw for the vertical cuts, a razor knife to score, and pliers to snap off the plastic (it’s pretty soft). A little touch up with some 200 grit sandpaper and it fits.
With the spill catcher, it's not even ugly. Obviously, have to take it off when filling.

With the spill catcher, it’s not even ugly. Obviously, have to take it off when filling.


Mmmm, fizz.

Mmmm, fizz.

Be Careful With Google Backup Codes

I use two-factor authentication. It’s a lot more secure but it’s also a little scary if something happens to your phone. Because of that, I set up backup codes and downloaded a set of ten (you can only get 10 at a time). When it works, it’s nice – you click Try another way and enter the one-time-use code from the stash of ten instead of having a code texted to you.

What Google doesn’t tell you is, if you turn two-factor off and then back on, the backup code setup goes away. It’s not just that the codes you downloaded are invalid, it’s as if you never set up to use backup codes(1). You have to go into your security settings, select two-factor authentication, set up to use backup codes again, and generate new codes. I did not know this. I searched for documentation (“help” files are the only documentation) and I didn’t find it anywhere(2).

An analogy:

My car uses two-factor to start. It has a smart fob – detecting the fob and pressing the Start button starts the car. If the fob battery goes dead and I use the key, the car doesn’t forget how to start normally when I put a new battery in the fob.

I tested before a trip and tried to use a backup code. I didn’t see the backup codes option under Try another way, got frustrated, and pasted the backup code into the field where you normally enter the texted code. It recognized that it was an 8-digit backup code rather than a 6-digit text code and told me to go to Try another way(3). Nice infinite loop there.

When I got in using a texted code, I set up backup codes again and downloaded a new set. I logged out, cleared everything, and closed the browser. When I got back in using a backup code, the email notifying me that a backup code was used told me I had ten codes remaining. I had just used one of the ten one-time-use codes to log in which generated the email notification(4).

    The takeaway

  1. There’s no polite way to put it – the code dealing with the use-case of 2-factor on-off-on is lazy and sloppy. Everything, from your microwave to your TV, remembers a functions settings even if the function is turned off and then back on. If I set my camera’s LCD back light to 3 and turn it off, it’s at 3 when I turn it on.
  2. The documentation is incomplete. In this case, incomplete=inaccurate. The program behaves in a way that is not documented and is counter-intuitive.
  3. The dialog you get if you paste a backup code into the text code field instructs you to do something that does not work. I’m all for re-using code but dialogs need to be tailored to the actual state. A quick check (the program already has the account information) of the state of backup codes could generate a meaningful message without compromising security: If (backup code set up) then (tell the user to use Try another way) else (tell them to use an available option).
  4. This is toddlers using Logo level programming. Seriously: x=10; x=x-1; email x.

Rod Serling voice: Picture this. A man on a deserted island has almost no power left in a satellite phone. Does he gamble on a phone number he’s not sure he remembers correctly or does he try to email to an address he knows is correct? The last time he emailed, it told him he had one code remaining so he tries email. No, he had no codes remaining. His email fails. He dies.

I haven’t tried it but I think the on-off-on scenario might also break the code generation app. It would depend on whether the app generates 6-digit codes like the ones you receive as a text or 8-digit backup codes.



This isn’t saying much, but Apple is worse. It doesn’t tell you while you’re setting it up but Apple’s 2-factor is a one way street. From the Apple support page:

Can I turn off two-factor authentication after I’ve turned it on?

If you already use two-factor authentication, you can no longer turn it off. Certain features in the latest versions of iOS and macOS require this extra level of security, which is designed to protect your information. If you recently updated your account, you can unenroll for two weeks. Just open your enrollment confirmation email and click the link to return to your previous security settings. Keep in mind, this makes your account less secure and means that you can’t use features that require higher security.

Data Breach – CafePress

Just the Facts

Timeline:

20 February 2019 – CafePress is hacked and over 23 million account are compromised.

13 July 2019 – According to this Forbes article, We Leak Info adds the CafePress breach to their database.

5 August 2019 – The author of the Forbes article receives an email from have i been pwned about the CafePress breach.

20 September 2019 – I receive an email from CafePress about the “Data Security Incident”.

My Take

It’s been 7 months since the data was stolen. If it hadn’t been found in the wild by third parties, they still might not know.

It’s been at least 2 months since they found out and they just now got around to telling their customers.

I didn’t have a CafePress account. Just to be sure, I tried to log in:

Whew!

Whew!


I’ve only purchased from them maybe twice in my life and not for years. That means the hackers only got my name, email, phone number, and physical address. That also means that CafePress kept (I hope it really is past tense) purchase and account records in an internet-facing database for a long time.

A non-apology worthy of a politician caught red-handed:

"...sincerely regret any concern it may cause you"

“…sincerely regret any concern it may cause you”


So they’re not sorry. They just regret that I may have concerns. Concerns that may keep me from giving them my money in the future? That’s like saying something awful to someone and then saying “I regret that your feelings are hurt.”

“…And other information.” I learned about physical address from haveibeenpwned.com.

Later in the email is this:

“What We Are Doing

We have been diligently investigating this incident with the assistance of outside experts. We also have contacted and are cooperating with federal law enforcement authorities. In addition, we have taken various steps to further enhance the security of our systems and your information, and the affected database has been moved to a different environment.”

Not much and pretty vague. The part where the customer has to do things is so long it refers to another section:

“What You Can Do

As described in the “Additional Resources” section below, we recommend you remain vigilant and take steps to protect against identity theft or fraud, including monitoring your accounts and free credit reports for signs of suspicious activity.

We also recommend that you visit the CafePress website at www.cafepress.com and log in to any online account you may have, which should prompt you to change your account password, if you have not done so recently.”

They go on to say:

“In general, you should always ensure that you are not using the same password across multiple accounts, and that you are using strong passwords that are not easy to guess.”

There, there [pat on the head]. That’s trivial, deflecting, and condescending. A user account didn’t cause this, CafePress’s incompetent security did. How about I take investment advice from Bernie Madoff?

One more bit and I’ll stop ranting. About this. For a while.

All of the links in the email, including the big 3 credit reporting agencies, go through CafePress’s email list provider.

I know, let's make the incident email look like spear phishing!

I know, let’s make the incident email look like spear phishing!

I mean, why wouldn’t I trust a link with

…krmpkhgftlhjtmbmjrsbzjfgrpjltskzppmktwzhsrfp_vjjjfrrrrkynfhgmmfmmrr.html

as much as I trust one that goes to

https://consumer.ftc.gov?

Random Post for 17 September 2019

This may be my favorite comment on the 52 Cameras YouTube channel

This may be my favorite comment on the 52 Cameras YouTube channel


Red eye reduction on wedding pictures made BORG BRIDE!

Red eye reduction on wedding pictures made BORG BRIDE!


I think the generator was spewing diesel fumes into the building again when I made this

I think the generator was spewing diesel fumes into the building again when I made this


Thanka.  Thanka verra mush.

Thanka. Thanka verra mush.


eeg

eeg


I love this.  Especially because a rock is a bud and a microscope is a bong

I love this. Especially because a rock is a bud and a microscope is a bong


Inspired by: https://imgur.com/gallery/RZqNrSQ
The cats were driving M nuts. She wrote “I’m tired of their shenanigans. They think it’s my duty to entertain them”. Auto-correct jumped in and changed it to “Duty Town Terrain”.
Album Cover game (yeah, I misspelled shenanigans)

Album Cover game (yeah, I misspelled shenanigans)

CNN sucks

WARNING: This post contains foul language.

This is such a fail I’m not adding the “humor” tag.

The first Democratic debate, hosted by NBC and streamed on Youtube, worked fine.
The second debate, by CNN, was unwatchable. We have a modern smart TV and it has the “CNNgo” app but it wouldn’t work, even with cable credentials. Trying to stream via cnn.com was pathetic. They tried, but the servers were not up to the task. It was useless. Other streaming services worked fine so it wasn’t our network. I found transcripts (from someone other than CNN, of course) the next day.

This time, for the climate town hall, CNN didn’t even pretend not to be greedy incompetent f__ks. They’ll probably edit or take down the page but this is what it says:

Specifically states "CNN.com's homepage" $$ Nothing about GIVE US MONEY $$

Specifically states “CNN.com’s homepage” $$ Nothing about GIVE US MONEY $$

I tried watching on an iPad. It crashed and reloaded the page repeatedly. Amazingly, the countdown timer kept working. I tried a laptop and other than buffering and showing an ad with the countdown timer running, it worked-ish. For a while. See, they only showed a 10 minute “preview” before the video stopped working and they shook us down for TV provider credentials:

Democracy in action

Democracy in action

Not that that would work, I wasted enough time on CNNgo before.

M has dish credentials. We don’t have it but she pays for her grandma so she can watch her telenovelas. Even if CNN was competent enough for that to work (they aren’t), this is our f__king democracy. Whether you’re a Democrat or not, one of these people may be our next president so it’s kind of important to know what they think about things.

Here’s the thing. Even if it worked, CNN should not be shaking down voters for money in order to provide this information. It’s a privilege that they got the debate and the town hall. It’s guaranteed viewers. Lots of viewers. Embed the ads in the stream and put it on a competent service.

This is capitalism at its worst: 1) They have a monopoly for this event. 2) They shake us down for money. 3) Even if you show, via TV provider credentials, that you gave them money, it DOESN”T F__KING WORK.

CNN: you can buy better, but you can’t pay more.