This one’s new

This may sound like an advertisement for my previous article on hosting a mail server on your home network, since doing so for the last several years has allowed me to easily know this is a scam, but… it’s an email I actually received.

Greetings!

I have to share bad news with you.
Approximately few months ago I have gained access to your devices, which you use for internet browsing.
After that, I have started tracking your internet activities.

Here is the sequence of events:
Some time ago I have purchased access to email accounts from hackers (nowadays, it is quite simple to purchase such thing online).
Obviously, I have easily managed to log in to your email account ([REDACTED]).

One week later, I have already installed Trojan virus to Operating Systems of all the devices that you use to access your email.
In fact, it was not really hard at all (since you were following the links from your inbox emails).
All ingenious is simple. =)

This software provides me with access to all the controllers of your devices (e.g., your microphone, video camera and keyboard).
I have downloaded all your information, data, photos, web browsing history to my servers.
I have access to all your messengers, social networks, emails, chat history and contacts list.
My virus continuously refreshes the signatures (it is driver-based), and hence remains invisible for antivirus software.

Likewise, I guess by now you understand why I have stayed undetected until this letter…

While gathering information about you, I have discovered that you are a big fan of adult websites.
You really love visiting porn websites and watching exciting videos, while enduring an enormous amount of pleasure.
Well, I have managed to record a number of your dirty scenes and montaged a few videos, which show the way you masturbate and reach orgasms.

If you have doubts, I can make a few clicks of my mouse and all your videos will be shared to your friends, colleagues and relatives.
I have also no issue at all to make them available for public access.
I guess, you really don’t want that to happen, considering the specificity of the videos you like to watch, (you perfectly know what I mean) it will cause a true catastrophe for you.

Let’s settle it this way:
You transfer $950 USD to me (in bitcoin equivalent according to the exchange rate at the moment of funds transfer), and once the transfer is received, I will delete all this dirty stuff right away.
After that we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me, I keep my word.

This is a fair deal and the price is quite low, considering that I have been checking out your profile and traffic for some time by now.
In case, if you don’t know how to purchase and transfer the bitcoins – you can use any modern search engine.

Here is my bitcoin wallet: 16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ

You have less than 48 hours from the moment you opened this email (precisely 2 days).

Things you need to avoid from doing:
*Do not reply me (I have created this email inside your inbox and generated the return address).
*Do not try to contact police and other security services. In addition, forget about telling this to you friends. If I discover that (as you can see, it is really not so hard, considering that I control all your systems) – your video will be shared to public right away.
*Don’t try to find me – it is absolutely pointless. All the cryptocurrency transactions are anonymous.
*Don’t try to reinstall the OS on your devices or throw them away. It is pointless as well, since all the videos have already been saved at remote servers.

Things you don’t need to worry about:
*That I won’t be able to receive your funds transfer.
– Don’t worry, I will see it right away, once you complete the transfer, since I continuously track all your activities (my trojan virus has got a remote-control feature, something like TeamViewer).
*That I will share your videos anyway after you complete the funds transfer.
– Trust me, I have no point to continue creating troubles in your life. If I really wanted that, I would do it long time ago!

Everything will be done in a fair manner!

One more thing… Don’t get caught in similar kind of situations anymore in future!
My advice – keep changing all your passwords on a frequent basis

So yeah…

There is no way they could’ve “purchased” access to my email account, since it isn’t accessible outside my home network, which is protected via a firewall. Again this is one of the main reasons I set up a mail server on my home network.

Plus I also don’t have a webcam, so there’s nothing for them to record.

So yeah, scam all the way. And it has all the hallmarks of all the previous scam blackmail emails as well. Though this is a bit of a new angle for them to take. Haven’t seen this one before. But I’m sure I’ll probably be seeing a lot more of it in the future.

Other BTC wallets associated with this scam:

1GGZpqXsqKWSRnjJ1SHFaE5VPkMHHsKToX

Infinity Consumer Services

In a previous article I wrote about American Debt Enders and their “Debt Dispute Program”. It seems since that article went live, the company has done a bit of a rebrand. Now instead of calling it “Debt Dispute”, they call it “Credit Restoration“. And they’ve removed some of the more problematic claims from the initial page, and removed access to the several blog posts about their program – though the links on my initial article do still work.

In looking back through those original articles, there was a small detail I overlooked:

Note:(this article is based on researching the debt dispute program as laid out by Infinity Consumer Services, which contains some unique elements.)

And when I looked at the website for Infinity Consumer Services (ICS), I found that American Debt Enders had basically copy/pasted from ICS’s “Debt Dispute” program. So at least I know one of the sources of the fanciful claims I responded to in my original article.

But ICS makes their own fanciful claims about their program.

The right to dispute the accuracy of an account is indispensable to ensure fair business practices. Infinity Consumer Services uses a private third-party fiduciary to dispute the accuracy of accounting on our customer’s behalf. A third-party is used to maintain a level of privacy that corporate entities, such as Infinity Consumer Services, may not be able to provide as a registered business.

This third-party is called an authorized representative. The authorized representative acts on our customer’s behalf to dispute the validity of accounting as well as request other disclosures the debt collector must verify through the lender.

Do you really need an “authorized representative” to help you dispute your debts? Not really. As I stated in my original article, it just takes understanding your rights, a little initiative, and keeping your expectations in check. Depending on the type of person you are, it may be helpful to have someone on your side, but it isn’t necessary. Especially since the first leg of debt validation is handled entirely by mail.

But let’s tackle the second part of that second paragraph: “dispute the validity of accounting as well as request other disclosures the debt collector must verify through the lender.” As I’ve pointed out on this blog several times, what a debt collector must provide to satisfy validation under the law is actually quite minimal:

No provision of the FDCPA has been found which would require a debt collector independently to investigate the merit of the debt, except to obtain verification, or to investigate the accounting principles of the creditor, or to keep detailed files.

Azar v. Hayter, 874 F.Supp. 1314 at 1317 (N.D. Florida, 1995)

[V]erification of a debt involves nothing more than the debt collector confirming in writing that the amount being demanded is what the creditor is claiming is owed; the debt collector is not required to keep detailed files of the alleged debt. Consistent with the legislative history, verification is only intended to “eliminate the … problem of debt collectors dunning the wrong person or attempting to collect debts which the consumer has already paid.” There is no concomitant obligation to forward copies of bills or other detailed evidence of the debt.

Chaudhry v. Gallerizzo, 174 F. 3d 394 at 406 (4th Cir., 1999) (internal citations removed)

So the Federal Courts have already said that what ICS would be attempting to get from the debt collector is not information the debt collector would be required to turn over. Instead they’re required to provide evidence that

  • the debt is valid
  • the amount claimed is accurate (itemized details are not required to fulfill this)
  • they have the authority to collect it, and
  • the name and address of the originating creditor if you request it

That’s it!

If a lender and/or debt collector cannot verify pertinent information regarding an account, they may be in violation of consumer protection laws. During and after a dispute, collection efforts by debt collectors sometimes cease until they can provide such disclosures.

Given how little a debt collector must provide during validation, it’s easy for them to provide this information in most circumstances. Yes collection efforts must cease until they do, but expect them to actually do it.

Often, we see collection efforts come to a standstill until the statute of limitations for debt collection runs out.

I highly doubt it is “often” that ICS sees “collection efforts come to a standstill” long enough for the statute of limitations to run out. I’d be surprised if that has actually happened, to be honest. I’ve been through debt collections. Almost every time I sent a §1692g validation request to a debt collector, they’ve typically responded within 45 days of me posting the dispute letter.

Do not lead your readers and prospects into thinking that sending a dispute letter under the Fair Debt Collection Practices Act will result in never hearing from the debt collector again. It never happens on debts that are newly fallen into collections.

For debts that have been sold off to other debt buyers, that’s a possibility. And it has happened to me. But that was also for an account with a balance of only a few hundred dollars. All the other accounts I had that fell into collections? Each collector returned validation.

The statute of limitations for collection on unsecured credit accounts varies from state to state. After the statute of limitations runs out in say 5 years for example, a consumer may have a right to challenge any collection efforts as outside the statute of limitations. In short, a creditor/debt collector may have missed their window of opportunity to collect on the account.

The statute of limitations does not, itself, stop a debt collector from attempting to collect a debt. It only stops them from going through the Court to enforce the debt.

After the statute of limitations runs out, you can tell a debt collector to stop contacting you. Only if they sue can you then assert the statute of limitations since it’s an affirmative defense to a lawsuit. And if you fail to raise it to squash the lawsuit, you can’t raise it on appeal.

Calibrating an LED driver board

I’ve recently been getting into projects using LEDs. And one project is building a light using the YujiLED 100W COB. (Only available in pairs, it seems.)

100W LED COB

And while you could just wire this up into a voltage step-up converter – which is a good way to at least make sure it isn’t DOA – that isn’t a good idea for long-term use. For that, you need to use a voltage regulator board that also has current limiting to prevent the LED from drawing too much current. Which could happen as the LED gets warmer.

But the instructions for calibrating these boards tend to be… lackluster at best. So here’s the steps to actually do this right.

Warning: Before you begin this, mount the board to some kind of heatsink and fan. It will get very hot otherwise. Same with your LED.

  1. Turn the voltage trimmer pot all the way clockwise. You’ll hear a “click” with each full turn when you get to that point. This sets the lower limit on voltage.
  2. Turn the current trimmer pot all the way counter-clockwise. The “click” is a little less pronounced on this trimmer compared to the voltage trimmer pot. This sets the current limit well above what you’ll need for the LED.
  1. Connect the board to the power source. Make sure to use a power source with an output voltage lower than the LED’s voltage range.
  2. Connect the board’s output to your LED through your multimeter with it set up to monitor current.
  3. Turn on the power source. Depending on your power source, the LED should either be dimly lit or not lit at all.
  4. Turn the knob on the voltage trimmer pot counter-clockwise. This will bring the voltage up. If the light was off previously, it’ll eventually come on and start drawing current. But once the light starts drawing current, the current will start moving up fast, so take it slow at that point. Keep turning until the maximum rated current for the LED is reached – e.g. 3A in my instance.
  5. Turn the knob on the current trimmer pot clockwise until the current starts going down and the LED begins to dim. Then back off until you’re just a little under the rated current. I went to about 2.90A, which provides a little wiggle room for any fluctuations.

Using another multimeter or some other kind of voltage display (that supports the given range), check the voltage at the output of the LED driver board. It should be just inside the upper voltage limit for the LED according to its data sheet. In my instance, it settled at about 30.5V (31V is the upper limit), so pulling about 90W.

Now your voltage step-up board should be properly calibrated to your LED. With the upper current limit set, it should never draw more than a few milliamps above where it’s set. And attempting to turn the voltage trimmer pot higher will have no effect. Turning the voltage down, however, will dim the LED.

If you intend to have any kind of dimming, it’s best to use a PWM dimmer. Find one with a pulse rate of at least 10KHz to avoid interference with photography and videography. And make sure it’s rated for a high enough current and power for your LED and the requisite voltage.

And as noted above, in whatever final build you do with the LED and converter board, make sure you are adequately cooling the converter board along with the LED.

Beyond Bright’s rather significant flaw

In a bid to cut our energy consumption, I looked at all the various lighting around my house. Most of the bulbs were already CFLs or LEDs, so there wasn’t much in gains to be made there. But then I looked at my garage.

Fluorescent tubes. 32W each. 16 of them for about 650 sq.ft. Which does a good job at lighting the garage, but drawing over 500W of power when they’re on. Yikes! Something that really stood out on my last power bill, as I’d been out in the garage more than typical recently.

So I decided to replace the fluorescent fixtures with standard light sockets and LED bulbs. The Beyond Bright caught my attention, since I could find it readily at my local Home Depot. And then bought two of the Beyond Bright Ultras. 6000 lumen each, according to the maker, while drawing only 60W.

And while I think the lumen rating by the manufacturer is vastly overstated, they do put out a lot of light. Enough that two replace most of the fluorescent lights in my garage. I do have a workbench over which I’ll eventually install LED light bars. So these won’t replace all of the lighting. Once all of them are replaced, though, it should go from over 500W to around 150W to 200W at most. Less once I redo how they’re connected into the wall switches so I’m not turning all of them on at once.

I’ve been making other lighting projects recently. (Article coming on one of them: a portable LED tube light I built for night photography.) So being curious, I wanted to find a part number on the three LED panels to look up details. Or at least get measurements on the individual emitters and guesstimate. And it was in getting one of the panels out that I discovered a significant issue.

Each panel is made up of 48 LEDs in an 8×6 grid. Likely SMD 2835s, meaning they’re surface mount and 2.8×3.5mm with a square emitter. The exact specs would depend on who made them.

Along with putting out a lot of light for their size, SMD and chip-on-board (COB) LEDs generate a lot of heat. And that heat needs to be dissipated. Heat kills LEDs. They will dim over time from age, but inadequate heat dissipation will kill them faster.

The LED panels are set into aluminum flaps. And they’re designed so convection dissipates the heat. But without an adequate amount of thermal compound, i.e. a lot more than just a small drop, the LEDs cannot adequately dump their heat into the aluminum to reach anywhere near its advertised 30yr lifespan.

Especially since most thermal compounds don’t last that long. I don’t know of one that does.

Given that some reviews of the Beyond Bright (not the Ultra) say the lights died after only a few months, this is a likely culprit.

So before putting these lights into service, I decided to rectify this. By going all-out and using Arctic MX-4. It’s what I had as I was working with high-power (e.g. 100W) LEDs recently, plus I use it on any computer builds. It’s also advertised as having an 8-year lifespan in service.

Any decent-quality thermal compound will work because you’re dissipating only 20W of heat at most per panel – going off the advertised 60W power draw. Better compound will last longer – again, Arctic MX-4 is rated for 8 years – and perform better but, again, we’re talking only about 20W of heat into a decently-sized piece of aluminum.

The amount of thermal compound is more important. It needs to cover the entire underside of the LEDs with a thin layer.

Ideally these panels would’ve been glued in with a decent thermal epoxy, a thin layer under the entirety of the LED panel. That would all-but guarantee the 30 year advertised lifespan. But replacing the thermal compound should at least allow me to get decent life out of these lights.

It’s about the adapters

Last year, I felt it was time to join the 4K bandwagon. Not for 4K gaming. But photo editing. And the desktop real estate.

Why photo editing? Two reasons: 4K (3840×2160) is much closer to the original resolution of my digital camera (6000×4000) than 1080p (1920×1080). 8K is larger than my camera’s resolution.

4x the resolution also means twice the pixel density at similar screen sizes. The pixel density of the 32″ 1080p is shy of 69ppi, giving a deceiving lack of sharpness when trying to edit photos. The 4K televisions are 43″ diagonal, so larger, but the 4x resolution means a still much larger pixel density at over 102ppi, which is slightly higher than what’s typically considered the minimum pixel density for printing a photo.

Plus the 4K panels I chose, the Samsung RU7100, have much better sRGB coverage (about 97%) when calibrated compared to the 1080p televisions (about 83%) I used previously.

And I didn’t buy just one monitor. But two. This led me to discover an interesting caveat I didn’t fully realize until, unfortunately, rather recently.

4K television and DisplayPort

When trying to use a 4K television on a PC, you need to pay attention to your connections. It’s easy to make a lot of assumptions.

For example if you bought an HDMI 2.1 compliant television, but you don’t have an HDMI 2.1 compliant graphics card, you’re holding your TV back from its full potential. Provided your graphics card is powerful enough to take advantage of its full potential. If your graphics card has DisplayPort 1.4, though, you have options. More on that later.

In my instance, I bought two HDMI 2.0b televisions. But my graphics card, like every other graphics card out there, has only one HDMI port. (It is HDMI 2.0b compliant.) So to get the second television working at 4K, I needed a DisplayPort to HDMI adapter.

This is where things can get tricky and you can end up buying the wrong adapter. First, you need an active DP->HDMI adapter. Passive adapters and adapter cables won’t work here. But it isn’t enough for the adapter to say “supports 4K” or “supports 4K@60Hz”. Passive adapters and adapter cables will work fine for 1080p, maybe even for 1440p at 60Hz, but definitely will not work for any 4K resolution.

The adapter must say two things:

  • HDMI 2.0 (can be 2.0a or 2.0b as well), and
  • DisplayPort HBR2 – alternatively, “5.4Gbps per lane” if it doesn’t call out HBR2 specifically

Why is this important? Bandwidth.

RGB Full, 4K at 60Hz requires almost 12Gbps just for the video data. DisplayPort HBR is limited to 8.6Gbps for video data, which can give you 1440p at 60Hz if the TV supports it. HBR2 has twice the throughput of HBR for video data: a little north of 17Gbps. If it doesn’t say anything indicating it supports HBR2, it’s likely limited to HBR. Adapters that say they are fully compliant with DisplayPort 1.2 may work.

Club3D CAC-1080

Once I had the right type of adapter, I was able to set RGB Full as the output color format in the NVIDIA Control Panel, though with only 8bpc. If I wanted more bits per channel (my camera can record photos in 14bpc RAW), I’d have to drop the refresh rate to 30Hz or reduce the resolution. (1440p at 60Hz 12bpc = 8Gbps) Perhaps I’ll try that later.

If you have an HDMI 2.1 compliant TV, you will need an adapter that supports at least HBR3 (shy of 26Gbps for video data) and HDMI 2.1 (48Gbps). So far the Club3D CAC-1085 is the only one I’m aware of. That’s more than enough bandwidth to allow for 4K at 60Hz, RGB Full at 16bpc (shy of 24Gbps, twice the data of 8bpc). So perhaps I need to look at a 4K display that can actually do that as my next upgrade.

Settings

Both TVs have the source set to PC. Here are the rest of the settings:

General->External Device Manager:

  • Input Signal Plus: On (Required for 60Hz)
  • Game Mode: On
  • HDMI Black Level: Normal

General->Eco Solution:

  • Ambient Light Detection: Off (You can turn this on if you want, but leave it OFF when you’re calibrating your display using something like an i1Display Pro.)

Picture->Expert Settings:

  • Backlight: 30
  • Brightness: 0
  • Contrast: 50
  • Sharpness: 10
  • Color Tone: Warm 2
  • Gamma: 2.2

All other settings except White Balance are disabled. And White Balance should be adjusted only as part of color calibration. Leave it at default if you won’t be calibrating the displays.

Why Marbury has endured

Article: The Surprising Reason We’re Fighting Over the Supreme Court — and How to Fix It

It’s safe to say that both the left and right hate Marbury v. Madison. It is the Supreme Court decision. The one through which the Supreme Court of the United States asserted the power of judicial review. Which is, I believe, one of the most misinterpreted powers of the Federal judiciary.

And those who badmouth Marbury or call it a “problem” seem to overlook the obvious: Congress had enacted a law in blatantly obvious contradiction to the Constitution of the United States.

And that the above-linked article makes zero mention of the law’s specifics is very telling.

The law overturned in Marbury expanded the Supreme Court’s original jurisdiction. Whether they have proper (also called “competent”) jurisdiction is one thing every Court must consider before rendering a decision on a case, or even before allowing a case to proceed. And with the Supreme Court of the United States, the Constitution is quite specific:

In all Cases affecting Ambassadors, other public Ministers and Consuls, and those in which a State shall be Party, the supreme Court shall have original Jurisdiction. In all the other Cases before mentioned, the supreme Court shall have appellate Jurisdiction, both as to Law and Fact, with such Exceptions, and under such Regulations as the Congress shall make.

Congress can only touch the Supreme Court’s appellate jurisdiction. The Supreme Court’s original jurisdiction is set in stone. Amending the Constitution is the only way that can be modified. This also means Congress cannot grant original jurisdiction to a Federal District Court where the Constitution gives that jurisdiction to the Supreme Court – e.g. cases involving disputes between States.

In the case of William Marbury, the Supreme Court of the United States, under the Constitution of the United States, did not have competent jurisdiction and could not provide Marbury relief. That was Marshall’s ruling. It upheld two fundamental rules of the Constitution: Congress cannot make any Acts except where they are granted power to do so, and the Federal judiciary cannot enforce any Acts that are contrary to the Constitution.

And quietly, it also established a third principle applicable to just the Federal judiciary: a Federal Court cannot hear a case and grant relief except where the Constitution and Federal statute grant it jurisdiction, with the Constitution prevailing where the two conflict.

John Marshall did not create this power with Marbury, as many have asserted over the years. And still do today. He merely asserted it.

To assert that Marbury should be reversed or in any way limited is to assert that Congress should, in short, be able to do whatever it wants. And anyone pointing toward Marbury as any kind of problem with the Federal judiciary seems to want just that.

MikroTik CSS610

Build Log:

About two years ago, I bought and put into service a MikroTik CRS317 10GbE router/switch. At the time I also bought several SFP modules to consolidate several Gigabit connections, since the switch supports that and I was consolidating only a few.

In that review, I wrote that consolidating Gigabit connections in that fashion is really only cost-effective if you’re consolidating a few. The cost of the modules would fast overtake the cost of a Gigabit switch beyond a handful. It’s similar to having Power-Over-Ethernet (PoE) injectors versus a switch. Though I’d argue needing more than one (1) PoE injector necessitates a switch simply due to cabling.

And it was installing PoE security cameras that necessitated a more divided setup to my home network infrastructure. I have an injector, allowing me to test cameras when I acquire them. But I bought a PoE switch before buying the second camera. Review on that might be coming later, though there isn’t much to really say on it.

A Gigabit switch with one or more 10GbE uplinks is the more ideal setup for consolidating Gigabit connections into a 10GbE backbone. This avoids taking up space on a 10GbE switch. And the uplink allows those Gigabit connections to talk to the rest of the network at full bandwidth.

Which brings me to this:

The MikroTik CSS610 is an 8-port Gigabit switch with two 10GbE SFP+ cages. This allowed me to consolidate all of my Gigabit connections without needing to buy a bunch more SFP modules. And move the existing Gigabit connections I had going to the 10GbE switch, reducing that switch’s power consumption and freeing up the SFP modules for later use, or just sell off.

It’s small. 200 x 167 x 46 mm, or 7-7/8″ wide, a little over 6-1/2″ deep, and slightly over 1U tall. I have mine sitting on a rack shelf next to the PoE switch, and two of these can easily fit on a rack shelf next to each other.

It’s passively cooled as well, having no fans inside, meaning it’s silent due to its very low power consumption. Perfect if it’s going to be sitting on a desktop instead of tucked away into a rack cabinet or networking closet.

And it just works. I didn’t bother doing any setup or configuration. I just pulled it out of the box, plugged it in to a 12V power source, and connected it to my 10GbE switch. It is a managed switch, using MikroTik’s SwOS, but I’m not using any of the managed features, and don’t have a need for them – though it’d probably at least be a good idea to update it to the latest firmware. I’ve had it since November 2020, and so far it’s just worked.

MSRP is just 99 USD, though I paid 78 USD plus shipping through EuroDK. Amazon lists it for about 115 USD as of this writing, which is about overall what I paid to ship it from EuroDK.

Why two SFP+ ports? There are several uses for it. One is chaining together several of these with a 10Gb trunk without resorting to a 10GbE switch while still not limiting bandwidth between them. Alternatively you could have one or two servers with 10GbE NICs connected to this. Or some combination thereto. It all depends on how you design your network layout to minimize contention.

Now what if you have more than 8 Gigabit connections? A couple options are available.

Unless you have more than 16 Gigabit connections, I’d say to just buy two CSS610 switches and connect both into your 10GbE switch. Which is what I’ll do if I need more Gigabit ports.

If you need to consolidate more than that, look at the MikroTik CSS326. (Amazon, EuroDK) The complication there is you may need to bond the 10GbE ports to combine their bandwidth if you expect traffic to that switch to ever exceed 10Gb.

Otherwise if you’re in the market for a switch that consolidates Gigabit connections to a 10GbE switch, I don’t think there is a better choice out there when it comes to price, even if you don’t use any of the management features. So check it out and see if it’ll fit your needs.

Quasi-diskless Linux installation with iSCSI and no PXE

So let me set the scene.

On my rack I have Nasira, which is a FreeNAS server with about 30TB effective storage. It’s connected to a 10GbE connection, built on an AMD FX-8350 and 32GB ECC RAM.

I also have a few loose machines. One is a GPU compute box for BOINC, sporting three NVIDIA graphics cards. Another is another GPU compute box sporting two AMD graphics cards for Folding@Home. And the thought came to mind that I didn’t want to put an SSD in either. But I don’t have any spare SSDs at the moment and didn’t feel like buying any.

But I do have a few spare USB drives lying around. So I wondered if I could get a quasi-diskless server up and running without setting up a PXE server, with all the time and complication that comes with that.

And since you’re reading this, you can pretty readily assume that the answer is… Yes, right? Well, read on and find out.

iSCSI

Briefly, I’ll discuss iSCSI here. It’s basically remote storage across a network similar to a file share. The exception is where a NAS is visible to your computer as a filesystem, an iSCSI share is treated as if it’s a physical drive. Just through a network connection instead of a SATA port or USB plug.

It has numerous advantages to a regular network file share, including being usable as direct storage for installing an operating system.

Since setting up an iSCSI share varies based on the NAS software, I won’t go any further here. All I’ll say is to make sure to set up your iSCSI share so it points to a file instead of one of the physical drives attached to the NAS.

Making it work

So what’s the catch? Why the USB drive? Well something needs to hold the /boot partition and the bootloader. (And /boot/efi if you’re setting up using UEFI.) I used a 16GB USB drive, but I see no reason why this can’t work with smaller capacity drives, likely even as small as 1GB if not smaller.

But is there a catch? Well there is one big one: the Linux distro you select must be able to link to an iSCSI target during installation. (Unfortunately that means Ubuntu and Debian are both out.) How to set that up varies based on distribution. I’ve done this only with Fedora and CentOS, so I can only speak directly to those and will use only those for demonstration herein. (Note: With CentOS, make sure to enable the network connection before you try to select an iSCSI target or it’ll say your login credentials are bad.)

(Note: In the screenshots below, I’m using VirtualBox for demonstration, so where you see “VBOX HARDDISK”, that’s the USB drive.)

The main thing here is you cannot use any “automatic” partitioning. You instead need to use a custom partition layout. The /boot mount (and /boot/efi, if applicable) needs to reside on the USB drive. Everything else (swap and / at minimum) resides on the iSCSI target.

Note as well that, at least with CentOS (I don’t recall seeing this with Fedora), when you set your /boot mount (and /boot/efi, if applicable), it may try to assign that to both the iSCSI target and USB drive. So if you see “and 1 other” under “Device(s)”, click Modify and click just the USB drive, then Select to save it.

And the USB drive needs to be set as the boot device. Obviously.

Conclusions

So if you want to set up servers to boot from iSCSI, this is a way to do it without setting up PXE and all the complications that come with it. Just enable iSCSI in your NAS, set up the targets as you need for each server, install Linux as described above, and you’re golden.

Sure it’s not a true disk-less setup, but it’s enough for my needs. It’s quick to setup. And a lot easier to setup as well compared to creating a PXE server and getting that working. (Plus that server becomes an additional point of failure in your network along with another target for ongoing maintenance.) And if you don’t have spare hardware you can use to make a PXE server, it’ll likely be cheaper to just buy a few USB drives if you don’t already have a few lying around.

It’d be great if I could just enable iSCSI in the UEFI for each server, but that’s probably not coming to consumer motherboards any time soon, if ever.

The unspoken side of student loan forgiveness

Ah student debt cancellation. Typically there are two camps to this. Those in favor who say “It’ll help the economy!” and those against who typically play the fairness card. I’m more to the latter, but there’s more to this discussion than just that.

It isn’t about getting people out of debt

The idea of forgiving student debt isn’t about wiping away debt. Never has been. It’s about making room for those borrowers to take on other types of debt. In other words, rather than getting them out of debt, it’s about changing the kind of debt they hold.

This is where the “it’ll help the economy” gambit comes from. They want student debt forgiven to saddle these borrowers with mortgages, car loans, and credit cards. It’s similar to all the investment firms who write articles telling people to hand their money over to them instead of putting any extra money you might have (over savings and an emergency fund) against your mortgage or other debts, including your student loans.

Lost future revenue

This is the other major thing no one is talking about. If the Federal government forgives that debt, that is interest and principal revenue they will no longer be getting. Billions of dollars per year in revenue gone. Think about that.

Oh but they already have a plan to recuperate that lost revenue. Tax people like me a lot more.

It’s about buying votes…

…by making you guilty to vote for anyone BUT Democrats down the line. “If you had a student loan, you now owe us your loyalty.” And if this were to occur, it wouldn’t surprise me if there will be lies spread down the line that Republicans will reinstate the forgiven loans, despite such being impossible. I mean we see it all the time with slavery and Democrats saying that Republicans will or want to bring back slavery, despite such also being impossible.

But since when do propagandists let small details like that get in the way?

There’s a better way

One of the properties of student loans that are oft-cited is the extreme difficulty to discharge them in bankruptcy. I’ve said before we need to make that easier. And if that were to happen, we’d also fast see those loans dry up because lenders are going to be a lot less willing to write loans without some kind of guarantee they’ll get paid back.

At the same time, though, even if they could be discharged in bankruptcy, that doesn’t mean you can just declare bankruptcy and get those loans discharged. You still have to abide by the bankruptcy code, meaning you have to show you are unable to pay back your debts and won’t be able to for the foreseeable future.

Bankruptcy isn’t easy. By design. Because bankruptcy law isn’t about creating an “easy out” for your debts, including your student loans. But a lot of people want that easy out, which is why politicians are willing to capitulate on student loan forgiveness.

Just remember, though: it was never about getting you out of debt, only ever about putting you in a position to take on even more debt, while at the same time saddling you with guilt should you ever decide to vote for someone who isn’t a Democrat.

Copyright infringement scam

This is new to me and the first time I’ve received this type of e-mail. I’ve redacted all names since the photographer on whose behalf this email appears to have been sent is a reputable photographer in the Bay Area.

Dear Sir/Madam:

I’m a representative of [REDACTED]. The purpose of this notice is to notify you that several graphic and/or visual works shown on the web site property associated with your legal entity are in reality the intellectual property of [REDACTED] who actually is a skilled digital photographer. [REDACTED] reserves and is the owner of all proper rights to the works in question. You’re able to browse the infringing works by sticking with this particular hyperlink:

[REDACTED]

Since you have not asked authorization to utilize, nor to make or/and distribute, offer, lend or rent all these works, you are therefore in violation of the 1976 U.S. Copyright ACT Title 17 of U.S. Code, Sections 102(a), 106-121.

You’re now warned to CEASE AND DESIST any and all additional illegal behaviors of copyright infringement by promptly removing the offending graphic and/or pictorial materials from public availability on the net intellectual property connected with your entity.

Failure to comply with the following notification within one (1) working day is going to be reasons for filling up a civil action suit against you and/or your legal entity, seeking monetary damage and compensation for court and lawyer’s service fees charged as a primary outcome of your unlawful activities of copyright infringement.

It isn’t our intend to hunt legal recourse, however, kindly note that no more warnings will be given should you neglect to abide by our authorized demand within the time given.

If you personally lack the specialized skillset to carry out the demanded activities, we recommend immediately getting in touch with the maintainer of the internet property and instructing these to comply with this CEASE AND DESIST letter on your behalf. You are strongly recommended to forward this document to them in order to achieve this task.

You are also permitted to route this notice some other engaged stakeholders and/or decision makers within your business as necessary.

Please remember to discover the info regarding the illegal materials to be removed via this link below, and act quick to avoid further penalties.

[REDACTED]

Truly,
Sonny O’Connor

I tried looking up the name of the person who allegedly sent the message and could not find a lawyer with this name. But apparently this is a somewhat common scam, just with different message text. So… I guess they’re adapting.

Update: I forwarded this email to the photographer on whose behalf it was allegedly being sent. This is the reply I received:

Hello Kenneth – Yes, it has been brought to my attention that someone is sending emails claiming to be my legal counsel and is distributing cease and desist letters regarding copyright infringement on my behalf. Please note this is a scam, this individual is illegally using my name, and I have not authorized such representation or legal action on my behalf. It is also important to note that my accounts have not been hacked or compromised in any way. I appreciate you letting me know you received such a notice.

Hopefully there’s something they can do to get out from under this, since this has the potential to damage their reputation as a photographer – the main reason I didn’t put their name on this.