blogspot visitor
Generally Recognized As True

Sunday, August 20, 2017

Ten photos: Ottawa - Montreal 2017

It's hard to pick just ten, but here are ten photos from my recent trip to Ottawa and Montreal.

Ottawa - Changing of the Guard

Ottawa - Parliament Hill

Ottawa - Changing of the Guard

Montreal - from Mont Royal

Montreal - from base of Mont Royal

Montreal - Botanical Gardens

Montreal - Monumental Dougherty

Montreal - Butterfly on milkweed

Montreal - Botanical Garden

Ottawa - Night-time neon!

Saturday, August 05, 2017

Steven Wilson - Refuge

I have a feeling that this will be one of the best albums of the year for me.

The studio video is interesting, too...

Friday, August 04, 2017

Theodore Dalrymple on Bureaucracy

The latest work by the erudite Theodore Dalrymple - The Knife Went In - summarizes the ease with which bureaucracy proliferates in comparison with the higher standard applied to work of a more technical nature, and suggests one possible reason that this is sometimes the case.

In this section, he recalls an occasion from his work as a doctor and psychiatrist within the British prison system:

[...] There was an all too evident distinction made between the ‘scientific’ rigour with which the value of [technical] work was assessed, and the dubious standard which was used to assess that of the proliferating and vastly more expensive administrative procedures introduced almost daily into the service.
New procedures mean new forms. These are invariably longer and more inclusive than the old, because more information is always better than less. Information-gathering is the process that will solve any problem, so that for every problem there is an apposite form. It doesn’t exactly do anything about it, but it shows you have done something. Belief in forms is to us what belief in rain-makers was to African tribes subject to drought.

During my time, the Prison Service became worried about the numbers of suicides in prison — or rather about the publicity given to the numbers of suicides in prison at the time. It therefore decreed the use of a new form to be filled out on every prisoner thought by any member of staff to be suicidal or potentially suicidal.
The form was of such complexity that it would rarely be filled out correctly (which, as I shall explain, I came to see as its main virtue and purpose in the eyes of those who devised it). I recall being trained in its use by an officer who had himself been trained in its use and proselytised it with the zeal of a convert. [...] I knew the officer concerned to have been a perfectly reasonable, and even cynical, human being before his conversion. Give a man something absurd to do which he cannot avoid and he will soon become enthusiastic about it.
Much of the prison officers’ time was now occupied by filling out these forms. There was, of course, no guarantee that they filled them honestly: if you can’t trust a man to do his best, you can’t trust him to follow procedure honestly. The last suicide in the prison before my retirement occurred was when there was a much reduced staff in the prison. Everyone else was away at a ‘suicide awareness training’.
Some time after the form was introduced, I was called to the coroner’s court to give evidence on a prisoner who had hanged himself. [...] The barrister for the family, a young man, rose to question me. It was his aim to make the man’s death everyone’s fault but his own. ‘It’s true, isn’t it, doctor,’ he asked in a tone of menacingly unctuous politeness, ‘the 20/52 SH [the designation of the form, SH standing for Self-Harm] was not filled out correctly?’ The implication was that, if it had been filled out correctly, naturally the man would not have died.

‘Yes, it is true,’ I replied (though not actually knowing whether or not it had been filled incorrectly), ‘but it is also true that the suicide rate in prisons has risen since its introduction.’

Sunday, July 02, 2017

WannaCry overshadowed a more serious attack on credentials via DoublePulsar and foreshadowed Petya

The global impact of the WannaCry ransomware attacks made international headlines, but a recent story in the New York Times suggests that the noise from this event may have overshadowed a more serious attack that stems from the same leaked NSA hacking toolkit as WannaCry but is much more difficult to detect.

One company affected by this alternate attack - IDT Corporation, a US-based telecommunications company - was hit two weeks prior to WannaCry being unleashed. The exploit that affected IDT used the same technical attack vector as WannaCry, but then layered a second kernel-based attack called DoublePulsar to first steal an employee's network credentials and then turn into a standard ransomware attack, apparently to hide the more nefarious motive of credential theft.
... the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines. Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack. this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it.
The unanswered question is: how many organizations are affected but do not realize it? In this case, when the ransomware is cleaned up, the problem is not over... and this fact isn't easily discovered.
Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.
Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons.
Attacks that are widely-detected and have serious visible impact grab the headlines, but attacks that are allowed to go on for months without detection are arguably far worse as they can either provide ongoing entry to a private network at will, or can set the stage for triggering some future large-scale, coordinated attack using agents that have been spread throughout a network.

Also interesting is that, although the IDT attack preceded the latest revision of the Petya attack, it shares the above advancements with Petya (NotPetya) as the latter not only tries to exploit the same SMB vulnerability as WannaCry but then tries to steal credentials from the local credential store and make further authorized connections around the network using legitimate channels.

As with WannaCry, the following factors contributed to prevention:
  • Anti-phishing programs: Malware commonly enters an organization's network via e-mail attachments that are clicked on and run by an employee.
Once malware has entered the network, the extent to which it succeeds spreads is determined by the points that follow.
  • Regimented OS patching program: Ensuring that software (especially OS) updates are applied in a timely manner across the entire organization. To spread over the network, both attacks used the same SMB-based vector that had been patched in March 2017. The IDT attack used a second vector that was also patched at that time.
  • Privileged access management: Although some ransomware limits itself to the user space, those like Petya will request and use administrator privileges if they are available to infect the file system and take over the entire PC during the next reboot. Consider what this means when your credentials are stolen and are then used in conjunction with administrator-level privileges on a Windows server to remotely execute code on that server.
  • Managed end user devices: IDT had patched its corporate systems but was affected when a contractor connected to the company network from a personal computer highlighting the potential risks of unmanaged bring-your-own-device (BYOD) facilities.

Justin Trudeau on recent vs. distant immigrants' affinity for Canada - aboriginal context

Ahead of Canada's 150th birthday celebration, Justin Trudeau recently said that more recent immigrants to Canada have more affinity for the country because they chose to come here, rather than simply being born here:
“I always sort of laugh when you see people who are – not many of them, but – intolerant or who think, ‘Go back to your own country,’” Trudeau said in the television interview.

“No!” Trudeau continued. “You chose this country. This is your country more than it is for others because we take it for granted.”
I wonder if he was thinking of the broader context: does this apply to the aboriginal relationship to Canada? I'm not sure he intended it that way, but Europeans chose to come to Canada moreso than did the aboriginal peoples that had already been here for generations when they arrived.

Or maybe I am underestimating him - maybe he did intend it to be taken both ways, as a statement on the continuum of immigration.

Sunday, June 25, 2017

Digital disruption and its effect on Canada and profitable business

There has been a lot of coverage of the trouble that retail in the Western world is in, and Amazon is largely on the pointy end of the wagging finger. Generally, though, it's an intervention of highly digital, Internet- and data-driven companies against more traditional companies that have a higher dependency on widely distributed physical assets.

Canadian revenue diversion to US

From a Canadian perspective, I think we should be worried about these things in relation to the replacement of things that keep funds within the Canadian economy with things that send funds down to US-based companies instead:
  • Newspapers: it's understood that newspapers are suffering, and this is largely due to a collapse in readership and therefore print advertising. Readership is generally older and naturally in decline, and this is not the demographic that many marketers want to target.
  • Advertising: what's not so apparent is that much of this Canadian-made print advertising is largely being replaced by US-based digital companies such as Google and Facebook, which despite all appearances are really advertising companies. Google makes money from intercepting searches for things that you are looking for an steering you toward companies that pay to feature prominently in the search results, and again from anonymized data that can be used to sell things to your market/demographic. Facebook can target advertising to you directly based on the massive amount of detail it knows about you from the interactions you have on its platform, and every "like" advertises a product between friends, which is a far more trusted relationship than is the relationship you have with an anonymous corporation.
  • Streaming: the collapse of Canadian-operated retailers like HMV and video rental outlets is largely being replaced by US-based streaming services like Netflix, iTunes, Amazon/Google services, or other foreign companies like Spotify. Worse, few of these services seem to collect Canadian sales tax.
It all seems like a significant diversion of revenue and value-added employment outside of the country, and Canada was already over-weighted on non-value-added commodities.

Unprofitable companies killing off profitable companies

It used to be that disruptive companies would enter an existing market, change the way that things were done, and become massively profitable as a result. And this has been the case with companies like Google, Facebook, and Apple. Apple's case is especially interesting, as they are the only smartphone manufacturer making windfalls despite having less than 20% of the market share.

However, what about companies like Amazon and Uber? As far as I can tell, these companies have largely been operating at a loss and threatening or killing off traditional retail and taxi companies and the jobs they sustained in the process.

In international trade, this is frowned upon and is known as "dumping". From Investopedia:
Dumping, in reference to international trade, is the export by a country or company of a product at a price that is lower in the foreign market than the price charged in the domestic market. As dumping usually involves substantial export volumes of the product, it often has the effect of endangering the financial viability of manufacturers or producers of the product in the importing nation.
But I'm not clear why this is desirable domestically. Sure, it's private money and I assume these investors can do what they want with it. But where is the wisdom in not intervening in cases where sustainable businesses are being killed off in favour of businesses that despite considerable disruption and employment shrinkage haven't proven that they can be profitable? With the way that tech funding works, the goal will be to blow out the incumbents and take as much of the market as possible so that a strong position is demonstrated and the early investors can cash out their winnings in an IPO.

The shoe that hasn't dropped yet is the one that drops when the incumbents are largely gone or incapacitated and an effective monopoly is in place for the new digital companies. That's the missing piece in the story of how these new companies become profitable and we don't know what that will look like.

What happens next is anyone's guess, but perhaps it'll be come to known as Gig Economy 2.0 - living in a rented car that you also use to operate your ride-sharing business, with the car's rightful owner working an entirely separate job to pay off the 84-month loan he took out to buy the car. The "gig economy" meets "financial engineering".

Friday, June 16, 2017

Algonquin - Highlands Backpacking Trail - May 2017

Following last year's mosey around Algonquin Western Upland Backpacking Trail, in May 2017 I did the Highlands Backpacking Trail. This trail is shorter than the Western Upland trail and so this trip was only 3 days instead of 5 days for the former trail.

My write-up of the previous trail contains a lot more detail and I did most of the same things this time through, as well as followed all of the things I said I'd want to change on my next backpacking trip.

Trail closure
Both of the large backpacking trails opened much later than normal this season due to the late thaw and prolonged periods of rain that Ontario experienced in early 2017 (also linked to record-setting levels in Lake Ontario). The trails were flooded as a result and the trip was delayed until May 17th, which was the first day of the trail being open.

There were quite a few fallen trees blocking the trail along the way, and some muddy sections, but none of these were a problem.

Because of the late start, this increased the risk of running into the region's notoriously annoying insect season (blackfly and then mosquitoes). Ultimately, there were a lot of blackfly and a smaller number of mosquitoes, but the blackfly were not biting in large numbers and were more of a swarming nuisance (near the lakes only) than a literal pain.

Spring backpacking
This was my first time backpacking in Spring. Combined with the late onset of spring, there were a couple of interesting features:
  • Cold overnight temperatures: very cold and damp following a major thunderstorm passing through ahead of a cold air mass and then down to near-freezing the following night.
  • Leaves not fully out on the deciduous trees: in the deciduous parts of the forest, this meant that the trails were exposed to the sun where they would normally have been in near full shade.

After last year's trip and the resulting knee and foot injuries, I made the following changes:
  • Regular daily knee exercises
  • Being more conscious of how I am using my knee while hiking: it wasn't even on my mind on the previous hike. I used it however was most expedient.
  • Larger, proper backpacking boots: Scarpa Zanskar GTX. Nothing bad to say about these. They did well in the wet sections and after breaking them in for weeks ahead of the trip, they fit and wore well. I got a slightly larger boot (EU size 46 where I would normally wear US 11.5) and found that while these were a bit loose at the beginning of the day, when my feet were at "hiking size" after some activity they fit very well. They were heavier than my light trail boots and didn't vent as well, but that seems like an unavoidable tradeoff.
  • Better socks: last time, I wore cotton sports socks which was a mistake as they are both abrasive and take a long time to dry out. This time, I had a pair of very thin synthetic nylon liner socks as well as a Darn Tough light blended merino wool hiking sock. I didn't find that the liner socks made a big difference and stopped wearing them after day 1. The wool socks were more comfortable overall. Combined with the larger boot, I didn't have any sole or toe blisters. I did nearly get heel blisters but I'm starting to thing that is a physiological thing that I'll have to deal with with moleskin or something similar.
Overall, for one reason or another these were all of benefit. I didn't feel any oncoming knee issues after Day 3 and my feet were still in good condition. However, though it's wasn't what's normally classified as an "easy" or "moderate" trail in Ontario Provincial Park nomenclature, I'm not sure the trail was as challenging as Western Upland.

  • Day 1: trail head to east end of Provoking Lake
  • Day 2: Provoking Lake to Head Lake
  • Day 3: Head Lake to trail head
Day 1 thunderstorm
A significant thunderstorm rolled through at the end of Day 1 which gave quite a lashing of rain. This revealed known problems with my MSR Hubba tent, where the inner fly coating has deteroriated and lets water through. However, this sort of thing is only a serious problem during incessant rain rather than large volumes in a short time, and there were opportunities to dry things out on Day 2.

So, a new tent may be in order for the next trip. If I can confirm that the fly is better-made in the newer MSR Hubba models then I may get the same again - it is a very good backpacking tent that is easy to setup, fits into small spaces, and is relatively light.

Compared to Western Upland in September
As with the Western Upland trail, the visible wildlife was quite minimal, though there was plenty of audible wildlife. No bears; no moose; lots of birds, and some close-up loons.

The terrain did not seem to be quite as challenging as Western Upland, though there were definitely constant elevation changes that turn the 14km you'd in 2-3 hours in the flat land of the GTA into something significantly longer.

The days are longer in May - about 1 hour extra on each end. However, the nights were significantly colder. Last year's WU trip ran into an unusually warm September - low-mid 20C in the day and low teens at night. This trip was cooler during the day and much cooler at night - getting to near-freezing overnight after Day 2.

Next time
I can't think of much else I'd do differently next time through, which is a pretty good result. I would use something to guard against heel blisters, but that is about all.