Hard to say. Last time I went to war, my air wing lost 90 fighter planes in 90 days. That's a plane a day from just one base.
Defense Secretary Gates has decided to stop the F22 program at 187 planes. He is going to shut down the F22 production line, which means no more F22's, ever. Gates feels that the F22 is too expensive ($150 million each) and too specialized (only does air-to-air) and not needed going up against the likes of Iran. All this is true.
On the other hand, going up against a more up to date enemy (China? Russia?) we will need F22's. F22 is the hottest fighter in the world, every one fears going up against it. The Japanese want to buy it. Exercises have F22 gaining a 30:1 kill ratio against every other fighter.
To win, or even survive, a war, air superiority is everything. Air superiority means our helicopters, transports, and close air support aircraft can fly where they please, and our ground forces don't have to worry about getting bombed and strafed. It means the enemy's helicopters, transports, and close air support gets shot down by our fighters.
F22 delivers air superiority. Until we run out of them.
Maybe we could fund more F22's out of the $787 billion Porkulus bill? Aircraft production is real economic stimulus.
Saturday, April 11, 2009
Thursday, April 9, 2009
US electrical system hacked by enemies
Yesterday the WSJ kicked up a storm with a front page article stating the US electrical grid computers have been infiltrated by spyware and trojan horse malware, sent by URL's located in Russia and China. The article went on to warn that in case of war enemy nations would be able to turn out the lights all over the country. Or even worse, disable automatic protection systems and cause equipment to self destruct. Just turning out the lights can be life threatening in heating season. Damaged heavy equipment can take years to replace.
To be that vulnerable requires three blunders by utility engineers. First is excessive automation, too many unmanned plants, remotely controlled. Second is connection to the public internet, and third is using Windows computers.
For instance, I know of a remote controlled gas turbine generator in Peabody MA. They turn it on, and turn it off from a control room located miles away. Proper design would route the control signals over a private line, say a fiber optic line hung off the power poles. That way, a malicious hacker has to climb a pole, and splice a tap into a glass fiber with the wind whistling past his ears. Not so comfy as working a mouse in the comfort of an air conditioned computer room.
If the utility bean counters forced engineering to use the public internet, 'cause it's cheaper than stringing a few miles of fiber optics, then the system is vulnerable. State utilities regulators ought to check on this sort of dangerous cheap cut. As a rule, no connection to the public internet should be allowed for any operational systems.
Second rule, never use Windows for any industrial control system. Windows is not real time. It will not service interrupts while other programs are running. Should a program lock up (fairly common) , interrupts are locked out and emergencies like fire, overheat, over current, over speed, name-your-own-disaster will not get serviced. Plus, Windows is a server operating system with dozens of external entry points that allow remote users to request the "load and execute this program" service. Windows is so eager to serve that any teen aged hacker can take it over and make it do anything he wants. No experienced engineer would ever entrust anything important to Windows, but the company bean counters might force him too. Windows computers, despite their many flaws, are still the cheapest way to go.
Bottom line. It ain't hard to make the electrical grid immune to hackers. It won't cost all that much, compared to the price of a couple of new generating plants. Public utility commission should enforce the rules against use of the public internet and the use of Windows.
To be that vulnerable requires three blunders by utility engineers. First is excessive automation, too many unmanned plants, remotely controlled. Second is connection to the public internet, and third is using Windows computers.
For instance, I know of a remote controlled gas turbine generator in Peabody MA. They turn it on, and turn it off from a control room located miles away. Proper design would route the control signals over a private line, say a fiber optic line hung off the power poles. That way, a malicious hacker has to climb a pole, and splice a tap into a glass fiber with the wind whistling past his ears. Not so comfy as working a mouse in the comfort of an air conditioned computer room.
If the utility bean counters forced engineering to use the public internet, 'cause it's cheaper than stringing a few miles of fiber optics, then the system is vulnerable. State utilities regulators ought to check on this sort of dangerous cheap cut. As a rule, no connection to the public internet should be allowed for any operational systems.
Second rule, never use Windows for any industrial control system. Windows is not real time. It will not service interrupts while other programs are running. Should a program lock up (fairly common) , interrupts are locked out and emergencies like fire, overheat, over current, over speed, name-your-own-disaster will not get serviced. Plus, Windows is a server operating system with dozens of external entry points that allow remote users to request the "load and execute this program" service. Windows is so eager to serve that any teen aged hacker can take it over and make it do anything he wants. No experienced engineer would ever entrust anything important to Windows, but the company bean counters might force him too. Windows computers, despite their many flaws, are still the cheapest way to go.
Bottom line. It ain't hard to make the electrical grid immune to hackers. It won't cost all that much, compared to the price of a couple of new generating plants. Public utility commission should enforce the rules against use of the public internet and the use of Windows.
Wednesday, April 8, 2009
The ghost of Computer Associates EZ Trust anti virus
A blast from the past. Now when the kid's laptop boots up, it whines that EZ Trust antivirus is out of date and your computer is at risk, and the sky is falling. Back when the kid's laptop was new (maybe five years ago) EZ trust was the family anti virus, mostly because it had a cute picture on the box and was cheaper and less flakey than Norton. We gave up on it when it failed to update after a year, even after charging my Mastercard for a new year's subscription. Then the maker, Computer Associates got into some dreadful scandal that made the Wall St Journal.
So, five years later, some trace of the old antivirus is still lurking in the depths of the hard drive and the registry. A google for "EZ Trust Registry" brought up a raft of hits several of which gave good clear instructions for cleaning EZ Trust off for good. There were nine disk files to delete and a couple of registry keys. Some of the disk files were in use, and Windows Explorer refused to delete them, but a trick file zapper (GiPo_Moveon_Boot) took care of that. I made several passes with regedit looking for "virus" and "EZ Trust" and deleting every key that referred to EZ Trust. There were a lot of them.
Next I tried to go on line to make this blog post. Arrgh, Internet is dead. I reseated the network cable, powered cycled the cable modem, and futzed around. Then I tried a "repair connection" option inside Internet Explorer. Bingo, pay dirt. IE reported a layer in the network stack with an EZ Trust name was bad and would it be OK to remove it? I quickly clicked "yes" and every thing started working. In fact the computer is livelier than before.
Lessons learned. Antivirus programs suck up ridiculous amounts of CPU time and burrow deep into Windows. They don't remove cleanly, you have to clean up after them.
So, five years later, some trace of the old antivirus is still lurking in the depths of the hard drive and the registry. A google for "EZ Trust Registry" brought up a raft of hits several of which gave good clear instructions for cleaning EZ Trust off for good. There were nine disk files to delete and a couple of registry keys. Some of the disk files were in use, and Windows Explorer refused to delete them, but a trick file zapper (GiPo_Moveon_Boot) took care of that. I made several passes with regedit looking for "virus" and "EZ Trust" and deleting every key that referred to EZ Trust. There were a lot of them.
Next I tried to go on line to make this blog post. Arrgh, Internet is dead. I reseated the network cable, powered cycled the cable modem, and futzed around. Then I tried a "repair connection" option inside Internet Explorer. Bingo, pay dirt. IE reported a layer in the network stack with an EZ Trust name was bad and would it be OK to remove it? I quickly clicked "yes" and every thing started working. In fact the computer is livelier than before.
Lessons learned. Antivirus programs suck up ridiculous amounts of CPU time and burrow deep into Windows. They don't remove cleanly, you have to clean up after them.
A mouse in the house
After getting the kid's old laptop to play, I needed a real mouse. The usual laptop built in thumb pad is a pain to use, and this one way getting flakey, it occasionally left clicked all by itself with unfortunate consequences, like accidental file deletion. So I grabbed the mouse off the dying desktop. No go, lap top doesn't have a mouse port to plug it into. All it has are USB ports.
USB was supposed to replace the keyboard port, the mouse port, the speaker& mike ports, and the printer port thus saving five electrical connectors on the back of the laptop. One trouble with this plan. USB doesn't work until Windows boots all the way up. If for some reason Windows croaks, your keyboard is dead, making it impossible to boot from a recovery disk, program the BIOS, run diagonostics, and in general try to fix the problem. Lesson learned. Don't buy a desktop that lacks a real keyboard port.
Anyhow, the old standard mouse won't plug into USB, I needed a USB mouse. So ho off to Staples (the only vaguely electronicky place up here) to buy a mouse. Staples had a regular house house with a dozen different mice. I settled for the cheapest $15 mouse from Logitech. I passed on the fancier wireless mice costing as much as $99. Plugged in the new rodent and lo and behold, it works. Windows carries the code to work USB mice as well as standard mice, and Logitech had followed the standards closely enough for it's mouse to work with Microsoft's software.
Next step, read the instructions, printed in English French Spanish and Lower Slobbovian. The instructions promised a mouse powered orgy if only I would download Logitech's mouse driver package. Being somewhat stupid, I Firefoxed out to the Logitech website and looked for the driver. Logitech has been making mice for many years, and the download page offered pictures of about 100 different mice. Just pictures, no part numbers. On the internet all mice look alike. I began to doubt the wisdom of proceeding when I found out the driver (Setpoint 4.72) was a 52 megabyte file. That's bloatware supreme for a mouse driver.
Doubt rose higher as the install took a good 15 minutes. After the install finished the laptop slowed down. A lot. Bad sign. Plus, all that Setpoint 4.72 offered was to switch the left and right mouse buttons, not something anyone in their right mind wants to do. So, bring up "install and remove programs" and try to remove the mouse driver. All that did was cause failure messages saying the driver could not be removed until Windows had been rebooted. Arrgh.
At least, the reboot worked, I was able to blow Setpoint 4.72 into the big bit bucket in the sky.
That's the last mouse driver I'm ever gonna download.
USB was supposed to replace the keyboard port, the mouse port, the speaker& mike ports, and the printer port thus saving five electrical connectors on the back of the laptop. One trouble with this plan. USB doesn't work until Windows boots all the way up. If for some reason Windows croaks, your keyboard is dead, making it impossible to boot from a recovery disk, program the BIOS, run diagonostics, and in general try to fix the problem. Lesson learned. Don't buy a desktop that lacks a real keyboard port.
Anyhow, the old standard mouse won't plug into USB, I needed a USB mouse. So ho off to Staples (the only vaguely electronicky place up here) to buy a mouse. Staples had a regular house house with a dozen different mice. I settled for the cheapest $15 mouse from Logitech. I passed on the fancier wireless mice costing as much as $99. Plugged in the new rodent and lo and behold, it works. Windows carries the code to work USB mice as well as standard mice, and Logitech had followed the standards closely enough for it's mouse to work with Microsoft's software.
Next step, read the instructions, printed in English French Spanish and Lower Slobbovian. The instructions promised a mouse powered orgy if only I would download Logitech's mouse driver package. Being somewhat stupid, I Firefoxed out to the Logitech website and looked for the driver. Logitech has been making mice for many years, and the download page offered pictures of about 100 different mice. Just pictures, no part numbers. On the internet all mice look alike. I began to doubt the wisdom of proceeding when I found out the driver (Setpoint 4.72) was a 52 megabyte file. That's bloatware supreme for a mouse driver.
Doubt rose higher as the install took a good 15 minutes. After the install finished the laptop slowed down. A lot. Bad sign. Plus, all that Setpoint 4.72 offered was to switch the left and right mouse buttons, not something anyone in their right mind wants to do. So, bring up "install and remove programs" and try to remove the mouse driver. All that did was cause failure messages saying the driver could not be removed until Windows had been rebooted. Arrgh.
At least, the reboot worked, I was able to blow Setpoint 4.72 into the big bit bucket in the sky.
That's the last mouse driver I'm ever gonna download.
Monday, April 6, 2009
Porting Thunderbird
Computer started dying last week. It had enough life left to back stuff up to CD before giving up the ghost. Luckily I had a spare computer, in fact, several of them, laptops abandoned by the children when they bought new. There was an HP unit that seemed to have a bit of life left in it. It was sluggish and out of disk space, but after removing a zillion games, Dragon Naturally Speaking, and running Windows Update for hours and hours, it became much more usable.
So, mission for the day, get my back email, my address book, my filters, and signature block off the CD's and into Thunderbird on the new machine. Thunderbird wants to serve multiple users, keeping each user's email and address books separate. To make this happen, Thunderbird keeps everything associated with a user in the user's private file space. So, with Explorer, cruise out to the C drive Documents and Settings/your_own_name/application_data/Thunderbird. Sometimes "Mozilla Thunderbird"
Go down one more level to "Profiles". On the old machine, copy "profiles" and all it's subdirectory out to CD to make the trip to the new machine. Under "Profiles" there will be one, maybe more, directories with computer generated names. If just one, your have found it, If more than one, you have to find the one containing your up-to-date stuff. Check the date stamps inside the directories or look inside a file profiles.ini in the "profile" directory.
On the new machine, install Thunderbird, and examine the "profile" directory it creates afresh. You should be able to now copy the computer generated name sub directory off the CD and into the new "profiles" directory, edit the file pointer in the "profiles.ini" file to point to the newly imported subdirectory and be done with it.
For some reason this didn't work. Each time I tried it, Thunderbird would get sick and refuse to start. The winning strategy is instead to copy the important files off the CD and into the newly created computer generated name directory. File abook.mab is your address book. Your various mail pouches (inbox, trash, sent, etc) are represented by pairs of files e.g. inbox and inbox.msf. You now copy the pairs of files off the CD onto the hard drive. Be sure to get msgfilterRules.dat off the CD if you use message filters.
After four hours of trial and error I got my old address book, with it's mailing lists, barrels of old mail, and all the message filters up on the new machine. My tricky signature file with a pointer to this blog got lost somewhere, but the rest of the stuff works. The message filters needed editing of their target mail pouch after the move.
So, mission for the day, get my back email, my address book, my filters, and signature block off the CD's and into Thunderbird on the new machine. Thunderbird wants to serve multiple users, keeping each user's email and address books separate. To make this happen, Thunderbird keeps everything associated with a user in the user's private file space. So, with Explorer, cruise out to the C drive Documents and Settings/your_own_name/application_data/Thunderbird. Sometimes "Mozilla Thunderbird"
Go down one more level to "Profiles". On the old machine, copy "profiles" and all it's subdirectory out to CD to make the trip to the new machine. Under "Profiles" there will be one, maybe more, directories with computer generated names. If just one, your have found it, If more than one, you have to find the one containing your up-to-date stuff. Check the date stamps inside the directories or look inside a file profiles.ini in the "profile" directory.
On the new machine, install Thunderbird, and examine the "profile" directory it creates afresh. You should be able to now copy the computer generated name sub directory off the CD and into the new "profiles" directory, edit the file pointer in the "profiles.ini" file to point to the newly imported subdirectory and be done with it.
For some reason this didn't work. Each time I tried it, Thunderbird would get sick and refuse to start. The winning strategy is instead to copy the important files off the CD and into the newly created computer generated name directory. File abook.mab is your address book. Your various mail pouches (inbox, trash, sent, etc) are represented by pairs of files e.g. inbox and inbox.msf. You now copy the pairs of files off the CD onto the hard drive. Be sure to get msgfilterRules.dat off the CD if you use message filters.
After four hours of trial and error I got my old address book, with it's mailing lists, barrels of old mail, and all the message filters up on the new machine. My tricky signature file with a pointer to this blog got lost somewhere, but the rest of the stuff works. The message filters needed editing of their target mail pouch after the move.
A Model Sunday
The Ammonusuc Valley Railway Association has a modular HO layout. We accepted an invitation from the Lebanon train Show to bring the layout to the show. So, the clock radio starts yakking at me to get up at 5:30 Sunday morning. It's still dark. And snowing. Had to brush 1/2" of the white stuff off the car. Global warming at work. Got down to Lebanon at 8 and the rest of the club plus the trailer full of layout all arrived just about then. It being mud season, we couldn't back the trailer up to the back door, it would have sunk. Everything had to be hand trucked in the front door and down the corridors to the show room. Good thing they put in those wheelchair ramps, they are much easier to get up with a hand truck than the front stairs.
They let the showgoers in by 10. We had the layout mostly running by 10:30. We gotta get a new level, the one in the club tool box reads different amounts of tilt depending upon which way up you set it.
Had a fair turnout on the customer side, a little lighter than on the dealer side. I shopped around and picked up some minor stuff. I looked at structure kits for a hundred dollars, (too pricey for me) found some decals, some rolling stock, and called it a day. By the time we got the layout taken down and drove home it was 6:30. Time for a fire and a drink.
They let the showgoers in by 10. We had the layout mostly running by 10:30. We gotta get a new level, the one in the club tool box reads different amounts of tilt depending upon which way up you set it.
Had a fair turnout on the customer side, a little lighter than on the dealer side. I shopped around and picked up some minor stuff. I looked at structure kits for a hundred dollars, (too pricey for me) found some decals, some rolling stock, and called it a day. By the time we got the layout taken down and drove home it was 6:30. Time for a fire and a drink.
Thursday, April 2, 2009
What does Fox News have against Mark Gettlefinger?
Glenn Beck (and others) have been calling for Gettlefinger to be fired just like Rick Wagoner was.
But why? Gettlefinger's job is to extract the most possible money from the auto companies for his UAW workers. He's been quite effective at it. With the auto makers teetering on the verge of bankruptcy, Gettlefinger's UAW has made some concessions. The concession probably aren't enough, yet, but Gettlefinger's job is keep his people's paychecks and fringe bennies up, not to save GM or Chrysler. Just cause he can play harder hardball than the GM weenies, doesn't make him a bad guy.
But why? Gettlefinger's job is to extract the most possible money from the auto companies for his UAW workers. He's been quite effective at it. With the auto makers teetering on the verge of bankruptcy, Gettlefinger's UAW has made some concessions. The concession probably aren't enough, yet, but Gettlefinger's job is keep his people's paychecks and fringe bennies up, not to save GM or Chrysler. Just cause he can play harder hardball than the GM weenies, doesn't make him a bad guy.
Subscribe to:
Posts (Atom)