Some changes to the radiator box

Build Log:

Back almost three years ago in 2016, I set out to do something rather unique with regard to water cooling: building an external, self-contained radiator box. And for the most part I achieved that goal. Maintenance cycles would see some improvements to the implementation, leading to a box that is very quiet, and a total water cooling setup that provides very good temperatures.

There were still additional improvements to be made. Particularly with the power delivery. Powering everything was initially… messy. Integrating a hodgepodge of parts that more or less got the job done with as little need for modifying anything as possible and virtually nothing custom.

Here’s the parts:

And the power went into two voltage regulators, one a step-up to run the pump at greater than 12V when I had a D5 Strong, and the other a step-down to undervolt the fans. So it was a bit of a mess with regard to cabling.

I still have the switch, along with the step-down regulator to undervolt the fans. The step-up regulator isn’t needed. And most everything else from this is gone. In its place is this: NiuGuy 12V/4.2A (50W) power supply. And wires. And a terminal block.

All of this started when I was casually browsing Home Depot and saw terminal blocks in the electrical section, a part of the store I normally don’t pay much attention to. From there I purchased a crimp tool kit, terminals, and wire. Later I acquired 2.8mmx.5mm spade terminals to get rid of the vandal switch wiring harness. The small power supply came later.

And that power supply is seriously small. Smaller than the power brick I was originally using. I was actually surprised when I first saw it. Here’s a size comparison of the product box with a PS3 game case. The power supply itself is only slightly smaller than the box.

I’ve encountered power supplies like this before and had previously considered employing them in the radiator box. But I initially wanted something that didn’t require much in the way of additional tools and electrical supplies to build, so I went that direction. I also didn’t know much about electronics and circuitry at the time and have since enlightened myself.

I kept the NCASE M1 power cable, cutting off the C13 connector and stripping the insulation back so I could add terminals for the power supply. The switch is inline between the power supply and terminal block. One pair of terminals create the circuit for the pump and rear fans at 12V, while the other pair creates the circuit with the voltage step-down regulator for the radiator fans. Bus wires connect the circuits in parallel.

Much simpler and cleaner compared to what I had previously since I wasn’t having to figure out what to do with really long cables coming off pre-fab items. And sure there are a couple ways this could be cleaner, but I wasn’t concerned with perfection.

The D5 pump (Koolance PMP-450 specifically) is out with a DDC pump (Swiftech MCP50x) replacing it. The only reason I swapped it out is clearance. The DDC is more compact. And the one I selected is PWM controlled, so I can dial it down to a lower RPM using a manual PWM fan controller like the Noctua NA-FC1. I clipped off the pump’s SATA power connector to use terminals to power it from the terminal block, after extending the wires using butt splice terminals with equivalent gauge wire.

So why the lower clearance necessitating the smaller pump? I lowered the reservoir using 120mm mounting rails (Performance-PCs) for the Singularity Computers Ethereal Single (Performance-PCs). (Since I say this every time, I’ll again do so here. Full disclosure: I also support Singularity Computers via their Patreon.) Much more stable compared to how I had it previously, and it allowed me to secure the reservoir more toward each of the end caps. And the lower position meant lower clearance, necessitating the smaller pump.

And I swapped the Bitfenix fans I had at the rear for Nanoxia Deep Silence 120mm fans, the ones that previously were in Absinthe, now Amethyst. They are super quiet (14.5dB/A) at 12V while still moving 60CFM. I’m not sure how that’ll affect cooling, but it’s bound to be better than the rear fans being voltage-synced with the radiator fans. And as a bonus, they match the green ring light on the power switch.

I still have the pipes I showed in the previous article. They keep the coolant flow well out of the way of power and data cables, reducing the amount of soft tubing needed, even if it does create a little headache for maintenance. I’ve considered adding a valve to the pipes as well to make it easier to drain. Instead I used a 4-way block with a couple spare quick-disconnect fittings to create something to drain the system.

Performance

I’ve made some changes to the tubing in the H440 as well, but not in a way that drastically affects performance. The GTX 1070 still barely touches 40ºC under load, and I was able to bump the CPU overclock (i7-5820k) to 4.3Ghz while still keeping temperatures in the mid to lower 60sºC.

I’ll detail the changes and reasoning behind those changes separately.

Possible next steps

Since first building this, I’ve loved having an external water cooling setup. It’s unique, and I’ve yet to see someone else do this. Sure the setup is a little complex, and maintenance can be a little bit of a headache, but having a water cooling setup that is not tied to any particular chassis or hardware setup is the main benefit. And I see no reason to go back to the traditional in-chassis water-cooling setups that… nearly everyone else does.

Maintenance is, of course, the main drawback. Good thing it really only needs to happen once a year.

And there really isn’t much of anything to add to this. A better mount for the pump? Not entirely necessary. I would like to have temperature sensing on the coolant, but that isn’t a pressing concern. Replacing the radiators or radiator fans with better options? I don’t really have a reason to do that. The XS-PC EX360 radiators work without any issue here, and I have zero reason to believe better radiators (e.g. AlphaCool, Hardware Labs) would make a significant difference, though they would certainly inflate the cost.

The only realistic direction I can go is making the box smarter.

The last couple years have seen the introduction of various ways of controlling fans using software. I’ve used NZXT’s Grid for powering a lot of fans at once. Future adaptations saw the Grid+, which allows for software control of the fans based on temperatures via their CAM software. The latest incarnation is the Grid+ V3, which supports PWM fans, meaning it should also support PWM pumps.

And the Corsair Commander Pro is an option to integrate temperature sensing and fan control. But it requires both 12V and 5V from its SATA power connector, whereas the Grid+ requires only 12V and uses a barrel connector – meaning no modification to the device. The power supply noted above is 12V only, so I’d need a voltage adapter to provide 5V.

I’ll figure out which to use later, along with how to connect it to the main system.

Hosting a mail server on a home network

Before diving deeper, a preface.

This article will not be discussing how to set up a mail server. Mostly. Instead I’m going over some of the complications that can arise after you have the mail server set up with receiving mail to the domain(s) the server hosts. You’ll need to go elsewhere if you’re expecting a tutorial on setting up and configuring a mail server.

Before continuing, let me explain my setup so you can understand where I’m coming from and going:

  • Mail server: virtual machine with 2 cores, 2GB RAM, Ubuntu 18.04
  • Software: iRedMail
  • Port forwarding: random port number -> port 25 on mail server
  • DNS name: NoIP dynamic DNS hostname, dynamic IP address

Assumptions

From here I’ll presume you have a similar starting point to me, that you:

  • own one or more domains which may or may not already receive mail through the domain registrar or other service
  • want to spin up your own mail server to receive that e-mail to your home network
  • have a typical home Internet broadband connection with a dynamic IP address
  • have a dynamic DNS name to point to your home network

If you are not already signed up for a dynamic DNS service, do that first before setting up a mail server. I recommend signing up for one that your router directly supports. I use NoIP, and I also pay the $25/yr subscription fee to make things easier.

What I won’t cover

For the sake of brevity, I won’t be delving into setting up and administering a mail server. As I said above, you’ll need to go elsewhere to find that information. There are also several “distributions” – e.g. iRedMail, Mail in a Box, etc. – that can handle much of the dirty work for you, all of which have their own steps for setup and administration.

Basically setting up the mail server is on you. All I’m discussing herein is what you need to do once the server is set up on your home network, with a dynamic IP address, so you can receive mail to it. Since plenty of other articles say you can’t.

Set up a self-hosted VPN

Allow me to establish one additional prerequisite: set up a self-hosted VPN. OpenVPN is one of the more popular packages available for that, and I also have a guide on how to run that in a Docker container if you’re so inclined. Others have set it up to run on a Raspberry Pi. One of my coworkers uses ZeroTier and he seems to like it.

Having the self-hosted VPN means you only need to expose the SMTP port through your router’s port forwarding. You would then access your e-mail by connecting to the mail server through the VPN connection or an SSH tunnel when you’re away from home. Which will provide an additional safeguard for your e-mail.

Overall order of operation

Again, you should already have the mail server set up, with the domains and e-mail accounts configured. So now you need to make it so you can receive that mail on your home network through your dynamic DNS hostname.

  1. Pick a random port number to map to port 25 on the mail server
  2. Sign up for a mail relay service (more on this later)
  3. Modify the DNS settings for your domain for the mail relay service
  4. Wait a little for the settings to propagate
  5. Send test e-mails to verify everything is working
  6. Profit!!!

Random port number? Mail relay service?

By now hopefully you’ve already looked into what is required to establish a mail server for your domain(s). So you should’ve encountered explanations for the DNS entries, in particular how to configure the DNS entries to avoid other mail servers refusing to talk to yours.

Specifically, the “reverse DNS” entry for your mail server’s host name. Which is impossible to create for a dynamic IP address. And with a static IP address, you probably have to jump through a ton of hoops with your ISP.

Mail relay services avoid this complication, accepting the mail for your domain(s) and relaying it to another mail server. They are advertised as allowing you to bypass your ISP blocking port 25, allowing you to host your mail server on a port other than port 25. This should also be coupled with a backup service that retains e-mails for a period of time, in case your mail server can’t be reached for some reason, to avoid e-mails being rejected or black-holed.

Your dynamic DNS service provider may already have this available. NoIP has Mail Reflector for $100/yr per domain. Dynu, on the other hand, has an Email Store/Forward service for $10/yr per domain. The latter is what I currently use, and it works well.

While you don’t need to use a port than 25, I’d highly recommend doing so since the relay service allows for it. I’ll just reiterate what I said in my OpenVPN guide (linked above):

In general, when exposing services where they are accessible outside your network, you want to avoid using default port numbers. Either configure the service to use a different port number, or use the port forwarding on the router to provide a different port number.

Port forwarding for mail relay

So with that explanation out of the way, it should be clear how to expose the mail server via port forwarding. The order of operations means you

  1. select a random port number for port forwarding
  2. set up port forwarding: [random port number] -> port 25 on mail server
  3. set up the mail relay -> [dynamic DNS host name]:[random port number]
  4. DNS “MX” entries for your domain -> mail relay service
  5. Profit!!!

Finishing up

So now with everything set up the way you need, send some test e-mails to make sure everything is getting through.

One thing to note: it will take several days for the updated DNS entries to propagate around the world due to DNS server caching. So you may need to continue to check your e-mail through any previous mail hosting service until you confirm all e-mails are no longer being sent there. If you’re planning to transfer domain registrations to another provider, hold off for a few days before initiating the transfer if there are any frequently-used e-mail addresses involved.

And another point: if you use iRedMail, turn off greylisting. If you use another distribution, determine how to disable greylisting with it. Or at least figure out how to whitelist the mail relay service you choose. If you don’t, it’ll take multiple tries for the relay service to get the mail to your system. Turning off greylisting or whitelisting the mail relay service will avoid this.

One additional complication

Mail server blacklisting is something else you need to keep in mind. This doesn’t stop you from receiving mail, since it will be going through a mail relay service. But it might keep you from being able to send messages to some recipients.

As part of an effort to combat spam and scam e-mails (such as this and this), mail transport agents may be blacklisted. It’s up to every mail server administrator as to whether those blacklists will be honored – it should be off by default. And this isn’t an issue exclusive to residential Internet IP addresses. I encountered it with my previous web hosting provider when I tried to forward a phishing e-mail to SunTrust Bank.

So if you find that e-mails you are sending are routinely being rejected, check your IP address and dynamic DNS hostname and domain through MXToolbox to determine if it’s been blacklisted. You may need to sign up for an outbound mail relay service to bypass this.

Conclusions

So contrary to a LOT of articles, it is possible to host a mail server on your home network. It just requires the additional mail relay service to make it all work, to bypass the “reverse DNS” complication.

It just typically isn’t recommended that you set one up since Internet mail servers can be complicated to set up and administer. But much like web servers, generally once they’re configured, you should only really need to touch it for software updates.

Blackmail scam: Reloaded

I recently heard of this scam from Jim Browning. Full disclosure: I do support him on Patreon. So I’ll let him describe how this scam works, since he discusses a variation of it in one of his videos:

I recently received the below scam message. And it’s nearly identical to the scam I wrote about earlier, just with the slight twist of making it look like they sent it from my own e-mail account:

Hey There,

We have hacked your device. To show you we have complete access to it we’ve sent you this message from your own private email account (see the “from” email address). We furthermore know that among the list of passwords you used to use is “[REDACTED]” for example. Don’t fear, we will explain how it all happened and what you can do about it.

Some time ago you went to a web site with xxx contents, that web site had a trojan that was developed by us, this trojan mounted itself onto your device opening a backdoor that grants us complete access into your device. Changing passwords will not help because our backdoor will constantly stay open if we don’t terminate it our selves.

We also downloaded all your social contacts, email contacts, data and information to our server. Moreover we triggered your camera from time to time and recorded movies of you while you “satisfied” your self observing xxx content on the web. Those videos are also kept on our server. To sum up we now posses all your important information and some “naughty” clips of you.

You are probably asking yourself what we are going to do with this content. Possibly we utilize it to ruin your social life by sending all the info we posses with browser history and the filthy clips of you to all your social and email contacts. Picture the negative impact this will have on your life! Imagine how this will impact the relationship with your family members! Or maybe we delete it all, shut the backdoor on your system and don’t use it and you can go on living your life like this never took place. It’s all under your control….

When you opened up this e-mail our system initiated a timer (our system tracks the mail header to see when you launched it), starting now you posses 6 hrs (6 hours is 6 hours, not a moment more) to complete the following action:

Listed below you will find our bitcoin address (copy/paste it, it’s case sensitive). If you do not want us to destroy your social life and relationship with your loved ones you need to transfer $550 (USD) to it. You can browse Google how to purchase bitcoins, it is very easy and you can do it immediately. Don’t forget that you need to do this within the given timeframe so you better do it right now.

Our system is watching this address, when the transaction happens in time the timer will stop counting, we will remove all the info on our server we have on you, the backdoor on your device will close and you will without doubt never ever hear from us again… case closed and nobody needs to know about your dirty secrets. If it does not come in in time, your life will change in a very damaging way.

Our bitcoin address: 3QNVqEz3aKvCUDivsnASGEGqafYfdry4Eb

Good-luck!

I’ll say this up front: don’t be alarmed if you happen to receive an e-mail that appears to have come from your own e-mail account. It is not difficult to spoof an e-mail address. It’s very easy, actually. Something anyone can learn within a very short time. Much than spoofing a phone number.

But this can seem rather alarming to someone who isn’t well versed in how Internet mail servers work.

And given the ready availability of leaked passwords on the web, again this can potentially alarm people. It probably isn’t difficult to find the leaked password I redacted above, which would’ve been leaked during the LinkedIn data breach a number of years ago. But that password is worthless to anyone who finds it since I don’t use that password anywhere anymore.

So if you receive an e-mail like this, don’t be alarmed. Indeed to many, it’ll probably provide a good laugh. And thankfully at least with the above Bitcoin address, it appears no one has taken the bait.

And if you want to check to see if your e-mail address has ever been involved in a data breach, go to “Have I Been Pwned?” and type in your address. And make sure to adopt good password usage and management practices. And enable two-factor authentication where possible.

False charity because #fuckTrump

Amazing how the Federal “shutdown” appears to be bringing people together, right? Bringing out people who are willing to help the furloughed government employees who are working without paychecks or not working at all. Showing that when people are in need, we’re willing to be charitable. Because that’s what decent people do, right?

Yeah I’m not buying it.

Simple question: if not for the government “shutdown”, how many of these same people would be spending their own time or money directly helping people who are in need? Likely answer: next to none of them.

Let’s be honest. There’s only one reason this is happening at all. #FuckTrump. That’s it. That and the chance at a little fame or exposure since the media is broadcasting whenever someone is being so grateful to furloughed government workers. Because again, let’s be honest, #FuckTrump. That’s the only reason.

Meanwhile there are millions of people in the United States who are in need of direct assistance in many ways every day. I’m sure you, dear reader, know at least one such person. Yet what’s the response? “Let the government handle it.”

Rather than go out and directly help them in some simple fashion, you’d rather instead have the Federal and State governments take more money from my paycheck and the paychecks of those who make more than me so that you don’t have to lift a fucking finger, or take a penny from your pocket.

Because when it actually comes to helping people, it seems the vast majority would rather be passive, lazy pricks who’d rather sit back and “let the government handle it” rather than getting off their asses and actually doing something to better someone else’s life.

I’ve probably shelled out more money over the last couple years than many others have in their lifetimes. And if you’re one of those people, someone who’d rather sit back and complain about things rather than getting off your ass to improve someone else’s life, who’d rather see more money taken from my paycheck because it means you don’t have to do anything, kindly go fuck yourself.

No, seriously. Fuck you.

Now get off your ass, find someone who needs something, and figure out how to help them. Rather than hoping someone else will do it.

You want to improve the world? Get off your ass already.

At least read the article before sending a solicitation

I’m really starting to ponder the commonality of this practice.

The below request is at least mildly understandable. They’re pointing out an article I wrote on pet care and asked that I link to their article on a specific dog breed. Which would be great… if not for a few issues with their e-mail.

Dear Editor,

My name is Jean and I’m the Editor at [REDACTED]. I was doing research on the Blue Heeler Pointer and just finished reading your wonderful piece: https://www.kennethballard.com/?p=1790

In that article, I noticed that you cited a solid post that I’ve read in the past: [REDACTED]

We just published an updated, comprehensive guide on 10 things you should know about the Blue Heeler Pointer on our sister site, [REDACTED]. It is completely free and you can find it here: [REDACTED]

If you like the piece we’d be humbled if you cited us in your article. Of course, we will also share your article with our 100k newsletter subscribers and followers across our social platforms.

Either way, keep up the great work!

Warmly,
Jean

If you’re going to send me a solicitation, have the courtesy to make sure you’re not going to include demonstrably false information.

First they claimed I linked to an article about the Alaskan Malamute, an absolutely gorgeous dog breed I would love to own, if I ever have land for it. Before now, though, I’ve never mentioned that breed here. My article on pet care mentioned two dogs my parents’ owned. One was a blue Australian Cattle Dog, Basenji mix. Yet they request I link to an article about blue Australian Cattle Dog, Pointer mix dogs – Blue Heeler Pointer is not a recognized breed.

Definitely a classic case of not reading the article before firing off a solicitation. Unfortunately all too common.

I also don’t sell any ad space on this blog, so views largely don’t matter. Instead any “revenue” comes through the Amazon Associates Program, and I typically make enough to nearly completely offset hosting costs.

And this blog doesn’t get many views anyway, making every solicitation for this site I’ve ever received nonsensical. I’ve never had more than 500 views in any given day as of this article, an article about an espresso machine is my best article of all time on views, and I typically have only about 100 views/day. So sending me a solicitation hoping for more exposure to your content is only going to end up with me posting your solicitation with all site names, links, and the like redacted.

MikroTik CRS317 10GbE switch

For the last two years I’ve been using the Quanta LB6M as the backbone of my home network. A 24 port SFP+ switch with four (4) GbE RJ45 ports connecting two Gigabit switches and my Internet router. So everything came to the LB6M and was routed accordingly.

It works quite well, too. Provided you can live with the noise. The first thing I did when I received it, before putting it into service, was swap the rear 40mm fans on the fan sled with much quieter fans. This quieted down the system, but it also caused the switch to run very hot. Two things helped me counter this: I cut out the fan grills on the fan sled, and did some maintenance on the thermal paste inside it. And I also had a fan blowing onto the underside.

But replacing the fans didn’t entirely eliminate the noise since I was not going to replace the fans in the power supplies. I’d been looking around for better options since.

And that’s where this comes in: the MikroTik CRS317. (Buy it at Amazon or EuroDK) It comes at a slight premium. 400 USD MSRP compared to the about 240 USD I paid for the Quanta LB6M in January 2017. Though you can get it for less through different suppliers. Just pay attention to shipping costs.

And I jumped for it for three reasons:

  1. Passively cooled. Mostly. It has two 40mm fans, which should not be running all the time.
  2. SFP+. It should be drop-in to my current setup.
  3. GbE SFP module support. And it should just be plug and play.

That third point means this switch will be replacing two: the LB6M and a TP-Link 8-port GbE switch. Getting the LB6M working with GbE SFP modules is… it’s definitely NOT just plug and play and requires flashing a different firmware to the switch to get it to work. No thanks.

SFP modules

I’ve had no issues with Fiber Store’s 10GBase-SR SFP+ modules. They happily worked with the Quanta LB6M, and I fully expected them to work with the MikroTik switch. I returned to Fiber Store for their SFP RJ-45 modules (Generic), since they were also about 30+% less expensive than any price I could find for MikroTik’s SFP module. I ordered one for each GbE connection I had to the LB6M.

Using SFP modules to consolidate GbE connections is only cost and value-effective if you’re consolidating a few. Four or five at most. Beyond that, and it’s a better value acquiring a GbE switch with a 10GbE uplink to avoid having a significant number of 10GbE ports occupied by GbE connections.

Initial setup and SwOS

The initial setup was interesting. I’ll spare the details here, but getting it swapped over to SwOS and away from RouterOS was a little cumbersome at first.

Only because I discovered something the online documentation omits as of this writing: after changing it over to boot to SwOS, shutdown the switch (System->Shutdown) and unplug it. Don’t just simply reboot it. Then when you plug it back in, it should boot into SwOS and everything should work.

SwOS by default will automatically attempt to acquire an IP address via DHCP and only fall back to its default 192.168.88.1 if it’s unable to. This means you should be able to switch it over to SwOS, shut it down, and then add it into your network like any other switch. The IP address determines how easily you can access the web UI, and is a good check on whether the switch is configured properly.

Racking it up

I initially thought I wouldn’t be able to pull the TP-Link switch for lack of SFP modules. But I realized later that the IP-KVM and the UPS SNMP module are the only two devices connected to it. The SNMP module doesn’t need a lot of bandwidth. It’d probably be perfectly happy on a 10Mb connection. The IP-KVM? It really needs the GbE connection with as little contention as possible, so it’s getting hooked into the 10GbE switch.

So I connected the SNMP directly to the router, and connected the KVM to the 10GbE switch, allowing me to pull the GbE switch from the rack. If I really feel like doing so, I can order another SFP module to connect the SNMP into the 10GbE switch.

All the other 10GbE connections just worked with the Fiber Store SFP+ modules I’d been using. One thing I also realized in hindsight: I likely could’ve used the ETH/BOOT port (the RJ45 port with lights) as the uplink to the router, opening up a connection for the SNMP module. I’ll look at that later, though. For now, everything works.

Impressions and comments

This switch is very, very quiet compared to the rest of the hardware in the rack. The Quanta switch easily overpowered everything else on noise, even with the quieter fans and just one power supply plugged in. The Mikrotik switch, however, is easily overpowered by the NAS and virtualization server. This is a nice change. Unplugging the Quanta switch to pull it out of the rack… it’s amazing what you become accustomed to over time.

The MikroTik CRS317 is also very lightweight. It’s about the size and weight of a 1U GbE switch, like a 16-port TrendNet switch I have in my den.

So it’s compact, quiet, lightweight, and supports up to (16) 10GbE SFP+ or GbE SFP connections. All brand new it’s significantly less than the cost of a brand new RJ45 10GbE switch. And it’s easy to get set up for SwOS, once you account for the one slight detail I provided above.

This is the much, much better option in my opinion over the Quanta LB6M. The noise aside, the fact the LB6M doesn’t support GbE SFP out of the box means you can’t really use that switch to its full potential in a smaller setup. But it was never meant for a smaller setup. That it has 24 ports shows this. That it’s louder than a 747 during take-off with the stock fans also shows this. It’s meant to be in a server room or networking closet.

The 16 ports on the MikroTik CRS317 shows it’s not exactly meant for a “small” setup either. But it’s a hell of lot better suited to a setup like mine than the Quanta. And it’s working as expected.

No, there is no such thing as an “accidental discharge”

Let’s lay out a scenario.

A firearm owner decides they want a different trigger on their Glock 34. So they purchase the parts and attempt the installation themselves. Thinking they got it right. During drills, the firearm is misfiring. Then when they holster the firearm with a round chambered, the firearm discharges in the holster.

Accidental discharge? KR Training would like you to think so. The scenario above was reproduced from their description:

The student who experienced the accidental discharge was using a Gen 4 Glock 34 with an aftermarket trigger installed (Pyramid Trigger) and an OWB paddle holster. During the drill, he had several misfires occur, which he cleared and continued with the drill. When he holstered, with finger off the trigger, the pistol discharged in the holster.

There’s a reason many of us say “there is no such thing as an accidental discharge, only negligent discharges”. If a firearm goes off on its own with no manipulation of the trigger, something about the firearm is defective. In the above scenario, it’s the trigger assembly.

If a firearm discharges without any manipulation of the trigger, someone is to blame for that. If the firearm is brand new and such a discharge occurs when the owner is putting the first magazines through it, the negligence is on the part of the manufacturer. If it’s used, then it’ll depend on the chain of custody for the firearm to determine who should have known the firearm was defective – e.g. the prior owner, the shop trying to sell it, etc. And during continued ownership, if the firearm malfunctions, it’s the owner’s liability for failure to properly maintain it.

Accident means there is no one to blame.

But there is ALWAYS someone to blame when a firearm malfunctions and discharges, whether the trigger is manipulated or not. In the above scenario, that would be the firearm owner. If a gun armorer performed the trigger swap, liability would rest with them.

And that there is always someone to blame is why we say “there is no such thing as an accidental discharge”.

Your concealed carry permit is not a badge

Back when I was first learning about firearms and concealed carry, I came across a video – since removed, unfortunately – called “Your concealed carry permit is not a badge”, or something along those lines. And recently I’m reminded of that sentiment with a story out of Marysville, Washington:

Authorities say two men were surrounded by customers with guns while attempting to steal tools from a Washington store.

The Daily Herald reports the men, ages 22 and 23, allegedly took four nail guns, each worth more than $400, from the Coastal Farm & Ranch store Saturday in Marysville.

The men walked out of the store and got into a Honda Civic, only to be surrounded by about six customers with guns raised.

There is NOTHING under the law that gives anyone with a concealed carry permit the legal ability or privilege to stop a criminal fleeing a crime scene. Someone’s life being in danger, whether yours or someone else’s, is the only justifiable reason you have to pull your firearm.

A friend of mine shared the above story on his Facebook wall, and he said this in response to a comment where I said you should not (indeed, you cannot) use your firearm to stop property theft:

I agree this isn’t a situation for a firearm, but by the same token it can’t be easy to stand on the sidelines watching people doing this.

Which is certainly a sentiment I understand. I’ve written about it on this blog. But that is an instinct that must be fought. Since, as I said to the friend, sometimes the hardest lesson to learn is that doing nothing is often the best response to a situation.

You may want to help, but your desire to help could land you in hot water. You could misinterpret a situation, meaning you’re not responding to it appropriately, or even make it worse.

Let me give you an idea from my recent past. A couple months ago, while driving down Santa Fe Trail Drive through Lenexa, KS, we came upon a nasty car accident outside the Lenexa UPS sorting facility. SUV on its side in about the middle of the road, and another truck off on the side of the road. Head-on collision from the looks of things. I pull over and decide to offer help. Several other civilians were already on scene doing the same. 911 had already been called by the time I arrived.

We leave the truck occupant alone since we could not ascertain the degree of his injuries. He was not in any obvious immediate danger. Moving him would’ve been the worst thing to do. Lenexa Police arrived first. EMTs and Lenexa Fire followed not long thereafter.

But car accidents are an easy situation to ascertain: figure out who is injured, get everyone out of harm’s way if necessary, make sure anyone with severe injuries doesn’t move, and get the hell out of the way of EMTs when they arrive. What about a situation that isn’t so cut and dry?

In CSI: Crime Scene Investigation (also known as “CSI: Las Vegas”), Season 3, episode 9 called “Blood Lust“, a taxi driver accidentally runs over a teenager who dies at the scene. The driver gets out to initially investigate, but then gets back into the car. A group of men see this and, thinking the driver is going to flee the scene, swarm the car, pull out the driver, and beat him to death.

There is one key detail the men didn’t slow down to actually consider: the taxi driver has a radio (episode aired in 2002, when cell phones weren’t yet as ubiquitous as they are now), and he was going to radio in to get an ambulance to his location.

What the men in Washington did was of similar vein to what is portrayed in the noted CSI episode. They saw something happen, and decided they needed to respond. Sure, no one died in the Washington incident. But that’s beside the point. A group of six men surrounded a car occupied and driven by fleeing thieves and drew their firearms. They saw fleeing thieves and used a threat of deadly force to detain suspects who, based on the immediate observable details, posed no threat to anyone.

So let’s drive the point home.

Your concealed carry permit is not a badge. It does not make you law enforcement, nor grant upon you any law enforcement authority, including the authority to detain a suspect at a scene.

Do not use your firearm to stop property theft. Do not use your firearm to prevent someone fleeing a crime scene. Do not attempt to pursue someone fleeing a crime scene.

Only employ and deploy your firearm when you can clearly see and articulate that you or someone is in danger of great bodily harm or death.

Unless you are law enforcement, you have zero authority under the law to use your firearm in any other manner. Taking the law into your own hands makes you a vigilante. And I have no respect for vigilantes.

Fix this, SunTrust Bank

I have a page up top for listing contact information for reporting phishing e-mails. SunTrust Bank, however, has their e-mail server set up in a rather weird way. I’ve tried forwarding an e-mail to them numerous times and keep getting this in response:

554 Unfortunately your access to this mail system has been rejected due to the sending MTA’s poor reputation and e-mail hygiene on the Internet. Please reference the following URL for more information: http://www.senderbase.org

When I took to Twitter to figure out an alternate way of forwarding them the phishing e-mail, they subscribed to me and said to forward screenshots of it via DM. Screenshots. Yeah, no. Thankfully I was actually able to forward the e-mail to them from a yahoo.com account. Let that sink in for a little bit…

So if someone from SunTrust happens upon this article, please have your IT department do something about your mail server. You cannot publicly advertise an e-mail address for forwarding phishing e-mails that rejects good faith attempts to provide said e-mails to you. I’ve never had an e-mail rejected due to some arbitrary “reputation” score.

At the least, set up a contact form that allows attachments with instructions on how someone can export an e-mail to a .eml file so the entire e-mail can be sent to you intact. Forwarding takes away a lot of potentially useful information, such as the originating mail servers. And screenshots are basically useless. Including screenshots of the raw e-mail unless you have an OCR program at the ready or are willing to manually recreate the e-mail by hand from the screenshots.

To everyone else seeing this, a quick reminder: your bank will almost NEVER contact you via e-mail if there is a problem with your account. They will instead call you since they have your phone number on file. And if you notice anything odd about your account, call in or visit a bank branch in person.

I am not leaving Patreon

I have a Patreon account through which, as of this writing, I support six channels. Four have nothing to do with politics, though one does touch on politics periodically, but not through any of their actual content. Mostly. I’ve also supported two of these channels via Kickstarter campaigns. And where it has been relevant, I’ve mentioned that I do support Singularity Computers through Patreon, and continue to do so as of this writing.

I joined Patreon when Singularity Computers announced they’d be creating one. And I’ve supported other channels beyond the ones I do now, and only later withdrew support for lack of content (e.g. Julie Borowski) or other reasons.

Patreon gives those who wish to support content creators a convenient means of doing so. Along with other income sources, it has helped many content creators focus more on their content without having to worry nearly as much about paying the bills.

Since the outset, Patreon should have always been politically neutral. And initially they were, only going after accounts for egregious actions or content. Acting merely as a gateway for content patrons to support content creators. But over the last two years they’ve made it clear that aren’t going to be remain neutral, courtesy of their “Trust and Safety Council”. Taking activities outside Patreon and not connected to Patreon and using it to determine whether content creators will be able to use Patreon. Or caving to lobbying efforts and shutting down accounts without getting a full idea of what’s going on.

In other words, taking the attacks on income streams for right-leaning commentators that leftists have been doing for at least the last 10 years and continuing that by attacking Patreon accounts.

Lauren Southern was one. Her Patreon account was terminated in 2017 when she participated in an attempt to deflect migrant boats as part of an operation called “Defend Europe”, going on intelligence that apparently never made it to mainstream media headlines. I’ll let her words provide the details:

This was open evidence that Patreon would use what someone does unconnected to Patreon as a factor in whether to terminate someone’s account.

And recently Patreon has started purging their system of accounts linked to other individuals who’ve been merely labeled “alt-right” or “far right”, individuals who are in actuality liberal or libertarian. One of the more prominent accounts to be banned (again!) is Carl Benjamin, colloquially known as “Sargon of Akkad”. His crime? Using the n-word in a livestream on YouTube that was never posted to his channel nor his Patreon page. Yet Patreon decided to use that against him. Context: Benjamin never use that word in relation to blacks.

In response to these purges, many have decided to cut ties with Patreon. One of the more prominent examples I received in my e-mail recently, and it’s also on his Twitter account, is from Dr Sam Harris, who cut ties with Patreon as a content creator:

I will not be following suit. And if you are a content supporter, I urge you to also not follow suit. Now if you’re a content creator who wants to cut ties, as Dr Harris and others have, by all means go ahead and do so. But if you’re a content supporter, I urge you to stick around.

Closing your Patreon account in protest will serve only to deprive the content creators you currently support of a stream of income. Not all content creators will be able to weather losing their Patreon support. The majority, likely vast majority, of content creators on Patreon don’t touch politics at all. This means closing your Patreon account will deprive these content creators of potentially a significant portion of their income for something completely outside their control.

Content creators who likely have no idea what is going on suddenly losing part of their income because some content patrons decided to turn self-righteous.

This is about the same as protesting tipping of waiters and waitresses by not tipping. In other words, knowingly depriving someone who has no say in any of that of part of their income in a bid to feel self-righteous.

So for the time being I’m sticking around on Patreon. If you want to close your Patreon account in light of what’s been going on, at least determine first if there are alternate means of supporting those content creators. Because a lot of them turned to Patreon and haven’t (yet) set up alternate methods of accepting donations. Closing your Patreon account in protest is going to hurt people with no dog in the fight. And that’s grossly unfair to them all so you could feel self-righteous or “send Patreon a message”.

Now I’m not ignoring the fact that Patreon has a near-monopoly in this market space. We badly need alternatives to Patreon. But as those banned from Patreon will quickly flock to those alternatives, they will be quickly labeled havens for “alt right” content creators. SubscribeStar has suffered similar fate, and has seen some impairments from that – such as a “request” from PayPal that they not use PayPal as a payment gateway.

But does that warrant withdrawing your support from other content creators with no dog in the fight? In my opinion, no. So I’m not joining in on any of that.

Update: On December 17, Patreon issued a statement regarding banning Carl Benjamin (“Sargon of Akkad”) for “hate speech”.

Amending: YouTube channel Design Prototype Test has released a statement about their decline in Patreon subscriptions despite his channel having nothing to do with politics. It’s entirely due to Patreon contributors deciding to leave the platform.

Again, it is for the content creators I support who don’t talk about politics that I’ve remained on the platform. It is not fair to them for me to leave merely because I don’t like Patreon’s decisions.