tag:blogger.com,1999:blog-84221456832468495552023-11-17T19:41:02.690-05:00#eager0Unknownnoreply@blogger.comBlogger166125tag:blogger.com,1999:blog-8422145683246849555.post-66839831754338099282023-09-08T08:08:00.003-04:002023-09-08T08:09:14.055-04:00the yellowjacketsthe yellowjackets<div>that lived in the deadspace between rooms</div><div>and visited too often</div><div>are gone.</div><div><br /></div><div>i do not miss them.</div>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-15852137970134075292022-01-14T10:45:00.002-05:002022-01-14T10:45:22.665-05:00Accounting II<p>Patches of snow lay on the grass, islands of snowflakes succumbing to the January midday sun. They'll evaporate soon, but it's ok. There's more snow in the forecast, and temperatures will be measured by single digits.</p><p>Pandemics bring out the best and worst of us. Or maybe, pandemics strip us of conspicuous behaviors and leave only the true self exposed to be seen and judged. Or maybe pandemics don't do a thing, and it's just the latest excuse for humans being human. We didn't go crazy in February 2020, we just quit pretending like we weren't all along.</p><p>If you were wondering, yes, I tried keeping bees again. It was my third and final try. The colony was aggressive, and for once I felt afraid when handling the frames. I'm too tired to be voluntarily afraid these days. I left the bees to fend for themselves deep in the woods. They made it this far without humans, I trust they'll be fine. Then again, single digit colds can squeeze even hardy bees, and these specimens were raised in the Florida panhandle. I do hope they're okay.</p><p>Still an optimist, though the distinction between optimist and lunatic is less clear these days. A small box falls off a freight train; the train carries on. It'll be okay. Slow music and golden light will see us through. It's always the humanities that save us from ourselves. A little less TikTok, and little more <a href="https://www.eager0.com/2017/06/mr-cole-please.html" target="_blank">Thomas Cole</a>, please. Remember museums? Yeah, me too.</p><p>I've bought tickets to more concerts in the last two years than in the decade before. I've attended none of them. But my wife and I had the joy of introducing our daughter to <a href="https://www.washingtonballet.org/events/the-nutcracker-2021/" target="_blank">The Nutcracker</a> at the Warner Theatre, before omicron dashed the already muted hopes we had of having covid-19 behind us. Such bright moments illuminate the darkness of these days. But I'm not greedy; I'll take one a year, thanks.</p><p>Maybe I'll lace up the trail running shoes and learn again that I'm older than I've ever been before, because I'll never be this young again. Or overpack for a walk in the woods. Find a spot of quiet away from the overpass. Or maybe give up and continue to check for updates for everything.</p><p>We'll make the most of this year, dear friends. Or maybe, it will make the most of us.</p>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-88875414527857452492021-05-29T21:42:00.002-04:002021-05-29T21:42:32.404-04:00The Inherent Vulnerability of HCI<p><table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeV6TyO6K8ib6PBQLKk6hfBxu44dQsld5kY2ljdryD7256SZMXVpquLcUhsQqiDpBw64EhHKC-gtNe1692GqvEan52UeeeBVtcA0lpryS-QIu6vx2brBiK3jvDgq_kSHBe-DIJd-uQczQ//" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img alt="" data-original-height="200" data-original-width="356" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeV6TyO6K8ib6PBQLKk6hfBxu44dQsld5kY2ljdryD7256SZMXVpquLcUhsQqiDpBw64EhHKC-gtNe1692GqvEan52UeeeBVtcA0lpryS-QIu6vx2brBiK3jvDgq_kSHBe-DIJd-uQczQ//" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">But patching makes it better.</td></tr></tbody></table>vSphere admins of the world sure had fun last week! VMW dropped <a href="https://www.vmware.com/security/advisories/VMSA-2021-0010.html" target="_blank">VMSA-2021-0010</a> on us Tuesday, and you can imagine faces falling as virtualization administrators read the details: unauthenticated RCE on 443, <a href="https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System" target="_blank">CVSSv3</a> Range:6.5-9.8, versions 6.5, 6.7, and 7.0 all affected. Any optimism we had going into a long weekend was summarily tempered with the cold reality of unscheduled and / or emergency changes. <br /></p><p>To VMware's credit, the company published a <a href="https://blogs.vmware.com/vsphere/2021/05/vmsa-2021-0010.html" target="_blank">blog post</a> with a stunning amount of information regarding the severity of the issue and clearly expressed the urgency of the situation, to wit: <b>When do I need to do something about this? Right now</b>. The post is as good as the flaw is bad.</p><p>For administrators of vCenter Servers that supervise converged or traditional infrastructures, patching was a relatively easy task. Of course you read the release notes first (cue laugh track). In most cases, suffering the indignities of officious change management processes eclipsed the update task itself. If you've been keeping up with VCSA updates, you know that you always grab a snapshot and run an ad hoc backup through the VAMI before you do anything. Once you've taken steps to protect the data, you run the update and within minutes you're back in business. Delete the snapshot and move on.</p><p>But for admins of hyperconverged solutions (e.g., <a href="https://www.delltechnologies.com/en-us/converged-infrastructure/vxrail/index.htm" target="_blank">Dell's VxRail system</a>), the process is not so simple. HCI vendors maintain a tight grip on the versions of each component in the bundled system, and mince no words in warning users to not upgrade software outside of the bundled updater. There's an expectation that when VMware publishes a software upgrade for a critical security issue, the HCI vendor will quickly incorporate that update into their bundle and make it available for download. In this particular case, VMware published a workaround along with the security advisory that allowed users of HCI to defend against exploits.</p><p>However, the gap between VMware and HCI-vendor patch releases is unacceptable when the issue is remote code execution. The finnicky requirements of the infrastructure solution force its users to remain vulnerable beyond the immediacy of moment.</p><h3 style="text-align: left;">Last Words</h3><p>HCI is still a worthwhile solution for most vSphere environments. The onus is on the customers and users to decide how they'll account for and supplement for the unacceptable delay in incorporating critical security updates into their solutions.</p>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-24210744171654454302021-03-02T15:16:00.005-05:002021-03-02T15:19:18.048-05:00Getting There from Here with vROps<p><i>At Cloud Field Day 9, VMware presented their vRealize Operations Manager software as a means to assess cloud readiness and costs. I attended as a delegate, which means I received some swag from VMware (a reusable water bottle). I hope my opinions aren't so easily swayed. Narrator voice: they aren't.</i></p><p><table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-eqmf4NqLzKQx1fiNs29mjzfx_Cvl7JZVh6aXReE9KGwf8TMwOrFvGicoH5Khy922VEXQANkkE3Qt6dzjIHrBj5BiYNVW4Af1HEAMrRme0S_glXuTrJD7YIEeHzoU7NbuLNhyphenhyphenB8AjBfc//" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img alt="" data-original-height="196" data-original-width="468" height="134" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-eqmf4NqLzKQx1fiNs29mjzfx_Cvl7JZVh6aXReE9KGwf8TMwOrFvGicoH5Khy922VEXQANkkE3Qt6dzjIHrBj5BiYNVW4Af1HEAMrRme0S_glXuTrJD7YIEeHzoU7NbuLNhyphenhyphenB8AjBfc//" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">VMware's depiction of the cloud journey.</td></tr></tbody></table>For the better part of a decade, VMware has described the process of embracing and migrating cloud services as a journey. I recall hearing this message loud and clear in San Francisco at VMworld in 2014, and I was admittedly confused by it. How could migrating your applications to the cloud be so difficult? What barriers were so insurmountable that groups of motivated IT professionals couldn't complete such a project in a single phase?<br /></p><p>Seven years later, when I informally survey the market and assess where several large enterprise customers are in their journey, I understand. The problem that keeps enterprises from adopting cloud has less to do with technology and more to do with business operations: cost is once again the primary consideration for the business.</p><p>Identifying the true cost of IT services (which is to say the cost of the hardware, software, development, security, and operations) is notoriously difficult. People tend to spitball these costs during meetings, but can rarely show the receipts. And if you're not able to determine today's costs, you're not able to perform a true cost comparison with a cloud-based solution. This may be less true for shops that are moving off of a server-centric IT model and onto serverless. However, I propose that, if in 2021, an organization that hasn't yet moved to the cloud is still highly dependent upon servers.</p><p>To solve this problem, VMware positions vRealize Operations Manager (stylized as vROps) as a means to calculate your current costs and compare them to estimated cloud costs. It does this by leveraging data center technologies like vCenter Server, ESXi, and NSX, collecting data from these sources, and analyzing data to develop an accurate picture of your environment. It's pretty slick.</p><p>For example, let's say you're considering a cloud migration, and you want to stick with a server-centric delivery model. It might be tempting to export the system specifications for your on-prem VMs and use this data to estimate costs for your cloud VMs. However, you're assuming that your existing environment is right-sized. This is likely not the case. vROps can compare the size of your VMs with their observed workload, and recommend changes to bring the VM inline with its demand. This feature has been integral to vROps for many version, but the incorporation of this feature into the cloud planning function is key. Take the opportunity to right-size your VMs prior to using their specs to estimate cloud costs. </p><p>Side note: When you're ready to start planning your cloud architecture, you'll want to try out <a href="https://www.vmware.com/products/vrealize-network-insight.html" target="_blank">vRealize Network Insight</a>. vRNI can discover the relationships and connections between your systems, which is vital for planning your cloud networking architecture. And when you're ready to build out your migration strategy, <a href="https://docs.vmware.com/en/VMware-HCX/services/user-guide/GUID-A7E39202-11FA-476A-A795-AB70BA821BD3.html" target="_blank">VMware HCX</a> can simplify the planning process for you.</p><p>In summary, vROps offers more than just vSphere alert centralization and policy compliance. Use this tool to inform your decision making as you head for the clouds.</p><h3 style="text-align: left;">FYI</h3><p><a href="https://www.youtube.com/watch?v=TQTiEvGMhVM" target="_blank">Here's</a> a recording from #cfd9<span style="font-family: inherit;"> in wh</span>ich Taruna Gandhi, Senior Director, Product Marketing at VMware, discusses how vROps can be used to facilitate a journey to the cloud. For the costing capabilities within vROPs, check <a href="https://www.youtube.com/watch?v=Ld6njDoyRgM" target="_blank">this one</a> out.</p>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-21216507361251491792020-12-14T11:54:00.006-05:002020-12-14T15:10:17.446-05:00Who Watches the Watchers?<p><span style="font-family: arial;">On December 13, 2020, the <span style="background-color: white; color: #212121;">Cybersecurity and Infrastructure Security Agency posted an <a href="https://cyber.dhs.gov/ed/21-01/" target="_blank">Emergency Directive</a> that describes actions federal agencies should take as a result of a supply chain attack against certain <a href="https://www.solarwinds.com/" target="_blank">SolarWinds</a> products, namely those built upon the Orion platform. The short take is that any organization using SolarWinds Orion solutions should immediately power these systems off, unless they have the means by which forensic images can be captured while the systems are still online.</span></span></p><p><span style="font-family: arial;">SolarWinds develops monitoring tools for all manner of IT components: on-prem physical and virtual servers, storage, cloud instances, web sites, and event logs. They're widely deployed in public, private, and military settings. And they're wildly popular with the tech influencers on Twitter; I've been a SolarWinds MVP for longer than I can remember.</span></p><p><span style="font-family: arial;">Attacks on monitoring systems raise an interesting question: how do you monitor a monitor? Most systems monitoring solutions are deployed as the end of a chain: you build an infrastructure, you build the systems, applications, networks, and then you build a monitor to keep an eye on them all. Consideration is rarely given to whether the monitor is doing its job with integrity: have you ever deployed a monitor to monitor the monitor? Likely no, as throughout the industry we've accepted that a monitor is the last in a set of pieces to any IT puzzle.</span></p><p><span style="font-family: arial;">The advisory from this weekend challenges that assumption, and once again reveals the risk we all face when operating IT infrastructure at any scale. No component or system can be trusted without a method for verification in place. And actions of these systems' administrators should be closely monitored for atypical behavior.</span></p><p><span style="font-family: arial;">It's unclear at this point whether the <a href="https://www.solarwinds.com/securityadvisory" target="_blank">recent patch</a> from SolarWinds addresses the supply chain issue. My recommendation is to wait for CISA to provide further guidance before you return your SolarWinds Orion servers to the networked world.</span></p>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-15090636787164493542020-11-11T14:37:00.006-05:002020-11-11T14:39:49.768-05:00Hybrid Cloud for Everyone (#CFD9)<p>A panel of delegates and a select group of technology companies convened at <a href="https://techfieldday.com/event/cfd9/" target="_blank">Cloud Field Day 9</a> last week to discuss innovations in the cloud services market. I'm fortunate to have attended as a delegate. In this capacity, I enjoyed a front row seat for presentations on the latest in cloud technology.</p><p></p><table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9GojPm0KX9eF-wH5Q9ouAhILA3UI1LxDEyOJyFixDg1zSf88X78p9_Nn4zfhuZRWU2Q0eN-Y3INP0ElAicnC153_UKrEja1jmpAX9uo727eXfMamEhbnPInupDMLUQLWH3Om7xXnHS5Q/s2048/person-looking-at-the-clouds-from-top-sd.jpg" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1365" data-original-width="2048" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9GojPm0KX9eF-wH5Q9ouAhILA3UI1LxDEyOJyFixDg1zSf88X78p9_Nn4zfhuZRWU2Q0eN-Y3INP0ElAicnC153_UKrEja1jmpAX9uo727eXfMamEhbnPInupDMLUQLWH3Om7xXnHS5Q/w400-h266/person-looking-at-the-clouds-from-top-sd.jpg" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Still locked in a staring contest with cloud? You're not alone.<br /></td></tr></tbody></table>While every presentation showcased the capabilities that made each solution unique, a theme quickly emerged during the event: the promise of a Kubernetes-based hybrid cloud world is still just beyond the reach of most enterprises and businesses. Outside of the <a href="https://en.wikipedia.org/wiki/Hyperscale_computing" target="_blank">hyperscaler</a> and <a href="https://fortune.com/fortune500/" target="_blank">Fortune 500</a> crowd, IT leaders and technology professionals have yet to find practical ways to efficiently and effectively leverage the variety of public cloud services that are available today.<p></p><p>Two common cloud migration strategies (lift-and-shift and refactor) have run their course. What options are left to the late adopters? Is it too late to move forward with a hybrid cloud strategy, especially if you haven't even figured out a single cloud strategy?</p><p>To hear from VMware, Red Hat, Pure Storage, StorPool, NetApp, AWS, and Scality, the answer is a hard no (where no is a good thing).</p><p>If you haven't adopted a cloud strategy of any variety yet, you're not alone. The implications of a shift from traditional on-premises workloads where the server is the base unit of abstraction are non-trivial, and impact more than just your operations. You've heard of containers and docker and kubernetes, but these are not minor projects for an organization to tackle on their own. Even using managed solutions like <a href="https://cloud.google.com/kubernetes-engine" target="_blank">Google Kubernetes Engine</a> and <a href="https://azure.microsoft.com/en-us/services/kubernetes-service/" target="_blank">Azure Kubernetes Service</a> are serious undertakings that require a highly specialized skillset (enter the SRE) to properly build and manage. But good SREs are in high demand, are hard to find, and should be freed from operations to spend their time making your applications faster and better.</p><p>In particular, VMware recognizes that their customers inhabit the entire spectrum of cloud adoption:</p><p></p><ul style="text-align: left;"><li>On-prem / private cloud</li><li>Cloud curious</li><li>Hybrid cloud</li><li>Cloud first</li></ul><div>VMware's challenge as a company is to meet the needs of their customers, regardless of each customer's progress in their cloud journey. To this effect, the company is using its suite of vRealize applications, particularly the vRealize Operations Manager tool, to assist in the planning stages of a cloud project. And they've embraced a growing trend within the industry: data center extension. <a href="https://aws.amazon.com/vmware/" target="_blank">VMConAWS</a> is a very attractive solution for on-prem shops that have a major investment in vSphere but want to safely expand to a cloud environment.</div><div><br /></div><div>I'll have more on VMware's cloud solutions, along with overviews of each of the presenters from Cloud Field Day 9, published soon. In the meantime, you can view all of the presentations <a href="https://techfieldday.com/event/cfd9/" target="_blank">here</a>.</div><p></p>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-57738012099745005122020-07-31T22:29:00.001-04:002020-07-31T22:29:15.686-04:00visiting the country from the cityRoll your troubles on down the hill<div>It's been a long while and it'll be longer still</div><div>Til you pay off your debts</div><div>And sign your last bill</div><div>Then we'll roll you on down</div><div>Where the water moves still</div>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-52268905082856033502020-05-19T07:06:00.000-04:002020-05-19T07:06:11.376-04:00Today is TomorrowIt's the seventh of May, and it's still the same today that it's been since early March. Sunrises and sunsets, digits increment on iOS home screens across the country, and we're still stuck on repeat 1, like the time we discovered "Jungle Boogie" after watching <i>Pulp Fiction</i> and nearly wore out the polycarbonate compact discs that we stored music on thirty years ago. The weather's getting nicer, and playing with my daughter in the sunshine feels pretty good. Maybe working from home all of the time is the change I needed.<br />
<br />
Two decades ago a friend recommended that I read Tom Robbin's excellent book <i>Fierce Invalids Home from Hot Climates.</i> Aside from the antihero Switters and the three female characters who exert incredible force on his story arc, one character stands out in these days of quarantine: End of Time.<br />
<br />
From the novel:<br />
<blockquote class="tr_bq">
(Fer-de-lance had concluded that the shaman’s name could be more accurately translated to mean End of Future, or more explicitly yet, Today Is Tomorrow. Accent on the verb. Today Is Tomorrow.)</blockquote>
Today <i>is </i>Tomorrow, because I started writing this on May first, then changed the first line to the seventh (after changing it first to the fourth), and now it's May the eighteenth. But it's still the same today it's been since early March. And it's this same day we'll live for the foreseeable future.<br />
<br />
I push my daughter on the yellow swing in the front yard, and she lists the places she and I will visit "after the virus." In no particular order:<br />
<br />
<ul>
<li>Cross Street Market</li>
<li>The pizza place</li>
<li>The chocolate shop</li>
<li>The coffee shop</li>
<li>The bakery</li>
<li>The playground</li>
<li>The grocery store for pizza and sushi and big chocolate chip cookies</li>
<li>Another pizza shop</li>
<li>Yet another pizza shop</li>
<li>Starbucks</li>
<li>Rita's</li>
</ul>
<div>
<br /></div>
<div>
Her list makes me smile. It's a list of all the places she and I visited in the normal life of running between appointments, sprinting to the city for afternoon classes and having time to kill in Federal Hill. Running down the sidewalks. Never passing up an opportunity to pick up a few raspberry truffles and milk chocolate pretzels. She and I laughing in the market.</div>
<div>
<br /></div>
<div>
The time is passing, I think.</div>
<div>
<br /></div>
<div>
I lent my copy of <i>Fierce Invalids</i> to a good friend who offered his copy of <i>A Visit from the Goon Squad</i> in return. It feels like only yesterday when I made that trade. It was seven years ago.</div>
<div>
<br /></div>
<div>
Seven years, or a few months, maybe it was yesterday. It's all whimsy. We're all my grandfather now.</div>
Unknownnoreply@blogger.comBaltimore, MD, USA39.2903848 -76.612189339.0937408 -76.934912799999992 39.4870288 -76.2894658tag:blogger.com,1999:blog-8422145683246849555.post-61751343543456149622020-03-05T11:17:00.001-05:002020-03-05T13:19:21.995-05:00Email Engineering and Duress-Driven DesignTwo observations for you. If you're busy, you can just go ahead and agree with me now and move along.<br />
<br />
<h3>
Engineering by Email is Evil</h3>
Have you ever been part of an email thread at work that starts out with an innocent question like, "what's CPU usage on cluster alphabet?" but then devolves into a highly technical planning session with multi-paragraph diatribes about design decisions and flimsy, off-the-cuff justifications? It usually spirals into chaos soon thereafter as disagreement abounds. And decisions are made based on who replied to the thread (which is saved by everyone as a "get out of jail free" card).<br />
<br />
This is engineering by email. And it is pure evil.<br />
<br />
I've developed an informal method for determining when engineering by email is occurring: I look at the height of the scrollbar relative to the height of the window. If the scrollbar's height is 1/4 or less of the window's height: run. And let's not even talk about how <a href="https://www.nngroup.com/articles/scrolling-and-scrollbars/" target="_blank">horizontal scrolling</a> is widely understood to be a <a href="https://usabilitygeek.com/horizontal-scrolling-user-experience-best-practices/" target="_blank">bad UX idea</a>.<br />
<br />
Engineering is a process, just like design, digestion, and the Xiphoid. Ok, maybe not <i>just</i> like those things. But it's a process nonetheless. It requires a deep understanding of your requirements, constraints, assumptions, and other influences. It can't simply be typed into existence in response to an email. And email is certainly not a suitable repository for such documentation.<br />
<br />
“But no one uses email anymore! We use slack! We use Teams! We used Cisco Webex Teams! We use HipChat!”<br />
<br />
Oh shut up already. Everyone uses email for work. No temporal walled garden app will kill email. But I’ll entertain that thought a moment and tell you that if you use any of these messaging platforms as your primary source of inter- and intra-office communications, then the same applies.<br />
<br />
In many ways, we’ve lost the true meaning of <a href="https://www.dictionary.com/browse/engineering" target="_blank">engineering</a>. It’s a process, not a product. A science, not a suggestion. Engineering isn’t a one-line message that says, “Maybe we can use the DR site since it has excess capacity?” That’s an idea, part of a brainstorming effort. It can influence engineering, but on its own this is NOT engineering.<br />
<br />
<h3>
Duress-Driven Design</h3>
You can't build something out of fear. Your motivation can't be to not get fired or publicly shamed. These conditions lead to duress-driven design. And like engineering by email, it is also pure evil.<br />
<br />
Your project timeline needs to reflect the enormity of the problem you're solving. While we all like to take our turn as the superhero that saves the day by delivering an amazing solution in a highly compressed time frame, we’ll only burn out all the faster for it. And bypassing development, or feverishly condensingit, is never a good idea.<br />
<br />
<h3>
What's the Point?</h3>
The point is that if you work in an enterprise environment where the two items above are not only tolerated but heralded as "working hard," you should get the fuck out as soon as possible.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-66276902646197135932020-01-22T14:39:00.000-05:002020-01-22T15:41:30.542-05:00AccountingIt's the warmest New Year's Day I can remember, but as I recently shared with my wife, I can't remember things like weather from one year to the next anymore. I can't remember if I ever remembered such a thing as fleeting and uninteresting as the weather. Sometimes I record the temperature and the sunniness of a given day in one corner of the too infrequent entries in my beekeeping journal, if I remember. But sometimes, I don't.<br />
<br />
New Year's Day is a good day for optimists, and I continue to be one. You imagine a whole year laid out before you. You schedule successes and celebrations. You anticipate the positive results of challenges that you don't yet see coming. You hope that this warm winter weather is a seasonal fluke, and not the harbinger of irreversible climate change. Optimists aren't naive, we're just hopeful.<br />
<br />
Even pessimists find a reason to be joyous on January 1st. If nothing else, it's a milestone at which you can stop and turn around, look at the road behind you, and be glad it's behind you. If nothing else.<br />
<br />
Optimism isn't foolish head-in-the-clouds dimwittedness, though my cantankerous coworkers would certainly disagree. It's the result of a constant accounting of experience, of failures and defeats, of missed opportunities and unexpected wins. This optimist recounts these ups and downs on a near hourly basis, likely the result of undiagnosed ADHD and a persistent feeling of having left a pot on the burner last night.<br />
<br />
My bees did not survive the winter. I've lost two hives in two seasons. But I'll try again this spring. Each failure instructs. Maybe the hives swarmed, and the frozen bees in the deeps were just the remnants of the colony. Or maybe I starved them because I don't yet understand how to sustain bees through the single-digit colds of the mid-Atlantic. My beekeeping gloves are turning a mesmerizing shade of amber, and my hive tool is starting to look like an old tool. I like how old tools look. I look at my hands, and they look like old tools, too.<br />
<br />
I ran two half marathons in two weeks last fall: one on asphalt, the other on earth. Trail running is fine, but it's not for me and my declining vision. Depth perception is important when navigating roots and rocks, and I still haven't had my glasses repaired since I fell face-first in the single track around Loch Raven. My mind is twenty but my body is twice that and some.<br />
<br />
Being an optimist means compiling a list of things that you'll likely fail at over the next twelve months, and doing them anyway. So raise a glass of the mead you'd like to brew in the fall. We drink, dear friends, to future failures.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-77102149321026847692019-12-06T08:16:00.002-05:002019-12-06T08:21:22.354-05:00Spam Posts, Volume 1I don't care much for comments on the Internet. But on occasion, I do find the spam comments awaiting moderation on this blog to be pleasantly absurd. So here are my current faves, each of which has been patiently awaiting moderation for quite some time. Oh and I'll comments on the comments, because that's how things works today.<br />
<br />
<blockquote class="tr_bq">
Great weblog right here! Additionally your site loads up fast! What web host are you the usage of? Can I am getting your affiliate hyperlink on your host? I wish my site loaded up as fast as yours lol on <a href="http://www.eager0.com/2014/11/unperceived-existence-of-collected-data.html">Unperceived Existence of Collected Data</a></blockquote>
<i>I mean, it's alright. And it's not a heavy site, so it should load pretty fast. But then the language loses about 100 IQ points and I'm sorry your site loads slow.</i><br />
<blockquote class="tr_bq">
I think this is one of the such a lot significant information for me. And i&#39;m glad reading your article. However want to observation on some basic issues, The web site taste is ideal, the articles is truly excellent : D. Good process, cheers on <a href="http://www.eager0.com/2013/12/error-while-updating-vmtools-in-fusion-6.html">Error while updating VMTools in Fusion 6</a></blockquote>
<i>Cool. Definitely some significant information here, although significance and value are not synonyms. I&#39;m also glad reading my article. I've never tasted my website though. I'll try it and report back.</i><br />
<blockquote class="tr_bq">
Terrific article! That is the kind of information that are meant to be shared across the net. Disgrace on the seek engines for not positioning this put up upper! Come on over and discuss with my web site . Thank you =) on <a href="http://www.eager0.com/2014/11/unperceived-existence-of-collected-data.html">Unperceived Existence of Collected Data</a></blockquote>
<i>You had me at "disgrace on the seek engines." That's my new band name.</i><br />
<blockquote class="tr_bq">
What i don&#39;t understood is if truth be told how you&#39;re not actually a lot more smartly-appreciated than you may be right now. You&#39;re very intelligent. You realize therefore significantly when it comes to this matter, made me personally consider it from a lot of numerous angles. Its like women and men are not fascinated unless it is one thing to do with Lady gaga! Your personal stuffs great. At all times handle it up! on <a href="http://www.eager0.com/2019/03/bias-to-action.html">Bias to Action</a></blockquote>
<div>
<i>Not one of us is smartly-appreciated, you're right about that. But then you lost me until I pattern-matched on Lady gaga. I think her personal stuffs are great, too.</i></div>
<blockquote class="tr_bq">
Its not my first time to pay a visit this website, i am visiting this website dailly and take pleasant data from here all the time. on <a href="http://www.eager0.com/2018/12/back-to-basics-making-nslookup-more.html">Back to Basics: Making nslookup more useful</a></blockquote>
<div>
<i>This is sad, bruh. I update this site like 8 times a year. Maybe you like routine, and just need the comforting embrace of the same to get you through the day. If so, read on, friend. It's going to be alright.</i></div>
<blockquote class="tr_bq">
Greetings! This is my first comment here so I just wanted to give a quick shout out and say I really enjoy reading through your posts. Can you recommend any other blogs/websites/forums that cover the same topics? Appreciate it! on <a href="http://www.eager0.com/2014/11/unperceived-existence-of-collected-data.html">Unperceived Existence of Collected Data</a></blockquote>
<i>And salutations to you! Thanks for the comment. If you like this blog/website/forum, you'll really like <a href="http://www.xnxx.com/" target="_blank">this one</a>.</i><br />
<blockquote class="tr_bq">
i love nslookup and have been using debug for years nice to see this post !! on <a href="http://www.eager0.com/2018/12/back-to-basics-making-nslookup-more.html">Back to Basics: Making nslookup more useful</a></blockquote>
<br />
<i>Ok, maybe this isn't spam. Or it's spam that is so closely aligned with the content of this particular post that I'm going to give it a quiet nod of approval before marking it as spam.</i><br />
<br />
And with that, I'm going to purge these posts from existence. I'm excited to see what the next round of spam will bring. You can tell, right?Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-68174934363531715462019-10-22T16:55:00.000-04:002019-10-22T16:55:47.984-04:00A Faded Retelling of Al Monzo's Palace InnA demi-lifetime ago I worked at Music Machine, a collector's music store in Owings Mills, Maryland. Holy shit, now that I think of it this was thirty years ago. The Internet hadn't become a socially-acceptable thing to talk about or participate in, which meant the only way you could acquire and listen to music was through a local record store. Sure, you found yourself at Sam Goody every now and then when you were already at the mall. And you may have fallen for the trap that was An Die Musik. But for anyone who was both serious about their music and unashamed to rub elbows with fell crate diggers, the record store was your hang out.<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhedlkduCQDohCDSwyB8niwUVfHOL9t2M97cV24M5lkFxaT7DgtjoSjOytmBmU7gt5OHoLc8LJ9bgWOEf4A464qT2gE5SrWa_4O7f_j9WUmUJd9s5s0KOz4P88Oz6bFFbPhZF4ISBkWEd0/s1600/negative-space-record-album-store-barn-images.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1081" data-original-width="1600" height="216" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhedlkduCQDohCDSwyB8niwUVfHOL9t2M97cV24M5lkFxaT7DgtjoSjOytmBmU7gt5OHoLc8LJ9bgWOEf4A464qT2gE5SrWa_4O7f_j9WUmUJd9s5s0KOz4P88Oz6bFFbPhZF4ISBkWEd0/s320/negative-space-record-album-store-barn-images.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">No shit, all record stores really looked like Championship Vinyl.</td></tr>
</tbody></table>
As a teenager in a shitty high school band, I could not have had a more perfect place for my first real job (in that I was on the payroll). I got to unbox all of the latest Depeche Mode singles before they went on sale. We'd get <a href="https://en.wikipedia.org/wiki/Cut-out_(recording_industry)" target="_blank">cutouts</a> from local college stations and listen to good music all day while we worked. We had regulars who arrived on the days of the weeks when they knew we'd have new music; it was always Tuesdays and sometimes Fridays. But the retail portion of the shop was not nearly as busy as the mail room, where I spent most of my time.<br />
<br />
In the mail room, we received orders that were sent to us via U.S. Mail or the telephone. We had a computer system (pretty sure it was named ShipIt) that would assist with writing out labels or correcting zip codes for given addresses. But the labor involved was the best. You'd take an order from a customer, and then go digging through rows and rows and rows and rows of CDs, vinyl, and assorted memorabilia. There was an organizational system in use, I'm certain. But finding the item you needed was an art form.<br />
<br />
I'd search for something interesting, like a Japanese version of a Pearl Jam b-side. I'd dig through the Pearl Jam section until I found what I was looking for, and then start packing it up. I remember the smell of that brown packing tape, and I remember never being good at using the tape gun. Fuck that tape gun, man.<br />
<br />
But even the mail room wasn't the most exciting part of life as a record store employee. The big excitement was the weekend trips to record shows throughout the north east United States.<br />
<br />
Record shows. Even typing that phrase seems outdated. Maybe I’m outdated. Maybe that doesn’t matter, because record shows still pop up along the East Coast anyway. <a href="https://www.goldminemag.com/collector-resources/record-show-calendar" target="_blank">Goldmine</a> is still tracking them for you, if you were wondering.<br />
<br />
A record show, for those born in the post-unironic-vinyl wasteland, is an intimate event held in a hotel ballrooms where collectors can acquire all sorts of music memorabilia, and music, too. But don’t show up looking to buy something you could stream on Spotify; unless you’re looking for a rarity, or an import bootleg, or a piece of signed merchandise you’ll be disappointed. This is not where you buy a Coldplay album.<br />
<br />
For collectors, a record show is a great way to spend a Saturday morning: rubbing elbows with fellow fanatics, scouring each exhibitor’s table for some good vinyl to seal in a plastic bag, take home, and listen to once before you reseal the album and file it away. Maybe you’ll strike up a conversation with another patron about turntables, or whether diamond-tipped needles are worth the investment, or maybe you’ll end up trading some of your second and third copies of Beatles rarities for a signed Bowie long box.<br />
<br />
For retailers, a record show is a two day long ordeal, one that begins Friday morning and ends late Saturday night, often early Sunday morning.<br />
<br />
I remember working at the store on Friday, as the owner zipped around the warehouse collecting the items that he thought would attract the most attention and sell best in a show. Once he’d identified the merchandise, we started boxing everything up. So much cardboard. And those goddamned tape guns. Packing tape has a terrible smell that you only notice after spending a few hours packaging. Then the smell sticks with you forever. After all the boxes were taped shut, we’d load up a big Ford van with as much stuff as we could cram into the back. Then three of us would climb into the beast and hit the road. The owner drove, another guy rode up front, and I’d wedge myself into the single bench seat for a long ride.<br />
<br />
On one weekend, we headed to Monroeville, a town east of Pittsburgh in western Pennsylvania. From the record shop, it was a four hour drive to Monroeville. We’d make it there in about three, thanks to the white knuckling of a madman at the wheel. The record show’s location: Al Monzo’s Palace Inn.<br />
<br />
Keep in mind, this was thirty years ago. The memories of this place have blurred, and I can’t remember much of anything about it any more. But I remember one thing: the shower was made for pygmies. Like, the shower head was permanently fixed at shoulder height.<br />
<br />
How awful to remember a place by such a strange detail. The Palace Inn has long since closed its doors.<br />
<br />
You’d sleep for a few hours, but you were up early on Saturday to unload the van and set up your tables and pegboards. The show starts early, so you’d need to be up a few hours ahead of time to grab a bagel and a coffee before the crowd appeared. It was a blur.<br />
<br />
It’s still a blur. I can’t remember anymore. Thirty years. Al Monzo’s Palace Inn, <i>Home of the Pygmy Showers</i>.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-732843586877603162019-09-19T23:15:00.001-04:002019-09-19T23:15:03.500-04:00Notes from the Field: Debug is for DebuggingI often hear system administrators say that logging is both the best and worst part of IT. They rely on the information provided by logged data, but dislike the overhead that typically comes as part of the package: you have to store the logs somewhere, and with enough systems and enough time, you end up with more logs than you know what to do with.<div>
<br /></div>
<div>
In many cases, sysadmins will approach this problem by tuning the logs. This is most often accomplished by changing the logging levels from their default (this is typically INFO) to something a little more discerning, like WARN. (If you're feeling a little lost at this point, read through this documentation on <a href="https://logging.apache.org/log4j/2.x/manual/customloglevels.html" target="_blank">Log4j Custom Log Levels</a>). The impact of this change is that the system generating the logs will restrict the events that it sends across the wire (in the case of a remote syslog solution) or to a local file (in the case of application logs). In both cases, you end up conserving resources, either network or disk. You'll still get diagnostic information that can help understand why a system is malfunctioning, just not at the detailed level provided by INFO.</div>
<div>
<br /></div>
<div>
But if you take a step in the other direction, you can inflict serious damage to your application or server's performance. How, you ask? By enabling DEBUG level logging.</div>
<div>
<br /></div>
<div>
Often, developers will set logging to debug when they're, you know, debugging. This is a pretty logical set up, and is almost exclusive to the world of non-production. Set to debug, test, break stuff, fix it, test, and turn off debug. It's cool, that's why debug facilities are built into application frameworks.</div>
<div>
<br /></div>
<div>
However, a single "log-level=debug" in a configuration file and throw your whole systems into chaos.</div>
<div>
<br /></div>
<div>
Take Apache Tomcat, for example. When you enable debug logging for a production application, well, just read this statement from Apache's <a href="https://tomcat.apache.org/tomcat-8.5-doc/logging.html" target="_blank">documentation</a>:</div>
<blockquote class="tr_bq">
When enabling debug logging it is recommended that it is enabled for the narrowest possible scope as debug logging can generate large amounts of information.</blockquote>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHllhWiPBpstTnz7k-8HMUNJ8us7ZLGWsyDx9wUIGR32sHJd_G_yOOwUaVcgvlBbEIxcInR6MT7zuiNz9xKTfjPqZVfz5Etp3VSCx5-a9sFn0NhiCMEALWaZBGmjvL-ztKwQHLZMcuPEY/s1600/logs.gif" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="320" data-original-width="640" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHllhWiPBpstTnz7k-8HMUNJ8us7ZLGWsyDx9wUIGR32sHJd_G_yOOwUaVcgvlBbEIxcInR6MT7zuiNz9xKTfjPqZVfz5Etp3VSCx5-a9sFn0NhiCMEALWaZBGmjvL-ztKwQHLZMcuPEY/s320/logs.gif" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">No, you don't need all this information bruh.</td></tr>
</tbody></table>
What they don't tell you is exactly what that means. It means a single site with fewer than 100 users <br />
can generate 4GB of log data in a matter of hours. The I/O alone required to write to a log file that garrulous can bring a server to its knees, and can slow down Apache's ability to serve even static pages. And since many applications, especially those from the open-source community built to run on Windows, log to text files, you can be sure that if you're accustomed to using notepad to review log files, you're going to have a bad time with a 4GB .txt file with constant I/O.<br />
<br />
(Incidentally, if you need a way to pull data out of a large file like that, PowerShell is your answer. You can open up a PS shell and do a <span style="font-family: Courier New, Courier, monospace;">get-content -file c:\temp\bigasslogfile.txt -tail 1000 | out-file -path c:\temp\smallasslogfile.txt</span> and you're good to go. You'll get a smaller file that notepad can handle with the 1000 most recent lines, which is typically enough to get a sense for what's going on.)<br />
<br />
Anyway, this is a reminder that debugging is for debugging. Don't do it in production, and if you must, be very careful not to overwhelm your network or disk subsystem with excessive logging.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-13928910161645628722019-09-04T07:32:00.000-04:002020-04-17T23:05:02.879-04:00glacial recognitionin the darkness, i squint without my glasses to see the contours of the<br />
snow-covered mountains, still, glacial, faintly respiring,<br />
the glow of your iPhone casting northern lights on the still-unpainted wall.<br />
<br />
in the unflinching range, it is:<br />
<br />
dark<br />
silent<br />
quiet<br />
motionless<br />
eternal<br />
cold<br />
buried and left.<br />
<br />
i understand now this is a sight to be admired from afar,<br />
like a forest of saguaros. the cactus only wanted to be held.<br />
<br />
i think: spend less time with the microscope.<br />
i think: spend more time with the telescope.<br />
<br />
lakes of warm water sigh below but offer no reflections of<br />
the vast range,<br />
constrained by a queen.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-19766845663024318782019-07-29T10:00:00.003-04:002019-07-29T15:19:47.595-04:00No VAMI after vCSA UpdateIt happens. Upgrades go south. Even tried and true updates like those VMware releases for the vCenter Server Appliance suffer from the occasional bomb.<br />
<br />
Last week, as I was applying the latest security patches to a quartet of virtual appliances that were previously running 6.5.0.30000, I ran into a strange issue. The update to 6.5.0.30100 ran without a hitch on my PSC, but it failed on my vCSA appliance. The progress window disappeared from view, and after 10 minutes of patiently waiting, I took the plunge and rebooted the VM.<br />
<br />
Yes, it's possible that I interrupted something important with that reboot. But in all of the updates I've pushed out over the years, it's not common for the progress window to just go away and not provide any feedback on the status of the update operation.<br />
<br />
After the reboot, vCenter was up and running ok, albeit on the .30000 version. After doing some checks to make sure I didn't need to revert to a snapshot (always take a snapshot), I decided to log back into the VAMI and try it again.<br />
<br />
Except the VAMI was down.<br />
<br />
Some head-scratching ensued. But after a few minutes of panic, I realized that it's an easy fix. Here's what to do:<br />
<ol>
<li>Log into your virtual appliance's console (easy to do if vCenter is still functional. If not, just log into the host directly. Good reminder that you should record the hostname for your vCSA before you start this type of task.)</li>
<li>The process that is responsible for that nice VAMI interface is named vami-lighttp. It's probably not running, which you can confirm with a quick <span style="font-family: "courier new" , "courier" , monospace;">ps -ef | grep vami-lighttp</span>.</li>
<li>Start the process by issuing this command: <span style="font-family: "courier new" , "courier" , monospace;">/etc/init.d/vami-lighttp start</span>.</li>
<li>Verify that your VAMI is back online.</li>
</ol>
<div>
Now you can log back into the VAMI and re-run that update.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-79554314367030997432019-07-05T09:16:00.000-04:002019-07-05T09:16:19.370-04:00It Only Gets Worse When You Try To Make It BetterI have realistic expectations, I say.<br />
It's something I blurt out to ease the tension.<br />
These are delicate matters, he says.<br />
<br />
He opens a small tool pouch and selects a metallic instrument.<br />
It's not a scalpel. But it looks like it is.<br />
He approaches.<br />
<br />
Nevermind the century-old exterior, he says. There's only so much that can be done.<br />
He says something else, but I'm already gone, trying to add detail to a memory<br />
of being a child and listening to the ballgame on a radio.<br />
<br />
It's summer, and there are no seedless watermelons.<br />
Everyone is drinking ginger ale.<br />
<br />
And it's hot. The mimosa trees were cut down, so there's no shade, only a jagged shadow that the limbless trunk of a dead oak casts near the well cover.<br />
<br />
I'm brought back when he says to use warm water and dish soap on a soft cloth.<br />
Be gentle with the ivory.<br />
<br />
When the time comes, throw it into the landfill and don't think about it again.<br />
<br />
The dispassion of it all is routine.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-21221933768603397312019-03-20T10:13:00.000-04:002019-03-20T11:15:07.273-04:00Bias to Action<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg99d4k_YbXo-lLUd-B-Pc1TKbNoXC2TdXKt6Z-Mt5FJeibFk887_Or1AM-w5bUhl3c0Z3ewm2OqbDNg0WKqqM54t3kkcmyiRz_fXepT2QQZr-jHXAgoEUohxaJ2y3oCPMpo4G1cyjgaMY/s1600/fullsizeoutput_67c2.jpeg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1600" data-original-width="1200" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg99d4k_YbXo-lLUd-B-Pc1TKbNoXC2TdXKt6Z-Mt5FJeibFk887_Or1AM-w5bUhl3c0Z3ewm2OqbDNg0WKqqM54t3kkcmyiRz_fXepT2QQZr-jHXAgoEUohxaJ2y3oCPMpo4G1cyjgaMY/s320/fullsizeoutput_67c2.jpeg" width="240" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Prototyping in progress!</td></tr>
</tbody></table>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="-webkit-text-stroke-width: initial; font-family: inherit;">I’ve always wanted to teach. One of my favorite memories from my youth is that of teaching art classes to kids in 5th grade as part of my senior studio class in high school. I like the planning that goes into a good lesson, and the unplanned opportunities to connect with students as they learn something new. I know it’s a mild case of over-simplifying the demands on a full-time teacher given that I’ve only spent a day or two here and there teaching anything to anyone. But still, those rare occasions gave me more joy than two decades in IT.</span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">Recently I took a turn teaching engineering to a group of students at my local homeschool co-op. It was the second of two classes I taught this semester: the first lesson was based on circuit design using the wonderful and inspiring materials from <a href="https://chibitronics.com/"><span style="-webkit-font-kerning: none;">Chibitronics</span></a>. The creative folks behind Chibitronics have merged technology with art, and have been around since the maker wave began earlier this decade. It’s cool stuff, and if you’ve got kids, you should look into their kits and create something amazing.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">The second class was something different. I spent some time reading a lesson plan from Stanford d.school on the concept of a “bias to action.” You can read the whole lesson plan <a href="https://dschool-old.stanford.edu/groups/k12/wiki/c6410/Spaghetti__Marshmallow_Exercise.html"><span style="-webkit-font-kerning: none;">here</span></a>. A summary of the lesson: the class forms groups of a few students each and use dry spaghetti and marshmallows to construct a tower. (In the lesson plan, they also include a length of tape and string, but I skipped that part to simplify the work.) Before anyone gets started, you talk briefly about a few important concepts: <i>prototyping</i>, <i>failing fast</i>, <i>iteration</i>, and the <i>bias to action</i>.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<h3>
<span style="font-family: inherit;">Prototyping</span></h3>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">Prototyping is something that we don’t consider often in the infrastructure ops field, but the movement towards Infrastructure as Code promises to change that. We should build prototypes of scripts to deploy systems, of templates used to build applications, and of patterns to support web scale products. And we should hope that the prototypes fail, which leads us to the next concept: failing fast.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<h3>
<span style="font-kerning: none;"><span style="font-family: inherit;">Failing Fast</span></span></h3>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">Failing fast means you learn as soon as possible whether your proposed solution is going to work out or not. If your tower prototype collapses before your second floor is built, then you know that your foundation needs more work. You’d much rather the tower fall with two floors than ten. You prototype, fail fast to learn what didn’t work, and iterate.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<h3>
<span style="font-kerning: none;"><span style="font-family: inherit;">Iteration</span></span></h3>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">To iterate means to try again, but with the knowledge of your previous attempts (failures). Each iteration should be an improvement on your previous design. And the process repeats until you’ve developed a good solution (or in this case, a towering construction of carbohydrates). The improvement can be subtle; you're not going for a 1.0 to 2.0 release. You're looking for a 1.01a.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<h3>
<span style="font-kerning: none;"><span style="font-family: inherit;">Bias to Action</span></span></h3>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">So what’s the bias to action? That was the only bit that was new to me, too. And now that I’ve learned what it is, I find myself applying it to work ALL. THE. TIME. (Sorry co-workers, and get used to it.)</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal; min-height: 12px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">A <a href="https://dschool-old.stanford.edu/groups/k12/wiki/548fb/bias_toward_action.html" target="_blank">bias to action</a> is the tendency of an individual or group to try doing something instead of over-thinking or over-planning. It’s not a license to be reckless; it’s an approach designed to acquire empirical data quickly for the purposes of iterating on your design. An extreme counter-example would be to spend a year planning on building a 100-story tower, and then watching it fall when you build that second floor. You’ve just invested a year’s worth of time on a design that, had you prototyped it early on, would have failed fast and provided feedback for your iteration.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;">In other words, it's a "let's try it and see what happens" approach.</span></span></div>
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="font-kerning: none;"><span style="font-family: inherit;"><br /></span></span></div>
<br />
<div style="-webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; font-stretch: normal; line-height: normal;">
<span style="-webkit-font-kerning: none;"><span style="font-family: inherit;">So now I’ve got a phrase to describe how we should all approach our work. Through prototyping, failing fast, iterating, and a bias to action, we can modernize any infrastructure operation.</span></span></div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-90621653501426815822018-12-27T07:46:00.001-05:002018-12-27T07:46:11.279-05:00Back to Basics: Making nslookup more usefulAs we forge ahead in to a brave new world or AI, ML, and AR, it's helpful to occasionally step back and consider some basic information technology skills that we should all possess. These are foundational skills that demonstrate functional understanding of IT principles. This post deals with one of the most basic tools in the administrator's kit: <span style="font-family: "courier new" , "courier" , monospace;"><a href="https://en.wikipedia.org/wiki/Nslookup" target="_blank">nslookup</a></span>.<br />
<br />
<h3>
DNS is Everything</h3>
Thanks to DNS, we address our systems, sites, and services with human-reabable text. Without DNS, we'd be forced to recall the IP address of each system we want to connect with. Sure, you can probably memorize a few dozen /24s, but it's not practical to live without DNS. And it's always a reasonable suggestion to, when things on your network just went belly-up, check DNS. Because <a href="https://nixcraft.tumblr.com/post/154455652967/a-haiku-about-dns-sysadmin-will-understand-this" target="_blank">it's <i>always</i> DNS</a>.<br />
<br />
If <span style="font-family: "courier new" , "courier" , monospace;">ping</span> is the first command junior IT admins learn, <span style="font-family: "courier new" , "courier" , monospace;">nslookup</span> is a close second. And just like most IT admins are content to <span style="font-family: "courier new" , "courier" , monospace;">ping</span> hostnames and IPs without ever looking into the richness of the command's syntax, <span style="font-family: "courier new" , "courier" , monospace;">nslookup</span>'s best tricks are reserved for those who want more from their query than a simple hostname or IP.<br />
<br />
Before we get any farther, I'll note that for a short time <span style="font-family: "courier new" , "courier" , monospace;">nslookup</span> was a <a href="http://blog.smalleycreative.com/linux/nslookup-is-dead-long-live-dig-and-host/" target="_blank">deprecated utility</a>. But the ISC reversed its course in 2004 and agreed to let nslookup soldier on. (Note change 1700 in the CHANGES log on the <a href="https://lists.isc.org/pipermail/bind-announce/2004-September/000155.html" target="_blank">BIND 9.3 release page</a>, which contains the all-business text that saved nslookup: <span style="background-color: white; white-space: pre-wrap;">nslookup is no longer to be treated as deprecated. </span><span style="background-color: white; white-space: pre-wrap;">Remove "deprecated" warning message. Add man page.).</span>That's why you'll find it on every modern OS to this day (see <a href="https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/nslookup" target="_blank">this link</a> for Microsoft's latest info on nslookup in Windows).<br />
<br />
<h3>
nslookup vs. dig</h3>
For starters, comparing these two utilities is like comparing an abacus to a TI-81: you wouldn't ever expect an abacus to produce a graph of the sine function. The same is true for nslookup: you wouldn't expect it to return a vast amount of information regarding a single host. dig is great at that.<br />
<br />
But if you use Windows at work, and don't have access to dig, you can add a simple switch to your nslookup queries to make it return a wealth of dig-like responses for the most innocuous request.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
The secret is to append -debug to your nslookup queries (if you're a one-at-at-time nslookup-er), or enter the nslookup utility with -debug for extended DNS query sessions. Instead of returning simple IP information for your hostname queries, nslookup will now return a whole host of information. That's a DNS joke. Yes, I'm sorry.<br />
<br />
Making sense of this information will be covered in the next post in this series. In the meantime, nslookup -debug away!Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-20758769328053120692018-06-20T09:28:00.001-04:002018-06-20T09:28:55.603-04:00vmkping Error: Unknown InterfaceIn the middle of troubleshooting an issue with vMotion traffic failing, I ran into an annoying issue with vmkping: attempting to specify certain vmkernel interfaces as the traffic source would throw an error like the one below.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXCCjuxE7usfvm1BMBghQT1BzzhpMLJyKpGoUBOm5egfDycUiDvRgSO1w4HA2IXfoEK5NCF0t_7z8Gp8tpXagYPkX4LStCQIBpY7JBpsmwbEw-pMsiU1Ms8_5Ddao-YzG0IMKe6lAGLa0/s1600/Capture.PNG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="297" data-original-width="646" height="147" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXCCjuxE7usfvm1BMBghQT1BzzhpMLJyKpGoUBOm5egfDycUiDvRgSO1w4HA2IXfoEK5NCF0t_7z8Gp8tpXagYPkX4LStCQIBpY7JBpsmwbEw-pMsiU1Ms8_5Ddao-YzG0IMKe6lAGLa0/s320/Capture.PNG" width="320" /></a></div>
<br />
What's annoying about this is vmk4 is not unknown. It's tagged for vMotion traffic.<br />
<br />
After some googling, I learned that using a poorly-documented argument will allow vmkping to work properly. If you've run into this issue, add <span style="font-family: Courier New, Courier, monospace;">++netstack=vmotion</span> to your vmkping command. You'll get the results you were expecting the first time around.<br />
<br />
Incidentally, if you've ever posted screenshots of your ESXi host's ssh session and blurred out the hostname for SECURITY purposes: don't do that. Instead, change the prompt by modifying /etc/profile.local. William Lam has a years-old post <a href="https://www.virtuallyghetto.com/2013/07/quick-tip-how-to-change-esxi-ssh-prompt.html" target="_blank">here </a>(note that what he suggested years ago has been implemented as default config). Much cleaner presentation this way.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-91862315727673584862018-01-24T23:02:00.002-05:002018-01-24T23:02:47.396-05:00UCS Manager: Failed to Split Certificate ChainSo now that we're in the era of turn-everything-into-a-web-app management, you're spending time with the shiny new HTML5 UCS Manager application. We've come so far from the early days of UCS, 1.x and early 2.x releases that felt like .01alphas. If you suffered the indignities of the java-based version, I feel you. Those were dark times.<br />
<div>
<br /></div>
<div>
The HTML5 interface is a sight for sore eyes. And if you're using <a href="https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/release/notes/CiscoUCSManager-RB-3-1.html" target="_blank">3.1(3b)</a> as you should be (I started this post a long time ago, apparently), you've got a stable, responsive environment in which to create and apply policy to your servers. I'd never call managing anything in IT "fun," but managing things in UCS Manager is at least not "not fun." High praise, I know.</div>
<div>
<br /></div>
<div>
But you hate that it's using a self-signed cert. You have a CA (or at least you have access to one) and you'd like to issue a trusted cert to make Chrome and Firefox and modern browsers of all sorts stfu about missing subjectAltNames. So you set about the process of requesting a new certificate, and then you try to import the cert into UCS Manager. You set up a Trusted Point, copy the certificate chain into the too-too-tiny window, and save. So far, so good. But when you paste in your cert and associate it with the Trusted Point, you get an error complaining about not being able to split the certificate chain. It looks like this.</div>
<div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj03RINMmtjahmSuTbyBiCYf6kWDTdqoSfRYfrPK92aEsQklXW-ff0n3bN1NkpEEx4GsjagEGO0l2iDodJUzJXC4M0o2Hm6Yb2BwFhvkROqcZiKu1Sm6YN0o8YZEfR4mjA-A_6w7_22HAI/s1600/trusted_point_error.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="163" data-original-width="433" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj03RINMmtjahmSuTbyBiCYf6kWDTdqoSfRYfrPK92aEsQklXW-ff0n3bN1NkpEEx4GsjagEGO0l2iDodJUzJXC4M0o2Hm6Yb2BwFhvkROqcZiKu1Sm6YN0o8YZEfR4mjA-A_6w7_22HAI/s320/trusted_point_error.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">No SSL for you!</td></tr>
</tbody></table>
<br /></div>
<div>
Sometimes, this issue is easily solved by making sure that you've included the full certificate chain in your trusted point config. And since it's not obvious what you're supposed to do there, here's a tip: you have to copy and paste your certs into the same window.<br />
<br />
But here's the rub: if you are certain you've correctly imported your cert chain and you're still getting errors about splitting the certificate chain, it's because you failed to fill in the Subject: field in your CSR. Trust me.<br />
<br />
Historically, subjectAlternativeNames have been optional, or rather, optionally implemented. The notion of a subjectAlternativeName has been around for decades, but it wasn't until last year when <a href="https://productforums.google.com/forum/#!topic/chrome/-19ZxwjaCjw" target="_blank">browser developers started requiring a sAN</a> to avoid the dreaded SECURITY WARNING message that <a href="http://www.slate.com/articles/technology/future_tense/2015/02/ssl_warnings_users_ignore_them_can_we_fix_that.html" target="_blank">we've all learned to subconsciously ignore</a>. And by browser developers, I mean Google, makers of Chrome, the browser we fell in love with a decade ago and now hate as much as we hated IE4 when it killed Netscape Navigator.<br />
<br />
But back to the point: you're getting this error because you didn't include a subjectAlternativeName in your certificate. So just go back and generate a new CSR from UCSM with the "Subject" field populated with the FQDN of your UCSM, and send that to your certificate authority. Then copy and paste the new cert, bask in the glory of a successful import, and browse to UCSM error-free, even from Chrome.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-68756993184326406702018-01-22T14:37:00.002-05:002018-01-22T14:37:32.051-05:00So about that #spectre patch...One unintended consequence of the government shutdown is the drowning out of all non-shutdown-related news. Lost in all of the noise of brinksmanship and idiotic wall-building is some pretty fascinating tech news, with particular regard to everyone's favorite first order vulnerabilities: spectre and meltdown.<br />
<br />
You'll recall that speculative execution, a feature of modern microprocessors, was recently identified as exploitable in such as way as to leak memory from a system. And to make matters worse, it's possible to leak memory between VMs and between VMs and their hosts. While currently demonstrated techniques require local admin access, it's certainly possible to use other attack vectors to get root, then attack the processor. Good times.<br />
<br />
VMware was quick to respond to the threat by issuing several security advisories, but most importantly this one: <a href="https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html" target="_blank">VMSA-2018-0004</a>. vSphere admins everywhere began the routine process of deploying patches to their hosts, updating vCenter, and making sure that all VMs were running hardware version 9 or later.<br />
<br />
But over the weekend, VMware made a minor edit to this security advisory. And by minor, I mean a huge update that should make you put the brakes on remediation efforts. From the <a href="https://kb.vmware.com/s/article/52345" target="_blank">updated KB</a>, here's the important bit:<br />
<br />
<blockquote class="tr_bq">
<span style="background-color: white; color: rgba(77 , 76 , 76 , 0.901961); font-family: "arial" , "helvetica" , sans-serif , "bitstream vera sans"; font-size: 12px;">Intel has notified VMware of recent sightings that may affect some of the initial microcode patches that provide the speculative execution control mechanism for a number of Intel Haswell and Broadwell processors. The issue can occur when the speculative execution control is actually used within a virtual machine by a patched OS.</span></blockquote>
You're probably wondering what the hell a "sighting" is after reading this. Short version: it's what Intel calls an issue with a processor that has been reported not just in their internal testing, but in a customer environment in the field. In other words, this is not a theoretical issue. It's an observed fact.<br />
<br />
Of course, the VMware KB is lacking in details on what effect this issue has on running virtual machines. If VMware is taking the bold step of removing the speculative execution protection patches from the VUM download source, I'll assume the effect is bad. We're doing some testing to determine what exactly happens when a guest OS attempts to use the protections provided by these VMware patches. I'll update the post with the results of our testing.<br />
<br />
To VMware's credit, they're reacting to these security events as quickly as possible, and they're being transparent about their progress.<br />
<br />
So in the meantime, if you've already deployed the update to your hosts (and your hosts have CPUs listed in the KB, which appears to list most CPUs in use today), you'll want to follow the instructions in the <a href="https://kb.vmware.com/s/article/52345" target="_blank">KB</a> to implement corrective action to each host. Just do yourself a favor: carefully read the bullets following the config change. The devil is in the details.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-24970614414844024272018-01-21T11:51:00.000-05:002018-01-22T10:43:35.793-05:00Executive Speculation on the Speculative Execution SituationSecurity issues that are resolved via the installation of a single patch are easy mode in a few regards: they're easy to fix, and they're easy to measure. How many times have you heard your CIO ask, "What percent complete are we for <insert cool vulnerability name here>?" That's because executives love metrics, and patch installations are easily quantifiable:<br />
<div>
<br />
<ul>
<li>How many systems do we have?</li>
<li>How many systems are vulnerable?</li>
<li>How many systems are fully patched?</li>
<li>How many systems need to be patched?</li>
</ul>
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhanuQBZ835IsveSRbPTV4gqOVBrbahS1t6PaGMQmxjDGNYaaT98rnCDNewVxUkndd6yaF8r-jouSJEhzpyCaPBK_qyVkHXYJhc4tSyaIZNi1rsuwsoAJuAPn2ZRQWkj2HLaVscyhAx9dc/s1600/Screen+Shot+2018-01-21+at+10.49.05.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="558" data-original-width="901" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhanuQBZ835IsveSRbPTV4gqOVBrbahS1t6PaGMQmxjDGNYaaT98rnCDNewVxUkndd6yaF8r-jouSJEhzpyCaPBK_qyVkHXYJhc4tSyaIZNi1rsuwsoAJuAPn2ZRQWkj2HLaVscyhAx9dc/s320/Screen+Shot+2018-01-21+at+10.49.05.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Execs <i>love</i> 3D pie charts.</td></tr>
</tbody></table>
You can be sure that once the exec collects these data points, a shiny new pie chart will be willed into existence and cut and pasted into a PowerPoint presentation concerning incident response. Then you'll enter the measuring progress phase of remediation, in which each morning these four data points are updated and the pie chart is refreshed.<br />
<br />
Remediations for #spectre and #meltdown, however, are not so primitive. For modern on-prem environments, you can count on applying complex, interdependent remediations to each layer of your stack, from the server hardware you rely on (in the form of microcode and/or firmware updates), to the hypervisor you trust (in the form of host and management server patches and updates), to the virtual machines that migrate throughout your data center (in the form of vm version upgrades (yeah, you're not the only one with VMs using version 4 in your production environment), to the guest operating systems (in the form of patches to the OS), to the anti-virus applications running within those guest operating systems (in the form of compatibility assurances inserted in the Windows Server registry). Once all of these mitigations are in place, then you've fully addressed the vulnerability (at least as of the end of January 2018).<br />
<br />
Many of these steps require planned downtime. Some of these steps are dependent upon others; surely by now you've read that <a href="https://krebsonsecurity.com/2018/01/microsofts-jan-2018-patch-tuesday-lowdown/" target="_blank">applying updates to Windows without having a compatible anti-virus solution has a nasty habit of breaking Windows in the form of the dreaded BSoD</a>. A few intrepid admins inserted the required "<a href="https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software" target="_blank">QualityCompat</a>" key to the registry of a server that lacked a validated av solution with mixed results.<br />
<br />
Undeniably, implementing safeguards for spectre and meltdown are not easily captured in a 3D pie chart. Such a chart would be visually cluttered and would immediately lose its intended audience who wishes to see, in clear, clean, coordinated, contrasting colors, the state of remediation.<br />
<br />
The result of the difficulty in measuring speculative execution remediation activities is this: no one measures speculative execution remediation activities, which translates to not a whole lot of attention being paid at the executive level. Sure, the technologists of the world are frantically updating and patching and running <a href="https://gallery.technet.microsoft.com/scriptcenter/Speculation-Control-e36f0050" target="_blank">PowerShell scripts to validate the state of protection</a>. But the flurry of activity is confined to the lowest layers of the org chart. <a href="https://en.wiktionary.org/wiki/bikeshedding" target="_blank">Bikeshedding</a> is alive and well in the enterprise.<br />
<br />
Infrastructure, dear friends, is important. I suspect that as we've moved from client-server to virtualization to cloud, we've abstracted ourselves far away from the hardware that makes IT possible. Some vendors even proclaim that infrastructure should be invisible. And while I understand the intent of such a provocative statement, I believe it has been interpreted as "infrastructure should be ignored."<br />
<br />
This is a risky ideology to employ in the data center, to be certain.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-47096682776567072222017-12-07T14:43:00.003-05:002017-12-07T14:43:41.824-05:00unrelated.<div class="separator" style="clear: both; text-align: left;">
Finally, someone has noticed that I run a nice blog. And that someone is very persistent, and spams me on a regular basis with the same request: insert a marketing message in one of my existing posts. For money.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
It's a novel concept.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Sadly, I basically don't give a fuck whether some hosting company thinks my blog is "nice." My blog is many things, but nice it is not. For example, I've already used the word fuck twice in this paragraph alone. Jesus.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
I enjoy writing. I do it for cash sometimes, sure. But most often I write for a creative escape from work. And these days, I rarely blog due to ever-shifting priorities in my life. Maintaining this blog falls squarely into the "as time permits" category. Time rarely permits.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
It's the last weeks of fall. Most of our trees are bare, but the Japanese maple procrastinates just another week or two. It's so cold that the cat runs out in the pre-dawn quiet only to stop in his tracks and reconsider whether it's worth it to be outside. An old cat in the cold. The wren's nest in the garage. Frost on the pachysandra. My daughter's joy at seeing an inflatable Olaf from Home Depot.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Sorry, what was the question?</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiidG1lYF8yPAZPVzR2MMws_HZSBk2jD5QA4YLztX9PThZHTwZBEE4otz3fzxPGMIZzdRn7NfuGqsRccht7A5yohnWxq_GABJv9ULWZQRel48P_6ZMdM8eYh3Da1Hezhytl01yj081xzjg/s1600/Screen+Shot+2017-12-07+at+2.30.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="455" data-original-width="916" height="316" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiidG1lYF8yPAZPVzR2MMws_HZSBk2jD5QA4YLztX9PThZHTwZBEE4otz3fzxPGMIZzdRn7NfuGqsRccht7A5yohnWxq_GABJv9ULWZQRel48P_6ZMdM8eYh3Da1Hezhytl01yj081xzjg/s640/Screen+Shot+2017-12-07+at+2.30.36+PM.png" width="640" /></a></div>
<br />Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-62489539011899415592017-11-02T07:03:00.001-04:002017-11-02T07:03:37.625-04:00Giving Up on TwitterI've been on the fence about this for a while now, and it's finally time: I'm giving up on Twitter.<br />
<br />
I've written about my growing dissatisfaction with the service in the past, notably when they switched the icon for favorites from <a href="https://www.eager0.com/2015/11/meaning.html">stars to hearts</a>. That still bothers me. I deleted my first account a few days before the election, when Twitter's cesspool of vile neck-vomit reached its apex. And a few months into my second account, I'm hanging it up for good.<br />
<br />
Because of this:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8SxO9W3MlwL6HsNIb2pjO4AOZlQWwFeT4DQ1fI4MRQ7bxnPjaNCGgGnBku7q8wm5hKwrzEHeXZHd8BrbQf5ii-hxFdeKjG4huQdoiRm7ZFY0Wdc7pnjO6mviRWVh9lX0uVtc-PxrGYTQ/s1600/Screen+Shot+2017-10-26+at+6.17.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="687" data-original-width="555" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8SxO9W3MlwL6HsNIb2pjO4AOZlQWwFeT4DQ1fI4MRQ7bxnPjaNCGgGnBku7q8wm5hKwrzEHeXZHd8BrbQf5ii-hxFdeKjG4huQdoiRm7ZFY0Wdc7pnjO6mviRWVh9lX0uVtc-PxrGYTQ/s640/Screen+Shot+2017-10-26+at+6.17.37+PM.png" width="516" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
To give you an idea what happened, I changed my bio (as I had done many times in the past) to include a bad word. A really bad word. A word so bad that I won't repeat it here. Just kidding.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="" style="clear: both; text-align: left;">
The word was fuck.</div>
<div class="" style="clear: both; text-align: left;">
<br /></div>
<div class="" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUYiG2k3oKUTNu3d3jTB3e4NTzu7t8R55qUrULItTwgopgAzUZkd3CMg5x0ExpGO0zFtmvKxQqCyg_L-RH1o7HhJK417jqcbJFgSVdaYj9DxoIUVKsxQa_B1RnyY6M7e45rmzskZRY20U/s1600/Screen+Shot+2017-10-24+at+10.20.13+AM.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="70" data-original-width="478" height="46" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUYiG2k3oKUTNu3d3jTB3e4NTzu7t8R55qUrULItTwgopgAzUZkd3CMg5x0ExpGO0zFtmvKxQqCyg_L-RH1o7HhJK417jqcbJFgSVdaYj9DxoIUVKsxQa_B1RnyY6M7e45rmzskZRY20U/s320/Screen+Shot+2017-10-24+at+10.20.13+AM.png" width="320" /></a>Used in the following sentence: "it's probably not a good idea to put "who gives a fuck" as my bio, is it."</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="" style="clear: both; text-align: left;">
Which is funny, because I guess it's not?</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
So to put things in perspective: the President can use Twitter to threaten nuclear holocaust, faceless trolls can make threats of sexual violence, and anonymous hacker collectives can use the platform to extort their victims. That's all cool. But you put a single "fuck" in your bio, and Twitter refuses to accept your money for promoted tweets. Glad they are paying attention to the real problems with their platform.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
So good riddance once and for all. I'm convinced now, more than ever, that email is the best communications platform on the Internet.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8422145683246849555.post-60456525529166352162017-08-04T10:12:00.000-04:002017-12-07T14:44:31.133-05:00Editing for Charity!Let's try something different.<br />
<div>
<br /></div>
<div>
I often remark to others about how many, if not most, blog posts in the technical community are poorly-written heaps of primitive sentences and borrowed notions masquerading as original thought. And I make it a point to praise well-written blogs, because I believe in positive re-inforcement.</div>
<div>
<br /></div>
<div>
In other words, writing is hard. Most people are bad at it.</div>
<div>
<br /></div>
<div>
But it occurs to me that I'm guilty as well of dangling a participle or two, or even being bold enough to sloppily split infinitives.</div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://mrgray.id.au/wp-content/uploads/2008/12/red_pen_wrong.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="http://mrgray.id.au/wp-content/uploads/2008/12/red_pen_wrong.jpg" data-original-height="433" data-original-width="587" height="236" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Get your red pen ready.</td></tr>
</tbody></table>
<div>
<br /></div>
<div>
So, here's the rub of this post: I welcome you to read through any of the posts I've published over the last four years in search of egregious grammar goof-ups or plain ol' typos. <strike>If</strike> When you find one, you have a few options:</div>
<div>
<br /></div>
<div>
<ol>
<li>Post a comment describing the error</li>
<li><a href="mailto:mstump@gmail.com" target="_blank">Send me an email</a></li>
<li><a href="https://twitter.com/pmuts_" target="_blank">@ me on twitter</a> (even though I don't post <strike>anymore</strike> often, I still read my timeline)</li>
</ol>
<div>
Of the three options, I'd highly recommend the second. The goal of this post is not to drive up engagement, or to generate ad revenue (I don't put ads on my site anyway). The goal is a bit more charitable.</div>
</div>
<div>
<br /></div>
<div>
For each unique typo or mistake you find, I'll donate $5 to <a href="https://www.sarc-maryland.org/" target="_blank">SARC</a>, an amazing organization in Maryland that provides support to victims and survivors of domestic abuse. On the off-chance that this idea takes off, I'm placing a maximum of $1,000 on this campaign. As far as contests go, let's start this today (August 4, 2017) and wrap it up in 30 days (September 3, 2017).</div>
<div>
<br /></div>
<div>
So do your best and find my worst. I may argue usage errors with you, because I enjoy spirited debate. But a tie goes to the runner, so I'll relent when an impasse occurs.<br />
<br />
UPDATE: Zero interest. I donated anyway.</div>
Unknownnoreply@blogger.com