Month: November 2016

Geothermal Phase 1

We have heat! Well, we’ve had heat – when we were house shopping, fireplaces were a big thing to some people. Kind of a ‘whatever’ to me – not like I’d refuse to consider a house because of a fireplace, but I didn’t care if there was no fireplace either. The house we purchased has this Lopi Freedom Bay wood burning insert. More of a curiosity to me when we were house shopping, but it’s allowed us to make non-hasty decisions about HVAC equipment twice now. We got a super high end (and super expensive) air exchange heat pump in November of last year. It didn’t work well for us — 20kW of heat strips kicking in for a few months gets expensive. The service from the company that installed it, however, was right abysmal. Things we reported in November of 2015 were still unresolved during the summer of 2016. And, yeah, we could have been ringing them every day to force some action … but few of the issues were worth that level of effort. The thermostat software locks & the system is in the state is was at lockup (i.e. you wake up shivering in mid-summer because the AC has been running full-blast for hours). It reboots and works for another month or two. The air handler leaked. Until they patched it and our lower level got ten degrees warmer, I didn’t realize how MUCH it leaked. The list goes on. We’d bother them every month or two, sometimes get some action and sometimes not. The installer, though, had a one year 100% satisfaction guarantee. Without a bunch of fine print or conditions. Which, really, is why I was OK getting an air exchange heat pump from them.

On several levels, we were not satisfied. The company tried adding some conditions to their written guarantee after-the-fact, but they eventually relented and removed the system from our house and refunded the full contract price. They were not, however, able to restore us to the original condition … not that I wanted an old gas Trane with a cracked heat exchanger … but the circuit breakers and copper wire they pulled would have been nice. They were willing to leave the NEW circuit breakers and wiring in for the > 900$ line item from their bill. But, seriously, 200$ of stuff from Home Depot is not something for which I’m keen on paying near a grand.

Initially, I wasn’t sure how much more a geothermal system would cost … until we got some quotes and discovered that we could get a fully variable geothermal system for 500$ less than we payed for the air exchange heat pump. WOW! The configuration we chose ended up being 100$ more – we added an additional 200′ bore. Because it is going to take about three weeks before the drilling can commence, they installed the HVAC equipment without connecting it to the earth loops & set it up to run in emergency heat mode — which is essentially a really expensive 20kW electric heater. But it keeps us from freezing when the fire goes out overnight 🙂

Active Directory: Custom Password Filtering

At work, we’ve never used the “normal” way of changing Windows passwords. Historically, this is because computers were not members of the domain … so you couldn’t use Ctrl-Alt-Del to change your domain password. Now that computers are members of the domain, changing Active Directory passwords using an external method creates a lot of account lockouts. The Windows workstation is logged in using the old credentials, the password gets changed without it knowing (although you can use ctrl-alt-del, lock the workstation unlock with the new password and update the local workstation creds), and the workstation continues using the old credentials and locks the account.

This is incredibly disruptive to business, and quite a burden on the help desk … so we are going to hook the AD-initiated password changes and feed them into the Identity Management platform. Except … the password policies don’t match. But AD doesn’t know the policy on the other end … so the AD password gets changed and then the new password fails to be committed into the IDM system. And then the user gets locked out of something else because they keep trying to use their new password (and it isn’t like a user knows which directory is the back-end authentication source for a web app to use password n in AD and n-1 in DSEE).

long time ago, back when I knew some military IT folks who were migrating to Windows 2000 and needed to implement Rainbow series compliant passwords in AD – which was possible using a custom password filter. This meant a custom coded DLL that accepted or rejected the proposed password based on custom-coded rules. Never got into the code behind it – I just knew they would grab the DLL & how to register it on the domain controller.

This functionality was exactly what we needed — and Microsoft still has a provision to use a custom password filter. Now all we needed was, well, a custom password filter. The password rules prohibit the use of your user ID, your name, and a small set of words that are globally applied to all users. Microsoft’s passfilt.dll takes care of the first two — although with subtle differences from the IDM system’s rules. So my requirement became a custom password filter that prohibits passwords containing case insensitive substrings from a list of words.

I based my project on OpenPasswordFilter on GitHub — the source code prohibits exact string matches. Close, but not quite 🙂 I modified the program to check the proposed password for case insensitive substrings. I also changed the application binding to localhost from all IP address since there’s no need for the program to be accessed from outside the box. For troubleshooting purposes, I removed the requirement that the binary be run as a service and instead allowed it to be run from a command prompt or as a service.  I’m still adding some more robust error handling, but we’re ready to test! I’ve asked them to baseline changing passwords without the custom filter, using a custom filter that has the banned word list hard coded into the binary, and using a custom filter that sources its banned words list from a text file. Hopefully we’ll find there isn’t a significant increase in the time it takes a user to change their password.

My updated code is available at http://lisa.rushworth.us/OpenPasswordFilter-Edited.zip

 

Pumpkin Pie Recipe

We made some pumpkin pies yesterday – one of which is for Anya’s preschool “Feast”. I wanted a lightly sweetened, creamy, pumpkin pie. The recipe makes two *deep* dish pies (the Emile Henry ruffled pie plate)

Ingredients – Pie:

58 oz tinned pumpkin puree

36 oz whole milk, simmered down to half

4 oz cream

6 eggs

9 T Penzey’s pumpkin pie spice

1/4 cup blackstrap molasses

Incredients – Crust:

16 oz gingersnap cookies (make sure they are good gingersnaps)

1/2 cup (1 stick) butter

2 T flour

2 T sugar

Ingredients – Apple Caramel:

2 cups apple cider

Method: Preheat oven to 425.

Making the pie crust – run the ginger snaps through a food processor to make a sandy powder. Mix in the flour and sugar. Melt the butter and add to the crumbs. Make sure the mixture is moist enough to compress into a crust. If it isn’t add another tablespoon of butter. Press the mixture along the bottom and sides of the pie plates. Bake crust at 425 for five minutes, then set aside to cool while you mix the pumpkin filling.

Making the pie – Combine the milk, cream, and eggs and whip together. Whip in the spices and molasses. Fold this into the pumpkin puree. Gently transfer the pumpkin mixture into the cooled pie crusts. Bake for fifteen minutes, then lower the oven temperature to 350 and bake for 50 minutes. Remove pies from oven and allow to cool for several hours (if you pierce the pie to test it, it is apt to crack … I made two pies so I was able to test one and have an un-cracked pie for the party).

Making the Apple Caramel – Put apple cider into a pan on high heat. Boil, stirring constantly, until it is almost all evaporated and very foamy. Remove from burner and let it sit a few minutes to cool. It will thicken as it cools.

Pipelines And Registries

A few weeks ago, requests to “check in” around the Standing Rock protest was circulating Facebook. It presupposes that one shares such information with strangers – perhaps that is the norm. It also presupposes that law enforcement peruses those check-ins. The whole thing reminded me of a discussion of ghosts that I had whilst touring the Bryn Mawr College campus — the student with whom I was walking casually crossed the street, pointed to a house a few houses down on the side of the street that we had been strolling down, and mentioned that the house is supposed to be haunted. Of course, she continued, being a worldy University student she didn’t believe in such things. Just the same, it  didn’t actually take effort to walk down the other side of the street … worst case you did something for no reason, best case you avoided the ghosts.

Checking in at Standing Rock sounded pretty much the same to me – didn’t cost me anything, aside from potentially confusing someone who saw my location it didn’t harm anything … may have been a pointless action, or maybe it stopped police from being able to use social media data to research protesters.

I keep seeing a Muslim registry being suggested — in seriousness, not in the Godwin’s Law / serial numbers tattooed on arms sort of way. I wonder how many people who are willing to check-in at Standing Rock would also be willing to volunteer for the additional scrutiny that I’m sure membership in the Muslim registry gets you. The efficacy of the registry is a question of resource allocation  — if a few thousand people register nationwide (say, Imams who are already well known), then the resources involved in making their lives miserable are relatively few. If half of the country registers as Muslim … either our new government will solve unemployment (double the national debt in the process, but who cares about a debt ceiling when it’s your party doing the spending?) by hiring a few million people to monitor self-professed Muslims or “additional scrutiny” becomes an increased probability in the IRS audit flag algorithm.

Art Smock

I am about halfway through constructing Anya’s art smock using the pattern I found on thediymommy.com.  I had quite a bit of the laminated fabric from making her backpack, and searched for something that would use it. We happened across this smock and it looked like it would use almost all of the remaining fabric. (Wasn’t wrong – from the one yard of fabric, I have a 16″square).

Other than my inability to machine-stitch bias tape, this is a really quick project. Couple hours – even with a tiny helper. I find it easier to cut fabric to a pattern if the paper pattern isn’t cut right along the line, so I leave a half inch overhang around the pattern. It works just as well, though, to have overhang that continually varies from 1/8″ up to an inch. And Anya loves that she can do some of the cutting for our crafts.

Once we printed and cut the paper pattern, I cut the two pieces of laminated cotton. Sewed the two pieces together at the shoulder – since laminate does not seem fray, I used a simple straight stitch instead of the serger. I had cut quite a lot of bias strips to make piping for the bag. Double folded the strips to create bias tape for the edging and started pinning it in place.img_20161111_195246

The front of the bias tape is stitched on, and now I’m hand-stitching the back of the bias tape. Some day I’ll learn this “stitch in the ditch” technique 🙂

img_20161111_230842

Poor People Rights

Decades ago, someone rather hostility questioned … well, what they assumed to be my stance on abortion since it wasn’t like we’d ever had a conversation even tangentially related to abortion. They demanded to know why I, as a women, wouldn’t support women’s rights. Women’s rights?!? I asked. You’re talking about *poor people’s* rights.

You don’t need to discuss a controversial procedure like abortion or euthanasia. Consider a hypothetical scenario where LASIK eye surgery is outlawed in the United States. Medical tourism is already a thing in SouthEast Asia – so anyone who wants their vision surgically corrected now needs a week off from work, a couple grand to cover the flight and hotel, and a couple more grand to cover the surgery. It isn’t like the immigration officer is going to be issuing eye exams to determine if your vision when you left matches your arrival (or you fake the exam). Which means outlawing LASIK has only prevented people without significant disposable income from undergoing the procedure.

Removing a federal regulation allowing something and leaving each individual state maintain its own policy just lowers the cash/time requirements. It’s cheaper and quicker to pop over to California than Thailand.

Trump’s 20/20 interview brought this discussion to mind — while he says same-sex marriage has been decided by the supreme court and is unlikely to be overturned (it’s hard to find someone who has sustained ‘personal and individual’ injury by someone else’s marriage and therefore has standing to initiate a suit, so I’ll give him that) he also thinks Row should be overturned (I suspect the male parent could argue standing) and each state should have the power to decide for themselves . To decide what the poorer people who live in their state can or cannot do is the part that gets omitted from the debate.

I wonder, too, if there’s not some even subconscious belief that people are poor because of bad decisions. It’s OK that affluent people can avail themselves to the procedure — they can be trusted to make good decisions. It’s really just the poor people, whose poor decision making is evidenced by their economic situation, about whom we need to concern ourselves.

A friend of mine once observed that people who are out there LOUDLY proclaiming what God wants … odd how God’s will always follows that individual’s ideas too. The God Hates Fags folks who are sure the whole Luke 6:37 (“Judge not, and ye shall not be judged: condemn not, and ye shall not be condemned: forgive, and ye shall be forgiven”) thing doesn’t apply too condemning others based on their sexual preferences. Wasn’t the whole manifest destiny God’s will that the USA spread out to the Pacific?

I is for … huh?

There’s political correctness and then there’s silliness. Anya’s preschool newsletter said they would be introducing the letters “H” for harvest and “I” for Native Americans in the first half of November. Wait, “I” for Native Americans? Took me a second to realize that they mean Indians. To some extent, I get removing controversial terms – especially at a young age where you just don’t want to get into the discussion around why some people find whatever-it-is to be offensive. But why wouldn’t they pick another word for the letter?! Ice, Ink, Inside, Incredible, Imagine, Infinite, Island … thousands of words that start with ‘i’.

Introvert, Extrovert, And Somewhere Inbetween

I’ve found myself researching how introverts deal with raising an extroverted child. I have no idea how that combination manages. I am not a introvert. I abhorred quiet – my office space was silent most of the day, and I would blast music so I could concentrate. Living alone, my house was quiet — I’d go out with friends after work, come home and turn on music or ring someone up to chat. I got enough quiet in half an hour before bed and a dozen quick walks (outside for the mail, across the car park at the office, etc) to be happy.

Living with another adult reduced some of the quiet times, but not enough that I minded. Having a young child, however, has almost completely eliminated quiet from my life. Relatives purchase loud toys — and laugh about it, knowing exactly how much the kid is going to adore creating cacophony. I feel bad about taking away a beloved toy (or ripping the batteries out of the damn thing), but seriously the ONLY time Anya isn’t talking … she’s got some toy blaring, or the TV is on, or there is some other assault on my ears.

She’s had a few experiences with boys at the playground who were a few years older than her, and VERY rough in their play. She hates it – to the point she’s happy to leave the playground. I’ve tried explaining to her that those boys were putting out a lot more energy than she wanted to deal with. And I feel the same way about her sometimes — I see that you are having fun, but it’s just TOO MUCH. She gets it, and then turns on one of the singing race cars.

I found a lot of articles / blogs / etc from the standpoint of an extroverted parent trying to raise an introverted child — but an adult has the capacity for abstract thought. You can be quiet for someone else. An almost four year old … not so much. My mom used to have enforced quiet – turn off the lights, fire up a few candles, and just relax. Hated it to the point that I, twenty-five years later, cannot imagine forcing such horror on our child … no matter how practical the solution might be. Unfortunately the only other solution I can see is being somewhere else for a few hours each week.

Updated Federal Budget Distribution – 2016

I’d published a breakout of the federal budget … and thought I’d update the pie charts with the 2016 budget numbers. Again, there’s discretionary spending — spending from appropriation bills and the full budget which includes spending for things like Social Security, Medicare, and Medicaid which vary depending on the number of recipients and how much each recipient is being paid. This doesn’t mean the non-discretionary components couldn’t be changed — there’s been discussion of means testing Social Security payments and Medicare eligibility — but these changes are generally considered politically untenable (would you vote for the guy who just reduced your SS cheque because you happened to have a pension or money saved in a retirement account?).

Here’s the full budget breakout, updated for 2016

And the discretionary budget

Change

There are a lot of areas where the trend oscillates between two states. “Cloud computing” is somewhat new and somewhat trendy, but the “computers are expensive, bandwidth is cheap … centralize everything” and “computers are cheap, bandwidth is expensive … distribute everything” states haven’t changed. A VAX with its terminals or a Citrix farm with its thin clients. Better graphics today, but conceptually the same thing. The difference is marketing — I don’t believe they pushed VT100’s for the home market. SaaS has personal targets as well as commercial.

With these changes, there were winners and losers. Mainframes lost market-share as companies deployed desktop PCs. And now desktop PC vendors are losing market-share as “cloud” services become prevalent. Sucks on an individual level — for, say, the people IBM laid off as their mainframe business contracted — but it wasn’t the driving force behind a political movement.

Manufacturing moved overseas. Energy production moved overseas. Some manufacturing (electronics, for instance) are harder to bring back — we simply lack the knowledge and equipment to pick up manufacturing electronics. Beyond that, though, it is hard to compete with someone who can continually undercut you on cost. You can slap import tariffs on everything you see, but the Chinese government can force employees to work for less. And who wants to start paying MORE for the same stuff? That’s the other side of import duties that people fail to talk about — sure we can jack up the price of ‘stuff’ that comes in from overseas so domestically produced items are competitive … but unless you’re getting a serious raise to go with it, that means items become less affordable. Apart from political change, some manufacturing is apt to move back to personal production (i.e. I’ll 3D print any cheap plastic junk we used to ship in from overseas). And that will negatively impact some of the BRIC economies. The move to personal production may benefit American companies — they design the products, license out the print file, and you make it (or use the 3D printer at your public library to print it, or go to the 3D document centre at Staples).

Until about 3AM today, I thought we’d be seeing a similar apolitical shift in energy markets. The renewable energy tax credits got extended in a Congress where even the trivial faced unimaginable opposition. Personal energy production makes electric vehicles a lot more enticing — paying 20$ a week to the petrol station or 20$ a week to the electric company … not much immediate, tangible benefit. But using the electricity that I’m producing v/s paying 20$ a week to the petrol station – that’s a whole different story.

That shift had worrying geo-political implications — the Middle East isn’t stable, but the area is useful and there’s incentive on both sides to maintain some semblance of order. As demand for oil shifts, incentives change. Odd, to me, that someone who wants to levy tariffs to make American products competitive doesn’t agree with leaving tax incentives in place to promote domestically manufactured clean energy solutions. “Clean” coal, sure … but don’t give ’em a tax incentive to buy solar panels manufactured out on the West coast.