Category Archives: Log

Favorite Things

Posted on by
Reply

As I grow older I find simple pleasures sometimes have a resonance that I previously discounted. The younger me never thought very much about hobbies, pursuits, and things I could do all by myself as being worthy. But then age started to creep up on me, I’m 43 years old now, soon to be 44 years old.

The things I enjoy now fill me with a certain considerable thrill. I’m taking care of myself. I call it self-care and it’s very good for me. It also fills me with a twinge of regret, that I didn’t pursue this when I was younger. The past is window dressing and set design, so we don’t spend any time or energy on it. You cannot change the past, you can just forget it. A funny touch of irony is that as you frequently access memories, you damage them, so a painful memory left in the dark and never recalled is fresh, while a memory that is replayed and remembered has more resemblance to Frankenstein’s Monster than a real memory. Each time you dig up the past, you start stapling new things to it. Funny that the way to destroy the past is to pick it up, drop it, and pick it up again. Recall it, frequently. You can enhance this effect by starting to drag creativity into it as well. Perhaps an awkward conversation was awkward because you were wearing clown shoes? Maybe. Over time, the doubt that they weren’t clown shoes erodes and you’ve turned your painful memory into an absurdity. In the end, there is less and less emotional resonance with absurdity and the memory dies. Getting back to the present is the key, in fact, it’s only in the present that you can really live. The future won’t happen the way you think it will, the universe is perverse in that manner.

The things I enjoy now are taking care of myself. Being possessive of my time, what I spend it on, and selecting people in my life that are important. Important for me to be in their lives, or them to be in mine. All of life is an elaborate script, with people dancing on stage, cavorting for a time, and then dancing off, exeunt stage left, pursued by a bear. I’ve recently come into new projects, and one of them is growing this beard. It’s a feature, it’s a project, it’s a hobby. I never thought I would do this again, the hair coming in super curly and having to put up with the commentary on my appearance. Perhaps age has led me to a kinder growth pattern, or perhaps it is hormonal, as I age. But I am truly and madly enjoying the feeling of having it, and the occupation of caring for it. Nothing quite like enjoying a thuroughly strenuous workout, getting squeaky clean afterwards, and then sitting back with a glass of fine bourbon on the rocks while I slowly work beard oil in with my boars hair brush. Twinges of itch fading as the oil moisturizes both my skin and my new facial feature. What used to be wiry and chaotic is now soft and orderly. I haven’t found the silver bullet that does it all for me, but I have found many excellent efforts. These options have created a new pursuit, a new hobby. Every day it’s something new, different combinations of balms and oils, and if you get close enough, you might catch a scent that already has gotten compliments. I think that it might be one of the most unexpected parts of this entire thing, patently that nobody really bats an eye at me with such a prominent feature now, but that they comment on the scent without really understanding what it is. They enjoy it, and that makes me chuckle with satisfaction.

The older I get, the more I wish I had started sooner. I suppose the only real advice I could give anyone who was seeking it would be an appeal to the Golden Rule, and to start as young as you can with jealous levels of self-care. Nobody really will care for you as much as you will care for yourself. Find things that put a bounce in your step, make you look forward to the mornings, the afternoons, and your evenings. Things that don’t involve other people to play the part of gatekeeper, but within yourself be the gateless gate. Don’t seek happiness from without, but rather assert happiness from within and kindle the flames as best you can with your own efforts. We all have firewood, metaphorically speaking, and many of us have a rain-soaked woodpile that refuses to burn. You can’t really start a fire even with kindling unless you spend a lot of time either holding the flame to the wood or drying it out. The only way to dry your kindling is by keeping it covered and letting the air get to it. In this metaphor, life only gives you what you can handle, when your woodpile or your kindling is nice and dry.

The ice is nearly gone, the bourbon is nearly out and there is little more the brush can do other than scratch the itching that growth like I have sometimes brings about. Find something you love, cultivate it, and respect life for what it was always meant to be, to quote Brandon Sanderson in his Stormlight Archive books, one of the most fundamental ideals is Journey before Destination. Spend a while with that little phrase, see where it takes you.

Cisco AMP for Endpoints

Posted on by
Reply

Several months ago we bought into Cisco AMP for Endpoints. There was a lot of work right after that, so we set up the management account and put it aside. Months later, I felt a little awkward about it, so I thought I would devote my April to Cisco AMP for Endpoints.

I just uncorked my AMP for Endpoints account, for this post and going forward, when I write AMP, I mean Cisco AMP for Endpoints, because it’s a mouthful. AMP itself seemed forbidding and difficult, but then once I started working with the site, configuration wasn’t that bad. I decided to test AMP in my environment by starting a “Factory Fresh” copy of Windows 7 32-bit in VirtualBox on my Mac, with 4GB of RAM assigned to it. A standard humdrum little workstation model.

I downloaded a bunch of starter packs, including the “Audit” model, the weakest of them all. I installed it on the workstation and the site responded well enough, noticing the install. As I was working with the system, I noticed that AMP complained that the definitions were out of date on the client, so I went hunting for a “definition update” function. There isn’t anything the user can trigger, you have to wait for it. Oh, that’s not good.

So then I had AMP on the test machine and I thought I would try to infect it. So I found a copy of EICAR, which is a sample file that all these technologies are supposed to detect and find hazardous. Symantec Endpoint Protection (SEP) sees EICAR well enough, and really gets upset by it, immediately stuffing it into Quarantine and sending an alert. AMP also detected EICAR and because it was in Audit mode, just sat on its hands. Which I expected.

So then I found a bunch of sample malware files on a testing website, because while EICAR is useful for basic testing, it’s as relevatory as a knee-jerk reflex. It’s nice to know there is a reflex, but it’s not the same as an actual malware infection. I opened the ZIP file, typed in the password and all these malware samples came spilling out into the downloads directory. So, a workstation that is quickly becoming filthy. That’s my use-case for AMP.

So after “infecting” the computer with the files, and the tamest model, which is just to have them in a folder, I went to AMP and told it to switch the model on the test machine from Audit to Triage. That took almost twenty minutes! Are you for real on this, Cisco? Twenty minutes!!!

So I knew what I had on this workstation, but I pretended that I was the admin on the other side, with an unknown workstation connected, reclassified with Triage and waiting. I knew that the computer was infected, and as the admin, “not knowing what is going on” with the endpoint, I sent a scan command. This is the worst case scenario.

On the AMP side, I didn’t see anything at all. I panicked around looking for any hint that the AMP system recognized my scan request, and so I sent five more scan requests. Obviously, one scan request should have done it, but I wanted to make sure that I worked around even an imaginary screw-up in Cisco over scanning. Nothing. Workstation just plotzing along, infected files just sitting right there in the Downloads folder, just waiting for double-clicking end-user to make a tame infection a wild one.

Obviously this is the worlds worst scenario, one were SEP somehow is gone, not installed, or somehow lost its marbles, leaving AMP on its own to run defense. Scan! Scan! Scan! — Nothing at all. AMP just sits there just merrily SITTING THERE. Like shaking a coma patient, is very much what it felt like.

So then I started with the Help feature, request help, okay, I knew how this would go. This would lead to TAC. God help me. Cisco’s system didn’t know what AMP was, hahahahaha of course not. But there was a chat system in a teeny tiny little button, so I tried that. Someone! Hallelujah! They found my contract and linked it up, and started a case for me. When I went back to the test system, AMP had done it’s work. FINALLY. It only took twenty minutes! A lot can happen in twenty minutes. How many files could have been ransomware-encrypted in those twenty minutes?

So now I await a response from Cisco TAC. During the chat I declined the entire phone call angle since Cisco TAC people cannot speak English, or at least, I cannot understand their speech. So I told them that I would only communicate over email. So lets see what TAC has to say. We spent a lot of money on this, so obviously I’ll likely deploy it, but man, I am sorely disappointed in a system where every second counts. On reflection, Cisco AMP for Endpoints was probably a mistake.

Pete Buttigieg Donation

Posted on by
Reply

Everytime I see Pete Buttigieg or hear him speak I am overwhelmed with awe and respect. He isn’t spending time listening for reply, there is no wool gathering, and he isn’t lying.

He may be a longshot, but so was Obama, and he won. So I plunked down $25 for Pete Buttigieg through actblue.com. I have also decided who I want to win the Democratic primary and the presidency of the United States.

Who does he pick for VP? Beto O’Rourke, Elizabeth Warren, or even Joseph Biden. That’s his decision in the end, but anyone in that set would do very well.

Nowhere To Go

Posted on by
Reply

I sat at home, looking outside the big picture window as tiny flakes of snow fell from the slate sky and thought about my day. Where to go? To go? Lunch? Where?

Then I got over it. There is nowhere to go. There are no destinations out there where I could find anything that I want. What I want is lost to the past. Again I find myself fondly recalling “The Spot” coffeehouse in Buffalo. It was immense, comfy couches and chairs, and a central ebony bar where you could order any beverage as long as it was tea or coffee based. That’s where I want to go. So of to Yelp to see what is available locally.

Give me a break. Everything is either in run down factory space, which means derelict paper plant shipping skids repurposed into shops, with benches and uncomfortable seating arrangements, with expensive blown out menus — or a chain. Chains serve a purpose but they are not, and never will be, destinations. They are locations of opportunity.

So, lunch at home. Entertainment at home. Everything is here, why would I leave? So I’m all dressed up and have nowhere to go. And the key is to make peace with that. To make peace with the inaccessible past. To let it go and accept the boring and dull crapscape before me.

Thank goodness I can cook for myself! I’d be lost otherwise. The only reason to leave will be to fetch Scott at 5pm. That’s it.

Dinner Designs

Posted on by
Reply

Tonight we shall have Colcannon for dinner. I can’t believe that it took me this long to discover such a fundamental Irish dish!

This will give me lunches for the entire week. Also used up two gnarly segments of cabbage (with the oxidized parts cut away), and put another dent in the porkbellies that I froze weeks ago.

Enjoying a rather strong Bloody Mary as well.

Strategy to Inbox Zero

Posted on by
Reply

Earlier in the week I had talked to a friend about my unmanageable email pile in my Inbox, about 78 pieces of email just sitting there, dwelling on the edge of my consciousness and weighing on me. Is there something there that I should take care of? Did I miss something important? So I started to chat and to do some research.

There are many strategies out there, and I adapted them for my own use, and so far it has worked out marvelously well. Here’s how I process my email:

  1. Create sorting folders. I created a host of new subfolders in my work email account which runs under a hosted version of Microsoft Exchange. Because folders sort alphabetically, I forced the sort using number indexes and dashes.
    1. 1-Email Management
      1. 1-Today
      2. 2-This Week
      3. 3-This Quarter
      4. 4-FYI
      5. 5-Toodledo
      6. 6-Done/Sort
    2. 2-Help Desk
    3. 3-To Evernote
    4. 4-Barracuda
    5. 5-Syslog Alerts
    6. 6-ATP
  2. Then I sort the Inbox into the “Email Management” folder structure. If something has to be done today, it goes to 1-Today, and so on and so forth. My first consideration is the due-date for the item in my Inbox. If the item is purely informational, it goes into the 4-FYI box.
  3. I have rules set up in my email application, which happens to be Apple Mail. If I get email from Toodledo, my favorite To-Do system, they are moved into that folder. Anything from my Spiceworks Ticket sytem ends up in the 2-Help Desk folder. The messages from my Barracuda backup appliance end up in the 4-Barracuda folder, all my incoming Kiwi Syslog alerts end up in 5-Syslog Alerts, and finally the Advanced Threat Protection from Hosted Exchange reports get filed in 6-ATP. Rules are a huge part of keeping your neck above water when it comes to emails. There are a lot of purely informational emails that have zero urgency and very low importance, you want to keep them to go through them, but they don’t need to clog up your Inbox. Rules can help you sweep a lot of these away automatically. Always flag your junk mail, review that occaisonally to drag it for any false-positives.
  4. If an item is a request for help from work, and it didn’t come in as a ticket originally, those need to be pushed into the ticketing system. Thankfully Spiceworks allows you to forward emails into the ticket system by sending forwarded mail to whatever mailbox you’ve configured for the Spiceworks system. There are a litany of hashtag controls you can place in the email body to configure how tickets are arranged. My Cisco CUCM system is configured to also kick voicemails to me as attached MP3 emails, if they are requests for help, they likewise end up being forwarded with some extra flavor text to stomp down on confusion.
  5. If an item isn’t help, is urgent, is rather important, and has a clear date and time I will forward the email to my Toodledo using the configured email address on that system. Toodledo has a flag system that works on the Subject line. My preferred method is to alert people to events, include Toodledo as a BCC addressee, and then add at the end of the Subject line this text fragment: @work :1 day #{duedate} where the field duedate is whatever the date is that is relevant. Send it, forget it, it’s in the Toodledo list.
  6. The next step is to cycle through folders in Email Management, starting with Today and then reviewing all the rest. The Today folder is the action items that can be done today, or are due today. After completion, simple things are thrown away, but anything more elaborate or anything that touches on CYA gets sorted into the 3-To Evernote Folder.
  7. Evernote is a bottomless notekeeping system that I also use, and I leverage Evernote as a destination for all my CYA emails, and each quarter the extracted Sent Items from my Exchange account. I don’t trust Microsoft at all, I’d rather keep things in Evernote. Microsoft has a 50GB quota, Evernote does not have a quota. At the end of each week, I have a “Sharpen The Saw” task in Toodledo that I run, and a part of that is running along the structure in the 3-To Evernote folder, which includes all the emails across the branches of the company I work for, and all the vendors I have relationships with. Every Quarter, I search for all the emails for the previous block of time, soon Q1-2019 will be over so I search for all Q1-2019 emails and also move them into Evernote.
    1. The Evernote move is accomplished in two steps. The first step is to extract all the attachments out of the emails in my Exchange account, I use Mac Automator for that purpose, and here’s how it’s configured:
      1. Get Selected Mail Messages – Get selected messages.
      2. Get Attachments from Mail Messages – Save attachments in: “Attachments”
    2. I then run the Automator workflow, and all the attachments are put in a folder on my Desktop called Attachments. I then bulk rename them with their folder, a date such as 20190301 (YYYYMMDD), and then select them all and drag them into the right notebook in Evernote.
    3. Then I highlight all the relevant emails in my Mail App that I intend to send to Evernote, and I have created a General Service in my Mac called “Send To Evernote” which is actually another Automator Workflow, called “Send To Evernote.workflow”, that has this content:
      1. Run AppleScript: 
        1. on run {input, parameters}
 -- Slightly modified version of Efficient Computing's AppleScript: http://efficientcomputing.commons.gc.cuny.edu/2012/03/17/copy-email-message-in-mail-app-to-evernote-applescript/
 tell application "Mail"
  --get selected messages
  set theSelection to selection
  --loop through all selected messages
  repeat with theMessage in theSelection
   --get information from message
   set theMessageDate to the date received of theMessage
   set theMessageSender to sender of theMessage
   set theMessageSubject to the subject of the theMessage
   set theMessageContent to the content of theMessage
   set theMessageURL to "message://%3c" & theMessage's message id & "%3e"
   --make a short header
   set theHeader to the all headers of theMessage
   set theShortHeader to (paragraph 1 of theHeader & return & paragraph 2 of theHeader & return & paragraph 3 of theHeader & return & paragraph 4 of theHeader & return & return)
   --import message to Evernote
   tell application "Evernote"
    set theNewNote to (create note with text (theShortHeader & theMessageContent))
    set the title of theNewNote to theMessageSubject
    set the source URL of theNewNote to theMessageURL
    set the creation date of theNewNote to theMessageDate
   end tell
   -- move the email message to archive and make it bloody obvious
   set background color of theMessage to blue
   set acc to account of mailbox of theMessage
   move theMessage to mailbox "Archive" of acc
  end repeat
 end tell
 return input
end run

           

      2. It takes some time, but it efficiently moves the text parts of the emails selected into Evernote, using my default Notebook, called IN BOX.
      3. I select everything in the Evernote notebook IN BOX and move it to where it has to go, the destination notebook within Evernote itself. The messages all end up in the Archive folder, so then after that I hunt them down and delete them out of Exchange. Then empty the trash out of Exchange.
  8. In the end, I have a very slim Exchange account, a well fleshed out Evernote data store where I can search for all my email CYA details that I might need later on, and it also works on the web and over mobile apps as well. It’s very handy.
  9. It only took me a little while, maybe an hour tops to sort my Inbox and get to Inbox Zero. Then the cycling through the subfolders helped give me a handle on both urgency and importance, and I have a far better sense that I am actually on-top of my emails.

 

Whiteboard Secure?

Posted on by
Reply

The first time you start to involve yourself in cryptography you start on a path to suspicion and paranoia. Nearly every discussion about cryptography involves two example parties, Alice and Bob. Alice is always trying to keep secrets from Bob, and these two characters are used to illustrate everything from public key cryptography to man-in-the-middle attacks, and a lot more than just these examples as well.

This entire line of reasoning starts to kindle thoughts about how you go about your everyday life and just how much of your personal data, your privacy, your secrets are all leaking out around the edges. For all the efforts of your own personal Alice, there is a Bob out there, maybe, trying to dig up things you aren’t watching over or never expect.

A portion of cryptography, or more generally espionage in general comes down to the things you leave behind. Some folks think that strip-shredding sensitive papers is enough, while others consider upgrading to crosscut shredding to be the gold standard. For really sensitive papers, I personally have considered the only really effective way to prevent them from being reassembled is through burning and beating with some sort of implement to mix up the ashes. All this is to prevent information from leaking out where you never intend for it to leak out from. A big part of this, and in a lot of film noir detective stories, is phone numbers or passwords written on sticky notes or on a notepad. Sometimes people will write something down on a series-bound stack of papers with something like a ball-point pen, because it’s handy. The ball-point does put ink on paper, but it also can emboss paper below the sheet you are working on, and with a gentle swipe of pencil graphite, the ghost of what was written re-appears.

While I’ve been working at my desk, I got to thinking about convenient surfaces that I could take notes on, which would be handy and easily erased and reused. A while back I stopped at the dollar store and got a nice little whiteboard and a selection of dry-erase markers. Super cheap, super convenient. The whiteboard has proven to be very convenient and useful in my workplace and for $2, a non-issue when it comes to the pricetag. It struck me that this cheap cardboard and plastic whiteboard assembly could also be a very secure way to write temporary notes, say banking details for example. I can write a whole line of values and account numbers, passwords, whatever I like and with a swipe and rub of an eraser rag, whoosh, all of the details are gone forever. As I examined the whiteboard and considered this, I thought of ways that the wiping process could be reversed. There is no embossing onto a lower layer to worry about, and there doesn’t appear to be any order of anything at all on the surface or the wiping rag. So I would at least think on the outset that a whiteboard makes a very fine and secure temporary notepad to write anything on, because once wiped off, perhaps also with alcohol or Windex just to be very careful, I can’t imagine there is any way to unwind the clock on the erasure process. No way to get back what was written.

Now there is no application for this sort of security in my life, other than perhaps writing down account numbers, my SSN, or perhaps the password to some sort of system here at work, but if you are looking for a way to write temporary notes and not have to worry about security – a whiteboard at the dollar store certainly seems to be a solid approach.

Pete Buttigieg

Posted on by
Reply

Last night, on the way back from Chicago we started to talk about the littered Democratic landscape, who was running and who each of us liked. The candidate docket feels like Santa’s List, it just spills on and on and on. Warren, Biden, Beto, Bernie. I have thoughts on all of them, but knew next to nothing about Pete Buttigieg. That was until this morning. I read some more, found a subreddit for him, and watched a clip of him interact with Al Sharpton. I could give or take Al Sharpton, but what the clip contained had enough substance to move me.

I still don’t know who I want for the Democratic candidate, but Pete Buttigieg is climbing the charts.

What I want to see is an interview between him and Rachel Maddow. I respect and trust Rachel to ask really good questions and help us all discover more about this candidate. It’s just a matter of time.