Thursday, May 30, 2019

keto chicken nuggets

not really a nugget but close.

Ingredients

chicken
onion
green pepper
cilantro
eggs
almost flower
cheese
seasoning like salt, garlic, chili, cumin ... whatever

optionally an egg wash with some pork rinds

cook in coconut oil about 3 minutes per side.

See keto connect

Wednesday, May 29, 2019

Bluetooth Trackbad or trackpad

It's been years since the computer mouse industry decided that wireless keyboards and mice were not good enough for game play where click latency could be the difference between winning or losing. I'm not quite sure what the first wireless technologies were but the first wireless Logitech devices were fine for programming and normal business operations.

But now we have devices like iPads and Slates where touch was the preferred pointer and they never had enough ports for a dongle or a wired device. So we are stuck with BlueTooth and while that's OK for most keyboards it sucks for pointing.

what's in your wallet?

Sure I meant to be funny but "what's in your ultralight backpack" does not roll as well. While I look at my camping and hiking gear I hate the way I get ready for a hike. I always bring too much or too little. This is not limited to hiking but any time I put my pack together for a mission (all day soccer tournament with the kids.)


My newest strategy is one bag per kit... and this is the list of kits?

  • shelter
  • sleep
  • clothes
  • electronics
  • food
  • cook
  • water
  • first aid and hygiene

I have to think about the shelter, sleep and clothes. Some of that stuff get's wet or stinky so choices have to be made. There is nothing better than a gallon or larger ziplock.

Ultralight do over

We all like expensive things and there is no exception in the SUL and UL hiking world. Anyone who talks about going (S)UL usually spends many hundreds of dollars on their gear. One thing I discovered is that I can do it at a fraction of the price and in case of a failure my insurance policy is next-day shipping or just the closest hardware store.

This particular kit is a full replacement for $29.


Of course in a disaster recovery or failure scenario you do not have to replace everything but it's cheap enough... In fact you could have kits sitting at home or with a friend that could be drop shipped all at once basically refreshing your entire kit.

One thing to keep in mind is that not all polycryo is the same. Since it was designed to seal windows in the winter it reacts to heat and shrinks. Also since it's transparent it is more for hiking than camping. Site selection and configuration are still important.

Friday, May 24, 2019

minimalist water

I have too much junk. I mean I have too many things that I'll just never use again or maybe for the first time. Granted it's all part of my midlife crisis and I own that but after all that I really want to go minimal.
I had a contract position in Sweden and as part of the job I requested a Swedish apartment so I could experience the Swedish lifestyle. It was a small apartment and typical. I was close to buses and trains so I made use of them. There was also a grocery between the train and the apartment so I did not have to keep any food in the apartment except the most basic snacks. Making the grocery my refrigerator and pantry was probably the best lesson and one that I wished at home.
And now water bottles.. .


Hikers will buy a smartwater bottle and use it for weeks and months. This bottle became the de facto water bottle as filter and accessory companies modeled their products to that bottle.

About 2 years ago we purchased 4 Nalgene-32 bottles the kids so that they had plenty of water at soccer practice. They complained about the spilling and opening the bottles because the mouth was so wide. So I purchased new lids from HumanGear and things were good. Unfortunately the kids in our league absconded with 2 of the bottles and of course the parents, who should know better, have remained silent.

I purchased a few more Nalgene (pictured above) bottles but in hindsight I regret. I regret it because I cannot seem to convince myself to discard it the way I would a smartwater bottle if I felt I was not going to hike for a while or life was just a little too cluttered.

Keep in mind that water weighs the same regardless of the container. The Nalgene bottles are only slightly heavier. But walking around an airport or just going for a walk I'm likely to feel guilty carrying around the empty Nalgene.

So the lesson... stick with the better water bottles and forget the commercial varieties. Maybe keep a few extra tops in your pack.

Thursday, May 23, 2019

Lightest tarp tent possible

I constantly refer to super ultralight (SUL) as the race to the most expensive gear or no gear.
You don't need band-aids if you have tape.
Somewhere in that formula there are some cheap and light options but are they better and how does that work? If you're reading this post then you already know about the materials out there and the cost of the raw and finished products. So I will no go there.

Last year I purchased a roll of shrink and seal film from Amazon. I think this 25ft by 7ft roll cost me less than $10 USD. I've made a few groundsheets with this stuff making a 7'x5' by orienting the material on one direction; and today I made a 9'x7' tarp in the other direction.


This turns out to be a pretty big tarp. The short corner lines are only about 8" and should be more like 2' in order to give the short side some optional height. I could also add a tie to the center or even off center to provide some headroom and a possible hook for the net tent.


The opening is huge.


I used these lightweight MSR rings just because they were at hand. Polycryo tears easy and a twig or sharp edge would damage the tarp. I could add some tape here to strengthen the guyout.


This aluminium pole is also pretty compact and light. When I compute shelter weight I add the poles.

It's summer in Florida and the tent is installed in the yard. I also have a pretty nice breeze. I'm just not certain how fragile this setup might be. I think there is some room to reinforce the corners but I can also setup at dusk and break camp at first light. There is no reason to keep the tarp up during the day.

One other thing... I did not use any linelocks or fancy knots.

Thanks to @jupiterhikes for the inspiration.

Tuesday, May 21, 2019

container root account misconfigurations

I did not read the article titled "Root account misconfigurations found in 20% of top 1,000 Docker containers | ZDNet" but I found myself pretty mad about the inference. Also while I'm no container expert I have some strong system opinions. And because I'm so frustrated this is going to be very short and to the point.

Containers that are built on anything more than just a simple binary and maybe some static data and/or some volumes and networks is just stupid. [a] first you have core OS processes running in both the host and guest [b] there are other OS exploits in privilege escalation and other IPC between the guest and host [c] there are all the cron'd and other services that are now duplicated leaking even more resources [d] there are processes that you are not aware of that also leak ports.

The ideal container is JUST the binary and links to persistent storage and other services like a DB.

In one of my current projects I've taken the risk of including a complete OS in my container, however, due to some other time to market constraints and a risk assessment I'm using shell and shell commands from within my app to get other types of work done. At some point I should be able to move 100% of the code into the app but again the risk is so low.

Monday, May 20, 2019

tarp setup - are linelocks necessary

I like tarp camping for a lot of reasons and while I've hiked only a few hundred miles total it's still something I aspire to. And while there is something to be said for learning on the trail or in the moment I really want to make some off trail decisions that pay dividends on trail. For example:

  • go as light as you can afford - there are some exotic materials out there that cost many multiples of materials that simply work; and consider letting things do double duty.
  • leave some things behind - soap; you're going to get dirty and smelly so embrace the stink.
But then I watched a Jupiterhikes video where he talks about tarps.




I had watched this video a few times over the last year and I finally noticed that he did not seem to have linelocks. Just 6 lines on a 7x9 BoraGear tarp. I have one of these tarps and I have been experimenting with all sorts of linelocks and all sorts of exotic knots. His lines were:

  • 2x 2 foot
  • 2x 4 foot
  • 2x 8 foot.
Each seemed to have a loop on each end and seemed to be semi permanently attached. After watching the video this last time I wander why people use linelocks anyway? There is loose talk about re-tightening the tarp as it loosens but then what is the scenario? For me it's [a] hike until time to stop [b] setup camp [c] go to sleep. When exactly would you need to tighten the lines?

So if I have not specifically answered the question... linelocks are not necessary.

As a side note... over the years I've purchased quite a bit of hardware from Dutchware and Amazon and at this point I have lost or discarded all of it.

One Stop Shopping

As I was tripping over my abundance of day packs and being frustrated that my new sleeping pad did not fit in my day pack I was reminded of a few facts. First that my Gossamer Gear Kumo 36 is just 10 more liters than the Gossamer Gear day pack and only a fraction heavier. And while I'm trying to turn my day pack into a UL or SUL pack I'm realizing that  I'm trading out a lot of comfort as I discovered when I tried to pack my foam sleeping pad.

But as I later realized I have been mixing and matching my gear as most hikers do and that seems to create some of my chaos. For example Gossamer Gear has everything a ground hiker needs except a net tent and or sleeping bags and pillows. The strange bit is that some items are disproportionately expensive. Just look at the trekking poles.

Sea to Summit, another outfitter also has a lot of great gear. They fill in many of the gaps by being a 4 season company and offering everything you might need for camping or hiking. That includes hammocks and tents. However, most of their gear is meant for camping and not hiking and so it can be a challenge to find the exact piece of kit.

I'm wandering around this conversation in my head and I'm falling back on wanting an amazon wish-list that with one click all my hiking needs would be fulfilled.

UPDATE one thing I seem to have forgotten to mention is that the lighter you go the more volume you seem to need. AND the more you compress that light gear the more damage you do to it.

Saturday, May 18, 2019

words are important

Ever since Trump uttered his first words he has been a liar and ever since he took office people have been trying to tel him that words mater. But before you think this is a political ran... I'm actually thinking about something different.

I have interviewed hundreds of candidate employees over the years. The one quirk that is common is when someone says that they built a computer or a raspberry Pi. Really? Are you sure you did not mean "assembled"? In my mind "building" suggests taking all the raw components and soldering them and then combining the larger pieces into the final project... just watch how they build a skyscraper or assemble a prefab home.

So when someone describes Kali Linux as a Debian rewrite they have no idea what they are talking about... Moving on.

Friday, May 17, 2019

and the dish ran away with the spoon

The only time I ever liked a spork was when I was in high school. When I was deciding on my first utensil I decided to go with the long handled titanium spoon instead of the spork. Then when I was outfitting for camping trips with the kids I bought a collection of different light my fire utensils (link).
They must sell a ton of these, however, in practice they are useless. They are short, the knife edge is useless, and if you are switching between fork and spook you're going to get dirty and cross contaminate the utensil. LMF also sells a titanium version. 

HumanGear  (link) makes sets in a case and they also make a spoon/fork combo that will transform into a longer utensil however the grooves require additional cleaning.


As for the length you have to consider the first time you tried to eat out of a mountain house packet. It was impossible to mix the contents with a short spoon and not cross contaminating the food.

That's when I discovered the Gossamer Gear Bamboo Spoon (link). 


It's as long as the long spoon, it has a larger bill, it's lighter not that it matters; 14g compared to 19g. But the most important part is that it does not conduct heat and so using the spoon to cook you will not burn your fingers or eat and you will not burn your lips.

And lastly there is the price. The bamboo spoon is $7 and the Toaks Ti is $11 (link).

PS: did I mention that the bamboo spoon will not set off the alarm at the TSA?

Reading List MOVED

Many of these are dead tree books that I still possess.  The rest have been recycled and some are now digital.
  • Security Reading List
  • Flow Based Programming
  • Continuous Delivery: Reliable Software Releases
  • Responsive Web Design
  • 101 Design Ingredients to Solve Big Tech Problems
  • Who Moved My Cheese?
  • The Last Lecture
  • Agile Project Management with Scrum
  • Scrumban
  • Kanban
  • Behind Closed Doors
  • My Job Went to India
  • The Career Programmer
  • Data Crunching
  • Decline & Fall of the American Programmer
  • The Six Sigma Way
  • Best Software Writing I
  • Debugging the Development Process
  • The Mythic Man Month
  • The Art of UNIX Programming
  • Dynamics of Software Development
  • Management by Baseball
  • Herding Cats
  • Death March
  • Joel on Software
  • Beyond Java
  • Programming Pearls
  • More Programming Pearls
  • Service Breakthroughs
  • Writing Solid Code
  • The Pragmatic Programmer
  • Offshoring IT
  • Extreme Programming Explained
  • Programming Interviews Exposed
  • The Inmates are Running the Asylum
  • Rework
I've started reading some new books on health:
  • Quiet
  • The Healthy Programmer
  • Brain Grain
  • The Engine 2 Diet
  • The 4-hour body
... and other new management and other misc books:
  • The innovator's Dilemma
  • The 4-hour work week
  • Blink
  • David and Goliath
  • Outliers
  • The Tipping Point
  • History Decoded
  • What the dog saw
  • Practice Of Network Security Monitoring
  • Systems Performance
  • Cloud Computing
  • Remote

pfSense vs OPNsense: a professional viewpoint

I've read the articles and I've listened to the executives and while the origin story suggests that there are more alike than not it simply does not matter and it might have more to do with who you are and your environment than it does the device.

If you work for a commercial organization with assets to protect then you are going to be looking at commercial grade firewalls. That might be commercial versions of OpnSense or pfSense but then it could be Enterprise class Cisco, Juniper etc... Or even some place in between like Ubiquiti. There are plenty of vendors and many different price points and integration.

Some where in the middle might be the typical home user that needs a netgear, linksys, home router firewall.

On the other end of the spectrum is the geek, hacker, hobbyist, or bootstrapped startup. These people are going for free at any cost. The typical handicap is the office geek that thinks he/she can save the company tons of cash but then spends all sorts of time and money on configuration and maintenance or worse has to reinvent the wheel every time there is a question and new requirement.

I've spent a lot of time on configuration as code and system orchestration and the most costly part of the process is speed aka Agile.

REFS
https://docs.opnsense.org/fork/thefork.html#so-why-did-we-fork
https://www.firewallhardware.it/en/pfsense-vs-opnsense-technical-comparison/

disturbing quote of the day

Kubernetes seems to be taking the intellectual lead as devs and managers search for the latest buzz word soup to sell their wares... So as I search for a distribution that offers a balance of form and function I run into all sorts of jank. First of all most commercial kubernetes are merely packaging other free or community editions of projects to create a curated platform. Which is not a terrible idea until you realize they are charging over $1000 per server per month.

Interestingly VMware is also getting into the game. While I'm not sure whether there is a CE version it was worth noting because they also posted this quote in their blog:
In all cases the risk needs to be considered carefully, because these attacks are not theoretical. There are working demonstrations of each of these attacks on YouTube. One of the demonstrations shows an easy-to-use, commercially available tool recovering usernames and passwords from another virtual machine that is an Active Directory domain controller. That is a very serious problem.
It's clear VMware is taking security seriously but it's spooky they they took their own security to task.

The article has plenty of easter eggs like "compliance is not security". And as "we" consider the implications of container orchestration and the host to guest and guest to guest networking... It may not need to be as complicated as you think in order to get the desired results.

Wednesday, May 15, 2019

I see the light

Do you prefer rechargeable or one-time use batteries when hiking?


Forget, for the moment, that the flashlight on the left has two brightness modes, and 3 colors with blinking options, is very light and can clip on the floppiest of brims/lids. Made out of plastic and can/will glow in the dark.

The flashlight on the right uses a AAA battery, probably lasts longer, is made from aluminum, and is probably waterproof and has 2 levels of brightness. And replacing the battery is instantaneous.

hiking gear reviews

It's interesting to see the before and after gear reviews; especially when you watch the actual hikers struggle in the intervening videos. Frankly I'm not sure there is ever going to be a right or wrong time to do a gear review. Either the piece of gear functions or it does not. Either you can function without it or you can find a workaround.
One tricky question is what exactly can you get on a plane? Stakes? The tiny swiss army knife? It's not a good idea to check Batteries or electronics. And if you checked your pack it really needs to be in a bag to prevent damage from the handlers.
 Hike your hike.

Monday, May 13, 2019

Day Packs

I have a number of packs that the industry refers to as Day Packs. These are seemingly lightweight, 20-30L volume, and frameless. The other features are optional:
  • sternum strap
  • shoulder pockets
  • side pockets
  • back pocket
  • under pocket
  • straps vs vest
  • packable
  • snaps
and so on...

The packs under consideration...
  • G4Free
  • Ultimate Direction
  • Klymit Stash
  • Klymit Dash
  • Matador Freerain 24
  • Gossamer Gear Minimalist 24
  • Gossamer Gear QuickSak 26
  • Sea to Summit Ultra-Sil Day Pack
  • Sorensen Shadow 28
  • Ultimate Direction 15
  • Camelback Arete 22
  • Marmot

This is my sample kit. It's part emergency day hike kit and part over night. There is a hammock and ground kit including a bugnet, inflatable pad and poncho tarp. Plenty of overlap and a way to stay dry or just sit out a storm in comfort. This kit weights about 4 pounds.

Sorensen Shadow (front)

The Sorensen has the most outer pockets including the largest back pocket and underside pocket/ This design looks similar to the Pilante pack. The material is questionable as to whether tit's waterproof or not. It's some sort of woven impregnated fiber.

Sorensen Shadow (back)
This is the only vest in the group. The vest pockets are tight and not meant to hold a water bottle. I could barely get my phone in there and so it's more likely best for a small knife or maybe your keys. Worst of all it does not fit my 50" chest. Also includes a thin plastic sheet to act as a stiffener.


Sea to Summit (front)
Probably the lightest in the bunch but it does not have any pockets. The thing is you gotta hick your own hike and in my case it means hike until you have to stop to do something else like drink or snack. About the only real downside is what to do with trekking poles if you change your style.

Sea to Summit (back)
 There is no sternum strap and the straps are very minimalist but comfortable

Matador (front)
Average (read normal) side pockets for water bottles or gear. and a nice, mostly sealed, zippered pocket on the front which can be a convenient swing on one shoulder in order to access. I was able to fit a 1L and a 1.5L bottles into both side pockets.

Matador (back)
The straps do not lay flat on my 50" chest. At this light weight that's not much of a problem and the sternum strap does help orient the strap at the top of the shoulder.

There is talk about cottage industries in the hiking gear world and the adoption of some of those designs and ideas by the big manufacturers. The three legs of the stool seem to be quality, consistency and price. Just look at the seams of the Matador and Sea to Summit.

Gossamer Gear (front)
 Huge side pockets and a brain this is a nice pack.

Gossamer Gear (back)

Gossamer Gear (front)
The minimalist is my go-to pack when I go to the soccer tournaments with the kids. The straps are generous and soft. It carries my water bottles, Poncho, collapsing chair, first aid, snacks, and other misc that gets me from the car to the field. The material is super durable.

Gossamer Gear (back)
The extra pocket is not useful and needs to be removed. The other bottle strap does help when I'm carrying for the family and not just myself.


The Marmot side pockets are misleading. They will hold a 1L bottle and there is a cinch strap to keep it in place. The brain is a good place to keep snacks and the brain strap means you can over stuff the main body. I like the color of this one because when I hike I want to draw attention to myself even though black dries faster.



The Camelbak is one of the smaller packs but it still carries enough for an overnight. The pocket configuration seems to be biased toward using a hydration bladder. It's not a terrible idea except bladders are a single point of failure and take more time to fill. Not because of volume but because you have to empty the pack to gain access.



The Ultimate Direction pack is meant for skinny people. Even thought the 15 does not carry much the vest is just tiny... for a runner's frame. I was able to squeeze into the pack and after going back for a second try I realized that the fit was just different. The pack rides higher on my shoulders and the straps were meant to wrap tighter into my armpits (but not too tight). The idea might be to get the pack higher on the shoulders.

I tried the pack empty and that made a big difference. Part of the fitting had to do with the contents making the pack more ridged.


Not currently pictured are the two Klymit and G4Free packs. The G4Free is functional and one that I've probably used the most but it's not the lightest and it's not waterproof at all. The Klymit packs continue to have problems staying inflated.

Selecting the best day pack can be a challenge. It's partly form and function' and partly survival. Not to over emphasize a day hike is the easiest to walk away from. In my favorite area there are 30-40 miles of intersecting trails... I would have to be trapped by fire, flood or animals not to make it out in the same day.

PS: One serious problem with black packs is that they also heat the contents of the pack. I recall my Klymit pack and having room temp water in the pack and by the time I drank it... it was hot.

UPDATE 2019-05-17: not everything is about weight. Sometimes it's about volume. I took the kit above and replaced the inflatable pad with a torso length closed cell pad. While the foam pad provided structure to the pack like a frame would it had friction that made it difficult to get in and not of the day pack. If I wanted a sit pad I'd have to dump my gear. I tried a number of different sized pads and had some interesting results to be shared later.

Saturday, May 11, 2019

protect your food

My hiking as been limited to the Florida trails close to my home.


JH makes some recommendations that I've also read in a hiker's howto book.

[1] odor proof bag
[2] eat before you get to camp
[3] do not cook - cold soak or similar
[4] keep the food close so a critter has to decide whether an encounter is worth it
[5] sleep in uncommon places and not shelters were animals have developed habits
[6] hanging a bag properly is difficult; if hung far enough away the critters will have all night to try to get to it (see #4)

Keep in mind that this is about hiking not camping. The hiking book made reference to getting into camp and going right to sleep. Then waking in the morning and getting on the road before stopping for the first meal. And taking a nap whenever you wanted. It was all about the hike.

Friday, May 10, 2019

PWA - google said what?

I/O 2019 is going on or maybe has just closed and so the content is starting to popup on my google cards. PWA? Progressive Web Apps... Don't go crazy just yet but in the introduction the speakers were telling us that a PWA was simply decoupled from the browser. WTF!@#$%^ I'd swear we just spent the last 30 years moving everything to the browser. This is the client/server argument all over again.

So here we are in yet another waste of time cycle.

The truth of the matter is that this conversation is all about the 1% companies that continue to have problems scaling their tools for their companies. But keep in mind that they are still the 1%. If I was going to compete with gmail or maybe AOL mail then maybe this would be important... Any project I start today will be used by 10s to 100s or maybe 1000s of users. PWA does not get you there.

In another example I look at Kubernetes. It's a nice framework but only useful for the 1% too. I was looking at the business in a box structure again and if you have 100 employees deploying all the necessary systems is flat. And end to end connectivity means that the network looks like some sort of star or partial mesh and for all the complicated partitioning and vlan you lose responsive deploy. This does not mean that configuration as code is not valuable just that time ramps up quickly.

Thursday, May 2, 2019

penetration testing

I want to make sure my home network is secure from both the outside in and the inside out. Are there any trustworthy tool sets out there? It's simply not good enough to nmap test.

Wednesday, May 1, 2019

Kubernetes vx Docker (FAIL)

I was watching this video...


it shares a lot of interesting information but is wrong from the start. First of all it does not consider the business and cost side of development and that's a common problem for programmers. Being IBM I was not expecting that.

However,
docker and kubernetes are apples and oranges. While k8s might be a good choice for container orchestration you should not make this comparison.... docker swarm is a simple transition to scale without the upfront complexity of k8s. ALSO there is a development cost with k8s that you may or may not recover.... what happens if you spend that extra cash on a k8s installation and the volume never arrives? Lastly you've simply waved your hands at the DB and API servers... you cannot just throw any number of java database adapters at the problem and expect great performance. There are limits to the other components.... you have to scale that too. IBM certainly know it's stuff but this is a bad article.
One other thing... While k8s does "work" with docker it really wants to manage containerd. And while docker does,  sort of, operate in this environment there are still other challenges.

One glaring hole that most designers do not discuss is exactly what should be in a container. A container can be as simple as a single executable and some supporting files to a complete operating system and your application. For example "helloworld" is built on top of the docker Scratch container which is an empty container. The application is executed in the docker sandbox and then exits. If the application needs or is built with an OS like Alpine then all the daemons and drivers need to be loaded. That can and will take cycles from the host. It's not like the guests will be idle while waiting for work. At that point it's not much different from a VMware installation.

another bad day for open source

One of the hallmarks of a good open source project is just how complicated it is to install, configure and maintain. Happily gitlab and the ...