The Advisory Boar (page 2)
I remember, as a child, reading about the discovery of the
cave paintings in Altamira
by an eight-year-old, and her wonder at seeing bison and other animals
seeming to dance in the flickering light of her torch.
Despite my fascination with palaeolithic rock art, I had never seen any.
I had read about cave paintings at Lakhudiyar near Barechhina in Almora
district, the best-known of Uttarakhand's many such sites. It's not far
from where we live, but not close enough for a casual visit either. We
had an opportunity to stop for a few minutes on a recent drive past
It's not really a cave, just an overhanging rock face; and it's
a far cry from Altamira. In fact, it looks a little like it might have
been the work of a bored schoolboy waiting for a bus home. But there's
an ASI “protected heritage site” notice-board, so it must be legit…
Notice the obvious (and accurate) “hairpin bend” road sign in the centre
of the image. The paintings are a bit repetitive, and unfortunately the
ones closer to the ground are quite worn.
Here's a video that
shows more of the rock face,
and another that
shows the approach to Lakhudiyar.
Hassath's birthday present this year was an
(with 8GB of Kingston DDR3L RAM and a 250GB Samsung SSD 750 Evo) to
stand in at home for her ageing Thinkpad X131E.
It took some time for the machine to reach our remote mountain abode,
but we have it working nicely after spending a few hours wrestling with
it. Here's a quick summary of our experience
wasn't really useful).
Hassath loves her old Samsung SyncMaster 172s monitor (1024x768, VGA)
and resists the idea of a new wide-format monitor. Getting the NUC to
work properly with this display took the most time (but none of it was
the display's fault).
We connected the monitor to the NUC's VGA port and were greeted with a
"Video mode not supported" error on the monitor. The debian installer's
text-mode display worked fine after boot, but we couldn't see any of the
UEFI setup menus. Fortunately, we were able to sidestep the problem by
using an HDMI→VGA adapter that we had ordered “just in case”. Using the
HDMI output resolved the display problems with the UEFI menus.
After we installed Debian (8.1 from a USB stick created from the DVD
image), X wouldn't start. The intel driver didn't work, and Xorg fell
back to the VESA driver, and
died while trying to set the video mode.
(Also, virtual terminals didn't work at all until we added an xorg.conf
snippet to force the resolution to 1024x768.) It didn't work even with
the DVI-D input (via another “just in case” HDMI→DVI-D cable) on my
We stumbled around for a while, but we eventually got it working. The
key was to apt-get dist-upgrade against jessie-backports to install a
new kernel and drivers (e.g., libdrm-intel1). We also updated the BIOS
from revision 0054 to
but I am not sure that this was necessary, or even helpful. Xorg works
with the new kernel and Intel driver. We didn't bother to check if the
VESA driver would also work if we forced its use.
(Aside: we had no UEFI boot-related problems at all. We didn't even need
to try the legacy boot option, either for the installation from the USB
stick or to boot the installed system.)
Everything else worked
The Ethernet controller is a Realtek RTL8168h, which works out of the
box with the r8169 driver. Installing the firmware-realtek package got
rid of an “unable to load firmware patch” message, but the adapter
worked fine without it.
The wireless controller is an
Intel dual band wireless-AC 3165,
which required the new kernel from backports (4.8, though 4.2+ should
have worked from what we read) and the firmware-iwlwifi package to be
installed. It worked fine thereafter.
The audio controller is an Intel "Braswell" 2284, which works out of the
box with the snd_hda_intel driver. Audio output goes simultaneously to
the headphone connector on the front panel and the glowing red S/PDIF
plus headphone connector on the back. We did not try S/PDIF audio (no
cable, no devices) or HDMI audio (no audio port on the HDMI→VGA
adapter) or recording (no mic—or at least, no mic on my desk).
The Intel Bluetooth 4.0 controller (8087:0a2a) works out of the box with
the btusb driver. We were able to pair with an Android phone and a
Bluetooth speaker. We were not able to play audio to the speaker, but
that is probably not a problem with the NUC, because we didn't manage to
get it working with any of our other machines either.
We didn't try the SDXC card slot or the infrared sensor.
Update (2017-01-18): The SDXC card slot works fine. I used it to
write a Raspbian image.
Before we installed a towel rail in the bathroom, we kept clean clothes
on an old newspaper on the washbasin counter while bathing. It kept the
clothes dry and kept me entertained while brushing my teeth for several
months (I would unfold and refold it differently every few days when the
top stories began to seem familiar).
“Pollution report malicious, incorrect: Javadekar”
dated June 7, 2016 quoted the reaction of the Union Minister for
Environment, Prakash Javadekar, to a paper that was widely reported
with headlines like
“Life expectancy in Delhi has
reduced by six years because of air pollution, reveals study”.
Here's a clipping:
The original paper, “Premature mortality in India due to PM2.5 and ozone
exposure”, written by scientists at
and published in Geophysical Research Letters, was not
immediately available for download. The Minister's scathing indictment
shows that he is only too aware of
the threat posed by Elsevier journals.
Of course, this is hardly the first attempt to maliciously target India
overblown pollution reports:
Volcanic activity in modern-day India, not an asteroid, may have killed
the dinosaurs, according to a new study.
Tens of thousands of years of lava flow from the Deccan Traps, a
volcanic region near Mumbai in present-day India, may have spewed
poisonous levels of sulfur and carbon dioxide into the atmosphere and
caused the mass extinction through the resulting global warming and
ocean acidification, the research suggests.
Barely a month after his astute recognition of this pattern, however,
a cabinet reshuffle
saw Prakash Javadekar reassigned to the Ministry of Human Resources and
“Javadekar does a U-turn after questioning pollution study”.)
A little over a month ago, our Glorious Leader eliminated corruption,
black money, terrorism, and poor people in one bold and innovative move
by declaring most of the currency in circulation to not be legal tender.
We are fortunate that we can get by without much cash in hand. We eat
mostly what we grow, or is grown nearby in the village, and what few
additional expenses we have (e.g., milk) have so far been met by the
ten— and twenty-rupee notes we had collected to save time by paying
exact tolls on the highway.
Our one visit to the nearest bank yielded a two-thousand rupee note and
a bag of coins each—the most the branch could spare per person, given
that they've received no cash for several days.
In Delhi, Ammu is not so lucky. Her landlord demands the rent in cash,
and in exam season, she has had to stand in queue for several hours at
an ATM to withdraw a quarter of her rent (which is the maximum one can
withdraw in a day). Strangely, the vegetable and fruit sellers in her
locality do not accept digital payments yet.
I was looking forward to hearing what the Supreme Court of India had to
say about demonetisation, but they haven't said much, because they're
busy with matters of real importance to the nation, like how
often the national anthem should be played and how straight one should
stand to properly demonstrate one's “constitutional patriotism”.
A friend had a domain registered at 123-Reg that he no longer wanted. It
was coming up for renewal later this month, and he offered to transfer
it to me. The domain was not locked, so I asked him for an auth code,
and immediately submitted a request to transfer it to
my preferred registrar.
The transfer failed, and Namecheap sent me mail saying the domain was
locked. I checked, and it was. It had also already been transferred to
another sponsoring registrar (Mesh Digital, the company that owns both
123-Reg and Domainmonster). My friend contacted support to unlock the
domain, but by then of course the domain had entered the sixty-day
period during which it could not be transferred again. I was forced to
pay the renewal fee to them, and will now have to retry the transfer
after the embargo expires.
I suppose I could think of benign explanations for the above if I tried,
but I'm not feeling especially charitable about it.
I wanted to buy a jacket from Decathlon, so I went to create an account
on their site, which involved wading through as convoluted and boring a
because it's just in a textarea on the account creation page.)
Most of the terms were unremarkable (obnoxious and officious, but still
unremarkable), until I encountered this gem about halfway down.
«11. The Buyers shall be responsible to up keeping the providing
information relating to the products proposed to be sold by Us. In
this connection, The Buyers undertake that all such information
shall be secured in all respects. The Buyers shall not defame the
attributes of such products or services so as to mislead other
Buyers in any manner.»
I created an account anyway (and the jacket is rather nice), but I
didn't want to be responsible for “up keeping” information relating to
the products they sell. So I wrote to their customer support to ask what
this ridiculous verbiage was supposed to mean. Much to my surprise, they
not only responded to my mail, but actually asked their lawyers for a
I had a word with our legal department and they mentioned that the
clause means if a customer has an issue with or an opinion about a
product, they contact us first for us to help them with their issue and
not post it on social networking sites or the media.
Not being a fan of idiotic and underhand (and poorly-written, to boot)
attempts to restrict what one's customers can and cannot say, I tried to
delete my account. The terms of service said I could delete my account
at any time, but I could find no way to do so on the web site. So I
asked Decathlon to delete my account.
First they said they had deleted my account. I could still login, so I
wrote back to ask them to delete it again. Then they said that I had
registered two accounts (which I had not; I had just changed my name to
"ABC" in my profile), and asked me to send them a list of addresses I
had used (which I did—one address). Then they stopped answering my mail.
Eight weeks later, I can still login to my account.
Technically, I don't think this post violates their terms of service,
because I did contact them for help first. But they do have a
stern profanity policy, so here's a little something to help the account
suspension process along: What the fuck, Decathlon? You're a bunch of
Update (2016-12-13): The account still works, but the “you may
delete your account at any time” clause has been removed from the terms
of use at some point. Of course, the vital “responsible to up keeping
the providing information” clause is still there.
“Make eBird your New Year's Resolution for 2016!”,
they said, with a picture of a Steller's Sea Eagle that looked like it
meant business. So I did.
A month and a half into the year, it's become a habit to record and
submit lists during the day. It's given me a reason to get out of the
house for a while in the morning and evening, and to take occasional
breaks from work during the day, all of which has made me
fitter, happier, and more productive.
I have many complaints about the eBird interface. The "Submit
observations" page needs to be a couple of orders of magnitude faster.
The Android app shouldn't be so dependent on network connectivity. Both
need to be much smarter about interpreting abbreviations. I can think of
various features that would make reviewers' lives easier. But those are
just details (I hear the eBird team is receptive to suggestions), and
none of it takes away from the fact that eBird has helped me to start
birding regularly and seriously again.
As new year's resolutions go, I can't think of one that's worked out
I got my dad a
Lenovo Yoga 300
a few days ago, and installed Debian 8 on his old Ideapad S206 before
giving it to Ammu, who has been using my old (and increasingly broken)
for months now.
The Linux Laptop Wiki has a page about the
the quick summary is that everything works with only a little tweaking.
Wifi worked out of the box with brcmsmac. Bluetooth worked fine after
installing the firmware-atheros package. Sound input and output worked
fine out of the box. The hotkeys to change the volume (and brightness,
etc.) also worked. I didn't try the card reader or the webcam.
I didn't bother with the fglrx video drivers, but I had to install
firmware-linux-nonfree to enable KMS (kernel mode setting) to get
suspend/resume to work properly. (Hibernation worked fine anyway.)
This is a sleek and light machine, quite a step up from the earlier
Ideapad models I've used. The screen is a bit shiny, but stops short of
being annoying. The keypad is unfortunately very jittery—unless you are
very deliberate about tapping-to-click, you'll most likely just move the
pointer a bit rather than clicking. This was my father's biggest problem
with the machine (and it wasn't just a matter of acceleration settings).
But it's working nicely otherwise, and I hope Ammu gets some good use
out of it.
A friend sent me a pair of
“bench stones”. These are steel plates surfaced with diamond
particles—an alternative to old-fashioned oilstones for sharpening steel
cutting edges. I have been using them for several months now, and they
have lived up to their reputation as being fast, durable, and
convenient. I am very happy with them.
I have the D6CX and D6EF, each of which has two continuous sharpening
surfaces measuring 150mm*50mm (6"*2"). The D6CX has extra-coarse (220
grit) and coarse (325 grit) sides, while the D6EF has fine (600) and
extra-fine (1200) sides.
I have used them to sharpen kitchen knives, sharpen and flatten the back
of a very hard plane iron, restore the badly-damaged cutting edges of
some old chisels that belonged to my grandfather, and hone some new
Narex chisels and other assorted tools.
I follow more or less the same process shown in this
by Paul Sellers.
The DMT plates are fast and a pleasure to work with. Flattening large
steel surfaces does take a half-hour or so of extra-coarse rubbing (mind
your knuckles don't scrape the plate! I learned this the hard way), but
that isn't a task I would even attempt on my old Norton oilstone. Tuning
up a blunted (not damaged) edge takes a couple of minutes at most, while
restoring a nicked edge might take ten.
I use the plates with a bit of water sprayed from an old bottle of glass
cleaner, and wipe them down afterwards with an old shirt. They are easy
to maintain (but the coarse grits must be cleaned gently, because they
will happily shred cloth), and do not need to be flattened periodically
the way an oilstone might. The fine surface developed a few tiny black
spots on the very first use, but extensive use thereafter has not made
them any larger or more numerous. (DMT is reputed to have good customer
support, but they didn't respond to my question about the black spots.)
(I also have the
stand. The rubber feet do keep it from moving, and the clearance makes
it easy to flip the plates over. It works fine, but I could easily do
I like sharpening things, but I am not obsessive about it. I have not
tried to measure how flat the surface actually is, nor have I looked at
the sharpened edges under a microscope. The plates are flat enough, and
the edges sharp enough for me; and it doesn't take too long to get them
DMT manufactures a great variety of these plates: larger and smaller
sizes, coarser and finer grits, single- and double-sided, or with
“interrupted” surfaces that reduce the buildup of swarf (abraded steel
particles that must be cleaned away). I might try a single-sided 8"*3"
continuous surface plate someday—it should make it a little easier to
sharpen my larger knives.
An article about
reminded me of a problem I investigated last year when Hassath couldn't
send mail when connected through her phone's mobile hotspot.
My first response to any network problems is to run tcpdump, and I saw
the following EHLO response from my own SMTP server.
250-AUTH PLAIN CRAM-MD5
Vodafone is transparently proxying outgoing SMTP traffic and replacing
STARTTLS in the EHLO response with XXXXXXXA, so that the client doesn't
try to negotiate TLS. If you issue STARTTLS anyway—which no normal SMTP
client would, but openssl's s_client can do—the TLS negotiation fails.
So it's not just a downgrade attack, it's actively sabotaging TLS
This was the case in mid-2014, and it's still the case at the time of
writing. I wonder how many terabytes of email logs they have collected
in the meantime, how they are stored, and who is reading them.
While I was tethered to my phone, I did a bit more testing. Vodafone
India doesn't seem to mess with HTTPS connections, and IMAP connections
are not downgraded either (i.e., the server's STARTTLS advertisement is
not modified, and the TLS negotiation succeeds). Nor did it inject any
Update (2017-10-01): I
happened to read a 2014 post by Steve Atkins titled
STARTTLS and misplaced outrage,
which says this is a "very, very, very well known" problem with the
configuration of a PIX firewall feature named "MailGuard". He writes:
The most likely scenario, by far, is that the mailserver operator is
behind a PIX, and has it configured like that. As port forwarding is
specific to the interface that traffic comes in on, it’s quite possible
that it’s only misconfigured for traffic coming over some networks.
Drastically less likely is that there was a PIX installed – backwards –
on the cellular providers network.
Somewhat less likely still is that they’re simply lying about what
they’re seeing. But those are the only three options.
In this case, I'm the operator of the mail server in question, and I
know there is no PIX involved anywhere, and I know I'm not simply lying
either. I also know that the problem happens only on Vodafone's network,
so—unlikely as it may be—maybe there's a PIX installed backwards on the