Showing posts with label Tools. Show all posts
Showing posts with label Tools. Show all posts

Thursday, November 2, 2023

Drip Cup for Cast Iron Juicers



Hamilton Beach manual citrus juicers have a handy drip cup that swings out when you put a cup under the juicer, and it swings back into place when you remove your juice. Without this, the dripping juice left in the metal funnel can get all over your bar top, counter, or cutting board. If you have a generic cast iron juicer that doesn't have an attached drip cup, what is an enterprising bartender to do?

Print this thing I added to Thingiverse, of course!

The mechanism uses a rubber band of the right tension to return the cup to its initial position. As you push the cup to the side, guides slide the cup out of the way. The strength of the rubber band should be tuned to be light enough to not push over your juice cup nestled between the loving cast-iron arms of the juicer. When you remove your freshly squeezed juice, the rubber band slides the drip cup back into place. Et voila!

You'll need a rubber band, a conical shot glass (the smaller the better), and an M3 set screw. You will also need a set of hex keys to disassemble the juicer base to get the Shaft sleeve on.

Enjoy your drip-free juicer! Here are some prototype and action shots:








Wednesday, October 18, 2023

Food Dehydrator - Filament Dryer Mod

A half dozen full spools of PLA was discovered in the garage, and they were all out of sealed packaging. Here in the Pacific Northwest, that is no good for hygroscopic filament like PLA and PETG. When printed, it was an inconsistent stringy mess. It had a tell-tale popping like crispy bacon as it extruded, and it refused to adhere correctly.  The popping and adhesion problems I had with my tripod printer may have been caused by water-logged filament. Clearly this is a chronic problem. I'd read about filament dryers, but the cheapest were over $40. Rather than splurge, I went the DIY route with the jank turned up to 11.

OfferUp had a few used food dehydrators, and I picked a Nesco model with a few trays for $20. The simplest models are not much more than a hair dryer blowing into a big chamber made up of a bunch of trays. In my case, I wanted a single big changer into which I could put the filament spool(s). After seeing people make plexiglass versions online, I landed on an even simpler solution: $2 posterboard, doubled over and taped together into a cylinder. This gave me a big comfortable chamber in which to dry several spools if I wanted. Now to test it.

I reused the thermostat from my sous vide for clove tincture in a Huckleberry cocktail. Placing the probe into the bottom of the chamber, I tested that an empty dryer would hold the right temp (based on this fantastic article about from Prusa). And I ran it for about an hour while I tweaked the alignment and tape seals with one spool. The improvised chamber wall held, luckily, and the green tape I used does not lose stickiness at these lower temps of up to 45C/115F. I'll update this post if the PETG drying at 55C/131F has a different result.

If this system were to break in any place, it would be on the on/off duty cycle I added to maintain a constant temp. Dehydrators are meant to run for hours without stopping. Getting the fan and heating element up cranked up takes work and wears parts out, and the constant-on model I purchased second-hand was probably not designed for this. The fan was a lot noisier than the rice cooker as it cycled on and off every 30 seconds as well, so it was very annoying. By playing with the thermostat settings, I was able to change the temperature range in which it would trigger the relay while still keeping the chamber between 40-45C/104-115F. This meant it took longer breaks and cycled less often. A win for longevity.

With the preliminary tests done, the only thing left to do was run it all night. As this thing was noisy, we put it in the farthest reaches of the house, but the center of the garage would probably have been smarter.  An unknown appliance procured second-hand should be run supervised or in a fire-proof area in case it decides to melt down or short. Nothing happened, but it had me up all night checking it.  In the morning, it had run for 8 hours, and I caught it at a cooling cycle at 43C/109F. The filament itself was pliable and felt much lighter. It had a rough texture like a dry sponge.It printed nicely as well with less stringing and no popping. The $20 dryer has hopefully saved more than a hundred dollars in filament from the garbage dump. A resounding success!

I'll weigh the next spool before and after to see how much water we're really taking off. And I'll hopefully be able to test it with PETG as well.



Wednesday, October 6, 2021

Tools for Painting Miniatures

I post a lot about painting, but choosing and collecting the tools behind the craft can be just as interesting.  Here is a run-down of the tools that make my miniatures look less dull. For those looking for help building miniatures, I'll do a separate post about assembly tools and decals.

Brushes

Brushes are the vehicle for all your artistic endeavor with miniatures.  They can also be really expensive! Most guides focus on what to do (and not do) with your brushes, so let me focus on how to buy them.

For starting painters, don't worry about having all the right brushes, and especially don't buy the expensive ones! Take your starter kit brushes, maybe a bigger one for dry brushing, and learn on them. Learn to draw the brush away from the point instead of stubbing it into corners. Learn to load up the brush less than halfway. Above all, wash it thoroughly and prevent paint from drying in the ferrule. You will screw it up eventually, and your beloved companion will split, and then you can bury them. Keep a few of these starter brushes around for applying washes. Here's a picture of some of my first brushes that have bent and split over time due to abuse. Time to retire them from detail work.

Time for retirement, old friends

Keep your old crappy watercolor brushes for applying shades and washes

You will hit your stride with the next set of brushes. Having graduated from the $10 twelve-pack of watercolor brushes, the world splits into synthetic and sable. Synthetic are just that: plastic bristles.  And they wear over time mush faster than natural hair. Citadel just released their latest STC set, but The Army Painter brush set is probably the best value for your money. It comes with enough variety that you can learn what brushes are your favorite (and some editions come with a free sable brush, neat!).  If you already have strong opinions or lack options at your local store, you may be able to find quality synthetics like this Princeton Velvetouch Round 2 for a reasonable price at art stores that aren't expressly for nerds. Expect to pay about $6-8 per brush. And don't stress about getting the tiniest of brushes for the detail. The important part of detail work is holding a point and not how big the brush is! Even with better synthetics, you will gradually see bent tips as you use the brush.  This is how synthetics wear, and it is totally normal. If you treat them right, your first synthetic should last a squad or 10 figures. You will know your brush skills are maturing when a fresh brush lasts a whole army.

My standard kit

Curling bristles are normal, and they can get into tight corners!
 

Standard drybrush kit

Finally we come to the joyous pinnacle of your painting kit, the sable hair brushes. Yes, these brushes are made with actual animal hair.  And they are superior in almost every way to synthetics, but their price also puts them out of reach for most people.  They hold their shape better when loaded up with paint, and their hairs hold more paint so you can cover more area without going back to the palette. You probably only need one sable brush to start.  Grow your collection slowly, and they will last you forever. A note that the Kolinsky Sable is endangered in Siberia and import is difficult at best. So you're probably not getting real Kolinsky sable for under $25 a brush. Here again, Army Painter wins for having the right brushes for hobbyists. I inherited my Regiment brush, and it is still going strong after a decade of use by my father. By the time you're ready for your next sable brush, you will have enough experience to know if you want to go all-in on the Winsor & Newtons.

A few notes on storage: Try to keep the plastic tip covers for all your brushes.  It's the easiest way to protect them from accidental damage in transit.  If you find your collection growing and cannot bear to part with your new friends, make or buy a brush case in hard plastic (if you don't need to travel and know they will always be sitting up) or fabric like the one pictured below.  I threw it together from duck cloth in about an hour on a sewing machine with basic measurements. Your local art supply or fabric store has something similar for sale.


Citadel Colours App

Available for both iOS and Android, The Citadel Colour app helps me create and remember my color schemes.  I can create projects, track my color inventory, and keep a shopping list of paints for the next time I hit the local game store.  It comes loaded with a diverse palette, but it only offers the Citadel range from Games Workshop. If you use dropper bottles from Vallejo or the new Two Thin Coats range from Duncan Rhodes, you're out of luck. It also doesn't have cloud storage, so switching phones means transferring your inventory, projects, and history as well (my scheme images come from doing CYA in case I lose my phone). Notwithstanding, it has worked to keep me organized.  I would love to know if there were some non-GW options available out there to cover the various paint brands I might use.


  

Storage for Paint

I paint at both my house and my SO's, so this 48-bottle nail polish organizer is perfect for carrying almost my entire collection of paint pots or droppers when I'm being indecisive.  The important part of storage is being able to see the shade without having to look at the label.  Having a clear storage system that can corral a large collection while keeping them visible is ideal. Injection-molded two-sided plastic carrying cases for nail polish go by many brand names on Amazon, and they'll all run you about twenty-five bucks. I haven't found a better mobile solution than this, but I would also suggest similar nail polish storage for a workbench installation.  Both tiered shelves and wall-mount nail polish racks are going to be way more affordable, and see-through, than any miniature-specific laser cut racks you might find at your local game store.

Painting Handle

Whether you buy the Citadel handle or print your own, These little contraptions keep your mitts off the details until they are sufficiently primed sealed.  This is doubly important with Contrast Paints as it can almost be rubbed off like chalk when applied in thin coats and handled with your bare hands. You can even temporarily glue a base to a larger miniature like a vehicle so it can be mounted on the painting handle. Get one.  It's worth it.

 

The Wet Palette

I have used ceramic tiles and even tried Citadel's Palette Paper, but I will never go back now that I've started using a wet palette. The idea is simple: parchment floated atop a spongey pad allows water to pass from the wet pad, through the parchment, and into the paint. The paint doesn't bleed down into the pad, and instead stays hydrated as it dries from the top down. This flow retains water in your paint longer so it remains workable. But it also keeps your blends around longer without drying out, and it speeds up the "always thin your paints" advice that was key to so many of us making the leap from gloopy to gorgeous. Simply put, a wet palette will make getting paint onto models easier. Even if you have your doubts, you should give it a shot. And I'm going to show you how to do that as cheaply as possible. 

This is one area where I have not graduated to a professional solution because I'm so satisfied with how my DIY palette is working. The key is getting a truly air tight container like this now-discontinued Snapware. All it needs is a shallow depth into which you can lay something absorbent (like paper towels) and top that with a layer of parchment. The shallow depth allows you to have a low angle of attack with your brush.  You want this when rolling your brush or mixing paint around. The one I bought is deep, but the two-well insert can be removed with one well used as a wet palette and another used to hold the wiping cloth. The deep well is handy for transporting the paint itself.

On sale, it was cheapest of my options

All layers visible (palette, folded paper towel pad, and parchment)

All soaked up; you can see the water beading on the surface

If you don't want to DIY it, there is a $10 wet palette on Amazon right now that couldn't be any worse than what you're painting on. The Army Painter palette is possibly the most widely known.  It comes with a pad, sheets of their "special paper" that looks and feels like parchment, and brush storage.

Note: Since first publishing this, I obtained the Red Grass Games palette and have been loving it. Whatever you choose, get to it! It will change how you paint forever.

Photos

Susan Sontag once wrote, “Today everything exists to end in a photograph.” And the pandemic has only heightened the importance of good pictures to show your friends why you can't come out hiking on a Sunday morning.

My main photo rig is a photo tent lined with white polyester and a selection of backdrops that drape down the back in a long curve to remove seams from the finished picture.  In the past, I have built photo tents out of PVC and cotton, or vellum pasted to a rough frame of furring strips.  What really matters is the next part: I point as much direct light as possible at the walls of the tent in the hopes that it will diffuse through and evenly light my miniature from all possible angles.

For the camera, I will use a smartphone camera in a pinch, but I prefer a DLSR with a macro lens.  This combo gives ultra-detailed shots for individual minis. Remove the macro for group shots, and make sure you are lining everyone up in your depth of field. There are packs of lenses available for smartphones too.  They work, and they are a whole lot cheaper than a new DSLR just so you can take pretty pictures of your knick knacks, but you do you!

"Who knows what evil lurks in the hearts of men? The Shadow knows!

Oddments

Stop struggling with a yellow overhead light.  Get a portable or installable full-spectrum lamp or bulb like an Ott Light or LED strip.  If you haven't received your baby book update since Middle School, your grandmother's scrapbooking light is probably up for grabs! They are cheaper now than ever before, so buy one of your own rather than stealing hers. I combine the LED strip pictured below with a Costco-bought Ott Lite that even has wireless charging built in.


Applying technical paints like snow and muck is 10x easier with a sculpting tool.  These also work with green stuff, so get a big pack of them and find just the right tool for those nooks and crannies. Moving around muck is also a good use for those small brushes you can no longer use but cannot bear to throw away.


Paint cups wit ribbed bottoms can be hell on your bristles, so go easy, Bob Ross. The wide bottom on the Citadel pot can help keep it from spilling pink paint onto the carpet of your room.  Do that too much and your partner/landlord might get stabby.


Even if you aren't painting regularly on a tile anymore, a ceramic well palette can help mix larger batches of Contrast or Washes. Cover the palette with saran wrap and it will retain water like a wet palette. 

Wednesday, May 20, 2020

Learning AWS - Reflections after a Year in the Cloud

In 2018, a new job for me meant a new tech stack: AWS. Regardless of how long you’ve been developing software, new infrastructure can make you feel like you're starting from scratch. Jumping from a company with a cold room full of mainframes to somewhere cloud native was a shock, but I've enjoyed learning this wide world of cloud^h^h^h^h^hsomeone elses computer. If you feel like a cloud n00b, this post collects tips and tricks for learning cloud development from zero.

As with everything, pace yourself when trying to understand AWS and how to use it. If you feel blocked, put down one service and try another. I have found my happy path is a mixture of study, practical labs, poking around company infrastructure, and handling support rotations. Each contribute, in the long-run, to understanding the available services and building effective products upon them.

The Basics - AWS Vocabulary

The Cloud - Someone else’s computer. Keep this in mind when learning about AWS. It’s all just servers in a data center somewhere else. AWS may take care of a large or small portion of managing these computers for us, and they charge a large or small fee for the privilege.

Identity Access Management, IAM - Amazon’s method of controlling access and permissions to AWS resources. Users can have multiple IAM roles. EC2 Instances use IAM roles. Policies rely on IAM roles to allow/deny access so you only make resources available to those that need to access it.

Regions - A set of AWS data centers that are geographically related but operationally separate. Resources, accounts and VPCs can occupy a specific region.

Availability Zones - Each Region has at least three AZs. Each AZ is a data center separated from others within a specific Region. Each have independent power, cooling, and compute resources to enable you to add fault tolerance to your applications. If internet connections or power to one AZ goes down, you should be able to launch resources in the remaining AZs to compensate for the outage.

Fully Managed Service - AWS services that are fully-managed handle scaling, replication, fault-tolerance and latency without you needing to consider it. A big one is managed Elasticsearch clusters. All you need to do is specify a few parameters and AWS configures the rest (for the most part). Though you don't have to do nearly as much management, learning how to tune managed services is still up to you to solve.

EC2, Elastic Compute Cloud - Virtual machines you can launch on a whim, using the OS you desire, configuring them as you please. This is the backbone of AWS's successes. EC2 is the opposite of fully-managed services. AWS gives you the box, and you do the rest.

Learning Resources

AWS has a host of resources available to help you to learn what options are available. If you’ve never worked with a cloud provider before, I suggest taking some of their video training for Cloud Practitioner Essentials. Login with an Amazon (not AWS) account at https://www.aws.training/. Some trainings include labs that walk you through how to start your own instances, marshal AWS resources, and build a thing for yourself in the cloud. Pick something that matches your skill and engagement level, or use their workshop syllabus to self-guide training.

One of the best ways to learn cloud infrastructure is by doing. AWS offers a massive amount of services at a free-tier. Small VMs, hours of lambdas, and lots of S3 space can be used to learn a service without paying a dime to Amazon. YouTube tutorials about services often are built specifically to never breach free-tier levels of usage. Take advantage of this if getting your hands dirty helps you learn the best. Various online learning companies have video training and integrated quizzes/tests. Some have labs that rely on the free-tier of AWS so you can learn at basically no charge. If you're learning for work, talk to your manager about supporting a subscription if you have a specific avenue of study you want to go down:

If you’re a book person, AWS sponsors official study guides for each certification they offer. These can go out of date fairly quickly, but even an old version will help you get your feet wet when using a prominent service (DNS is DNS, and a Route 53 study guide will be largely applicable next year as last). Check the public library for a guides that will be applicable even if they aren't current. Find a slack channel at work or speak with experienced engineers. Context from experience can break a logjam of misunderstanding faster than reading the AWS docs for the fifth time.

Certifications

The AWS certifications are not required to work with cloud resources, but they can be a big boost to your confidence. If certifications and tests are your preferred method of study, here are a few lines that have been recommended:

  • AWS Cloud Practitioner Essentials - Good overview of AWS resources, administration, security, and budgeting. Take this if you’ve never used cloud resources before and want to come up to speed fast. Available as a series of videos with a free online test for certification.

  • AWS Solutions Architect - This is another broad level of study that can be useful after studying Practitioner. It offers a good overview of current offerings at AWS. You might use some, others not so much. Sometimes it feels like a sales pitch for their managed services, but the curriculum is useful for determining what is possible during the initial phases of a project. The multi-tiered certifications offer a learning path that can scale to your experience and career trajectory.

  • AWS Certified Developer - A deep dive on developing with AWS, the Developer cert study can be helpful in learning how to build on AWS as a developer. The practical labs and study areas cover some of the same problems you might have to solve every day in taking an idea from concept to supportable, sellable, product. This set of certs is also multi-tiered, and it can scale with your own experience if you feel like you need a fresh challenge.

  • AWS Certified SysOps Administrator - Another deep-dive learning path that can help understand how to configure, secure, and economize cloud resources. Covers management and tooling available to keep a cloud running smoothly and safely without breaking the bank. Also has multiple tiers of certification.

Sunday, March 24, 2019

The Aviary: Huckleberry

The Aviary, Pg 404

One of the cocktails hailing from The Office, a speakeasy basement bar underneath The Aviary, this seemed simple to assemble with only one bit of complicated machinery: a sous vide.  Also, the presentation alone was intoxicating: a frothy head atop a mauve concoction? Sign me up!


I was able to obtain a chinois at a Goodwill.  The strainer and pestle separates juice from pulp and seeds.  However, the main ingredient is a clove tincture (fancy word for Everclear infused with clove). This required a sous vide as written.  As long as I've heard about them, I have never pulled the trigger on this low temperature wonder-machine (I don't have an instant pot either).  I figured it was time to lay that to rest.

There are plenty of DIY sous vide videos on the internet.  I settled on one that recommended a rice cooker combined with an industrial 110V AC temperature controller instead of a brewer's setup.  The most important part of this setup is the type of heated pot you use.  I couldn't use my crock pot, for example, because it had a digital control.  Every time the power cut off and then back on, it would not return to heating the pot.  My manual-switch rice cooker worked like a charm, however.  Then, for $20 in parts from the hardware store and $20 for the temperature controller on Amazon, I had a safe contraption through which to control my rice cooker and keep a pot of water within 2 degrees of a specific temperature for any length of time (perhaps "safe" is relative; use wire nuts and an electrical box when playing with mains, kids; the picture below shows iteration one with no cover).


The clove tincture was dead simple but extremely smelly.  $1 in bulk cloves and some Everclear got me a half dropper full of the cloviest drops the ever passed your nose. A word of warning: toasting the cloves is a horrendously smokey business.  Do this with a hood on full blast or outside.  We had to open all the windows and run for coffee.  I already had a vacuum sealer so I dumped the toasted cloves into a bag, poured on the alcohol, and dunked it into the rice cooker for an hour.  I decanted the result into an amber bottle with dropper and savored the aroma (which wasn't hard; it was everywhere).


The rest of the recipe was fairly simple.  Huckleberries don't come into season until August, so we went with blackberries from Mexico.  The syrup came together easy with a few gradually finer strainings.  6oz made 166g of juice.  Amaro Averna from Total Wine, Bombay Gin on sale, and Angostura bitters I already had on hand completed the boozy bits.  A quick trip through a shaker came out with a pink foamy pour that gradually separated into mauve and foam.  The bitters and pepper hit our nose, and the herbal hit of the drink completes it.  It's just sweet enough with off-season blackberries to be pleasant without being overpowering.  As we drank, we noticed the colors change and aromas deepen.  Very fun and dynamic drink.



A second round (can't waste syrup, after all) made with vodka toned down the herbal nature.  This will probably be the version I make for myself unless the guests are already gin drinkers.  Too close to 'too much' pine.  A friend suggested ditching the clove and replacing it by painting the glass with Chartreuse.  Either way, this seems to be a reliable cocktail to just have on hand.  Freezing berry syrup during their season in 2oz portions and the huge amount of clove tincture I have left over means it will be quick to assemble with a fun story to tell while we shake it up.

The Aviary: Knickerbocker

The Aviary, Pg 249

One part of a tiki flight, I was recommended to try this this based on the raspberries.

While the recipe as written requires a pacojet, I don't have $5000 just to get deliciously drunk.  I tried an ice cream maker to make the slush instead with fantastic results.  The instructions say to freeze the mix and rum separately and process together, but a spin in the ice cream maker brought it to just enough slush for a small batch.






The real winner here is the recommended rum.  My first "drink until you hurl" experience was with coconut rum, and I've avoided the spirit ever since.  The Zaya Gran Reserva aged rum has really caught me by the nose, however.  It has just enough molasses to be delicious, and the aging has mellowed it considerably compared to its frat-boy cousin.  I'll definitely be stocking this as a rum of choice (unless the book turns up something even better).

Tuesday, June 26, 2018

Interacting with OpenVMS on Mac through Terminal.app and iterm2

Terminal.app and iterm2 can be used on Mac interact with an OpenVMS system by setting the right profile settings and keys with escape sequences. Most keys work by default (PF1-PF4 when Fn is used to disable Mac system interactions), but it must be configured correctly to allow access to other keys commonly used in OpenVMS terminal applications (FIND, PREV, NEXT).

PF1-PF4

The F1 - F4 function keys will work as PF1-PF4 if Fn is pressed as well.
  • If your keyboard is a large Mac keyboard with a Fn key above the arrows, access PF1 - PF4 by turing off the Mac keyboard options (brightness, volume controls, etc) by holding the Fn key and pressing F1 - F4. This also works for some other function keys. Smaller keyboards will need to map F13+. 
  • If you are on a PC keyboard, you can disable the Function Keys functions in System Preferences and return them to act as F1 - F4. 
  • If you don't want your function keys to always act as F1 - F4, the program FunctionFlip can be used to change your function keys back and forth on the fly. 

Accessing Keys with Shift and Alt

Some keys are mapped, but not accessible without using Shift and Alt in combination with the above Fn key/FunctionFlip.

Here are Terminal.app configs:
  • F11: Alt F6 
  • F12: Alt F7 
  • HELP: F15 on an extended keyboard or Shift F7 
  • DO: F16 on an extended keyboard or Shift F8 or Alt F11 
  • F17: Shift F9 or Alt F12 or F17 on an extended keyboard 
  • F18: Shift F10 or F18 on an extended keyboard 
  • F19: Alt F14 on an extended keyboard or F19 on an extended keyboard or map it (see below) 
  • F20: Shift F12 or Alt F15 
Some of the above work for iterm2. Here are alternate mappings:
  • F11 can be accessed with Control F11 
  • F20 will need to be mapped to a key of your choice using escape sequence [34~ 

Mapping Other Keys

Other keys can be mapped within Terminal.app or iterm2 by making a profile.
  1. For Terminal.app: 
  2. Open a terminal 
  3. Go to the Terminal menu, Preferences. 
  4. Add a new profile with the + button at the bottom left. 
  5. Name it 'OpenVMS'. 
  6. On the Text tab, adjust the colors so you can differentiate it from your other terminal windows. 
  7. On the Window tab, adjust the Window Size to 132 Columns if your terminal apps support this width. 
  8. You may need to enable the keypad mode to get access to LSE's navigation keys on the keypad (PF1+4 or 5 to seek to the bottom/top). 
On the Keyboard tab, you can add mappings to individual keys that OpenVMS needs for navigation. This is useful in LSE or other text editors. Choose a Key to map and then enter a mapping. Mappings are entered by typing a control character `Ctrl + [` (will appear as \033) followed by some additional keystrokes. The following mappings have been found and are based on this Google Groups thread:
OpenVMS Key Key Action
FIND Home \033[1~
PREV PgUp \033[5~
NEXT PgDown \033[6~
SELECT End \033[4~
F19 ^ F9 \033[33~
F20 ^ F10 \033[34~

For iterm2, use Profiles:

  • Use similar escape sequences for the FIND and similar keys as above. On Profiles, Keys tab: add a hotkey and select "Send Escape Sequence" for the action. Omit the \033 from the table above. FIND end up as "Send [1~". 
  • Enable Keypad mode for navigating in LSE. Profile, Keys, keypad mode checkbox. This only works for extended keyboards.

Tuesday, June 12, 2018

Quotes from Dan Kaminsky's Keynote at DEF CON China


Above is Dan Kaminsky's keynote at the inaugural DEF CON China.  It was nominally about Spectre and Meltdown, and I thought it was immediately applicable to testing at all levels.  Here are some moments that jumped out at me:

On Context:

"There's a problem where we talk about hacking in terms of only software...What does hacking look like when it has nothing to do with software." 1:55

"But let's keep digging." Throughout, but especially 5:40

"Actual physics encourages 60 frames per second. I did not expect to find anything close to this when I started digging into the number 60...This might be correct, this might not be. And that is a part of hacking too." 6:10

"Stay intellectually honest as go through these deep dives. Understand really you are operating from ignorance. That's actually your strong point. You don't know why the thing is doing what it is doing...Have some humility as you explore, but also explore." 7:40

"We really really do not like having microprocessor flaws...and so we make sure where the right bits come in, the right bits come out. Time has not been part of the equation...Security [re: Specter/Meltdown] has been made to depend on an undefined element. Context matters." 15:00

"Are two computers doing the same thing?...There is not a right answer to that. There is no one context. A huge amount of what we do in hacking...is we play contexts of one another." 17:50

[Re: Spectre and Meltdown] "These attackers changed time which in this context is not defined to exist...Fast and slow...means nothing to the chip but it means everything to the users, to the administrators, to the security models..." 21:00

"Look for things people think don't matter. Look for the flawed assumptions...between how people think the system works and how it actually does." 35:00

"People think bug finding is purely a technical task. It is not because you are playing with people's assumptions...Understand the source and you'll find the destination." 37:05

"Our hardest problems in Security require alignment between how we build systems, and how we verify them. And our best solutions in technology require understanding the past, how we got here." 59:50

On Faulty Assumptions:

"[Example of clocks running slow because power was not 60Hz] You could get cheap, and just use whatever is coming out of the wall, and assume it will never change. Just because you can doesn't mean you should...We'll just get it from the upstream." 4:15

"[Re: Spectre and Meltdown] We turned a stability boundary into a security boundary and hoped it would work. Spoiler alert: it did not work." 18:40

"We hope the design of our interesting architectures mean when we switch from one context to another, nothing is left over...[but] if you want two security domains, get two computers. You can do that. Computers are small now. [Extensive geeking out about tiny computers]" 23:10

"[RIM] made a really compelling argument that the iPhone was totally impossible, and their argument was incredibly compelling until the moment that Steve Jobs dropped an iPhone on the table..." 25:50

"If you don't care if your work affects the [other people working on the system], you're going to crash." 37:30

"What happens when you define your constraints incorrectly?... Vulnerabilities. ...At best, you get the wrong answer. Most commonly, you get undefined behavior which in the presence of hacking becomes redefinable behavior." 41:35

"It's important to realize that we are loosening the assumption that the developer knows what the system is supposed to do...Everyone who touches the computer is a little bit ignorant." 45:20

On Heuristics

"When you say the same thing, but you say it in a different time, sometimes you're not saying the same thing." 9:10

"Hackers are actually pretty well-behaved. When hackers crash code...it does really controlled things...changing smaller things from the computer's perspective that are bigger things from a human's perspective." 20:25

"Bugs aren't random because their sources aren't random." 35:25

"Hackers aren't modeling code...hackers are modeling the developers and thinking, 'What did [they] screw up?' [I would ask a team to] tell me how you think your system works...I would listen to what they didn't talk about. That was always where my first bugs came from." 35:45

On Bug Advocacy

"In twenty years...I have never seen stupid moralization fix anything...We're engineers. Sometimes things are going to fail." 10:30

"We have patched everything in case there's a security boundary. That doesn't actually mean there's a security boundary." 28:10

"Build your boundaries to what the actual security model is...Security that doesn't care about the rest of IT, is security that grows increasingly irrelevant." 33:20

"We're not, as hackers, able to break things. We're able to redefine them so they can't be broken in the first place." 59:25

On Automation

"The theorem provers didn't fail when they showed no leakage of information between contexts because the right bits went to the right places They just weren't being asked to prove these particular elements." 18:25

"All of our tools are incomplete. All of our tools are blind" 46:20

"Having kind of a fakey root environment seems weird, but it's kind of what we're doing with VMs, it's what we're doing with containers." 53:20

On Testing in the SDLC

"We do have cultural elements that block the integration of forward and reverse [engineering], and the primary thing we seem to do wrong is that we have aggressively separated development and testing, and it's biting us." 38:20

"[Re Penetration Testing]: Testing is the important part of that phrase. We are a specific branch of testers that gets on cooler stages...Testing shouldn't be split off, but it kinda has been." 38:50

Ctd. "Testing shouldn't be split off, but it kinda has to have been because people, when they write code, tend to see that code for what it's supposed to be. And as a tester, you're trying to see it for what it really is. These are two different things." 39:05

"[D]evelopers, who already have a problem psychologically of only seeing what their code is supposed do, are also isolated from all the software that would tell them [otherwise]. Anything that's too testy goes to the test people." 39:30

"[Re: PyAnnotate by @Dropbox] 'This is the thing you don't do. Only the developer is allowed to touch the code.' That is an unnecessary constraint." 43:25

"If I'm using an open source platform, why can't I see the source every time something crashes? ...show me the source code that's crashing...It's lovely." 47:20

"We should not be separating Development and Testing... Computers are capable of magic, and we're just trying to make them our magic..." 59:35

Misc

"Branch Prediction: because we didn't have the words Machine Learning yet. Prediction and learning, of course they're linked. Kind of obvious in retrospect." 27:55

"Usually when you give people who are just learning computing root access, the first thing they do is totally destroy their computer." 53:40 #DontHaveKids

"You can have a talent bar for users (N.B.: sliding scale of computer capability) or you can make it really easy to fix stuff." 55:10 #HelpDesk
"[Re: Ransomware] Why is it possible to have all our data deleted all at once? Who is this a feature for?!... We have too many people able to break stuff." 58:25

Saturday, June 2, 2018

Fixing Ford AC Head Controller Vacuum Problem

The AC on my land yacht (2009 Mercury Grand Marquis) has been in the fritz for a while. Last winter, it gradually stopped switching from max AC/recirculate (a necessary in Vegas), then got stuck on norm AC until it rested on Defrost/Floor. I was able to fix it with some basic troubleshooting, YouTube sleuthing, and two bucks in o-rings.

This shaky yet informative video by Ian Smith helped me diagnose it as a problem with vacuum only. The AC itself was fine. It blows cool air all day long. It just did so at the windshield. It couldn't be the blend-door actuator.

The same video showed me how to diagnose the vacuum problems. The black hose providing vacuum from the engine seemed fine: I was getting 20 inches of vacuum with the car turned on when I hooked up a bleed pump with a gauge (mine came from Harbor Freight, shown in the video). To test the actuators, all I had to do was hook a 'jumper' pipe from black to the other pipes. Each one seemed to hold air, and the actuators sprang to life once again. For the first time in a year, I had cold air blowing from the vents. The problem couldn't be in the lines. I pulled the controller head for a closer look.

The head itself is a bunch of electronics, a control panel, and one removable plate with four solenoids. The vacuum hoses come into this through a manifold, and the head controls trigger the solenoids to route vacuum from the black hose to the others. This triggers different actuators under the dash. Something was amiss in the manifold.

I returned to YouTube looking for rebuild instructions. I found this extremely helpful video from a Chicago mechanic. The solenoids contain an o-ring that dries out, wears out, and loses the ability to hold vacuum. I obtained close to the recommended o-rings from Lowes (#36, 5/16 OD, 3/16 ID, 1/16 thickness) as I was not willing to wait for Amazon. A little Oatey silicone lubricant made the tight squeeze work a little better. I found I had to seat the solenoid heads at least once before total reassembly. It was too difficult to do so at the end and fight with the other small parts at the same time. 45 minutes later, I had full control of my AC restored.

I can't believe it was this simple to fix the controller. I think I was intimidated by the AC (having spent $1500 last year to have the dealer redo the whole system from seals to refrigerant). I didn't want to break anything. A few targeted troubleshooting steps helped assuage any fears of irreparable harm, and now I have a comfortable cabin once again.

Monday, August 17, 2015

Magnetic Bottle Openers

In the tradition of doing something snazzy for the DEF CON Toxic BBQ, I created a bottle opener that would both mount magnetically as well as catch bottle caps with the same force. 

Amazon had a selection of sturdy bottle openers by Starr X, and a particularly helpful blog post by K & J Magnetics helped me pick out the featured magnet.  I'm relying on the interesting grain of the Indian Rosewood to give the piece character as I didn't have the tools to do a fancy profile, and my router bits are incredibly lacking, so I just went with dog-eared corners and a chamfered edge.  The burning visible on the below pre-finishing shot (accompanied by my favorite Wasatch brew) was due to the bit I used.


The magnet was epoxied in place after I cleared out a spot for it.  In order to prevent the opener from sliding on slick surfaces, I added slightly inset tiny rubber feet.  This also set the opener off from the fridge by just enough that you can get your fingers behind it to pry it off with ease. Lots of sanding from 100 to 600 grit made a great smooth base for some stain and spar urethane.  After three days of curing time, I plopped it on the post at the Toxic BBQ and had a pile of at least 50 caps by the time the night was through.  A great first run!

Friday, October 31, 2014

Resources to Check for Dead Links on a Website

http://www.brokenlinkcheck.com/
This external service hits your site and follows each link.  It is intelligent enough to check for loops.  Since it is an external service, it may artificially drive up hit count.


Check My Links Chrome Extension
This very handy chrome extension checks link status and places the results in-line.  Fairly turn-key, it even keeps a list of links to not follow that you can add to as you go along.  It seems to have trouble with blogspot controls and extensions, though adding them to the blacklist might be the solution.

Xenu's Link Sleuth
Heard about this one on UTest.  I am eager to try it out.  Free, long history, and automatable: all the right pieces for success.

Add more as you find them to the comments.

Tuesday, July 22, 2014

Updated: Random Shop Projects

Cat Tower

We needed a new cat tower due to acquiring a monster of a tom.  Might as well do it right!.  I wrapped the columns in sisal (one roll of Lowe's Blue Hawk lasted about a foot and a half), made the base double-thick plywood, and wrapped all horizontal surfaces in carpet.  There are a brazillion staples in that thing.


I wish I had purchased round posts instead of these ungainly square ones.  Not only were they more difficult to wrap, but the sisal seems to pull away and tear easier when it sits a quarter inch from the surface in the middle of each face.  The next model will have pillars, and I have half a mind to glue the sisal in place to lengthen the time it takes to get into such disrepair.

Update: I made a small tower for upstairs and glued the sisal in place.  It seems to be holding up much better over time.  Instead of using square pylons, I used redwood ties from Lawn and Garden.  They wrapped much nicer than the square ones.  It is held by a single bolt and, as of this writing, has broken once when someone fell on it.  Eep!



Vacuum Tool Holder

This serviceable Shop Vac tool holder plan came in via Shop Notes.  The tools are sitting atop PVC end caps of a fitting size.  It took longer to find the parts than it did to assemble the thing.


Miter Sled

Shop Notes, Woodworking for Mere Mortals and a bunch of Indian Rosewood acted as a catalyst to get me to build a Miter Sled.  I hate miters on a contractor's chop saw.  The constant adjustment leads to endless headaches.  The sled eliminates this with a stable 90 degree platform that facilitates perfect cuts every time.



The base is plywood, and I followed the techniques of the above YouTube video to get my rails aligned.  To each arm, I added T-Track and will build stop blocks.  These will be invaluable for building boxes and lots of picture frames in the same size. 

Now all I need is a spline jig that stands the miter on end and allows reinforcing slots to be added...

Bonus Shots

Miter Sled Plans

Garage Shelves Plans

Bitz Wall for Blue Table Painting 

Page 2