Tracy's blog

Change and HTML emails

Tracy R Reed — Tue, 09 Jun 2009 11:30:00 -0700

I write a lot of lengthy emails, reports, and other documents and all
to often forget to post them here for others to enjoy (or ignore or
despise, whatever). I know IT people who are staunchly against change,
usually old guys. Maybe they are jaded and burned too many times by
change or maybe they just don't want to learn something new and are troubled
by watching their skillset slowly become obsolete. And I also know guys
who are always chasing the latest and greatest but not really getting much
productivity out of it. I am always looking for that optimal middle-ground...

On Tue, Jun 09, 2009 at 01:29:56AM -0700, Raleigh spake thusly:
> In fact, I've always been curious why so many IT pros that I meet
> are anti-change when it comes to software. Aren't we supposed to be
> the technology evangelists within our respective organizations? It
> is the job of our users to be cryin' about change. Not us.

I run into this often. Some people accuse me of always chasing the
shiny and some people accuse me of being an old fart who won't
change. I'm against change simply for the sake of change. Have there
really been any major breakthroughs in UI research in the last 10
years? Not really. So why are the UIs in certain products changing so
much? For the same reason car bodies change every year: Marketing and
change for the sake of change. I'm not into that. It creates
difficulties in training, introduces new bugs, and doesn't really
benefit us, the end users.

Virtualization, on the other hand, is a huge breakthrough on the x86
platform (IBM big-iron has had it for decades) and that is change that
I can definitely get behind and advocate constantly.

> P.S. - speaking of change, when will the list software (whatever
> that is) that this list runs on be upgraded to allow rich text or
> HTML email. I'm subscribed to various lists (IT and non-IT related),
> and this one is the only one that is plain text only. It's 2009, for
> crying out loud. Time to get with the 21st century. Just a
> thought...

This is more change for the sake of change. Plaintext works great for
what this mailing list is intended for. There are many exploits and
browser compatibility issues (in all of HTML, CSS, and Javascript) and
I don't want random strangers mailing active content into my
mailbox. Phishing would be largely impossible if it weren't for HTML
email. I read email on an OS that is definitely not prone to these
problems and I *still* avoid non-plaintext emails. I also don't want
your emails with the kitty backgrounds and yellow on black text and
animated corporate logo gifs in signatures etc. You got something to
say? You can say it just fine in plaintext. Impress me with your
beautiful prose not your idea of beautiful (which I will probably
consider gaudy) artwork.

--
Tracy Reed
http://tracyreed.org

I'm on twitter

Tracy R Reed — Mon, 06 Apr 2009 21:30:00 -0700

By popular demand you can now all know what I'm having for lunch in real time. Isn't technology great?

http://twitter.com/tracyrreed

I was attacked by Spam from Outer Space

Tracy R Reed — Wed, 01 Apr 2009 10:15:00 -0700

So yesterday at around 3:30pm I got a strange email from LOLLERSKATES (system logfile analysis software which I wrote to warn of unusual activity). It said that Yahoo was blocking a whole ton of email from my server. Why would my server suddenly be sending thousands of emails to Yahoo? So I looked into it and the system was processing a massive amount of email. I instantly knew that my computer was being used to send spam.

How could this be? One of two things must have happened:

A web app was compromised - Unlikely, but possible. I don't run any PHP and I don't use anything which isn't very careful about avoiding shell/sql injection exploits etc. A lot of my stuff is protected by SE Linux which should prevent web apps from talking to the mail system but not everything.
Someone compromised a users password - This is possible. People do dumb things with their passwords all the time.

So I fire up tcpdump and see a lot of traffic coming in via an authenticated SMTP session. I check the mail logs and notice that a particular user is authenticating from an IP address behind an Internet satellite link provider ("Spaaaam frooooom spaaaaaaaaace!" Thank you, Muppet Show) which is very unusual. So a quick iptables firewall rule to block off that IP address and a password change for that user and the spam stops. Then I whip up a quick shell script to clear the mail queue of all of the pending spam. Everything is back to normal.

I instant message the user in question and let him know what happened. The conversation went like this:

(05:48:35 PM) Tracy: I had to lock your email account on my server
(05:48:43 PM) Tracy: Someone guessed or stole your password and was using my server to send spam
(05:49:46 PM) Tracy: If you use that password anywhere else you need to change it
(05:51:12 PM) User: Oh really. It was studball. Thanks
(05:51:23 PM) Tracy: hmm...I doubt they would have guessed that.
(05:51:34 PM) Tracy: So I bet your windows computer or somewhere else where you have typed
                     that password in was compromised.
(05:51:38 PM) Tracy: You need to check that out.
(05:52:27 PM) User: Did it just start happening today or yesterday?
(05:52:41 PM) Tracy: Just today at 1:30pm my time which is 4:30pm your time
(05:59:41 PM) User: I checked my email about that time too.
(06:02:57 PM) Tracy: What computer did you check it on?
(06:03:11 PM) Tracy: Did you type in your password on that computer at that time?
(06:04:22 PM) User: windows. Yes I did. And I also choose save password.
                    My computer was acting slow today also. So I think it may be a worm.
(06:06:54 PM) Tracy: Yep. I bet that's it.
(06:07:33 PM) Tracy: You need to unplug that thing from the network asap.
(06:07:38 PM) Tracy: Then wipe and reinstall the operating system.
(06:10:19 PM) User: I will have to do that tonight when I get home.

So once again Windows bites me and I don't even use it myself. My server may be on email blacklists as a spam sender now. Hopefully not since I caught it quickly.

The funny thing about this is that from the user's point of view I have not done him a favor. I have only caused him a problem. Everything worked fine and his world was happy until I contacted him. He was not really inconvenienced in any way that he noticed at the time. What does he care if his computer sent his password to someone else so that they can use it to send spam through someone else's server? And now he has to change his password (I already changed it once for him) and reinstall his computer (although I seriously doubt that will happen and the infection will persist). I am reminded of "Typhoid Mary". The cost of lax computer security is a complete externality for most people which usually costs the insecure person/system nothing noticeable. So goes computer security apathy.

Linux worm/virus on the loose!

Tracy R Reed — Thu, 26 Mar 2009 22:15:00 -0700

Psyb0t Attacks Linux Routers

Why am I saying "Yeay!" about a Linux worm? Read on...

I've been a Linux fan for 15 years. Linux has always had good security and it is constantly improving. Much better than certain OTHER operating systems. We have always been proud of the lack of virus/worm infections in Linux. But there were always who said that this was only because Linux was so small that nobody bothered to target it.

This hasn't been true for a long time but now they definitely can't say that anymore. Linux is big enough to be worth targeting. Not only that but Linux is big enough that they are targeting the very small and specific niche of Linux running on MIPS cpu devices!

In order to get infected by something like this you really have to open yourself up and let it in. This has always been the case for many years now and nothing new: If you allow root logins from the net and your root password is "root" you are going to be owned. Contrast that with another OS which recently only required that a specially malformed PDF merely get downloaded onto your machine (not even viewed) to become infected. But now there are enough Linux users out there that enough of them set things up with an ssh or telnet running on the WAN interface with a default or very simple guessable password that they are being actively targeted. Linux has hit the big time and this sort of "exploit" is still the best the worm authors can do.

Yeay!

RedHat Security

Tracy R Reed — Wed, 11 Mar 2009 11:13:38 -0700

http://magazine.redhat.com/2009/03/10/risk-report-four-years-of-red-hat-enterprise-linux-4/#id1550537

This sort of thing is why I feel very good about selling and supporting RedHat Linux. You won't find any other OS vendor offering an honest look at the security of their software or producing such metrics.

RedHat Linux includes server, desktop, email, and web browser software which are all included in this analysis. In a production server one would only install a fraction of these software packages which removes many potential vulnerabilities.

Executive Summary: Top three riskiest packages and sources of potential security problems were mozilla, firefox, and thunderbird. These are all desktop software which provide very complicated functionality (thus more potential for bugs) which will not be found on a server. The riskiest server package was PHP (used to implement CMS systems like Drupal and Joomla) which has a special section of the report just for it. Over the past 4 years there was not a single worm/virus that affected RedHat Linux as long as you don't use PHP.

None of my webservers are running any of the packages which have had critical problems. So in theory I could have run my servers for the last 4 years and not patched a single time and been ok.

Assaulted for promoting freedom

Tracy R Reed — Wed, 04 Mar 2009 14:45:00 -0800

I have a bumper sticker on my car. Should I be worried about being assaulted?

Update: I guess I should be worried! Robert Donovan emailed: http://www.kernel-panic.org/pipermail/kplug-list/2009-March/106765.html

We are paying for Microsoft's jelly doughnut.

Tracy R Reed — Thu, 08 Jan 2009 11:40:00 -0800

HARTMAN stops in front of PYLE and notices his footlocker is unlocked. He picks up the lock and holds it up to PYLE.

HARTMAN: "Jesus H. Christ! Private Pyle, why is your footlocker unlocked?"

PYLE: "Sir, I don't know, sir!"

HARTMAN: "Private Pyle, if there is one thing in this world that I hate, it is an unlocked footlocker! You know that, don't you?"

PYLE: "Sir, yes, sir!

HARTMAN: "If it wasn't for dickheads like you, there wouldn't be any thievery in this world, would there?"

PYLE: "Sir, no, sir!"

HARTMAN: "Get down!"

PYLE steps down, from the footlocker. HARTMAN flips open the lid with a bang and begins rummaging through the box.

HARTMAN: "Well, now .. . let's just see if there's anything missing!"

HARTMAN freezes. He reaches down and slowly picks up a jelly doughnut, holding it in disgust at arm's length with his fingertips.

HARTMAN: "Holy Jesus! What is that? What is that, Private Pyle?!"

PYLE: "Sir, a jelly doughnut, sir!"

HARTMAN: "A jelly doughnut?!"

PYLE: "Sir, yes, sir!"

HARTMAN: "How did it get here?"

PYLE: "Sir, I took it from the mess hall, sir!"

HARTMAN: "Is chow allowed in the barracks, Private Pyle?"

PYLE: "Sir, no, sir!"

HARTMAN: "Are you allowed to eat jelly doughnuts, Private Pyle?"

PYLE: "Sir, no, sir!"

HARTMAN: "And why not, Private Pyle?"

PYLE: "Sir, because I'm too heavy, sir!"

HARTMAN: "Because you are a disgusting fatbody, Private Pyle!"

PYLE: "Sir, yes, sir!"

HARTMAN: "Then why did you hide a jelly doughnut in your footlocker, Private Pyle?"

PYLE: "Sir, because I was hungry, sir!"

HARTMAN: "Because you were hungry?"

Holding out the jelly doughnut, HARTMAN walks down the row of recruits still standing with their arms outstretched.

HARTMAN: "Private Pyle has dishonored himself and dishonored the platoon! I have tried to help him, but I have failed! I have failed because you have not helped me! You people have not given Private Pyle the proper motivation! So, from now on, whenever Private Pyle fucks up, I will not punish him, I will punish all of you! And the way I see it, ladies, you owe me for one jelly doughnut! Now, get on your faces!"

HARTMAN: (to PYLE) "Open your mouth!"

He shoves the jelly doughnut into PYLE's mouth.

HARTMAN: "They're paying for it, you eat it!"

HARTMAN turns to the recruits.

HARTMAN: "Ready . . . exercise!"

The platoon does push-ups.

Linux at Target

Tracy R Reed — Fri, 02 Jan 2009 03:51:41 -0800

To follow up on my last posting I just noticed that Target has EEE PC's that come pre-installed with Linux in-stock. You can order straight through the website or search for a local store. I put in my zip code and it turns out the Target store just a block away from here has them in-stock as well. As of October 2008 Asus had sold 4 million EEE PC's with a goal of 5 million by the end of the year. This means the home-user Linux base grew by a lot over the last year.

Amazon.com has them as well as Newegg.com

The EEE PC is sold with both Linux and Windows. Asus claims that there is no higher return rate on Linux netbooks and they are the number one vendor. According to Asus CEO Jerry Chen their Windows/Linux production ratio is 6:4, which means 40% are Linux.

More Linux on desktops means less Windows which means less spam/viruses/malware or similar shenannigans and that sounds good to me!

Asus EEE PC and Linux everywhere!

Tracy R Reed — Wed, 31 Dec 2008 22:30:00 -0800

[This has been sitting in my "to publish" queue for a year or so it seems. Or maybe it was published but got retracted somehow at some point. So it's a bit out of date. I've had my Eee PC for over a year and really like it. -Tracy]

There are an amazing number of Linux based open hardware projects hitting the market these days.

Fully open hardware:

BUGbase http://www.buglabs.net/

Chumby http://www.chumby.com/

OpenMoko http://www.openmoko.com/

OLPC XO laptop http://laptop.org/

Linux powered but not necessarily hackable hardware:

Everex TC2502 Green PC http://www.walmart.com/catalog/product.do?product_id=7754614 (Wal-Mart actually sells this one in stores here in San Diego, not web-only like that silly Lindows deal)

Tivo

Snom VOIP phones http://www.snom.com

Linksys routers Eee PC http://eeepc.asus.com/en/

And many more I'm sure. I just received my Eee PC laptop which I ordered from Newegg.com for $399. It is awesome. So tiny! Very portable. Weighs less than 2lbs. 4G flash HD. 512M of RAM. Comes with office suite, firefox, thunderbird, IM client, skype, pretty much everything I need. And it is Linux with an obvious idiot-proof interface and everything works right out of the box, no configuration needed. Straight from the factory. Asus says they are selling one of these every 6 seconds. We're going to have a million new desktop/laptop Linux users before this is done. XP would technically run on it but it would be tight and it would greatly increase the price of the hardware. I really relish watching hardware become so cheap that MS cannot make money on it. :) And after what they did hiding behind SCO then Acacia and OOXML and their long history of nastiness in general I am really looking forward to watching the vice tighten around their jewels.

I have Linux on my desktop. At home and at work. Linux came preinstalled on my laptop. I have a Snom phone on my desk. Linux in my DVR. Soon I will have Linux on my mobile phone as soon as the second generation OpenMoko comes out (Looking like December but like all open community driven projects "it's ready when it's ready" and no sooner). I have Linux in my Linksys router. I may just have to pick up a Chumby so my alarm clock will be running Linux. :) Although that's a rather expensive alarm clock.

"The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it." - Mark Weiser, almost 15 years ago in a Scientific American article titled, "The Computer for the 21st Century."

Linux is certainly heading that way. But that is just the consumer electronics side of things. Linux is doing great things on the server side too. Over the last few years I have become a big fan of virtualization with SAN storage. I put together a system called Xen-AoE which uses the free Xen virtualization software with the AoE ethernet based SAN protocol. We are slowly populating a community based site at http://xen-aoe.org to provide howto information on setting this stuff up. Not much there yet. But keep an eye on it over the coming weeks. A former employer currently serves a lot of their critical infrastructure out of a Xen-AoE cluster. You can see it in action at http://www.drjays.com as those pages are served off of it.

Tomorrow night (Thursday) I will be giving a little presentation with a few colleagues at the Kernel-Panic Linux User Group Meeting (http://www.kernel-panic.org) on basic shell scripting for newbies. In the next month or two (still being negotiated) it looks like I will be giving a presentation on AoE at the San Diego Windows 2003 User Group meeting at the Microsoft offices here in San Diego. Surprised? Don't be. I would happily teach Free/Open technologies in a gay brothel if it meant more people getting clued in. Linux has taken me all over the world since my time at MP3. It is a great time to be in the technology business!

Version control systems

Tracy R Reed — Sat, 27 Dec 2008 20:45:00 -0800

I've been using hg the past few weeks to see if I can move off of svn
(which I never really got all that deep into anyway) and I have
decided that I can. Plus it seems the better solution for the project
I am working on. The distributed capabilities will come in very handy.

From a system administration point of view I have been trying to get
in the habit of not making .bak files of important configs
anymore. They just clutter up the system and sometimes you end up with
multiple copies and you forget what each one was for. So instead of
making .bak files I vowed to use version control instead. Plus I
wanted to version control all of the system configs I touch in
general, the dotfiles in my homedir, and my various progamming
projects. Not only does this solve the .bak file organization problem
but it protects my code as a form of remote backup, allows me to
revert unhealthy changes, and makes it easy to check my preferred
environment out into a new home dir on a new machine. My emacs configs
have grown especially large and complicated.

This guy has been at this homedir in version control thing longer than
I have and may be where I got the inspiration, I don't recall:

http://www.onlamp.com/pub/a/onlamp/2005/01/06/svn_homedir.html

With svn I had one main repo on one of my servers which I organized
heirarchically by hostname and then path so something like:

/hosts/mail.copilotco.com/etc/postfix/main.cf

There was also a /projects beside /hosts with a directory for the name
of each of my coding projects (not system configs) which held tags,
trunks, branches, etc.

The real annoyance with this arrangement is that I have to do a series
of svn mkdir's to create that path, especially for a new host. This
turns into a bunch of svn ls and svn mkdir commands until I get what I
want. Then I can checkout that empty svn directory into the current
working directory where the config files are such as main.cf and then
add my files and then commit them. This ends up being just enough work
that I often skip it. Especially for the setup of new hosts and
directories.

Another thing that bugged me about svn is that I tend to move servers
and things around a lot and it always seemed like the svn url of the
local working copy was getting out of sync with where the server
actually was which caused headaches. Having the actual repository
right there where I could commit without having to remember how to do
do "svn switch --relocate old-uri new-uri" to get pointed at the right
place is nice.

Another svn annoyance that has been bugging me for a while is:

http://subversion.tigris.org/issues/show_bug.cgi?id=2580

which was always causing ssh ControlMaster pipes to be left laying
around which would cause ssh to barf and cause the commit to fail
after I had already typed up my nice descriptive commit message. Then
I had to delete the control file. ssh connection multiplexing is nice
because it allows new connections to be set up very quickly by
tunneling over the old one. Especially nice if you use tramp with
emacs for remote editing of files.

Finally, once I have my configs in svn I would often forget to commit
them after I edited them. So eventually I would get a bunch of changes
made over the course of days or weeks. I would realize I had messed up
and forgotten to commit for a long time. Then I do a commit with a
message of "heck if I can remember what all this was about".

So I cooked up a way to be automatically notified if the current dir
has uncommitted changes by putting this in my .bashrc:

function cd {
     builtin cd "$@"
     if [ -d .svn -a -r .svn ]
        then
        DIFFS=`svn status| egrep "^M"`
        if [ ! -z "$DIFFS" ]
            then
            echo "This directory contains uncommitted changes."

So whenever I cd into a directory I get a notification if I have been
lazy and not committing things. But eventually I ran into a problem:
if the directory has lots of files in it (which my home dir always
does) the svn status command can take several seconds to return which
is unbearably annoying since this happens with every cd. I end up
hitting ctrl-c and not seeing the message saying I have uncommitted
changes and the whole thing becomes totally ineffective.

While playing with hg I have discovered that hg has the same problem.
However, hg also has the ability to use the Linux 2.6 kernel's inotify
functionality. It can subscribe to the kernel to be told when files in
the working directory change so it doesn't have to do a brute force
check and stat every single file. So if we put the following in our
.hgrc:

[extensions]
inotify =
[inotify]
autostart = True

we automatically get a little hg daemon running talking to inotify
which will communicate with any hg command we invoke. So I changed my
.bashrc cd function to read like so:

function cd {
     builtin cd "$@"
     if [ -d .hg -a -r .hg ]
        then
        DIFFS=`hg status -q`
        if [ ! -z "$DIFFS" ]
            then
            echo "This directory contains uncommitted changes."

and now my cd function works perfectly and instantaneously even on
huge directories. However, because I have so many files in my homedir
I had to do this to make inotify handle it:

echo 32768 > /proc/sys/fs/inotify/max_user_watches

So I dumped that in my rc.local. The inotify functionality requires
the most recent version of hg to work halfway decently. And even then
occasionally runs into issues. If I do an hg clone with the inotify
turned on the clone never finishes, it just hangs. And if I modify and
then revert a file hg status -q still says that file is modified and
does so until I commit it (but there are no changes so I'm not sure
what it's committing). So inotify still has a couple bugs.

Each hg repo is totally independent and does not rely on any other
server. But one of the great things about having a remote server for
version control is that if my local box catches fire and is destroyed
I have a remote copy of my code. So I need to find a way to easily
push my changes to a repository on a remote server. Mercurial supports
this and you don't have to push your code somewhere else but pretty
much everyone does it because that is the whole point of distributed
version control: being able to push your changes to another
person/place for further work or just another server for storage.

Every time I do an hg init . that creates a new local repository which
needs a corresponding remote repository. This is a bit different from
svn where each local repository fits into a sort of branch or folder
in the big subversion repository on the server. So I set up a remote
account with username hg, installed my public key in
.ssh/authorized_keys and inside ~hg I have a subdir
home.copilotco.com/home/treed inside of which I have done an hg init.

Now if I want to push my home directory from my home workstaion to
this server for safe keeping I can say the following:

hg push ssh://hg@hg.copilotco.com/home.copilotco.com/home/treed

but this uri is rather long. I want to make it the default. So in my
.hgrc I can say:

[paths]
default-push = ssh://hg@hg.copilotco.com/home.copilotco.com/home/treed

So now I can clone my dotfiles and various other settings that I want
to carry around with me from that url. When I make a change on some
machine somewhere I "hg push" the change back up to the
repository. Then I can "hg pull" on any other machine which I want to
have the update. Pretty slick.

857 hours, 1136 takeoffs and landings

Tracy R Reed — Mon, 13 Oct 2008 01:50:00 -0700

When I started this blog I originally intended for it to be a combination computer/aviation blog since those are the things I am into. But I never seem to get around to writing anything. I really should have written up an account of my multi-engine checkride last December but I didn't. Although there wasn't much to write up really. I aced the oral exam, did ok on the flight, and won the ticket. Now I have nearly 50 hours flying the BE-76.

I have long entertained the idea of an online logbook and tonight I realized that I could combine that with the blog and perhaps that would give me more incentive to make blog entries if each logbook entry could turn into a blog entry also. Keeping the logbook online and the math done by computer makes things neater and verifies my math as well as allows others to more easily follow along in my flying. I still have to keep the paper copy as the official record.

But until I get that coded up let me tell you about my flying weekend: I haven't done much flying the last few months so I was out of currency. I was supposed to have made a flight last weekend to visit a friend up in LA but the weather sucked (actually, it was easy IFR weather but it definitely wasn't VFR so I could definitely have made the flight) and I wasn't instrument or even VFR current. A pilot has to make 3 takeoffs and landings every 90 days to be able to fly with passengers and I haven't been keeping up lately. He must also do 6 instrument approached plus intercepting, tracking, and holding every 6 months to be instrument current.

So yesterday I flew N738TB which is a Cessna 172 which I had never flown before. But when it comes to 172's one is really like another except for the radio setup. I haven't flown anything smaller than a BE-76 or C-210 in the last couple of years so it was fun to get back into something as simple as a 172 again. This plane is fairly nice and even has a Garmin 430 GPS. The second radio is an ancient Collins which could do with replacement. So I departed from MYF around noon and flew down to SDM and did 4 touch and go's then came back to MYF. 1.1hrs total flight time. There was a decent head/crosswind of 15 gusting to 20 knots the first couple landings but by the time I was done it seemed to have faded to nothing. The runway at SDM is very long having been a base for F-4's and other Navy aircraft in the distant past. With the strong headwind I could land on the numbers and then be off again in very little space. After the first time down that long runway I started making early turn-outs into the pattern to speed things up.

Today I wanted to regain my night currency so around 8pm I went back to the airport and fired up 8TB once again to do some night stop and go's and then flew west to Mt Soledad and up the coast at 4,500' as far as CRQ checking out the city lights. Then back for an uneventful landing. When I departed the tower at MYF was open but at 9pm they close so I returned to an uncontrolled airport. It's always fun to click the mic and make the runway lights come on. MYF has a nice and fancy approach lighting setup (there's a specific name for this setup which I don't recall) which automatically turns off after so many minutes but can be re-activated by keying the radio. So I can roll out on final and tell the pax "Watch this...*click* *click* *click* *click* *click" and hear their "Ooohh!"

So now I'm day current and night current again. But still not instrument current. The way the regulations are written I can fly "under the hood" (which is a way to simulate instrument flight in a real aircraft in visual flight conditions) with a safety pilot whose job is to look out for traffic while I'm under the hood and we can both log the time. The two pilots usually split the flight expense.

You would think it would be easy to get people to go along for half-price flying. But it isn't. It's hard. And I don't understand why. I have contacted every person who advertised on the bulletin board down at the airport looking for a safety pilot and so far not a one of them has resulted in a flight. I have put my own ad on the board and as a result I have a tentative flight with someone on the 20th so hopefully that will pan out. Otherwise I'll have to pay an instructor and the full price of the aircraft which makes the endeavor more than twice as expensive. I need a flight review by the end of the year anyway so if I'm not instrument current by then I'll get it with the flight review although I sure hope it doesn't take that long.

Get less junkmail/protect your credit

Tracy R Reed — Tue, 17 Jun 2008 18:07:03 -0400

I just signed up for this. I found it via this article about LifeLock which was linked to by Bruce Schneier, my favorite security guru. Hopefully over the next few months it will cut down on the amount of junkmail I get. I am also considering calling the credit company and putting a fraud alert on my account. Unfortunately it expires every 90 days so I would have to call them every 3 months to keep it going which would be a pain. That is all Lifelock does for you. The credit bureaus really should be taking these precautions anyway. But it costs them extra money to have to actually verify requests for credit so they try to avoid it.

I love this community

Tracy R Reed — Sun, 16 Mar 2008 01:10:00 -0700

For the last year I have been hanging out on a local Windows user group mailing list just to see how the other half lives. I have been on the local Linux user group mailing list for at least 12 years. The difference is night and day. The Windows user group mailing list has invites to various free lunches paid for by vendors who want to you to buy their stuff and the occasional chatter about some problem with SQL Server or IIS or something. When someone complains about Windows a rep from Microsoft shows up on the list to handle the situation. The Linux group is full of passionate discussion and debate about all manner of technical and political issues plus the usual advice giving and newbie helping. The Linux people are clearly in it for the love of it and the Windows users just seem to be there for a paycheck. Just look at the times people post to the lists. The local Linux folk are posting day and night and weekends. The Windows people are mostly 9 to 5'ers Monday through Friday. The Windows group meets at the local Microsoft office and watch a vendor presentation and then go home. The Linux group meets at a local school, put on their own presentation from 7 to 9 pm every second Thursday and then a dozen or so of them go to an after-meeting meeting at a nearby Denny's restaurant for conversation until midnight. If any of you are in the San Diego area check out http://kernel-panic.org/ And on top of it all, tonight I hacked a new feature into Kudzu (detecting AoE disks so that Anaconda can install RedHat/CentOS onto them which is something I *really* need) made possible by Free Software and some help from my LUG friends so I'm pretty darn happy with the GNU/Linux community right now. I'll be sending that code to RedHat for sure because that's how I give back and we as a community keep improving our Free Software.

Pilots, judgement, crosswind landings

Tracy R Reed — Tue, 04 Mar 2008 04:25:47 -0500

I don't post nearly enough about my flying adventures on my blog. I have long vowed to write more about aviation here but for some reason once the plane is tied down and paperwork done I don't do anything more about it. I have been flying on average every couple of weeks for years now and I'm getting near a thousand flight hours of experience. An old friend emailed me today asking a question about aviation and my reply turned out to be rather long so I decided I should just post it here for all to enjoy.

He wrote:

  So, I'd love to hear your opinion on this. There's a lotta comments
  from posters saying they're professional pilots etc, but I don't know
  them from Adam.

  So, your thoughts, was this great piloting, or poor judgement in the
  first place?

  http://thelede.blogs.nytimes.com/2008/03/03/video-captures-near-plane-crash-in-hamburg/index.html?hp

A co-worker pointed this out to me earlier today. I'm really not sure. I don't know what the forecast conditions were, what the actual conditions were, etc. It could be that the conditions were forecast to be just fine and suddenly a microburst or gust front or something similar hit the airport just as he was landing. The article indicates something to that effect. Generally I try really hard not to second guess other pilots unless I am there in the cockpit and have all of the same information they do. Non-pilots should try twice as hard.

I try to avoid the mainstream media when it comes to aviation or computers because they inevitably get it wrong and just piss me off.

About the only thing I can say is that by calling it a "near plane crash" they almost certainly sensationalize the situation and needlessly scare people. I guess I can also say that he did the right thing by initiating a go-around as soon as he realized something wasn't right. Impossible to say if the pilot has "skills" or not though.

"Superior pilots use their superior judgment to stay out of situations where they must use their superior skills." I have always liked that motto. They do indeed train for just that situation. I train for it too.

In fact, just last night I was returning from a flight to Fullerton airport where we went for dinner with some of Trinity's old high school friends from Vietnam. It is amazing how many of her friends have made it over to the US and live around or occasionally visit the Westminster (Little Saigon) area. There was a pretty strong Santa Ana weather condition last night and the winds were quite strong as we arrived back over Montgomery Field in San Diego around 11pm. Because the wind was out of the northeast (around 050 degrees) the best runway to land on was runway 05. But that runway is unlit at night. So do I land on the runway favored by the wind which has no lights or do I land on the lighted runway and deal with the crosswind? I decided that a crosswind is something I can handle but a lack of visibility and possibly landing on the taxiway or elsewhere by mistake was not acceptable. So I had to land on the only lighted runway which is 28R/10L (normally I land on 28R due to normal winds out of the west). You can land in either direction on this runway but 10L was facing more into the wind which is always preferable as it decreases your landing distance and speed at touchdown which makes for a safer landing.

The control tower had long since closed. The airport was uncontrolled. The automated weather told me there was a strong wind out of the northeast. As I approached the runway having completed the pre-landing checks I noticed that I was having to point the nose of the airplane far left of the runway in order to keep the plane making progress towards the runway. The nose of the plane was probably (just guessing) 15 degrees to the left of the actual direction of travel over the ground. If we touched down in that attitude (wheels not aligned with direction of travel) we could damage the landing gear, blow a tire, run off the runway, or generally lose control of the aircraft.

So the procedure is to bank the airplane into the wind which turns some of the wings normally vertical lift vector into horizontal "lift" (or just call it force if you like) into the wind which pulls the plane horizontally into the wind and counters the blowing of the wind so your track across the ground is straight. However, this by itself would actually cause the airplane to start turning left into the wind so you have to put in right rudder to hold the nose of the plane aligned parallel with the runway. The amount of bank into the wind is proportional to the strength of the wind and the amount of rudder proportional to the bank. As the airplane gets slower while approaching the runway the controls become less effective due to less air moving over them so you have to steadily feed in more aileron control to maintain the same amount of bank angle until you finally touch down on just one wheel (the upwind wheel) with the controls all the way over into the direction of the wind and then the rest of the wheels come down as the plane decelerates.

If the wind is changing or gusting you have to vary the amount of aileron (and thus rudder etc) with the changing wind. All together it turns out to be quite an exercise in judgement and coordination and not a terribly easy maneuver to do well. Last night I did all of the above and was actually quite successful with it and made a very nice landing in a strong crosswind at night on a relatively unfamiliar runway on an uncontrolled airfield. And the reason why is training. We all train for this sort of thing. And if the wind had suddenly kicked up really strong and started to blow me off the runway like it did for that airliner I would have pushed the throttle full forward, kept the plane under control, and headed back up for the safety of the open sky having already pre-configured the airplane for just such an event (in my case that is propeller at high rpm, mixture rich, etc) as part of my pre-landing checks. Just like that guy did.

Anyone need a computer job?

Tracy R Reed — Mon, 25 Feb 2008 00:59:29 -0500