Clearwater reduex 

I’ve written here several times about trout fishing at Clearwater Lake, and today was the second trip this season for Sam and I to head out. It’s always great fun and camaraderie, even when the fish don’t cooperate. We each landed a few, missed a few more, and dodged our own flys on the back cast as the wind was howling most of the day. It was warm, tho, actually unseasonably hot, near 80F. I started casting a Chili Pepper, finally found a willing trout. Though these are all annually stocked trout, it’s anything but “shooting fish in a barrel” as these guys can be hard to hook…

Joel’s first fish of the day


I tried for the “Clearwater trifecta” of a trout, largemouth bass, and a bream. I caught the largemouth but never landed the bream. Sam worked hard and finally connected using size 20 midges under a a CDC.

Sam connects!


Thanks to TU and the YMCA for making it possible for me to catch trout 15 minutes from my driveway.

First reflections on the Echo Dot

My last visit to see Jason, Jenny and Sierra was more expensive than usual. We came back and bought a yogurt maker and an Echo Dot after seeing both in service there. Well, they are both pretty cool and cheap, really 😉
I want to talk about the Echo Dot here; we’ll do a review of the Dash yogurt maker later, after we eat the first batch of yogurt. We’ve had the Dot for about 36 hours, so we’ve not done extensive integration yet, and I don’t have a lot of smart devices to control. However, I can say that I’m pretty impressed with the Alexa service and the Dot hardware.


The Echo Dot is a tiny device with few external controls. Setup was very easy through the iOS app. Just, plug it in, connect to the Dot’s ad hoc network, set up the Wifi credentials, log in to Amazon, and that’s pretty much it. Alexa recognized both my voice commands and Jan’s out of the box, with no training. Hooked up Pandora, connected to a Bluetooth speaker, tried TuneIn Radio, weather reports (had to set zip code as by IP address it thinks we are in Winston-Salem), sports, alarm, kitchen timer, etc. The Echo Dot works well from across the room when addressed in a natural voice. Kitchen commands will be very handy when you need some information and your hands are greasy. 

Alexa doesn’t have the sense of humor that Siri has, tho! 

Tonight I set up the “Todoist” app, which manages todo’s, shopping lists, etc. I think this will be very useful. Todoist syncs very quickly, with a shopping list item or a todo appearing on the app on my iPhone or Jan’s iPhone within seconds of the voice command to Alexa. I have enabled a purchase PIN so we don’t accidentally buy anything from Amazon 😉

We’ll take it to the beach next weekend and try integration with the Nest thermostats there. 

For $49.99 this is really cool, and I can see why Ford is putting Alexa in cars in 2017/18. I’m getting used to saying “Alexa, play smooth jazz on Pandora, please” and “Alexa, stop” when ready to turn it off. This is the best “tech toy” I’ve seen in a long time!

Macroeconomics 101

Disclaimer: I am not an economist. But I did take a few Econ courses as an undergraduate and I’ve read Keynes’ General Theory 😉 The opinions herein are mine…

The scenario: We, the consumers, like cheap stuff.

Take cars, for example. We want more goodies on our cars, and they are getting expensive. Car manufacturers say, hmmm. If I put a plant in a country where there’s less expensive labor, I can hold down costs. Plant moves, some jobs lost, but there is more spending since cars are now less expensive, and other jobs created.

Fast forward: For whatever reason, we want to impose 20% import tariff. Now cars cost more, because we, the consumer pay this tax. Spending drops on other goods and services, jobs are lost.

But wait, car manufacturers could bring jobs back. Yes, but higher wages mean a more expensive car. Spending still drops on other goods and services, jobs are lost.

Car manufacturers say hmmm, with tax break on investments, I can build new plant with robots replacing even more jobs, and cars will cost somewhat less, but likely more than before. Especially with that big tariff removed, a 10% increase looks good. But, now, we still don’t have jobs, the car manufacturers have bigger profits, paid to shareholders who buy luxury imported goods…

Clearwater, winter 16-17, first trip

One of the great things the local TU chapter does is to work with the local YMCA to run a winter trout fishery. They put 2000 trout in the ~5 acre lake in October, and again later in the season. This gives us piedmont residents the chance to catch trout 15 minutes from home, rather than 2 hours! Today was gray, overcast with temperatures in the low 40’s and spitting rain, but it was one of the two dates Sam and I had booked this season so off we went. I started quickly, catching a nice rainbow less than 10 minutes after getting to the lake. I’d have to wait awhile for others, but we caught fish throughout the day…not fast action, but each of the 7 anglers caught several. Sam and I each netted 8 or so nice fish, with other break offs and missed strikes. A great day! We used nymphs, dries and streamers. It varied throughout the day. No discernible hatches, so catches were a matter of getting the fly in front of a cruising fish. You might think this is like shooting fish in the proverbial barrel, but not so! These can be very tough fish to catch, especially when they zero in on hatching midges, for example.

Looking forward to next time!

Sam with a rainbow

Sam with a rainbow

Joel with a nice fish, too

Joel with a nice fish, too

Closeup of a typical stocked rainbow

Closeup of a typical stocked rainbow

Technology rollup report…

Today’s the first hard freeze we’ve had this year.  It’s maybe a little late…our first frost average is late October (the 23rd for Chapel Hill, with a standard deviation of 10 days), and we’ve had some light frost 3 or 4 days already), but this morning was down in the mid-20’s. So it’s a good day to sit around until the sun gets warm and “farm” some of my technology…updates, catchup, etc.

I host (but don’t curate) a website for the Boy Scout troop I used to run (Troop 449) and they Committee is starting a cub pack, and they wanted to reserve the domain, which I ordered up. I realized that the troop’s website hadn’t had a software update in a while (someone else *should* have been doing that) and I needed to update several things, including configuring the automatic backups (always backup before an update!). Had to re-remember how to set up Google Drive APIs for the upload – I’ve done this for several websites that send file backups to Google Drive, but seems like the Google API UI/UX is different each time I go there. Have plugins to update on several other websites, so I’m doing that. Needed to review my other domain names to make sure I still needed/wanted everything there. Needed to double-check the PHP version settings. Checked on another domain name I’d ordered; it’s one of the new ones, a “.blog” that won’t be ready until 11/21.

Last night I set up a new printer. I had an old Xerox phaser 8560 that was about 10 years old, and it wouldn’t print cleanly any more, the nozzles that deposit the melted wax (it uses the crayon-style media) were clogged in places, meaning colors were funky. Still printed black, but took forever to warm up, used a lot of power, etc. Replaced it with a little Brother 3140CW color laser for $170. Supports AirPrint, Google CloudPrint, plays nice with Macs w/o external drivers. Was a very easy install, runs fast and quiet, rated for ~19 pages per minute.  I looked at fancier devices but we print very little these days…however sometimes we do need to print and this will take care of things nicely. The old printer could handle AirPrint thru a shim on the iMac (Printopia) but this is simpler and much quicker.

Lots of other things going on, have a Raspberry Pi 3 that’s fun…a gig of memory and a 32 gig microSD, and builtin WiFi and Bluetooth. A lot faster and more capable than my old 1 gen Pi B (both CPU speed and memory). What a heckuva Linux box in a pack (with case) the size of a deck of cards. The IoT is going to be fun but will be lots more things like the DDoS on Dyn back in October.

Speaking of hacks and protecting devices, I am now running Webroot on my Macs for antimalware. Seems to be a good fit, lightweight and fast, tho I think that the PC version is more efficient. Does reputational check on web links, which is good, as phishing, spear phishing, etc. can catch the best of us. Also just licensed Webroot for the small software firm I work part-time for; it has a nice management console in the business version.

So that’s  enough for now.  I needed a blog post and this is the best I could do this morning 😉

Mobile HAM radio in the truck

I’d noticed that as the summer had come on and the trees had leafed out, my ability to reach some local 2M repeaters was impacted, using my 5W HT and a roof mounted magnetic antenna. For example I was having significant issues accessing the Durham “TV Hill” repeater (fine in the winter), though the newly reinstalled OCRA 70cm was fine, albeit configured much higher and sitting much closer to Chapel Hill. So I decided to install a standard mobile rig. I’d wanted a Kenwood 710G but they are just too pricey, so I opted for a Yaesu FT-7900R. Basically, no fancy APRS stuff, but I’m less enamored of that as time goes on.

The 7900R is the basic “workhorse” dual band, 50W on 2M and 40W on 70cm. One thing I liked about it though was the fact that it came with the transceiver/head separation kit, which was good as I didn’t really know how I wanted to mount it, as my truck has a full complement of electronics and no room for other devices. I didn’t want to drill any holes, but I wanted a nice looking install. A tall order!

So where to put things and how to run the wires?

The transceiver is tucked up under the crew cab back seat, behind the driver’s seat. It’s about the size of a small paperback book, and just sits on the carpet out of the way. I had to pick up some extra 12 guage DC power wire (12′) since the battery in the Silverado is on the passenger side. I ran the power wire via a technique I found googling, going thru the fender, not the firewall, and then thru a small rubber grommet near the emergency brake to get into the cab. I reinforced the fender passage with copious electrical tape. Then pop up the plastic trim along the cab edge to run the cables. I soldered and taped my extension to the supplied power cable, running to the transceiver, and in the opposite direction, the head separation cable toward the dash. For the head (like a small cell phone), I got a clamp mount that sits nicely on the corner of the dash on the left of the driver. Left enough cable there to easily move it around, and unplug and put out of the way when needed.

So what about an antenna? I decided on a Larsen thru-the-glass mount on the cab window behind the driver, after reading about successes there. I was concerned about its efficacy but it seems to work great! Dropped the RG58 down behind the seat.

I ran the speaker extension cable from the transceiver to coil it under the driver’s seat, where I could, if desired, plug into the infotainment system. However, the built in speaker is actually pretty effective.

Have programmed repeaters into the radio and done some tests, reports indicate good audio, and I’m happy with the way it all looks. So far so good, and no holes in the truck 😉

The only issue? Somewhere under the hood of the truck is an small socket wrench adapter that “got dropped” during the process…

Panama Papers breach

The Panama Papers data leak has already snared many rich and powerful folks who have been using questionable means to hide wealth beyond taxation and scrutiny. However, that’s not what I want to write about here. I certainly find the abuse of wealth and power to be an issue, and much ink is being spilled on this. I want to focus instead on information security, and in particular, the vectors likely used to extract the data from the law firm Mossack Fonseca. What happened here was not some sort of uber-secret hacking, but was a simple process of exploiting well known vulnerabilities in WordPress plugins and in a particular version of Drupal core that was found to have severe vulnerabilities in October 2014.

wordpress-logo-notext-rgb

WordPress and Drupal are both extremely popular content management systems (CMS). Your correspondent runs several websites using both these systems, and this blog runs on WordPress. Both systems are robust, reliable, and have huge ecosystems of “plugins” or “modules” that can be used to extend basic functionality of the system in a myriad of ways. These extensions provide visual appeal (image sliders and other tools), spam control, and even database functions for storing information about the user community.  If you can imagine it, someone out there has probably written a WordPress Plugin or Drupal Module that can help you bring that functionality to your site. However, with great power comes great responsibility 🙂 .

One of the banes of any technology system is maintenance and patching. This can be to fix bugs, to add functionality, or, increasingly, to patch the seemingly never-ending list of security holes. WordPress and Drupal are no exception, and in fact, both are big targets. Of the two, WordPress is far more prevalent, with over 75 million sites and growing rapidly. Drupal runs one million sites. From a security exposure perspective, WordPress is in my opinion a bigger problem. WordPress is extremely easy to install, and takes much less study to create interesting sites than does Drupal, and as such, many sites are set up by individuals and groups who don’t appreciate the rigor of site maintenance.  I’m not writing this post to favor WordPress or Drupal.  I like both, and both have strengths and weaknesses. This brings us back full circle to what happened with Mossack Fonseca.

In a word, the problem was maintenance. The likely vector that lead the Panama Papers hackers to Mossack Fonseca’s email servers was thru unpatched and well-known vulnerabilities in WordPress plugins. The Drupal exposure likely led to client documents, and could have been a bit more forgivable from an IT perspective, as the exposure was from the core weakness in Drupal versions prior to 7.31, a part of the “Drupalgeddon” exposure of huge numbers of Drupal sites…except that Mossack Fonseca is still (at the time of this writing) running Drupal 7.23 from August 2013!

Wordfence, an organization that provides security plugins and services for WordPress, has done an excellent writeup of how the Panama Papers hacks unfolded, and it’s well worth a read, especially if you are responsible for either doing website maintenance or if you are concerned about the security of the sites you or your organization run.

The sad fact is that it’s just so easy to do maintenance on both WordPress and Drupal that not maintaining sites is highly unprofessional. Wordfence provides an excellent plugin  that notifies you when a monitored site needs a core update or plugin update. Many updates can be configured to run automatically. Running manually is a simple matter of logging in and then doing a couple of clicks! Drupal is just about as easy, though a Drupal core update is a bit more involved than a WordPress core update, currently needing a separate program (Drush) to handle the core update.

Maintenance of websites is a necessary job, just as is maintenance of any other technology asset. Think of it as changing the oil and checking the tire pressure in your car. If you know how, do it yourself. If you need to hire someone else to do it, then do so…but ensure that it is done, or you and your company may wind up in the news one day…

HF Ham!

I’ve neglected my blog for the past couple of months, with no posting since January.  We had a great time on our cruise to the eastern Caribbean in February, so my excuse it that I was having so much fun I had no time for blogging 😉 .

However, I did want to chronicle my success with moving to the world of 6M and HF Ham radio. I posted here in January that I’d upgraded my antennae for my 2M/70CM radio, and I’ve been doing a lot of communication on the 2M band, including becoming a regular participating member of the Possum Trot Net, Possum number 3571! I wanted to add the capability to use high frequency (long distance) bands to communicate to more and different communities.  I added a Yaesu FT-450D radio with a 7-band Buckmaster OCF dipole antennae to my “shack.” I plugged it in Monday of last week and tried to communicate with the local 10M net, but did not have any success in transmitting though I could hear the net traffic. Don’t know if there was just a pileup, or something with local conditions. I reached out to a local Ham to give me some assistance and coaching. KM4MDR came over today and spent a couple hours with me, validating the SWR of my antenna with his MFJ analyzer (it did very well on the supported bands, ranging from 1.2 to 1.8), and showing me a few tuning tricks. I’m very appreciative of John’s help! We participated in the 40M 7.772 Ragchew and talked to Net Control in Maryland, and talked to the 20M 14.300 Mobile Maritime Net (you don’t have to be a boat to participate!) Net Control near Houston TX.  Signal reports were good. So, great success, and now I can operate with the confidence that I can hear and be heard.

More Ham fun

I wanted to be able to reliably reach the local VHF/UHF repeaters, so I bought a 2 meter 1/2 wave antenna to mount outside the house and hook up to my handheld radio. It came over the weekend, and I installed it this afternoon. The antenna itself is a set of wires of specific lengths and impedances that you mount in 5 feet of PVC pipe. I hooked it up with a large diameter low loss cable, and used an adapter to connect to the SMA plug on my handheld. Works like a champ! I’m now able to reliably key repeaters 15 miles away with the 5 watt handheld.  I talked to a fellow Ham this evening via the repeater (W4AGC 2M on TV Hill in Durham), and he said I had excellent sound quality with no distortion. Also, was able to successfully test out an IRLP connection via the W4AGC 70cm repeater to my “beach” repeater in Newport, though my new Ham friend from Harker’s Island, KM4NRZ, didn’t answer. Also did a test of an IRLP reflector node, and heard my voice come back. Cool!

Clearwater 2016, v1

As my (one or two?) regular readers know, I like to visit a local “lake” that the TU chapter stocks with trout for a winter fishery. Let’s see, trout, hanging out with a few fellow anglers I don’t see often enough, only 15 minutes from my house, what’s not to like?

Joel netting trout

First fish of the day

On January 9th, I had one of my two seasonal visits to Clearwater. The fishing was slow, as recent rains had muddied the lake, but all the 8 anglers there each caught a handful of nice fish.  I caught mine on egg patterns, a fly that I’ve historically used in the winter with great success, but not at Clearwater. Great fellowship, and always fun to hang with my fishing buddy, Sam. Already looking forward to the next trip there!

Joel releasing a big trout

This one put a nice bend in the rod

TU said that they put a lot of browns in the lake this year, but I didn’t see any. Maybe next time.