vernon's blog

The Caring Carnivore

Last night, Lauren and I watched Food, Inc. because it was the next thing in the queue. I had put it on the list quite some time ago, but had forgotten about it until it showed up in our mailbox. I know that half the point of the movie is to shock, shame, coerce, cajole, or otherwise convince you to save the planet and shun The Man. In this case, The Man is a few corporate agriculture giants that deliver the vast majority of the 'food' everyone in America eats. We are talking of companies like ConAgra, Monsanto, Tyson, etc.

I think I already knew most of the stuff in the film. I had seen footage from CAFOs before. In fact, I have driven past a few and seen (and smelled) them in first person. I don't care for them at all. The Man does such a good job of distancing our neatly packaged cuts of meat from the terrible places that the animals are raised and slaughtered that we forget about the sickening truth. In fact, the treatment of animals at such places could almost convince me to be a vegetarian. I know some people who are vegetarian for that very reason. But I am not a vegetarian. I am an carnivore. Or more correctly, an omnivore.

This film convinced me that I can do better for myself than what I am currently doing. Lauren and I have been kicking around the idea of getting local meat for a couple of years now. We just haven't done it. But after talking about it after the film, we have decided to be more careful carnivores than we were before. We decided that we would take the money we spent on corporate meat and use it to buy local meat from farmers that we know and trust. Farmers that care about the land and the animals more than the siren's call of corporate cash. We haven't actually figured out what the meat budget was before, but it is a sure thing that we won't be able to buy as much local meat as we have been eating. It's not like we are gorging ourselves on animal flesh every night, but we will certainly have to introduce more beans and lentils into our diet to pick up the slack.

Really, with this change, we are winning on every front:

  1. We will be eating meat more 'in season.' With loads of local, fresh fruits and veggies from our garden and the farmer's market during the summer, we will be eating less meat. The meat will get saved for the lean winter months when fresh veggies are not so plentiful.
  2. We will be eating meat that has a lower negative environmental impact. I admit that meat is not the most environmentally friendly food. It takes a lot of food to raise the animal which could otherwise be used to feed people. CAFO animals also require more stuff: waste disposal, more medications, transportation, etc. Locally grown, grass-fed beef leaves no trace. All the animal waste is distributed by the animal itself (mostly evenly) back into the fields where it acts as organic fertilizer. They don't require as much medication because they are not in such close quarters. They don't need as much transportation since they are grown close to where they are eaten. Less environmental impact on every front.
  3. We will end up eating less meat. According to the movie, Americans eat, on the average, about 200 lbs. of meat per person per year. I don't even think our family eats that much meat per year in total. But even so, a little less meat never hurts. Yes, now and then I get a craving for a thick, juicy steak or a perfectly grilled pork chop. This won't change, but it will mean that it won't happen quite so often. We are a middle class family. That means we can't afford to make the switch to local meat without cutting back on something. We chose to cut back on meat, merely spending the same amount.

At the end of the movie, they try to be motivational and convince you that you can do your part to change (save) the world. Sure if everyone in the world started to only eat local foods The Man would go out of business. I am not so sure that my dime makes that much of a ripple in the world's pond. I don't know how much of an environmental impact our family's decision will make, but if nothing else, it grants me a peace of mind that I am not sure I could find otherwise.

Defeating a Ninja

I was recently asked if I had ever used Ninja on any of my machines. I had not even heard of such a thing. I found that it was available in the Lucid repository, so I installed it and configured it for my system. The two changes I made were to have it constantly poll, instead of waiting 1 second between polls; and to kill the offending tasks, instead of merely warning about them. I whipped up a little back door application that gets root. I ran it and sure enough, it was instantly killed by the Ninja. But how instantly? There is a race there to be sure. I had my w00t process run 'killall -9 ninja' instead of giving me a root shell. Sure enough, my hack was faster than the Ninja. It must only be a wannabe or maybe a Ninja Apprentice. Whatever it is, I defeated the Ninja in less than ten minutes. Without even breaking a sweat.

Ninja may be good in concept, but poor in execution (I'm so punny!!!) The race window that exists is wide enough to easily defeat it. What it needs to do is something along these lines:

1) Run the critical section in the kernel as a kprobe parked on the fork, exec, setuid, setgid syscalls.
2) On each watched syscall, check for escalation and pause execution while we pop out to userspace (probably via the kprobe print functions) and do a bit of testing.
3) If we pass muster, let the task go, otherwise kill it.

This way, we can pause the questionable tasks in the kernel before they get a chance to do anything malicious.

Right now, all Ninja does is make you think you are safe, while really, it does very little for you.

Question and Answer

Today, The Man is any company large enough that they have grown past caring about individual customers. I hate The Man.

I recently felt the need to buy some new jeans. I am a tee-shirt and jeans kind of guy and I go shopping about once every two years to replace the stuff that is wearing out. I was going to go to the outlet stores down in Woodburn, but that is an hour away and I figured it wasn't worth the savings that I would have over just going to the mall. I had a 20% coupon for Eddie Bauer, so I figured I would check them out. I had purchased stuff from them in the past. I tried on many pairs of jeans and much to my dismay, they didn't have the style I wanted in my color and size. So I look online. Out of stock. I contact customer service and get a nice response from one of their agents. It was nice, but not terribly helpful. She said maybe I could try another style. <sarcasm>Oh, yeah, thanks, I hadn't thought of that.</sarcasm> But I don't want another style, I want this style. I reply and ask some *specific* questions, like when can I expect these to be in stock again? She responds, quite quickly, with a fluffy, content-free mail that did not answer any of my questions.

When someone asks you a question, and your only reason for existence is to answer questions, ANSWER THE @#$&%$^$ QUESTIONS!!! Don't reply with "I am sorry you are disappointed" or "Try this alternative" or any of your other fancy methods of circumlocution. Be straight with me and give me the truth. I can handle the truth. I promise. But obviously The Man does not care enough about individual customers to at least feign interest in keeping them around.

Levi Strauss, here I come. But not really with any higher hopes I had of Eddie Bauer. My heart is heavy for the current state of The Man.

AVR junkie paradise

The Teensy
The Teensy
I have been pining for some shiny tiny hardware that would look good in the CW (Morse code) paddle that I am making. Arduino had been a first choice for several days. I was on the verge of buying a couple of boards when I came across PJRC's Teensy. It really is teensy. But it incorporates a little bit of hardware that I had not seen in a proto-board before: Atmel's 8-bit MCU with USB support. The Teensy has the Mega32U4 processor at its core, which has 32kB of flash, 2.5kB SRAM, and 1kB EEPROM, support for up to 6 USB full-speed functions, and lots more of the standard AtMega goodies. I think one of the coolest things about this board is that once you have a bootloader in place, you can flash the system over the USB connection that is already has. No need for an extra programmer and more cables. And even if you screw up your application, the bootloader is safe, because it is protected by separate lock bits.

To make a short story even shorter, I ordered two Teensy boards over the weekend and they arrived today. Fast shipping. (It helps that PJRC is less than 20 miles away.)

I am in Atmel junkie paradise.

Stupid Ubuntu Theme Change

Ubuntu usually does things right, but this time they screwed up. They moved my buttons. It is worse than Windoze, which changes the UI every release (every 2 years), because my UI is changing every 6 months.


I installed Lucid Lynx a while back because I wasn't happy with Karmic. And as they are getting closer to the release, they changed all their art. And themes. AND MY BUTTONS. I logged back in after an upgrade and found all my buttons on the left of my window instead of the right. After some digging, apparently this is a configurable thing, but unless you have set it, they changed the defaults.


That tells how to change your order. I prefer gconf-editor because messing with the registry via a command line never works for me. Note that for right-sided icons you want the ":" before all the icon names, not after.

Nathan's Big Boy Bed

The big boy bed
The big boy bed
For the past six months or so, Nathan has been sleeping on a twin mattress on the floor, sharing a room with Nicole. We moved them in together so Annie could have a room to herself while she is still a crying machine. When Nathan switched rooms, we moved him out of his daybed (crib) and onto a real, big-boy mattress. He was so excited. We looked and looked for a bed that we liked, but could not find one. We wanted something that was made out of wood, stained rather than painted, and with a low or no footboard. He is going to be a tall boy when he reaches full height and I don't plan on getting him a bigger bed. Without a footboard, his feet can hang over the end. What good planning, eh?

I finally decided to make a bed. My mom had made all our beds when I was a kid. I know what is involved -- really not much. A headboard, two rails, a footboard, and a platform. Shortly after I made the decision to make the bed, cherry went on sale at our local Rockler and I bought a bunch. It turns out that I underestimated and had to go back for some more, but I had a start. Darren and I started making the bed the first weekend in January. We only worked on Saturdays and even had to skip a couple. So all told, it took about 8 weekends (of about 4-5 hours each) to build and then about 6 hours to finish. This comes to a total of 42 hours. Multiply by $60/hour (two people at $30/hour), add in the $450 of materials and we are the proud new owners of a $2950 twin bed. What am I doing giving this to a 4-year old? Honestly, it pains me to proffer up my labors to the wrecking machine, but I find a lot of solace in the fact that he absolutely loves the bed. It is all part of the branding, much like the Daddy brand bread and pizza are better than all others, Daddy brand beds are on a whole new plane.

RF Probe

A quick test of my SWR meter that I have been working on for the past few weeks told me that something was awry. It is a slight modification of that circuit, adding a couple of capacitors and replacing the two ammeters with an Atmega8 microcontroller's ADC unit. I figured if I could stabilize the voltages sufficiently, the ADC could read them and directly calculate the SWR. So I am sure that at least half the problem is that I made some assumption in SPICE that does not account for or some newbie error like that.

I looked at the DC levels and all the connections. I double checked the schematic. I don't have a low-frequency (<150MHz) signal source, so I just went whole hog and plugged in my radio. Pretty much no matter what I used for the load (short, open, 50 ohms, etc.) I could not get anything other than the full reflection voltage. But my silly multimeter doesn't do 150MHz. I need an oscilloscope. Or whatever they used before oscilloscopes. An RF probe. So I built one.

RF Probe
RF Probe
After poking around on the internet, I found N5ESE's classic RF probe, which seems to have been duplicated in many places, even as as kit from Hendricks QRP Kits. I rounded up the parts and put it together. I had the bright idea of stuffing it into a small bit of 1/4" copper tubing to shield it. I ground down the end of a small allen wrench to be the tip of the probe. I put it all together, added a bit of epoxy and some heat-shrink tubing.

Disappointment must be my lot in life because the RF probe was not working right either. Measuring the voltage across a 50-ohm dummy load (three 3-watt 150-ohm resistors in parallel), yielded 30+ volts when my radio was set to 1/2 watt. Just for reference, 1/2 watt over 50 ohms is 5 volts. If I bumped my radio up to 5 watts, the probe said 250+ volts. My multimeter was not happy about that.

I built another one on a spare breadboard. It worked like a champ. Even with the extra capacitance of the breadboard (or maybe because of it???). And when I say it worked fine, I mean it worked fine at 150MHz. I tore the first probe apart and tested the components. If it really was putting out 250 volts, the diode and capacitor should be dead. The multimeter says they are both fine. I test the probe out of its container. It is fine. I build a new container, this time fitting the copper tubing into a pen tube. No epoxy. I test it again and this time it works. Hooray!!! The picture above is my final product.

Now I need to put it to work debugging my broken SWR meter. Maybe if I can assemble these simple circuits, I can graduate to a real project like the MMR40 transceiver.

Training My First Mutt

At work, I deal with a lot of mail. Not as much as some people, but still, it is a non-trivial amount. I don't have to respond to all of it, nor is it all of the same importance. For example, I get emailed by various cron jobs, some of which are critical to read and others are more informational. All in all, it averages out to 60-80 emails a day, depending on how crazy things are. This adds up fast, with the last two years each landing about 14,000 emails. Since I need to keep my email, I am getting quite a stash -- about 51,000 messages totalling 1.2GB. How in the world do you keep that organized? More importantly, what mail client can present all those without choking?

When I first started my current job, I chose Evolution, since that was about the best thing at the time. But somehow, it got dumber. Each new release took away features that I had come to love and depend on. When it started changing the key bindings without allowing me to have a say in the matter, I finally gave up and went with Kontact and Kmail. There are some things about KDE that I really like. One of the things is how customizable things are. I set all my key bindings so things worked for me. By this time, I had accumulated a fair amount of email and I noticed that it took a second or two to change folders. Annoying, but I just dealt with it. But on one of my upgrades, I noticed that Kmail was constantly crashing. That is beyond annoying. I moved to Thunderbird. I installed the Lightning extension to allow me to integrate my calendar with my email client like Evo and Kontact. Another year or two goes by and I notice a sufficient number of things about Thunderbird that drive me nuts. Time to move again. I look through the options. I test some out. But they all are SO SLOW.

I start looking at some of the second-tier mail clients, you know, the ones that only have a small following, like Sup, and Notmuch. I like a lot of things about both of those, but neither one is really ready to handle my abusive behavior. They both have powerful searching using the Xapian engine. They both deal very well in threads. Sup even has a UI. Notmuch doesn't have a UI. I wrote the beginnings of one and decided that there was still way to far to go before I could really use it. I threw my hands up and adopted a Mutt.

Mutt is really a full featured MUA. It doesn't speak SMTP, it only knows how to speak with a local process such as the venerable Unix Sendmail program. This is perfectly okay, since there are any number of ways to get around this. I chose MSMTP, which runs like sendmail and then makes an SMTP connection to your configured MTA to actually get your mail out there. So my entire mail stack looks something like this:

My Mail
My Mail
We have any number of IMAP servers to collect incoming mail. Fetchmail contacts the servers and delivers the mail to my local machine, filtering and tagging the messages on the way. Mutt notices the newly delivered mail and I read it. I reply or send mail and Mutt passes it off to MSMTP, which looks at the envelope from address and chooses the appropriate SMTP server to contact and pass the message off to. The entire stack suits me quite nicely. Each piece does its thing well and does not depend on the other pieces being of any particular brand. I am now free!

But let me tell you, taming your first Mutt is a non-trivial process. I still have not read the entire 12,000 line manual, but I have read much of it, some parts many times. I have spent many hours learning how Mutt does things, what I can change (almost anything) and what I can't change (very little), customizing key bindings, writing macros, etc. I finally feel like my Mutt and I are getting along. One of the things I really LOVE about my Mutt is that I get to use a *real* editor to compose my mail. Not some clunky built-in, unconfigurable, piece of junk. I use VIM to compose my mail. With a few key settings, it even does syntax highlighting (mail headers, quoted text, etc.), spellchecking and automatic line wrapping for my typed text. It also allows me to paste verbatim text in without messing up its format. I can paste a patch in without whitespace mangling. Hooray. How many other email composers allow this? None that I know of. You don't like VIM? You can use any editor you like.

When I first switched to Mutt, I was considering writing up a patch that would work with labels, giving me virtual folders for my labels. But after exploring the current label support that Mutt has, I found that to be uneccessary. All my incoming mail get passed through fetchmail, which does filtering and delivery. Part of my filtering process is to remove the junkmail and tag all the rest of the mail with labels according to some regular expressions. I have a little script I wrote that will read the headers of a message and spit out the 'X-Label:' header to add to the message. Once delivered, Mutt caches this in its header cache, making for some VERY speedy searches by label. Not only can it search by labels, but it has a very powerful search pattern language. For example, I can limit my view of my messages to '~(~d 6m-8m*2w ~f ("telly"|"cookie") ~Z >1M ~s recipe)' which means "all messages from threads containing messages from 'telly' or 'cookie' with dates from 6 to 8 months ago, plus or minus 2 weeks, that were larger than one megabyte and had recipe in the subject". Tell me this is not a powerful search engine. All of those things it can do without actually re-reading the messages because of the header cache. Some of the modifiers do force Mutt to actually read the messages (like ~b or ~B, which end up searching the body of the message). The header cache does not save all the headers, only the ones that Mutt deems important. Personally, I think this should be configurable.

Besides the Mutt manual (available online at http://www.mutt.org/doc/manual/ or included with your Mutt installation (Debian/Ubuntu users can press F1)), there are loads of online resources to help configure and train your Mutt. I found this site to be very helpful: My First Mutt.

If you are curious what I have done, drop me a note, leave a comment or something and I will share configs or whatever with you. In the mean time, I have some mail to read.

[Edited 27 Jan 2010] Fabio wanted to see my config and my label script, so here goes... A little insight to the twisted mind of Vernon.

Traffic Shaping and Policing

Recently I had the opportunity to work with a customer that needed some help with traffic shaping and policing on their network. I had poked around in the past with this, trying to get guaranteed bandwidth for my VoIP phone, but the last time I checked, that setup no longer worked, so it was shelved until further notice. I just had to take care that when I was on the phone, I could not do any large downloads that would rob the bandwidth from my voice packets.

The customer gave me impetus to re-learn Linux Traffic Control. The main tool offered to us is called tc, meaning traffic control. You can learn all about tc at the Linux Advanced Routing and Traffic Control website. I spent several hours there trying to remember all I had forgotten. I also looked around at several other websites with howtos on the matter, but it seemed that they were all pointing back to lartc.org anyway. I poked around long enough to understand the recipes in their cookbook and then wrote up a script of my own.

I wanted to have about 90kb/s of guaranteed bandwidth for VoIP and then some other high priority bandwidth for things like ICMP packets, TCP ACK packets, and other low-latency stuff (things that mark the TOS field in the IP header.) In other words, I wanted to be able to:

  1. Make sure my VoIP traffic gets through so I don't have choppy phone calls
  2. Perform uploads without killing my downloads (let the ACK packets through)
  3. Be able to type in an SSH session while doing a large download
  4. Not starve my VPN to work when the network is busy (no more 3-12 second latencies, please.)
  5. Have fast ping times so I can brag to all my friends

Sounds like I am hoping for a miracle, right? Well, not really. Simply dividing the traffic into several classes and then giving each one a slice of the pie will do a lot on my quest for the Well Tempered Network. I know the VoIP bandwidth, so that is easy. Then the rest, I decided to split into quarters -- high priority gets at least 1/4 of the remaining bandwidth, medium priority gets the same, while bulk transfers and the rest of the stuff get anything that is left over (a little less than 1/2 the pipe).

Without this QoS script, I am unable to do a large download (or upload) without killing my VoIP call, uploads kill downloads, ssh is very non-interactive, and pings range in the 400-1100ms range. With this QoS script, I can do simultaneous large downloads and large uploads without hurting my VoIP call quality AND at the same time, ssh interactivity goes up (to the same as with no other traffic) and ping times range in the 80-200ms range. VPN traffic seems to be better too, though sometimes it suffers from latencies beyond my control. I think this means I reached all my goals. I was very happy with it and thought it might be nice to share.

Artisan Breads Every Day and Sourdough Pizza

Over this past year, I have been testing recipes for Peter Reinhart's new book, artisan breads every day. The goal of this book was to find a way to get the full flavor that delayed fermentation offers, but to make the preparation time shorter. Or something. I don't know, because with the delayed fermentation plan, you mix the dough and then bake the next day. Not a lot of involvement in the middle.

But one thing that this book did offer was something along the lines of the Artisan Bread in 5 Minutes a Day style of making a bulk pre-ferment and then using a part of it each day for up to five days and baking a fresh loaf from that. This actually makes some really good French bread. One of my favorite recipes was the "same day french bread", which uses a pre-ferment to pull in extra flavor. It is called same-day because you don't count making the pre-ferment for some reason (maybe because you can also use it for the next 4 days). But that was some of the best French bread I have ever made. And in the process of testing these recipes, I learned the importance of the "stretch and fold" technique. This is the best way to strengthen the gluten in a very wet dough. Even a dough that has 70% or more hydration can become smooth and workable with the stretch and fold. After doing this, I found that my freestanding loaves gained 50% in height, rather than being so flat.

Part of the reason I though I would write this was that I chose to make some sourdough pizza dough from this book for our Friday night pizza night yesterday. Mmmmm. I do love good sourdough. The dough turned out to be very tasty, though I think next time I will leave out the honey since I think it made the crust brown too quickly. Our old oven died about three weeks ago and our new oven can bake at up to 550°F, which is about where you should be cooking pizza, but not having experience with those extra 50 degrees is making pizza baking interesting. As far as the rest of the family goes, they say they prefer the original Pizza Napoletana recipe from Peter's Bread Baker's Apprentice book. That is a darn good pizza dough recipe, so it is hard to beat it. But I have to mix it up every now and then or we wouldn't ever know if something better came along.

I will likely write more about Artisan Breads Every Day another time, as I find time to work through the recipes. Can anyone say Chocolate Croissants?

first pageprevious page23456next pagelast page