If you stop reading after this sentence, it is perhaps enough to know that Neverwinter is, if nothing else, as simple or as complex as you want it to be. It can be a casual game you can play here and there, or it can be a game that allows you to invest hundreds of hours exploring every little thing the game has to offer, and even create some content of your own. That dichotomy is evident right off the bat in the initial character generation (a necessary evil for some, an imagination heaven for others). Click “Next” through it and be done in 5 minutes, take an hour or more customizing everything, or find a happy medium. I was off the boat and adventuring in about 10 minutes, myself.

Because none of my gaming friends have delved into this game, I’m just following the story solo style with my Rogue Trickster (Samuel Haines on the Dragon shard, in case you’re interested). There are NPCs to talk to, and they give you all the standard quests we’ve all come to know and love; search & destroy, courier, explore, & protect/escort. Regardless of the task type, there is almost no barrier to entry. It’s been said in other places, and I’ll say it again, in a lot of ways the game feels more like an old school FPS, but with the bells and whistles of a modern-day MMORPG – and I’m saying that with a lot of nostalgic love of the old school FPS (and not a whole lot of experience with MMORPGs). Combat is especially reminiscent of the FPS; whatever beastie is behind your reticle is the beastie you’re targeting. There’s no hard “focus” that you have to explicitly change, making combat feel very fluid.

There are plenty of things to be intimidated by, and I suppose some things to be bothered by, but for some reason, I’m neither intimidated, nor really bothered by much of anything. For instance, there are about 6 currencies in a ridiculously complex monetary system, and each is used for different, yet sometimes overlapping things. I’ve been able to get by with the basic gold/silver/copper currency, and happily ignore the rest so far. There is a guild system, but being solo for the moment, I have no need of it – without friends to help me start a guild, I couldn’t use it even if I wanted to. There are things called “Events” which include other things like dungeon delves, PvP matches, and skirmishes, but I couldn’t tell you much about them, and am doing great so far without them. Crafting is a thing that exists, like in any MMO worth its salt, but it seems fairly complex, and I’ve been happy with loot drops.

There are also companions, which every player can employ. These are actually very nice. I have one now, and foresee having more. They are quite useful in filling whatever gap your own character leaves open. For instance, if you don’t deal a lot of damage, you can hire a damage dealing companion. If you don’t have much by way of survivability, you can hire a tank, or a healer. But choose wisely, you can only have one active at a time. Regardless, they often serve to get the attention of the bad guys, so you can do your thing without being pounded on. Companions are fun.

There is a thing called The Foundry, which is where players create their own adventures (User Generated Content, or UGC), but I haven’t even opened the GUI for that yet. I’d love to, and am really intrigued by the possibilities there, but if I don’t explore it at all, I’ll have fun anyway.

There is, to be honest, one thing I would see improved. There is no waypoint system, which means you have to travel, by foot or hoof, where ever you want to go – or at least to the edge of whatever instanced zone you’re in. Only there can you choose another zone to travel to. No teleporting straight to places you’ve already been from wherever you are. Fortunately, it doesn’t take too long to travel from one place to another, and I’m familiar with this mode of transportation from games I’ve played in the past. It seems a little dated now, though. I’d like a quicker way to get right where I want to go, without having to slog it too long. I’d also like Cryptic to streamline the task of moving from one zone to another. There are a few too many baffling clicks right now – why do I need to choose an instance every time? I don’t know. But honestly, those are petty complaints, given what I’ve paid for it. Which is exactly zero dollars.

I think I’m enjoying it because it’s so very simple, and yet there’s the promise of so much more if I want it (as if I’ll ever have the time). Even if I never peel away the outer layers of this game, I’ve already got more than my money’s worth out of it.

Feeling does not equal thinking.

You think ideas.

You feel emotions.

It irks me (admittedly far more than it probably should) when someone says, writes, or otherwise states the following, or any variation of “I feel that {idea} is…”

No. No you don’t. You think {idea} is whatever you think it is. You feel {resultant emotion}.

I always want to ask “You feel WHAT that {idea} is…? Happy? Sad? Indifferent? What?! You tease me with promises of feelings, but then give only thoughts! I think you confuse thoughts and feelings, and I feel frustrated and anxious because of it!”

I read the case of Lorenzo Oliver & his son being arrested for killing an opossum in their backyard (and the subsequent fallout), and the article contained the following phrase: “[assistant city attorney] said the city feels the officers have qualified immunity.”

Blowing right past the problems with police having qualified immunity, and skipping happily over the idea that an institution can independently think or feel anything at all, the city does not feel the idea that the officers have anything. The city thinks the officers have immunity. The city believes the officers have immunity. The city may feel confident in this thought, or conviction, or idea. Perhaps it even feels wounded or troubled that others wouldn’t come to the same conclusion (now now, poor city, it’ll be ok), but it doesn’t feel that idea. It thinks it.

I now conclude this ultimately pointless rant of the day.

Now I’m giving it a go again, with the hope that by being older and more mature, I’ll also be more focused and likely to follow through. I’m giving myself a better chance also, by building my routine slowly, one exercise at a time.

A few weeks ago I got things rolling and purchased a commercial spin bike I found via Craig’s List.

I decided on spinning to avoid the blistering heat that has plagued us here in the midwest, and it’s a lot easier to jump on the spin bike than get geared up for the road bike. Ease of use equals more likelihood to use. I’ve also made the spinning more fun by making sure I have an engaging TV show on DVD to watch. I like that format b/c it’s about the right length at 40-45 minutes, and it keeps me entertained through the workout.

After two weeks, I’m doing well with the spinning, and by well, I mean I’ve used it nearly every day. I think it’s safe to add a couple more exercises. This past week I purchased a joist mounted pull up bar, some leg lift straps, and some push up straps.

My intent is to help my weight loss and maintenance by building some additional muscle. I’ve heard that’s a thing that works.

Some can jump right onto a double diamond and make it happen. I’ve learned that I can’t do that. To get the results I’m looking for requires a change in lifestyle and priorities, and I’ll fail if I try too much change all at once. So I’m forcing myself to slow down, work through the easier levels first.

Innocuous Grassy Knoll Where Many Geese Perished

There were two groups (gaggles?) of geese: one on this side of the tree, and one on the other side. She would chase the one group onto our parking lot, and the other would creep towards her lot. So she would run chase after the other group, and the first group would creep back in. And by run, I mean hobble ineffectively in high heels through grass and over uneven asphalt, hindered by her knee length skirt and goose rage. Repeat for nearly 30 minutes.

Eventually the geese gave up and calmly wandered off in a line and away from her. But she wasn’t convinced they were through… as she walked away, she kept glancing back to make sure they weren’t returning.

I’m honestly not sure what her problem was… they were just relaxing in the grass, nibbling here, napping there. But she was serious with the waving hands and the yelling. She was NOT about to let those geese enjoy that grass.

When I get a chance, I’ll upload the video I took. It’s mostly boring, but there are a couple of good moments.

Two weeks ago, on Tuesday, May 8, I went in to have my eyes read and new contacts ordered. I was overdue both in terms of contact wear-n-tear, and prescription changes. Everything went well, and the new contacts were ordered.

They arrived on Monday, May 14, but something just wasn’t right. The left eye was too strong, and the right eye was too weak.

I was able to make an appointment for Thursday, May 17 to have my eyes read again with the new contacts. My optometrist, slightly confused at how bad they really were, got the new numbers and ordered new contacts. I picked them up yesterday, May 21, and something still wasn’t right. This time, the left eye was too weak, and the right eye was too strong. Just the opposite of what they were before.

Fortunately, my optometrist was able to get me in as soon as today and we think we figured it out.

When the first pair arrived, (and this is the crucial part) the tech responsible for verifying that the contacts delivered matched the prescription ordered… didn’t. And guess what! The contacts didn’t quite match the prescription ordered!

Aside: Apparently, this is more or less normal to a slight degree. There will be some variance in the strength delivered vs. the strength ordered. It’s small enough that the eye can very easily compensate, but it’s there all the same. In this case, the variance was way off. I understood the difference to be something like correcting for 20/700 instead of 20/650 (she was talking dioptics and all manner of things that went in one ear and out the other). That’s a difference that the eye, or at least my eye, couldn’t compensate for. It was painful. I felt it in the back of my skull.

Oh, and yes, I’m quite near-sighted.

We were able target the moon with a manned missile in the 1960′s with nothing more than an abacus, a plumb bob, and a chalk line, but we can’t nail down prescriptions for contact lenses today. Does that seem right to you?

So, when I went in complaining that they were wrong, my optometrist, assuming that the techs had done their job, corrected the prescription against the original correct prescription, rather than against the new incorrect contacts, resulting in an order that was twice incorrect.

When those lenses arrived yesterday (May 21, 2012), they also weren’t verified against the order. Not that it would have mattered. They could have matched the order down to an atomic level, and they would still be incorrect for my eyes, because they were ordered using incorrect information.

So today, when I went in complaining that, yet again, the lenses gave me headaches, my optometrist took a step back, thought about it (because she was just as confused as I was), and decided to get a read on the lenses herself (if you want something done right…). What she found, as I’ve already described, is that the first pair ordered was wrong, and that the second pair ordered were wrong again because they were based on the assumption that the first pair was correct.

Fortunately, the pairs were wrong in such a way as to allow the left lens from the first pair (too strong), and the right lens from the second pair (also too strong) to simply be corrected, rather than another brand new pair ordered. That way we eliminate the variable of curvature on the concave side. They sit on my eyes just fine, but the strength is off. That’s easily correctable. If they had to correct the concave side, they would have had to adjust the convex side as well to meet the prescription requirements. Too many variables. This way, they only have to buff out one side.

I hope.

I’ve been with this optometrist for nearly 8 years, and this is the first time I’ve had any difficulty getting a prescription right. That’s not bad, and to be clear, I’m not taking this as a reflection on her skillz, yo. Things happen. Next time, though, I assure you, this thing won’t happen again. I’ll be all like “Yo, you get that lens verificated all up in there right?!”

That’s exactly how I’ll be.

Just like that.

Count on it.

YOU ARE IN POSSESSION OF A DEVICE SOMEONE IS CLAIMING

All of the following ideas assume that you are, in fact, of the mind to return the device. If you’re just going to throw it away, or keep it for yourself, then naturally you can ignore this entire post.

Before any of the following steps are taken, ask that the claimant produce a photo ID, and make note of the name for your own records. You might consider asking for additional contact information, such as an alternate phone number and/or email address.

Prior to showing the claimant the device, ask the claimant to describe the carrier, make, and model of the device. Inspect the device for any tell-tale marks, scratches, or unique behaviors (loose keyboards, connections, buttons, etc.) that the device exhibits. Ask the claimant to describe the device, and listen for any description that matches the unique characteristics you noted. Do not volunteer any information about the device.

In each of the following situations, run through at least one of the verification options. Performing all of them might be overkill, but performing none of them is irresponsible.

The Phone Has Power and the Screen is Locked

• Make the claimant call the phone from another phone. This will, at the very least, prove knowledge of the phone, if not ownership.
• Make the claimant unlock the phone prior to leaving with it. This will prove a greater degree of knowledge of the phone and owner, if not ownership.
• In the case of Androids and Blackberry’s, remove the battery and call the carrier. Give them the IMEI and the name of the claimant to confirm the carrier records match the person claiming ownership. Original iPhones have the serial number and IMEI engraved on the back metal case. For the iPhone 3G, iPhone 3GS, iPhone 4 (GSM model), and iPhone 4S, the SIM tray displays the IMEI number.

The Phone Has Power and is Unlocked

• Make the claimant call the phone from another phone.
• Make the claimant verify contents of the phone, such as contact names, pictures, home screen icons, installed applications, or any other unique aspect of the phone contents that prove intimate knowledge of the device. This might appear to be a breach of privacy, but if privacy was a real concern on the part of the owner, it would not be allowed to remain unlocked beyond a very short idle period.
• In the case of Androids and Blackberry’s, remove the battery and call the carrier. Give them the IMEI and the name of the claimant to confirm the carrier records match the person claiming ownership. Older model iPhones do not provide physical access to this, but do provide this information on the About screen. Original iPhones have the serial number and IMEI engraved on the back metal case. For the iPhone 3G, iPhone 3GS, iPhone 4 (GSM model), and iPhone 4S, the SIM tray displays the IMEI number.

The Phone Does Not Have Power

• If a charger is available, charge the device until such a time as it will boot, then proceed with one of the following methods:
• Make the claimant call the phone from another phone.
• Make the claimant unlock the phone prior to leaving with it.
• Make the claimant verify contents of the phone, such as contact names, pictures, home screen icons, installed applications, or any other unique aspect of the phone contents that prove intimate knowledge of the device. This might appear to be a breach of privacy, but if privacy was a real concern on the part of the owner, it would not be allowed to boot into an unlocked state.
• In the case of Androids and Blackberry’s, remove the battery and call the carrier. Give them the IMEI and the name of the claimant to confirm the carrier records match the person claiming ownership. Original iPhones have the serial number and IMEI engraved on the back metal case. For the iPhone 3G, iPhone 3GS, iPhone 4 (GSM model), and iPhone 4S, the SIM tray displays the IMEI number.

YOU ARE TRYING TO CLAIM A DEVICE

If you have lost and are claiming a phone, then you should voluntarily offer the following methods to confirm the device is, in fact, yours, rather than someone else’s. This could save you significant inconvenience and will certainly save the real owner significant inconvenience and concern.

• In all cases, inspect the physical condition of the phone, looking for any tell-tale marks, scratches, or unique behaviors (loose keyboards, connections, buttons, etc.) that you know your device exhibits.

The Phone Has Power, And the Screen is Locked

• Unlock it. Additionally, in the very unlikely case that you and another owner of the same make and model phone use the same unlock code or pattern, verify the contents of the phone as belonging to you. If the phone has been tampered with, this will also give you the opportunity to identify any issues that might have arisen while it was out of your possession, and follow up with the individual or business who has had possession of the device.

The Phone Has Power, And is Unlocked

• Confirm the contents of the phone are yours. You know what’s on it. Make sure it’s what you’re expecting. This will also allow you to respond immediately if the phone has been tampered with.

The Phone Does Not Have Power

• Either bring a charger, or have the person or business call the carrier to verify the IMEI matches what they have on record for your account.

You Send a Friend to Pick it Up

• If you absolutely must send a friend to pick it up in your stead, provide them with enough identifying information as their trustworthiness allows, whether it be knowledge of the condition of the device, or knowledge of the unlock code or pattern and the contents of the device, so that they are able to answer any questions arising from the above methods and retrieve the correct device.

The above methods, if followed intelligently, will at least provide reasonable assurance that the right device leaves with the right person. No method is fool proof, and a truly determined thief will have done the research to be able to circumvent some of the methods described. But at least you can say you have done what you can to ensure that the device is in the right hands, rather than just giving the device to the first person who walks through the door saying they left behind a black phone with a screen on it.

Consider this a living guide that I will update with any good suggestions left in the comments.

I’ve uploaded all of them now to GoogleDocs for one. That’s the big change.

Other small changes, currently exclusive to the GoogleDocs versions, are minor formatting changes, formulaic changes to rid the sheets of #DIV/0 errors, and the removal of some extraneous columns to help with formula drag filling.

Furthermore, I’ve shared all the GoogleDocs versions so they’re public for the finding, though I’ve retained exclusive editing rights.

As always, suggestions and tweaks, especially those that stem from trial-by-fire experience, are always welcome.

Straight Pool & Equal Offense Scores and Stats Sheets

I’ve added some lines to take advantage of remote zipped files (.zip), which will help them by reducing the number of bits we’re pulling from them.

I’ve added some lines to copy the downloaded malware zones file to other servers behind my firewall, which will help them by not making individual connections from each server to pull the files. I just set up a cron job on each internal “slave” server to bounce named every morning timed for after this process is complete.

Here’s the updated code. It is, as is my wont, rather verbose. It is considerably more verbose than other examples out there that take care of this same problem, but as I said, such is my wont.

Also, it’s relatively untested, and I expect to be tweaking it. Use at your own risk.

On the “master” server, I’m using this…

#!/usr/local/bin/bash

# To know where script is running
HOSTNAME=$( hostname )

# To put file where named can see it
BLACKHOLEDIR=/var/named/etc/namedb/blackhole

# To name file so we know what named seeing
TMPZONEFILE=tmp.malwaredomains.zones
ZONEFILE=malwaredomains.zones
ZONEFILEBACKUP=malwaredomains.zones.bak

# To get updated file from remote server
URLGRABBER=/usr/local/bin/curl
USERAGENT="Malware Domain Grabber ( ${HOSTNAME}; unix; BASH )/0.1"

# To keep quiet while am getting file
URLGRABBEROPTS="-s -f"

# To know where file is hosted
URLS=( http://mirror3.malwaredomains.com/files )
TIMESTAMPFILE=timestamp

# To know how to decompress the file
UNZIPCMD=/usr/local/bin/unzip
UNZIPOPTS="-o -qq"

# To copy files to other servers so that we are only
# pulling the files once, though we have multiple
# DNS servers in house

HOSTS=( host1 host2 host3 host4 )

# MOUNTCMD: The mount command
MOUNTCMD=/sbin/mount
UMOUNTCMD=/sbin/umount

# FSTYPE: The filesystem type of the mounted partition
FSTYPE=nfs

# MOUNTDIR: The directory that the dumps will be written to
MOUNTDIR=/mnt

# To control bind
NAMEDCMD="/usr/sbin/rndc reload"

#==============================================================

# Get start time so we can know how long this thing runs
START=$( date +%s )

# Make our working directory the location of the blackhole files
cd ${BLACKHOLEDIR}

# Copy the current timestamp file to ${TIMESTAMPFILE}.old so we can
# make a comparison between what we have and what's out there now.
if [ -f ${BLACKHOLEDIR}/${TIMESTAMPFILE} ]; then
	cp ${BLACKHOLEDIR}/${TIMESTAMPFILE} ${BLACKHOLEDIR}/${TIMESTAMPFILE}.old
fi

# Attempt to download the timestamp file and zone file from each mirror.
# Break out of the loop at the first successful download of a zone file,
# otherwise, try each one in turn

# Assume there are no updates available
NEW=0

for URL in "${URLS[@]}"; do
	echo "Attempting to download from ${URL}"
	echo " Checking timestamps..."
	${URLGRABBER} ${URLGRABBEROPTS} -A '${USERAGENT}' -o ${BLACKHOLEDIR}/${TIMESTAMPFILE}.zip ${URL}/${TIMESTAMPFILE}.zip

	if [ $? -ne 0 ]; then
	echo "  ... timestamp download from ${URL} failed! Code: $?"
	# Move on to next URL so we keep the timestamp/zonefile pair intact
	continue
	else
	if [ -f ${BLACKHOLEDIR}/${TIMESTAMPFILE} ]; then
		# Unzip the new timestamp file over the old old one
		${UNZIPCMD} ${UNZIPOPTS} ${BLACKHOLEDIR}/${TIMESTAMPFILE}.zip

		# Do a little cleanup
		rm -f ${BLACKHOLEDIR}/${TIMESTAMPFILE}.zip

		OLDTIMESTAMP=$( cat ${BLACKHOLEDIR}/${TIMESTAMPFILE}.old )
		NEWTIMESTAMP=$( cat ${BLACKHOLEDIR}/${TIMESTAMPFILE} )

		if [ ${OLDTIMESTAMP} -ge ${NEWTIMESTAMP} ]; then
			echo " ... no new updates."
			# No new updates on this server... but how well are the various mirrors
			# kept in sync?  Let's try the others. This is a tiny transfer, and it's
			# only once a day, so it's pretty cheap.
			continue
		fi
	else
		# Timestamp file does not exist. Create it.
		${UNZIPCMD} ${UNZIPOPTS} ${BLACKHOLEDIR}/${TIMESTAMPFILE}.zip
		rm ${BLACKHOLEDIR}/${TIMESTAMPFILE}.zip
	fi
	fi

	# Backup and copy file to final location for named to find
	# (via "include" directory in named.conf)
	echo "Backing up zone file"
	cp ${BLACKHOLEDIR}/${ZONEFILE} ${BLACKHOLEDIR}/${ZONEFILEBACKUP}

	echo "Retrieving new zone file from ${URL}..."
	${URLGRABBER} ${URLGRABBEROPTS} -o ${BLACKHOLEDIR}/${ZONEFILE}.zip ${URL}/${ZONEFILE}.zip

	if [ $? -ne 0 ]; then
		echo "  ... zonefile download from ${URL} failed!  Code: $?"
		# Oops.  Try the next server.  If this is the last, then ${NEW} is still
		# set to 0, and we'll be done. Better luck tomorrow...
		continue
	else
		# We have a new timestamp, and were able to download the zone file from
		# the same server we downloaded the timestamp from.  Set ${NEW} to 1 and
		# get out of the loop. No need to check further.

		echo "Unzipping new zone file..."
		if [ -f ${ZONEFILE}.zip ]; then
			${UNZIPCMD} ${UNZIPOPTS} ${BLACKHOLEDIR}/${ZONEFILE}.zip
			rm ${ZONEFILE}.zip
			# Rename the zone file temporarily to allow sed to work on it later, and
			# and in that process, rename it back to the name that named knows.
			mv ${ZONEFILE} ${TMPZONEFILE}
		else
			echo "No new zone file..."
			exit
		fi

		NEW=1
		break
	fi
done

# If ${NEW} hasn't been set, then we either error'd out of all servers, or there are no
# new files. Either way, we're done.
if [ ${NEW} == 0 ]; then
	exit 1
else
	# Disable name checking for only those domains with underscores,
	# so we don't have to turn off name checking globally.

	SEARCH='_'
	FIND='blockeddomain.hosts";};'
	REPLACE='blockeddomain.hosts"; check-names ignore;};'

	# Get a count of the zones from the last update
	OLDZONECOUNT=$( cat ${BLACKHOLEDIR}/${ZONEFILEBACKUP}|grep "^zone"|wc -l )

	echo "Disabling checking on domains with underscores"
	sed "/${SEARCH}/ s/${FIND}/${REPLACE}/g" ${BLACKHOLEDIR}/${TMPZONEFILE} > ${BLACKHOLEDIR}/${ZONEFILE}
	rm -f ${BLACKHOLEDIR}/${TMPZONEFILE}
	
	# Get a count of the zones from the current update
	NEWZONECOUNT=$( cat ${BLACKHOLEDIR}/${ZONEFILE}|grep "^zone"|wc -l )
	echo "${OLDZONECOUNT} Previous Zones"
	echo "${NEWZONECOUNT} Current Zones"

	echo "Reloading named"
	${NAMEDCMD}

	if [ $? -ne 0 ]; then
		echo "  ... failed! Restoring zone file"
		cp ${BLACKHOLEDIR}/${ZONEFILEBACKUP} ${BLACKHOLEDIR}/${ZONEFILE}

		echo "Reloading old zones in named"
		${NAMEDCMD}

		if [ $? -ne 0 ]; then
			echo "  ... failed again!! You'll want to see to that."
		fi
	fi

	echo "Copying files to other internal network servers..."

	for HOST in "${HOSTS[@]}"; do
	DUMPDEVICE=${HOST}:${BLACKHOLEDIR}
	MOUNTRESULTS=$( ${MOUNTCMD} | grep "${DUMPDEVICE} on ${MOUNTDIR}" )

	if [ "${MOUNTRESULTS}" == "" ]; then
		echo ""
		echo "Mounting ${DUMPDEVICE} on ${MOUNTDIR}"
		${MOUNTCMD} -t ${FSTYPE} ${DUMPDEVICE} ${MOUNTDIR}
		if [ $? = 1 ]; then
			echo " ... failed. Files will not be copied."
			continue
		else
			echo " ... succeeded"
		fi
	else
		echo "${HOSTNAME}:${DUMPDEVICE} already mounted on ${MOUNTDIR}"
	fi

	# Copy the files to ${MOUNTDIR} as a temporary file. On the remote server,
	# we'll manage bouncing named if necessary.
	echo ""
	echo "Copying ${BLACKHOLEDIR}/${ZONEFILE} to ${TMPZONEFILE}"
	cp ${BLACKHOLEDIR}/${ZONEFILE} ${MOUNTDIR}/${TMPZONEFILE}
	if [ $? = 1 ]; then
		echo "... Failed to copy ${ZONEFILE}! You might want to see to that."
	fi
	# Umount the backup filesystem
	echo ""
	echo "Unmounting ${MOUNTDIR}"
	${UMOUNTCMD} ${MOUNTDIR}
	if [ $? = 1 ]; then
		echo " ... failed. You might want to see to that."
	else
		echo " ... succeeded"
	fi
	done

	END=$( date +%s )
	RUNTIME=$(( ${END} - ${START} ))
	H=$(( ${RUNTIME}/3600 ))
	M=$(( ( ${RUNTIME}/60 ) % 60 ))
	S=$(( ${RUNTIME} % 60 ))

	echo "Malware zonefile download on ${HOSTNAME} complete in"
	echo "${H} hrs, ${M} mins and ${S} secs (${RUNTIME} secs)"

	exit
fi

On the “slave” servers, I’m using this…

#!/usr/local/bin/bash

# To put file where named can see it
BLACKHOLEDIR=/var/named/etc/namedb/blackhole
ZONEFILE=malwaredomains.zones
TMPZONEFILE=tmp.malwaredomains.zones

# To control bind
NAMEDCMD="/usr/sbin/rndc reload"

if [ -f ${BLACKHOLEDIR}/${TMPZONEFILE} ]; then
	echo "New zone file exists..."
	# Rename the zone file to back it up
	echo "Backing up current zone file."
	mv ${BLACKHOLEDIR}/${ZONEFILE} ${BLACKHOLEDIR}/${ZONEFILEBACKUP}
	# Rename the tmp file to the name the daemon can find
	echo "Replacing it with the new zone file and removing the temp file."
	mv ${BLACKHOLEDIR}/${TMPZONEFILE} ${BLACKHOLEDIR}/${ZONEFILE}

	# Reload named.
	${NAMEDCMD}

	if [ $? -ne 0 ]; then
		echo "    ... failed! Restoring zone file"
		cp ${BLACKHOLEDIR}/${ZONEFILEBACKUP} ${BLACKHOLEDIR}/${ZONEFILE}

		echo "Reloading old zones in named"
		${NAMEDCMD}

		if [ $? -ne 0 ]; then
				echo "    ... failed again!! You'll want to see to that."
		fi
	fi
else
	echo "No update.  Quitting..."
fi

• the set up of the internet connection at the new place,
• changing DNS upstream to point to the new IP,
• shutting down and physically moving the servers,
• physically reconnecting them,
• connecting the wireless router to the new cable router,
• configuring the new cable router to account for the wireless router,
• configuring the external IP on the wireless router,
• firing up the servers,
• enjoy fun website availability and internal DNS goodness.

Every step went well and easy, all the way up until that last step.

Though all the laptops in the house connected just fine to the Comcast cable modem/router, the two FreeBSD servers simply would not. From a logical network topology standpoint, nothing had changed. None of the IP addresses, including the gateway and the subnet, had changed. As far as the server interfaces were concerned, they’d just been turned off and turned back on. Let me emphasize that – from a logical network topology standpoint, nothing had changed.

I had it set up like so:

Net -> Comcast Router -> Servers & Laptops.

But they weren’t working. One worked briefly, but then quit. The other never would work.

If the cat5 cable (any cat5 cable) was plugged in, a ping to the (same as before) gateway would result in “sendto: Host is down”. If the cable wasn’t plugged in, I’d get a “sendto: No route to host”. Clearly there was some awareness going on, and the NIC was functioning at some level, because pinging the assigned IP, localhost, or 127.0.0.1 would all return successful. I couldn’t get any response from the gateway, however, and no other working machines could get responses from the servers. It was weird.

So, I got on the phone with Comcast to ask them about any incompatibilities with the router and FreeBSD. I got some good information about my usable external public IP (unrelated to the problem at hand), and some completely bogus information about having to use static IPs within the DHCP scope on their router (yeah but… what?!). The first level tech support wanted to help, but he just didn’t have the expertise, and so he escalated me to the next level (who is well past their 48 hour self-imposed deadline at the time of this writing). I decided to change things up a bit.

I went to this setup:

Net-> Comcast Router -> Wireless Router -> Servers & Laptops.

Note that this is exactly the same as I had at my old house, with the substitution of the Comcast Router for the Surewest cable modem. Everything from the wireless router on back is identical.

You know what? The laptops all worked (I love knowing even rudimentary networking), but the servers still didn’t work. Having eliminated the router, cables and network configs, the fact that it doesn’t work anymore with the exact same setup as was at the other house tells me it’s a another type of hardware problem.

So I yanked the gigabit NICs right out of the servers and went back to the on-board 100baseTX ports and… get this – it worked just fine.

What I’m concluding is that the D-Link GigaExpress DGE-530T card doesn’t work well with the BIOSTAR N68S3+ and the Diablotek EL Series PSEL400 400W ATX PSU. I base that conclusion in part b/c, in addition to flat out not working anymore, there are times when the machines won’t power on when the DGE-530T is installed without some creative combinations of the case power button and the PSU switch. When those cards aren’t installed, there are no issues. What, I didn’t mention that before? My bad.

Given that when I put these servers together, I did so with as little cash outlay as possible. I’m thinking I’ve been bit by the “get what you pay for” principle. In time, I’ll beef them up a bit with better components. But for now, I’m just happy to be back online enjoying fun website availability and internal DNS goodness.

The whole thing started last spring, when we put our two houses on the market. This past spring, a year later almost to the day, her house finally sold and we had the wherewithal to purchase a new house. We packed her house into two POD units and moved them into storage until we had a place to put them. At the same time, we took mine off the market because it hadn’t sold yet, and we didn’t want to take the chance of it selling and us having no place to go. Turns out it wasn’t a concern, because we found the house we wanted to buy within days.

We made an offer, they countered, we met in the middle, and two long months later, we took possession. When that day finally arrived, we couldn’t move in immediately because we had too many other family obligations (Jami’s sister graduated with her doctorate! We couldn’t miss that graduation day…). So, exactly one week after we took possession, I had the two full-to-the-roof POD units filled with more boxes and heavy furniture than any one person has any business owning, delivered for unloading at the new house. With the help of some very friendly neighbors, we started unloading them that night. We continued unloading the next night, and did so until we dropped. We spent our first night in our new home that night. Fortunately, the bed was easily accessible in the POD unit, so we didn’t have to sleep on the floor. By the time we were done, though, it wouldn’t have mattered where we slept… we were too tired to care. Finally, on Saturday, some friends came over to help unload the rest.

By Saturday night, we were absolutely beat. Unfortunately, our work was not yet done. We spent Sunday at the old house, packing up, mowing the yard, and cleaning. Then we devoted that evening at the new home unpacking, straightening up and getting all the computers back online.

Being Memorial Day weekend, we had an extra day which was spent back at the old house for more packing (about 500lbs worth of books – plus lots of this and that) and lots of cleaning. Monday night was given to more unpacking, more cleaning, and more organizing. We did give ourselves a bit of a break for a glass of wine on the front porch before getting back to it.

At the end of the weekend, between the two of us and some very helpful friends and neighbors, we have a pretty good start on a new home.

But our work is not yet done. The POD units were still in the driveway as of Wednesday, to be picked up on Thursday and Friday. Saturday we’ll get a truck to move the rest of the heavy stuff out of my house. Until then, we’ll spend a lot of time at the old house getting as much packed and moved as possible so that the friends who are helping on Saturday only have to help us with the heavy items we can’t move by ourselves. From there, it’s a matter of final cleaning and finishing up a few little details here and thereto get it in tip-top shape to put back on the market. We’re hoping to sell it within the next 2 and a half months. We’ll see…

It runs a little fast on my m9700, but not too fast to play. The dialog runs together now and again when there is a lengthy challenge/response conversation playing out, but other than that, I’ve noticed no ill effects of the slightly accelerated rate.

I tried using the G3: Widescreen Mod in order to enjoy larger resolutions, but found that I had issues with mouse scrolling around the area at 16:9 resolutions that were less than the native resolution of my monitor (1920 x 1080). Because of the time consuming way the mod is applied, I didn’t try too many resolution options. I also noticed some frame rate issues at the native resolution in spite of the age of the engine (or perhaps, because of it). So I decided to stick with playing it the way it was originally released and patched. I’m not playing for the graphics, after all, but the experience.

I’ve heard rumors that it’s possible to convert BGI to the BGII engine, though. I might look into that. Graphics aren’t everything, but the BGII engine is so much nicer…

I probably won’t have much time in the next couple of months to do more than tinker with it here and there, but after we’re settled in to the new house, and some of my other responsibilities are managed (not the least of which is a FreeBSD build that’s proving difficult due to a troublesome inability to detect the hard drives once in sysinstall), I’ll be able to devote a little more time to it. I may even dive back into Baldur’s Gate II, and the Icewind Dale series.

I wonder how it’ll run on the X79 LGA2011 based machine I plan on building towards the end of the year. If it runs fast on a 6 year old laptop…

Let’s clear one thing up: On principle, I believe I should be able to use whatever password I want. If I want to use “abc123″, or “puppy1″, or “;a3Wfzu0J|rqVHj%l]x6PZdQHqhpK39vx5?|fSb9NmFdq”, I should be able to. I should have the right to be as smart, stupid, paranoid or legitimately cautious as I want (here’s the thing) so long as my choice doesn’t affect others using the same system. I’m not the only one to think along those lines.

Principles aside, I don’t have a practical problem with complexity enforcement. I understand that repositories of critical and/or sensitive data and services have a need to shore things up a bit with more complex passwords. That doesn’t stop me from thinking there are design issues at hand if my weak web password can compromise someone else’s data. I also can’t help but think the whole mess is, at least in part, driven by a disgusting, ludicrously naive and juvenile expectation that “everything will always be ok, and I’m entitled to it. It’s my right! So there!” and all the litigation that goes along with that childish attitude.

That all said, it’s one thing to require password complexity, it’s another entirely to not allow it past X characters. It raises some questions…

So I asked DiscoverCard about it: (May 05, 02011 09:41 AM)

Can you please explain to me the exact method by which discovercard.com website logon passwords are stored? The length limit greatly concerns me. With the major breaches of late (PSN, Sony, Lastpass, MySQL, Gawker, etc.) it is critical that passwords be stored securely, with adequate encryption, or at the very least, salted hashing. Thank you.

Admittedly not the best in terms of wording and stated concerns. But there you have it. I can’t help but believe DiscoverCard, of all places, is using top-notch methods for storing passwords, but you just never know, do you?

DiscoverCard’s first reply: (May 05, 02011 10:46 AM)

Thank you for your recent message. I understand your concern about online security, and I will be happy to assist you today!

Our emphasis on privacy provisions and improved Internet security has made using our website safer than ever. We use the Secure Socket Layer (SSL) protocol for encrypting communications with our Cardmembers. SSL uses public-key cryptography to scramble the information sent between senders and receivers. In the unlikely event that third parties try to eavesdrop or intercept this message, SSL encryption prevents them from viewing its contents.

We also have Superior Fraud Protection, which means that when you use your Discover Card to shop anywhere on the Internet, you will not be liable for any unauthorized transactions. For more information about our security, please see the following page:

http://www.discovercard.com/customer-service/safety/site-security.html

I appreciate your business and the opportunity to be of service. Thank you for choosing to use Discover Card.
[signature and legalese removed]

Awesome, but no, that’s not what I asked. So, I completed a survey indicating as much and replied… (May 05, 2011 11:06 AM)

Thank you for the prompt reply. I appreciate the information on SSL, however, that doesn’t answer the question I asked. I asked about password storage (at-rest), not information on the wire (in-transit). My question is restated here for your convenience…

“Can you please explain to me the exact method by which discovercard.com website logon passwords are stored? The length limit greatly concerns me. With the major breaches of late (PSN, Sony, Lastpass, MySQL, Gawker, etc.), it is critical that passwords be stored securely, with adequate encryption, or at the very least, salted hashing. Thank you.”

To which they replied… (05/05/2011 12:06 PM)

Thank you for your recent inquiry. In an effort to provide you the best service possible, I have escalated this issue to the appropriate parties in our company for further assistance. We will respond as soon as we have any additional information concerning this matter. Thank you for your patience.

I appreciate your business and the opportunity to be of service. Thank you for choosing to use Discover Card.
[signature and legalese removed]

I don’t expect another reply anytime soon… but I’ll let you know if I do get one, either in the comments, or as a new post depending on the reply.

Now, on to our original post if you want to see it anyway…

Last night, my wife called me into the office with an alarming “It says it’s infected with malware!” Needless to say (and yet I’m going to say it anyway) I hurried into the room to see what the hullabaloo was all about.

Sure enough, there was a window exclaiming the existence of not one or two, but quite a few malware infections.

It fooled her, and damn if that stupid pop-up didn’t nearly fool me too! Truth be told, it did, if only for a second. Those malware serving fake malware pop-up warnings are clever.

It got me to thinking.

Then Osama bin Laden was shot in the head, and malware peddlers started leveraging our insatiable appetite for news about it (the sick bastards).

That got me thinking more.

It reminded me of the malware peddlers that took advantage of the quake in Japan recently. Now those are some seriously sick bastards.

Those events all in quick succession and all that thinking led me to this.

A little ditty that downloads the bind formatted zone file from MalwareDomains.com, moves it to where Named can see it, and reloads Named zone files if the download is complete. I’d verify the file if they provided an md5 of the zones file. But they don’t. Not that I could find, anyway.

I don’t even begin to hope to eliminate the risk of malware infected sites, but I think this is a positive step towards cutting off malware source domains which might, in turn, help against sites on legitimate domains that happen to be infected. As of today, May 3rd, 2011, there are nearly 10,000 domains in the latest file. That has to be nearly all of them.

Right?

I’ll try it out for a while and see what happens.

BTW, this only works if you’re running your own DNS. If not, you’re at the mercy of your ISP or whatever DNS you choose to use. There are plenty of options out there, and they’re not all horrible.

First, the script, which pulls down the latest malware domains zones file from malwaredomains.com, fixes some problems with underscores in the subdomains, copies the fixed zones file to the named chroot, and reloads the named configs.

#!/usr/local/bin/bash

# To know where script is running
HOSTNAME=$( hostname )

# To put file where named can see it
NAMEDDIR=/var/named/etc/namedb

# To name file so we know what named seeing
ZONEFILE=malwaredomains.zones

# To have a file for sed to work on
TMPZONEFILE=tmp.malwaredomains.zones

# To get updated file from remote server
URLGRABBER=/usr/local/bin/curl

# To keep quiet while am getting file
URLGRABBEROPTS="-s -S"

# To know where file is hosted
#URL=http://www.malwaredomains.com/files/spywaredomains.zones
URL=http://mirror1.malwaredomains.com/files/malwaredomains.zones

# To control bind
NAMEDCMD="/usr/sbin/rndc reload"

#==============================================================

# Get start time so we can know how long
START=$( date +%s )

# Get directory we're running from
SCRIPTDIR=$( dirname $0 )

cd ${SCRIPTDIR}
if [ $? -ne 0 ]; then
    echo "ERROR: Unable to cd to ${SCRIPTDIR}! AbOrTinG!!"
    exit 1
fi

# If we were executed like "./whatever.sh" - set SCRIPTDIR to the pwd
if [ "${SCRIPTDIR}" == "." ]; then
    SCRIPTDIR=$( pwd )
fi

echo "Script is running from ${SCRIPTDIR}"

# Download the zones file in bind format to a temporary location.
# We don't want to overwrite what we already have until we're sure
# the download worked

echo "Downloading file from ${URL}"
${URLGRABBER} ${URLGRABBEROPTS} -o ${SCRIPTDIR}/${ZONEFILE} ${URL}

# Check for errors.  If the file downloaded, then move on, but if not
# we don't want to reload named without the previously updated
# malware domain list

if [ $? -ne 0 ]; then
    echo "    ... download failed! Error: $?"
    exit 1
else
    # Disable name checking for only those domains with underscores, 
    # so we don't have to turn off name checking globally.
    SEARCH='_'
    FIND=';};'
    REPLACE='; check-names ignore;};'

    echo "Disabling checking on domains with underscores"
    sed "/${SEARCH}/ s/${FIND}/${REPLACE}/g" ${SCRIPTDIR}/${TMPZONEFILE} > ${SCRIPTDIR}/${ZONEFILE}

    # Get a count of the zones from the last update
    OLDZONECOUNT=$( cat ${NAMEDDIR}/${ZONEFILE}|grep "^zone"|wc -l )

    # Copy file to final location for named to find
    #(via "include" directory in named.conf)
    echo "Copying file from ${SCRIPTDIR} to ${NAMEDDIR}"
    cp ${SCRIPTDIR}/${ZONEFILE} ${NAMEDDIR}

    if [ $? -ne 0 ]; then
        echo "    ... failed! AbOrTinG!!"
        exit 1
    fi

    echo "Reloading zones in named"
    ${NAMEDCMD}

    if [$? -ne 0]; then
        echo "    ... failed! You'll want to see to that."
    fi

    # Get a count of the zones from the current update
    NEWZONECOUNT=$( cat ${NAMEDDIR}/${ZONEFILE}|grep "^zone"|wc -l )
    echo "${OLDZONECOUNT} Previous Zones"
    echo "${NEWZONECOUNT} Current Zones"
fi

END=$( date +%s )
RUNTIME=$(( ${END} - ${START} ))
H=$(( ${RUNTIME}/3600 ))
M=$(( ( ${RUNTIME}/60 ) % 60 ))
S=$(( ${RUNTIME} % 60 ))

echo "Malware zonefile download on ${HOSTNAME} complete in"
echo "${H} hrs, ${M} mins and ${S} secs (${RUNTIME} secs)"
exit 0

Then, the cron job to update the list on a daily basis:

35 0 * * * /root/bin/malwaredomains/malwaredomains.sh 2>&1 | mail -E -s "Malware Domain Named Update" me@here.com

Then, the blackhole host file that all those zones in the malwaredomains.com download refer to. Careful with this one, and you’ll want to replace the domains with something a little more relevant:

$TTL    86400           ;one day
@ IN SOA ns0.example.net. hostmaster.example.net. (
        2011050100  ; serial number YYYYMMDDNN
        28800       ; refresh 8 hours
        7200        ; retry 2 hours
        864000      ; expire 10 days
        86400       ; min ttl 1 day
)
        NS      ns0.example.net.
        NS      ns1.example.net.
        A       127.0.0.1
*   IN  A    127.0.0.1

Finally, the line in the named.conf file (in my case, in the internal view) to call on the recently downloaded zones file:

include /etc/namedb/malwaredomains.zone

That should do it!

This is what I receive in my inbox after every update (daily for me):

Script is running from /root/bin/malwaredomains
Downloading file from http://mirror1.malwaredomains.com/files/malwaredomains.zones
Disabling checking on domains with underscores
Copying file from /root/bin/malwaredomains to /var/named/etc/namedb
Reloading zones in named server
reload successful
   10116 Previous Zones
   10116 Current Zones
Malware zonefile download on [hostname] complete in
0 hrs, 0 mins and 2 secs (2 secs)

My latest project following the FreeBSD backup script (bash), a host of system admin scripts too small to bear mentioning (bash, tcsh, perl), and the twice-built RAID crash victimized wine database (PHP, Smarty & MySQL) (in addition to the many projects no longer online), is a gas mileage tracker. It’s also written in PHP, delivered through Smarty, and backed by MySQL, but now with delicious pChart.

I originally used GoogleDocs and a GoogleForm to record the data, and I have data going back a few years. That worked well enough and did most of what I wanted it to do, but it didn’t do everything. Now that I have my own server(s) up and running again, I have the luxury of being dissatisfied.

What it Didn’t Do

• Provide meaningful feedback after submitting the form. I want to know what was submitted immediately on the “Form Submission Successful” screen, and if applicable, how it relates to information previously submitted. That’s just good UI feedback that it’s missing.
• Allow me to maintain and build upon my scripting/database chops. Working with GoogleDocs is easy, fairly extensible, and has the benefit of having a preexisting world class infrastructure (and all that entails) and environment in which to work. However, I’m a bit of a maverick in these things, and for my own projects I want things set up the way I want them. Their infrastructure and environment doesn’t allow me to build on the skills I want to build on. I have my own environment. I want to take advantage of it.
• Allow me to maintain and build upon my UI design chops. I’ve always loved the UI design aspect of building web apps. There’s a few things you can do with Google, but I felt too constrained by their system, and wanted, again, things the way I wanted them.

It wasn’t all bad, though. Setting it up in GoogleDocs did effectively (if not intentionally) serve as a sort of rough draft for rebuilding it on my own server.

What it Did Do

• Gave me a firm sense of what I wanted, and what I didn’t want, if not a solid workflow to follow.
• Gave me a good sense of the basic information I wanted to collect, which was then easy to translate to MySQL tables.
• The visualizations in the form of charts and graphs were good enough that I decided I couldn’t do without them, which gave me the desire to research PHP graphing/charting libraries. I settled on pChart.

Now, I have a small web app that lets me…

• Track the gas mileage I’m getting for my car and how many miles I’m getting per tank.
• Track how the price of gas is changing. Always up, but still…
• Track how much I’m spending per mile on gas.
• Track how often I fill the tank.
• Keep tabs on how often I’ve changed the oil (I change it myself… a pox on paying someone else to do it), and how long until I need to change it again.

Soon, it will let me…

• Track how many miles I drive over time, per week, month, year, etc.
• Track how long between major service visits I don’t care to do (tires, brakes, etc.)
• Implement multiple vehicles in the hopes that I can get my wife on board and using it.
• Authenticate access so I don’t have to worry about the data being mangled by miscreants and malcontents. Obfuscation and low-profile domains will only work for so long (stay away, Noah! :) )…
• Better UI flow… it’s good enough for me, but it’s rough. It’s fine on the desktop, but I need to clean it up so it works on the mobile platforms better.

Here are the charts I’m generating. I know, the gas mileage isn’t that hot. But the payments are $0, so there’s that.

The basement of the house we’re negotiating on is unfinished. It’s already framed in (a very nice professional job, too), and awaits only drywall and finishing. However, I want to get the pool table installed now, and finish the room around it later. That means floor first, rather than the typical last.

Our plan for the moment is to install tile directly under the pool table and carpet tiles around that. The tile under the table will help support the table, won’t settle the way carpet does, and will provide a beautiful accent. The carpet tiles will grant the luxury of being able to take tiles up, put tiles down and cut tiles to size as I’m finishing up the walls. Then if someone… when someone spills their drink on the carpet we can just take the tile up, hose it down, let it dry, and drop it back into place. They make carpet tiles with a thick enough nap that the seams are invisible, so it’ll look just like a normal carpet floor.

Here’s the rough plan starting just as soon as possible after we take possession and move in:

1. Pull down the ceiling tile framework the previous owner installed. Don’t need it. Don’t want it.
2. Spray the ceiling black, or another dark color (the wife suggested a dark grey similar to the tiles we looked at) which will give the illusion of a more open space, and actually provide more space. I have a piston sprayer I used on my current ceiling. That’ll do.
3. Install the tiles on the 45, with a border around those on the 90, with the whole area being just large enough to fit under the table. I have a professional tiler friend who has offered to help with this in exchange for beer.
4. Make an appointment to have the table delivered and installed. This is key. It will become my deadline for everything above this line. It’s good to have deadlines. They keep us on our toes and getting things done.
5. Install the carpet tiles around the newly installed table.
6. Finish the basement as time and money allow, and play lots of pool in the meantime!

I’m a little worried about the weight of the table on those tiles, and potential breakage. Will an underlayment like ditera help, hurt or be indifferent?

For the rest of the room, I’m thinking of an old English pub feel, with nice dark wainscoting and other woods and stained stucco. :)

We have no reason to believe our plans to buy this particular house will fall through, but if they do, my rough plan outlined here remains, no matter what house we end up in.

1. I can simply do without.
2. I can buy a replacement LCD for ~$180 and install it myself or, with a little more money, pay someone else to do it.
3. I can buy a new gaming class laptop.
4. I can buy a non-gaming class laptop.
5. I can take up the task of building a new desktop computer.

Anyone have any guesses which way I’m going to go?

I won’t simply do without. Nope. No can do. Next…

I’ll consider replacing the LCD, but the laptop is 5+ years old now, and is definitely showing its age. It’s had a good run, but I have to face the notion that it might be time to put it to pasture. Or at least relegate it to more mundane tasks that don’t require a full time monitor – or better yet, donate it to someone who can’t afford their own new laptop… it’ll still more than serve basic needs, and I have just the person in mind.

I’m not interested in a new gaming-class laptop. The ROI just isn’t high enough for me. If I’m going to spend that much cash, I want more machine that what’s offered in a laptop. I want more performance, more customizability, more upgradeability, and frankly, more control.

Nor am I interested in a non-gaming class laptop. The ROI might be better, but the performance just won’t bet there. I. Need. The. Fast.

That pretty much leaves me with building my own desktop. I’ve been batting around the idea of building a new computer for a few months now. It’s been 5+ years since I’ve upgraded that aspect of what my wife likes to call my “Command Center”, so it’s about time (and as much as things have stayed the same, my oh my, but have they changed!). I’ve put together a rough budget with a range of costs per component, and I could spend as little as a few hundred, or as much as a few thousand. We have a lot of expenses hitting all at once right now, but after a few months and things have settled down a bit (around my birthday), I think I might be able to make a go at it, even with the addition of a home NAS solution (which I’m still debating, to be honest).

I just hope that my laptop screen holds out until then. I’ve seen what happens when this issue is left alone, and it’s not pretty…

First, some history…

When I first built out my 2003 Kona Fire Mountain as a commuter way back in ’07, I mounted two Cat Eye TL-LD600′s on the front fork, one on each side pointing to the side, and two pointing towards the rear off the rear fender, and my Triple Shot rounding out as the bright headlight.

This was a good setup, but I got tired of replacing batteries in the TL-LD600′s. They were also quite the protuberance on the fork up front. Eventually, and perhaps inevitably, the fork lights came off; one snapped off, and the other looked lopsided. Additionally, the Triple Shot, bright as it is, is heavy, and the separate battery is bulky, takes up valuable frame real-estate, and is not as convenient to recharge as I would have liked. I wasn’t really complaining though, and rode with just the headlight and taillight for a while. Then I didn’t ride for a while. Then I rode again, and nearly got plowed into twice in two days by people who clearly were not using their lookenpeepers.

That brings me to today. I’m back to my original setup, but this time with different lights. I still have an old TL-LD600 on the seat post. But on the fork I now have two Blackburn Flea 2.0 USB rear lights, each pointing out and to the side. For headlights I’ve replaced the heavy and bulky Triple Shot with two Blackburn Flea 2.0 USB front lights. I’ve gone the extra best-practice mile and mounted another on my helmet.

When they’re all set to blinkin, I am quite a sight to behold, and after all, that’s the point, isn’t it?

On to the review…

Construction

The lights are very small and light, which is a nice change of pace from my old Triple Shot. As far as construction goes, they feel moderately sturdy, but not quite as solid as I’d like. That goes double for the helmet mount. The base that sits against the helmet is metal, but the bracket that slides into the slot on the light itself is plastic, and I’m worried that it’ll snap off. I’m playing pretty careful with it to push that day out as long as I can. I’m a little disappointed with that piece, and would have expected only metal for the price of $15. Still, it’s possible they went plastic to save wear on the light chassis, which is itself plastic. I’ll entertain the possibility, though I’m pretty sure it was a cost thing.


Lighting Modes

The four LED headlights have three modes: a rather bright standard, a much brighter overdrive and the standard blinking. I rode this morning in the dark with the headlights set to overdrive and the helmet light set to blinking. This afternoon I set them all to blinking. Run times are quoted as 3 hours on steady, and 5 hours for flash. It’s not stated whether steady is for standard or overdrive modes. I suspect overdrive to be less than 3 hours. I probably won’t time them to see, but that should provide a solid week of riding to and from work without recharges. If it’s less than that, I keep closer track, but otherwise I’m not worried about it.

The four LED rear lights (which I have on my fork) have three modes as well: all-on steady, flash (all lights blinking in unison), and chase (alternating blinking between two pairs). Run times are quoted at 6 hours steady, and 12 hours flash. I suspect 12 hours is for chase mode, and flash to be somewhere in between, but again, I’ll only keep close track if they’re obviously falling short of those times.

Brightness

Both front and rear lights are, as one would expect from LEDs, very bright. Rated at 40 lumens, the front lights aren’t anywhere near as bright as my 130 lumen Triple Shot, but two running in tandem illuminate the urban landscape aplenty for my purposes, and they’re nowhere near as bulky. I wouldn’t take them on singletracks at night, but for daily street use, they’re plenty sufficient.

Charging

They charge via a little USB dongle. The light sticks attach to the dongle via two magnets, which also serve as the charging contact points. I found the holding power of the magnets more than sufficient, and was able to charge three of them at once in my D-Link USB hub. The first charge took about half an hour per light before each was fully charged and the charge indicator went from blinking red to blinking green.

I bought one set that came with a solar charger, but I’ve not tried it yet.

The button that serves as the USB charge indicator, and that you use to turn on and off the lights and switch modes, also serves as a running charge indicator. After you shut the light off, it’ll glow green to indicate a charge of 75% or more, orange to indicate a charge between 25% and 75%, and red to indicate a charge of 25% or less. That’s useful insofar as knowing about how much charge you have left, but not really useful in knowing how much time you have left. Still, it’s probably enough… red simply means charge as soon as you can.

Price

At ~$25 per light, they’re cheaper than a lot of options out there, but if you want more than one, the $$’s add up. Still, the charging method definitely offsets the initial price.

Mounting

They mount to the frame via custom made Velcro straps, with protective strips on the non-sticky side to help protect the frame. The straps need to be completely removed in order to properly charge them, which means they have to be remounted after every charge. That’s not a big deal to me because they’re very easy to mount, though it might be to some. The ability to quickly move them around the frame, or share them with friends in need outweighs, at least for now, the inconvenience of having no permanent mounting bracket. That said, it shouldn’t be too tough to rig up a permanent mount (perhaps using the, albeit plastic, helmet mount) if one were so inclined.

The rear lights have what look like belt straps on them that the Velcro frame mounts slide through. They also allow them to be strapped directly into loops, belts, or wherever else you can find that fits. They’re allegedly compatible with certain helmets. Unfortunately, mine isn’t one of them.

Conclusion

So, what’s my final take on them? Traffic was pretty light today, but those cars I did encounter showed every sign that they saw me. There were no close calls at all, and I certainly felt better having the directional light on my helmet. All the blinking made for a very cool and eerie strobe effect that lit up reflectors everywhere! In the dark of the morning, they were bright enough for me that I wasn’t worried about potholes, stray cats or zombie arms reaching out from sewer drains.

I have to take some points off for the construction, though. Though I’m sure they’ll last as long as I want them to, the lights don’t feel quite as solid as I’d like,. The helmet mount feels like it could break at any time. I’m pretty sure I’ll be taking them up on their (limited) lifetime warranty for that piece. Until then, I’ll be handling them with kid gloves to put that day off as long as possible.

All in all, I’m going with 4 out of 5 der blinkinlichten after my first day with the lights. Points revoked for construction, but more points given for size, price, performance, convenience, ease of use and charging method.

Yesterday morning, I was heading south on Lowell and turning left onto 91st when a woman heading east on 91st Terrace went straight through the intersection towards 91st St after I was already well into my turn. She, in effect, wanted to share precious intersection space with me. I saw it happening, easily adjusted my course and we pulled into the eastbound lane side by side with me in the middle and her next to the curb. She sped ahead with a look of shock (reproach? distaste?) on her face and I moved to the right behind her. I tried to catch her at Foster – you know, for a friendly reminder about paying attention – but the light turned before I got there and she was gone. Oh well.

This morning, I was much closer to home at an intersection within an apartment complex. I was heading east on Kings Cove Dr, and the driver heading north on Brittany St and turning west into me. When I say “into me” that’s exactly what I mean. In spite of my rather crazy bright light (ok, only 140 lumens) and bright fluorescent windbreaker, the driver clearly didn’t see me and just pulled out. I saw it coming though, and easily engaged pulled into the oncoming lane with a rather loud, throaty and heart-felt “WATCH WHERE YOU’RE GOING!!” I’m sure they only heard “WAt wer yr gn…” I looked back and they were stopped (in the middle of the road). I can only hope they had to stop b/c their own inattentiveness lanced adrenalized terror through their chest. That might be too naïve though.

Rather than continue the focus on the well covered topic of driver inattention, I want to turn the focus away from what others are doing, and point out two things:

1. I made it safely through both scenarios because I was paying attention, was planning ahead and was riding defensively. I can’t help whether drivers are paying attention, or if they’re reading, writing, putting on makeup, eating, using their mobile phone to text or talk, or any of the 10,000 other things people do instead of drive, but I can help whether I’m paying attention, and at the end of the day, that’s what’s going to keep me rubber side down.
2. These back-to-back near incidents inspired me to do something I’ve needed to do for some time. In the first case, it’s entirely possible that, because of my bike’s position relative to the woman driving and the position of the lighting on my bike (front and rear only), she just didn’t see me. Additionally, it was that low visibility dusk/dawn period. I’ll give her that. So, I’ve ordered a helmet light I can flash in people’s eyes, and two rear lights I’ll attach to my fork pointing to the sides. I used to have that setup, but I let it slide through exchanging this bike for that, that light for this, etc., you know how it goes. I’m also looking into some highly-reflective tape for my pannier and frame (nod to CommuterDude for the tips on electrical tape and placement).
   

So, there you have it. I’ve had two near-encounters with inattentive drivers in as many days, after zero encounters in years. I’m sure it’s a statistical anomaly, rather than an indication of things to come, but just to be sure, I’m ramping up my visibility.

Just do me a favor will you, don’t tell my wife about this. She worries enough as it is. :)