Allow Me to Choose Your Districts

In 2021, the United States performs its decennial process of drawing legislative districts. I, for one, have been very concerned about how this process will go and rather than sit by and let it happen, I want to be involved. This is why I am applying to the Virginia Redistricting Commission.

To that effect, here is my statement:

I feel that I would be an instrumental member of Virginia’s 2021 Redistricting Commission. I am a Progressive with a Conservative relations including members of my very close family. I also have a number of conservative friends. I feel being able to talk to the other party is key to choosing fair districts. I believe in ending Gerrymandering and stopping the practice of Packing and Cracking. I also am an ardent supporter of the Voting Rights Act and want to make sure our General Assembly and Congressional Delegation reflect the basic makeup of the citizenry of Virginia.

This can be accomplished by making sure some districts are biased toward those protected groups while avoiding packing too many and diluting voting power overall. I am a firm believer in the compactness and political efficiency of legislative districts. Compactness is just the perimeter divided by 4π times the area of a district with the fraction being the compactness measure, and 1.00 (100%) is perfectly compact. I also want to use political efficiency to choose our districts. Efficient districts are competitive districts. And the safer a seat, the more wasted votes on that seat. Any vote beyond the minimum needed to win is a wasted vote and I want all our districts to be as politically efficient as possible and waste as few votes as possible.

I am a software engineer and I know that with these 3 scoring algorithms weighted VRA above Efficiency above Compactness, and trying to get the best score overall, that a program can generate perfect, fair, and equal districts using machine learning and game theory. I also want to follow the 12-year rule to bias the result. If we look at the last 16 state-wide elections over the 12-year period from 2009–2020, we expect our House of Delegates to be 51 Democrats, 48 Republicans, and 1 Independent (perhaps Libertarian). Though districts of pure third party would be difficult, a split of about 51/48 ±1 seat does align well with the will of the Virginia people and should be an idea we espouse as a board. I’m here to make sure our board follows these ideals and I know I will be a very valuable member of the committee. I look forward to joining the team.

Application for Service on the Virginia Redistricting Commission, Jeffrey C. Jacobs

Please note, that I have redacted the list of conservative family members I have. I do list them in the application but wish to maintain their privacy as Trump voters.

EDIT 2020-12-05: I spoke to some of my family and we agreed that by changing the text to what’s above I could share with you the full text from my application. That said, there is something I am still considering adding of a personal nature.

In any case, I don’t know when I would have time to write such a program, but I know how I would do it and I would love the opportunity to try!

36 Hours…

I bought my current iPhone on 30 September 2013—over 7 years ago. My iPhone 5S has served me well throughout the years but for the last fourteen months or so, I have been chafing over the inability to upgrade my phone to the latest Operating System. I knew then that, despite preferring the finger login, it was time for an upgrade or the massive, up-front cost.

However, I wasn’t ready just yet. Then SARS-CoV-2 happened, I had to quit my job for more money. Then COVIDWISE was released, and yet totally incompatible with my phone! This wan’t even the first app I was unable to download requiring Bluetooth Low Energy (BLE) technology. I was becoming more and more distressed over my inability to install the apps I so desperately wanted—even more so having forgotten some of them with no way to bookmark or remember. And, as an App Developer, I really should have the latest gear to test out the latest technologies.

iPhone 12 Pro Max ½TB, Blue
iPhone 12 Pro Max ½TB, Blue

On 10 July, with my final vacation payout, I decided it was time to upgrade. I knew a new Phone was coming soon—and hoped it would add 5G support. I waited. The September Apple event came with no update. The October Apple event came with an announcement but you still couldn’t buy the iPhone 12 Pro. The date on the order page said I had to wait until 23 October for that. So I waited so more. I got up early on that Friday and, yes, the iPhone 12 Pro was available, but not the 12 Pro Max! I had to wait until 6 November for that!

And I did.

The phone is on its way. 36 hours and counting…

iPhone 12 Pro Max in Transit
iPhone 12 Pro Max in Transit

Keep coding my friends and write great software. I hope you will be as gainfully employed as me, soon!

How to Install Glassfish

Glassfish is a Java Library for creating Java Message Queues. Regular readers my be surprised to know I am also a Java coder since I usually talk about Python and C++, but just as I occasionally speak Italian, I am multilingual. In this case, though, this is all about Java.

Unfortunately, despite what it’s billed to be, Glassfish 5 isn’t as turn-key an application as it appears to be and therefore I wanted to fill in the gaps for would be message queuers—whatever the word is—who may be struggling.

First, let’s download Glassfish: https://javaee.github.io/glassfish/download

When you check out the readme file, you’ll see the following text:

2. Starting GlassFish
=====================
The 'asadmin' command-line utility is used to control and manage GlassFish (start, stop, configure, deploy applications, etc).

To start GlassFish, just go in the directory where GlassFish is located and type:
        On Unix: glassfish5/glassfish/bin asadmin start-domain
        On Windows: glassfish5\glassfish\bin asadmin start-domain

After a few seconds, GlassFish will be up and ready to accept requests. The default 'domain1' domain is configured to listen on port 8080. In your browser, go to http://localhost:8080 to see the default landing page.

To manage GlassFish, just go to web administration console: http://localhost:4848

The GlassFish README.txt file.

That’s all well and good, but, if you’ve never used Glassfish before, when you follow those steps, you’ll see the following cryptic error:

Exception in thread “main” java.lang.NullPointerException: Cannot invoke “org.glassfish.hk2.api.DynamicConfigurationService.createDynamicConfiguration()” because “dcs” is null
      at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.initializeServiceLocator(AbstractModulesRegistryImpl.java:152)
      at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.newServiceLocator(AbstractModulesRegistryImpl.java:144)
      at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.createServiceLocator(AbstractModulesRegistryImpl.java:218)
      at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.createServiceLocator(AbstractModulesRegistryImpl.java:224)
      at com.sun.enterprise.module.single.StaticModulesRegistry.createServiceLocator(StaticModulesRegistry.java:88)
      at com.sun.enterprise.admin.cli.CLIContainer.getServiceLocator(CLIContainer.java:217)
      at com.sun.enterprise.admin.cli.CLIContainer.getLocalCommand(CLIContainer.java:255)
      at com.sun.enterprise.admin.cli.CLICommand.getCommand(CLICommand.java:231)
      at com.sun.enterprise.admin.cli.AdminMain.executeCommand(AdminMain.java:371)
      at com.sun.enterprise.admin.cli.AdminMain.doMain(AdminMain.java:306)
      at org.glassfish.admin.cli.AsadminMain.main(AsadminMain.java:57)

$ glassfish5/glassfish/bin/asadmin start-domain

Clearly, Glashfish is not a turn-key installation.

From here, it was up to me. Google was no help. "dcs" is null as a search term was too generic and including the full, topmost error only gave a page with sample Java code, not how to actually start the server.

To the best of my ability, I believe the error is related to the DynamicConfigurationService object—that’s what dcs stands for.

Looking through the QuickStart document I thought maybe it’s because I didn’t install to my home directory, ~, but moving it there produced the same results.

The next thing to try is to downgrade to Java 8. I’m not fond of Java 8 as it was one of the last Java versions to be 32-bit—which is incompatible with MacOS Catalina—but fortunately, Oracle provides a 64-bit, Catalina-compatible version.

Once Java 8 was installed, I just needed to tell my terminal to use that version instead of the default one. First, I needed to get the location for Java 8 in the list of installed Java VMs:

$ /usr/libexec/java_home -V
Matching Java Virtual Machines (3):
    15, x86_64:         "OpenJDK 15" /Users/username/Library/Java/JavaVirtualMachines/openjdk-15/Contents/Home
    13.0.4, x86_64:     "Zulu 13.33.25" /Users/username/Library/Java/JavaVirtualMachines/azul-13.0.4/Contents/Home
    1.8.0_261, x86_64:  "Java SE 8" /Library/Java/JavaVirtualMachines/jdk1.8.0_261.jdk/Contents/Home

/Users/username/Library/Java/JavaVirtualMachines/openjdk-15/Contents/Home
$

What Java VMs are available?

Finally, I had to set the local Terminal to use the Java 8 VM:

$ export JAVA_HOME=`/usr/libexec/java_home -v 1.8.0_261`
$

Set the Java VM to Java 8.

Success!

$ glassfish5/glassfish/bin/asadmin start-domain
Waiting for domain1 to start ......
Successfully started the domain : domain1
domain  Location: /Users/username/glassfish5/glassfish/domains/domain1
Log File: /Users/username/glassfish5/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
$

Starting Glassfish!

I hope that helps and I am so happy with my new job!

Jeffrey’s Jammin Birthday Bash

Join me to find out how I like my new job, the exciting plans I have for the upcoming year, and so I can give a personal thanks for your personal friendship!

Please note, the official start time is 20:00 because I want to make sure not to start it before I finish my first full day of work at the new job. If I finish sooner, I will open the room earlier. This is, after all, an exciting time for me. My first new job in 18 years, and the first of four steps on the route to make me a better man, and much, much happier!

This event is opened to everyone who claims to know me! All of my software colleagues, all of my fellow authors, fellow science readers, fellow Doctor Who fans, fellow cosplayers, fellow Electric Car drivers and enthusiasts, all of my Equal Rights Amendment sisters and brothers in arms, all of my National Popular Vote Interstate Compact supporters, all of my avid gaming friends, all of my friends abroad except those in Europe—have your kip, mates—all of my fellow Toastmasters, all of my fellow aviators, all of my fellow musicians, tous mes amis qui parle français oder Deutsch или по-русский o italiano, my acting friends and my friends who eschew meat!

The only thing I ask is you be respectful, kind, and know that I hope you all consider any friend of mine a potential friend of yours!

There is a password to this event. It’s not hard to guess if you know me but if you want to know, and you are reading this on from Twitter, message me, on Tumblr, message me, on LinkedIn, again, message me, or join me via the Facebook event. Or, just comment on this blog, with your email address, and I will mail it to you.

See you all next Wednesday!

Account does not enabled REST API.

18 Years and thanks for all the Fleets

Today I tendered my official resignation with the Naval Research Laboratory. I worked at the Laboratory for 18 years, under three Presidents and many Congresses. In that time, I pushed for at work EV Charging in the FAST Act, I started the NRL EV Group (link accessible within NRL), I sang with Polly and the Saccharides (no link available), and I even gave some Toastmasters speeches (NRL Link).

I very much enjoyed my time there and really am sad to go but I have been having so many problems paying for #CO2Fre and its maintenance that I have no choice but to accept a new job in the private sector. My only other solace—besides finally getting to write code again—is that I can finally use a part of my McGill degree that I’ve not been able to exercise beyond writing fiction.

Thus, it’s not so much an end, but a new beginning. And who knows what the future may bring! After all, I would like to return to Federal Service on day and accrue at least two more years to get my FERS to 1.1%. The only thing for sure is I’m a lot less available as a coder now.

Tesla OS 2020.16.2.1

Finally!

TeslaFi had been spamming me with news about TeslaOS 2020.16 for a while and I’ve been itching to see what, after giving us the amazing stop at a stop sign in the last minor update.

Turns out, not much. I am mostly unimpressed by Tesla with this update, though nonetheless very appreciative. Autoformatting a DashCam drive—I wonder if it supports 2TB yet—and a better layout for Easter Eggs are, after all, improvements, even if the Easter Eggs aren’t really hidden gems anymore.

The coolest new feature, though, is the new SuperCharger filter, allowing the driver to only see Version 3 stations and filter out all the slower ones. I love the fact that I have free, lifetime SuperCharging, and one of these days, I’m gonna cross the continents with that perk.

Overall, I’m not disappointed despite being underwhelmed. And one rumor is that this, or a soon to be released version will add V2G to the Tesla. I can’t wait until that rolls out as the Tesla Battery Pack may make for a new, mobile Powerwall. Mind you, even if #CO2Fre could do V2G, my house isn’t equipped for it anyway. So, even if it doesn’t have V2G, it’s still a cool update!

Tesla OS 2020.16.2.1
Tesla OS 2020.16.2.1 adds a new toy box interface, a SuperCharger filter, and auto-formatting of DashCam media. © 2020, Jeffrey C. Jacobs

Gentle reader, if you have been keeping up with me since 11 February of this year, you know that I have been posting once a day since then. As such, today marks a hundred days of a hundred daily posting. Through that, I’ve shared with you exciting electric car news, updated to the National Popular Vote Interstate Compact, my struggles to get the Equal Rights Amendment to be our Twenty-Eighth Amendment to the Constitution, written about my many works of fiction, and the many books of nonfiction I voraciously read to be a better scientist. I’ve shared with you my cosplay adventures, and my love of Doctor Who, my love of games, and a bit of my speaking in tongues as well as delivering speeches and singing to my heart’s content. I’ve talked about international travel and how I love to fly there in my own plane, discussed my acting and my dietary needs. And most of all I’ve told you I’m an excellent coder who is always keen for new work. Thanks for riding with me as we cruise upon the cloud to another one hundred posts!

I’m Running Late Setback: Can’t Send Texts in the Background

Originally, I wanted to implement an texting in the background for the I’m Running Late iOS app. After all, the whole idea of the app is that you may be stuck in traffic and not really in any position to send the I’m Running Late while you’re driving or otherwise indisposed in transit. If you in the car, for instance, sending that text, even if it just means clicking the Send Button, is dangerous. It totally defeats the purpose.

The idea of I’m Running Late is it’s a background process like cron for the iPhone. It just programs events based on the clock and your calendar, then, when the grace period begins, if your Sat Nav notices you’re not within a prescribed number of meters from your event location, it automatically informs the host—or your boss—that you’re running late.

How is this not a thing?

It’s not a thing because Apple‘s philosophy is, if you can send one text without consent, you will be able to spam infinite texts without consent. But, the thing is, the App Review team should be able to detect of an app was abusing the option to text without consent, so why prevent this safety feature when you could just stop it from being abused?

For the record, texting without consent is a safety feature. When you’re driving to an Event, it’s dangerous to have to look at your phone and hit a consent button. Forcing the user to do so may even violate some state laws. Yet, you want to send the text because you are running late, yet you can’t because you’re stuck in traffic.

Sadly, you need a user interaction to send an email too.

With both options stupidly closed by Apple, making this very important use case at first impossible to solve, the only option left is to send the text via a GET Query, for example, to a web service, and rely on the web service to send the text.

One such service is Twilio. Twilio seems to be the leader in Web to SMS transactions. Unfortunately, as far as I can tell, Twilio is a paid service and I’m still trying to figure out how this service works. I created an account and want to test it, but if all users of I’m Running Late are going to be using the service, I’m sure I will have to set it up as a business account.

One possibility I’m considering is having a monthly fee to use I’m Running Late, that I can use to pay Twilio for the use of their service. However, I want the fee to be small, like 15¢ per user per month. And then, say if Twilio costs $15 per month for one hundred users, then one hundred I’m Running Late users would completely cover the cost and I won’t need to let TimeHorse, LLC go further into debt.

The question is, though, what if I have less than one hundred users. In that case, I may have to disable the service or come up with some poor-man version on this very server. Initially, all text message requests could come here, and when the numbers crack one hundred, I can tell I’m Running Late to switch to the Twilio server.

On the other hand, maybe I’m going about this all wrong. IIRC, all Teslas are running Linux. And if the Tesla is connected to the driver’s Phone, and it knows the time, and it has the Phone’s calendar, then surely it could have an app that texts the Event organizer when the driver is running late.

And I could write that code!

Hear that Tesla? You could be bidding on me, because I’m still available for hire but my rates are going up with all the offers!

I’m Running Late

My boss doesn’t understand how hard it is to text when you’re stuck in traffic. That’s why he wants to fire me. That’s why I’m looking for a new job. And I will continue to consider a better offer and say goodbye to just under 18 years of Federal Service, but I think I’ve come up with a better way!

The thing is, if I’m running late because I’m stuck in traffic—or in a car with a lackadaisical Uber driver who won’t listen when I tell him I need to get to work on time—I might just have a solution. I could build an iOS app to text my boss for me!

I’m not actually sure I can do this. My app would have to always be running or at least be run at certain times when I would be expected to text. The idea would be, it would trigger at a fixed interval before the time I’m supposed to be at an Event, and if I’m not, say, within 100 m of that location, automatically send a text saying I was stuck in traffic and running late.

Phase one will be to build the app framework. Once that’s done, I want to see if I can have my app generate a text in the first place. I wouldn’t be surprised if iOS disallows that, so that’s why I want to determine that first.

Phase two will involve me setting a timer and providing a notification when the timer dings warning that, if the notification isn’t dismissed, the text will be sent.

Phase three will involve getting the GPS location of the phone and comparing it to the location of the Event to see if the phone is within 100 m, and if so, it will disable the text. I will then add a grace period where you must send the message by. For instance, if you’re due at the Event at 10:00, and you set the grace period to 15 minutes, the text goes out at 09:45, well before the Event is scheduled to begin.

Phase four will read your calendar to automatically generate alarms and warning texts. This will be filterable so that only events you choose will send out the text warnings. Each event will have to have a text number associated with it, but that shouldn’t be too hard if I also give the App access to the owner’s Contact List where you can select one or more numbers from.

I hope to have all that code complete, tested, and submitted to the App store by 1 July. I don’t know if I’ll have the time—or even if the texting is possible—but the beauty of this App is it’s extremely multi-functional. It doesn’t just need to be about getting to work, it can be for any appointment where you’re likely to be stuck in traffic or otherwise would have difficulty generating a text in a timely fashion.

I know for my part, when the world is collapsing on me and someone commits grand larceny against me or I get a $2,000 tyre repair bill for a slow leak, and thus am frazzled and having trouble remembering my name never mind to text when I’m running late, I won’t get fired because I arrive at 10:05. And that’s a very good thing!

Feel free to track my progress and remember, though job offers keep coming in, I remain available for hire!

Microsoft Teams is not quite the Team Player we thought

The folks at CyberArk uncovered a new vulnerability in Microsoft Teams. In Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams, they investigate a serious security hole in Teams that could threaten your organization and provide access to confidential information. Fortunately, Microsoft has, in theory, patched this vulnerability thanks to locking down any vulnerable Microsoft Teams servers.

This is a startling development considering how I’ve had to defend Zoom with respect to its long-ago patched UNC Path vulnerability. Now, we find out that by intercepting the traffic during the sending of images like a Gif, an attacker can subvert a computer’s security, intercept a victims access tokens, and impersonate the victim to begin a social engineering attack.

The basic process is the attacker can use Fiddler to intercept a benign image being transmitted. Since the image is transmitted via its URI, the attacker can modify the packet that transmits the benign URI and change the source domain to come from a compromised Microsoft Teams server.

Next, the attacker needs to intercept traffic to the compromised Microsoft Teams servers. Once the victim loads the image in his Teams viewer, the victim’s computer transmits his authentication tokens to the compromised server and thus the attacker has the users credentials.

The main solution is to lock down any vulnerable servers in the Microsoft Teams subnet. However, it is interesting that Teams uses a REST API with JWT. This is a very common authentication method and one used by OAuth Authentication. I have developed a number of software components that use JWT from OAuth and use those tokens to make connections to various web services I typically use, like meetup and Google Drive.

Microsoft Teams uses two JWT. First, the user gets an authentication token, and with that, the user can get the session token called skypetoken_asm. Both tokens are required by the Microsoft REST API to communicate with the server. The interesting thing, though, is that the second token is called Skype Token. A few years ago Microsoft bought Skype. At the time, people speculated why and of course with Microsoft Teams, I thought it might be leverage Microsoft with its own video conferencing platform. The question was, was Microsoft Teams based on Skype? It looks like at least in part, the answer is yes.

Below, you can watch a video of how this attack might actually work.

Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams | CyberArk

So, be careful what video conferencing system you use. Clearly, Zoom isn’t perfect, but neither is Microsoft, and neither is Google likely to be. There is no reason to pick on any of them. All three are working hard to patch vulnerabilities as soon as they’re found. Just, try to keep your software up to date. And that’s my latest deep dive into Video Conferencing security. If you like what you’ve read, I’m available and eager for hire.

2020 Résumé

It took forever, figuratively speaking, of course, to finish it, but I finally have my updated Résumé available. It took a lot of work combining the last eighteen years of work experience into concise bullet points and I admit even when I restrict my work experience to only the last twenty years, I still have about 5 pages worth of content. I used to be able to fit it in two, so I’m a bit unhappy about that. Still, it is shorter than the full CV.

Unfortunately, updating my job history wasn’t the end of the updates. For one thing, the Xmplify fix to get it to understand my DTD broke my XSLT. Although part of the reason is I took a shortcut when writing the XSLT, assuming all elements were in the global namespace, with the new xmlns attributes to the root element, I had to promote all the matches in the XSLT to identify tags within the r: namespace. That’s what took me so long to get the Résumé ready for release, but now it’s done and ready for release

Update 1 May 2020: I updated the executive summary to reflect the most recent work I’ve done and updated my interests to match my modern personal activities. I also created an embedded output for the XSLT which outputs div instead of html, head, and body tags, allowing it to be more easily be embedded in existing web pages. I also added a feature which cuts off the work experience before a certain year. I chose to only include the last twenty years of experience in my formal Résumé, but included it all in the formal Curriculum Vitae.

Finally, I made my current Security Clearance level hidden by default. I wish to keep that information on a need-to-know basis and not allow it to be broadcast publicly. This, however, can be overridden with an XSLT parameter.

I still need to update my LinkedIn, but now that I have my summarized work experience, I should just be able to copy-paste all that I’ve done. I also would like to reduce the number of items I list in my set of expertises. Right now, it occupies about a third of a page. However, making the list of expertises more concise isn’t a high priority at the moment.

Anyway, you have my Résumé and I’m more available than ever!