The Nintendo Switch, or how I learned to stop worrying and learned to love buying consoles

The Nintendo Switch is out and I am pretty pumped about it. I haven’t purchased one yet, so my exuberance may wane a bit once I do.

My preference for video gaming systems is much like my political affiliation: I pretty much hate everything.

I love video games, but I am normally not fond of video gamers. As a community, the toxicity is palpable, so the online experience just isn’t a factor for me. I prefer to play video games with people that I know in the real world, so for me the Playstation and the XBox are roughly equal, and the Nintendo has a real advantage over the others.

In my mind, Nintendo is a completely different category of gaming from the PC, XBox, or Playstation. In time, I usually end up with all 4 systems. I just usually wait for a few years to pick up the current PS or XBox. As of this writing, I still don’t have an XBone or PS4 and I am thinking about skipping them. Sure there are exclusives that I could be missing, but honestly, I don’t really care. I still play tons of Skyrim, so I am not really missing much.

The reason that I think of Nintendo as a wholly different platform than all others is that the Nintendo pushes the envelope for hardware, not necessarily for video games. Sure, they have a roster of characters, and a few franchises that you can bank on for release on new platforms. The craziest example has to be controlling a game with bongos.

While bongos were probably the riskiest idea, the Wii had to be the most successful. The idea of using movement to interact with a game was duplicated by every other console. The Wii U added the ability to use the tablet to play “real” console games that ran on another machine, essentially ushering in the idea of streaming games. The nVidia shield and it’s various competitors owe Nintendo for introducing the concept to the living room. Now Nintendo is taking its act on the freeway?

I know it’s easy to dismiss the Nintendo as gimmicky, and targeted at kids. I play a fair amount of Nintendo games with my kids. A common Friday night activity at our house for the two older kids was popping a bunch of popcorn and the whole family playing Mario Party or Mario Kart. Now I am looking forward to the day when we can do the same with the two little ones. Just because the stable of characters is popular with kids doesn’t mean that it’s not a serious platform. Nintendo’s decision to make the tablet the center of the gaming experience is an interesting one. I am eager to see the long term effects it has on gaming and computing.

I can’t praise Nintendo’s bold visions without also talking about Microsoft’s lack thereof. Don’t get me wrong, I like the XBox, it’s well executed and represents the height of console gaming design. The MS vision is many things, but it is not bold. MS seems to prefer taking known entities and perfecting them, much like Apple does with mobile phones. Playing shooters or fighting games on the XBox is great, but the price point for that experience is extreme. The XBone is still around $250 even though it’s pushing 4 years in age and an upgrade is on the horizon.

Advertisements

Cub Linux as a kid’s computer

zoey_compOne of the things that my daughter wanted for Christmas was to be able to play some of the web games she’s seen on TV. I have a strict policy about not letting anyone touch any of my computers, so I rehabilitated an old HTPC for her to use.

The PC portion was mostly incidental; her main gift was her cool keyboard, cool mouse, awesome Pepa Pig headphones, and of course, her game subscription.

The donor PC was an old Intel Atom box with 2gb of RAM. This basically made Windows impossible. I toyed with the idea of using Lubuntu, but then I came across Cub Linux. It’s basically a lightweight version of Linux that boots to the Chromium browser. It’s like an [more] open source version of Chrome OS.

Getting the machine setup was fairly straight forward. I set it to auto-login and to go to sleep after a half hour. She knows how to turn the monitor off, that’s good enough for a 4 year old. I also installed VNC media player so she can watch cartoons that I have downloaded for her.

I almost always install Samba on Linux machines because it makes it easy to move files from Windows. The process is documented fairly well here. I just shared out the home directory like before so I could put videos in the Videos folder.

old_linux_screenieOne problem with kids’ computers, especially for kids that are learning to use a computer while also learning to read, is that they need constant assistance. I use SSH for the low level operating system stuff, but a lot of it is just her not yet knowing what to do when something pops up on the screen. So I decided to share the desktop so I didn’t have to get up and walk over to the PC just to click OK or type in a password. One of the best tools for remote access to a Linux desktop is VNC.

VNC is a technology that I have been using off and on for years. I even used it on Windows in the NT and Win2K days before RDP basically obsoleted it. Every now and then VNC comes in super handy.

There are a number of ways to set up VNC, and a number of packages that deliver its functionality. Basically, you can run multiple X Window servers that let multiple users have graphical desktops at the same time. It can be super confusing for Windows users, so bear with me. Unix is multi-user. It’s meant to be used by multiple people at the same time. These users may be sitting at one or more physical consoles, virtual consoles, or remote shells. VNC is one way to get a graphical (window that you click with a mouse) console remotely on a system. You start a VNCserver on a given display x (:1, :2, :3. etc.) and then connect a VNC client to it on TCP port 509x (5091 for :1, 5092 for :2). Multiple users can run multiple servers and launch pretty much any number of graphical shells.

octopod_screenieVNC is awesome, but a kid computer is seriously single user. What I need is to be able to pull up her Linux desktop on my [often] Windows desktop, without any intervention from her, and without getting up from my desk. She is still learning to use a computer, so I want to demonstrate things on her screen. Not getting up from my desk is important because she needs assistance fairly often. Also, I happen to be a lazy slug.

Fortunately, there is a tool for doing this known as X11VNC. The key difference for X11VNC is that it shares the physical console display, :0, which is the display of the user sitting at the keyboard. This is ideal because when I connect to her computer, I see what she’s seeing, and either of us can type or move the mouse.

To set up X11VNC, I first had to get the software installed from repos:
sudo apt-get install x11vnc

After you’ve installed it, you want to create a remote access password and then edit the config to start at boot. I use the same password for the remote session that I use to log into the user account. Thanks to the auto login, no one but me should ever have to type it in.
sudo x11vnc –storepasswd /root/.vnc/passwd
sudo nano /etc/init/x11vnc.conf

Then paste this into the editor:

# description "Start x11vnc on system boot"

description "x11vnc"

start on runlevel [2345]
stop on runlevel [^2345]

console log

respawn
respawn limit 20 5

exec /usr/bin/x11vnc -auth guess -forever -loop -noxdamage -repeat -rfbauth /root/.vnc/passwd -rfbport 5900 -shared


Then you can use any VNC Viewer to access the desktop remotely by entering the IP for the computer. My personal favorite viewer is tight-vnc.

With the remote access portion set up, I am now able to help her with her computer without getting up from mine. She has discovered that we can both type on the same computer at the same time, so a game has emerged. One of us types in a text editor and the other tries to delete what the other has written. It’s a race to either type or delete gibberish and she laughs like a maniac when we play it.

The problem with everything is central control

I have been reading postmortems on the election, and it basically came down to a failure of media and political elites to get a read on the voting public. Basically, a small number of very powerful intellectuals operated in a kind of silo of information.

All the stuff I have read and watched about the 2008 financial meltdown comes down to a failure of large banks. A small number of very powerful banks, operated in a kind of silo of finance.

This country is a mess because of centralized control and centralized culture. It’s a mess because of intellectual laziness and emotional cowardice. It’s a mess because we rely on crumbling institutions to help us.

Centralizing seems natural and logical. There is an idea in economics called the economy of scale. Basically, a big operation (a firm, a factory, a project) has better purchasing power and is able to spread fixed costs over large numbers of units. In network topology, the Star Model is the simplest to manage, putting all the resources at the center. I tend to think about economics and computer networks as kind of similar.

One of the primary criticisms of the Star Network is the single point of failure. If the center of the network has any sort of problem, the whole network suffers. This is also a problem with economies of scale. A lot of electronic component manufacturing is centralized in Taiwan, in 1999 an earthquake caused a worldwide shortage of computer memory. It seems that any time there is bad weather in New York City, flights are delayed across all of North America. In 2008, trouble with undersea fiber cables caused widespread Internet connectivity problems throughout Asia. A lack of biodiversity in potato crops contributed to the Irish Potato Famine. Centralized control is prone to failure.

This isn’t just a business or a technology problem. It can also be a cultural problem. Centralizing stores of information leads to gatekeeping, where a point of distribution controls the access and dissemination of information. This may be for financial gain, in the case of television and cinema, or it may be for political gain, in the case of the White house press corps. Media outlets repeating what the white house said, and the white house using media reports to support its assertions is how the us ended up invading Iraq under false pretenses.

The diametric opposite of the Star Network is the Mesh network, specifically the Peer-To-Peer network. These models eschew ideas of economy and control in favor of resilience and scalability. Economy of scale eliminates redundancies because they are expensive. Peer-to-peer embraces redundancies because they are resilient.

Embracing peer-to-peer from a cultural standpoint means embracing individuality and diversity. Not just in a left-wing identity politics sort of way, but in a Victorian class struggle kind of way. It means eschewing the gatekeeper-esque ideas of mono-culture in favor of cultural and social diversity. Peer-to-peer culture is messy. It’s full of conflicts and rehashed arguments. It’s not a “safe space” where people of similar mindsets never encounter dissent. It’s a constant barrage of respectful and learning argument.

The cultural division in this country is a failure of our core values. It’s a failure of the right’s anti-intellectualism, and it’s a failure of the left’s elitism. It’s faith by many in crumbling institutions that are out of touch. It’s a failure of corporate media that forces us to turn to our social networks for news that discourages discussion and only seeks to confirm our individual biases.

I’ll be writing more about this opinion (and make no mistake, it’s just an opinion) in future posts. Hopefully it will foster some of the discussion that I am seeking.

Election Got You Down? GOOD.

farnsworth_presidentMy social media feeds are physically dripping with existential angst about the Presidential election. My conservative friends were losing their shit over either Hillary and her lies, or the fact that Trump is leading their party off a cliff. My liberal friends were salty about Bernie getting the shaft from the DNC. There was a lot of talk about the lesser of two evils.

I have been making my saving throw against angst-filled rants, until now. Everyone I know is in some sort of funk over the election, and I’m just sitting here like “Welcome to my world. You’re stuck here until January, but look on the bright side: AT LEAST YOU DON’T LIVE HERE.”

For me, there was never a good choice. The whole election was like a shit sandwich and the whole country spent like two years arguing over which end to bite into. It never occurred to anyone to question why the sandwich was full of shit. This “None Of The Above” view of American politics is pretty much where I live my life. I hate at least half of the liberal platform, and at least half of the conservative platform. This doesn’t make me a moderate, it makes me a political misfit.

I was pretty well braced for disillusion. I voted for Obama, and watched him pivot from promises of government transparency and closing Git-mo, to a growth of the surveillance state. I like gay marriage and healthcare, don’t get me wrong. Those were good things that I could get behind. I just *really* hated Bush’s illegal spying; Obama campaigned against it but then turned around and made it bigger. *Then* he equipped it with assassination drones. Maybe it wasn’t Obama who did it personally, but he was supposed to be steering the ship. It happened on his watch and even if he didn’t make it happen, he certainly failed to stop it. Maybe Bush did the same thing and he wasn’t such a bad guy after all?

I was *this* close to making a protest vote for either Stein or Johnson, but my principles gave way to my self-preservation instinct and I grudgingly voted for Clinton. I am mad that Trump won because I feel like I got robbed of my statement. I felt pretty dirty voting for her, and then she had the audacity to lose. The world-as-we-knew-it was wrong about her being the presumptive nominee and now I can’t smugly say “Don’t blame me, I voted for… Stein? I guess?”

My politics can be summed up in two basic talking points: I hate cops and I hate corporations. I am a firm believer in social progress and a limited federal government that actually does it’s fucking job. There are too many laws, too many jails, and too much of that enriches corporations at the expense of people’s civil liberties. Too much of that corporate enrichment happens at the expense of people of color. Also there are not enough independent media companies, banks, and telecoms to serve those that big corporations ignore. I don’t know if I dislike capitalism, or just the corporatism that we practice all over the world. Maybe well-executed capitalism is like well-executed socialism and only exists in the fantasies of economists and political scientists. I don’t really care, I’d rather focus on the sharing economy. I do know for certain that The Social Contract isn’t socialism. It’s the consideration of the governed for allowing governors.

hillary_memeA sick part of me wanted Trump to win. Not the actual me, just that little crazy part that envisions the car crashing when you have to slam on your brakes suddenly. You know, that crazy death-wish part, that kind of fantasizes about the zombie apocalypse that your rational mind is always telling to shut up.

Any way, I wanted very badly to say “Look, if I vote for her, can you all just promise to work to make things better?”

Well, now it’s time to work on making it better. The thing that I want to work on is not political parties and why they all suck. I am done with believing in elections for Democrats and Republicans. I’m still gonna vote, I just won’t invest in the idea of elections producing results that I want. I’d rather invest that energy into writing about something else.

That something else is basically doing away with our country’s reliance on central authority. I think we should have a government, I just think it shouldn’t be such a big factor in our lives and our culture. I think we should have a mass media, but it should be free from corporate influence and cartel ownership. I think we should see America for what it is: a great nation that was exceptional, but is capable of decadence and corruption, just like any other country.

My guide to setting up SSH keys with Putty

TL;DR: if you just want to set up keys with putty: IDGAF about Cloud At Cost take me to the Putty screenshots.

Fun with Cloud At Cost
I have become a kind of fan of Cloud At Cost. Their one-time-fee servers and easy build process is great for spinning up test machines. I would hardly recommend running anything that I would consider “production” or mission critical on a cloud at cost VM, but it is a cheap, quick, and simple way to spin up boxes to play with until you are ready for more expensive/permanent hosting (like with Digital Ocean or Amazon). Spinning up a new box means securing SSH. So here is my guide.

The major problem with a hosted server of any kind is drive-by scans. There are folks out there that scan for huge swaths of the Internet looking for vulnerable machines. There are two basic varieties: scanning a single host for all vulnerabilities, and scanning a large number of hosts for a specific vulnerability. A plain box should really only be running SSH, so that is the security focus of this post. There should also be a firewall running, that rejects connections on all ports except the services you absolutely need.

It should be noted that Your security measures don’t necessarily have to be top notch, your box just has to be less convenient than the next host on the scanners’ lists. It’s not hard to scan a large subnet and find hosts to hammer on. Drive-by scans are a numbers game; it’s all about the low hanging fruit. With C@C, it’s a question of timing. You have to get onto the box and lock it down quickly. Maybe I’m just being paranoid, but I have had boxes that I didn’t log in to right after spinning them up and I have seen very high CPU utilization on them when they aren’t really running anything, which leads me to believe that the host has been compromised. Also, beware that the web-based stats can be wildly inaccurate.

This guide will only lock down SSH. If you are running a web server, this guide will not lock down the web server. If you are running Asterisk, this guide will not lock down Asterisk. All this guide will do is shore up a couple of vulnerabilities with SSH. I recommend running these steps *BEFORE* installing anything on your VM.

My use case for Cloud At Cost is something like this: There are times when I need a box that is easier to get to than hosting a box on my home network, but doesn’t really justify the monthly cost of running a server on Digital Ocean or Amazon. For me, I spend a lot of time working all night inside a very restrictive corporate network, so it’s hard to get access to my stuff at home especially since Team Viewer is compromised. C@C is cheap and easy, which probably means it’s a playground for scammers and other bad actors. This means it’s a good idea to lock down your box before you do anything useful with it.

You can get started with C@C for around $35, but if you follow them closely, you can catch some of their discount deals and get a very low end developer box for around $10. I took advantage of a few of these promotions and now I have a bucket of resources at my disposal for all of my tinkering needs. Also, if your box starts to misbehave (loads of network traffic, high cpu utilization, etc.) it’s probably compromised, so just torch it and build a new one.

Getting Started

You can learn about the basics of the Cloud At Cost panel here, the info will be useful later on:

Once you have signed up with C@C, bought some resources, and fired up your Linux VM, it’s time to do some housekeeping. I prefer Debian, and it’s what I am using in this guide, but it doesn’t really matter what you choose.

As soon as the box is up, log in with SSH, using the root password given in the information button. I use putty*, because most of my time in front of a computer is spent working or gaming, so I use Windows a lot. I know it upsets a lot of folks to hear that, but hey, those folks can feel secure in knowing that their “Unix Beards” are mightier than mine.

The very first thing that I do is change the root password. Make like 30 or more random characters. You shouldn’t actually need to type it in after this point, but keep it somewhere encrypted just in case. I also comment out the non-us repo that C@C Debian machines are still pointed to in sources list:

passwd
nano /etc/apt/sources.list

Just locate the line that begins with “deb http://non-us.debian.org” and put a # in front of it. On a C@C Debain 8 box, it should be the first line.

With that pesky non-US entry removed, you are clear to update your packages:
apt-get update
apt-get upgrade

I also run these commands from the Nerd Vittles blog to make sure the password doesn’t revert to the Cloud At Cost root password:

sed -i '/exit 0/d' /etc/rc.local
killall plymouthd
echo killall plymouthd >> /etc/rc.local
rm -f /etc/rc3.d/S97*
echo "exit 0" >> /etc/rc.local

I don’t know if they are strictly necessary, but the dudes at Nerd Vittles recommend it, and they spend waaaay more time doing this stuff than I do, so there you have it.

After that, it’s time to install fail2ban, and then create a non-root user:

apt-get install fail2ban
adduser steve

Hopefully, in a few minutes fail2ban will be made superfluous by our additional security measures. In the meantime it will stop brute force attempts. Some of my hacker buddies change the default port for SSH to throw off driveby scans, but the restrictive corporate network I mentioned before doesn’t like arbitrary ports, so that’s a hard no in this case.

Enable Sudo for a Non-Root User

To start implementing our security measures, we will install sudo, add ‘steve’ (our non-root user) to the sudo group, and then make sure steve has the right permissions in the sudoers file:
apt-get install sudo
adduser steve sudo
nano /etc/sudoers

At this point the /etc/sudoers file should open in the Nano next editor. I know I should be using vi, but I am too busy #YOLOing to do that Unix Beard crap. 🙂

Press ‘ctrl+w’ to open the search box, and type ‘%sudo’ to find the permissions line.
Press ‘ctrl+k’ to cut the ‘%sudo ALL=(ALL:ALL) ALL’ line, and then ‘ctrl+u, ctrl+u’ (hold ctrl and press ‘u’ twice) to paste the line in twice.
Edit the second line to read ‘steve ALL=(ALL:ALL) ALL’ and press ‘ctrl+x’ to exit, and press enter to save.

Setting up sudo is important because we are going to disable root logins here in a minute, but first we are going to set up SSH Keys for logins and then disable clear text logins. SSH does use clear text passwords, but it passes them through an encrypted tunnel. This means that while your password isn’t likely to be sniffed, it could be guessed or brute forced. Using SSH keys means you have to have the right private key to match with a public key on the server. But before we can do any of that, we need to test the new non-root account by logging in with it.

Once you are logged in as steve, test sudo:
sudo whoami

Which should return ‘root’.

Securing SSH with Asymmetric Keys

Once the non-root account is working and sudo-ing, we can proceed to lock down SSH with public+private key pairs. I will explain how to do this with putty for Windows, but it’s actually way easier to do this with Unix.

The first step is to make sure you have puttygen.exe handy. Download it and launch it, change the bits for your keys to 4096 (in the lower right corner) then click the ‘Generate’ button.

puttygen1
Wiggle the mouse around for a bit, and in a minute or so you will see your public key, with a key comment and blanks for your passphrase. You don’t have to change the comment, or enter a passphrase, but I recommend it. I like to change the comment to match the username and server (‘steve@stevesblog.com’ in the screenshot below), since I have lots of different keys. The passphrase keeps things safe in case your private key file falls into enemy hands.**

puttygen2

At this point, you may be tempted to use the same passphrase for your private key as you use for your non-root user account. This is a bad idea, because your non-root password is now basically your root password. Do yourself a favor and use two completely different passwords.

Next, click ‘Save private key’ and save the resulting .ppk file in a safe location, but don’t close the puttygen window just yet. If you use multiple computers, putty will let you re-use your private key file between Windows machines, if that’s what you’re into. SSH on Linux may, but it will not let you use a puttygen file in a Linux system. (Based on that one time I tried it and it didn’t work for me.) So just keep that in mind.

Also, it’s no big deal to have multiple private/public key pairs on the same server. You can use a different pair for each client computer, which is probably safer and more convenient than using a shared key pair. If you lose access to a client machine for whatever reason, you can just delete the public key off of the server and that machine won’t be able to connect to your server.

Leave your puttygen window up and switch back to your putty/SSH window. Create a .ssh folder and a key file for SSH, then a text file to store your keys:
mkdir ~/.ssh
nano ~/.ssh/authorized_keys

Paste the Public Key text in the top of the puttygen window onto a single line in the file. This will be a Very Large Line Of Text(tm) (VLLOT). The VLOTT should begin with ‘ssh-rsa’ and end with ‘rsa-key-yyyymmdd’ where yyyymmdd is the date you created the key. Sometimes the key comment (steve@stevesblog.com in the example below) is the last bit of text. I haven’t quite nailed down why that is, presumably an order of operations thing. Anyway, be sure that the VLOTT begins with ssh-rsa, or you didn’t grab all the text in the public key.

Save and close the file (‘ctrl+x’ and then ‘enter’) and then set the permissions for the file:
chmod 600 ~/.ssh/authorized_keys

Now exit your ssh session, and reopen putty. You need to set the IP address of your server as the hostname. I prefer this to host names because DNS can’t always be trusted. Give your session a useful name.

putty_2

Under ‘Connection -> Data’ add the username for your non-root account. In this example, I named my account ‘steve’.

putty3

Under ‘Connection -> SSH -> Auth’ browse to the safe place you saved your private key. You pasted your public key onto the server, and you have your private key stored on your computer. You will want to keep the private key file safe because if you lose it you have to set up a new pair while logged in at the console, which is a total pain. I keep mine in Dropbox, but I keep them secured with a passphrase.**

putty4

Now go back to Session and save your session profile. Henceforth you can connect simply by double clicking ‘steve’s server’ under ‘Saved Sessions’.

Now it’s time to test your new key pair. Just double click ‘steve’s server’ and you should be prompted for the passphrase that you set for your private key. Once you enter it, you should be logged in to the server as user ‘steve’. If you were able to log in using your key, you are all set to move on. You are now free to close PuttyGen.

If The Server Rejects Your Key

It’s most likely that you didn’t paste the public key correctly. This is why we left the PuttyGen window open. 🙂

Log in with your non-root username and password (‘steve’ in this example) and open your ~/.ssh/authorized_keys file in nano again:
nano ~/.ssh/authorized_keys

In the PuttyGen window, make sure that you scroll to the top of the public key text. It should begin with ‘ssh-rsa’. Now click and drag down to the end of the public key text, then right click and select ‘copy’.

In the Putty window, with your authorized_keys file open in nano, delete the incomplete key and paste the complete text of the public key on a single VLLOT.

Save and exit nano, then exit your SSH session and try again.

Also make sure that you changed the permissions of the authorized_keys file:
chmod 600 ~/.ssh/authorized_keys

If your key is still being rejected, generate a new public and private key by clicking the ‘Generate’ button and starting the whole key process over again.

Disable Root and Cleartext Logins

Once your keypair is working, (and you are able to log in with it) it’s time to eliminate root logins and cleartext logins. Some folks will tell you that root logins are fine with SSH because passwords don’t get sent in the clear. While that’s true, ‘root’ is still the one username that is guaranteed to be on every Unix-based machine, so if you are going to brute force an account, this is the one to focus your efforts on. Disabling root logins and clear text logins is all done in the sshd_config file:
sudo nano /etc/ssh/sshd_config

Press ‘ctrl+w’ and search for the word ‘root’. You are looking for this entry:
# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

Change ‘#PermitRootLogin yes’ to ‘PermitRootLogin no’. (uncomment if necessary and change from ‘yes’ to ‘no’.)

Then press ‘ctrl+w’ and search for the words ‘clear text’. You are looking for this entry:
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

Change ‘#PasswordAuthentication yes’ to ‘PasswordAuthentication no’ (uncomment and change from ‘no’ to ‘yes’.)

Once these changes are made, DO NOT LOG OFF OF YOUR SSH SESSION. Once these changes are implemented, it will be hard to log back in to undo anything if you make a mistake. You should have tested and succeeded with your ssh-key based login because we are about to restart the ssh daemon and prevent clear text logins:
sudo systemctl restart ssh

To test ssh logins, connect to the IP of your server with putty using the ‘Default Settings’ profile. Your login attempt should fail because only people with private keys are allowed to the party:

putty_failed

At this point you are far from being hack-proof, but you are a bit more locked down than you were before, and there are always more convenient targets out there 🙂

Hardening web servers is another story, which really isn’t my bag to be honest. There’s a reason that I host my blogs with Google or WordPress 🙂

* Protip: put your putty.exe file in ‘c:\windows\system32’ so you can run putty from the command line or the run line. If you want to be a real hard rock, rename putty.exe to ssh.exe. Did you know putty accepts commandline args? It does, so you can do awesome Unixy shit from the command line like type ‘ssh steve@testbox.stevesblog.com’ to connect to a remote host. It still pops up your connection in the putty window, but it keeps your hands on the keyboard. 🙂

** Another Protip: not setting a passphrase is handy for automating ssh connections, especially if you want to move files back and forth with ‘scp’ or mess with tunneling via local and remote ports. I haven’t found a decent scp command line app for Windows, other than the Unix utils in CygWin.

My .screenrc

I am a huge fan of screen. It’s indispensable for working on a Unix host via SSH. It lets me have multiple terminals (screens) up at a time. There are dudes that use screen to split their terminals into multiple views, like a tiling window manager, but for the command line.

My needs are not nearly as sophisticated, since I mostly use putty to connect to Linux servers from Windows.

I use 4 special keys:
F9 to detach from the screen session. This is leaves your session running in the background. I mostly use this to idle in IRC. Once detached from your session you can view your active screen session by typing:
screen -ls

Which will return something like this:

user@localhost:~$ screen -ls
There is a screen on:
2030.pts-0.localhost (05/25/2016 06:45:51 PM) (Detached)
1 Socket in /var/run/screen/S-user.

To reconnect to a detached screen session, type
screen -r 2030.pts-0.localhost

If the session is in use elsewhere, use the -D option:
screen -D 2030.pts-0.localhost

This will disconnect the screen session that’s in use, log off the SSH session that initiated it, and then reattach the active SSH session to the screen session.

Or, if you’re like me and never have any idea if you have a running a screen or not, just combine -D and -R and quit worrying about sockets and get on with your life:
screen -DR

And, if you are also like me and forget the switches for screen, just use the alias command in your .bashrc to have screen do -DR every time:
alias screen = 'screen -DR'

F10 to open a new terminal in screen.

This option lets you have multiple terminals in the same SSH session. This is handy for having a full screen app (like irssi) in one term, and one or more additional terms for running other commands. To close a terminal, type
exit

F11 and F12 to switch terminals
When you have multiple terminals open you can navigate them, from left to right with the F11 key to select the terminal to the right, and the F12 key to select the terminal to the left.

The File
To use this file, simply paste the contents below into a file called .screenrc in your home directory. So here it is, the .screenrc, that I have been using for years:


startup_message off

# Window list at the bottom.
# I got the long line of vars from https://bbs.archlinux.org/viewtopic.php?pid=423481#p423481
hardstatus alwayslastline
hardstatus string "%{.kW}%-w%{.W}%n %t%{-}%{=b kw}%?%+w%? %=%c %d/%m/%Y" #B&W & date&time

# From Stephen Shirley
# Don't block command output if the terminal stops responding
# (like if the ssh connection times out for example).
nonblock on

# Allow editors etc. to restore display on exit
# rather than leaving existing text in place
altscreen on

# bind F9 to detach screen session (to background)
bindkey -k k9 detach

# bind F10 to create a new screen
bindkey -k k; screen

# Bind F11 and F12 (NOT F1 and F2) to previous and next screen window
bindkey -k F1 prev
bindkey -k F2 next

Volunteering at Heroes And Villains Chicago

It’s been a couple of weeks since the Chicago event, and I am just now getting around to writing about my experience. I went to Chicago expecting to be more comfortable volunteering, but Chicago was an entirely different beast. Because Chicago is so much closer to Cincinnati than New York, we decided to leave early on Friday morning. This meant leaving at 5 AM, and doing setup upon arrival. We walked into the convention center thinking that we would start assembling booths, and discovered that in Chicago, this was a union job. This meant the primary focus of the volunteer force would be assembling the merch booth.

merchbooth

The merch booth is a large 5-piece structure that ships in dozens of pieces. The experience is not unlike assembling Lego. The primary differences are that the merch booth weighs close to a half-ton when assembled, and unlike a Lego kit, there are absolutely no instructions. Not only are there no instructions, there is no one who recalls seeing a successfully assembled merch booth onsite, so the experience is something like assembling a puzzle, which may or may not be missing pieces, with no picture on the box to guide you. It’s like a logic puzzle and a jigsaw puzzle had some sort of psychotic baby. Assembly was fraught with peril. Thankfully I had the foresight to bring a multi-tool with me, which made things go a little more smoothly.

We determined that there were two essential tasks: first, to figure out what the various pieces did, then to ascertain some sort of idea of the finished product. Chrisha set about trying to find a picture of the finished booth via Google. I worked with some dudes to deduce the functions of the various pieces, Sherlock Holmes style. After about an hour, we had the three major sections assembled, but the overall picture was still a mystery. All Chrisha had been able to find on Google was pictures of Esty’s boobs. Chrisha was eventually able to locate a picture, and we kind of saw how the sections came together, after zooming in on a grainy picture. No matter how many times I said “ENHANCE!” I just couldn’t get a crystal clear pic. I think that maybe the IT on CSI is BS.

gold_badgesSo once the merch booth situation was handled, Chrisha and I finished the day working in ticketing. I enjoy working there because I can clown around with the attendees and volunteers. I especially love finding a volunteer who is very serious about the job, or stressed out, and playing little good-natured pranks. Like saying that an error message on the TicketLeap app means we need to call the police, or telling the attendees the password to get into the con was “cantaloupe”. I also put together all the gold badges for the event, and had a bit of fun with them. One volunteer was sick or something, and wore one of those mask things that Japanese people wear on the subway. I made sure to address her using my best impersonation of Bane, every single time I talked to her. By Sunday she was probably ready to kill me.

The next day was the first day of the con, and I guess the number of volunteers was short. I was supposed to work at the merch booth, which I did for a couple of hours, but then I was diverted to work line control for Brian Tee. I had never worked line control before, so I was sort of making it up as I went along. Brian was really nice, and spent lots of time with his fans, a lot of whom were kids because he’s playing Shredder in the new Teenage Mutant Ninja Turtles film. I screwed it up pretty badly on Sunday when I got bored and waved a few people over to go through the line, but other that I think I did OK. I am definitely not cut out for line control, it takes a kind of attention to detail that I just don’t have. I am much better suited for jobs that require interacting with people.

Saturday night was the Nocking Point party. These events are always awesome. This particular party had Brother Sal and The Devil May Care on stage. It was great fun dancing with Chrisha. I don’t dance so much as get drunk and sway back and forth, but at many events that is good enough. Brother Sal complimented our dancing, and my kilt. I was not aware that Neal McDonough was a Blues musician and played an amazing harmonica. Well, he played a number of songs, sang, and did a tremendous job of making the night amazing. At one point he decided to dive off the stage, and wanted some men up front to catch him. I and some other big dudes made our way up front and caught him. It was insane. His wife also got on the piano and danced, and Neal tried to get her to jump off as well. I am half disappointed and half relieved that she didn’t jump of the piano and into our waiting arms. A highlight of the evening was getting to shake hands with Neal and tell him what a huge fan I was of Band of Brothers. It was a short interaction, like many that I have had with celebrities, that I assumed he forgot about.

I guess maybe he doesn’t get a lot of recognition for Band of Brothers, maybe? I don’t really know why, but the next day I came up to Neal at his booth and he remembered me. It started when I saw a guy in full Easy Company cosplay. He was dressed head to toe in vintage WWII gear, down to the steel pot helmet and brown jump boots. His costume was amazing. I managed to get a picture with him, and he was really excited that I liked his costume. We chatted for a minute, and I told him the brief tragic tale of my short stint as a U.S. Army Paratrooper. A bit later, when Neal arrived at his booth, I ran up to to tell him about this Easy Company guy.

When I get up to Neal, he asks me where my kilt was. I was taken completely off guard by that. I just sort of went “Uhh…” but in my mind I was like “Not now Neal McDonough, we don’t have time!” I showed him my picture of The Easy Company Guy and asked him if it was OK to bring him up to see him. Neal said he had to see this guy, so I went back to my post at Brian Tee’s line and hoped to spot The Easy Company Guy again. In a little bit, I spotted him, and took off to get him.

I am sure The Easy Company Guy was startled and confused when I ran up to him and was like “Yo Easy Company! You gotta come with me!” and I grabbed his arm. On the way to Neal’s booth I explained that I showed Neal my pic of his costume, and that Neal was eager to see him. I ran him up the VIP line and explained that while I can get him through the line, I couldn’t get him past the manager. When I turned to explain, The Easy Company Guy was totally in shock that this was happening. Again, I had to return to my post, so I didn’t get to see what happened after that.

Apparently it went very well, because The Easy Company Guy came to find me. Turns out his name is Dustin, and he was absolutely pumped that he got to meet Neal 🙂 I got a hand shake and a big “THANK YOU!” which was easily he highlight of that day. As the con was closing down, I went back to get Neal to sign my shirt. I said to Neal, “How excited was that guy?” Neal said The Guy was visibly shaking and Neal gave him a moment to collect himself, which I thought was just awesome of Neal. Neal shook my hand, thanked me, and said “You’re a good man, Chris.”

I had no idea that was on my bucket list, but it was, and I got to cross it off 🙂

Election Year Economics Are Stupid

I am no economist, but elections aren’t about economics, they are about rhetoric, which I know a little bit about. Political rhetoric is about narratives. In an election year, the narrative of fiscal policy is about reinterpreting the basic principles of macroeconomics in order to garner votes. The problem, as I see it, is that these narratives, these talking points, are passed off as solid leadership. All politicians lie, but this is different. These are carefully crafted messages that people follow. Messages that people believe.

Both liberals and conservatives are establishing the same narrative: that their side has all of the answers, and the other side is ignorantly wrecking the country. Both sides do this, make no mistake. This is why I don’t care for either. It doesn’t matter which side you fall on politically. If you give that premise one ounce of rational thought, you can see that that idea is -in a word- stupid. Why would a group, backed [presumably] by half the country, back a plan that would doom the very nation that they want to control? This isn’t about good vs. evil, or smart vs. stupid. This is about two essential pieces of a natural process: the need for business to make profits, and the need for a social safety net. Not only are these great ideas, they are also essential components of a healthy economy. They may actually help each other in the process: good social safety nets could mean more freedom for businesses.

Conservatives are pushing tax cuts at every turn in order to stimulate private industry. Liberals are looking to implement government programs to help people that they believe are being ignored by private industry. LOL/JK they’re just lining the pockets of their corporate cronies 🙂

Private industry and social stability are both good ideas; there is nothing wrong with either idea. The problem is that both ideas are postured in such a way as to appear mutually exclusive. Tax cuts are inherently plutocratic, while programs to help those who need it are the fast track to communism. This has nothing to do with actual plutocracy or communism and everything to do with political posturing.

Presenting your set of goals, however noble, as superior to those of the other side is deliberately ignoring half of the problems that our nation faces. We face a need for employment, which comes from businesses, and a need for a strong social safety net, which comes from taxes. People need to work so that they can pay taxes. Businesses need to profit so that they can employ workers and pay taxes. What’s more, pitting the interests of business against the interests of the population is at best a waste of already finite resources, and at worst a recipe for societal collapse.

Economies rely on two forces: supply and demand. These forces are often represented in the political narrative as business and consumers. The problem with this narrative is that consumers are also labor. The market is actually made up of two interdependent cycles where businesses and consumers fulfill the roles of supply and demand at various stages. These cycles depend on each other to keep repeating. The people who participate in these processes perform different functions in the cycle. Even if you own a company, you still have to go home and buy things. Even if you earn only minimum wage, you are still selling your time and energy for a wage.

In the graphic above, you can see where businesses and consumers are both buying and selling to each other. There are different markets where consumers supply and businesses demand, only to have the roles reverse. This is a good representation of the interdependence of these two cycles. If you are a business, you are working to turn your resources (raw materials, production capacity, energy) into profits. If you are a consumer, you are looking to turn resources (land, labor and capital) into income. If consumers don’t have income, they can’t buy stuff from businesses and they cannot invest in businesses. If businesses cannot make profits, they cannot make products and employ people. If this balance is upset, no one can pay taxes. Conservatives would have you believe that Americans sacrificing in order to keep private industry going is the way to keep the country going. Liberals would have you believe that government programs financed by corporate taxes will keep the country going. Both parties are right at some point in the economic cycle, and they’re both wrong at the opposite end.

Capitalism works when everyone acts in their own rational self interest. Political rhetoric focuses on “self interest” at the expense of rationality. Election Year Economics is the antithesis of rationality. Pitting consumers against businesses is irrational. Businesses are employers. Employees are customers. If people can’t work, they can’t buy your crap. If you aren’t buying crap, there are no jobs. Expecting the government to care for you is irrational. Subverting the democratic process to avoid taxes is irrational. The politics of fiscal policy is the politics of irrationality.

You see, while markets cycle clockwise and counterclockwise, the economy itself cycles up and down. Things go well, the economy grows, and then it runs out of steam and contracts. This is natural. The contraction not often pleasant, but it is natural. Expansion and contraction is unavoidable. The purpose of the government in this process is not to keep the cycle perpetually expanding. That is impossible, and believing it to be possible is irrational.

The role of government in the business cycle is to even out these natural ups and downs. This is where Monetary Policy should come into effect. It should keep things from expanding out of control, and then soften the blow of recession. The government does this during expansion by limiting the money supply (Federal Reserve conspiracies notwithstanding) and during contraction by providing a social safety net. During times of recession, the government increases spending, cuts taxes, and programs like unemployment benefits and other forms of assistance keep people buying until things pick up again. These are good things that get people votes on both sides.

During times of expansion, however, conflict arises. At the other end of the business cycle, the government needs to control the supply of money to keep the economy from overheating and then crashing. It does this by raising interest rates, raising taxes, and by reducing government spending. Higher interest rates encourage saving and discourage risky investing, lending, and borrowing. Higher taxes create a budget surplus that can later be used for benefits programs. Reduced government spending encourages maximum employment in the private sector and efficient allocation of funds. These are good economic decisions, but they are bad political moves. High taxes and interest rates draw the ire of Wall Street and its conservative votes. Reduced spending affects public institutions and their liberal votes. The goal is for the government should be to create a budget surplus and then use it to jumpstart the economy during downturns. This is politically painful for both the left and the right, and it costs votes. That means no one on either side wants to do it. When you run a business one fiscal quarter at a time, and when you run a nation one election at a time, good fiscal  and monetary policy become a sort of leaky roof problem. You can’t raise the funds you need when everyone is unemployed and broke, but you don’t need social safety nets when everyone is employed.

All-tax-cuts-all-the-time is bad fiscal policy. All-government-spending-all-the-time is also bad fiscal policy. If the government can’t raise funds by taxing, it has to raise them by borrowing (from China!) which is also bad fiscal policy. In this process, we as the electorate have to understand where we are -as a nation- in the economic cycle. I guess this would be a good place for the media or the education system to help the process, but media is a private industry where celeb gossip is more profitable than macroeconomics, and education is a money pit for taxpayers.

Unfortunately, you can’t fit that message on a bumper sticker, and my Facebook feed seems to only have enough attention span for clicktivism.

Am I a Feminist?

During a discussion with my wife, I said to her that I am not a feminist, and therefore “I don’t speak feminist” meaning that I lack the emotional and/or intellectual sophistication to understand some of the issues that I read about. My wife disagreed with me. Her argument was essentially that because I believe that women are equal to men, that I meet the minimal criteria for being a feminist. While that is flattering, I think that there is way more to feminism than equality. Yet, it is a conversation that I am not really invited to participate in. Her counterpoint was that I was only listening to the extremists. While she certainly has a point, that the extremists certainly derail the conversation, it is my opinion that her position is predicated on a definition of feminism that has become outdated.

By outdated, I mean that equality between the sexes is a goal from a different time. My mother is an old-school 80’s feminist. She was a healthcare exec, until she changed careers to education where she moved up from professor to chair of her department. She did her best to balance being my mom with being executive director of… whatever it was. When my mom was working on her Doctorate while I was in High School, sometimes I had to make my own dinner and/or find my own rides to things like Karate class. Sometimes my dad made dinner and picked me up from Karate, his work schedule permitting. I understood that my mom was way more than just a wife or mother. Her career was a big deal, same as my dad’s, maybe even more so.

I have done my best to treat my wife’s career and education with that same respect, and to support it where ever possible. I shuttle the kids around when she needs me to, I cook dinner, and that sort of thing, work schedules permitting. I don’t help around the house as much as I should because even though it’s a responsibility that we both share equally, housework sucks and I hate doing it.

While I might qualify as a feminist by my mom’s definition from the 80’s, this isn’t the 80’s. There are many more women’s issues being discussed today that go way beyond the workplace or family roles. These are issues that my mother probably dealt with, but they weren’t part of the mainstream discussion on women’s issues that I was exposed to. Today the national discussion is more of a debate, and I seem to be on the other side. Maybe that has to do with changes in the media landscape (since broadcast media has taken a back seat to the Internet) but I guess it also has to do with the advancement of the cause of feminism. Getting women the vote is a done deal, a lot of progress has been made in the workplace (the wage gap notwithstanding), and so the leading edge has been directed at additional issues.

The debate, as I understand it, breaks down like this:

  • One the one side you have modern feminists, advocating for various forms of positivity, speaking out against various forms of shaming, and trying to expose deep cultural problems in our society. There are also some, the extremists that my wife was referring to, who want men to basically be quiet and let the the feminists do their thing. They want men to “stay in their own lane” so to speak.
  • On the the other side, you have men. There are neckbeards who are trying to join the conversation, presumably so that they can get laid, the “nice guys” who can’t get laid, and the Men’s Rights Activists who think that all feminists are just man-hating lesbians who are trying to take away their… freedom I guess? Or maybe their dicks? I don’t really know. Those dudes sound like a bunch of whiny bitches to me 🙂
  • For the most part, I try to stay in my lane, but sometimes I feel like that is being silently complicit with the extremists on either side. Maybe that is the problem with the whole debate: there isn’t a place in it for a fairly rational guy.

In her blog post defending Stephen Amell, Chrisha raised a brilliant point, which is that there is no social justice equivalent of a GLBT Ally. In that conversation, straight people don’t have to “stay in their lane.” They are invited to be part of that conversation, but outside of GLBT issues, terms like “white knight”, “mansplaining”, and “cultural appropriation” keep the conversation limited to those who are oppressed. Personally, I think that does little to educate would-be oppressors, but that’s really none of my business 🙂

NOMB

listening_to_meIn the social justice/oppression food chain, I am basically an apex predator. I understand why marginalized people probably don’t care what I have to say, but hey, this is my blog, so I get to do the talking. So my question is this: what -if anything- qualifies a straight male as a feminist? And, if nothing qualifies him to be a feminist, then why doesn’t feminism have its own version of the ‘ally’ designation?

The FBI asking Apple to Backdoor an iPhone is a Rubicon for Privacy

The US District Court of California has asked Apple to backdoor a locked iPhone for the FBI. This isn’t a request to unlock a single phone, this is a request for Apple to build a tool that lets the FBI circumvent the security on the iPhone… as in basically all iPhones, which will then set a precedent for all smart phones.

“Make no mistake: This is unprecedented, and the situation was deliberately engineered by the FBI and Department of Justice to force a showdown that could define limits our civil rights for generations to come. This is an issue with far-reaching implications well beyond a single phone, a single case, or even Apple itself.”

In case this is your first time reading about why government mandated back doors are a universally bad idea, here is the quick list:

  1. A digital backdoor, much like a real back door, can be used by anyone, not just those authorized to access it. Back doors make excellent targets for criminals, spies, and other bad actors. These things get discovered, and then they get misused. If you are a criminal, and you are looking to steal data, knowing that there is a backdoor in a system lets you focus your cracking efforts.
  2. Encryption is only good when it’s secure. Insecure crypto is worse than useless because it creates a false sense of safety and control. This is why Digital Rights Management technologies never work. No matter how you slice it, a purpose built entry point is a vulnerability. Once you introduce a back door, or a “Golden Key” it invalidates the security (and value) of the entire system (see point 1). An insecure phone just isn’t worth as much as a secure one.
  3. The bad guys you are trying to catch are bad guys. They don’t give a single runny shit about government regulations. This means that the bad guys who use crypto will simply switch to new illegal tools that don’t have back doors. When the SOPA bill threatened to block DNS for sites accused of piracy, tools immediately began to surface that would defeat the blocks, before the bill was even voted on.
  4. In the case of criminals, government mandated back doors would create a market for secure tools. These tools wouldn’t be Made In America like the *iPhone. Back doors would devalue the iPhone (see point 3) and add value to technologies that aren’t made in the US. Meanwhile, Federal Law Enforcement still couldn’t access phones that belong to terrorists. All the damage done by this would be collateral because the only people affected by this mandate would be innocent bystanders.

There are *tons* of other reasons why back doors are bad, but those are the top 4. Cory Doctorow sums the argument against back doors fairly succinctly in an article in The Guardian:

That’s really the argument in a nutshell. Oh, we can talk about whether the danger is as grave as the law enforcement people say it is, point out that only a tiny number of criminal investigations run up against cryptography, and when they do, these investigations always find another way to proceed. We can talk about the fact that a ban in the US or UK wouldn’t stop the “bad guys” from getting perfect crypto from one of the nations that would be able to profit (while US and UK business suffered) by selling these useful tools to all comers. But that’s missing the point: even if every crook was using crypto with perfect operational security, the proposal to back-door everything would still be madness.

The Law Enforcement community declares war on crypto in one form or another once or twice a decade. Every time they do, we as digital citizens need to stand up and say “NO!” They will keep trying, and we have to keep fighting, every time. It really is that important.

*The iPhone isn’t made in America either, but Apple does employ Americans around the country. Russian mobsters or Romanian cyber-criminals presumably don’t employ many Americans.