Mike Pelley's Musings

Well, I have most of the Pelleys.com web sites migrated to TLS certificates. (I want to say SSL but “SSL” is obsolete.) I have actually wanted to do this for some time but I did not want to pay for the privilege. However, on October 8, 2016, Google announced on the Google Security Blog that “(b)eginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure” and that “(e)ventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.” So, I decided to get my arse into gear and do something about it.

A quick web search led me to Let’s Encrypt which is a “free, automated, and open” certificate authority.  The list of current sponsors for Let’s Encrypt is quite impressive including Mozilla, Akamai, Cisco, Chrome and (of course) the EFF. The documentation is pretty good but, as Let’s Encrypt notes, this is beta so…

The biggest problem I had is likely related to the fact that www.pelleys.com, blog.pelleys.com and wx.pelleys.com have been migrated one to many times between various versions of CentOS and Apache and my config files are, to be charitable, a mess. After some messing around I determined that when using VirtualHost what seems to work for me was for each individual VirtualHost I had to use:

<path>/certbot-auto -d full_fqdn_virtualhost -d full_fqdn_virtualhost

Maybe (likely?) I missed that in the many examples but if someone finds this useful – Great!

The only thing that I that Let’s Encrypt is lacking, from my perspective, is that:

1. It is *nix-centric – not a big issues since I use Ubuntu and CentOS; and
2. I have yet to determine how to put the Let’s Encrypt certificates on a firewall (e.g., for SSL-VPN connections). This may be likely, in my opinion, that those using SSL-VPN connections are businesses not home geeks like me 🙂 I will keep digging. If I find out something I will post it.

The other bit is that if you are using WordPress – you likely noted that I do since you are reading this post 🙂 – that once you upgrade the at the web server level (e.g., Apache) the site will still be “broken” since the inpage links to graphics, etc., are listed as HTTP instead of HTTPS. To fix this install the Really Simple SSL plugin for WordPress and follow the instructions.

The ESA’s (European Space Agency) Rosetta mission to comet 67P/Churyumov–Gerasimenko was completed today.

From the ESA:

Confirmation of the end of the mission arrived at ESA’s control centre in Darmstadt, Germany at 11:19 GMT (13:19 CEST) with the loss of Rosetta’s signal upon impact.

Rosetta carried out its final manoeuvre last night at 20:50 GMT (22:50 CEST), setting it on a collision course with the comet from an altitude of about 19 km. Rosetta had targeted a region on the small lobe of Comet 67P/Churyumov–Gerasimenko, close to a region of active pits in the Ma’at region.

More information can be found here: http://www.esa.int/Our_Activities/Space_Science/Rosetta/Mission_complete_Rosetta_s_journey_ends_in_daring_descent_to_comet

I liked the Twitter picture: (https://goo.gl/Z8wwYX)

I noted in my first post that (a) I was not a diarist and (b) posts would be irregular. Now, even I will be first to admit that eight months (more or less) between posts is a little more than irregular.

I do have some excuses, though…

1. One of our team at work, let’s call him Sgt. Hurtz to protect the guilty, kept telling me about a game called ArmA 3. I eventually gave in and bought the game. Of course, after a very short introduction Hurtz buggered off to play a different game. And, of course, I was hooked. Usually play lone wolf and focus on AI missions. I get killed by other players much more that I kill them but its just a game. Since the Apex expansion came out I started playing, from scratch, the Tanoa map. I play the Exile mod on the Exile Yorkshire servers out of, obviously, Yorkshire in the U.K. The most important thing about an online server is the admins and, while nowhere experienced in online gaming, the Exile Yorkshire admins are always top notch. The have a nice Facebook page you can join where they listen to suggestions, deal with hackers/cheats, etc. And this game is far too good at allowing your to waste your time.
2. I have written about how I used VMware ESXi in past posts. Since the latest version of ESXi came out (6.0.0) my old server, an HP ML310 G5, is not supported because of the built-in RAID controller. This was annoying but not such a bad thing as I was limited by the amount of RAM (8GB total and my work experience has shown that VMware wants RAM not CPU) and, frankly, the CPU was getting a little long in the tooth. It was time for an upgrade. I like HP servers so I wanted another Proliant. I looked on eBay and for a great price I saw an HP DL360 G7 with a 6 core Xeon at 2.93GHz, 3 x 300GB SAS drives and 72 GB of RAM. It also has four built in GigE ports. For under CDN$1,000. Perfect. I also decided to move storage to one of my NASes, the QNAP, via NFS. The only potential problem is that the QNAP NAS only has one GigE network port but so far no problems. I also moved to boot from USB thumb drive. Network-based storage also makes it easy to move from one VMware host to another :-).
3. Just before I went on vacation my old video IP server (Aviosys 9100A Plus Video Server) died. It was over four years old and only cost about $35 so no big deal. I found another good deal on eBay for a used Axis 2401+ professional grade video IP server. It was good deal (except for the fact that shipping from the US was more than just the price of the server). Since I had to mess with the code to get it working I saw no harm in working on something that I had been thinking about for some time: Take the 5-minute weather camera snapshots located on my weather page and compile them into a 24-hour time lapse video. The previously day’s video is located on extweb.pelleys.com. It isn’t posted on as a link but at http://extweb.pelleys.com/webcamtimelapse/ there is an index of the previous days’ videos. There is a problem with the time stamps so I haven’t put up the link. (Playing too much ArmA…)
4. My son decided that he wanted to start taking notes at school on a laptop. Since they no longer teach how to write – how to print does not seem to be much better – typing his notes might be a great idea. (NOTE: I am not directing this at teachers. I do question those who are setting up the school curriculum and I am not the first one to question it. See questions on math…) So, off to Best Buy and Staples we went since the back-to-school sales were on. Microsoft had $300 off on the Surface Pro 4. (No more plain Surface – it seems the Pro has replaced the plain surface and the Surface Book is the new “pro”.) Since we demo’ed the Surface Pro 4 at work and I had one for almost a month I thought that it would be a great deal. The Surface Pro 4 is the tablet that I would like to have at work when the time comes. I use OneNote for all my meeting notes, etc. and the Pro 4 is a great combination. Light, removable keyboard, great stylus (my HP Revolve 810 G1’s styles defies description it is that bad…).

Every blue moon I take a trip back on the Wayback Machine at the Internet Archive to look at what www.pelleys.com looked like. Looking through the information from www. pelleys.com on December 3, 2001, I found this information on the web server:

The HP NetServer LD Pro runs Red Hat Linux 7.0. It uses Apache with PHP and Perl as the web server. FTP services are handled by ProFTPD. The NetServer also provides primary internal dynamic DNS services with BIND 9. Live Web Cam services are procided by RealServer 8. Of course, it is constantly updated with security patches!

The NetServer was configured with:

• Intel Pentium Pro 180 MHz CPU
• 96 MB ECC RAM
• One fixed 9 GB Ultra SCSI disk
• Two hot swap 9 GB Ultra SCSI disks
• 24X SCSI CD-ROM
• Intel EtherExpress Pro/100 Plus network adaptor

www.pelleys.com is now hosted out of a co-lo in Montreal, Quebec now but there still is an internal server. It has been upgraded a little bit from 2001…

HP Proliant DL360 G7 configured with:

• Intel Xeon X5670  2.93Ghz 6-core CPU
• 72 GB RAM
• 3 x 300GB 10K SAS disks
• P410 Raid controller
• Dual Power Supplies
• VMware ESXi 6.0
• Storage on a Qnap NAS using NFS

Just a little faster, little more storage and much, much smaller and lighter….

Another Christmas Day is over (and Boxing Day, and the day after boxing day) and I have finally gotten a chance to install a new SSD in my Lenovo Y50-70. I spent Christmas Day installing a new Samsung Evo 850 and a new motherboard with and Intel i7-4970K. For some reason it seems to run really, really fast. 🙂

Now, he has over 65 Steam games – he insists that he plays them all and doesn’t want to lose his progress. The original drive is a 3TB WD so I couldn’t just clone the drive as the Samsung is only 500GB. He wanted Just Cause 3 and Fallout 4 to load fast; so I had to split the Steam locations between the two drives. Everyone else likely knows this but you just have to backup the Steam games, move the install locations where you want to be and add their locations to steam. Then just “restore” the games. The Steam application is smart enough to realize nothing needs to be restored and seems to fix the pointers and/or reinstall the Windows Visual C++, etc. libraries and all is well. This took a long time for me since I had to back up to one of my NASes since I was messing with the original drive and doing a Windows 10 installation on the new Samsung. Even at gigabit Ethernet speeds 800GB takes a long time. Anyway, this does work and progress remains.

Next I had a chance to install my Samsung Evo 850 (1TB) in my Lenovo. The original drive, a Western Digital 1TB + 8GB hybrid drive – which I was never much of a fan as it did not seem as fast as the 500 GB 7,200 RPM drive in my old Dell XPS 15 – reported to be the same size as the new Samsung. My first thought was that I should clone the drive. However, on reflection I thought I would reinstall Linux Mint 17.3 and Windows 10. The reason was simple: both were upgrades. While I had already (first thing actually) reinstalled Windows 8.1 that had come with the Lenovo to remove the crapware bloatware (not to mention other issues – last one here) the fact was that the current operating systems were upgrades. Windows 8.1 to Windows 10 (current addiction is Arma 3 and multiplayer really does not work with the Linux port – nice port though!) and Linux Mint 17.2 to 17.3 so there was likely some cleanup benefits to be had by reinstalling. And besides, I could simply copy my Mint /home directory to the new drive and use Windows Easy Transfer to move my profile.

Wait now… I cannot find Windows Easy Transfer… Hmmm… Googling… Googling…  It seems that Windows East Transfer worked so good that Microsoft removed it. Oh yes, there is a tool to move to a new computer but there has to be two computers.

This ain’t gonna work.

What to do??? What to do???

More Google… And I found Macrium Reflect. (Yes, *nix hard cores, I did try dd but it did not work correctly. It could be me but frankly I didn’t want to take the time to find out what broke.) The free version works just fine for cloning a drive. Another nice option – and Macrium offers it up as soon as you start – is to make a recovery CD/DVD, ISO or write to a USB thumb drive. Use this option. Macrium will clone your original drive quickly and correctly (about 1.5 hours for 1TB). However, I had two things that needed to be done:

1. The BIOS had to be changed to use the GRUB bootloader. For some reason my BIOS set Windows to be the bootloader.
2. Once that is fixed when I tried to boot to Windows I received the error 0x0000225. The is where the recovery image comes to play. It finds the Windows partition and fixes it. It does not break GRUB either!

WTF??? I was on cnn.com when I saw an article “See U.S. Navy combat ship at top speed” (http://goo.gl/2xK32I) that seemed interesting. I find it impressive for a combat ship going all out. This one is a new “Littoral combat ship” the USS Milwaukee. I am always a big fan of 3,800 tons going at 45 knots. Anyway…

I needed to watch at 30 second ad for a 40 second video… Advertising gone mad…

It has been some time (again) since I posted and I have a few things to write about. Until then… I saw at the end of a Chuck Lorre show:

Chuck Lorre Productions, #401
“Truth is stranger than fiction, but it is because Fiction is obliged to stick to possibilities; Truth isn’t.”
— Mark Twain

“Do you believe this $#*!?”
— Chuck Lorre

It is moonshine!

Moonshine – August 29

I realized on Friday that the Lenovo Energy Manager on my Y50 was no longer working.

First, some words of clarification: I spend a few hours with my dear friend Google trying to find out haw to fix “battery saver.”  (Well, actually I was watching the Back to the Future trilogy on AMC, but I digress.)

Battery saver to me is how you keep the lifespan and capacity of your laptop’s batter in as good shape as possible. You know, not keeping the battery charged to 100% and overheating when plugged in.

I learned two things about this: (1) “Battery Saver” does not mean how to keep your laptop’s battery in good shape – it is how to keep you laptop going as long as possible and (2) I have no idea what others call my version of battery saver.

Anyway, after going through countless search results I found someone (and I cannot remember who to give credit, unfortunately) defined battery saver the same as I do.

The solution: Uninstall Lenovo’s Energy Manager and reinstall it! Simple, what?

Again:

If you upgrade a Lenovo Y50 from Windows 8.1 to Windows 10 you likely will need to uninstall Lenovo Energy Manager and reinstall it to have  “Conservation Mode” (which is what Lenovo calls my version of “battery saver”) actually work.