It’s Complicated and has layers… Like an Onion. Or How I  learned to stop worrying and love the tor.

With the latest outcome of the election and roughly half of the nation waking up to the fact that their “guy” was not going to be in the white house, people have been reminded of a need to keep their private lives a little more private. Of course this is outrageous because no matter who is in the Whitehorse the various security and spy agency of the world are always watching almost everything. One of the “easy” low cost ways of helping to secure your Internet presence is using Tor. Tor allows your Internet traffic to bounce around the Internet from volunteer to volunteer secured all the way before either landing on an exit node or a tor hidden service. In theory this prevents your traffic from being observed and monitored. Tor was originally designed by the US Government to allow spies, freedom fighters, and the oppressed to securely and communicate without fear of oppression. This in theory defends against most attacks up to massive brute force, possible flaws in the program, or if the bad actor has control and is observing a majority of the nodes in the network. (In theory these are possible by various three letter agencies owned by Uncle Sam).

Of cause, the big issue with using anything secure is that to be truly secure, you have to give up all of the nice to haves like Java script, goggle services and cookies. All allow you to be tracked by various parts of the Internet. One of the nice low hanging fruit that can quickly be secured through tor is Facebook. They have a tor service that will ensure that your Facebook traffic will be routed only inside of tor. The other easy way is to enable tor in android. The only additional software needed is orbot. The biggest thing to remember while signed into Facebook is that you just tied your tor persona to a named identity that allows you to be tracked. This is just bad opsec but would allow you to communicate out of oppressive countries elsewhere in the world. The other shortcoming to Facebook over tor on android is that push notifications of events will not work.

Vidalia Onions

Now Andy, what good is Facebook over Tor for you, you may ask. Almost nothing… even while connected via insecure wifi Facebook is already secured via https/tls encryption, and the fact that I am posting on Facebook via android is no secret, Nor am I trying to share state secrets. Plus Facebook is a US owned company, one National Security Letter and Uncle Sam has a copy of all of my actions. Plus to quote one of my friends who works in the field, “you are not that interesting.” I do it to make Facebook better for the people who need to use the service, plus to keep encouraging Facebook to continue improving the service. If no one uses the service, then it is easier to get rid of it. I also use it to help provide some additional cover to those who need it. If the TLA groups are bruteforcing the traffic, this adds yet another set of packets that they have to work on. Finally, it is so easy to do for androids. All you need to do is install orbot and click the “enable tor” option in facebook’s setting menu.

In the end, it may be just whistling in the dark, but at least it is something. Plus it ups my geek cred just a little bit. The only downside that I have found is that tor burns the battery far faster than the regular network.

Express Scripts or the value in failing the right way

FAIL stamp
System outages and maintenance are a reality of the computer driven world that we live in. The key to a good user experience is how you handle the failures that will always eventually happen. If you fail early in the process as possible, provide a meaningful error and provide the expected time until resolution it can go a ling way to keeping your users happy.
In todays example I had to call Express Scripts (my employer’s health plan’s mail order pharmacy) for a simple refill. I knew that I was in for trouble when the computer voice repeated “please wait” for several minutes while it was looking up my account. This was only confirmed after entering the prescription number and being greeted with “please wait” again. Eventually it transfered me to a human who said “The system is down, you will need to call back tomorrow after 6am. After I used the agent as a bit of a human verbal punching bag for wasting my time, I went on my way to try again successfully the next day.
What should have happened? The moment I went into the refill voice prompt, it should have greeted me with a message that the system was down due to maintenance rather than the 10 minutes that were needed to get to that information. In the end it also would have cut down on the support time and costs as the automated self service system would have been able to handle the problem with out any human intervention.
Failure happens, the trick is to plan for it and use it for the better.

The allure of the AlphaSmart

RetroRio 2012

Many years ago, when I was in elementary school computers were still somewhat rare. There was the computer lab in the library with a large number or old of Apple IIe computers that only ever ran sticky bear teaches typing and then one classroom Macintosh computer. To help bridge the gap they had a portable cart of small battery operated keyboards called AlphaSmart keyboards. They had an apple keyboard port on them and when the time came to dump your paper that you were working on to the mac or to the printer you could hook them up to the mac and they would type your paper out to a file. They were durable, the batteries lasted for ever and they were the perfect thing to keep kids on track since all they could do was type and spell check.

Time passed and computers in the classroom became more and more common. Computer labs expanded beyond just the corner of the library, and the AlphaSmart faded into the past. They became a relic of a simpler more elegant time. Apparently the AlphaSmart company continued to innovate until a few years ago when they finally ended the reign of the dumb keyboards. I was looking for a simple word processor that would be able to write drafts without the distractions of more modern systems. Also I was looking for something with a battery life that could outlast Moses himself. I remembered back to my elementary school days and the AlphaSmart units. After some research and a Lifehacker article in preparation to NANO month, I found that there were AlphaSmart that had a usb port and could work with almost any modern computer hardware. A little searching on amazon and I was able to find a gently used Neo by AlphaSmart. Shipping was quite prompt and the unit was exactly as described. A relic of a simpler time when research was done by hand and all that was needed to write a school paper was the electronic update to a typewriter.

Brigade Poster

I plan to use the neo to type more articles for my blog as well as other correspondence and will let you know how it is working out for me in later posts.  Also, by the way, this post was written on my “new” neo AlphaSmart.

Lessons learned from selling a car on craigslist

Rompin' Ralph Automobile Exchange

After several years of faithful service, a great opportunity arose to replace my 2000 Chevy Lumina with a newer 2008 Honda Civic LX. As it was a private transaction I was unable to “trade in” the old car and had to go through the trouble of disposing my old car.  Enter in the seedy underbelly of the internet, craigslist.

The first thing I did was to check KBB for a hint of what the car was worth, cleaned things out and took some photos. I then posted it to the site and waited.  The first thing I noticed was several rather shady text messages from out of town numbers starting out asking (+1 213-204-5393) “Hi.. is your 2000 Chevrolet Lumina for Sale Still? Just saw it online and it looks perfect for me. I’d like to buy it this week do you have any kind of report run on it’s history?” to which I responded no, explained the providence of it and that they could take a look at it if they would like. they then responded with “Will you please grab one of them from and email it to me at …” where the email was a numbered yahoo mail account.  This all got my scam spidy sense tingling. I promptly responded that they could run the report themselves if they wished or that I would provide a report from a NMVITS approved source ( He responded back with “I don’t feel comfortable running it myself because I am not the legal owner. Is that doable?”  I again offered a NMVITS blessed report and communication was broken off.

Next was from +1 701-645-7589 “Saw this advert and i am interested, am deaf if available text me back and let me know, sam” I was already a bit twitchy from the last message so I replied back “It is, I would be willing to meet you to take a look at it. Where are you? I see you have a 701 area code. Are you in ND or local?”

Sam then replied “I am in Arkansas right now due to work would you accept cashiers check as payment then after it clears your bank my mover will come for pickup.”

That is a big red flag. One of the CL scams that these fine people run is to give you a funny cashier’s check and then due to our arcane banking laws the money will appear for a little while and then get yanked back out by the other bank when they figure out something is wrong. So I replied back “I am sorry but it will have to be in cash, especially with the long distances involved. I find it surprising that you are buying the car sight unseen. All of these risks are too much for my comfort.

Each time I made it clear that I was not going to be an easy mark, they immediately broke contact and moved on to their next mark.

I assume that each of these numbers will be shortly back into the pool to be handed out as they don’t ever stay in one place for long, so please don’t go calling them with cleaver quips like “is your refrigerator running?” as the poor person on the other end of the line likely did nothing wrong.

I eventually did sell the car for cash money and thanks to the Iowa DOT checklist for selling a car it was a successful transaction.

Build boost in visual studio with Bzip

IRC on the Apple //c

Figuring out the correct magic incantation to compile the C++ boost library with Microsoft Visual Studio 2013 is somewhat of a magical trip. It is even worse if you want to include bzip for compression access. Add on top of that wanting to have x86 and x64 versions and you have a mess!

Here is what I was able to figure out:

First download Bzip from and uncompress the source code.

then inside of the visual studio tools command prompt (the 64 bit version for 64 bit and 32 for 32 bit) run the following commands:

.\bjam.exe -s NO_COMPRESSION=0 -s NO_BZIP2=0 -s BZIP2_SOURCE=<path-to-bz> --stagedir=.\stage\x64 --toolset=msvc-12.0 architecture=x86 address-model=64 -j8 --build-type=complete


.\bjam.exe -s NO_COMPRESSION=0 -s NO_BZIP2=0 -s BZIP2_SOURCE=<path-to-bz> --stagedir=.\stage\x86 -j8 --build-type=complete

If you are using a different version of visual studio, the toolset will be different. This site has the version numbers.

Good luck, and after you get it compiled remember, here be dragons Here be Dragons

How to configure Windows 8.1 and a Networked LaserJet 4 Printer

I have an old workhorse of a HP LaserJet 4 printer with a JetDirect Network Card. It may be 20+ years old and be rather cantankerous, however it still prints like a champ, toner refills for it are dirt cheep, and since I never print much, what do I really need a better printer for?
Laserjet says what?
Up until Windows 8, adding it as a network printer was not all that hard. The print drivers were bundled with the operating system, and all that was needed was to select it in the list. Well the times have changed, and Microsoft feels that it is time for the old horse to be put out to pasture along with all the other old PCL 5 printers. By default, Microsoft does not include pcl 5 drivers that can talk to the printer. Thankfully HP still provides a Universal PCL 5 Driver that will work at their site.
All you need to do, is download and decompress the installer. Finally follow the onscreen instructions to add the printer as a local tcp printer.
Hopefully that HP LaserJet 4 will last another 20 years!

Why it is important to watch your credit card or WTF is ATC*SYNAPSE

The scam truck

With all the breaches in credit card security lately I had us bank setup every account alert possible (talk about alarm fatigue). This morning I received a notification that ATC*SYNAPSE was charging me $36.00. Of course I immediately feared the worst, however after doing a little more research it was a recurring charge for Fitness magazine that my wife had signed up for for “free” while registering for a race.

Magazine stack

After doing a little checking $36 seemed rather high when Amazon was selling subscriptions for $5.99.
After a bit of googleing I was able to find the offending company behind this massive over charge, the Synapse Group they have an online service page if you want to cancel online or just call them at 203-595-8255

So the end of the story is that I called them, they are refunding the $36 and canceling our “order”. After they end we will be re-registering with a far cheeper subscription and saving money all around.

The oddest things get you views

naked CX bike

A while back I wrote a blog post about how the “naked” X-ray scanners at the airport were a bunch of bunk, and how Adam Savage was able to accidentally carry sharp and “dangerous” tools on an airplane after going through one of them. It was a relatively brief post and I never thought it would be a big deal, however I never figured that google would pick it up and link the words Adam Savage and naked together. In this sad world there are apparently several people who search for “Adam Savage naked” and find their way onto my blog. To those of you who do, first I would like to say welcome, and secondly eww and Why?!

It just goes to prove that blog posts have a long tail, and the oddest turns of phrase come back to surprise you!

Revising bash history


One of the biggest flaws of using multiple instances of bash on most linux machines is that the last virtual terminal to close is the one that gets written to bash history. This last in way of recording history is one that causes issues especially when using tools like screen tmux or byobu Fortunately there is an easy update to your .bashrc file:

export PROMPT_COMMAND=’history -a’

The end result is that your bash history will be in chronological order of the commands being entered. While this may not always be the perfect solution it is in most ways better then the alternative of having large chunks of history lost to the ages.

Thanks to this blog for pointing me in the right direction.