Tag Archives: risk

December Updates Break Excel

We use Microsoft Excel quite a bit around here, and many workbooks use a good deal of automation. Just imagine my surprise when stuff simply stopped working one day.

Buttons stopped buttoning, objects wouldn’t create… weird stuff. The first time I noticed it I restored a backup but no, that didn’t help. When I noticed the failures were affecting everything I knew the problem was… bigger.

And it was. The update Microsoft rolled out earlier this month for Forms Controls (FM20.dll) broke things for some users, where some users included me!

Here’s a pointer to more information, in case some users includes you as well:

Form Controls stop working after December 2014 Updates

Whisky Death

And not just an ordinary death, either. I killed Whisky, and I killed it but good. Here’s the story…

Whisky’s – er, was – my desktop computer. One of the early Core-i7 systems back in 2009, it rocked rather nicely and handled anything and everything I threw at it. Okay, I hear ya: by today’s standards it was certainly getting a little long in the tooth, but I didn’t care. It still ran like the day I built it. Until March 27.

That morning I was running through the logs, see. We run lots of machines here and I like to keep tabs on ’em. And I found that one of the terrabyte drives, an old Seagate, half of a mirror of some rather important data, had failed. I knew the day would come eventually. Over a year ago the drive reallocated a couple of sectors, but the count was stable at 2 and never rose. I’d figured it’d start throwing more and I’d notice and replace it. And every time we’d be buying drives for this or that I’d shrugged it off. “Next time.” So there wasn’t a hot spare on the shelf.

So instead of getting on with my morning I set out to protect the data. I pulled a couple of other drives and a SATA card – spares for a Linux server – from the shelf and went to install ’em in Whisky’s cavernous case. The plan was to build a new mirror array and copy the data to it. But Windows was balky, seeing the card but not the drives attached to it. Hmm.

Who let the smoke out?
Not Whisky, just a representative image. But the damage is just as real.

The data cables were known-good but the modular power cable came from the parts box. So I grabbed another, plugged it into the power supply and the other end into yet another unmounted and unattached drive, figuring to see if it would spin up.

And that’s when the smoke came out.

I heard it and smelled it and nearly hit my head on the underside of the desk as all the internals went dark.

With eSATA you can do that, hotplug, the power connectors are such that you can apply and remove power without trouble. Not so with a regular raw SATA Molex. Clearly, I hadn’t paid enough attention.

At that point I wasn’t sure what had died.

But data data recovery was most important. I walked the good mirror half into the garage where there’s a project running on an old AMD box. Hey, any place where there’s some space, some power, and a network jack’s fair game, right? Windows 7 would be able to make sense of the mirror. Something more than an hour later the data was safe on our internal network, not a single byte of lossage.

I started troubleshooting hardware with the power supply. I found the 12V motherboard 8-pin connector voltage lacking. This is rural Florida and everything isn’t as available as in the northeast. I found a new one, retail, at a store about an hour and a half away. I used the trip wisely, stopping at other stores out in that area: Costco and Ikea.

Later that night I stripped Whisky to the motherboard and attached the new power supply.

I threw the switches. No response at all.

That smoke they put inside this stuff smells. Eau-de-silicon, we call it. It’s an expensive smell.

And that’s how Whisky begat Porky.

STOP SOPA, SAVE THE INTERNET

This is worth reading. Then go act!

http://boingboing.net/2011/11/11/stop-sopa-save-the-internet.html

OnStar Updates Terms & Conditions – Look Out!

Spies, everywhere!

Jonathan Zdziarski wrote this fascinating piece, makes me glad that none of my vehicles have OnStar. Really, REALLY glad. If yours does, you won’t want to miss.

OnStar Begins Spying On Customers’ GPS Location For Profit

Bonus discussion: How soon before such systems become mandatory in every vehicle?

No Brakes

I was minding my own business, on my way to the local Costco in my 12-year-old Jeep when I thought I noticed the brake pedal move just a little bit lower than usual. “Probably just my imagination,” I thought to myself as I approached the next traffic light. The pre-rush traffic was beginning to build. I modulated the pedal, trying to tease out the difference I thought I might have felt.

At the next light it became clear that there was a serious problem. The pedal abruptly sunk most of the way to the floor. The idiot light on the dash came on simultaneously: BRAKE. The brakes themselves weren’t very effective at all. I used the engine in low gear – it’s a Jeep, it has a really low low gear – to slow for the light. I shoved the clutch in coasted to a stop. “That wasn’t so bad,” I thought.

The shopping center parking lot on the next block seemed like a good place to look things over. The light changed. I made my way into the mostly empty lot and again coasted to a stop.

A walk-around revealed the problem quick enough: the left rear brake line had ruptured. The puddle of brake fluid grew, revealing the general area of the damage. The nearly empty reservoir confirmed what I already knew.

My insurance company provides roadside assistance and maybe this was a good time to use it. It’d probably take a while, I figured, it usually does. But there was a Wal-Mart in the shopping center. I could buy a can of brake fluid and try for home, maybe 15 miles away. It was a gym day, late afternoon, and waiting for the tow would probably make me miss a workout. But wrecking the Jeep would probably do that, too. I calculated the odds…

I bought the fluid, filled the reservoir and set out for home. No brakes. Well, not quite. I found that when topped off I’d have about 20% brakes for maybe 5 brief applications. Maybe. Panic stops were definitely out of the question.

Between anticipating the need to slow and stop and using the manual transmission and engine braking for speed control the ride home went without incident. Full stops even became easy: slow in low gear and kill the ignition. I didn’t make any new friends in the cars following.

When I got home I used the creeper, rolling underneath for a better look. Finding the exact point of the rupture was easy. The line was corroded and it finally let go. Jeeps are the easiest vehicles in the world to service, one of the reasons I love mine. The brake line is double-wall tubing running the length of the frame, all very accessible. I mentally ticked off the steps. Obtain a replacement brake line, maybe the other side, too. They’d have to come from a dealer, probably special order. Pull and replace the lines. The fittings at the master cylinder, brass, probably, having never been turned for the life of the vehicle, could be troublesome. Likely the same with the fittings at the slave cylinders, but I wasn’t about to pull a wheel just to confirm. Finally, refill and bleed the system. Oh, and those bleeders might prove tough to turn, too… I estimated a half-day of work on my back in the driveway – IF nothing went wrong on the way. It just might be worth sending this job out.

The next day I phoned up a place that’s done some work for me in the past. I described the problem. “So the pedal feels spongy and the indicator light is on?” Eddie asked. I laughed. “Dude! The pedal’s on the floor! The corroded double-wall line has a hole and the fluid’s all over the ground. Yeah, the light’s on alright. I need you to replace the line, maybe replacing both of ’em’s a good idea as long as you’re in there.” “Got Triple-A?” “No, I don’t, Eddie. I’ll drive it in.” There was a long pause. “You know, I can’t advise you to do that,” Eddie began. I think I could almost hear him suppressing a laugh, but it was probably just the cell connection. “Let me get you a tow,” he tried. “Nah, I’m good.”

Later that afternoon I drove it to the shop. No brakes. Pam followed me. I think she was more nervous than I was. Again, there were no incidents. A Beemer had stopped quickly to make a left on a two-lane but I had anticipated it and slowed appropriately. On a bike, if you don’t evaluate lots of possibilities ahead of time you get hurt. The training paid off.

As I dropped the key I reminded Eddie, “Maybe you should put a sign on the dash, y’know, for safety.”

Soon I should hear what the job will cost. If I like what I hear maybe I’ll have him replace the factory exhaust system, which has finally reached its end of life…

Once Again: The Importance of Privacy

My work as a mentor for the local robotics team puts me in contact with lots of smart kids from all over this rock. One of the (many) things that astound me is the continual erosion of awareness and concern for personal privacy. If there’s one way that I guess I really show my age it’s that I still hold that archaic concept in pretty high regard.

This article, from The Chronicle of Higher Education, is a very astute response to what’s probably the most common retort, “if you’ve got nothing to hide then there’s nothing to worry about.” Actually, the worries are very, very real.

Go read Why Privacy Matters Even if You Have ‘Nothing to Hide’, by Daniel J. Solove.

Storage: the plex is missing

Last year, in the midst of migrating the VM farm from VMware to VirtualBox, I had a Seagate drive go tits up. Luckily it was part of a RAID so I just substituted another drive and that was that. It was still under warranty so I figured that one day I would clear out the confidential data and RMA the thing. No rush.

Every so often, as time permitted, I would haul the thing out and play with it a little. This morning was one of those times.

Since I’ve been rather unsuccessful with the thing so far I figured to try swapping logic boards on the drive. I’ve got a spare, of sorts; it’s on a drive that’s part of the RAID mirror in my primary desktop. Software RAID, that is, on a Windows 7 system.

It’d be a simple matter to pull the drive, failing the RAID. Then the plan was to install the known-good logic board onto the failed drive, cable it up to the ESATA port and (possibly) do the wipe. Recovery would be just as easy. Replace the logic board and re-install the RAID drive. Then recover/resync the mirror and that would be that.

Before I got started I figured a backup would be prudent. The RAID mirror is where I do all my work. The better part of a terabyte was soon copied to a spare drive.

The drive pull took but a moment. Gotta love those big, roomy cases! I booted to find that the array had NOT failed; instead it went missing altogether! Oops. No concern, though, right?Microsoft documentation says that breaking a mirror results in two drives containing the data, just no more mirror. My exercise should have merely simulated a drive failure. When I re-installed the drive it should be fine.

Okay, so I did the logic board swap and futzed with that a bit, still feeling a bit uneasy about the mirror. Didn’t get anywhere for my trouble. It looks like the failed drive is just that – a failed drive. (More about that later.)

I put the known-good logic board back on the mirror drive, shoved it into the case, cabled it up and booted. Uh oh. Still no mirror. One of the two formerly mirrored drives appeared uninitialized while the other was foreign. I imported the foreign disk, which then got its old drive letter back.The data appeared to be intact but (I guess) since the companion volume remained uninitialized it still reported itself as having “failed redundancy.” I couldn’t break the mirror, nor could I remove the mirror. It looked like it was in some kind of limbo. I tried to reactivate the volume and had a nice little “WTF” moment: “the plex is missing” mocked the resulting error message.

I’m running out of time, there’s stuff I need to be doing and it’s certainly not this.

I initialized the uninitialized drive, made it dynamic and formatted it. Then I copied the data from the drive whose plex – whatever the hell that is – was missing onto the newly formatted volume. Continuing, I wiped the plex-less drive. Would it now offer itself up as a candidate to accept a mirror? Yes, it would. So I did just that and it took a while – longer than all the file copying – to resync.

Now, I’ve had good luck with Windows’ software RAID mirrors before but this exercise worried me a little. Should I have broken the mirror instead of simply yanking the drive? What if it had failed electrically? Or if I knocked a cable loose doing some unrelated maintenance? Or someone stole the drive? What happens when a drive fails under certain circumstances? Have I just been lucky all along, where the failures I’ve experienced have just been the right kind of failures that were recoverable? Ponder, ponder.

I guess I need to set up a testbed VM and experiment. Meanwhile, I have my panic copy and the same mirror arrangement I had this morning, no lossage.

Oh, and the old drive that I was trying to wipe? Glad you asked. It’s still on the shelf. There’s confidential data on there, if one were to recover it. I haven’t been able to get to it in order to properly cleanse it. I don’t trust Seagate; not that Seagate’s evil or anything. It’s just that, well, the responsibility’s mine and I don’t take that lightly. Terabyte drives are only worth about $75 retail these days and I got a couple of good years out of the thing.

What would YOU do with a drive full of confidential but unreachable data? Can you suggest any tools that I might use to get at the drive to wipe it without needing to access it with Windows or Linux, the two predominant OSs we run here?

Automattic in the News Today

Seen on DarkReading.com:

WordPress, the popular blog-hosting site, is reporting a breach of several of its servers.

Automattic, the company that drives WordPress, as well as Akismet, “had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed,” said WordPress […]

Folks that use WordPress or other Automattic products will want to keep an eye on this.

http://www.darkreading.com/security-monitoring/167901086/security/attacks-breaches/229401553/wordpress-reports-multiserver-breach.html
[link died]

Mercedes Auto Commercials

Have you seen the recent Mercedes automobile commercials on television?

You know the ads I’m talking about. The ones that show drivers – and I use that word loosely – praising the Mercedes on-board systems for saving the life and limb of some poor, unsuspecting soul when they – the so-called driver weren’t paying proper attention.

“I didn’t see them!” they exclaim.

Well, if you’d have been paying attention then maybe you would have seen them.

I’m torn. On the one hand, as a technologist, I applaud the engineers for the incredible systems they’re building. I don’t think we’re all that far away from seeing self-driving automobiles. Have you seen Google’s? On the other hand, as an invisible motorcyclist dodging drivers inattentiveness and errors every day, I know all about how each and every auto feature that distracts from the task at hand does exactly that. (And sometimes the feature doesn’t even need to be part of the car. I’m thinking of the guy I saw in the minivan last year, in rush-hour highway traffic, with a laptop (!) balanced on the steering wheel, tapping away, oblivious. I throttled up, risking a ticket, and put the dope well behind me.)

I’m thinking that I might one day put on my Mercedes-buying clothes and stroll into a dealership, posing as a potential buyer, and learn firsthand about how they market this stuff.

A Good Reason to Keep Your Old Automobile

Old cars never had problems like this.

There’s too much not-necessary-for-driving stuff that you can do with cars these days, and few of ’em are any good. At best, many new features serve to distract you from the task at hand: driving the thing competently.

Even stealing cars isn’t what it used to be. With the demise of discrete wiring in favor of networks, in some cases all you need to do is access the network. Used to be you needed to break off a mirror to gain physical access. Jack in with your laptop and command the doors to open, the engine to start…

But now? Make a “phone call” from your laptop.

How long before we see car-botnets controlled from IRC? Or maybe viruses to cause an accelerator to stick? Or brakes to stop braking? Or, more subtly, stability controls to destabilize? Hmmm, cause your ex to seem like s/he’s driving drunk? For a price, of course, cash, please.

Here’s a NY Times article that ought to shake you up. (But I’ll bet it won’t.)

Researchers Show How a Car’s Electronics Can Be Taken Over Remotely

 

Oh, That’s Why!

A little while back I mentioned that I’ve been selling some stuff on craigslist, and lamented some of the spammy fallout that comes with that territory.

Well, check this guy out!

http://dontevenreply.com/

I just love the net; recreation is wherever you find it.

Craigslist Adventures

Over the past few months I’ve been selling stuff on craigslist. (Sometimes the name’s capitalized, sometimes not, and I’ve even read interviews where they’ve said not capitalized is more correct so I’ll try to be equally inconsistent.)

I’m a bit of a pack-rat and space is becoming tight. If I chip away at it I figure I will have lightened my load considerably in, oh, say two or three years. We’ll see.

Anyway, while my sales have by-and-large completed quite nicely, the amount of spam and scam has been an eye-opening experience. How about this email, for example?

Hi
Thanks for the response.I am willing to pay your asking price.I will pay by money order as its the only way i can pay you at the moment.I will make arrangement for the pick-up after payment have been received by you. I don’t mind adding an extra twenty dollars so you can keep it in my favor.Reply with your full name,cell phone number,and address where payment should be sent.Please take the posting off craigslist today and consider it sold to me. Expecting to hear from you soon.
Regards

How ’bout that? Would you respond to this? An extra twenty bucks. Sounds tempting, doesn’t it?

I came close to asking the writer if I could offer my Social Security number as well as the other stuff he asked for, just for giggles. But nah, into the junk it went.

Yawl be careful out there!

Rescue in Chile

I’m certain that you’ve been following the rescue of the trapped Chilean miners. The media attention has been unprecedented. And rightly so – it’s nothing short of incredible how everyone has pulled together to save the miners. (And I’m proud of the contributions the good ‘ol USA has made to the effort. I’ll set aside for a moment the fact that much of the world regards us as the very definition of evil.) A decade ago all 33 would have likely perished.

As I watched the coverage last night a couple of questions came to mind.

One story mentioned that these men toil underground – dangerous work – for a bit more than $400 a week. I believe in Chile that’s a respectable sum. I wonder whether they earned overtime pay for the time they were trapped. And I wonder whether their families have been collecting their salaries throughout these 68 days in order to do such things as put food on the table, pay bills, and so on.

Fix for Runaway Toyotas Revealed!


Toyota Solution
Fix for Runaway Toyotas

Actually, the solution’s been built into my Harley-Davidsons (and all other street motorcycles) for a little bit less than forever. Well, since they legislated standardized controls, in any case.

What is it? It’s a real, honest-to-goodness stop switch.

Unlike Toyota‘s Prius, this switch is located right where it belongs, just a short reach for your right thumb, the switch produces immediate, predictable, certain results.

The engine stops.

You don’t need to hunt for the button. You don’t need to hold it for 30 seconds. Because when you need to stop the engine you need to stop the engine, and every millisecond counts.

There you have it!

Where’s my prize? Edmunds? Obama? Who’s got it?


Surprise!

My son‘s recent assignment for driver education class was to research insurance quotes. (I’m not sure how relevant that is to the actual practice of vehicle operation, but there you go.) I didn’t think that you’d be able to obtain actual quotes online; I was wrong.

But what really blew me away was how available certain information has become. With nothing more than my son’s name and street address Geico was happy to hand back a list of our vehicles. My vehicles – NOT the kid’s vehicles – mine. No authentication, no nothing.

I’m thinking of sitting down with the yearbook. It’s easy enough to associate local addresses with names – Google and the Post Office are glad to help with that – unless maybe your name’s Patel. Then do the lookups and compile the vehicle lists – again, easy, as we’ve discovered. In fact, since I’m tech, I’d automate that part. With that humming along it’s time to put on the marketing hat… Who’d be interested in who drives what? How ’bout you?

One thing’s interesting, though. They didn’t list my motorcycles.