the white stuff, part 2

Looks like the Daily Stormer (neo-Nazi white supremacists and KKK website) was booted by their hosting provider GoDaddy on Sunday for violating its terms of service after an article regarding Heather Heyer was published on the site.  The former then transferred their content to Google Domains (Monday)… after which Google booted them as well for the same reason around midnight of that same day.

After a day or two of being offline, the site appears to have surfaced again in the “dark web” of the Tor anonymity network.  (In Harry Potter terms, they lost their lease on Diagon Alley and were forced to move to Nockturn Alley which seems to suit them better.)

The Dark Web

As if the Internet itself weren’t scary enough in the light of day sometimes, we now have an even darker, hidden version of it which is only accessible with specialized software.

Dark web: that portion of the web which cannot be easily reached from the public Internet, and usually requires specialized software to access. Examples of the dark web are the Tor network and hidden services, the I2P network and its eepsites, and the RetroShare network.

Almost sounds like a stroll in the woods when you say it like that.  Only this would be the Black Forest or the Forbidden Forest or the Suicide Forest maybe.

Onion Routing

But how does one attempt to navigate in such a place?  It looks like communications are wrapped in layers and layers of encryption much in the same way that onions have layers.  Each network node in this communication either adds another layer or peels one away, depending upon its direction.

Oddly enough, this method was developed by the Navy to protect U.S. intelligence communications online back in the ’90s.  I suppose it’s sad when your own tax dollars eventually provided the means by which child pornography, for example, enjoys its anonymity on the dark web at this time.

the white stuff

If you’ve been following the American Manufacturing Council kerfuffle that’s unfolded in the days after the Charlottesville violence and the media aftermath, there’s a lot of news that isn’t being focused on.  Probably everyone by now knows that Trump has been tweeting comments which to most observers would appear that he doesn’t hate white supremacists.  For a sitting President of the U.S., he’s reasonably expected to weigh in against hatred on this topic and he failed.

So now in the media aftermath we see that several key members of the American Manufacturing Council have resigned and the President has now disbanded the council completely (presumably to prevent others from following suit).  The news media has been quick to report all this.

What the news media is glossing over is the list of CEOs and corporations who did not resign from the council.  If you think about it, this reads as a “Who’s Who of American CEO Friends of White Supremacists”, if you will.  And so, without further ado, here’s that list.

Who’s Who of American CEO Friends of White Supremacists

CEO Corporation
William M. Brown Harris Corporation
Michael Dell Dell Technologies Inc
John J. Ferriola Nucor
Jeff Fettig Whirlpool Corporation
Alex Gorsky Johnson & Johnson
Gregory J. Hayes United Technologies
Marillyn Hewson Lockheed Martin
Jeff Immelt General Electric Company
Jim Kamsickas Dana Inc
Richard G. Kyle Timken Company
Andrew Liveris Dow Chemical Company
Dennis Muilenburg Boeing
Doug Oberhelman Caterpillar Inc.
Michael B. Polk Newell Brands
Mark Sutton International Paper
Wendell Weeks Corning Inc.

give a man a phish…

There’s an old quote, of course…

Give a man a fish and you feed him for a day.  Teach him to fish and you’ve fed him for life.

Today’s topic is about phishing, the activity in which a con artist sends a fake email to others and convinces them into giving up their credentials, credit card details, etc.

What They’re After

It’s almost always about money. They want the login details for your checking account or your credit card. If they can get your email account’s credentials then they’ll search your emails for links to your checking account or credit card. If they get your social media account’s credentials then they’ll know the people who trust you and they’ll send them email as if they’re you, conning your friends into clicking these sorts of links.


If a stranger on the sidewalk asked you to put your wallet into a magic hat, you probably wouldn’t. You don’t trust him. So when a stranger on the Internet sends you an email, then you are probably smart enough not to click any links in it.

But now, what happens when an email arrives and it has the correct logo and content from Microsoft?  You trust them.  They wrote the software that’s on your computer, possibly.  They’re telling you that you are about to lose something or in other cases, that you could get something for free.

But of course, that email could seemingly arrive from UPS, FedEx, the U.S. Postal Service, Wells Fargo, Bank of America, Chase, Logitech, Intel, Apple, Google, Intuit, Adobe, Samsung, HP, Facebook, Twitter, Verizon, AT&T, Starbucks, Staples, Yahoo, Bing, MSN, Firefox, Chrome, WordPress…  Literally any name brand or product name you trust can be used to fool you.


If someone told you that you had thirty years left in your lifetime, you’d probably be interested but it wouldn’t necessarily change what you do today as a result.  You’d have time to get a second opinion from another doctor, say.

We’re programmed, though, to panic when we have a limited amount of time to make a decision.  If the doctor told you that you needed to get your affairs in order because you have 24 hours left, then you probably wouldn’t calmly make an appointment with that second doctor.  You’d very likely go on a shopping spree or make some other not-so-mature decision in the spur of the moment.  In other words, the rational/analytical part of your brain wouldn’t be in charge.  Your would-be scammer knows this.  So all these attempts have some sort of expiration date/time attached to them.

Free… Isn’t

I’m not sure why people are such suckers for the word “free”.  It seems to be another method of short-circuiting the brain.  Combine free with an expiration date of some kind plus a spoofed pedigree and most people will stupidly click that link.

Antivirus Isn’t “Anti-Stupid Protection”

Unfortunately, your antivirus program can’t protect you from doing something, well… stupid, in this case.  It would be stupid to enter your credentials for anything prompted by any email.

But, what if this is legitimate?  Okay, so what if I have received an email from Geico and they’re trying to tell me that my policy is about to expire?  (Let’s assume for a moment that I have Geico insurance.)  Do I actually need to click their link to find out the status of my policy?  No.  It is infinitely safer for me to open my browser, type in in the location field, verify that I haven’t mis-typed the domain name and then to enter my credentials on their website.  In doing so, I’ve completely removed all the dangers of phishing.

Digital Extortion

According to statistics, 64% of Americans are willing to pay a ransom to get their data back (or say control of their computer) and the average bounty demanded is $1,077 per victim. Only 34% of people globally are willing to pay money in these circumstances. Unfortunately, that makes the U.S. a prime focus for these people.

parts is parts

Still designing/printing parts here in plastic from Autodesk Fusion 360, Cura and the Robo C2 printer. It’s amazing how long it can take sometimes to print.  This particular part printed in just over eighteen hours but an earlier (high-quality) version suggested that it would have taken slightly over four days.

I’ve been having problems with a particular spool of filament from Shaxon. Given that it’s infused with carbon fiber, it has a tendency to want to stick to itself on the spool. So I’ve lost about three print jobs so far from a variety of nonsense related to the filament snagging itself as seen here.


This then results in the loss of filament to the extruder and the print job continues, going through the motions of printing but without plastic. To fix this, I’ve repurposed the base of my rock polisher to hold the spool and locking it in place with a coat hanger for the moment. When the filament tries to snag itself, the entire rig seems to work out with respect to deploying without accidents.


If you’d like to see what it looks like to 3D print a part like this, here’s a link to the video I created (using that new camera from an earlier post).

Time-lapse photography of printed part


time-lapse photograpy for the robo c2

I’ve upgraded the Robo C2 printer with a nifty Raspberry Pi NoIR camera so that it can take photos, stream video and do time-lapse photography of print jobs. It seems to work great so far and I look forward to putting it through its paces.

And to make this easier for others, I’ve created a documentation repository with step-by-step instructions for anyone else who wants to modify their original printer to do this, too.

Okay, so technically the printer had a glitch 1/3 of the way into printing this (huge) coin example, so I aborted as it started to go funky at some point… which you can’t tell here, tbh.

When printed part becomes modern art

wizarding money

Apologies for the lull in blogging but I’ve been fussing with Autodesk Fusion 360 lately. The current design in 3D printing would be an authentic-looking Knut from the Harry Potter film series.


So for the first coin, I thought I’d try the copper/bronze-looking one since I have some copper-infused PLA filament, some copper-infused artist liquid-stuff and plenty of pennies for electolysis at the end.

I managed to do the front side with a convincing Tratello font for the text and a complete rendering of the details. I will attempt to do a photos->mesh conversion for a better face, however.


A raft on the part’s bottom is often necessary so that the part will adhere nicely to the workspace. Unfortunately, that tends to mar up one side of a coin so that approach doesn’t work here. I’ll then want to slice the coin into front/reverse and print both halves.


The standard weight of a plastic coin wouldn’t feel right in your hand so the strategy would be to put something inside of two halves to make it seem realistic.


After the actual print, everything you do to make it nice is called post-processing. In this case, this might include assembling the two halves of the coin with glue of some kind, sanding, tumbling in a magnetic rock tumbler device with copper-plated media for a few days, brushed-in application of a copper-infused liquid for touch-ups and finally, wiring and dropping each into an electrolysis chamber so that ionic copper may bind to the outer surface.


So far, I’ve got one half of the Knut designed and made two test prints. The inside space perfectly matches a penny (which adds weight to the coin and helps to speed up the print time). The filament produces a metallic matte finish and doesn’t appear to have the tell-tale lines you normally might see in a printed part.

The bad news is that my 0.4mm extruder nozzle is too big for this job. I need a tiny opening to print at a higher resolution. So I’ll be ordering some smaller nozzles like this 0.15mm version.


I have a spare power supply from a computer as well as a recycled hard disk. I’ll remove the top from the disk and then glue some very strong magnets around the top perimeter in alternating orientations every 60°. I’ll need to use my existing rubber drum from a rock tumbler kit for the media and parts.

As for the media, this will be a combination of penny-magnet-penny glued sandwiches plus a collection of copper-clad screws (over steel). This then makes everything inside want to give up copper in the millions of collisions with the copper-infused plastic parts, as influenced by the external rotating magnetic field. After a couple of days, the coins should have a healthy amount of superficial copper added plus a polishing of the printed detail.

don’t make me clamp you, part 3

Oh, the fun.  After a few fails, I managed to print out several C-shaped clamps in carbon fiber—infused PLA, finally getting the temperature right.  I then spent several more hours in Autodesk Fusion 360 to further tweak/finalize the bottom of the chassis for the Raspberry Pi 3 supercomputer and sent that off for a 56-hour print job.  Whoa.


Four of these clamps then were employed during last night’s printout while it was still going.


Unfortunately, the pause feature that I’d asked for in the slicing software went rogue upon resume and tried to bury the extruder into the plastic, forcing me to abort at 4am this morning.  <_<

At least there’s much less part curling at the base versus last time. So I think I’ll redesign the clamps to have an even lower top profile and clamp right after the first four layers of the raft are down.


outsourcing your work as a captcha

I guess everyone’s seen the robot test captcha thing on Google these days. If you try to use their websearch engine too fast, then you’ll soon be proving that you’re not a script that’s running on some spammer’s computer.


Often, though, you’re then next asked to select which squares have store fronts, or doors, or signs or food.


And of course, since we want that content, we dutifully “prove” that we’re not a robot. But—and I realize this might sound a little cynical of me—what if we’re actually being forced into conscripted labor, as if we were Google’s robots?

What if we’re actually being forced into conscripted labor, as if we were Google’s robots?

Try to follow along…

Amazon Mechanical Turk

Amazon has a variety of services within the AWS space. The one I’m thinking about at this moment is their Amazon Mechanical Turk. If you have a computer and Internet and want to make some money doing (usually) mundane tasks, then Amazon will pay you to do so.

For instance, Amazon might pay a hundred people to look at one image after another and to indicate/highlight where in the image they see a sign or a store front or whatever it is that Amazon needs highlighted. Humans are great at this. Artificial intelligence applications are getting there, only it takes a supercomputer these days in order to do these tasks.

What if Google doesn’t want to use their supercomputers nor wants to pay anyone to do object recognition either?

Google Maps Streetview

Google’s mapping featureset with Streetview represents a way for them to make a lot of money. And their collection of project managers would love to know where storefronts are within all that captured data. (Imagine that they’ve paid drivers to drive around a car with 360° cameras.) Because behind every storefront is a business who could pay Google money for placement within Google Local.

Now, Google has datacenters with plenty of available processing power to do this. But what if… they’re using us instead.

Think about it, we’re asked to identify objects within photos (which look like they’re taken from the Streetview data) and we’re being asked to identify things (businesses) which could make Google money or things (signs) which could be used in mapping directions.

Call me cynical but Google is looking a little guilty on this one. Why aren’t we identifying the squares with puppies in them? Because puppies don’t buy listing upgrades, that’s why.


don’t make me clamp you… (part 2)

You wouldn’t believe the difficulty I just had getting Autodesk Fusion 360 to do what I’d thought would be trivial: I wanted to cut down an existing part from Thingiverse to meet my needs.

Thingiverse ≠ OpenSource

The first thing I learned yesterday from this is that—even though Thingiverse seems like a wonderfully collaborative place—it isn’t actually open-source. If this were open-source, then in addition to the mesh (STL) files that are shared, each author would also include their project file as well (DWG, for example).

Don’t get me wrong, Thingiverse allows people to share their work. And yet, it isn’t the same as github which allows someone to take 100% of what you worked on, tweak it and then share that as well. It’s this iterative modification that makes open-source so powerful. And the reason behind that is that each new person doesn’t have to start from scratch.

CAD Project File

A typical computer-aided design file will include a variety of information. Most, though, are built around the concept of an initial sketch in two dimensions with a variety of measured constraints, for example. One then brings that 2D sketch into the third dimension and suddenly you have a part.

If you’d like to then edit the sketch or change the height of the sketch in that third dimension, you’d need to have that project file. (Thingiverse does not share project files.)

Mesh File

At the end of a design session, it would be necessary then to export that part into a 3D model which is usually a collection of points and triangular faces. The sum of these describes a solid in 3D space. (These STL files are shared on Thingiverse.)

Toolpaths File

Once you’ve exported your own design to an STL file (or you’ve downloaded one from someplace like Thingiverse), the file is taken into software like Cura if you’re trying to print to a 3D printer. This is known as “slicing” since it’s Cura’s job to know your printer well enough that it may slice your part from the bottom, up. Each layer then is converted into a number of instructions called G-code which tells the printer exactly what to do at every step of the way. (Thingiverse does not share these files either.)

Autodesk Wants You to Design in Autodesk

It was clear from my initial interaction with Autodesk’s support that they don’t want you to work using other software. They want you to start over and redesign your part in their software. Given that they charge $40/month to use the software, it’s easy to see why.

They actually do support the conversion of a mesh file into your project file in such a way that you can cut it, for example. They just hide the feature as an Easter Egg; only after turning off project journaling (Time Line) can you see the Mesh-to-BRep option. Granted, the program became painfully slow using this feature since it was grappling with about 50,000 triangular faces. Eventually, though, it processed the mesh file and I was able to apply the cutting action to remove some of the clamp from Thingiverse.

Progress So Far

Knowing that I could further modify the C part of the clamp should I need to, I then set the first of two prints into motion.

With the standard white PLA filament in the printer, I was able to print this in just over twelve hours last night. It’s a collection of eight screws plus their respective protector caps for the ends of those ball points. And tonight, I’ll print the C-shaped parts in black carbon fiber PLA for its added strength. (I’ll need to break them away from the adhesion raft, of course.)


In case you’re wondering, I had to laboriously place each of the sixteen individual parts into Cura’s workplace, carefully including enough space between them. The tighter you bunch them, the less movement the printer will have to do and the faster it will print. Get them too close and the extruder might bump into one of the other parts or perhaps merge two parts together.

As you can see from the slight bit of raft curl on the right side in the second photo, these clamps in theory will do a nice job of holding the raft down into the bed for the first inch or so of the part’s printing. In some cases, they should save what would otherwise be a failed printout.

don’t make me clamp you…

Trying to push the envelope in print volume on the Robo C2 printer, I’m finding that the part wants to curl on the bed (since the latter isn’t heated). Hmm…


This is a common occurrence, I understand.  It’s due to the uneven temperatures of plastic on the bed versus the new (hot) layers of added plastic. To get a part this big, I actually had to lie to the software and to suggest that the printer has a bigger range than this. This sort of tweaking is commonplace.

Hairspraying the bed is a known gimmick for 3D printing, but as you can see, the painter’s tape is well-stuck to the part.  Instead, I’m thinking of 1) printing the raft at the bottom, 2) pausing the print at this point, 3) removing the bed, 4) applying clamps around the edges and finally, 5) resuming the print job.

Tool-Making 101

From my experience in a plastic manufacturing plant, I learned that if something doesn’t work:  modify it, build a helper tool or change the process somehow so that it does work. Here, I’m opting to build a set of clamps to assist in the 3D print process and to insert a pause into those instructions (“GCODE”) at the proper moment.

Half the battle, then, is designing and building a number of clamps.  To be useful, they should allow their placement at a variety of distances from the edges of the bed. They should hold throughout the job even if things are vibrating and moving around. They should never restrict bed movement. Since the print job goes for perhaps ten hours, they must not fail in any way if I’m not there to watch their performance.

The other half of the battle is to create something which modifies the GCODE instructions to place a pause at the right moment (as soon as the raft has been laid down). My guess is that this will look like an OctoPrint plugin. There probably already are a number of plugins which pause at a particular z, meaning that they will pause the print job when it comes to a particular vertical layer. I was thinking that I might invent a different approach somehow in this space but I’ll see what I can come up with. I like the concept of pause after raft, though, and would imagine that this would be useful enough to others.

This should save a lot of print jobs from curl, I hope. And that should translate into a lot of money saved in filament, as well as time.