My guess is the Las Vegas shooter was suicidal in a very weird way. Something in him snapped, but it snapped a long time ago, and the amount of time it took for him to plan this and carry it out is an awkwardly long time to be suicidal. There was contempt and hate fueling his death march to the Mandalay Bay. Sometimes when I try to understand a person’s motives, I play a little game. What is the worst reason he could have had for doing this? Insanity? Russia? If we could only have gotten a snapshot of his psychopathology and synaptic condition the last few weeks leading up to the night of the concert…

Large crowds are the prime target for anyone who wants to kill a lot of people. And they can do so with relative ease from a high position using an automatic rifle, especially against a crowd at a concert where the saturation density of people can become so high that it prevents exfiltration of those who wish to leave in a hurry.

It is damn amazing that more people didn’t die in Las Vegas. I’m rather astounded based upon the fact that the gunman was firing from two different vantage points, each position having interior cover. Ive heard an estimate from a news media outlet that it took nine minutes for a group of police officers to assemble, figure out where the shooting was coming from, converge on the hotel and neutralize the shooter.

9 minutes.

Not 19. Not 90. Not long enough for him to expend all of his ammo. 9 minutes. That is amazing response time. And there was also a great coordination response from the Mandalay Bay security personnel. It would seem that LVPD and localized security teams have actually spent some time preparing for this kind of thing, and they have done so with diligence and dedication. My hats off to the Sin City badges and the hotel patrols.

Now its time to get that response time to come down even lower. I think that we need to start protecting these large musical events with active firepower. Its time to assume that someone is going to show up and start shooting. The security at these events needs to resemble the preparation of an event that will be attended by the President. When the POTUS is going to make an appearance, the Secret Service show up in advance and do a risk analysis of the entire area, looking for any place a shooter could position himself. They lock the area down, perform area-denial of all places advantageous to a combatant and post sharp shooters in every direction waiting for someone to get stupid.

Understandingly, there are more risks involved with using rifles to keep people from using rifles around large crowd, but I think these risks can be managed. It is worth the risk, planning and effort to keep a well trained and well focused team at the ready. Had the shooter had a few expert marksman to keep him busy the moment that he broke out the glass of his 32nd story window, there would have been fewer casualties.

And there is plenty of money in the budget for these events to pay for it. How much do we pay for Cochella and Outside Lands? Yeah… the margins are there to the point that this protection doesn’t have to be passed on to the consumer.

I attend concerts like this one all the time. I’m still going to. Shoot at me all you like. You are not going to stop me from seeing my favorite band. I just hope the promoter has somebody ready to shoot back at you when the time comes.

xargs is cooler. Thats why…

In trying to delete a bunch of files with similar names  ( REALLY necessary when playing around with the split command ) but there usually is an issue — which presents an inconsistent problem. Sometimes linux barfs and sometimes it behaves…

When issuing this command:   find . -name ‘someFile*’

I will get the output:

./someFileA
./someFileB
./someFileC
etc….

And this kind of input being piped to an xargs rm command doesnt jive all that well. So there is cause for use of the exec command… but its very unwieldy in its usage:

find . -name ‘someFile* -exec rm {} \;

Why is it unwieldy? You mean besides the fact that I wanted to say the word unwieldy? Well, I just don’t understand the syntax. Lets explore:

-exec: acts as a pipe in this instance, but the mechanism is different and those differences are subtle.

the {} seems to act as a transformation to an iterative for each string returned separated by a new line delimiter. It seems to hold true to its Array symbolic reference.

Not sure about the \ and the ; and the option of the +. I will have to look that up later.

1. Make sure that your bank requires that you tell them your ATM card number when you call in. If they don’t, tell them to add that and other layers of security to your account. Be worried that your money will evaporate.
    
2. Call your mobile phone service provider and make sure you they ask you for a PIN. AT&T does this already but I’m not sure about Verizon or Virgin Mobile, etc.
3. Enable two factor authentication on all of your accounts.
4. Keep close tabs on, or even FREEZE your credit with Experian, TransUnion and the spectacular producer of this fine mess. Its free. It may be hard to get through to Equifax, though. They might be a bit swamped.
5. Understand that you are highly vulnerable to being impersonated on a variety of levels now. 
6. If you have an Equifax account and that password is shared with any other of your accounts, change that password. Then smack yourself for sharing passwords among accounts.
7. If you go to the emergency website set up by Equifax to see if you have been breached, attack yourself and don’t do that. Equifax is poison and you’re just submitting more information to the hackers. If you sign up for their credit monitoring service, this abdicates you from joining the class action lawsuit against them where I imagine that they will be liable for more money than they are worth as a company. If you sign up for credit monitoring, don’t do it through them.Ugh. I was wondering why my credit score was so high..
   Gods help us all. Make no mistake, Equifax has caused severe harm to the entire country. They have put the sheep into the hungry wolves den. Now a bunch of NASA engineers are going to have to sit around and figure out ways for people to prove that they are themselves without using any of the exposed information. Yeesh..I bet its also time to knock on Experian’s door… and TransUnion’s as well and see if they have been leaving their doors unlocked at night…

A journal entry for fundamental lessons that advance programming fluency:

1.  What a return statement does:

   When a function ‘returns’ a value, it doesn’t go anywhere in particular. What is special about a value that is returned is that it is now available to be called by other methods and functions.

   For example, here’s a function utilizing both print() and return:

   def foo():
       print("hello from inside of foo")
       return 1

   Now you can run code that calls foo, like so:

   if __name__ == '__main__':
       print("going to call foo")
       x = foo()
       print("called foo")
       print("foo returned " + str(x))

   If you run this as a script (e.g. a .py file) as opposed to in the Python interpreter, you will get the following output:

   going to call foo
   hello from inside foo
   called foo   
   foo returned 1

   Logical example supplied by Nathan Hughes.

2.  How recursion works: 
   If you define a small script with a nested return statement, the untrained logic will present a computational fallacy. Note the example:

   def f(n):
   …     if n<2:
   …             return 1
   …     return f(n-1) + f(n-2)
   x = f(3)

   Print x

   How will this code work? The tough spot is that this algorithm is especially designed to fool you. If you calculate the computation algebraically, you get the same answer as you would have if you understood where recursion was supposed to take place — in this case using the integer ‘3’. Take a moment to run the numbers in your head.

   Now, If you were to shove in the number 2, different devils come out of the details. Try coding this up in a Python interpreter and see what you come out with.

   3 gets you 3. 4 gets you 5. But 2 gets you 2, not 1. Why do you think that is? Understanding recursion means that when you get to the second return line, you understand that each f(someValue) must be looped back up through the first if statement again and be subject to satisfying the first return statement again.

And here’s the thing.. I had it working before… doesn’t that just kill? The irony is starting to hurt my feelings… 🙂

After spending about 7 hours trying to get this to work, I have decided to start over and spin up a fresh install of the latest asg*.iso file in vmware and start there and see how it goes….

Okay… its been 6 hours and I have a fresh install working and configured for baseline internet access using one network client ( manually adjusting TCP stacks away from DHCP to test) and we have pulled our standard test http blob. ( Adell’s ‘hello’ video on youtube.. my version of hello world )

Pain points: Spinning up a twin firewall in ESXi can be problematic so remember these things:

( im going to have to condense these into simple captures of what I learn instead of talking to myself.. )

• Go for the Other Linux 32 bit guest framework in ESXi for Sophos UTM. There is an option mid-install to go for the 64 bit, but for some reason the WebAdmin always chokes right after install when you use the 64 bit option. Just pass on it.
• Twinning up a firewall with the same IP address ( even with the other one down ) seems to make the gods angry. I didnt test for an ARP cache conflict, but Im guessing thats what it was.. no workie. Use a new IP.
• Don’t worry about configuring a gateway in the Firewall. It auto configs.
• When setting up your WAN interface, choose Standard ethernet as your connection type and opt for DHCP. ( Much better performance than our first exercise in building this… )Now… time to set up the VPN. But steaks first. ( Will return )

Next Day —- The bleeding continues…
9:13AM

I have another client on the network configured to run through the new firewall. Im configuring the SSL VPN now…. wish me luck.

Interesting tidbit: Nmap has a DNS dependency when running from Darwin 15.6 without using a -Pn flag. Weird….

Toggling the Firewall Rules has no effect over the course of 1-2 min of blocking access. I turned them off yet I can pull websites and my DI stream does not fail. — Does it take a few mins? Need to explore further to elaborate on root cause of firewall issues… Fleh.

Some great nmap commands listed here:

http://bencane.com/2013/02/25/10-nmap-commands-every-sysadmin-should-know/

Thank you Ben Cane. 🙂

3:45PM
Yah know… its been another 6 hours of nibbling along and my only accomplishment today is making my bed.. Redoing the firewall from scratch has forced me to learn every detail of this firewall down to where the developers went to kindergarten and what level their Dungeons and Dragons character is. — totally relevant I know… but not the short answer to the issue at hand.. being able to push code to my home web server… all this firewalling for some python and flask….

rrrrrrrr… :\

Working on getting the DMZ access to the internet… did I enable masquerading?…

4:22
This must be what its like when the zombie is trying to get out of the grave and there are several townspeople all weighing down on top of the dirt and coffin lid that is pushing through the ground…a rigor’d arm with bones and flesh all rotten pushed through the ground… lol

So now I have internet access out of the DMZ and into the interwebs:
~$ wget danielmiessler.com
–2016-10-16 16:20:50–  http://danielmiessler.com/
Resolving danielmiessler.com (danielmiessler.com)… 104.25.35.29, 104.25.34.29, 2400:cb00:2048:1::6819:231d, …
Connecting to danielmiessler.com (danielmiessler.com)|104.25.35.29|:80… connected.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://danielmiessler.com/ [following]
–2016-10-16 16:20:53–  https://danielmiessler.com/
Connecting to danielmiessler.com (danielmiessler.com)|104.25.35.29|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html.1’

Im using my local DNS but still it had to do a double request to get to the site now that Dan has put a cert on his page. Shouldnt the entry default me to the 443? Maybe its an Ubuntu thing..

9:20

Grrrrrrr. Still no workie. Same problem that I had with the other box. Same errors reporting from Viscosity but with no viable description of whats wrong…

Viscosity lacks Verbosity. Im downloading PFSense….

–Update 20 April 2017…

I did it. Finally. The culprit? Comcast’s modem. The new model that they switched in when I moved the office came with a Un-Switch-Off-able firewall that I had to open up a port on in the silliest, non-intuitive way, specifying the route NAT’d from the modem to the External WAN interface in Sophos. — that took me a while… Snarbs!

Its a real victory being able to come back to a problem over and over again determined to crush it and then finally doing so… Especially when you already had the gold in your hands before…

Its unfortunate that Twitter has met with such friction and disappointment over the years of trying to become a profitable company. To have everyone push back from the table last week as the stock dropped must have been about as disappointing as being rejected by a classmate you just asked to the junior prom. Personally I can recall several of the overstuffed emails in my inbox describing yet another change to Twitter’s Terms of Service, as they change their information distribution, access and privacy policies in repeated attempts to corral their margins into the black. The platform, the service, even the structure of the tweet itself keeps changing as the back office struggles to find their wind. But one thing has remained constant:

It never works.

My hats off to Dorsey who keeps trying and trying with all of his ninja and know-how, but still the stock drops.

Stock price: TWTR (NYSE) $17.56 -2.29 (-11.54%)
Oct 10, 4:00 PM EDT –

I looked up and saw this after a google search. While I’m wishing them the best of success in their reach for the stars, I find myself wishing that Twitter stays right where it is.

I don’t see Twitter as a social network, an app, a place to gripe about company X because their widget didn’t come in the color that you expected.

Twitter is infrastructure. Like a bridge, a subway, an energy plant. Twitter has become so ingrained into our everyday digital experience, its the first go-to link right after every Facebook icon in most existing digital real estate. It is part and parcel of the modern social internetworking lexicon. It is a part of us. I hope it is valued for more than just the new football and debate feeds that it supports and given the appropriate status therein.

For someone who spends so much time in linux, but not so much time on the same box, I need a way to automate the usual setup tasks every time I spin up a fresh install. I will need to write a script and store it somewhere offsite where it can be quickly accessed through the command line, like in a github repo. Lets figure out how to do this:

Fist lets make a list of all the configurations that I would want to automate with this script:

1. SSH server — of course.
2. Vim configuration preferences  — manually configured by creating .vimrc file, mind you.
3. dev goodies ( python, ruby, etc )
4. Standard updates
5. what else is there… ( will return… )