Spear phishing

So I got a call at my work number today…

“Can I talk to George Burgyan?”

“Speaking.”

“I’m calling on behalf of Bank of America. I need to speak to you about your N 83rd Street property, but first I need to verify that I’m talking to the right person; can you verify the last four digits of your social security number?”

“No. You called me. May I ask what this is regarding?”

“Your property on N 83rd Street. May I get the last four digits of your social security number?”

“No. Can you email me what this is regarding?”

-click-

Warning: Do not give personally identifiable information to someone that calls you.

Later, before I left I got the same call. This time I was clear that I wanted to get a URL that had a callback number that I could verify was actually from Bank of America.

“800-669-0102″

Google that. Here, I’ll help.

Scam city.

No reference on B-of-A’s site either. Figures.

If someone calls asking for personal info to “verify,” don’t do it. They called you, you need to verify them!

Teardown Tuesday: Xenon HID Ballast

I was hoping to have more insight into this… but there’s too much potting to make it worth the hassle.

To make a long story short, my headlight died on my bike a couple weeks ago. I’ve replaced the headlights with HID lights. Shh… don’t tell the authorities. I have to say that they are a crapload better than the original halogen bulbs.

Well, there’s three things that can go wrong:

  1. Power isn’t being fed to the assembly
  2. The ballast took a crap
  3. The bulb burned out

Given that I have two of everything (also swapped the high beam) it makes the diagnosis easy.

I just unplugged the high beam’s ballast and attached it to the running light and it lit up fine. I also measured the voltage at the source and sure enough I had 13.8V just the way it should. The ballast it was. Until the replacement showed up I swapped things around so I had a working running light and the dead ballast was attached to the high beam.

Since then I got a new ballast and here’s the old, dead one.

That’ll knock you on your ass. Watch out.

Being an automotive thing, everything will be potted to hell. Same with the back side:

The gap in there isn’t anything to worry about. There was an additional backing board that was sealed to silicon potting stuff.

A bit of screwdriver work freed up a bit. Nothing of real interest down on the ass-end of the board. The only things that are mildly interesting are the long, non-solder-masked traces that got hit with the wave solder to increase the current carrying capacity of the traces.

There’s an isolation slot cut in there as well to separate the high (23KV) section from the low voltage side on the left.

Interesting. There’s a PIC16 on the riser board. No doubt this guy is running the show.

In many ways it’s interesting to see that everything has a microcontroller in it now. I was looking around for an in-circuit programming connector but I can’t see one at first glance. I wonder if I could pull the programming off the chip itself. Hmmm… Here’s the data sheet for the PIC16F716 in case you’re interested.

Connected on through to the final GIANT output inductor (the big box with the wires coming out) is a bank of four IRF840A power MOSFETs. I would have expected them to be ganged up in parallel, but from an examination of the board it seems that’s not the case. There’s another small riser board next to them that control each of the gates individually. Go figure.

The flow, as best I can tell, goes something like this:

  1. Input
  2. Filtering caps
  3. First stage boost converter running through the transformer
  4. A bit more filtering
  5. High power MOSFETs driving the final…
  6. Inductor/capacitor module to provide the high voltage output

All orchestrated by the microcontroller.

Sorry that I don’t have more info. I was hoping it would’ve been more interesting, but I didn’t really know what to expect.

  • IMG_0539IMG_0540IMG_0541IMG_0542IMG_0543IMG_0544IMG_0545IMG_0546IMG_0547IMG_0548IMG_0549IMG_0551IMG_0553IMG_0555IMG_0556

Taking for granted

The weekend had an interesting event happening: the Geocaching Block Party.

It was just down in Fremont and Ennie and I decided to head over there. It was an uneventful ride over on the #5 bus that stops on Greenwood more-or-less at the end our street.

The web site said something about vendors and food trucks and such. No problem. There are plenty of similar things that happen all over town here in Seattle.

We arrived to a far bigger crowd than we could have anticipated.

The lines for preregistered folks filled the courtyard of Adobe building. In line we heard bunches of languages other than English. Wandering around and getting some of the caches (which were way easier to find when there’s a line waiting to fill the logbook) we talked to a guy from Florida.

It was as though this was a pilgrimage to the center of the universe. (Well, it was if you believe the signs that Fremont is in fact the center of the universe) Shirts from all over. Many from geocaching events. Some from previous years of the block party “Geocaching HQ — Been there.”

After we nabbed a few of the caches we walked up past the troll and caught the #5 back home.

Sometimes it’s really easy to take all the awesomeness of living in a real city for granted.

A blast from the past – ComparisonMarket edition

Last week I fired up my Parallels VM running Windows 7 and launched Firefox.

This is an old VM. I’ve been toting around since 2010 and has jumped from machine to machine several times. This is it’s most recent incarnation running on my iMac.

What popped up surprised me.

A lot.

The last time I used Firefox on this VM was back some time in 2011 I’m guessing. Firefox was still version 6. (It’s up to version 31 as I write this) I was working at QuinStreet at the time and I suppose I was working on something for that.

Up came this screen:

I’m quite certain this brings back memories for a lot of people.

While I’m not a huge fan of QuinStreet, I’m also not going to be a dick and post the actual URL of the server’s debug page. People that worked on the system I’m sure can guess since it wasn’t a secret even when I was at ICOM. (You can’t really do anything bad with it, just start quotes.)

Honestly, I’m surprised it’s still exactly the same — and still up.

This is one of the first things we coded when we started working on what was then called ComparisonMarket. It started off life as an ASP page, then a few years later it morphed into an ASPX. The interface stayed exactly the same though because we didn’t want to mess up anyone that was testing using that page.

I remember working on all of the features listed on it.

It just feels like a creepy time capsule in a way.

Employment vs. minimum wage: A re-analysis

An interesting article was brought to my attention in a comment from a week ago. I finally had the chance to analyze the data myself.

The thing that struck me is that the top two states with job growth didn’t have changes to the minimum wage (California and Nevada), while the state with the highest job loss (New Jersey) did have changes to the minimum wage. Something really wasn’t adding up.

Not just that but there are the big states that didn’t change the minimum wage went up fastest. California went up hugely — and it itself is huge. Comparing a behemoth like California to something like Washington DC or Rhode Island is stupid and best and outright contortion of data into lies at worse.

Similar stupid things can be done on the other side of the argument. Look, 31 states that didn’t raise minimum wage by saying things like the state with the highest job loss also messed with the wages. Data taken out of context is lies.

So, basically I used Mathematica to analyze the data by enriching it with population data from the US Census and computing a weighted-mean of the data and came up with an interesting result — the opposite of what the original article reported.

With a population-weighted calculation, states that did not increase the minimum wage at a 1.02% increase in employment compared to 1.00% increase in states that did increase the minimum wage. Yes, it’s close, but it still is the reverse of the original article.

I call bullshit.

Here’s my analysis of employment data as a PDF, HTML, or a fully editable CDF for you play with as well if you have Mathematica at your disposal. All of the work is shown for your convenience.

The moral of the story is that one needs to be aware of what spin is being put on data before you can really believe the analysis that you’re reading.

TL;DR: There are lies, damn lies, and statistics – be careful what you believe.

What makes a programmer

Most people out there can learn to program computers. For the most part this isn’t really rocket science. Sure, when you’re getting into some of the stranger parts of programming like language or operating system design — design in general I suppose — or similar things you can wind up with a different answer.

Today I’m talking about the standard run-of-the-mill programmer, not the lead architect of a project.

I think the difference between a programmer and a non-programmer is patience.

Much of programming is figuring out why something doesn’t work rather than getting it to work in the first place. A lot of time is also spent verifying that what’s been written works like it should — both automated and manual testing is tedious work.

Programming is all about being able to work through the tedium and get stuff done despite the frustration.

Like I said, designing and architecting systems is a different ball game. There’s plenty of classical training that goes into that, but even this isn’t that hard when it comes down to it. It’s learning what works and what doesn’t work over a lot of time. It’s like being a mechanic working on an engine; you just learn over time what feels right and got with it.

Most of this (again with some exceptions) isn’t a science — even if colleges call it “Computer Science.”

Carte blanche

At work we’re getting to a point where we have some R&D we have to do — with an emphasis on the R.

Whenever you do things that are fundamentally new in an environment you’re in a state of flux. You don’t have guide-posts to mark your way; the path isn’t well trodden.

You have free reign to figure out the best way of getting things done. It’s between you and your team against the environment.

It’s fun.

It’s not turning the crank or digging ditches. It’s figuring out where you want to go. Sure, ditches will have to get dug along the way, but that’s normal.

It’s exciting to be the ones breaking new ground.  :-)

Matilda

I grew attached to my bike on my trip.

Like, really attached. It got me through some interesting times.

Up until now she didn’t have a name. Ennie called her Moto, but that’s like calling a cat “Kitty.”

She has a name now: Matilda.

From Etymonline (awesome by the way!):

fem. proper name, from French Mathilde, of Germanic origin, literally “mighty in battle;” compare Old High German Mahthilda, from mahti “might, power” + hildi “battle,” from Proto-Germanic *hildiz “battle,” from PIE *kel- (1) “to strike, cut.” The name also was late 19c. Australian slang for “a traveller’s bundle or swag,” hence the expression waltzing Matilda “to travel on foot” (by 1889).

In my electorate nearly every man you meet who is not “waltzing Matilda” rides a bicycle. ["Parliamentary Debates," Australia, 1907]The lyrics of the song of that name, sometimes called the unofficial Australian national anthem, are said to date to 1893.

I think it fits quite well.  :-)

I got thinking from the Waltzing Matilda song — from Nova, et. al.

It even fits from a different perspective. She’s my Matilda from the meaning of the song — my companion. Maybe I’m not traveling by foot, but I’m traveling none-the-less.

Matilda
a romantic term for a swagman’s bundle. See below, “Waltzing Matilda”.

Yeah. It fits.

Even if it took five years, she finally has a name.

I fixed Matti’s headlight today after work — the ballast of the Xenon went bad and I replaced it with a new one. See: it works.

Stuff

There’s the super funny George Carlin routine about stuff.

One thing I’ve noticed about myself is that as time is going on I’m getting more stuff.

This isn’t really interesting in and of itself.

The thing I’m noticing is that while I’m getting more stuff, the stuff that I do have it getting more compact. At the same time while I’m keeping the stuff volume at least constant, the amount of space I have to store the stuff is going up.

It’s a strange graph in a way.

If I look back 15 years I had stuff piled up everywhere.

Now, I’m having far fewer piles of stuff and things are slowly getting more organized.

Some part of this is that the stuff is slowly converting from physical goods to something that can be held in the digital domain.

This is a god-send for me. Digital stuff is so much smaller.

The reason I started thinking about this is a visit to Ikea over the weekend. I got two big (Billy) bookcases to replace two smaller ones in my office I have perhaps 10 feet of extra shelf space.

At the same time I’m starting to further cull my collection of books.

The two adding up makes for a happy George.

I can start to find things again.  :-)

I got a dresser as well — a “big boy” dresser as Ennie puts it — to replace my small boyhood one. I can put away my clothes properly (well, when I get it together at least) and my closet will become less crammed.

Less stuff in more space.

Like I said… this is a good thing!

How to be conspicious

We heard quite a ruckus last night coming from the next street over.

Then we saw a metro bus head north on Linden. This is odd. Buses don’t run on that street.

As we walked up to 84th and sure enough all of Seattle’s police force seemed to have showed up. Talking to some of the folks on the sidewalk were saying that there was a girl under a sheet in the street. Sure enough, as we walked further down there was someone under a blanket. At first we thought the worse, but she was moving so at least she wasn’t dead.

We also heard a bus was involved in the situation along with an SUV and that they might be looking for another suspect. Rumors were that this was stolen car that was crashed.

Walking up another street to 85th sure enough there was a bus, a Cadillac Escalade, and a smashed Subaru going the wrong direction on 85th wedged between the SUV and bus. We managed to talk to the driver of the Escalade. Turns out that a woman stole a Subaru and turned westbound onto 85th on the wrong side of the road — into him. He was OK, but a bit shaken up from the incident.

Here’s where it gets weird.

The driver got out of the stolen Subaru, took off her black and white striped dress (!!) and ran up the street to Linden and started banging on people’s’ doors. She eventually ran down 84th where she was apprehended by the police and taken off in an ambulance.

“Describe the suspect for us.”

“Naked.”

Yeah… that’s a good way to get found in a hurry.

That also explains the blanket over her.

%d bloggers like this: