Categories
Industrial IT Management and supervision Process Control

Manage Risks, avoid the cape

I’m Jason Firth.

On Sunday evening, this very website you’re reading this post from went down. In fact, it was a critical emergency because not only did the server’s main drive fail, but there were no backups, we had no parts on hand, and no plan to recover even if there was a backup.

Have no fear, Nerdyman is here! To put on the cape and save the day!

First thing in the morning, I went out and grabbed a replacement drive from the store, and I was able to limp the drive along long enough to make a full backup, and finally ended up figuring out how to put the full backup onto a new drive and make it boot up! Hoorah! The day is saved!

There’s a big problem.

Superheroes aren’t real. They exist in fantasy. The fact that I could run out and get parts that just happened to exist in a store somewhere, the fact that I just happened to figure out how to get my data back, the fact that I just happened to figure out how to get the system back up with the backup data and do it in time that I could get it done was all pure luck.

Let’s say this wasn’t a personal webserver with pictures of nerdy superheroes on it, but a business critical server. It was 24 hours from failure to recovery. For a personal webserver with pictures of nerdy superheroes on it, that’s pretty decent turnover time, but for a business critical application that’s totally unacceptable, especially given that successfully repairing the server was not a given.

In a business environment, you need to manage your risks. This is going to mean a few things: First, taking an inventory of every device you’re responsible for. Second, asking “What happens if this fails?”. Third, asking “How do I repair this when it does fail?”, and finally asking “Do I have the hardware, backups, and recovery procedures in place so we can get this back up and running reliably and quickly?”, and finally coming up with a plan to make sure you have the hardware, backups, and recovery procedures in place for everything you discovered in your audit.

When you manage your risks like that, there is no such thing as having to put on a cape, because you don’t need to make a miracle happen — you just need to follow your plan.

So what should I do for the future? To start with, I should have a spare drive on hand (and perhaps even a full spare computer if this is really critical). Next, I should have 3 copies of my data: The data itself, the online backup, and the offline (off-site if you’re really paranoid) backup. Third, I should have procedures in place to restore the backups in the event I need to (it’s occurred in the past that backups were made for a machine but the backups could only be used on that exact hardware, so massive amounts of time and effort were used to put the cape on and make the backups operate on hardware it should never have operated on). Finally, I should be testing my procedures occasionally to ensure they are relevant and reviewing my site-wide audit regularly.

One of the interesting things about proper risk management is it not only affects things directly that come from the document, but the process of asking these questions will change the way you do things. You’ve gone through everything you have, and inconsistencies become clear, and the consequences of cutting corners become more obvious.

Risk management is an extremely boring task. It means sitting down perhaps for weeks or months and spending a lot of time asking the same questions over and over again, but it pays off the first time you’re ready.

So I’ve been talking about IT infrastructure, but consider this: What I’ve said can correspond to all the equipment you’re responsible for. If you’re responsible for an instrument, shouldn’t you have a spare part, backup configuration, the tools you’ll need, and a procedure for repairing it if need be?

Doing this risk management totally changes the character of daily maintenance. Doing the work up-front means that when something happens, you put the cape away and just get about doing the work you need to do (and if you’re a supervisor or a manager, it means your workers put the cape away and get about doing the work they need to do). It costs less in the long run because you aren’t rushing parts in. It lowers mean time to repair because all the legwork is already done. It means less downtime because you don’t need to rush in parts, figure out how to do things on the fly that have never been done before, or figure out how to deal with your lost data in the middle of a crisis.

Thanks for reading!

Categories
Engineering Technology Industrial IT Management and supervision Process Control Trades

Work From Home does NOT mean Work 3 jobs.

During the pandemic, a certain practice ended up being written of in national media and became a topic of discussion, though I don’t know how prevalent it became in fact. This was the practice of working several jobs from home. In particular, I’ve heard about it quite a bit from IT people.

The individuals who took these jobs were accepting pay by the hour, but then would take several of these positions at once.

There are a number of rationalizations, including that as long as that job duties are getting done, It isn’t really your employer’s business whether you have another job during the same hours they are paying you for, the need for financial security, the lack of opportunities, the exploitation by employers, and the autonomy of workers.

I’ll say, in an age of high inflation, high cost of living, and relatively wages compared to productivity, I can relate. I understand why people would think that this is a just thing to do.

But here’s the thing: It’s not just, it’s not ethical, it’s not moral,it’s not legal. Don’t do it. (Don’t worry, I’ll tell you how you can do it ethically and morally and legally at the end)

The argument of “As long as job duties are getting done, it isn’t really your employers business whether you have another job” makes a lot of assumptions that aren’t necessarily valid. Just because you are getting paid at a job and you haven’t been fired yet does not mean you’re doing perfectly fine and everything is okay. Labor law makes certain assumptions about the employer employee relationship and as such a Grant’s additional protections that someone doing peace mill work wouldn’t have. It’s often very difficult to fire an underperforming worker, and so management will keep them on even though they’re not particularly happy with the job they’re doing. They may even tell the employee that everything is just fine. In that case, they’re not doing it because the employee is hitting all of his targets and everything is fine, they’re doing it because the cost and effort involved in trying to get rid of a bad employee is so high it’s easier to just deal with an underperforming team member. At that point, then you have that underperforming team member go off and work three other jobs because they are under the impression that they are a Superstar who hits all their targets. In reality, that worker is just taking advantage of both sides of the equation, working like a subcontractor well accepting the benefits of full-time employment and the protections therein.

When an employer is paying you for that hour, it is your employer’s business what you’re doing. The moment that you accept payment for that hour of your time, it is no longer your time, it’s their time to do with as they will within reason.

One can make the argument for financial security, but I don’t really feel like that’s an ethical argument as much as a practical one. Of course we all want to make more money, and if there’s a way to make more money then you’re making more money, but that isn’t a moral or ethical argument. Robbing old people is another way you could make more money and be more financially secure, but most people would agree that robbing old people isn’t moral or ethical. For something such as a highly paid information technology position, there are lots of people who end up trying to make it without highly paid information technology positions, and while it may be a struggle they do successfully accomplish it. Moreover if you are taking two or three full-time jobs, then that means one or two other people who also need to make ends meet suddenly can’t get those positions because someone else has them.

Complaining about a lack of opportunities while taking up several opportunities just seems hypocritical to me. Several people could have taken up those jobs, and instead one person is going to do a half-ass job at a bunch of them. Again, this isn’t an ethical argument, it’s a practical one.

There’s an argument that workers are being exploited and therefore the workers should exploit right back. This isn’t the sort of argument that we want to be making. The company is paying you have all the power in the world to make everyone’s life a lot worse because a minority of people are trying to scam them. A race to the bottom is not good. If you feel like you’re being exploited, then it’s time to take measures to stop being exploited, that doesn’t justify exploiting others. Moreover, if it becomes common practice for workers to be working several jobs at once, this doesn’t actually make the workers less exploited. Effectively, it will artificially drive up the supply of labor, meaning that companies won’t have to compete as hard for workers, meaning that the labor market will become more exploitative. As well, the people who are working two or three jobs won’t need to be making enough money to survive because they’ve got two or three jobs, meaning but the people who are doing this are effectively making it harder for people who aren’t doing this to survive on one job, again ensuring that the labor market becomes more exploitative, not less.

Finally, as I’ve already said, the autonomy of workers is a moot argument because once they are paying you for your time it is not your time to be autonomous within. The more people try to scam the systems we live in, the more those systems are going to push back and workers who are otherwise being honest are going to face less autonomy because the employers are going to feel that they can’t trust their workers if they aren’t being micromanaged.

There’s another major issue, and that’s not working from home is already considered an extremely privileged position. People who work from home don’t need to commute, they’re working conditions can be whatever they wish them to be, including listening to whatever they want on the radio, watching YouTube videos while working, even having a beer in the backyard while attending meetings as long as you don’t get caught. So you have these people who are some of the most privileged in the entire job market, and they take this privilege and they end up using it to take yet another privilege, this ability to work two or three jobs at the same time that people who are still in the office don’t get. In terms of fairness, fairness is completely out the window once we’re talking about disparities like that.

I would suspect that over time, if this became a widespread practice then it would just mean the end to work from home. Employers aren’t employing people so that they can be number three or number four on the list.

Consider a loan you take out yourself. You can take out a variable rate loan, or you can take out a fixed rate loan. If you take out a variable rate loan and rates drop, then the bank passes the savings on to you, but if rates rise, the bank passes the costs on to you. If you take out a fixed rate loan, then if rates drop the bank benefits, but if rates rise the bank takes that risk. For that reason, the bank charges a bit more for a fixed rate loan, because they’re taking on the risk of interest rates rising. The longer the rate is locked in, the larger the premium you pay because the bank is taking on more risk that interest rates rise. So imagine that you were in a situation like that, and you had a variable rate mortgage and interest rates dropped and the bank refused to register the drop in interest rates. In that case, you were spending less money so that the bank would be taking less risk but it broke the deal. How about if you had a fixed rate mortgage, and rates continue to rise, and the bank refused to honor your interest rate and just increased it because it wanted to. During the good times you had paid a premium in order to have that fixed interest rate, and they stepped in and broke the deal.

Let’s say that you were hiring someone to build a deck. And you paid them time and materials to build that deck. Let’s say that you were home for a full day, and you knew full well that they weren’t at your house building that deck, but then you saw an invoice come in for that full day of labor. Would you be okay with that? How about if you saw the crew that you were paying for at another place building someone else’s deck? How about if you found out that on that day they were charging three other people to build their decks, but only one of them actually had the crew at their house building their deck. Would you accept “I don’t know what the problem is, your deck got built didn’t it?” — I think most people would be in court and rightfully so. That company that said that they would be building your deck, that charged you to build your deck that day that wasn’t their building your deck committed fraud. Let’s say that the entire crew is just sitting there waiting for the cement truck to arrive. And you’re paying the entire crew to just sit there. That’s what they’re getting paid for. Just because they’re not doing anything doesn’t mean that they can go off and work on someone else’s deck on your dime. If they go off to work on someone else’s deck, that person can pay for the work crew..

So let’s say that you agree to a company to get paid a certain amount of money each day to be available for a certain number of hours that day to work. Whether you are productive or not you make the same amount of money. The company is taking the risk here. The hours that you are productive, they pay you. The hours that you’re completely unproductive, they pay you. If there’s nothing to do but stand around, that’s what they’re paying you to do. If you want to go work for someone else during those hours, you should turn off the payments from the one employer and turn on the payments to the other employer. Of course, that isn’t how most employment contracts work because for jobs the employer wants your time and is paying for it.

So how do you do this morley, legally, ethically, etc? It’s really straightforward. Be honest.

If you want to establish a contract with an employer where you’re going to be working for several employers, that’s something you’ll have to negotiate. You can set it up where there are certain performance guarantees they’re paying for in maintenance work such as keeping KPIs above a certain level, and if it takes less time to achieve those KPIs you come out ahead and if it takes more time to achieve those KPIs you come out behind and are likely charged a penalty. You can set it up where you’re charging by the hour, and if you’re charging another employer for an hour you don’t charge the employers you aren’t working at for the same hour. This will mean that your employer is no longer paying you a premium for the risk taken of you not being productive in a certain hour, and either you’re taking the risk that you need much more time to achieve your KPIs than you expected, or you’re taking the risk that you don’t have anything to do so you can’t charge any of your employers for your time.

If you’d prefer keeping the employers separate, then you’ll have to do something like staggering the hours so you work 8 hours at Employer A and 8 hours at Employer B. Notwithstanding any clauses in your employment contract preventing you from moonlighting, this is usually totally acceptable (but it’s also a recipe for burn-out), and you get to keep the benefits of the company taking on the risk of time you’re getting paid but not being productive for them.

This isn’t a novel problem, it only appears as such to people working in jobs who have an opportunity to deal with multiple clients at once. It’s a problem professionals have had to deal with forever. If you’re a contract lawyer or engineer working in a central office you operate independently of any particular client, you might have many clients. It’s written into the codes of conduct for these professions that you must bill fairly, and if you double bill for the same hour you’ve committed a crime and will be punished both by the law and by your professional regulator.

Let’s go back to our deck example. If you agreed at the outset to pay a fixed fee for the deck installation within a certain period of time then it doesn’t matter where the work crew is or who it’s doing work for because you’re not paying for the time the deck builders spend on your job, you’re paying for a deck and it’s their risk to make sure they do the job on time and on budget or they’ll take the hit. Otherwise, they could charge by the hour (or even by the 15 minute chunk) and meticulously ensure that only one client was being charged for time at one time. In that way, the deck builder could get paid ethically and legally. It would benefit you during times like waiting for the cement truck because someone else would be paying for the work crew at that time.

Of course, all this could get turned on its head if you manage to find some employers who are willing to pay you an hourly wage and are ok with you double charging by having multiple jobs. You’ll want to get such an unorthodox agreement in writing from all the parties involved, because it’s highly unusual and a simple verbal agreement isn’t likely to hold up in court if the employer/employee relationship goes south and they decide to sue you for breach of contract.

There’s another issue you need to be aware of: Depending on your position (and typically this only applies to high level executives or managers), you may have a fiduciary duty to the companies you work on. That means that you need to put the company’s needs above your own. In such a case, you may not be able to be employed by both a company and its competitors and meet that obligation, and that might not be something you can sign away.

These concepts apply to engineering technologists and tradesmen equally, though most tradesmen are not held to any sort of professional code of ethics, they are held to laws against fraud. It’s something to keep in mind because if unethical practices become common, there will be consequences as companies strive to protect themselves from fraud.

Categories
Industrial IT

A short one — Getting the Nvidia Geforce GT 720M graphics chip on a Dell Latitude E5440 running under Ubuntu Linux 21.04

I’m Jason Firth.

Sometimes it’s a real struggle going through and trying to find out how to do something, and when you find a simple answer you just wish someone else had written it down.

I have a Dell Latitude E5440 I got off of eBay. Great little machine. It has a decent screen for the era, 8GB of DDR3 memory, I put a 512GB SATA SSD into it, I really like this little thing! I initially installed Windows 10 on it, but I wasn’t happy with how it ran. It just didn’t quite seem like the machine it was, so I kept moving.

I eventually decided to put Ubuntu Linux 21.04 onto it, since that more or less met my use case.

The problem I had is that the Geforce GT 720M is a really strange model. Even trying to get drivers for Windows 10 was challenging, and that’s rarely a problem!

Normally in Ubuntu, you’ll just go to the driver manager, and then go to “additional drivers”, and any proprietary devices will be shown. Unfortunately, the Geforce GT 720M was not shown on this window.

I tried a few different things, including the bumblebee optimus program, but I didn’t want to run certain programs using the Geforce, I wanted to run all my programs including compositing using the Geforce.

Finally, I found the solution!

First, I had to get rid of the nouveau open source video driver

sudo apt-get purge xserver-xorg-video-nouveau

Second, I ran an autoremove just to clean things up.

apt autoremove

Finally, I had to install the 390 series driver. This particular version is important because the 720M is actually a 600 series card.

install nvidia-driver-390

After a quick reboot, I didn’t immediately see a difference, but there was now an nvidia X Server settings item in my menu. Going into it, I was able to select “performance mode (nvidia)” which ensures the discrete GPU is always doing the heavy lifting when displaying graphics.

I don’t think a lot of people have Dell Latitude E5440s running a Geforce GT 720M discrete graphics chip, so there weren’t a lot of clues about where to start. Hopefully from now on people searching for the solution to this problem can find the solution in this post.

Thanks for reading!

Categories
Industrial IT

Installing ubuntu on a chromebook c201p

how to get ubuntu running on an asus chromebook c201p

I’m Jason Firth.

My dad is starting to enjoy chromebooks, he’s been playing with them for a couple years, and so he had an Asus Chromebook C201p kicking around. He said to me “Play around with it, maybe you can get full blown linux installed on it!”

I was able to get libreboot installed fairly easily following the instructions I found here. Once that was done, I spent a long time fidlding around trying to get everything working, and it wasn’t easy.

The problem I’ve been having is that the most commonly available install is based on a totally free kernel that doesn’t support wifi. the only other image I could find supported wifi with an older kernel with non-free elements, but I couldn’t get the software I wanted running. I think I’ve found a decent compromise for now, so I wanted to share the compromise with everyone.

So to start with, you’ll want to set up libreboot using the above. The scariest part of that is opening up the case to remove the write protect screw.

Once you’ve got that, you can now boot off of a USB memory stick by pressing CTRL-U at bootup.

To create the memory stick, you’ll need the following:

Win32 disk imager utility

The USB memory stick image

You use the imager utility to write the USB memory stick image.

You might want to make a backup of everything on the device before you continue. I think you can use the dd utility to do that, but frankly I made the mistake of not doing that step so I can’t tell you how to do it.

Once you have your backup, boot up onto the USB memory stick you created. It’s going to keep showing different boot messages after it shows the login prompt so you might not recognise it. you can just enter the username and password regardless.

the username is root the password is toor 

This copy of ubuntu is 18.04, which is supported for several years after the writing of this article. I tried later versions but it started to mess up.

This seemed to give me the ability to run X11, as well as wifi you could control from x11, and overall a decent experience. I wasn’t able to get sound working, but I believe that the drivers do work and there’s just a volume thing to fix. At least this will bring your system up to a point that you can work on the system from the system.

To install to the internal mmc, I did the following:

  1. I ran fdisk on /dev/mmcblk0 and erased all the partitions, then created a 32MB partition at the beginning of the drive and a second partition making up the rest of the drive. The first partition needs the partition type of 65 to be the chrome boot partition.
  2. I ran:
dd if=/dev/sda1 of=if/dev/mmcblk0p1

to copy the boot partition from the USB stick to the chromebook.

3. I ran the following commands to create a filesystem, mount it, and copy the contents of the system running on the USB stick to the mmc:

mkfs -t ext4 /dev/mmcblk0p2

mount /dev/mmcblk0p2 /mnt

rsync -aAXv / --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /mnt

You can now reboot and should boot into the linux system now installed on your internal mmc.

once you’re logged in, you’ll probably want to set up some basic wifi.

run:

wpa_passphrase [SSID name] [SSID Passcode] > ./wpa_supplicant.conf

wpa_supplicant -B -c ./wpa_supplicant.conf -i wlan0

dhclient wlan0

You can run apt update to make sure you’re working with the latest files, then you can do a few things to help make your setup more secure.

  1. passwd to set the root password
  2. adduser [username] to create a user
  3. nano /etc/sudoers to add your new user to the sudoers file

Now when you log in next time you can log in as a normal user and elevate privileges if neccessary.

Now it’s time to install a full desktop environment.

you can run apt install lubuntu-desktop to install an lxde based desktop, kubuntu-desktop to install a kde based desktop, xubuntu-desktop to install an xfde based desktop, or ubuntu-desktop for a gnome based desktop.

Once the install is complete, run reboot to reboot. You should now see a graphical login, and the system should operate like a normal ubuntu desktop, albeit one without 3d acceleration.

I hope this helps for anyone who was like me and looking for some help setting up an asus c201p chromebook to run a full powered version of linux while using the internal wifi and being able to run most standard software. I’m lucky there were a lot of people doing good work elsewhere to help me get to this point. If I manage to get a more up to date version of linux installed, and especially if I manage to compile a fully featured kernel that’s newer than the ancient 3.14 version included in this image, I’ll make another post.

I don’t want to misrepresent, this seems to be functional at this point but all it takes is one wrong update to blow things out of the water, and it’s still missing some key features that should be functional.

thanks for reading!

Categories
Industrial IT

Keep your nose to the grindstone, that’s how you win.

I’m Jason Firth.

Sometimes you have problems that seem insurmountable, and all it takes to solve them is keeping your nose to the grindstone long enough.

I recently decided I wanted to have Network Attached Storage. Lately cloud services like Google have been getting sort of strange, and I just felt more comfortable having my data stored locally on my own hardware. I also wanted to have the data mirrored. This would mean that I have the data on two separate hard disks, so if one drive had problems, I would have a copy available. I purchased a pair of used hard drives and a used NAS. Unfortunately, the NAS shipped with a 50V power supply instead of a 12V supply so it immediately blew to smithereens, and I feared it may have damaged the drives at the same time. I purchased a new NAS and inserted the drives, only to have problems immediately.

The drives were Western Digital Red 3TB drives. They are both fairly old, but I figure this should be adequete to get me started and I can replace the drives at a later time.

To troubleshoot the drives I hauled out my ancient PCI got all sorts of Input/Output errors on the drives. I assumed it may be a problem caused by a faulty NAS, but something didn’t smell right — the drive appeared to be functioning properly. My intuition was telling me that the drives should be functional or not — the idea that the electronics would appear to be functioning perfectly while we see massive failures on the magnetic media or read/write heads didn’t really pass the sniff test, so I decided to dig deeper.

Here’s what Western Digital has to say about error 220: https://support-en.wd.com/app/answers/detail/a_id/7519

My daily driver PC is a laptop, so I couldn’t just plug in the computer and expect success. I would have to do everything I could from USB memory sticks.

Next up, I downloaded and ran a Western Digital diagnostic utility for MS-DOS. That’s where I got the clue I needed. According to the utility, it couldn’t run a bunch of benchmarks because the hard drive had a Code 220 or Code 0220 “Drive is Locked”. That was my clue that something I could fix was going on.

The utility I finally succeeded with was called HDAT2. With it, I was able to unlock the drive.

The following is a fairly raw recounting of the steps I used to fix the drives:

  1. Download Rufus from https://rufus.ie/
  2. Downloaded HDAT2 https://www.hdat2.com/
  3. Created a freedos boot USB using rufus and copied the hdat2 executable files to the stick
  4. Opened HDAT2
    1. cd hdat2
    2. hdpmi32
    3. hdat2
  5. Selected the drive
  6. Hit Enter to open the menu
  7. Selected the security menu
  8. Hit enter on the Unlock feature
  9. hit I to select the master identity
  10. Pressed K to select a known password, there were a number available. The one I ultimately needed was “WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCW “
  11. Pressed S to set. It will ask if you’re sure. Press Y. If it is correct then it will say it’s succeeded. If it isn’t correct then it will say aborted. You can try the other known passwords.
  12. Next select disable password from the menu.
  13. Select the master identity by pressing I once and press S to set. Press Y to confirm.
  14. If it worked correctly then it will say it succeeded. If it failed then it will say aborted.
  15. Security on the drive is now shown as disabled!
  16. Before I took these steps, the drive could not be accessed successfully in any way. After I took these steps, I was able to immediately install Windows 7 on the drive, proving that it worked.

Thanks for reading!

Categories
Industrial IT

Tiny download, hugely important tool

I’m Jason Firth.

Industrial systems are unbelievably static compared to other systems. While the rest of the world struggles upgrading to Windows 10 from Windows 7, some industrial process control systems are still on Windows XP. In fact, there are even some still plugging away on Windows 98. These devices often aren’t treated as computers, but as appliances.

This happens more than you think. Many internet connected devices out there today run Linux as a bottom layer, and there isn’t even a mechanism to get into the device, let alone upgrade it.

For front-line technicians, this can be a bother. There are twin concerns: On one hand, you want to have the latest OS for the latest software, but on the other hand you have issues leaving behind old software.

Recently, Windows 64-bit OSes have become standard. Microsoft finally decided, after 25 years of supporting it, to drop Windows 16-bit and MS-DOS support. This makes sense for them from a business standpoint, but makes things complicated where you want to run that software.

Windows has maintained support for old OSes long after their end. Windows 3.1 applications functioned properly under Windows 95,98,ME,NT4,2000,XP, and 7 32-bit. They function by running a special program that allows the 16-bit applications to run on 32-bit OSes. In the 64-bit OSes, they have removed that functionality.

This causes a problem for us when software that won’t get any updates but is mandatory for your operation is a win16 program. Instrument configuration programs, old PLC programming software, cross-reference software, and more might be stuck on win16, putting you in a bad position.

I found a piece of software called winvdm that appears to solve this issue. To install it, you download the software, place it onto some folder, modify the included registry file to point to the folder you’ve created, and run the registry file. After that, windows 16-bit programs will open natively with no additonal work.

Thanks for reading!

Categories
Industrial IT

What is bitcoin?

I’m Jason Firth.

One of the biggest questions out there, and one that I’ve been asked may times is “What is bitcoin?”. I think it’s an interesting thing to talk about for a bit. Before I start, I’m going to talk a bit about the money most people use. After that, We can talk about the technology, a bit about economics, and a bit about its impact on different societies. Finally, we’ll talk about the ways blockchain technology can work in sectors besides currency.

Currency is a medium of exchange for goods and services. Currency generally has 3 important attributes: First, it is used as a medium of exchange. Meaning you can trade it for goods and services without first having to convert it into something else. Second, it can be used to measure the value of a general good or service. Finally, it can be used to store value.

Over the millennia, many different things have been used as currency. Kings once used to split branches in half, and use the one half branch to prove the other half was authentic. Gold and Silver have been used because they don’t easily corrode, and there’s a limited amount in the world.

The problem with physical objects is they take up weight and volume, and if someone takes your gold or your sticks, you no longer have them.

As a result, businesses popped up to store your gold and silver, and they’d either issue slips of paper or let you write slips of paper to give the gold and silver to different people. Those slips of paper were much lighter and much smaller than physical gold. Writing slips of paper added a layer of security since you have to authenticate what you’ve been doing.

Those businesses eventually realized something: They can issue more pieces of paper than they actually have gold. As long as they have enough gold to give back to people who come in to cash in their pieces of paper, they won’t have a problem, and as long as they can eventually get the gold back, then they can lend out the extra gold and make interest on it. That’s how the banks became what they are today. That’s called Fractional Reserve Banking because banks need to reserve a fraction of the gold in case people come in to convert their slips of paper to physical gold. When someone says money is “backed by gold” that’s what this means.

Today, banks don’t need to store gold. They hold money to lend out more money. Basically, if they have a dollar, they can lend out up to 30 dollars. The new dollars represent debt. This money is accepted as money because the government has deemed it so. This is why this why Bitcoin enthusiasts or proponents of a gold backed currency call regular money “fiat money”. The government made it money by fiat, or by formal decree of the government.

Given these facts, money is created by banks issuing debt, and money is destroyed when debt is repaid.

One of the subtle but incredibly powerful organizations in an economy is the central bank. The main purpose of a central bank is a “lender of last resort”. In the US prior to its development, a bank could be in a situation where it was in good financial shape but a lot of people got scared and pulled their money out quickly. This situation is called a “bank run” and can result in the death of a healthy bank. By creating a lender of last resort that banks can always borrow from, they can be assured to get capital they need for short term requirements. In most countries, the central bank is separate from the government to try to protect governments from themselves: if governments can print money whenever they want, they are likely to print money instead of taxing. Many countries did this, and many of those countries ended up with a worthless currency. Notable examples are the Weimar Republic before world war 2 where people used wheelbarrows of money to buy a loaf of bread, Zimbabwe where their dollar became so weak they minted a 100 trillion dollar bill that would not buy a loaf of bread, and Argentina, where prices are currently moving up daily. Most central banks want to limit inflation to about 2%, meaning that prices generally increase by 2% each year.

So why would they want inflation? To answer that, you need to go back to the great depression. Europe has vivid memories of hyperinflation in the Weimar Republic so they are shy about inflation. The United States during the great depression in the 1930s had a different condition called deflation. Prices were generally falling so people had reason to hold onto their money because it would buy more tomorrow than it did today. As a result of that holding onto money, the “aggregate demand” — or the total demand for goods and services in the economy, fell. This drop in aggregate demand is one of the causes of the great depression. Modern economies are constantly trying to keep aggregate demand at an ideal spot, and chipping away at the value of money is one way to do that. For this reason, central banks consider both deflation and high inflation to be problems to be solved.

The way the amount of money created is controlled is by a number of levers that make it easier or harder for banks to lend, which in turn affects how easy it is to get or maintain debt. Remember fractional reserve banking? One lever the central bank has is changing the required reserve ratio. This can immediately increase or decrease the amount of money available to lend out by banks, changing the supply of money. Another lever the bank has is interest rates. The central bank doesn’t directly dictate the interest rates consumers pay for loans, but they set how much the banks must pay to borrow money, which sets the tone for interest rates in the broader economy. Finally, the last lever most central banks have to pull is called quantitative easing. This is where central banks buy government debt. This has 2 immediate effects: first, it converts an asset the banks hold into liquid cash, which provides more money to lend. Second, it increases demand for government debt, which allows the government to issue more debt at a lower cost. The downside to all these levers is that they are all effective short term levers, but in the long term the economy comes to rely on these for continued growth, and if you’re really unlucky you could overheat an economy by providing too much debt. Money will flow into any harebrained scheme, and for a while that will mean great profits for investors… Right up until markets turn out to be not as profitable as expected, people leave markets en masse, and the bubbles that has been inflated pop.

Anyway, that little macroeconomics lesson out of the way, let’s talk about bitcoin directly.

At its base, Bitcoin is a list of all the list of bitcoin transactions that have ever been. Simple as that. It’s called a “ledger”, and that’s the basic part of bitcoin. Ledgers are a basic accounting term that refer to a list of transactions.

Bitcoin is called Peer to Peer, because there isn’t one bitcoin server out there. There are a large number of servers called Miners that work together as peers to provide the ledger to anyone who needs it and to maintain and constantly check the ledger to make sure everyone is following the rules. Everyone has the ledger and everyone adds to it. Because everyone has this ledger, it is called a Distributed Ledger.

If you’re wondering why those miners do this willingly, and where bitcoins come from, the answer to both is the same: Miners are entered into a lottery to receive a bitcoin once they process enough of the ledger. By supporting the bitcoin network, they are paid in bitcoin. This is the process by which new bitcoin are created, and the process by which bitcoin is maintained. Since the amount of time until a Bitcoin is created may be massive, many small-time miners team up. With enough miners, there is an expected flow of Bitcoins, and they are distributed between all members of the team depending on how much of the ledger each miner processed.

This ledger is made up of a list of every transaction ever made. Each transaction is in a logical grouping called a “block”. Each new transaction gets added to the end of the ledger, making a chain of blocks, where we get the term “blockchain”.

Everyone who has bitcoin has a “bitcoin wallet”, which is essentially a piece of software that maintains a copy of the blockchain password called a “private key” for creating new transactions regarding the bitcoins associated with the wallet. The wallet reaches out to miners, first to get all the transactions that have ever existed and maintain a list, then to add new transactions that you make.

From there, when you send bitcoin to another person, you send a block to the miners, encrypted using your private key. They verify it is legitimate then send it to all the other miners. This process can take quite some time. At least 10 minutes and as much as a few days! Each transaction has a cost associated with it and miners will tend to try to complete transactions with higher fees first, so the higher transaction fees you pay, the quicker your transaction will close. If enough transactions paying higher fees are taking place, your transaction could take an indefinite amount of time.

Since most of us don’t have massive server farms to get Bitcoin, there is another way to get them. Companies have set up websites called “exchanges” where people or companies that have Bitcoin put them up for sale. Individuals bid local currency on the bitcoins and pay with the local currency. This is the process by which Bitcoin is converted to regular money, how people become millionaires. They buy the Bitcoin low, or they mine it, and then sell the Bitcoin if it becomes much more valuable in the future. When websites or news organizations talk about the price of bitcoin, they’re pulling the price people are willing to pay off these websites.

These exchanges are something a bitcoin user must be wary of. In 2014, the mtgox exchange, the largest bitcoin exchange in the world, shut down unexpectedly. They couldn’t account for 850,000 bitcoins, so many users lost everything. More recently, the owner of the QuadrigaCX died without a backup of the passwords and many users lost their bitcoins to the tune of $190 Million. If the bitcoins had been in users wallets they would have been safe, but people trusted the exchanges.

We have gone over a lot of facts about bitcoin. To be honest, I personally think it is a terrible currency for people in most developed nations. Transactions take forever to process and cost a lot of money for small transactions, its extremely inconvenient — you need to download the history of bitcoin before using bitcoin, the price of bitcoin is extremely unstable so you may be poor one day, rich the next, and poor a third, most vendors don’t accept bitcoin, and you need to rely on unreliable exchanges to turn your bitcoin into local currency most people will accept.

Let’s compare to using banks here in Canada. Most transactions with the banks are free — I can deposit money, I can spend money using debit or visa, and depending on my bank, I may be able to withdraw for free as well. Debit transactions appear within seconds, and visa transactions affect the balance immediately. I only need a number or a piece of plastic or a few numbers to purchase something, and the money is already in a form almost every vendor accepts, so you don’t need to convert your cash into something else to spend it.

Now, that all being said, there’s a place where Bitcoin is a fantastic choice. Remember earlier when I was talking about countries with hyperinflation? Bitcoin expands at the rate the algorithm expands it at, not at a rate the government desires, so even though it has all these negatives, it’s used in countries like Argentina and Venezuela where money can’t hold value, because people can mine it, get a bit of bitcoin, and use it to order products over the Internet. For such people, Bitcoin represents the one way they can hang onto currency.

Finally, let’s talk a bit about the potential for blockchain technology. Thing is, money probably isn’t the best use of this technology. Maintaining a ledger of every cash transaction ever completed is a pretty expensive task if you want to spend a dollar on a Coke. However, there are a number of situations where the attributes of block chain are beneficial.

Presently, precious metals come out of the ground, and can be bought and sold, but there isn’t a ledger tracking the history of that precious metal. Because of that, unscrupulous companies might be selling the same gold multiple times — unless you can account for it. One application of blockchain is to have a miner create an entry in the ledger for each bit of gold, and then trades in gold can be tracked using the blockchain, and you can’t sell the same gold twice.

Another situation where blockchain might be beneficial is real estate. There is an entire industry for dealing with deeds. You pay for a copy of the deed, or you can buy title insurance, and it’s a non-trivial part of the job. Using a blockchain, we can trace ownership of property going back to the inception of the property.

Yet another situation where blockchain might be beneficial is stocks. Many trades are done electronically, so companies spend a lot of money on intermediates who handle the transfer of stock. With a shared ledger between banks, the system can be handled without those intermediates.

In short, anywhere that we need a shared source of truth and an enforced transaction history, blockchain can be a huge benefit. As I said before, probably not great for buying a Coke, but if you wanted to buy a million shares of Coke or Koch, you might find blockchain technology has benefits over our current systems. We’ll just have to see how history plays out!

Thanks for reading!

Categories
Industrial IT

New software

I’m Jason Firth.

I’ve migrated to newer blog software, and as a result some of my posts have been removed or scrambled.

I’m manually uploading the old posts, the photos might be lost.

Update: The old posts are back online, but 99% of the photos are still missing.

Thanks for reading!

Categories
Industrial IT

Microsoft is lazy in a bad way.

I’m Jason Firth.

I caught a video about Microsoft Edge today that got me thinking about something.

I find their attitude towards Edge and Windows 10 to be terribly lazy.

Let’s look at some of the basic changes over Windows 7.


There’s a new feature, the PC Settings app. Let’s try to change the IP address:

![undefined](pcsettingsapp_0_o.png)

To change the IP address, you have to open a win32 program. Oops!

To manage the SSID, you have to open a win32 program.

The settings app has many examples like this, where the new OS features are half-baked. If you want to make a change, it’s time to hit the roulette wheel: Which program do you use to change this setting — the original win32 program, or the new metro app?

Assuming, of course that the Metro app decides to work. The reliability of that framework is suspect. I routinely open the calculator to watch a screen with a calculator icon glaring back at me. When I have to head back to the original win32 versions of programs to do simple things like look at a picture or add 1+1, that’s a fundamental breakdown, and Microsoft should be considering any instance of that to be an all-hands-on-deck situation.

That brings us to Edge.

In my experience, Edge just doesn’t work very well, even (as seems to be a developing tradition), with other Microsoft products. I can’t use it at work, because it doesn’t function properly with Sharepoint. My only option is Internet Explorer. (Chrome and Firefox don’t work with Sharepoint either, presumably because of the same problems that keep Edge from working). That essentially makes Edge useless for Enterprise, if it doesn’t work with Sharepoint. That’s lazy of Microsoft to create a new browser and ignore essential functionality for their core users.

Lazy can be good. Lazy can mean you reduce the complexity of tasks. Lazy can mean you make things easier, or that you do things in a less risky manner. In this case, lazy is bad. By half-assing the OS and the browser, you end up with programs that fundamentally can’t complete the tasks they’re supposed to do.

Edge currently has 1/4 of the users Internet Explorer has. Some of this is because Edge is only for Windows 10, but much of it is likely because Edge can’t even do the things Internet Explorer does. Furthermore, Windows 10 has had much slower adoption than Windows 7. By this point after Windows 7 was released, it had a commanding lead over XP. By contrast, Windows 7 and Windows 10 are neck and neck. I believe the biggest reason for this is Microsoft’s lazy behaviour. Windows 7 behaves like a cohesive product. Windows 10 feels like two completely different products have been inexpertly melted together with a heat gun. Unlike Windows 8 it doesn’t scream in your face with its incompetence (The windows 8 start menu really is an excellent example of how not to do navigation), but that doesn’t mean Windows 10 and it’s associated products aren’t still broken.

Sales of Desktop PCs have dropped below 100 Million for the first time in a long time. Some of that is just because laptops are so good these days. (I’ve been using laptops exclusively for years because I travel so much for work. I’m writing this on an Alienware R15) However, I strongly believe another reason is that Windows 10 is a poor OS, and people are choosing not to upgrade their PCs, lest they have to give up their Windows 7.

In other works, Microsoft has the ability to reverse the course of the industry. Come up with a polished OS that actually works in a straightforward manner, and I believe there will be an immediate boost to PCs.

Ironically, some of the changes have been made so Microsoft can emulate tablets and phones in form, but in doing so they’ve moved PCs away from them in terms of function: I can configure my android device from the settings app. I’m sure I could do the same on an iOS device. I can’t do it from Windows 10. I can only imagine the nightmare that using a Windows 10 tablet or phone would be, based on my Windows 10 experience. It is completely understandable that because of their lazy choices, instead of Windows 10 being an advertisement for Microsoft’s phone and tablet products, it is a case against them.

To move forward, Microsoft needs to stop adding new features and chasing the latest craze. They need to take a step back and put the work into building this platform.

It’s simple, but not easy:

  1. Create a team consisting of one person with the authority to make decisions from each software team involved, a few UI designers, and a number of laymen who use Microsoft applications daily. For the laymen, reach out to customers, even! Corporate, personal, industrial, front-line users, IT users, software developers. You need their input. That input would have saved you from Windows 10.
  2. Come up with a list of every basic task users do in Windows. I bet it’ll be a list of the top 1000 tasks between users and power users/sysadmins. Come up with a list of the top 100 tasks people do in each major piece of software such as Edge.
  3. You’ll have a huge list, prioritize them. Personally, I’d focus on tasks that are done routinely, and tasks that are going to be major “pain points”, such as configuring network interfaces. Spend the most time and make sure there’s cross team interaction on the top priority items.
  4. Using the list as a template, enumerate the steps required to do each of these top tasks. Actually do the tasks to prove it.
  5. Ask yourself: “Is this really a reasonably easy way to do this? How would someone know how to do this besides Googling it?” (Being real here, Bing is garbage and you need to fix that too. Google “Windows XP Service Pack 3”, then bing it. What are the top 3 links for each? Clearly, you’ve got problems. One disaster at a time, though) Honestly, if you look at the list of steps required for a lot of relatively basic tasks, there’s absolutely no way you’d know how to do it. “Go ‘run’, then type ‘horrentouslylong -cmdline’, and choose the fourth tab and press the plus and type “arbitraryChars (seriously)”. This is all garbage, and needs to be streamlined.
  6. Look for obvious stupid things. Going online to solve problems with my Internet connection just makes you guys look completely clueless. Keep the updated database of methods to solve problems with Internet connections locally! (That’s just one example, mind you)
  7. Run user tests on users own hardware. Get random users to do the top tasks. I bet you’d be surprised to discover a lot of them don’t actually work! At work, I often use the win32 image previewer because the Metro app doesn’t work! I’ve erased purchased, licensed copies of windows 10 and replaced them with Linux because Windows suffers some of the worst bit rot since Windows ME, and the machine is locked solid from processes that “don’t run while you’re doing anything” but clearly do.
  8. Document the new methods to complete these key tasks.
  9. Ask the same questions about the new methods that you asked about the old ones.
  10. Fix the problems you find, make the changes you need to make. It’s a short line, but most of the work.
  11. Have lay users test each solution to make sure it actually works and is actually intuitive! Don’t use a strict test script, let users try to figure out how to do each task in their own way. In fact, if you can run a test by scenario instead of by task (for example, let IT folks set up a PC for use on their own network, or let a home user set up a PC for their own use)
  12. Use your documentation and the results of user testing to create user documentation for all these top tasks, and include the latest version of these documents offline.

Like I said, it wouldn’t be easy, but in spite of the fact that the form may be different than a tablet or phone, the function would be the same: Finally, all the basic functions of Windows and its major applications would work in a fully functional and intuitive manner.

You want people to use your store? Your phone OS? Your tablets? You need to get your day 0 stuff sorted out. People need to be able to trust your software to be basically competent before they give you license to do more.

If I’m being honest (and I recognise this may be a controversial statement), Google does this very well. People trust their search engine because it does the basics well. Their mail does the basics very well. Youtube does the basics very well. Google maps do the basics very well. Android does the basics very well. Because they do the basics well, they are given license to do more. People are willing to let Google drive their car for them, because their software is generally competent, functional, and easy to use. Nobody is willing to let Microsoft drive their car for them (or their phone, or their tablet, or their search engine, or their web browser) because Microsoft isn’t doing the basics well, and thus lacks license to try more. Microsoft wants to brag about the quality of their work, but their work doesn’t speak for itself.

This can apply to control systems as well. If we don’t do work that is generally competent, functional, and easy to use, then we won’t get license to do more. Managers won’t want to let us try things, front line workers won’t be willing to let controllers stay in auto, and the money will go elsewhere, to other capital projects that perhaps do have histories of being those 3 things.

Thanks for reading!

Categories
Industrial IT

Do not pass go, do not collect $200

I’m Jason Firth.

I don’t make it a habit of commenting on local news stories, but this one really got under my skin: A car dealership demanded additional money from a customer after the sale concluded, and when the purchaser refused to comply, they remotely disabled the vehicle.

A consumer rights organization spoke to consumer rights law, but let’s call a spade a spade here: this is a criminal act. Someone should be going to jail over this.

Perhaps you think I’m being melodramatic about this, but hear me out. This dealer accessed computer equipment they had sold — equipment they no longer owned and were not authorized to access. They did so for the express purpose of following up on a threat they’d made: “either pay us, or we will hack and disable your vehicle.”

This is exactly the modus operandi of the WannaCry hackers. They took over systems they did not own, and issued an ultimatum: pay us or lose access to these systems we do not own.

Besides the thinnest veneer of respectability, there is no difference between the two.

Well, there is one difference, but it is without distinction for legal purposes: whereas the WannaCry hackers had to force their way into systems, the auto dealership left a bomb in the car they once owned.

On a few occasions, disgruntled former employees have used old usernames and passwords to get into the systems of former employers. It’s still very illegal and the fact that they had a username and password does not mean they are magically authorized to enter systems for which they no longer have reason to enter.

Both the WannaCry hackers and disgruntled former employees would go to jail for their crimes. The responsible people at this dealership ought to as well.

In the grand scheme of things, this should also be a warning to those of us who are in charge of digital systems: if a car dealership can commit extortion, if they can use a trap well laid to demand more money, then so can former employees. It’s important then to make sure you revoke permissions immediately when people leave the company, and do routine audits to find hidden bombs before they can turn into a threat down the line.

Thanks for reading!