5,080 ft elevation
3,090 miles
1,100+ pictures
9 cameras
8 people
3 laptops
2 Harley-Davidson Road King motorcycles
1 unforgettable vacation
I’ll be blogging the things I haven’t already as soon as I get dug out from the huge pile of other demands on my time. What a great trip!
Comments Off on Our trip by the numbers
Filed under Travel
Today [ed: it was really Monday] was a long, but wonderful, day. I made an email
run into town early in the morning, then we all saddled up for a trip out to
Devil’s Tower, Wyoming. It’s about 120 road miles from here to there; the route
goes through Deadwood, Lead (rhymes with "seed", not with "bed"), and Pactola
Lake.
| Deadwood was our first stop; we hit one of the local casinos for a bathroom, then went down Wall Street to the spot where Wild Bill Hickock was killed in 1876– coincidentally, on August 2nd, the same day we were there. There was a terrific character actor cowboy who regaled the boys with tales of his gunslinging; we also saw something you’d only see in Sturgis: a hybrid VW Bug/motorcycle painted to look like a giant American flag.
|
 |
After Deadwood, we got back on the road. Lots and lots and lots of motorcycles,
of all shapes and sizes. Matt quickly discovered that some were tricycles, so we
entertained him for the whole trip by playing spot-the-trike. We hit a short leg
of I-90 through the town of Spearfish and into Wyoming; I was able to sneak in a
couple of email sessions when we stopped for gas thanks to the local Verizon
coverage.
|
Devils’ Tower was amazing. Until you get up close, you don’t really realize how big it really is, or how big the groove-like rock formations on the sides are. I found a guide company that offers climbing trips; they promise that with two days of training you can safely climb to the top. That’s now officially on my list of Things To Do Before I Get Too Old. The scenery en route was astonishing too. We ate lunch at a roadside restaurant just outside the Devils’ Tower park gate. Brief review: avoid. |
 Some random, beautiful hill on the road to Devils’ Tower |
|
The boys with Ranger Dave |
The boys were fascinated by the Indian legends surrounding Bear Lodge (as it’s known by the Lakota). One legend has it that a boy was chasing some girls, got turned into a bear, and raked the sides of the mountain in his anger at not being able to catch them. That particular story is Matthew’s favorite. David learned a couple of other legends at the visitors’ center, but I can’t remember what they were. |
 Two views of Devils’ Tower
|
|
Our next stop was Spearfish Canyon, which I’d never heard of before this trip. |
|
|
|
On the way back, we stopped at Pactola Lake. As we were getting out, a B-1 from |
Before we left, Mom and Arlene had stocked the crock pot with red beans and
sausage; when we got back, we had a feast of red beans, rice, and pineapple. The
boys played in the center of the cabin area until it got dark (after which a
good-sized rain/thunderstorm rolled in) and we all went to bed.
Today was our first real day at the campground (more properly, the
Rafter Bar J Ranch). We have three of their “comfort cabins”: roughly 20′ x 20′ one-room cabins with a small bathroom, sink, microwave, and dorm-size refrigerator. There’s one double bed and a pair of bunks, plus a small dinette table. Everything is clean and in good repair, and there’s a great open courtyard where the boys can run around and holler– quite a relief after 1200+ miles trapped in the car.
Mom had either mad-car disease or altitude sickness; she wasn’t feeling well, so she missed the morning festivities. The rest of us got sort of a late start because we were all tired, but once everyone got moving we headed out to two nearby attractions: Old McDonald’s Petting Zoo was first. It was, well, full of animals. Thomas was enchanted with the chicks in the incubator room, since you got to pick them up; Matt’s favorite was probably feeding the goats (see below), although he didn’t like it when they got too personal. David liked everything; he’s been a real treat to have with us on the trip because pretty much everything suits him just fine.
Our second stop was Reptile Gardens, which was outstanding. We stayed to watch the alligator show, then spent some time on Death Row– the Gardens’ large collection of venomous snakes. By the time we got done with that, it was getting late and everyone was hungry. We headed back to the cabins to pick up Mom, then went into Hill City for lunch at the Mount Rushmore Brewing Company, a nice little restaurant that serves a mean buffalo burger. After a swim, Tim and the boys built a campfire, and we roasted hot dogs and made s’mores. No one stayed up very late.
The world-famous (well, not really) Goat Bridge |
Mmmm, food pellets… |
The pool area with some cool mountain clouds |
Who |
Call the fire department! |
Not Mr Ed, but close enough… |
Comments Off on Black Hills: another day…
Filed under Travel
Day 2 of our trip! I almost forgot to blog it, but then I saw a Wall Drug brochure on the table and that sparked my memory. We woke up in Worthington, had a delicious [sic] hotel breakfast, and hit the trail headed west.
Some things in the world stand up well to repeated viewings– places you’d be willing to see again. Others are worth one visit, no more. Our first stop fell into the latter category: the world-famous Corn Palace in Mitchell, SD. I’d never heard of it before; it’s basically a small sports arena whose outside is decorated with (you guessed it) corn (see picture below). It was fun, and there were lots of other Nice Things in the surrounding area, including statues of Elvis and the Blues Brothers. Mom got some pictures of the boys with Mr. Corn, the Corn Palace mascot, but I don’t have them here.
After a long and not particularly interesting drive, we hit our second planned stop: Wall Drug. This was another category-2 attraction; they have every kind of western-themed souvenir crap you can imagine (and a lot you probably haven’t), plus some mildly interesting curiosities. The boys loved it; my favorite part was the ice cream we had there. Then it was back on the road, a dinner stop at the Fuddruckers’ in Rapid City, and on to the campground!
It’s made of corn! |
Tim with the King |
Filed under Friends & Family
We left about 4pm Friday afternoon and headed west on the Ohio Turnpike. There’s not much to see between Toledo and Chicago; we hit Chicago about twilight and had a merry chase through the approximately 250 toll booths on I-80, I-94, and I-294. Eventually, we made it to Beloit, Wisconsin, our stop for the night. Dad and Tim took an alternate route thanks to Dad’s bike-mounted GPS, so they arrived about an hour behind– the boys and I were sound asleep by then.
Saturday morning, we had a quick hotel breakfast and hit the road again. Wisconsin turned out to be much prettier than I’d expected. The drive up towards LaCrosse has some pretty nice rock outcroppings and some lovely views over the hills; we stopped in LaCrosse for lunch and saw a really cool statue of two Indians playing LaCrosse. For lunch, we ate at Perkins’, right next to the Black River. Not long after, we crossed the Mississippi, where the scenery really got pretty (and, incidentally, we entered Minnesota). Once we left the river country, things flattened out and got a lot less attractive, unless you like corn.
Along our route, we made two stops: the Spam Museum (which deserves its own blog entry, later today) and the statue of the Jolly Green Giant in Blue Earth, MN. That was pretty cool– a 60′ tall statue of the big green guy. Plus, there was a Dairy Queen next door, which is always a bonus.
Another two hours on the road and we hit Worthington, Minnesota, our Saturday night stop. Pizza Hut provided dinner, and we swam and went to bed– now it’s breakfast time and we’re getting ready to hit the road again today. So far, we’ve come about 800 miles!
See above: how much would you pay for a solution that actively prevents people from using “reply-all” to mass-distribution mails? (RMS does lots of other neat stuff, too, that I’ll be writing about in the future.)
Filed under General Stuff, Musings
Here’s an interesting tidbit: Scalix announced today that they’re going to ship a wireless solution for their messaging product, based on Notify‘s product. Pricing and availability weren’t announced; from a functionality standpoint, Notify has a pretty nice solution in terms of the range of devices and OTA methods they support. However, this may add significantly to Scalix’ “flyaway” cost, making them potentially less attractive compared to Exchange 2003. No word yet either on whether Scalix will require device or mobile CALs in addition to mailbox CALs. Developing…
Filed under General Stuff, Musings
Bruce Schneier is a smart guy, but he also has a strong anti-Microsoft bias. That’s why it’s no surprise to see this article, in which he lambasts Microsoft for “building in security bypasses”. What’s he talking about? A quote from Microsoft’s Martin Taylor:
For example, this new feature tool we have would allow me to tunnel directly using HTTP into my corporate Exchange server without having to go through the whole VPN (virtual private network) process, bypassing the need to use a smart card. It’s such a huge time-saver, for me at least, compared to how long it takes me now.
Of course, that’s our friend RPC-over-HTTPS. I think Schneier missed the point because he misunderstands the intent of the feature, which is to allow mail-only access from remote systems. It’s true that VPNs allow for secure remote access to many different types of resource, often using multi-factor authentication. It’s also true that many VPN systems (particularly the clients) are unstable and difficult to use, particularly from locations like hotels and airports where the network provider may not be clueful. The RPC tunneling feature allows secure access to email only without a VPN. This is actually a security benefit.
Why? Think of what happens when you connect a remote computer via VPN: you’re allowing it unrestricted access to your entire corporate network. That means that when Joe Executive‘s home machine connects via VPN it has free roam of the network. That places a mighty high premium on ensuring that the remote machine is uncompromised, hence the interest in network access protection (but that’s a solution for another day). As an admin, if I have users who only need email, I’m perfectly happy for them to use RPC-over-HTTPS instead of VPN because then I know that their machines are very unlikely to be able to cause damage to other machines on my intranet, no matter how crap-infested they may be. Couple RPC tunneling with an application-layer RPC scanner (like the one in ISA Server 2004) and you’re better off than you would be with a pure VPN solution.
Some of the comments on Schneier’s post make good points about the tradeoff between usability and security, including one guy who asks why VPNs are so hard to use. That’s for another post, unfortunately.
Filed under General Stuff, Musings
Boy, this is worth a read: Oracle’s chief security officer, Mary Ann Davidson, has an op-ed piece on CNet in which she attempts to blast some security researchers (in particular, she links to this story on Alexander Kornbrust, so I assume he’s target #1). I don’t think I would have taken her approach, for two reasons. One is that it’s going to inflame the BlackHat crowd, and will undoubtedly result in Oracle’s vulns getting much more press than they would otherwise– remember, the tech press loves controversy.
The other reason is that, given Oracle’s recent security troubles, she would have been better off to talk about how Oracle is addressing the legitimate concerns its customers have. She’s right that fixes to even simple vulns still have to go through a full test and release cycle, but she’s being disingenouous in claiming that Oracle has been responding in a timely manner to the notifications they’ve received. They haven’t (and this is not new behavior).
Fearless prediction: Oracle will get publicly spanked by Kornbrust, Litchfield, and probably some others during BlackHat. Davidson will be unrepentant.
Filed under Smackdown!
The MS SQL Server 2005 and Visual Studio 2005 teams have a hysterical site called “Escape from Yesterworld” that casts IT development as something out of Flash Gordon. The overall site design is brilliant, and there are some extremely amusing video clips there, including:
Well worth a look– I give it two thumbs up.
Filed under General Stuff, Musings
Yesterday I wrote about Simon Butler’s quest to prevent individual users from sending messages via MAPI. In related news, the Exchange team blog has a great post today explaining how Exchange 2003 SP2 gives us the ability to block individual users from using MAPI. The good news: because the MAPI blocking is added to the existing ProtocolSettings mechanism for blocking other protocols, you can use the same script to block or allow multiple protocols at once. The bad news: as with Simon’s original question, this method doesn’t stop existing connections; it only blocks new ones. Still, this is a valuable new capability to have.
Filed under General Stuff, Musings
So, the obvious first: no, John Rain doesn’t get killed in this book, but not for lack of opportunities. As the book opens, Rain’s in Manila to kill a bomb-maker at the behest of Israeli intelligence. With him is Dox, Rain’s new partner. The hit misfires when Rain makes a spur-of-the-moment decision not to kill the target after seeing him with his family– the target has a son about the same age that Rain was when his own father was killed. That brief moment of hesitation buys him a butt-load of trouble; while exfiltrating, Rain and Dox kill two people who are believed to be CIA agents. The Israelis are worried that Rain’s attempt will be tracked back to them, so they put the word out: John Rain must die.
Trust is one of the central themes of this book. Rain somewhat reluctantly comes to trust Dox after the shootout that ends Rain Storm— but as that trust blossoms, Rain comes to realize how much he’s missed being able to trust people. This is certainly a common problem among contract assassins, but us ordinary Joes can get the idea. As Rain attempts to figure out whether the two dead agents were really CIA or not, and thus dissuade the Mossad from killing him, he’s forced to make some hard decisions about who to trust, and how much.
Another key theme is redemption, for want of a better word. Rain begins to wonder if he’s done any good by his long string of killings, and if perhaps his energies might be redirected to killing evil people instead of whomever he’s paid to kill. Illustrating this, he considers the difference between the Japanese words roughly translating to “sword of justice” and “sword of oppression”. Some reviewers on Amazon have dismissed this introspection as sap or fluff, but I think it adds a great deal of depth to Eisler’s portrayal of Rain. Who among us has not looked back to consider whether his life has been well spent, and whether the remainder could be better spent?
As with preceding books, Eisler moves the action along at a racetrack pace. His descriptions of place are crisp and evocative (I particularly liked his description of Rain’s trips to the rural Philippines), and there is less emphasis on the minutae of Rain’s hand-to-hand fights with his opponents (more knife- and gunplay, though). Because I’m not a judoka, this made the book way more readable for me.
I can’t say much about the denouement of the book except that it sets out very clearly what’s going to happen in the next book, and that it contains a plot twist that I certainly didn’t anticipate that sets things up neatly. I’m eagerly looking forward to the next book, but I only have to say one thing until then: jazz goes with New Orleans. Highly recommended.
Update: I found this essay by Eisler that describes the backstory behind Killing Rain. It’s pretty darn interesting.
Filed under Reviews
Update 4/30/08: the gentleman whose name appeared here as the CEO of Kärcher USA is no longer with the company. At his request, I removed his name from the post.
I own a Kärcher electric pressure washer. I bought it because it was reputed to be from a solid company. Over the five or so years that I’ve had it, it’s worked well enough, but it failed, so I wanted to get it repaired. Here’s the deal:
So, I fired up Word and made ready to send them a letter asking how I could get the unit fixed. Surely what Shane told me can’t be right. However, here’s what I learned:
After a whole bunch more web searching, I found their correct address (2825 Breckinridge Blvd, Suite 120; Duluth, GA 30096) and phone number (678-935-4545). No one answers that number, either, but I plan to keep trying until I get a human. In the meantime, I’d certainly advise against buying anything from these folks, given their unusual mastery of customer-avoidance techniques.
Update: I found this page, which lists XXX as the CEO and 678-935-4550 as the fax number. Score!
Update: I faxed them a letter. It’s in the “more” section.
Update: I got a call on Friday, July 29, from a customer service rep who offered me a discount on a remanufactured unit. He was supposed to send me some email explaining which units I could choose from– but lo and behold, 10 days later, no email. Hmmm. (And yes, I checked the spam filter logs; no such email ever arrived here)
Filed under Smackdown!
Wow, this article made my head hurt. David Berlind of ZDNet documented all the stuff he had to do to get his XV6600 to work via Bluetooth as a modem for his laptop. I admit that I never bothered to try this while I had a loaner XV6600, fearing that it would be too hard to be worthwhile. Here’s Berlind’s conclusion:
OK, now that we’re done, and some of you now have the best step by step you’ll ever find for getting a DUN connection working with Bluetooth, what does it tell you that takes nearly 40 distinctly separate screen shots or photos to document something that should be a lot simpler?
It tells me that I’m sticking with my aircard, thankyouverymuch.
Filed under General Stuff, Musings
Exchange MVP Simon Butler posed what seems like a simple question: how do you stop a user from sending mail? The answer is deceptively complex; we’ve been debating this on an MVP list for a few days now.
Say you have a MAPI user. You disable the associated Active Directory account, either by disabling the account or by changing the password. In either case, the user can still submit mail to the information store! In the case of a password change, the user will be asked to authenticate again, but if she cancels the password dialog, she can still send– she just can’t receive new mail! That might be a problem in case of an employee who’s leaving (voluntarily or not), although a measure of physical access control will help.
You can kill the MAPI session, but that doesn’t do anything to stop the user from reconnecting from the client side, at which point you’re back to square 1: the user can still send mail. (This doesn’t seem to be true if the user quits and relaunches the client after you kill their session, though).
For other protocols, it’s easy to prevent users from connecting and sending mail. For example, for IMAP, POP, or HTTP connections, you can just remove the user’s ability to use those protocols by using the Exchange Features tab in AD Users and Computers.
If you want to block all users, you can do that too; KB 288894 describes how to limit MAPI connections to a particular version of Outlook (so just set the regkey to deny from the current version (which I think is 11.0.6352.0) backwards. For HTTP, you can either set an IP address restriction on the Exchange vdir (thanks, KC!) or stop the w3svc, although this will have other effects. For that matter, if you want to prevent all client access, stopping store.exe will do the trick nicely at the cost of a service interruption.
Perhaps MS will fix this in Exchange 12.
Filed under General Stuff, Musings
Paul's Down-Home Page 