Tag Archives: Internet

Hack the World

One does not simply hack a Gibson!

I hate Facebook

I quit Instagram because it was basically stupid and shallow. I quit Twitter because it was just a steady stream of people vomiting whatever came to mind and most of it is stupid and shallow. I quit Google + not because it was stupid and shallow, but rather because it was a ghost town, almost no one was on it and the communities were all dead, so it was just a waste of time. This left me with Facebook.

I have always had a tenuous relationship with Facebook. I have never particularly liked it, I don’t like their privacy policy, I don’t like the interface, and I dislike how easy it is to pretend you are doing something important on Facebook when in reality all you are doing is screwing around. Everything about Facebook is designed to be a time sink. The real problem is I cannot give it up, this seems to be the primary communication method of just about everyone I know. There are exceptions of course, but not many. If I want to stay in touch with my family back in Montana, I pretty much need to be on Facebook.

I have kind of come to the point where I really no longer post anything there. I do respond to other peoples posts, but I don’t contribute. If I am going to express myself in some meaningful way on the internet, I do it here. I don’t want people to read my posts because I was in between two other peoples posts as they scanned the news feed. I want people to read what I have to say because they want to find out what I am thinking and went out of their way to do so, otherwise I am just another time sink for Facebook.

The digital age is here

I was reading a forum thread about how disappointed people are that local game stores no longer cater to the role playing game community. Back in the 80’s there were stores dedicated to nothing but role playing games and today game shops tend to be more about Magic: The Gathering and Pokemon card games. The complaint seems to be that game shops are chasing the easy money instead of doing the hard work needed to attract serious RPG customers. This made me laugh.

First off, of course game shops are going to chase the easy money. These guys need to pay the rent, they need to pay their employee’s and hopefully have enough left over at the end of the month to pay themselves something. Collectible card games have regular release cycles, if a game shop stocks the top 4 games, they will likely have a new set on the stand every month that keep the customers coming in. RPG’s are just not like that, the big guy, Wizards of the Coast only releases new product 2-3 times a year, usually an adventure module that only 25% of the potential market (GM’s) is going to buy. The number two guy Paizo, is a bit better, but not by much and all the rest are hit and miss, more often missing.

Second, RPG players simply do not need that much product. I can buy the core book and play for decades without ever investing another penny in the game. I like having adventure modules, but I don’t need them, I like supplemental expansions to the game, but I don’t need them. I could pull out my copies of the Moldvay D&D basic set published in 1981 and I could run a 3 year campaign. Just because an RPG is old, does not mean it is unplayable. Lets face it, we are a notoriously cheap bunch anyway.

Third and finally, the digital age is upon us. We no longer need game stores to be the center of our community. Thanks to the internet we can look at products and read reviews prior to buying. We can discuss our hobby with people all over the world in dozens of different forums covering all aspects of gaming. We can even play online now, we don’t even have to put on pants and go over to someones house or the game store to play anymore. On top of that, DrivethruRPG have more games on their site than any game store could ever hope stock, I have 3,000+ RPG PDF files totaling 24GB, and you know what, I store all of them on my tablet and I can carry them with me everywhere I go. Even on the off chance that I want a printed copy, I can always buy from Amazon and get a 30% discount on it, which totally makes it worth the 2 day wait to get it. Alternately, for under $200 I can buy a laser printer and a binding machine to make my own. Okay, I don’t get a full color glossy paged hard bound book, but honestly, do I really need that for a table copy that is going to be exposed to Mountain Dew and Cheetos? At today’s prices, that setup would pay for itself after 4 or 5 printouts.

As far as I am concerned, this breakup was inevitable. Back in the 80’s games stores needed RPG gamers and vice versa, today, not so much. You know, I don’t think that is a bad thing.

Equifax pretty much sucks

Apparently one of the largest credit reporting companies in the world was the victim of a terrible data breach. They are publicly admitting to a couple of hundred thousand people being affected, but it will probably be more like millions when the dust settles. They managed to keep this a secret for the better part of a month, just enough time for their upper echelon of management to dump their stocks. Once the breach became public, Equifax then promptly showed the world exactly what not to do when faced with a problem of this magnitude and turned a security fiasco into a public relations fiasco as well. I have two things to say about this.

First, go freeze your credit reports. This took me about an hour to do both PezWitch and I, it also cost me a little bit of money, but it was not terrible. What this does is it stops the credit reporting companies from reporting your credit to anyone, including lenders. This means you will not be able to get a new credit card or a car loan until you unfreeze the reporting. This also stops criminals from trying to get credit cards in your name. Its does add a layer of complication to doing some things like opening checking accounts or renting an apartment, but it also provides you with an extra layer of protection. Here is the real problem with this breach. Part of the information that was leaked was Social Security Numbers, these number don’t change, so this information will be valid and usable until the day you are reported to be dead. This is not a short term thing, this is a rest of your life problem. So don’t wait, don’t put it off, just go do it now.

The second thing I have to say about this is it proves beyond doubt that most of these companies spend far too little money on securing your data. Seriously, how does one miss a hacker downloading a database, how does someone miss having terabytes, possibly petabytes of data being transferred to an IP address outside their network, worse this was going on from May through July, how do you miss someone guzzling down data for months? The answer to the question is simple, they really don’t give a shit. These companies need to get serious about this because otherwise it is going to get worse.


Crowdfunding and you

There is this thing on the internet these days called crowdfunding. Basically this guy, we will call him Bob, has an idea to sell something, but Bob does not have the $10,000 he needs to manufacture it. So he goes to Kickstarter or similar website, sets up an account and basically begs other people to give him $10,000 so he can bring Bob-O-Matic to the market. Of course the problem is most of these crowdfunded projects fail, the reasons can vary, but generally it is one of two reasons. Either because Bob really only had an idea and had no clue how much time or money it would take to develop the idea and get it to market or second Bob is a con artist who had no intention of bringing his product to market and basically took the money and walked.

Now don’t get me wrong, crowdfunding can be a lot of fun and allow you to get products early and at a discounted rate, but there are a couple of things to remember;

  1. You are not an investor, you are customer who is pre-ordering a product and further, the person is actually under no obligation to deliver the product, just understand that and accept it.
  2. There are two categories of crowdfunded projects;
    1. Established companies with a good track record of delivering product
    2. No names with no track record of doing anything ever
  3. It is okay to contribute a nice chunk of change to a project being run by an established company with solid track record. I have given a couple of hundred dollars to Steve Jackson Games and Foglio Studios, both are good companies that have been in business for decades and they use Kickstarter to fund cool projects that would otherwise never see the light of day.
  4. It is also okay to contribute to a project by a no name with no track record, however you should heavily limit the amount of money you give them, because you are probably never going to get the product.
    1. I measure this in Starbucks Coffee, I ask myself how many Starbucks Coffee’s am I willing to go without if this project never produces anything. Usually the answer to this is somewhere between 0 and 2, or roughly $0 to $10. Honestly you should never be giving more than a few dollars to a project like this, you are essentially playing the lottery and only a total idiot would spend their rent money on it.
    2. The recent Top Secret RPG Kickstarter is an example of this. Small Company, first major project, I love the idea, but there is no way I am giving them $50 to get the printed product of a game I will likely play exactly once or more likely never. So I gave them $10 for the PDF.

I do not want to discourage people from using Kickstarter, I actually think its a great idea. But I am preaching moderation. Don’t get carried away, never contribute more than you can afford and if the product never ships, don’t bother sending hate mail to them, either they are bad at business or just bad people, either way you are not getting your money back, just move on.

Personal Security Vs Online Identity

Personal security is extremely important on the internet. Everyone needs to take steps to make sure their important personal data is protected. Everyone should be using LastPass or KeyPass to manage website passwords, I would also suggest two factor authentication where ever possible. It is also a good habit to not be too revealing about oneself while online and you need to be careful about who you are friends with or following you on social media. Do not allow strangers to have unnecessary access to details of your life. A good example is this blog, I have no control over who reads this blog, so I do not post things like vacation pictures until I am home and I very carefully manage my Facebook account so only people I personally know can see anything and I dutifully delete old posts.

The other side of this coin is managing your online identity. I have met people who stubbornly refuse to have any social media accounts at all because of the security risks involved. The problem with this, is it makes it easy for people to take control of your online identity. A few years ago as a prank, I opened a Facebook account for my Nephew. I purposefully got several details of his life wrong, like his birthday and his graduation date. I did not send out a single friend request to anyone, nor did I post anything other than setting his profile picture. Within 24 hours about a dozen people, including family had sent friend requests. I made it almost 48 hours before he found out about it and figured out it was me and asked me to close it. Pause and think about that for a little while. I had complete control over his Facebook identity for 48 hours, unopposed and unquestioned. I could have posted anything, or in a more sinister light, I had access to a dozen peoples Facebook feeds, who were happily sharing their lives with me.

The point of this post is to point out that while everyone needs to be security conscience, everyone also needs to have control over their online identities, if for no other reason than to control what is being seen and heard. If you have no online identity and you piss someone off, it is really easy for them to assume your identity and ruin your reputation. If you already have an online identity that you have properly managed, it is easy to say, that is not me, see here is my Facebook account, I don’t know who this person is. If you don’t have a Facebook account, it is very difficult to deny that guy posting “My Little Pony” porn on Facebook is not you. If you already have a Facebook account, you also have full control of the message and the image you are projecting. Make your profile picture a picture of you in nice cloths, a couple of time a week post something that shows you in a good light, keep a tight leash on who you friend and who you allow to see your posts, don’t let anyone tag you in anything you feel uncomfortable with. Even if you were at the bong party, you want to be able to deny it.

More site updates

The final part of the website that existed outside of this blog was the Companions of Xarth Wiki, which up to this point was housed within PMWiki. I wanted to bring it into the WordPress framework along with everything else, just for simplicity and continuity. I have been needing to clean it out anyway, there are several half started projects that will never be completed, so I might as well dump it. I have not finished the transition yet, but I think it will be done by tomorrow sometime. At the top you should see a new tab for the CoX Wiki, if you see that I missed something important, let me know.

Edit: Okay, I am not going to get this done before next weekend.

The importance of backups

My friend Chad over at the Kurulounge, linked to one of my posts about my server being down, specifically the one where I discuss backups.


This is something that is important, I agree with Chad, and it is worth repeating, if you have proper backups, it solves so many problems and in this day and age there is really no excuse for not doing it. Carbonite is a great idea, but there are other options as well. I use Dropbox, for the paid accounts, they maintain older versions of your documents for 30 days, longer for business accounts. This means, if you get hit by Ransomware, you simply format and reinstall, then delete all your infected files from Dropbox and download the previous un-encrypted versions. Then instead of sending a bitcoin to the Russian government, send them a message that says “Nice try asshole!”. Don’t think because you are running Malwarebytes that you are safe, remember anti-virus and anti-malware software is only as good as its last update and the bad guys will always be 1 or 2 weeks a head of the good guys.

Backup your files, then test your backup, then backup again!

Site Updates

I had a couple of standalone pages on this site. These pages were basically picture albums that PezWitch wanted done. One memorialized her favorite cat Bunter and the other her Grandmother Ellen. I also had one that posted the pictures I took for Thanksgiving last year. I have migrated these pages to the blog, you should be able to see them under “Picture Albums” Tab at the top.

I also added two new albums, while I was spring cleaning I came across a frame that had multiple pictures of PezWitch from childhood on. None of these pictures had ever been scanned, so I scanned them and added them to the collection. Since I had one for PezWitch, I thought it might be a good idea to have one for myself as well.


I am over Twitter

I officially declare Twitter the new MySpace, only people who are hopelessly uncool and out of touch continue to use it.

Make sure your porn collection dies with you

The last thing any of us want is to die suddenly and have innocent relatives discover the porn collection stashed on our computer. My solution to this problem is fairly simple, a virtual machine where you can safely download and enjoy porn, without having to worry about clearing you browsing history or storing you videos in misnamed folders. The virtual machine is installed into an encrypted folder or drive where only you can access it. I also suggest taking the additional step of loading the virtual machine with Linux, simply because it is less vulnerable to the malware that tends to inhabit the dark underbelly of the internet. There are many alternatives and combinations of tools, but what I am inclined to use is VeracryptVirtualbox and Ubuntu. You could just as easily use BitLocker, VMWare and Fedora. This is not going to be a tutorial, I am not especially interested in providing a step by step of how to do this, none of these things is terribly difficult to figure out. My intention here is to simply present an idea, a solution to a problem.

RE: Website reconstruction work

I have finished going through all my old blog posts looking for missing pictures. I believe I have gotten them all. If I still had the picture, I uploaded it again, if I did not have it, but got it off the internet, I tried to find the original picture and barring that, I uploaded something close to it. If I could not replace the picture at all, I simply replaced it with picture not available. As I said yesterday, if you come across one please let me know so I can fix it.

Edit: Oh and yes, for those of you who noticed, I did delete all of the old political posts I made, but I did that last November.

Website reconstruction work

So I spent some time today going through my blog looking for missing pictures. I have found a lot of them. If I have the picture, I am re-uploading them, if I don’t have the picture or I cannot find where I got it from on the internet, I am replacing it with “Picture no longer available”. This is probably going to take a while to complete, if you come accross an old post with a broken picture or link, let me know and I will fix it up as soon as I can.


ESP8266 Basic

For a while now I have been working with a couple of ESP8266 wireless modules. These devices are pretty nifty and allow for some interesting projects with both Raspberry Pi and Arduino. The biggest actual hurdle is leaning to program them properly and use AT commands to configure them. I found this a bit odious until I discovered ESP8622 Basic, a firmware update that lets you program them using the Basic programming language and a web page interface. The guy who wrote the firmware is a Windows user and does not really have any instructions for flashing the firmware if you use Linux. Through trial and error I figured it out and want to document it for the ages. I use Ubuntu 16.04, so the instructions will be specifically for that, however adapting them to another distro should not be tough. I am using a NodeMCU ESP8266, I like them because they have a built in USB interface and have GPIO pins to make it easier to attach LED’s and sensors. The first thing to do is to plug it in to your computer, there is no need for drivers, it should be recognized instantly and attached to /dev/ttyUSB0, if you have more than one hooked up, the port may end up being different. But once that is done, open a terminal and move on to the next step.

First we need to get the dependencies:

sudo apt-get install python-serial git

Next we need the flashing tool esptool.py:

git clone https://github.com/themadinventor/esptool.git

cd esptool

Download the ESP8622 Basic firmware:

wget https://github.com/esp8266/Basic/tree/NewWebSockets/Flasher/Build/1M/ESP8266Basic.cpp.bin

Then we flash the new firmware:

sudo python esptool.py –port /dev/ttyUSB0 write_flash 0x00000 ESP8266Basic.cpp.bin

Finally you can connect to the device and start programming it by connecting to the ESP network which should be listed as an available wireless network, then point your web browser to and you should be off and running.





ESP8266 BASIC Sets Up a Web Remote in No Time

Basically, It’s an ESP8266



Things I have been doing

The last couple of months (November 9th if you must know) I have been working on securing my technology, I am trying to do better in keeping myself safe. Here is the list of things I have accomplished;

  • Encrypted my smartphone and iPad
  • Encrypted the hard drives on both my computers
  • Added two factor authentication to Lastpass, Steam, Dropbox and my Google account
  • Downloaded and installed the TOR Browser

I am not going to lie to you, this has added a new level of “Pain in the ass” to using some of my technology, however, I feel considerably safer now that it is done. The thing I am having the most trouble with is TOR. While it is easy enough to get going, using it is just slow. I don’t mean a little slow, I mean SSSSLLOOOWWW!!! Some days are worse than others, but even the good days still suck really bad. For right now, there is no way I can use TOR for normal day to day stuff. For the foreseeable future TOR has been relegated to the “Just experimenting” bin.

The Dark Web Sucks

I am messing around with Tor Browser, trying to look around the so called Dark Web. I have to say it socks the big one. The naming conventions are random letters more or less, the connections are slow and the web pages look like utter crap. I was looking around for some interesting forums or blogs, but really all I found was conspiracy theory bullshit. To be fair I did not spend a ton of time with it and I am sure there is more interesting stuff out there, i just need to look harder.

RE: Facebook and Me

Facebook, well really all social media, and I have always had a tenuous relationship. I mean I almost always have to force myself to post anything with any consistency. Lately I have found myself self censoring, basically not responding to things other people posted because I didn’t really want to stir the pot. When I would post things to stir the pot, I found basically everyone else is self censoring as well. So then the question becomes what do I need social media for?

The obvious answer here is so I can stay in touch with friends and family. This makes sense on face value, Facebook lets me keep track on people in more or less real time. Going back to my first paragraph, if I am self censoring and everyone I know is self censoring, then we are not really having any sort of real dialog. All we are really using the platform for is to send targeted messages to each other. Okay, I have an email address for that and a phone number that receives text messages. So then I am back to the question what do I need social media for?

PezWitch uses social media as a way to express herself. She posts pictures and video’s on a near daily basis. Much of this stuff is very creative and fun to do, I can see why she does it. My hobbies are very different though, I play dungeons & dragons, read comic books and mess with computers. This blog is very much an expression of those hobbies. For the most part I enjoy posting here because I know the people who come here do so to specifically read what I am writing and people who don’t like it rarely come back and that is alright with me. Posting stuff on Twitter there is a 100% chance someone whom you do not know and has no business reading your posts is going to read something they don’t like and freak out. Here its nice and quiet, its just me writing about things I enjoy doing and if someone gets stupid, I delete their comments and block their IP address. Once again I am back to the question of do I really need social media?

BBS, past and future

Over the last several weeks I have spent a lot of time working on my little corner of the internet. I built a new server, one specifically designed to house virtual machines and run with little need of maintenance or even outside interference. I have been running my web site on a virtual machine for some time now, this something I do not want to modify much or add services to, I just want it to run this blog, my gaming wiki and perhaps at some point I will add some forum software to add another dimension to my Friday night game.

I have since, built a second virtual machine, this VM is where I do all the stupid things, things that are not as secure as they could be, things that could potentially screw with other things. In other words, this is not my production server. Right now the only thing it does is run Mystic BBS. You can access it via telnet, but there is nothing on it at this time. I originally started messing with this software as a prop for my Cyberpunk game, but as time went on, I never really used it for that. During the process of researching old BBS software, I came across an blog post that discussed the future if BBSing.


Let me be very specific about his, BBSing has not future outside of being a niche hobby. BBS’s have already been replaced with better software, better interfaces, and better methods of access. The BBS scene died not because it was particularly bad, it had just become obsolete. The only reason there are still telnet BBS in existence, is for the same reason there are still Commodore 64 hobbyists. They don’t do it because it is better, they do it because it gives a feeling of nostalgia, it gives them a little piece of “The Good Old Days” back. There is nothing wrong with this, but it needs to be kept in perspective.

RE: Setting up Mystic BBS on Linux

Almost a year ago I wrote tutorial on setting up Mystic BBS software under Linux.

Setting up Mystic BBS on Linux

I had a couple of problems with it, first I was never able to get Telnet to properly work and ssh required users to login twice. I have since figured out how to get Telnet to work and dispense with ssh altogether. The instructions in my previous post still apply, except I would download the latest Alpha version 1.12 A22, this supports 64 bit Linux, so you do not have to install all the 32 bit libraries to make it work.

Second, once you have gotten everything running, add the following line to the /etc/rc.local file

/home/mystic/mis -d

What this does is starts the Mystic BBS built in server in daemon mode, turning your system into a Telnet server. The server software even transitions itself to run as the owner of the program rather than root as a security precaution.

I have not made this accessible to the public, I am not sure I am going to. I originally started this project as part of my Cyberpunk campaign, as a sort of prop to be used during the game. While this was an interesting exercise in 90’s technology, it really is terribly outdated, and does not really offer anything a mediocre website with plug in parts could not do better.




On June 3rd, Roll20.net is having an online gaming convention. I have decided I am taking the day off and I am spending the day playing D&D online. I really want to play, but every time I look at the available games, nothing jumps out at me. I have been back several times and watched new games get posted and older games fill up, but still nothing really grabs me and says, lets go. I think I have the same basic problem I have always had. I prefer to game with a very specific set of people. I think I have to force myself to game with people I don’t know. In the past when I have done so, I have always had fun, so I don’t know why I am so reluctant to do it.

Edit – Update: Okay I broke down and signed up for two games; here is my tentative convention schedule;

12:00 AM Opening Ceremony

5:00 AM VIP Streamed Game (I may not make this)

9:00 AM Panel, Publishing in the Digital Age

10:00 AM The Ruins of Efreeti (D&D 5E)

3:00 PM Mutants & Masterminds 3E Game

9:00 PM VIP Streamed Game

11:30 PM Closing Ceremony

Recent Projects

Recently I have been messing around with Arduino boards. At first I was looking at them as an extension of my Raspberry/Banana Pi boards. That was definitely a mistake, these things can be programmed to do a fairly wide variety of things.


Pictured here are the two projects I have been working on. To the right is a simple digital picture frame, this was not terribly difficult to put together, it is kind of ugly but runs off a battery pack. To the left is what I refer to as the Turtle, which is a prototype sensor platform, the idea is it will collect data on light, temperature, sound and movement, transmitting all of this data to my webpage via wireless network (you can see the ESP8266 wireless bridge in the upper left quad of the picture). Currently the networking portion has been completed, I can interact with it across the network, the next stage is mounting the sensors.

April 1st

I will not be on the internet at all tomorrow, no good ever came on the internet on April 1st.

My hopes are high

I am a man of the digital age. Although I was born into a time before computers were anything people thought they may someday own, I have embraced the idea of digital technology and everything it has to offer. I do not remember the last time I read a paper book, a comic book, magazine or newspaper. For that matter, I don’t remember the last time I bought an actual music CD. All of these things have been replaced by digital versions. I no longer play Dungeons & Dragons in person with my friends, we play using an internet chat and mapping program. In fact, most of my best friends are online rather than people I physically talk to everyday.

I think about how my Grandmother must have felt. She was born in a time when horse and buggy was the predominate mode of transportation of the world and she lived to see a man walk on the moon, can you imagine that? When I was born, cars were the predominate mode of transportation and it still basically is and that technology really has not changed much in the last 50 years. On top of that, we pretty much lost interest in manned space flight, we pretend to play at it, talk about going back to the moon or even Mars. The reality is though, there will be no manned space vehicle leaving earths orbit again in my lifetime. We as a people simply do not have the will or the sense of adventure we had 50 or 100 years ago.

What has changed in my life time, is computers. I marvel at how far we have come in my lifetime. When I was born computers still filled buildings and ran on vacuum tubes and had very little connectivity. Today, the phone I carry in my pocket has more computing power than there was in the whole world on the day I was born. In the early 60’s they used computers to calculate trajectories of missile, today we use them tweet about our bowel movements.

I am no longer waiting for my chance to go to space, I am no longer waiting for a personal jet pack, I am no longer waiting for life extension treatments. What I am still waiting for is usable consumer grade virtual reality, Occulus Rift is not quit there, but we are on the verge. I am also waiting for truly useful wearable computers, smart watches are getting us close, but still not it. I would also love to see the first true AI in my lifetime, again, there are some good smart systems out there and some interesting work being done in computers that learn, but we are probably still 20 years away. My hopes are still high.

Carnifex.org update

For the last couple of weeks I have been experiencing issues with my website and the server it runs on. There seems to be a lot of lag, high CPU and memory usage, some things like that. If you remember, last year I switched from running this site from a Raspberry Pi to a Virtual Machine. One of the advantages to running the site on a VM is the ease in which I can back it up. So rather than spending 6 hours trying to figure if I had been hacked or if Apache2 was just broken, I simply restored from last known good backup. It took me maybe 2 hours to get everything back up and running. First I installed the backup VM on my main system and made sure it did not have the same problem, getting it updated and patched before putting it directly on the internet and installing newer posts the backup did not contain. There is still a bit of work to do, like the CoX wiki is a bit outdated, but nothing I don’t have a backup for. So everything worked the way I assumed it would.

And yes, I have created a new restore point.

RE: Email Archive

From December 2005 until January 2007 I kept every single personal email I sent and received. I wrote about this about a year and a half ago as I was trying to decide what to do with this on the 10 anniversary of this archive. I was thinking about posting each email here on the day it was sent or alternately just putting it up for anyone who wanted to could look at it. However, as I read through the emails, I found there was a lot of very personal things in there, not just about me, but my friends and family as well. There are emails in there from people who are now dead and emails from people I have not spoken to in 8 or 9 years. So in retrospect I think those two options would be inappropriate. Maybe at the 20 year mark I will reconsider, because at that point, I don’t think anyone will care what we were doing or saying in 2006.