Sunday morning on the rails

The good people of the Black River Railroad Historic Trust decided to run a steam-powered mixed-freight train. Naturally I had to be there, to get some photos.

grey coal smoke rises from the woods
Smoke rises from the woods as Engine #60 prepares for its time on camera.
steam engine on the move
First photo run of the morning; #60 pours on the power.
train crew watching
A careful crew is a safe crew; watching the track ahead.
engineer's hand on throttle
Hand on the throttle.
group of photographers trackside
Photographers and the conductor await the run at Bowne.
steam engine making turn
Cue the music as she comes around the bend.
Steam train gets closer
More power.
Steam train with observers in foreground
On the second run-by.
train crew talks with conductor
Crew receives new orders
Caboose with crew members
Starting the shove back home.

Several times during the trip, I was asked if I wanted to stand right up against the right-of-way (ROW in rail terms); that’s not necessary for my interests. It was a great way to spend a few hours on a sunny Sunday in September.

 

Advertisements

Off the schedule

Come January 2019, I’ll have all the nights of the week free – as of today I’m  off the schedule for Spring 2019. It’s the end of the line for teaching… 21 years in higher education is enough.

Soon I’ll start the process of official retirement for the NJ PERS (Public Employee Retirement System), so that I can collect a pension check… while NJ still has money to pay.

I’m going out on the horse I came in on. I was originally hired to teach the ‘hardware’ course – and that is the course I’m teaching now. Symmetry.

 

Leaving Facebook… the process.

I don’t intend (at least in the next year or so) to actually leave Facebook. It’s a nice way of keeping in touch with some people, and a good experimental platform for understanding the ways and wiles of tracking systems.

But there’s been a lot of chatter the last few days about how to leave Facebook, and the [obvious, if you think about it] algorithms used by Facebook for victim customer advertising target retention. Specifically, Facebook starts hitting the notifications hot and heavy, and eventually starts ignoring its own settings in the quest to keep you entertained on the hook.

The process you should follow (at least as of this writing)… 1) Start removing your content. Don’t do it all at once, but my approach is to slowly remove all photo “albums” with the exception of the auto-generated foursome (uploads, timeline, profile, cover).

2) Create an alternate identity email somewhere. Change your Facebook email over to this new account. Don’t use this email for any other purpose.

3) Remove ALL references to your primary email, web, phone, etc. from Facebook. Don’t use any identifier other than the alternate email address.

4) After a month or so, disconnect Facebook from your phone (if you ever gave it the number to start with)… watch as Facebook starts to fill your auxiliary email with notices.

5) On your fated day, sign in to Facebook, do the removal thing – it may take a number of attempts complete with various captchas and pleadings and confirmations and so on.

6) You may now walk away (figuratively speaking) from that alternate email, safe in the knowledge that Facebook can’t bug you any further.

 

 

Winding down…

I’ve started winding things down. This blog will continue as an intermittent feature, but its days of being hosted on wordpress.com are numbered. GDPR and a poor choice of username are the main culprits for this change.

It’s time to move on… 34 years in the same gig is long enough, time to find that greener pasture elsewhere. The future will emphasize photography, travel, and writing; software development and education will take a back seat.

The main sites will be moved to virtual private servers out in the cloud – the days of hosting internally will come to a close sometime late this year. A few things will not make the transition.

 

Reading instructions…

There’s just two more sessions left this term for my “Internet & Web Architecture” class (tonight, and next Friday night).

The class has a weird name. I preferred calling it “Introduction to Systems Administration” or perhaps “Basics of Internet Infrastructure” but when you’re the adjunct (part-timer) and the PhD wants another title… you go with what the PhD wants.

Either way, the basis of the class is to teach the bits and pieces most classes ignore – setting up servers, virtualization chores, DNS, registering domains… and introduces students to a real-world issue: keeping track of credentials.

It’s this last bit which causes the problems… that, and that no one seems to want to read instructions.

Well, guess what. I’d rather not read them, either. Except I know what happens when you don’t read the instructions – it blows up in your face, and then you have to go and start all over again, and this time, read the instructions.

So reading instructions first turns out to save time.

But just try getting students to understand that…

Keeping email private…

Whenever one of the market-anointed tech titans speaks, people start to pay attention to their privacy… or lack thereof. In this instance, the question received regarded email, asking about alternatives to Microsoft & Google offerings, as compared to a Swiss service ProtonMail. Get your beverage(s) ready, this is going to be a long one.

Disclaimer: I am not a lawyer, and I did not sleep in a Holiday Inn Express last night. This discussion is relative to my understanding of United States Laws and court decisions. Your mileage may vary. 

First – how much inconvenience are you willing to suffer to keep your email private? What are you willing to pay?

On the surface, ProtonMail (which prides itself on end-to-end-encryption, and being based in Switzerland) seems like the obvious winner, since there’s a free version. But there are issues here. First is the recently passed CLOUD Act (Clarifying Lawful Overseas Use of Data Act, HR 4943, signed into law March 23, 2018) which allows for bilateral treaty-based exchange of overseas data between signatories. Note there is already such a treaty in existence with Switzerland. Proton’s off-stated “we only store encrypted data” claim is only good to the extent a user is not otherwise compelled to give up a password… or that the encryption is as described. Further, the only interface allowed to Proton is via web browser…

Gmail/Hotmail etc – “free” or “paid” – your email is going to be read by robots, mostly looking for advertising ‘bait’ or to build a better profile… (more on this later). Of course, these offerings win on convenience, and of course “free!”

Finally, there’s “roll-your-own” email. Invest in a server, configure your own email, have your own custom address pool, make your own filters and blocks, set auto-replies, run email lists… in simple terms, do everything the big boys can, but in your own way. All the mission-critical email for me has run on my own email server for more than twenty years. I use Gmail as a convenience, and am forced to use Outlook by various clients.

Now – let’s look at the legal implications on privacy, for the three offerings above. In the US, email privacy is governed by two major acts: the aforementioned CLOUD Act, and the ECPA (Electronic Communications Privacy Act, 1986). Most email communications falls under the [ancient] ECPA guidelines (assuming it is stored in the US).

The ECPA defines five types of communication for email. Three of those types require a warrant for access; two require a subpoena. Subpoenas are routinely issued by lawyers in the name of the court; penalties may be assessed for non-compliance. Warrants are issued by a judge, have stringent requirements for issuance, and are usually enforced by police agencies.

The ‘warrant required’ types of communications are: email in transit, email stored on a home computer, and email in remote storage, unopened, stored for 180 days or less.

The subpoena required types of communications are: email in remote storage, opened, and email in remote storage, unopened, stored for more than 180 days.

I run a combination server – it is IMAP when I’m away from home, and POP3 when I’m home. In simple terms – during a work day outside the house, or while travelling, I’m running the server in much the same mode as one does with any web-based system. The email is available via remote access (remote storage in ECPA terms). When I’m home, I have a POP3 client which downloads the email to a home computer, and erases that mail from the server.

In this mode, my critical email is always in the warrant-required states per the ECPA. Warrants are issued under standards more than 200 years old – it must be based on probable cause, describe the place or person to be searched, and for what evidence the search is being requested; all under oath or affirmation to a judge or magistrate. I feel reasonably secure.

Hope this helps the decision matrix.

ps – Gmail’s robots really kick in after about 200 emails are in the account. Want to baffle the builder? Set Gmail to operate in POP3 mode (delete after download) and watch the fun. (Running NoScript and disabling the Google Stats scripts also screws up the profile builder).