My Dad, the UFO Hunter

1976, at an unpublished location in the hills around Austin, Texas:
project_starlight_05
In the background, my dad and the other members of Project Starlight International are readying the UFO/VECTOR system they created for a night of UFO hunting.
The “UFO/Video Experiment Console for Transitional Overt Response” system assists Project Starlight in detecting, recording, and communicating with extraterrestrial spacecraft. The team members are wearing white jumpsuits — to better protect from flash burns — and green goggles. Besides looking cool, the goggles protect from the laser, which is transmitting information at 300 baud along a joystick-guided path. There’s a magnetometer that can detect the movement of ferrous objects overhead, and a 100-yard circle of computer-controlled spotlights flashing “pi pi pi” into the Texas sky.
The team’s white jumpsuits have “PSI” logos embroidered on them. They look damn sharp. Who says science on the fringe of respectability can’t look good?
Meanwhile, that’s me in the foreground, gathering rocks in my hat. My mom is taking the pictures, and made the smiley-faces on my knees. I think she was taking pictures that would appear in a Texas Monthly article.
You can some more photos of the hunt for alien life. My favorite is when Ray Stanford, the leader of the project, would stand on his platform, making hand gestures into the sky: “we have no weapons”, he would sign to the stars. “Land over there!”


PROJECT STARLIGHT WEIGHS IN!

About an hour after posting those pictures to Flickr, I heard from Ray, who clarified some of my anecdotes (see comments on this post) and let me know what he’s up to now.

I’ve also heard from other members of Project Starlight International, who — in addition to sending me pictures of the kit-build stunt aircraft they’re making in their garages, the R&B groups they’re playing with, and their online rabbinical ministries — and that’s all in one email message — who, I say, have linked me to more information about all the Badass Seventies Technology they were using. Pictured at right: the ring of spotlights used to draw attention to the landing site. I think, but I’m not sure, that the white dots are actually paint carefully added by my mom with a retouching brush.

You can also read about the

UFO-VECTOR SYSTEM:
Communicate with UFOs by transmitting signals along a joystick-guided laser.

RECORDING MAGNETOMETER:
Track and record moving ferrous objects (see comments for correction from Ray) magnetic fields overhead. It’s pictured below — check out the tape drive! And the big capacitors!

Other tech articles are on the main PSI tech page here.


Ray Stanford, the head of the project, urges that UFO to stop begging the government to “WAAH give us the truth”, and instead go out there and GATHER it. Using awesome instrumentation, with giant capacitors, naturally. He needs to be given some kind of Doc Emmett Brown award, especially since he’s now a successful dinosaur hunter(!!!)

What’s the term for stylish seventies science?

Steampunk” is the name applied to mustachio-ed, waistcoat-ed gentleman scientists of the Victorian age, who were half science, half showman, and ALL AWESOME. Project Starlight clearly falls into that mold: Kitty Bo (Hello, Kitty Bo!!!) just weighed in in the comments that they used to be called “Ray Stanford and his Lilly White Space Cadets”. What’s the term for seventies steampunk, done in embroidered jumpsuits?

My Dad, the UFO Hunter

Mellow Greetings from THE FUUUUTURE

Will (in Boulder, CO) and Sebastian (in metro New Jersey) wave hello from THE FUTURE in almost-actual size:

Hello from THE FUTURE

I’m surprised how well videoconferencing — in particular, videoconferencing with the latest version of iChat AV — works. Like many managers, I’ve developed the habit of tuning out during conference calls, noodling away on something else and only playing back my mental buffer when I hear a note of confusion or anger creep into the call (“uh-oh, the vendor just started beating their chest about how it’s probably OUR fault, lemme see what they said…”) Videconferencing makes you feel like you had an ACTUAL GODDAMN CONVERSATION with someone, albeit a little bit slow and laggy.

What’s funny is that the people in the chat window, when maximized on my Enormous New Display (you can see my 15″ MacBook below the screen for size comparison), are pretty much actual size. So that gives me an excuse to say “Forgive my lack of bodily disposition, Simon Phoenix, but I do have an entire city government to run.“.

Mellow Greetings from THE FUUUUTURE

I flunked apheresis yesterday

Empty apheresis cart
The picture at the right is a platelet pharesis machine sitting next to my chair at the West Chester Collection center of the American Red Cross — right behind Senora’s Mexican Restaurant and under Spirit of Yoga. Giving platelets is something I’ve been looking forward to doing once my commute to New York is over — it takes about 90 minutes to give platelets. I started doing this in New York after September 11th (remember that everyone thought the way to respond was to give blood? Me too), and it makes me feel like a rock star because I have O negative blood, which means my platelets are regularly used to avert international crises, move the planets back into their proper alignment, and bring sweet dreams of harmony and love to all the little children everywhere. At least, that’s what they tell me when they call to request an appointment.
Anyhow, I flunked out yesterday morning. The sheaf of tubes at right SHOULD be all Krazy-Straw full of my blood, since the machine takes the blood out of your left arm, runs it through a centrifuge (or something), extracts the platelets, then puts it back in your right arm. During the ninety-minute process, something like SEVENTY PERCENT(!!!) of your blood makes the round-trip through the machine, which I think is just awesomely gross.
But the phlebotomist had a Very Serious Expression when she was tapping my left arm, and we had to try a couple of times, and it didn’t work out. Apparently, I have “skinny veins”, and after two tries without a good flow from my left arm, they detached me, turned off “Spider-Man 3” on the DVD player hanging in front of my face (see, aparesis is also a chance to watch terrible nerd movies your family will never want to go see or rent!), gave me a T-shirt, and sorrowfully sent me on my way.
I felt sad and disappointed about it. I also have some pretty gruesome-looking bruises on the inside of my left elbow, but it wasn’t really that unpleasant of a procedure. And everyone at the blood center was REALLY nice and professional. I guess I’ll wait two weeks, then try again for my next chance to Save the World (and watch a terrible movie!)

I flunked apheresis yesterday

Milking lesson at Seven Stars farm!

P1060925.JPG
Last month, I wrote that we were looking for a milking trainer, so that Barb won’t be one of the Comedically Clueless about Cows at the Pennsylvania Farm Show Celebrity Milking Competition coming up this Friday. Barb has a hands-on approach to legislating (when she needed to learn more about the challenges of trash collection in West Chester, she spent two entire shifts working on the trash truck, not just a photo op.) So I figured she’d be game for some lessons. My ulterior motive is that I wanted a Mister Rogers adventure with Kate and Lydia. And we got one!

I made a number of phone calls to find a trainer. We ended up going out to Seven Stars Farm today. Seven Stars makes organic yogurt — up to 200 quarts a day, six days a week — on their organic farm, which they lease from the Kimberton Waldorf school across the road.

P1070036.JPG
Seven Stars’ co-owner and manager Edie Griffiths, who is a pioneering and veteran biodynamic farmer, showed us the ropes. We got to milk a placid older cow named Renaissance, who was low-key and helpful. And then we got to see the milking machines, the calves, and the yogurt-making operation! All in all, it was a TOTAL Mister Rogers visit, and I had an awesome time. You can see the photoset on Flickr here!

P1070122.JPG
Incidentally, Edie and Seven Stars welcome visitors, and Edie said that she’d give more milking lessons if people are interested. If you want to come out and learn how to milk a cow, let me know! You West Chester Dish folks are very much invited.

Anyhow, a million thanks to Edie and all the hard-working folks at Seven Stars for taking time out of their day to show us around. Their work day starts at THREE. THIRTY. IN THE MORNING, washing the cows down and getting ready for a four AM milking.

PS. there were no kittens around for us to squirt the milk directly into the mouths of, but once I saw how Edie milks, I think it’s just as well there aren’t — she could knock a kitten over at twelve feet with the powerful streams she was urging from those teats at lightning speed.

Milking lesson at Seven Stars farm!

First day of the new commute!

Aeron OkieLast week, Kate and I drove up to NYC to pick up my Lucky Aeron Chair, which Digitas was kind enough to give me after I’ve been sitting in it for seven (eight? nine?) years. Like the UrbanFetch messenger bag, the Herman Miller Aeron chair occupies an important and nostalgic niche in boom-and-bust dotcom history (from status symbol to “stupidity barometer”.) Getting to keep my battered Official-Dotcom-Issue Aeron is WAY better than a gold watch. Thanks, Digitas!

You can see me here slowly wheeling myself backwards down Fifth avenue, all the way home to West Chester, PA.

And then, this morning, the first day of the new commute! I’m renting an office in a new building owned by a local law firm, sharing a floor with some other small technologists and marketers. They seem a decent sort so far.

Traded in Exton Train station for the goldfish pond
And the commute! The commute! it’s zero-point-nine miles, a sixteen-minute walk, all on sidewalks. Kate and Lydia came with me for the first morning, waving goodbye once we got to the goldfish pond across the street (sorry for the squinty picture, Kate, but I am SO EXCITED about this commute, I can’t waste a single picture!)

IMG_0270.JPG
That brings me to Halladay Florist. The entrance to my building is on Wilmont Mews, which is the little street behind Halladay. You can see it behind the two trees on the right side of the picture. I walked past the Halladay delivery vans, each with their “I brake for Dogs at Jimmy John’s Pipin’ Hot” bumper sticker, around the corner, and to the front door:

IMG_0271.JPG…which is right here. Right now, I’m sitting in my new office, at my splintery old Veterans Administration desk (which lived in Kate’s sewing room until two days ago.)

I won’t post a picture of the office until it looks less like, you know… a square drywall box with a splintery desk in it. Once it’s filled with trees, singing birds, and pith helmets, I’ll post more pictures.

Meanwhile, I’ve updated my entry on Google Local Business, so you can see where my office is. If you have a moment, I’d be HUGELY GRATEFUL if you would write a review, whether it’s business-related, general enthusiasm, or filthy lies.

More to come! I want to lure as many interactive developers as possible to West Chester, so, you know, let me know what you’d like to see!

First day of the new commute!

Ferris, how did this car get 250 miles on it while sitting in the garage?

The box I use to host this blog, plus my own instance of Confluence and Jira, is a humble-but-dedicated Linux server running CentOS 5, hosted by Serverbeach. Yesterday, I got an abuse report that a number of other boxes had been getting automated password scans — originating from my server’s IP address. Uh-oh! Had someone compromised my box?

I opened up an SSH client, and logged in to my server as each of the named users. The bash welcome message showed just what I’d suspect — last login at some reasonable time, from an IP known to me. UNTIL I logged in as the “nagios” user, and discovered that the last login was on December 22, from “ac9ed6e3.ipt.aol.com”. UH-OH. I’ve been PwN3d.

It looks like someone guessed the password for the “nagios” user I created when I was setting up a server monitor. It probably didn’t occur to me that I was creating a public-facing login when I created the “nagios” user, and used something easy to guess. Crap! What’d they do while they were in there?

I pulled the .bash_history file for that user, which you can see here in its entirety, if you’re interested. Unless the user edited the .bash_history file as a red herring, it looks like they downloaded a password scanner utility to /tmp/.k (a dot-prepended directory, so it’d be hidden unless you used ls -a), then fired it up to scan the first two octets of my IP range. And then came back periodically to check results using “screen”.

Here’s what “ps -u nagios” showed:

USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
nagios   30769  0.0  0.0  2588  736 ?        S    Oct17   0:10 ntpd
nagios   23380  0.0  0.1  3668 1276 ?        S    Nov03   0:59 ntpd
nagios   16926  0.0  0.1  6100 1036 ?        Ss   Dec22   0:00 SCREEN
nagios   16927  0.0  0.1  5404 1396 pts/3    Ss+  Dec22   0:00 /bin/bash

The first two processes, 30769 and 23380, are, I think, Nagios doing its regular thing. But the other two processes were spawned by the uninvited user — a “SCREEN” session, and a login shell.

I quickly changed the password for the “nagios” user, then killed all the “nagios” user’s processes and deleted everything in /tmp/.k. I ran “sudo rpm -Va” to see if any of my packages had been, you know, sneakily altered, but my expertise runs out there.

As a professional, especially as one who depends on others to execute Big Chair Sysadmin tasks, I wouldn’t put a client’s SSH front door out there in the open, where anyone can come knocking. I always request a firewall in front, which usually only allows SSH logins from a particular (or, even better, private network) IP. Get a VPN connection to the hosting provider’s network, and it’s reasonably secure and portable. So this is pretty much a case of the cobbler’s children going shoeless – oy!

Serverbeach doesn’t offer a firewall solution, so I’m going to lock down the SSH on the box myself. Anyone care to offer an opinion as to whether you prefer IP restriction (not all that portable; I’m often on various wireless connections), certificate restriction (spiffier, but more confusing), or some other stealthy methods like changing the default port?

Ferris, how did this car get 250 miles on it while sitting in the garage?