Between open carry laws that don’t require training or registration and a new law that incentives folks to turn in women or those who help them, Texas looks like it’s become quite the dangerous state. Churches and the government should establish refugee resettlement programs for any Texas women and their families that seek to leave. Texas is seeking to become a retirement only state. Warning: it’s hard to care for retirees without younger folks.
In a surprise shift in my career, my customer and employer is now supporting work from home. After a few weeks of working from home 4 days of 5, here are a few surprising reflections:
- Not commuting is wonderful!
- I can happily wear Crocs and PJs 4 days out of 5. (We have no video meetings!) That whole idea of dress for success? Doesn’t apply when you’re in the groove in code.
- Makeup is an optional thing
- Jumping out to the gym in the middle of the day means fewer people => more access to the weights. And not having to be at work (and no video meetings) means showering is a thing that can be done when the work day is done… (No, you don’t want to share a home office with me on workout days…)
- Surprisingly, old people at the gym are the ones who are getting too close for my comfort in COVID times. Guess who’s at the gym in the middle of the day?
- Note that me being at the gym in the middle of the day suggests the logical inference that I am old, which I attempt to avoid acknowledging…
- While there are no distractions from too loud coworkers, the puppy who wants to play can consume some significant cycles that need to be accounted for in the timesheet
- Beer can be consumed, but should only be done (1) in the evening, (2) when you’re almost done anyway, and (3) used as a stopping function. E.g., I’m on beer #2, billable time is over!
In July, I signed up to be a “fundracer” for a group doing great things in the Baltimore area. Back on My Feet is a national organization with a Baltimore affiliate. In each affiliate location, they set up running groups at local homeless shelters. They worry about making sure that running groups have structure and running partners (both residents from the shelter and from the community), help folks connect with shoes, and connect participants with employment and housing opportunities. Their model literally walks/runs alongside the folks they’re seeking to serve, committing to regularly be there with them and connect. They’ve got some impressive stats, too, in terms of numbers of folks employed and housed through the program – check out their website. The program says: “Our unique model demonstrates that if you first restore confidence, strength and self-esteem, individuals are better equipped to tackle the road ahead.” and that they “seek to engage you in the profound experience of empowering individuals to achieve what once seemed impossible through the seemingly simple act of putting one foot in front of the other.”
I’ve fundraced for BoMF before. They get entry slots in the local Baltimore Running Festival, which runs in October as a 5K, half-marathon, and marathon. I used to be more of a runner and would train for the half. I’m older and a bit less in shape than I was, with other priorities at the moment that keep me from dedicating time to build up to logging 12 mile+ training runs on weekends. But…. I can put a few fewer steps in front of the other and make the 5K (3.1 miles) happen. I’m now regularly running 2-2.5 miles during the week, with a long run on the weekend of 4 miles. I’m slow, but getting slowly faster. Using that same approach to commitment that the running club participants put in, I’m slowly seeing results. I’ll only earn success and complete the race if I keep it up, though, just as they’ll only earn their success if they keep putting in the work towards employment and housing.
If you, like me, find the approach valuable and/or inspiring, support Back on My Feet and their mission by supporting me in my fundracing. Earlier this month, I met my “goal”, which was the minimum tally to enter the race on behalf of BoMF. That said, just as your own home’s budget would appreciate any bonus amounts, so of course would BoMF’s. More $$ means abilities to support more folks and do bigger things.
Oh, did I mention? Thanks to one donor’s request, I’ll be running this a tutu, clown socks, with a clown horn and probably a goofy hat (heat dependent). Want me to up the ante somehow? Let’s talk! Want me to show up at your event in such??! Well, that’s possible, too. Although I can’t promise to run in full Clementine mode (clown shoes are _not_ a safe running option for 3.1 miles!), other events are possible…
Last link to make it easy to contribute here!
Succumbed to temptation today and bought a laptop. I’ve been thinking about it for a while. In two more weeks, I’ll need to hand back in the one I’ve been using from work. This Macbook has stood me well through college and capture the flags, and I’ll be sad to see it go, particularly since it’ll take another week after that before my new one arrives. That said, 32GB of RAM, a 1 TB NVME drive, an NVIDIA GPU with 8GB, and an AMD Ryzen chip: gotta put this poor box to shame. I’m going to have to grow my chops in reverse engineering and cyber exploitation to match it!
You may have seen a few more geek notes on here of late. I’ve really enjoyed jumping into CTFs. My objective isn’t to win, but to find more ways to solve puzzles.
This weekend’s adventures were a little different, though. My company sponsors UMBC’s CyberDawgs team, and they’ve asked us to contribute challenges to their upcoming CTF. I tasked our IRAD team with coming up with a few and I wrote a couple, as well. So this weekend I spent some normalizing our submissions’ README files and doing a final test of the submissions.
One of the submissions was really giving me trouble. The IRAD team member who’d developed it had demonstrated it to us, but the solution instructions in the README just weren’t “clicking” to then be able to reproduce a solve, much less help anyone else understand how to solve. It’s customary in CTFs to have a Discord channel where mentors can offer assistance to those on the right track; given that I don’t want to be up all night myself providing that support, thought it best to provide a walkthrough for someone else..
Not only did I “crack” it (helped, of course, by the solution instructions in his README), but then I was able to provide a linked reproducible recipe using a tool called CyberChef that is really useful for a lot of CTF grunt work. I’m avoiding linking to the recipe or giving any more info on the challenge, of course, given that there’ll be hopefully lots of folks taking a crack at it in early May. I’m now more confident, though, that there may be some folks who solve it AND I better understand a particular kind of encryption approach.
Notes from this week’s CTF – geek notes for Tina. Should have collected notes on more challenges, but, eh…
Received a PCAP file that said it had secret coordinates in it. PCAP was completely USB traffic, specific URB_INTERRUPT
- Isolated traffic for appropriate device, after examining device descriptor response to find keyboard
- Started mapping out the HID keys by hand, until a teammate suggested https://github.com/TeamRocketIst/ctf-usb-keyboard-parser
- Ultimately used tshark to extract the data, via
tshark -r ~/Downloads/file.pcap -Y 'usb.device_address == 2 and usb.data_len > 0 and !(usbhid.data == 00:00:00:00:00:00:00:00)' -T fields -e usbhid.data | sed 's/../:&/g' | sed 's/^://g' > keys.txt
- (Note: the second se is because the recommended one ended up prefixing all the lines with : – second sed strips it off)
Things I’m in the middle of reading, also known as glimpses into my psyche:
- Thinking, Fast and Slow, by Daniel Kahneman: we’re reading this for our Women In Technology Group at work. So far, a couple of chapters in, my System 1 brain is convinced the book should progress more quickly
- The Clown in You, by Caroline Dream: reading this to try to think about my clowning in new ways, to spark my thinking in new paths
- Hacking, the Art of Exploitation, by Jon Erickson: my cyber masters program is leaving me less than inspired, and more feeling slogged in its various papers. Hoping this book gives me some new angles and inspiration
I frequent some Facebook groups related to buying and selling used clown and circus supplies. Last month, a guy posted 3 or 4 pictures of this massive yard sale amount of stuff. Folks kept offering him money for individual items, but he’d say he’d only deal with folks who’d pick up. He ALSO said he’d be willing to take a reasonable offer for the lot. After seeing enough folks make individual offers, I decided, heck, the guy’s in New York, I’ll make him an offer, and if he takes it, I’ll make it back by shipping out just the things folks have offered on.
So, that’s what I did. I made the guy an offer. I came back with a mini-van chock full of things. A full-size Scooby Doo costume. A full-size Easter bunny costume. 6 large Lowes’ boxes filled with costumes and supplies, including a couple of puppets that run usually for $300+. Two boxes of videos. Another full (+!) box of clown magazines. A full bin of various magic tricks. A box of juggling bean bags. All in all, a bonanza of random fun. I spent a weekend building out an inventory spreadsheet and looking things up to figure out their probable retail value. I’ve been putting them up on Facebook, selling them off at a bit at a time.
So, if you know anyone who wants an Easter bunny costume or a set of dove pans, I’m your gal! I’ll be taking at least a representative box or two to the local clown convention next month – see if I can find some willing homes for another thing or two, at least!
Quarantine, day N… Was at work last week, and now off again.
Early in, I set up a Google Doc in which I listed goals for the quarantine. Projects I could accomplish with the extra time. Some of them are already complete – I got my Grace Hopper application in, built out some challenges for a CTF, planted seeds. Some are in progress – about half of the front yard has had its onion grass removed. I’ve done more running and pushups. Still working towards pullups. Have mostly left the burpee goal alone, though I think that’s on the list today.
What I’ve realized isn’t strongly on the list are household organizing or cleanup projects. I could wash windows. I could dust floorboards. I could… These are the sorts of projects my parents used to give me when I’d done something wrong, though. The sort of work penance aspects to grind a spirit down. I’m not in the mood to punish myself.
What I keep doing is more minor things: clean up a corner. Put away something that’s been in the wrong place for far too long. Work to keep the kitchen quasi-clear with all of the extra food preparation going on. (Somehow kids love making food, but never connect it with the extra cleanup.) Go for more long walks with my hubby. I’m most of the way through a puzzle, which is usually something we only do over Christmas break. Try a new recipe or two once in a while… We had a Monte Cristo casserole the other day that was pretty good!
The weeks without a rhythm are long. Completing big household projects and then seeing them be overrun would be too discouraging. So I’d describe myself as pacing. We’re in a time of unknown length and I’m just trying to make it through.
Monday, day 1 of quarantine for me. The kids have been off of school for a week, but this was the first day I was told to stay home from work. So, what did I do?
Mostly… worked. On either work (IRAD supervision, resume tweaking for a staff member, phone meeting to get news of quarantine, pulling together ideas for kids & STEM) or our church website (solved some email problems for folks, updated a page or two). Got Cameron up and harangued him for not going to therapy. Planted some seeds. Got in a workout (burpee hell!). Got in a run. Listened to a webcast on cyber machine learning. Snuggled some cats. Uh, wrote a blog post.
Ultimately, stayed pretty busy. 4 more days to go this week…….!