timbrown.us - Personal Blog of Tim Brown

Taking a Break

For the last 10 years or more I have held a part-time job that I refer to as my weekly diversion from the rest of life. I am a DJ a local roller rink for their weekly Wayback Wednesday. I usually post the playlist at the end of the night on another social media platform and used to get some comments, but that platform seems to have lost popularity of late so I am looking at another means to post the playlist where there are links to the songs. I used to do this through this blog and a perl script, but there doesn’t seem to be enough time in the day to get all of that accomplished anymore.

Over the years, I have started to recognize the various types of customers that show up on a Wednesday night. There are the small group of friends that want to do something different and will probably not be back for a couple of years. The best of those groups are the college students that raid mom and dad’s closet for some Jane Fonda and Richard Simmons gear to wear when they come out. Then there are the skaters that come to relive their youth a few times a year. We also get some parent and kid pairs that seem to be getting in some family time. Finally, there are the “regulars” where skating never stopped being part of their lives from their childhood. The age range on these skaters goes all the way up to the 70’s. The common thread among all of the skaters is the music. As the DJ, my task is often a daunting one in that I know what the regulars want to hear, but I also have to try and meet the listening needs of all the skaters.

I never go into the night with a set playlist. Any good DJ knows you will almost always have to adjust the music to the make up and mood of the crowd. I might have a couple of songs I heard on SiriusXM or found by perusing the charts on various music services, and then there’s the Promo Only subscription that attempts to provide all of the latest chart toppers and trending songs. If I can get the time to go through the new songs in the subscription, I actually can come across some new dance EDM songs that fit in the mix for the later part of the session when the focus us on shuffle skating. The latest one is by Dom Dolla – Take It. In the earlier portions of the night, I try to focus on the 70’s pop and disco scenes between 7 and 8. Eight to 9 is mostly 80’s pop and R&B with a beat and also the time for a fast skate and a couples skate just before 9. Nine is when the fun starts for me as the skaters want the beats per minute (BPM) on songs to stay the same so their long shuffle lines of multiple skaters pushing off each skate in sync with each other can continue. This is not as hard as it seems and I often start the 9 o’clock hour with something in the 110 BPM range and can end up in the high 120’s before the bell tolls 10. I love doing the blended mixing to keep the regulars going and these songs can be anything with a beat, but mostly 80’s funk and break dance beats along with some 90’s freestyle and now some newer house and EDM stuff like “Take It”.

As I type this blog entry and confess its purpose, I must admit that I am getting tired of the of some of the things I have to deal with when attempting to make everyone a happy skater. At least from the perspective of music. I am pretty good about taking criticism if I am not reading the crowd’s mood and routinely entertain requests made at the snack bar, but a 16 minute Grateful Dead song requested at 9:15 is never going to fly. My gauge on success is how many skaters can I keep on the floor because they want to skate to the music I am playing. When I see a crowd forming off of the floor, I can tell I need to do something to get them skating again. Whether it’s finding something new or going to a tried and true Freestyle Project song or Planet Rock, I can usually get them back. I want everyone to go home having heard at least a few songs they liked and exhausted from skating the whole night. Over the past year I feel like this has been a tall order to fill. At the end of the night, the posted playlists seem almost identical to the week before with the same old tired 80’s funk filling out the last hour. So what to do?

First, after missing Christmas and New Year’s Day, I am taking the month of January off. Yes, I am having a bit of withdrawal and miss my skating friends. But, I am taking the opportunity to spend more time with my parents who happen to be in the same nursing home for the moment. And, most importantly, I am taking time to reflect and make a game plan for my return. So stay tuned…

For some reason this post missed its scheduled date to get published by WordPress. But it gives me a chance to update it before making it final. While I was supposed to come back in February, I got a call from the owner that the staff for Wednesday night did not have right skill set to cover all of the positions if I wasn’t there and asked if I could come in. To be honest, I was glad to get the call. The withdrawal from DJ’ing was more than I expected. The night went pretty well and I was able to get in some of the new house and EDM stuff I have been researching to play. Here is the playlist as posted on Facebook.

Playlist

NMAP Automation

After I retired from state government IT security work, I was surprised when I started as a federal contractor to see how many of the security practices that were common due to the state IT shoe string security budget also being prevalent in the federal space. One of those practices is paying security professionals to be copy and paste machines where the data being copied is the output of some security tool and the destination is an Excel spreadsheet. In the federal position, I worked with one of the Jira experts from the lead contract firm who automated ingestion of the Nessus scan results into Jira tickets. While that was a big time and sanity saver for me, it ended up leaving me a bit under challenged and I went back into incident response but in the private sector. Luckily, vulnerability scanning and management is not in my job duties, but I still get tapped by some our new team members who are tasked with that responsibility to help make their jobs easier through automation and scripting. The most recent ask was to look at a way to automate nmap scanning to produce a file that could easily be ingested into, you guessed it, Excel.

The current practice is running weekly nmap scans on specific regions for specific ports. That in itself is easy enough with command line nmap and grepable file output options, but with a little bit of scripting and files for targets and ports with some python thrown in to get the output to be pure csv – we ended up with something that might be worth sharing if your situation is similar. While my preferred approach would have been to scan the full range of targets for all of the ports and grepping for the regions and ports, the current tracking spreadsheet is more tailored for specific network scans where the scan activity is limited by port and region.

nmap can take a file as input for the targets, but not for ports to be scanned. A simple solution is to call a Linux command to read a file after the -p port parameter, but that expects a properly formatted comma separated port list. Maintaining port list files is much easier if we can list the ports as one port per line.

The nmap command we ended up with is:

nmap -Pn -n -sS -iL targets/"$targets" -p $(sed -z 's/\n/,/g;s/,$/\n/' < ports/"$ports") -oG output/"$filename"

The parameters are $filename $targets and $ports that are provided as arguments to the script call. The nmap parameters are standard, but the port file is being inserted through a couple of calls to sed with the ports file as source. The first sed removes the newlines and replaces them with a comma. The second sed removes the last newline of the file to avoid a blank port or space showing up in the command. In this next portion of the script, we leverage a python script nmaptocsv that converts nmap output to csv.

python nmaptocsv/nmaptocsv.py -i output/"$filename" -d ',' -f ip-fqdn-port-protocol-service-version-os > output/"$filename".temp

Finally we need a little more clean up to get to pure csv.

cat output/"$filename".temp | sed '/^$/d' | sed 's/\"//g' | awk 'NR == 1; NR > 1 {print $0 | "sort -n"}' | grep -E "VERSION|tcp|udp" > output/"$filename".csv

Sed is used to delete the quotes and blank lines from the output. While awk is used to preserve the header line and sort the rest of the file. grep is used to limit the output to the header and hosts/lines showing open ports. For the full code, follow this link. Comments are welcome as I am not a shell script master, but can cobble something together when needed.

Here is a before and after sample from the straight nmap output, to the temp after the nmaptocsv, and the final csv.

NMAP Output:
…
Host: 10.10.12.131 () Status: Up Host: 10.10.12.131 () Ports: 21/closed/tcp//ftp///, 22/open/tcp//ssh///, 25/closed/tcp//smtp///, 80/open/tcp//http///, 110/closed/tcp//pop3///, 137/closed/tcp//netbios-ns///, 139/closed/tcp//netbios-ssn///, 443/closed/tcp//https///, 445/closed/tcp//microsoft-ds///, 3389/closed/tcp//ms-wbt-server///, 8008/closed/tcp//http///, 8080/closed/tcp//http-proxy///
…

Nmaptocsv Output:
"IP","FQDN","PORT","PROTOCOL","SERVICE","VERSION","OS" "10.10.12.131","","22","tcp","ssh","","" "10.10.12.131","","80","tcp","http","",""

Final CSV Output:
IP,FQDN,PORT,PROTOCOL,SERVICE,VERSION,OS 10.10.12.131,,22,tcp,ssh,, 10.10.12.131,,80,tcp,http,,

Get The Scoop on Facebook Ads

I recently started getting inundated with ads for Lightroom presets and Photoshop overlays and actions when on Facebook. They all purport to be worth several hundred to over a thousand dollars in value. Intrigued by one ad offering $694 worth of these items for $19, I followed the link in the ad to a myshopify site where the price was actually listed as $29. I went back to Facebook to report the ad as misleading and during the process Facebook offered a menu option to review all ads by this advertiser. I clicked the link to view all of the ads and saw where the collection was not only being advertised for $19, but also $14 and $29, all for the original $694 package. Clicking on the ad with the $14 price tag took me back to shopify where the exact same product was offered for $14. Part of me says this is just wrong, but the capitalist in me says – get what the market will pay.

Now the good part of all of this is I did a little digging to determine how I could use the Facebook ad library to view other advertiser’s ad feeds without having to go through the report an ad method. First, you need to know the advertisers ID number. This is a long number like “368333793192753” that is part of the ad code itself, but you have view the source of the web page to locate it. Once you see an ad you are curious about, right click on the ad company name, which should be at the top of the ad, and select the “inspect element” option. Don’t be intimidated by the split screen that appears in your browser. Now, look for the ID #. It should be right after /page.php?id=___________ in the highlighted text. Now take the URL I have below and copy and paste it into your web browser address bar at the top. Before hitting enter, go to the end and back space over the existing ID number and type in the one you want to view and press enter.
https://www.facebook.com/ads/library/?active_status=all&ad_type=all&country=US&view_all_page_id=368333793192753

You should now see something like this for the advertiser. The sample I have used seems reputable as the pricing offered is reflected across all of their recent advertisements.

Once you paste and hit enter this will be the URL you wind up on if you use my example. https://www.facebook.com/ads/library/?active_status=all&ad_type=all&country=US&q=Bellevue%20Avenue%20Photoshop%20Actions&view_all_page_id=368333793192753

I guess this could be useful if you think you may have missed a cheaper opportunity to take advantage of a time limited deal. As for these packages, I have ordered a couple but haven’t installed them yet. I will be curious to see if they are the same or similar presets between the two or perhaps just renamed stolen commercial presets and overlays. The real kicker would be to find that these are actually legit and actually do something worthwhile in Lightroom and Photoshop.

My New Favorite Pen

While I still enjoying writing with my fountain pen collection, I have found that I prefer the offerings from several pen manufacturers in their new Ultra Micro/Extra Fine point lines. The largest size I would consider in this line is the 0.38mm size. Here is a quick breakdown of my collection so far with my likes and nits about each along with links to Jet Pens.

The Pentel 0.3mm EnerGel RTX Retractable – This pen is a needle tip style, which means the tip of the pen narrows drastically about 4mm before the tip. While I would assume the size would result in a weaker pen overall, the tip seems to handle angled pressures well and I have not seen one of these bend. As far writing, the pen is comparable to the others, but not quite as smooth as the Signo RT1 0.28mm. The line being a 0.3mm is hair bigger than the 0.28mm as well, but barely noticeable on most paper stock. The extend and retract mechanism has not shown any issues.

The Pilot G2 0.38mm Retractable – Pilot claims this pen line is the most popular in sales, but I doubt that would apply to the specific 0.38mm size. The mechanics of the extend and retract clicker are solid. The grip is comfortable and the pen is very smooth on paper. However, this pen has the largest tip size at 0.38mm, which is very much noticeable on paper compared to the others in my list.

The Uni-ball Signo RT1 0.28mm Retractable – This pen seems to be a Japan model that a few dealers are importing for the US market. While there is the similar Uni-ball Signo in the U.S., it isn’t offered in the 0.28mm size. First complaint about the RT1 is the clicker / retract-extend mechanism. I had a couple of these that have quit working due to the clicker. They get stuck and disassembly and lubrication does not result in a working mechanism. But other than that, this has to be my favorite among the retractable offerings. The pen is not a needle tip, but does claim to have a beveled tip to allow writing with the pen at a lower angle than competitor pens. The pen is not scratchy on most paper and with the right amount of pressure is a true glider across the paper. This line comes in many colors in the 0.38mm size, but is limited to Blue, Black, Blue-Black, and Red in the 0.28mm size. From an ergonomics standpoint, I really like the rubberized portion of the grip extending to within a new millimeters of the tip. Most of the other pens, including the US Signo, stop the grip about 0.75 centimeters above the tip.

The Pilot G-TEC-C 0.25mm Stick – After spending some time talking with Alan, the owner of the Crazy Alan’s Emporium and Gifts in Chapel Hill, I ended up picking these up as they are the smallest tipped pen I have been able to find locally. I bought a blue and black version of this capped stick pen. While I like the convenience of retractable pens, these make the finest line of any pen I have ever owned. This model takes needle tip to the extreme with the tip having two step downs into the needle tip range. This pen could be the choice for close contact assassins needing an ordinary looking concealable weapon. Writing with this pen on plain paper is a little scratchy with too much pressure, but the line laid down is not closely contested by any of the others in this review.

For more fine tip gels, check out the Jet Pens round up here.

Ubuntu 18.04 Conversion of Physical Machine to Virtual

My AMD Athon – II system has been running as a LAMP server for over eight years at this point. I think I probably started with 14.04 and most recently updated to Ubuntu 18.04 Bionic Beaver. Over time, I played with alternatives to Apache like Nginx and Lighttpd, but always seemed to end up going back to Apache. With an eight year old system, I could sort of start to tell it was losing its ability to process the new larger images and render them quickly in netPhotoGraphics, formerly ZenPhoto 2.0, by Stephen Billard. WordPress itself never seemed to complain, but you have to admit this is pretty simple blog. I wasn’t looking forward to replicating the settings and tweaks I had made to the system over the past eight years. Any externally listening port had security protections and monitoring along with lots of custom shell scripts to do things like look up GeoIP locations and fix the image file timestamps to match the time shot from the EXIF data. While I could start from scratch and eventually get back to a similar state with a new server, I wanted to preserve the older system, the content, and my tweaks; but do it in the simplest way possible. After a little research on converting physical to virtual methods, I decided to just try and create a VirtualBox virtual disk image (VDI) using the VboxManage tool to convert the existing hard drive from the Athlon – II server.

To complete this project, I needed some new hardware. The case was bought a couple of years ago at a good discount from a local PC parts store, Intrex. The box had been pretty banged up in shipping, but I can’t really locate anything more than a tiny ding on one of the side panels. For the internals, I felt like I wanted to stick with AMD given eight years of good service from the current server. So, I did some research on several sites and used the PC builder parts site to get a feel for pricing. My initial order included these parts to populate the Antec P100 case.

Items Ordered	Price
1 of: EVGA SuperNOVA 750 G2, 80+ GOLD 750W, Fully Modular, EVGA ECO Mode, 10 Year Warranty, Includes FREE Power On Self Tester Power Supply 220-G2-0750-XR Sold by: Amazon.com Services, Inc Condition: New	$98.93
1 of: AMD Ryzen 5 2600X Processor with Wraith Spire Cooler – YD260XBCAFBOX Sold by: Amazon.com Services, Inc Condition: New	$219.99
1 of: Asus 24x DVD-RW Serial-ATA Internal OEM Optical Drive DRW-24B1ST (Black) Sold by: Amazon.com Services, Inc Condition: New	$21.99
1 of: Corsair Vengeance LPX 16GB (2x8GB) DDR4 DRAM 2400MHz C16 Desktop Memory Kit – Black (CMK16GX4M2A2400C16) Sold by: Amazon.com Services, Inc Condition: New	$137.99
1 of: GIGABYTE X470 AORUS Ultra Gaming (AMD Ryzen AM4/ X470/ USB 3.1 Gen 2 Front Type C/ATX/ DDR4/ Motherboard) Sold by: Amazon.com Services, Inc Condition: New	$129.99

I ended up having a 2TB Western Digital Black drive to install as the primary disk, but decided to splurge for a 1TB Western Digital Black SSD since the Gigabyte motherboard supported it and I leveraged it for the OS and the 2TB for the VM drive.

Items Ordered	Price
1 of: WD Black 1TB High-Performance NVMe PCIe Gen3 8 Gb/s M.2 2280 SSD – WDS100T2X0C Sold by: Electronic.Depot Condition: New	$329.98

For a video card, I had a Nvidia GeForce GT 710B PCIE card in another system I am retiring and moved that card into this system. I installed Ubuntu 18.04 Bionic Beaver and VirtualBox after building up the system and letting it burn in over the weekend. The next task was the actual conversion and setting up the virtual machine to use the VDI converted from the actual hard drive from the original server. I will save you the heartache of thinking you can have the original drive hooked up to your new system for the conversion via USB. It is just too slow, especially when the original was a 1TB disk with a 512GB root, 1GB swap, and the rest set up as the web content partition. I tried it, but it was going to take like 60+ hours to make the conversion. So the original drive was connected to the new server’s SATA controller and the VBoxManage raw disk to vdi conversion executed.

$ sudo VBoxManage convertfromraw /dev/sdc LAMP.vdi –format VDI

Connected to the SATA controller and writing my LAMP.vdi to the internal 2TB conventional disk, the conversion of the 1TB disk to a VDI took about three hours. Once I had the vdi, I opened VirtualBox and pointed to the LAMP.vdi file as the hard drive for the new virtual machine.
(Note: You will have to change ownership to your user account or grant permissions on the completed VDI file to use it in VirtualBox.) Then I tried to replicate the hardware settings of the original system as close as possible. Mainly the number of processor cores and memory. I also defined a share so I could move files more easily between the host and the LAMP guest. I installed another Gb NIC in the system so I could bridge the VM adapter to it and let the LAMP system use the same IP address that it had before without any NAT going on. As I expected, the initial boot up of the VM failed; but I knew the /etc/fstab was going to be an issue as I had video and music drives that were not part of the migration plan. After getting dumped into the recovery shell, I edited the fstab file and remarked out the two mounts for those drives. Another reboot and I was able to sign in. I went ahead and manually entered the IP address in the NIC config and disabled and re-enabled the connection using the Ubuntu GUI. At this point, a quick check of trying to bring up the WordPress blog and the photo gallery resulted in the having the default Apache installation page rendered. To remedy this issue, I did a sudo systemctl reload apache2 and cleared my browser’s cache and both sites rendered correctly on the next attempt.

So far, I am very happy with the new server and plan to add some old OS VM’s in the next few weeks. One, I will create from an old XP laptop that I have to keep around to program a couple of ham radio HT’s. Eventually, I will add another large drive to the host computer and start using it or another VM to act as a media server and file share. I suspect that it will take a lot to start taxing the resources on the new system for sometime to come.

Behind the scenes: The recap above concerning the actual conversion of the disk into a VDI and booting the VM for the first time is from a repeated effort after I foobared some permissions in the /var folder after having a working converted VM. What only took about 30 minutes to get going the second time around (not counting the VDI conversion), actually took several hours the first time as I could not get past Apache rendering its default page until clearing browser caches after using systemctl to reload the Apache configuration once the IP address was set correctly. Also, I actually did try and use a dd raw image of the original disk I had created by writing the DD file to an external USB drive connected to the original server. It was slow and painful and the VBoxManage convertfromraw did not succeed using the DD file as the source. What I used to the get the VM going the first try, was DD cloned drive of the original and connecting it to the SATA controller to do the convert from raw. For the final effort as blogged, I pulled the original drive from the Athlon system, connected it directly to the new server’s SATA controller, skipped making a DD image and just converted from the raw disk. If you have physical access to the new server, this method should be pretty foolproof. But my experience with open source and Linux tells me your experience trying this could vary greatly.

Who is Emogene Floyd? LinkedIn intelligence gatherer? Russians? Chinese? Iranians?

Recently saw where a person decided to impersonate an employee of the company on LinkedIn, but something did not quite add up when the name was cross-referenced internally. Some due diligence located a deceased person whose obituary photo had been usurped for the fake LinkedIn account. Smart enough not to take the bait on my contact request, but lots of interesting log entries hitting this site without a valid vhost. Lesson to be learned by the folks who accepted the contact requests, validate a supposed co-worker is actually an employee or contractor before accepting the request. Trust, but verify, when using social media.

Nigerian Grant Scammers

Originally a Facebook post and note.

So a friend’s Facebook account got counterfeited (duplicated and made to look like her messenger account) and started contacting me over messenger. So I played along, while making contact with her via another comms channel to verify and let her know. Starts off simple enough; then there is a reference to some money via a grant. A quick Google turned up it was indeed fraud. So, I shared to link to my server in hopes they would follow it and let me see their source IP address. They took the bait and wouldn’t you know that my friend from Clayton is hitting my web site from Lagos, Nigeria. Sadly they dropped off before the details could be gathered on how the scam worked. I decided to tell them their game was up with me using Google translate into Huasa. My guess is they send a bad check that makes me lose funds, or they want upfront funds to make the grant application go through. So always be aware and note that anyone offering you money via a “social private grant fund” is probably sitting behind a computer half a world away who just wants your money. Hopefully the messenger images are in order.

Even after this conversation, the scammer uses Facebook messenger again the next day and provides a number a should text for my grant.

This is a log of my SMS text conversation with a Nigerian scammer… that was a result of getting a Facebook Messenger message from an account made to look like an actual friend’s account. That activity is recapped here. “You Said:” is my portion of the conversation and (501) 215-5475 said: is the scammer. Based on all caps and the speed at which responses were made, I believe they were using copy and paste.

You said: My FB friend Elizabeth said to contact you at this # concerning a grant I could get. My name Tim R. Brown, Tuesday, June 5 2018, 5:09 PM

(501) 215-5475 said: HELLO, GOOD DAY I’M , THE AGENT IN CHARGE OF THE FEDERAL GOVERNMENT GRANT FUND, PLEASE HOLD WHILE I RUN A CHECK FOR YOUR INFORMATION ON OUR DATABASE, Tuesday, June 5 2018, 5:15 PM

(501) 215-5475 said: DO I HAVE YOUR ATTENTION SIR?, Tuesday, June 5 2018, 5:19 PM

You said: Hi, yes., Tuesday, June 5 2018, 5:20 PM

You said: Im here, Tuesday, June 5 2018, 5:21 PM

(501) 215-5475 said: CONGRATULATIONS!!!YOUR NAME QUALIFY FOR THE SOCIAL PRIVATE GRANT FUND. THIS IS A PROGRAM SET UP BY THE GOVERNMENT WITH THE HELP AND SUPPORT OF THE UNITED NATION TO HELP THE PEOPLE PAYING THEIR MEDICAL BILL, STARTING THEIR OWN BUSINESS,BUYING A HOME. COLLEGE / SCHOOL FEES E.T.C,THE TRUTH IS,MANY PEOPLE AREN’T EVEN AWARE THAT THE SOCIAL PRIVATE GRANT FUND, THE GOVERNMENT DOES NOT KNOCK ON YOUR DOOR TO OFFER YOU FREE MONEY.WE EMBARKED ON A WORLDWIDE PROMOTION FOR DEAF,HEARING,RETIRE AND WORKERS,WE ARE UNITED POWER TO SUCCESS AND FOCUS FOR YOUNG,OLD,RETIRE AND WORKERS IN THE COUNTRY,SUPPORTED BY THE FEDERAL GOVERNMENT.YOU MAY BE ELIGIBLE EVEN WITH BAD CREDIT OR BANKRUPTCY, YOU NEVER HAVE TO PAY BACK.., Tuesday, June 5 2018, 5:23 PM

You said: OK, there has to be a catch…., Tuesday, June 5 2018, 5:24 PM

(501) 215-5475 said: I’M THE AGENT IN CHARGE OF YOUR CASE FILE AND I’LL PREPARE YOUR GRANT CERTIFICATE FOR YOU ISSUED WITH THE NECESSARY SIGNATURES FOR AUTHENTICATION. DO YOU UNDERSTAND?, Tuesday, June 5 2018, 5:25 PM

You said: Sure do i need notary?, Tuesday, June 5 2018, 5:26 PM

(501) 215-5475 said:

OK,NOW YOU WILL HAVE TO FILL OUT SOME INFORMATION NOW SO WE CAN PROCEED…

FULL HOME ADDRESS..

SEX..

AGE..

BANK NAME…

MARITAL STATUS..

PHONE NUMBER(TEXT)..

EMAIL….

MONTHLY INCOME..

OCCUPATION..

OWN A HOUSE, IF NOT STATE OTHERWISE..

YOU WANT CASH OR CHECK..

You said: Ok, I will make document and send you link., Tuesday, June 5 2018, 5:29 PM

(501) 215-5475 said: ALL I NEED FROM YOU NOW ARE ANSWERS TO THE ABOVE QUESTIONS, I AM UPDATING YOUR DETAILS DIRECTLY ON OUR DATABASE RIGHT NOW, OK?, Tuesday, June 5 2018, 5:31 PM

(501) 215-5475 said: DO YOU UNDERSTAND SIR?, Tuesday, June 5 2018, 5:32 PM

You said: Yes, will start now…, Tuesday, June 5 2018, 5:32 PM

You said: 118 Cherokee St Boone, NC 28607, Tuesday, June 5 2018, 5:33 PM

You said: Maile, Tuesday, June 5 2018, 5:33 PM

You said: 24, Tuesday, June 5 2018, 5:33 PM

You said: Wells Fargo, Tuesday, June 5 2018, 5:33 PM

You said: Married, Tuesday, June 5 2018, 5:33 PM

You said: 919-789-1009, Tuesday, June 5 2018, 5:34 PM

You said: 1,800/mo, Tuesday, June 5 2018, 5:34 PM

You said: DJ, Tuesday, June 5 2018, 5:34 PM

You said: Rent, Tuesday, June 5 2018, 5:34 PM

(501) 215-5475 said: Cash or check sir?, Tuesday, June 5 2018, 5:36 PM

You said: Ooops fogot that one. Cash, Tuesday, June 5 2018, 5:36 PM

(501) 215-5475 said: YOU HAVE TO HOLD SO ALL YOUR INFORMATION CAN BE SAVED INTO OUR DATABASE SO THAT WE WON’T DELIVER THE GRANT TO THE WRONG PERSON AND WORK WILL COMMENCE ON YOUR DELIVERY IMMEDIATELY., Tuesday, June 5 2018, 5:37 PM

You said: OK, Tuesday, June 5 2018, 5:39 PM

(501) 215-5475 said:

NOW YOU ARE TO CHOOSE THE AMOUNT YOU WISH TO CLAIM FROM US,

HERE ARE THE LIST OF CASH YOU QUALIFIED FOR

YOU PAY $600 AND GET $90,000.00

YOU PAY $1,100 AND GET $120,000.00

YOU PAY $1,650 AND GET $140,000.00

YOU PAY $4,000 AND GET $200,000.00

YOU PAY $8,000 AND GET $350,000.00 (BONUS GRANT )

GRAND PRIZE

NOTE;YOU ARE NOT PAYING TO GET ANY MONEY,THE FEE ABOVE IS FOR YOUR SHIPPING FEE AND CASE FILE,AND DELIVERY TAKE UP TO 24 HOURS.

CHOOSE THE CASH LIST YOU WANT TO APPLY AND YOU WILL PAY FOR THE SHIPPING FEE TO THE FINANCE AGENT IN CHARGE OF CASH, YOUR MONEY WILL BE DELIVER TO YOU AT YOUR DOORSTEP

(Tuesday, June 5 2018, 5:42 PM

You said: That is a decent return for my investment., Tuesday, June 5 2018, 5:43 PM

You said: but I am strpped for cash until friday., Tuesday, June 5 2018, 5:43 PM

You said: If i commit what do you need from me today, Tuesday, June 5 2018, 5:44 PM

(501) 215-5475 said: IF PAYMENTS CAN BE DONE TODAY YOUR MONEY WILL BE DELIVERED FIRST THING TOMORROW MORNING.OK?, Tuesday, June 5 2018, 5:47 PM

You said: But what if I cant give the $600 today, Tuesday, June 5 2018, 5:48 PM

(501) 215-5475 said: IT DEPENDS ON HOW MUCH YOU CAN SEND TODAY TO PREPARE YOUR CASEFILE, SO THE MONEY WILL BE SAFE AND WONT BE RETURNED UNTIL YOU ARE READY TO CLAIM IT., Tuesday, June 5 2018, 5:50 PM

You said: I make an iuo for you http://98.26.67.124/content/iou.docx, Tuesday, June 5 2018, 5:51 PM

(501) 215-5475 said: WHAT DO YOU MEAN SIR?, Tuesday, June 5 2018, 5:53 PM

You said: muna ƙoƙari ya lalata ni? Abinda na samo ku ya biyo ni bari in kama adireshin IP naka a Najeriya. Yanzu zan mayar da shi zuwa FBI inda na yi aiki a kan Cyber Squad. Wataƙila ya kamata ka koma aikin daga ofishin ofisoshin saiti., Tuesday, June 5 2018, 5:53 PM

(501) 215-5475 said: SIR, I AM A MAN OF INTEGRITY AND I HAVE BEEN KEEPING UP TO MY JOB, I AM 59 YEARS OF AGE, I HAVE A LIFE AND OUR COMPANY HAS HELPED ALOT OF LIVES, I WONT WATCH YOU CALL ME NOR MY ORGANIZATION SCAM, DO YOU UNDERSTAND?, Tuesday, June 5 2018, 5:54 PM

You said: Ok, whatever you say. You are in Nigeria at IP address 105.112.44.43 NG,Nigeria,LA,Lagos,Lagos,,Africa/Lagos,6.4531,3.3958,0 The same address you used yesterday while in IM on FB., Tuesday, June 5 2018, 5:56 PM

(501) 215-5475 said: BECAUSE WE MADE IT LOOK THAT WAY, WE DIRECTED IT TO AVOID TRACKERS AND SCAM, Tuesday, June 5 2018, 5:57 PM

You said: Ok, whatever you say…. PSFU getting all logs and IP addresses as I type., Tuesday, June 5 2018, 5:58 PM

Fixing Broken Mazda 5 Sliding Door Power Locks

I guess faulty power locks are in my blood. After dealing the issue multiple times with my 2004 Pontiac Vibe (see blog posts), the same issue started with my 2012 Mazda 5 about six months ago. This time the front door power locks are working fine. The problem child is the driver side sliding rear door. For a while it was hit miss and sometimes it would lock and other times not. Finally, it just quit doing anything when either the key fob lock and unlock or the internal front door lock and unlock buttons where hit. While I would try to remember to lock the door manually after getting out my backpack in and out for work everyday; I often found I left it unlocked. Not Good. So today I had a little time and tried to tackle the issue.

I started by googling a video on removing the door panel. This one is pretty good and matched what I ended up having to do with mine to get the panel off. On the drivers side, I went way over board and took a lot of parts off that probably could have stayed on while I made the fix. I also decided to do the passenger side sliding door too, as it was starting to sound a little sketchy. Here is what I did and what I needed after lessons learned on the drivers side.

Tools and Supplies you will need:

Patience
A Phillips Screwdriver.
A door panel trim popper tool.
Automotive Electronics Cleaner spray with a directional tube to insert in the spray head.
Paper towels or absorbent rag.

Take the door panel off per the video. It is easier to disconnect the wire and connector that go to the power window control at this point so you will be able to get the panel completely out of the way while working on the actuator.
Find the plastic milk carton white box that has an actuator rod going to the door lock slider.
On the rear of this actuator body there is the electrical connector and just above that connector is an empty connector that has an open slot into the body of the actuator. Locate this empty electrical connector slot.
Take a rag or paper towels and stuff them up under the actuator to catch the overflow of electrical cleaner spray.
Insert the tube coming from the can of electrical cleaner spray in the open slot of the empty electrical connector and spray an abundance of the cleaner. Wait about two minutes and repeat spraying cleaner into the slot.
Try the lock and unlock button on the key fob or the lock button on one of the front doors to see if the power lock is working. If the power lock does not operate on the door in question, repeat step 5. If you have time, you may want to leave the door panel off for a while to allow the electrical cleaner to evaporate or you may have the strong smell of the cleaner riding around with you for a few days.
If step 6 is successful, make sure any of the snaps that held the door panel in place are on the back of the door panel and not stuck in the inside of the door. If there are any snaps stuck to the door side, those will have to be popped of with the popper tool and inserted into the slots on the back of the door panel. You will not get the panel to re-seat correctly if you leave the snaps that are in the metal door.
Make sure the connector and cable that goes to the power window is fed out the hole where the door handle connects before starting to reinstall the panel. Take the panel and align the lower edge of the window just above where the panel would normally sit. Then push the top of the panel over the metal ledge at the bottom of the window and slide it down until the panel is hanging on the metal ledge.
Check to see if the screw holes line up around the door handle. If they do, go ahead and start the screws, but don’t tighten them. Now use your hand to apply pressure on the door panel where you know there are snaps that need to go into the metal side of the door. Make sure all of the snaps engage and screw in the screws completely at this point.
Finally reattach the shroud that goes around the door handle and the vertical window trim piece.
Enjoy working power locks again.

What I have learned, after dealing with this issue on two vehicles, is either the grease being used in the actuators is migrating to the bottom of the actuator case and causing an electrical contact problem or the motor is getting gunked up to prevent actuation. I did test the connector to the power door lock actuator on the driver’s side and could see voltage when the actuator should see a signal from the lock/unlock button or key fob. So I knew it was not a wiring or electrical issue outside of the actuator. The fix is electrical cleaner and I think it would work to remedy either of the potential issues causing the problem. While I would have liked to reintroduce some grease on the gears in the actuator after the electronics cleaner probably dissolved them away, I did not take the chance to reintroduce another potential electrical contaminate into the mix. We will see how long the fix lasts, but I suspect they will continue to work until I trade or sell of the car.

Approximate time to complete the whole job on one side: 45 minutes.

HiFi $50 Headphones

Originally published 8Aug2014 updated below – I would have to call myself and audiophile from a pretty young age as my dad was always recording the band concerts and coming home and playing them on a decently high end stereo at the time. My Dad and also had the pleasure of knowing Harry Grasser, a violinist, that would share some great classical LP pieces he had come across. I ended up leaning toward early 80’s contemporary Jazz after growing up on Pop and southern Rock & Roll. This was not from a dislike of those genres, but more of an escape. In the early 80’s I was DJ’ing at a local roller skating rink, Sportsworld of Cary. After playing Pop and a lot of R&B, the chill out music of choice, thanks to Jerry Rose, became a lot of what we call smooth jazz today. At night, I could not turn up the stereo to get my fix, so I would fall asleep most nights listing to some music through my headphones. Back then there was not a large market place and you generally chose between Koss, Sony or some of the new Walkman style phones. I ended up with some Koss Pro-4a’s and wore them out between heavy use and age. Since then I floated between ear buds of various sorts and some cheap around ear styles that I did not care if they broke as I was using them each night when I went to bed. Yes, I still listen to something every night as a fall asleep. But these days the tracks are mostly binaural beats or self-hypnosis focused on various things from pain control to body asleep – mind awake. With binaural beats there is a desire hear the low bass frequencies as they form the core of the tones sent to each ear at different frequencies to produce a harmonic within the auditory function of the brain which appears to sound like a beat. People tend not believe this part of the binaural beat phenomenon, but if you pull the headphone off of one ear the beat produced by the different tones to each ear goes away. So back to headphones.

Panasonic RP-HTF600-S Stereo Over-ear Headphones

Most of the cheap headphones I have bought have been really cheap Sentry brand from BigLots. Like I said, I was just buying something that worked that I did not care about as I might pull the cord out or break the ear piece off while sleeping. The specifications on the the Sentry around ear Studio model was 20Hz – 20,000Hz which is fairly standard for an average pair of phones or “cans” today. Eventually I came across some V-Moda LP’s at Costco and got those, but needless to say, they did not get bed time duty. They are some pretty good headphones, but I found the around ear cushions were just shy of going around my ears which limits them to short term use. Sound quality is definitely better than the cheap Sentry stuff and the ability to use them with the second cord that includes a mic that works with an iPhone is a nice feature and the storage case is added plus. But like I said, these are a little over the top for use while falling asleep. So I kept looking at reviews on Amazon and everything was about $80+ for something with 4 stars, but then I came across the Panasonic RP-HTF600’s (600’s for short). Most every review gave these guys 5 stars with very few low ratings. The specs for the 600’s are 10Hz – 27,000Hz at $29.99 price point. I have been listening to the 600’s about six months now and they find their way from the bed room to the computer room so I can listen to music, binaural beats or whatever else I decide to play through them. I have played with EQ settings and find that I like the sound they produce without any EQ adjustments. I have not really found any frequencies where they fail to produce a clear sound. The mids are not overbearing or muffled and the highs are very crisp with super smooth bass. One of the best traits so far are the new deeper tones I hear when listening to binaural beats. Some of the self hypnosis sessions that I have listened to for years have been rejuvenated like old people in the movie “Cocoon”. These are Amazon prices as of May 18, 2014. But you said $50, well the additional cost comes from Beyerdynamics replacement velour ear cushions. While the original ear cushions are okay, they would get a little sweaty being pleather. The Beyerdynamics velour cushions were recommended in a couple of reviews. And I am very glad I added them to the order. So far these cans have holding up on their own four over six months. I still want to try and make them a little more closed versus semi-open by inserting some blue tack on the inside vents; leaving only a small opening for ventilation. If I make that change, I will post an update on the improvements or detriments.

Koss KTXPRO1 Titanium Portable Headphones with Volume Control

Some other sets I own in addition to the V-Moda and Panasonics are: Bose Mobile in-ear (clearance shelf at Sam’s Club), Bose OE (Target clearance item), Monoprice DJ headphones, Radio Shack Realistic Pro-35a (Titanium) also sold as Koss KTX Pro 1 on Amazon, and a pair of Koss from Walmart that have been discontinued. The Bose in-ear are good with my iPhone, but they are not going to win any contests even though I do find the microphone better than most in-ear mobile headsets. I have the OE Bose at work and find they are bassy with very good highs if my old ears can hear them, but they are missing some mid range that make the overall sound experience a little muddy. The Radio Shack Pro-35a could almost be a standard reference which is saying a lot when you think about the current Koss version costs less than $12. I picked up the Monoprice headphones on a daily deal or sale and got two more pairs for my nieces as gifts. They were 10 and 13 at the time I gave them to the girls and they have not broken either set in two years. I like the Monoprice as far as sound experience goes, but the headband tended to cut into my head and the pleather ear cushions caused some sweating. I made two mods to the Monoprice to improve them. One, I took the ear cushions I removed from the Panasonics and put them on the Monoprice set and I took a strip of rubber cut from an old bicycle inner tube to create suspension headband inside of the original poorly padded head band. If you take a look at the Koss Pro1 photo, the homemade inner tube head band looks sort of like that on my modified Monoprice cans.

No doubt I will probably keep looking at new cans and probably buy some higher end models if I come into some gift certificates or money. But unless I am a producer behind a studio sound board for a professional musician, I can’t see spending upwards of $150 for my old ears. So now I wait for the new Audio-Technica ATH-M50x to come down to my price range.

UPDATE 20Nov2017 – Venturing out of the $50 range & $10
So it has been a little over three years since I blogged on headphones and considering additional headphones now in the stable; I think it is time for an update. I finally picked up some of the Audio-Technica ATH-M50x when they were on Prime Day or a Black Friday sale. I also grabbed some Bose Around Ear QC-25’s from the Bose outlet. And I had the opportunity to try some Bose SoundTrue Ultra in-ear headphones after my Bose in-ear Mobile’s were stolen from the DJ booth at the local skating rink where do my every Wednesday 80’s night gig. The SoundTrue Ultra in-ear were totally isolating like I was wearing noise reduction plugs for the gun range. So I ended up finding the Bose ebay store and picked up another pair of the old in-ear Mobile model. When I made the return of the SoundTrue Ultra by taking advantage of the Bose return policy, I updated to the new Soundwave Companion around neck speakers from Bose. If you remember the old Bones that you could wear around your neck, think of them updated with bluetooth and some decent sounding speakers with bass ports. If you are considering buying Bose stuff from the outlets, the return policy is 30 days for refunds and 90 days for an exchange. The latest find for a true set of cans are some Sennheiser HD 380 pro’s I found at the local pawn shop and negotiated down to $50. For alternative to the Bose Mobile’s, I also picked up some of the highly rated Panasonic Ergo-Fit in-ear, which I have to admit have pretty impressive sound for an under $10 price point.

A quick grade (A-F) on each one while listening to…
1. Barber -Adagio for Strings (Overall sense of sound field capacity)
2. Delta Rae – If I loved You (Ability to carry vocals)
3. Lindsey Stirling – Crystalize (Bass response and mid-range separation)

Panasonic Ergo-Fit in-ear:
1. – B (good overall sound picture for style of headphone)
2.- C (volume seemed weak, but decent vocal renditions)
3.- B (amazing bass response for in-ears)
Sennheiser HD 380 pro around ear:
1. – C (seemed to be a little hot in the midrange – correctable with a little EQ)
2.- A (very clear definitive vocals with full coverage of the light raspiness of her voice)
3.- A (great bass response with overpowering the violin even with the ultra low frequency bass at 3:05)
Audio-Technica ATH-M50x around ear:
1. – A (very even across all ranges – best at carrying the crescendo up the 6:00 minute mark)
2.- B (vocalist seemed a little distant, but good balance between instruments and vocals)
3.- B (separation between low frequencies and violin was good and bass was a tad better than the 380’s)
Bose QC-25 around ear noise cancelling connected via Bolle & Raven
AirMod Wireless Bluetooth Adapter:
1. – A (the Bose haters will say what they will, but these render this adagio with the gracefulness it deserves)
2.- A (clear vocals and almost overbearing with full band and backup vocals)
3.- A (crisp violin with ability to carry the bass off without distorting the other frequencies)

At some point, I will do a proper review of the Bose Soundwave Companion. I sit in a semi-open work environment and have these on most of the day for listing to music and I can usually keep them at a low enough volume that no one around me hears the sound as the speakers are directed up at my ears. I guess the only issue is, as they become unnoticeable to me, I get some looks when I forget to take them off and leave my desk when headed out for lunch or a break. I have been told they look like a mini neck rest for travel. When the volume is up on these they are pretty decent for full coverage of most all of the frequencies, but the mobile app does allow for cutting bass if needed.

Bike Brands and Conglomerates That Own Them

The list below was quickly assembled from Google and sourced back to the respective company website, but it should not be considered an exhaustive list. I decided to put this list together to look at the bicycle market and how it seems like there are fewer choices in today’s market. There is also the proposed tariffs here in the U.S. on the imported bicycles from overseas. While this Bloomberg report covers that angle pretty well, you have to wonder what it means the American bicycle market. Will the tariff make it much more expensive to pick up a kid’s BMX bike from a big box store or make the price of the average entry level road bike increase by 25%? I guess we will have to wait and see on that, but I won’t hold my breath while we wait to see high end mountain or road machines being manufactured here in the U.S. due to the tariffs.

Accell	ASI*	Dorel	Cycleurope	Pon
Haibike Winora Batavus Sparta Koga Lapierre Ghost Raleigh Diamondback Tunturi Atala Redline Loekie	Fuji Bikes SE Bikes Kestrel Bicycles Breezer Bikes Oval Concepts Phat Cycles Tuesday_Cycles	Cannondale Schwinn Kid Trax Caloi Mongoose GT Fabric Sugoi Sombrio Charge Bikes Guru	Bianchi Dbs Everton Gitane Kildemoes Monark Crescent Puch Spectra Tec Peugeot Definitive	BBB Cycling Cervélo Derby_Cycle Faraday BikeNED Gazelle Santa_Cruz Union Raleigh UK Univega Rixe Kalkhoff Focus

*Owner of Performance Bike stores

Note: Pon has offered to acquire Accell, which would certainly make the others look at each other as potential buyers, but the tariff situation could make for an interesting outcome for all of them.

So which bike brands are not owned by a conglomerate?

Trek
Specialized
KHS
Kona
Colnago
Pinarello
Merida
Ok, I give up. Check this Wiki list for another few 100