While trying to debug a site today (thanks to CloudFlare's Anti-DDoS blocking my customers from using anonymous/private mode browsing,) I discovered that CloudFlare's anti-DDoS measures will actively kill any instance of Firebug running in your browser. As a web developer, I find this pretty annoying. As a site administrator, I find their lack of respect for my customer's privacy appalling. But what I find even worse, is that CloudFlare is actively modifying my computer programs and how they operate, without any expressed permission or knowledge. Is this by any chance a potential CFAA violation?

The very man that taught me healthy cooking, my father, is now having to take healthy cooking advice from me in order to manage Type-II diabetes.

It hurts, and the irony is straight shitty. You'd think the old man would know better.

Guess alcohol affects us all in various ways. I know I'm a shit drunk.

Lately, I'm seeing more and more "reign in" on Slashdot and I've got to say, I'm disappointed.

Then-PFC, now-SGT Bergdahl may in fact have deserted his post. There are certainly credible accusations to that effect, and if so, then he should be tried and convicted for the crime. But it's a whole lot easier to investigate those charges with him here, and we don't let the Taliban mete out justice for us.

The military idea of "taking care of your own" has a lot of different aspects. Holding the line and leaving no one behind are obvious; less obvious, perhaps, is that our people are ours. Loon or no, deserter or no, even traitor or no, whatever else Bowe Bergdahl may be he is someone who raised his right hand and took the oath, and that means that whatever reward or punishment he receives is ours and ours alone to give.

It astonishes me sometimes, having at this point been out of the service several more years than I was in it, how strong and pure those ideas still are in my head: how much "us" the profession of arms still is to me, and I suppose always will be. I'm a civilian and happy to be one now, but both the infantryman and the medic are still very close to the surface. The latter is concerned mainly with bringing back the wounded--and the former is ready, willing, and perhaps even eager to kill anyone who stands in the way of that mission.

Whatever else we did, whatever else we may do, we had to bring him home.

I need a new system on which to run asterisk, bonus points if I don't have to configure it from scratch. I'd like to spend less than $200 (ideally I'd pick up something used if necessary for $100) but I have storage devices available, whether CF, SD, USB, or what have you. It can have wireless, but it doesn't have to because I have a routerboard for that. I have found my pogoplugs to be unreliable at best.

[cranky rant warning]

"Lies, damned lies, and statistics." It's coming up again with depressing frequency, being used as an argument instead of a snide observation.

Okay, here's the thing. Can you lie with statistics? Sure. Statistics is a branch of mathematics*, and math is a language; you can lie in that language as easily as in any other. Does this mean all statistics are lies? No more than all statements in any language are lies--and if you believe that, you've gone so far down the rabbit hole of anti-intellectual mysticism that you'll probably never find your way out.

Meanwhile, in the real world, and in the ever-expanding torrent of data we have about that world, statistics as a discipline is pretty much the only hope we have of understanding anything. The low-hanging fruit has been picked. The equations we learn in Physics 101 are as valid as they ever were, but they're not nearly enough. No matter how certain you think you are, no matter how many times you repeat your experiment and get the same result, if you don't do the statistical tests you don't actually know whatever it is you think you know. And if you do the tests--well, you may still be wrong, but you can at least quantify your uncertainty. And you have to do that, because you can always be wrong.

None of this is meant to defend the misuse of statistics, any more than as a writer I'd defend the misuse of natural language. People can and do wilfully misinterpret statistics, or cherry-pick them, or just outright make them up, and those are bad things. Guess what? They do that with every other kind of statement too. At least half of statisticians' job is fact-checking, and it's a charge we gladly accept.

So the next time you're tempted to say "lies, damned lies, and statistics," or "figures don't lie but liars figure," or "correlation does not imply causation" or any of its variants, or post the umpteen-thousandth link to "How To Lie With Statistics," and think you're being clever--please, just stop. Because one thing I am so sure of that I don't even need to put a p-value on it is that if you feel the need to resort to any of those lazy, thought-free responses, you don't know enough about the issue at hand to have an informed opinion, and the best thing you can possibly do for yourself and everyone else is to keep quiet.

*Opinions vary on this issue, but if statistics isn't exactly a branch of mathematics, we can at least say that math is the language in which it's written.

Well, Soylent decided to rub me the wrong way.

Anyone want 26 vulnerabilites, POC, and sample code to what their site runs on, with full VM pre-loaded with POC and code snippets for testing?

My old Coleman 5324 CFL lantern had the bulb die (ballast still good.)

However, I did not want to go back to the horribly inefficient CFL it used.

So I slammed in an MK-R LED with a heat sink.

https://www.youtube.com/watch?v=YeEWvM2WbL8

This weekend, I'll be making a test video from the top of the nearby mountain. I'm going to try to spotlight my camera at my apartment while atop that mountain, and compare it to other light sources, like the LED on the iPhone 4S.

I've not been posting on Slashdot much this week, because I've been trying out Soylent News, which is using (and old version of) Slashcode (with some improvements) and lacks corporate overlords. It seems to have captured most of what I like about discussions in Slashdot, although is suffering slightly from not having nearly as many active users (50 or so comments is still the norm and it probably needs 100+ to be sustainable).
If you've not visited yet, I'd recommend giving it a go.

I'm TheRaven over there.

http://soylentnews.org

We're finally open!

What else can I say? Simple, easy wall AC-LED drive has been achieved.

http://imgur.com/VmXBM4O

12V was the first step. This is ~105V. POC done.

To whom it may concern:

A while back, I was invited to take a look at the Slashdot beta. I looked at it and quickly decided that it was too painful to use, and hoped (vainly, I knew) that it would die a quiet death. Today, when logging into Slashdot, I was greeted with this cheery message:

MOVIN' ON UP. You are on Slashdot Classic. We are starting to move into new digs in February by automatically redirecting greater numbers of you. The new site is a work in progress so Classic Slashdot will be available from the footer for several more months. As we migrate our audience, we want to hear from you to make sure that the redesigned page has all the features you expect. Find out more.

In other words, we have here all the signs of a corporate "beta" site that will be rolled out regardless of user reaction. Let me be quite clear: "all the features I expect" are already on Slashdot (what you're adorably calling "Classic"). It works. It's not broken. Don't try to "fix" it, because the proposed "fix" irrevocably breaks the entire Slashdot look and feel.

When the beta becomes the only option (and I know it's almost certainly "when" at this point, not "if") Slashdot will become a ghost town. You will have killed what was once one of the most lively, interesting, and important sites on the web. I've loved this site for fifteen years now, but I'm not going to make myself suffer for the zombie wreck of something that used to be great.

Sincerely,
Daniel Dvorkin
UID 106857

To whom it may concern:

A while back, I was invited to take a look at the Slashdot beta. I looked at it and quickly decided that it was too painful to use, and hoped (vainly, I knew) that it would die a quiet death. Today, when logging into Slashdot, I was greeted with this cheery message:

MOVIN' ON UP. You are on Slashdot Classic. We are starting to move into new digs in February by automatically redirecting greater numbers of you. The new site is a work in progress so Classic Slashdot will be available from the footer for several more months. As we migrate our audience, we want to hear from you to make sure that the redesigned page has all the features you expect. Find out more.

In other words, we have here all the signs of a corporate "beta" site that will be rolled out regardless of user reaction. Let me be quite clear: "all the features I expect" are already on Slashdot (what you're adorably calling "Classic"). It works. It's not broken. Don't try to "fix" it, because the proposed "fix" irrevocably breaks the entire Slashdot look and feel.

When the beta becomes the only option (and I know it's almost certainly "when" at this point, not "if") Slashdot will become a ghost town. You will have killed what was once one of the most lively, interesting, and important sites on the web. I've loved this site for fifteen years now, but I'm not going to make myself suffer for the zombie wreck of something that used to be great.

Sincerely,
Daniel Dvorkin
UID 106857

I figured out a simple way to make DC-operated LEDs work from AC. Most people suggest using a bridge rectifier. Why not make the LEDs the rectifier itself?

So I salvaged some LEDs from old damaged panels, and used them to create a rectifier. However, I used a 12VAC 200mA max wall wart, not 120VAC from the wall (I did not want to wire up four 120V strings of LEDs plus resistors and a smoothing cap for flicker reduction) so the circuit could be made incredibly basic. Essentially, the LEDs themselves acting as a rectifier eat up all of the voltage. Reverse voltage breakdown is not a problem, as voltage seems to add both ways. 12V total Vf for the LEDs, but as each LED has Vr of -5V, the total Vr is -20V. Can't overpower that with -12V. I've had my prototype running an hour straight on a heat sink, and so far not a single issue.

Too bad this is too obvious and simple to be patented. But have fun with it!

The flicker is certainly there, but for horticultural applications, as long as the photon output is acceptable, it will work. This should simplify LED design drastically.

Have video and have some some neat pictures.

I've been using Google Helpouts for a week, now. I haven't done much, only two clients, but I was supposed to be paid. I was under the impression that I didn't need a bank account to use Google Wallet. The wording on their site is 'Recommended.'

Well, my customers have had money taken from them, and not delivered to me. In order to get this money, I *HAVE* to have a bank account because I am now a service provider. None of this is mentioned when I went to update and verify my Google Wallet information. I've been on the phone with Google, they've been unable to do anything, so they say. Google, acting as the middleman, has essentially taken my money and says they can't do anything about it until I get a bank account. That's not possible until I correct an outstanding balance. I was hoping to use Google Wallet to be able to save up that money and then pay off the balance then and there. Nope.

So I've given out services and Google essentially refuses to pay me what I'm owed until I go through a third party.

Help me spread awareness, if you can, by giving me a +1 at https://plus.google.com/110351126148578351575/posts/h7QmWoRrtYA

Maybe Google will take notice and fix what logically is a violation of the anti-tying provisions of the Magnuson-Moss Warranty Act.