The Smell of Molten Projects in the Morning

Ed Nisley's Blog: Shop notes, electronics, firmware, machinery, 3D printing, laser cuttery, and curiosities. Contents: 100% human thinking, 0% AI slop.

Category: Home Ec

Things around the home & hearth

  • Experian Triple-Alert Signup: FAIL

    So batteries.com had the usual security breach, lost the usual list of customer info, and sent out the usual letter advising the victims that they could get a free signup with Experian’s credit-report monitoring service.

    So I signed up, which involved the usual exposure of sensitive parts of my ID anatomy, and was eventually told (despite answering everything correctly, AFAICT) that they couldn’t verify that I was, in fact, me and would send a paper form to my (presumably known-to-them) USPS address for confirmation.

    The next day I get an email from “Triple Alert Redemption Customer Care <mumble-mumble@consumerinfo.com>” with this helpful offer:

    We employ a rigorous identity verification system in order to protect your personal information. Unfortunately, we could not validate your identity due to either technical difficulties with the system or information submitted that could not be confirmed.

    To continue the order process, please contact customer care at 1-866-mum-bles, Monday-Friday from 6 a.m. to 6 p.m., Saturday-Sunday 8 a.m. to 5 p.m. Pacific Time.  Please provide this Reference number (required):

    Reference number: make-up-your-own

    A representative will attempt to confirm your identity by asking you questions based on the information contained in your credit report.  Please be sure to familiarize yourself with data such as the names of your lenders and account balances before you call.  Once your identity has been confirmed, you will be provided access to your Triple Alert(SM) Credit Monitoring membership.

    Now, it’s highly likely that the email is on the up-and-up, but this seems to be precisely one of those situations they warn about:

    • you get an official-looking email
    • call the phone number
    • talk to the nice person
    • answer a bunch of probing questions
    • be assured that something pleasant will happen

    Instead, I called the “Contact Us” number from their website. The nice lady didn’t see anything wrong with them sending out an email like that. Nay, verily, she offered to do the deed right over the phone. I respectfully declined… I can wait.

    It’s worth noting that although it’s an Experian thing, the websites & email addresses involved include:

    • experian.com
    • consumerinfo.com
    • experiandirect.com

    It’s enough to make you think longingly of cutting up your cards, digging a hole, climbing down, and pulling it in after you.

    [Update: after a month or so, I got an email telling me that all was quiet on my Triple-Alert front and my delicate personal bits were in fine shape. A few days later, the long-awaited paper arrived with my confirmation numbers. So I suppose it’s working, but sheesh it doesn’t inspire much confidence.]

  • BOB Yak Trailer: Storage Thereof

    Grocery Hauling Setup
    Grocery Hauling Setup

    Bicycles, in general, aren’t set up for heavy load carrying, so I use a BOB Yak trailer for groceries, garden goodies, recycling, dead PCs, and this and that and the other thing. It works surprisingly well, tracks nicely, and tends to push cars another half-lane to the left.

    Word: if you want plenty of clearance in traffic, haul a 20-pound propane cylinder in your bike trailer!

    Anyhow, storing the trailer is a bit of a nuisance, as it’s not particularly stable on its own and takes up a remarkable amount of floor space.

    BOB Yak on garage door rail
    BOB Yak on garage door rail
    BOB Yak hanging against shelves
    BOB Yak hanging against shelves

    I finally figured out that it would hang neatly from the garage door tracks, just beyond where the door stops at the top of its travel. There’s a set of shelves against the wall, filled with the usual crap found on garage shelves (well, maybe you don’t have beekeeping supplies, but you get the idea), so the trailer isn’t blocking anything really important.

    I lean my bike against those same shelves and the trailer hangs neatly between the seat and the fairing. The ladies’ bikes are just out of sight to the right.

    We have a two-car garage that’s the right size for one minivan and three Tour Easy recumbents…

  • Electronic Ballast Shoplights: So Much For Efficiency

    Just picked up a batch of electronic-ballast shoplights from Lowe’s, motivated by a 10% off card they sent a while ago. Not a killer deal, but it evidently got plenty of folks into the store on a Sunday morning.

    The new lights don’t claim much about their abilities, other than “Electronic Cold Weather Start (0° F)” and that the reflector sizing requires T8 (1″ dia) fluorescent tubes. One would expect an electronic ballast to have a decent power factor and improved efficiency.

    Because I’m that sort of bear, I opened one up to see what was inside. Here’s the ballast:

    Electronic Ballast Dataplate
    Electronic Ballast Dataplate

    Although the fixture is sized for T8 tubes, the ballast would be perfectly happy with T12s. Similarly, the box insists on F32 tubes, but the ballast is OK with F40s.

    I thought a comparison with one of my old magnetic-ballast fixtures would be of interest, so I hitched up the Kill-A-Watt meter and ran some comparisons.

    The results…

    Amp Watt VoltAmp PF
    Old magnetic ballast
    F40T12 0.64 60 76 0.79
    F32T8 1.11 80 126 0.62
    New electronic ballast
    F40T12 0.75 47 89 0.53
    F32T8 0.77 49 91 0.54

    The electronic ballast has a much lower power factor and thus much higher current. The box & ballast don’t say anything about power factor correction and, wow, there sure isn’t any. The power company hates gadgets like this…

    I cannot compare the brightness because the F40 tubes are several years old, but it’s interesting that the electronic ballast runs both tube sizes at essentially the same power (just as the dataplate indicates, sorta-kinda). The magnetic ballast really cooks the piss out of the smaller tubes, though… or it’s dumping a lot of energy into the ballast. Hard to say.

    The T12 tubes are rated for 3000 lumens & 20 k hours. The new box of T8 tubes I got a while back are 2800 lumens and 24 k hours. Frankly, I don’t believe any of those numbers, particularly given the actual power consumption: it looks like either ballast runs them at just 75% of their rated power.

    Anyhow, these were the cheapest shoplights in stock; I bought eight of ’em, because I’ve been replacing one dead fixture every month or two for the last year. I’d like to think I’d get a better ballast if I spent twice as much, but to a good first approximation the additional cost seems to have gone into black plastic trim and a burnished-chrome exterior finish; not what I need in the Basement Laboratory.

    I wish the boxes were more forthcoming so you didn’t need to perform exploratory surgery.

  • Why Friends Don’t Let Friends Use Windows: Torpig

    For those of you still using Windows, here’s a sobering look at why you shouldn’t: an analysis of the Torpig botnet by an academic group that managed to take over its command & control structure for a few days.

    The report is tech-heavy, but well worth the effort to plow through.

    Here are some of the high points…

    Why do the bad guys do this? It’s all about the money, honey:

    In ten days, Torpig obtained the credentials of 8,310 accounts at 410 different institutions.

    … we extracted 1,660 unique credit and debit card numbers from our
    collected data.

    Does an antivirus program help?

    Torpig has been distributed to its victims as part of Mebroot. Mebroot is a rootkit that takes control of a machine by replacing the system’s Master Boot Record (MBR). This allows Mebroot to be executed at boot time, before the operating system is loaded, and to remain undetected by most anti-virus tools

    In these attacks, web pages on legitimate but vulnerable web sites are modified with the inclusion of HTML tags that cause the victim’s browser to request JavaScript code from a[nother] web site under control of the attackers. This JavaScript code launches a number of exploits against the browser or some of its components, such as ActiveX controls and plugins. If any exploit is successful, an executable is downloaded from the drive-by-download server to the victim machine, and it is executed.

    What happens next?

    Mebroot injects these modules […] into a number of applications. These applications include the Service Control Manager (services.exe), the file manager, and 29 other popular applications, such as web browsers (e.g., Internet Explorer, Firefox, Opera), FTP clients (Leech-FTP, CuteFTP), email clients (e.g., Thunderbird, Outlook, Eudora), instant messengers (e.g., Skype, ICQ), and system programs (e.g., the command line interpreter cmd.exe). After the injection, Torpig can inspect all the data handled by these programs and identify and store interesting pieces of information, such as credentials for online accounts and stored passwords.

    If you think hiding behind a firewall router will save you, you’re wrong:

    By looking at the IP addresses in the Torpig headers we are able to determine that 144,236 (78.9%) of the infected machines were behind a NAT, VPN, proxy, or firewall.

    If you think you’ve got a secure password, you’re wrong:

    Torpig bots stole 297,962 unique credentials (i.e., username and password pairs), sent by 52,540 different Torpig-infected machines over the ten days we controlled the botnet

    If you think a separate password manager will save you, you’re wrong.

    It is also interesting to observe that 38% of the credentials stolen by Torpig were obtained from the password manager of browsers, rather than by intercepting an actual login session.

    Somewhat more info on Mebroot from F-Secure.

    Remember, the virus / worm / Trojan / botnet attacks you read about all the time only affect Windows machines. Linux isn’t invulnerable, but it’s certainly safer right now. If you’re running Windows, it’s only a matter of time until your PC is not your own, no matter how smart you think you are.

    If you have one or two must-gotta-use Windows programs, set up a dedicated Token Windows Box and use it only for those programs. Network it (behind a firewall) if you like, but don’t do any email / Web browsing / messaging / VOIP on it. Just Say No!

    For everything else, run some version of Linux. It’ll do what you need to get done with less hassle and far less risk. It’s free for the download, free for the installation, and includes all the functions you’re used to paying money for. Just Do It!

    If you think using Linux is too much of a hassle, imagine what putting your finances back together will be like. Remember, the bad guys will steal everything you’ve ever put on your PC, destroy your identity, and never get caught.

    Now you know… why are you still stalling?

  • Halogen Spotlights: FAIL

    Exposed Halogen Spotlight Bulbs
    Exposed Halogen Spotlight Bulbs

    This pair of halogen outdoor spotlights has been in place for at least a decade; they don’t see much use, so the filaments haven’t burned out in all that time.

    A lens fell off a few days ago, at which point I realized that it was the second lens to fall off; where the first one got to, I cannot say. I suspect they’ve never been turned on in the rain, as a single drop of water on a halogen capsule would shatter it like, uh, glass.

    The right-hand bulb was evidently the first to fail, as it’s full of toasted spider silk, seed husks, and bug carapaces. The reflector aluminization doesn’t like exposure to the Great Outdoors, although it’s in surprisingly good shape for the mistreatment it’s seen.

    I installed a pair of ordinary fused-glass spotlights from Ol’ Gene’s stash that Came With The House; they’ve been in the basement at least as long as those halogens have been on the side of the house. I suppose he put the good spots up there and kept the plain ones in reserve.

    Maybe the “new” spots will last for another decade?

    [Update: frienze reports another bulb failure…

    Submitted on 2014/05/30 at 10:44
    I searched for a more on topic post to stick this, but — alas! — it seems to be closed for commenting.

    Before tossing out the bulb, I decided to take a few pictures.

    Overview
    Overview different angle
    Detail of failure
    Less useful detail turned the other way around

    I half suspect the bulb might not actually be broken in the strict sense of the word, but I decided against actually testing that theory.

    Trying to show the broken socket part is a lot harder. It doesn’t photograph well.
    The broken socket
    What the connector is supposed to look like (in a socket part that arrived broken just like that straight from China… and it’s not like it broke in transit; the protective top simply wasn’t there at all)
    Here you can maybe see it a bit better
    And here it is next to some dried garlic
    ]

  • Garden Fork Repair

    Mary intercepted a complete, albeit defunct, garden fork on its way to the trash and brought it home for repair. It turns out that the handle’s socket had loosened and split around the tine shank, but all the pieces were pretty much in place.

    Looks like a job for JB Weld Epoxy!

    Mix the epoxy with my dedicated mixing screwdriver, butter up the shank, blob the excess epoxy into the socket, shove the parts together, clean off the outside globs, and let it cure overnight.

    The trick is to get enough epoxy in the socket to fill the voids and mechanically lock the shank in place. This probably won’t work for forks used by burly guys who heave rocks over the horizon, but for our simple needs it’ll do just fine.

    Every now and again it’s OK to do an easy repair without a trace of CNC…

  • My Eyeglass Sizes: A Summary

    Having decided to try getting sunglasses from one of those “our lab is in Hong Kong” places, the question arises: what lens & frame size do I need?

    Rummaging through the heap produces this assortment:

    Frame label Lens size Frame width Earpiece Commentary
    53-19 53×40 141 145 Current glasses
    55-16 55×45 142 140 Current sunglasses
    54-16 54×45 133 135 Old sunglasses
    56-16 56×45 137 133 Wire rims, aviators
    52-19 52×39 140 140 Clear, previous daily
    56-16 58×50 135 130 Aviators, too big

    The obvious conclusion is that any lens in the low 50s x 40-ish range will suffice. Pity that the LPS (low-price supplier) doesn’t have anything non-aviator-ish or un-dorky (even by my slack standards) in the 40-ish range, but maybe it’ll work out OK.

    Some general observations.

    I used to wear relatively large aviator-style lenses, as I worked on little parts that occasionally went sproing. Not enough energy to merit safety glasses, but annoying enough to want good eye coverage. These days, alas, I tend to wear a headband magnifier.

    Progressive bifocals require a relatively tall (and, it seems, currently unstylish) lens. Aviators solve that problem, but really are too large for my face. No matter that I wore them for years.

    Anti-reflection coating is wonderful. Pity that the LPS can’t put it on tinted lenses; I’ll see how that works out.

    I wear one pair of glasses all day, every day, and take fanatic care of them; we have an ultrasonic cleaner pretty much dedicated to eyewear. By and large, my lenses last forever. The frames, as you’ve seen there, tend to fail first.

    [Update: It turns out 53×35 lenses really aren’t tall enough for gray 20% transmission sunglasses: the progressive transition is a bit cramped and there’s too much daylight around the top & bottom. I think they’ll be OK for biking, as I wear hideous goggles to keep the dust out of my eyes. A pupillary distance of 62 seems OK. About $63 delivered.]