aubreyturner.org

This is a bad thing:

What is it, you ask?  It’s the switch from my coffee maker.  When I turned it off this morning it threw a big spark from the switch.  It didn’t hurt, but it certainly surprised me.  The picture is actually a composite of two photos.  The left side is the switch base (with its contact point; notice the scorch mark)  and the right side is the part that moves to complete the circuit with the base’s contact point when you flip the switch. 

I’m not a coffee addict.  I can quit at any time.    But just not tomorrow, so I went ahead and bought a new coffee maker this afternoon. 

Out of curiosity, I decided to take the old one apart to see why it was spitting sparks.  As best as I can tell, the contacts have gotten worn and some carbon has built up.  It’s a bit annoying, as you’d think a Krups coffee maker would last longer than two years.

Update:  That Mr. Coffee model linked above wasn’t worth the time I spent fiddling with it.  It wouldn’t siphon correctly, and I found what appeared to be a plastic molding remnant in the intake, which I removed.  It managed to make one pot of coffee after that, but then decided not to siphon anymore.  This caused it to just emit steam, which means that the coffee that got into the container was basically steamed, and had a consistency similar to light motor oil.  I took it back and I’m going to consider a different model.

I think I previously mentioned that I get a lot of bad user attempts against my sshd.  Most of them were coming from PC’s in China, but I got one from somewhere in Oklahoma last night on Cox’s cable internet service.  I’ve reported it to Cox’s abuse department, although I don’t have high hopes of getting a response or of them taking action.

This is what it looks like:

Sep 2 02:49:35 dominion sshd[22218]: Illegal user sifak from ::ffff:68.12.255.97
Sep 2 02:49:37 dominion sshd[22220]: Illegal user slasher from ::ffff:68.12.255.97
Sep 2 02:49:39 dominion sshd[22306]: Illegal user fluffy from ::ffff:68.12.255.97
Sep 2 02:49:41 dominion sshd[22308]: Illegal user admin from ::ffff:68.12.255.97
Sep 2 02:49:43 dominion sshd[22310]: Illegal user test from ::ffff:68.12.255.97
Sep 2 02:49:45 dominion sshd[22312]: Illegal user guest from ::ffff:68.12.255.97
Sep 2 02:49:47 dominion sshd[22314]: Illegal user webmaster from ::ffff:68.12.255.97
Sep 2 02:49:52 dominion sshd[22318]: Illegal user oracle from ::ffff:68.12.255.97
Sep 2 02:49:54 dominion sshd[22404]: Illegal user library from ::ffff:68.12.255.97
Sep 2 02:49:56 dominion sshd[22406]: Illegal user info from ::ffff:68.12.255.97
Sep 2 02:49:58 dominion sshd[22408]: Illegal user shell from ::ffff:68.12.255.97
Sep 2 02:50:00 dominion sshd[22410]: Illegal user linux from ::ffff:68.12.255.97
Sep 2 02:50:02 dominion sshd[22412]: Illegal user unix from ::ffff:68.12.255.97
Sep 2 02:50:04 dominion sshd[22414]: Illegal user webadmin from ::ffff:68.12.255.97
Sep 2 02:50:08 dominion sshd[22502]: Illegal user test from ::ffff:68.12.255.97
Sep 2 02:50:12 dominion sshd[22506]: Illegal user admin from ::ffff:68.12.255.97
Sep 2 02:50:14 dominion sshd[22508]: Illegal user guest from ::ffff:68.12.255.97
Sep 2 02:50:16 dominion sshd[22510]: Illegal user master from ::ffff:68.12.255.97
Sep 2 02:50:18 dominion sshd[22512]: Illegal user apache from ::ffff:68.12.255.97
Sep 2 02:50:24 dominion sshd[22602]: Illegal user network from ::ffff:68.12.255.97
Sep 2 02:50:26 dominion sshd[22604]: Illegal user word from ::ffff:68.12.255.97
Sep 2 02:50:59 dominion sshd[22806]: Illegal user admin from ::ffff:68.12.255.97
Sep 2 02:51:01 dominion sshd[22808]: Illegal user admin from ::ffff:68.12.255.97

That IP reverse-resolves to “97.255.12.68.in-addr.arpa domain name pointer ip68-12-255-97.ok.ok.cox.net.”, which appears to be somewhere in Oklahoma, although the actual contact for Cox is in Atlanta:

Cox Communications Inc. COX-ATLANTA (NET-68-0-0-0-1)
                      68.0.0.0 - 68.15.255.255
Cox Communications Inc. OKRDC-68-12-0-0 (NET-68-12-0-0-1)
                      68.12.0.0 - 68.12.255.255


Given the frequency and pattern of the attack, it appears to be automated.  Unfortunately, any little pissant PFY can run this sort of thing, since the attack tools are pretty much automated (hence the term “script kiddie”).  Fortunately, none of the accounts in the attack tool’s dictionary are on my system (and even if they were, they’d have non-default passwords).  Still, I’ve often wished for an ICMP HACF packet that could be sent back to an attacker’s sytem.

The backup of my damaged RAID array finished yesterday afternoon (it only took about three days, rather than the week I’d originally thought).  I spent some time verifying that all the files had been copied and opened a random selection of them to verify their contents to satisfy myself that the backup would be useful* if the RAID array died completely.

After confirming the backup, I took down the system and pulled the bad drive and replaced it, rebooted, ran the RAID BIOS setup tool to add the new drive, and booted into Linux.  Once the system was up, the driver initiated the rebuild and it was a matter of waiting.  Fortunately, it rebuilt without any errors or problems.  So now I have at least double-redundancy for most of my data, and in some cases triple-redundancy. 

I keep the majority of my work files on the Linux RAID-5 system and access them from my desktop via Samba shares.  On the desktop I have the directory set to “Make available offline” so that if the Linux system goes down I can continue working.  The Linux system also serves as a secondary backup of this website (Dreamhost has backups, but it’s prudent to assume they won’t work and keep a backup of your own).  Every night at 1:00am the Linux system uses ssh to invoke a couple of database backup commands that leave tar-gzipped files in a temp directory on my web hosting account.  Then it uses rsync via ssh to backup everything in my account’s home directory.  Now, I also have a cron job on my second Linux system (the one with the scanner) that runs at 4:00am and backs up everything in my home directory on the RAID system (I picked 4:00am to give the web backup plenty of time to complete, although it’s usually done in 5 to 10 minutes).  Both backup jobs email me their output so I can confirm that they ran to completion.  This means that my work files are triple-redundant (on the RAID-5 system, on the desktop, and on the scanner backup system), my regular files (photos, emails, etc) are double-redundant (on RAID-5 and on the scanner backup), and my web files are quadruple-redundant (web server, Dreamhost backup, RAID-5 backup, scanner backup). 

That first rsync of my home directory (which took over two days) transferred 120GB and it got me to wondering just what I was using so much space for.  On inspection I found that I was using a lot of space for system backups from old systems that I no longer had (one backup was from 2003).  I also had a bunch of space taken up with software images that I no longer needed (like old SuSE DVD ISO’s, J2EE server install packages, application development toolkits, etc).  Deleting all that junk reclaimed 90GB of space. 

* (Click “Read More…” for the rest of the story)

Verifying a backup if just as important has having the backup in the first place.  If you rely on a third party to backup your data, it’s a good idea to ask them to retrieve a file for you from time to time just to make sure the backups work.  If they do incremental backups, you may even wish to ask for the file from a specific date. 

I do this now because of an incident that happened a number of years ago when I was still a programmer.  Our development was done on a Unix system.  The source code was in a source code control system, so even if the system died, we’d still have our code.  However, many of us had example code, documentation, and notes in our home directories.  The system was backed up to tape every night, and the operators were diligent about changing the tape and seeing that the backups completed each night. 

I don’t remember why it had to be done (it was either an OS upgrade or replacing a hard drive), but over a weekend an operator was going to have to wipe the system, reinstall, and then restore our data.  Unfortunately, he did not verify the latest backup before wiping the disks.  When he went to restore our files he found that the tape was bad.  The backup software didn’t catch it, so even though it had appeared to complete successfully, the tape was useless.  Luckily he found an earlier backup, but we still lost a month or so of data in our home directories.

Just as we finally conclude a long run of sweltering days, complete with record power usage, Mayor Mommy and friends come out to obstruct TXU’s plans to construct new power plants.

Voicing concern about air quality and global warming, Mayor Bill White and other top city officials in Texas announced Thursday that they will fight plans to build more than a dozen coal-burning power plants across the state.

The Texas Cities for Clean Air Coalition, spearheaded by Dallas Mayor Laura Miller, hopes to encourage companies planning to build those plants to use cleaner technologies, such as natural gas, to run the plants and meet the state’s power needs.

I have zero tolerance for this kind of nonsense.  TXU is taking steps to make these new plants cleaner than the old ones, but it never seems to be enough for some people.  The minute you mention coal they lose their minds.  They also whine and make noises about “affordable” options, but they’ve taken the most affordable one off the table.  Ultimately, if they get their way, not only will TXU be delayed in building power plants, but they’ll likely be more costly to build and more costly to operate, which translates as even higher rates.  Doesn’t sound very “affordable” to me.  And along the way their obstructionist delays could force us past the point where ERCOT has to institute rolling blackouts to save the grid.  We came within a couple of hundred megawatts of that point this summer.

Anyhow, here’s my statement on the issue:  If next summer, or the following one, I’m sitting around sweltering due to rolling blackouts because TXU couldn’t build the needed plants, I may start conducting experiments to see if burning environmentalists would work for generating power. 

Some knuckleheads calling themselves the “Tornado Digital Security Team” have hacked the KISD website.

Keller school district technology experts are restoring the district’s Web site after computer hackers destroyed hundreds of documents and photos late Tuesday.

The hackers replaced the home page with a page that shows a photo of a tornado and a lightning bolt and the message: “In The Name of God … This is Web site hacked by Tornado Digital Security Team.”

Keller officials are trying to trace the Web site address, www.TORNADO.ir.

It appears the hackers were searching for Web sites with holes in the security firewall, said district spokesman Jason Meyer.

“It looks like some sort of software program was working on our Web site and they’ve been doing it for several months,” he said.

I always hate news stories about computing and security issues, because most of the people who know what the heck really happened aren’t allowed to talk to the public.  I don’t doubt that script kiddies and perhaps even some serious hackers have been testing the firewall.  However, I expect that the techies just told the spokesman about the firewall logs so he’d have something to say to the media. 

The firewall does you no good if your application code has holes in it, since you have to allow traffic bound for the web server to pass through the firewall to access the application (unless you proxy it, but even that’s not totally secure).  I know I get a lot of idiots in China trying to run dictionary attacks against my SSHD (which has to have a port open on the firewall for me to use it).

I noticed that KISD is running a CMS called Joomla!.  Coincidentally enough, it appears that Joomla has a number of high priority security issues that were patched on Monday.

That’s not to say I know for sure that this is what happened, since there are so many ways that security can be compromised, and some quick research shows that these guys have hacked systems other than Joomla! (interestingly enough, they seem to like hacking Arabic sites).  I’d be really interested to see a writeup on what really happened here.

The Gecko was kind of “cute” when it first came out, but it’s just annoying now.  But worse than the Gecko are the commercials with the “celebrity” and the “real person.” 

Although, in their defense, I’ve always kind of wondered what that movie announcer guy looked like: 

Link to YouTube video of Geico commercial

Update:  Moved the YouTube inline player to the Extended Entry, since it was doing funky things in Firefox.

I previously mentioned the problem I had with my RAID system when I powered it back on.  It really got me focused on the fact that RAID isn’t really such a great method for preserving files.  It’s good for a single drive failure, and it’s good for keeping a system online even with a bad drive, but anything beyond that means total data loss.

When I ordered the replacement drive I also ordered a couple of plain old 250GB PATA drives (the ones that got “thunked” onto my doorstep yesterday).  I’d decided that I was going to keep a second system to back up the first before replacing the bad drive and rebuilding the array.

A couple of weeks ago I had resurrected an old system and installed Open SuSE 10.1 on it.  At the time I was mostly playing around with putting a scanner online (a RadioShack PRO-2052 that I got on clearance) using Icecast.  But since this system also had a built-in Highpoint 370 “RAID” controller it meant that I had two extra IDE channels that I could use to create a mirrored drive array using the Linux software RAID tools (the HPT370 is actually just a fancy IDE controller with a little hardware support for RAID, but not a true RAID controller).  Anyhow, the system was working and it was running headless in a corner of my living room (one of my motivations for Icecast and the headless living room setup is that my office is an EMF wasteland, making it difficult to get a decent signal).

I installed the new drives and booted the system.  Once it was on the network again I used Yast2’s partition tool (being headless, I did this using Cygwin’s X-server on a PC) to create the RAID array, format it, and add it to the filesystem table.  It took me a minute or two to figure it out, but once I did I was surprised at how easy it actually turned out to be (select each drive, add a primary unformatted partition of type Linux RAID, select RAID drop-down, select each partition and hit “Add”, select RAID 1, select Reiser filesystem, apply changes). 

I’m always a little suspicious when something is too easy, but it all appeared to be working so I started an Rsync of my home directory and left to walk the dog.  When I got back I saw that the drive lights were on solid, so I thought it was working.  A little later I tried to login, but couldn’t access the system. 

Once I got it rebooted, a bit of examination showed that both of the HPT370’s IDE channels as well as the wireless card were sharing IRQ 11.  Everything is PCI, and it’s technically supposed to be able to share interrupts, but I don’t like interrupt sharing.  Further, with the RAID array and the wireless card on the same interrupt, it would seem to be just asking for trouble.  Every operation involved in copying data seems to be piled up on one interrupt (i.e receive data on wireless card, write data to hard drive on first channel, write data to drive on second channel).

Unfortunately, this motherboard has a brain damaged implementation of PnP configuration in its BIOS, so that “unsharing” the interrupts involves physically moving devices to different slots.  For example, this motherboard is hardwired to share an interrupt between the HPT370 controller and whatever device is in PCI slot 2, so whatever interrupt you choose for slot 2 (INT PIN 2 assignment in the BIOS), it’s shared with the HPT370.

I also learned that moving a wireless card causes SuSE to “forget” the card (you have to go into Yast’s network configuration and delete the original entry for the adapter and configure the new entry from scratch). 

Once I got through all that nonsense I started the Rsync.  It’s not exactly setting any speed records, as it’s using ssh over my wireless LAN.  But so far it’s copied about 18GB without hanging (as opposed to just under 2GB yesterday).  So there’s only another 140GB or so to go.

At this rate it’ll be finished in about a week.  As long as it doesn’t hang.

One of the side-effects of working at home is that you quickly learn the habits of the various delivery drivers.  The UPS guy, in particular, is interesting to watch, as he usually runs from the truck, dumps the box at the door, hits the doorbell, and takes off at a run for the truck.  Unless he needs a signature, all that’s left of him by the time I get to the door is the rumble of his truck in the distance.

Today’s offender, though, is the DHL driver.  It’s really comforting to be informed that your new hard drives have been delivered by hearing the THUNK of the box as it hits the concrete in front of your door.

I wonder if they’d treat the boxes differently if they thought I was home?  I keep my truck in the garage, so unless I’m standing at the door or the lights are on people usually don’t know anyone’s home during the day.

I’d been waiting for a verdict in the Lindsey Crumpton trial as I was on the witness list due to some comments from the defendant via my feedback form in response to something I originally wrote about the case.  Ultimately I didn’t have to testify, but I was still curious about the verdict.

The Dallas Morning News has an article with the outcome:

A 20-year-old Waxahachie woman who tried to commit suicide in her SUV but instead killed another motorist was sentenced to 10 years in prison Friday.

The jury’s maximum sentence stunned Lindsey Crumpton and her supporters, who had pleaded for probation. The punishment verdict came as Ms. Crumpton was having an emotional meeting behind closed doors with the 18-year-old daughter of Kristina Kelly Bartlett, who was killed in the November 2004 crash.

In testimony during her trial, Ms. Crumpton described a history of severe depression and drug use. The one-time Waxahachie High School homecoming queen, cheerleader and college soccer player said she had run out of medication when she decided to kill herself by yanking the steering wheel of her Ford Explorer as she drove south on Interstate 35E.

However, it appears that Ms. Crumpton is still not willing to take responsibility for her actions, even though it appears she knew they were dangerous.

But under cross-examination by prosecutor Trey Crutcher, Ms. Crumpton acknowledged that she knew her actions were dangerous because she purposely left her puppy at home. “I didn’t want my puppy to be killed,” she said.

Mr. Crutcher also questioned why Ms. Crumpton had not jerked the steering wheel to the right, which would have prevented any chance of colliding with another car. She responded that she did not know why she turned her car toward oncoming traffic.

Ms. Crumpton denied that she was directly responsible for the death of Ms. Bartlett, 47, saying that she only set in motion a chain of events that resulted in her death.

The jury of 10 women and two men convicted her of criminally negligent homicide, concluding that a “reasonable person” would have known that her actions were dangerous.

A chain of events?  If she was a butterfly causing a hurricane across the ocean I might buy it.  But her chain only had one link:  the yank of the wheel.  It’s kind of hard to claim you couldn’t forsee the outcome from that particular chain.  Worse, it sounds like she’s trying to claim that she just decided at the last moment, but that is contradicted by leaving the puppy at home, which means that it wasn’t spontaneous.

My mother, who is almost as cynical as I am, thought she would only end up serving a couple of years, but it appears that the law has tightened that loophole a little.  According to the article Ms. Crumpton will have to serve at least five years before being eligible for parole.

I don’t know whether that’s enough time.  Unless Ms. Crumpton does a lot of growing up in that time, I don’t know that it’ll help.  She’s obviously not ready to take responsiblity for her actions.  I hope the parole board asks some pointed questions in this area when she comes up for eligibility.

A few days ago I was out walking my dog behind Town Hall when I noticed my shoe had started clicking on the sidewalk.  I looked down to see that I’d stepped on a big, rusty fishhook.  I see people fishing out there nearly every day, and mostly they don’t cause a problem.  However, the fishhook reminded me that there can be unexpected hazards from their activities if they don’t police their trash before leaving.

The fishhook, of course, is dangerous to any pets who might be walking in the area, since most of them don’t wear shoes.  I’ve also seen plastic worms/lures on the ground, and I can’t help but think they could be dangerous to the ducks, should a duck attempt to eat one.  But the worst offender, in my mind, is the person who keeps leaving big tangles of cast-off fishing line on the ground.  Last spring I saw a duck that had become entangled in the line and drowned.  I can only imagine that it was a horrible, slow, and ultimately needless death.