The snow that is. There's still some tenacious bits hanging in there (see the photo from my front door this am). But i anticipate the temperature and humidity is going to drive all but the most tenacious bits into extinction.

See, its not all doom and gloom!


OK, its not a great photo, and its a couple weeks old cuz quarantine. But many of us were amused to learn of the delivery model for Shawarma. This van pulls up a couple of times per week, and unloads ~20 shawarma per place. Its chock full inside. Think of all the shawarma!

There's a bucket-line line of folks handing them off from door to door, whole unload time is pretty quick.

Don't say I never taught you nothin'

So the Irish Rovers (yes that band that played the Unicorn song back in the day w/ green alligators and long-necked-geese) is doing their last tour. And, excitedly I had purchased tickets for the St Patricks' day show (in Chatham Ontario). Tonight was the night.

Sadly, that is not to be. Instead my team has been dispatched to work from home, leaving it quiet and lonely down here. The view from my office window is quieter than usual.

Fortunately, from a work perspective, we are 100% Zero- Trust. 100% of services work the same, from any Internet, no VPN. Just SSL + SSH, all single-sign-on. So I am not worried about the office or the productivity in the short term. But, as an Agile team, there's no real substitute for face-to-face meetings.

And, more worrisome, the Ace Shawarma is closed.

The great deprecation of Python 2.x has been underway for more than a decade. As of Jan 1, 2020, its dead.

Today I updated a home machine to Ubuntu 20.04. No more python package. We do still have a bit of python 2.7 kicking around:

dpkg -S /usr/bin/python2
python2-minimal: /usr/bin/python2

On update it helpfully removed slack. Now, I would be ok with that (I don't really use it), but I decided to dig into why, and show you the fix.

First, the reason. The slack desktop package (electron, ugh), has a dependency on python. We have a python3 (pointing to 3.8), but no python.

OK, lets fix it.

mkdir /tmp/x
dpkg-deb -R slack-desktop-4.3.2-amd64.deb /tmp/x
sed -i -e 's?python,??' /tmp/x/DEBIAN/control
dpkg-deb -b /tmp/x /tmp/slack-desktop-fixed.deb
dpkg -i /tmp/slack-desktop-fixed.deb

done. Turns out it wasn't really needed.

Hopefully the slack folks will update the desktop package to remove the unsupported python2. RIP.

So this AM I called my mobile carrier, the one implicated in the breach I talked about yesterday. I decided to try and authenticate to an agent w/ just the data that was breached.

So the call goes like this... step 1, you get an auto-attendant. Based solely on your caller ID (which is easily spoofed as anyone who has received a CRA-scam type call knows), it reads you out your last account balance, payment, etc.

I then tab through to the agent. The agent asks me for my PIN. I say I don't want to give a password to a person.

So they ask me... phone #, billing address, postal code. Done. I can now set a new pin and security question. So the info that was in the breach is sufficient to undo the new port-protection.

So, uh, the moral of this is... I dunno, buy some sort of tin-foil-chapeau?

I've updated my security question and pin, but its all they have.

Now, question, what sort of 2-factor authentication would we use? The agent for the phone co doesn't know me personally, so that is not a method. I would be nice to have like a lottery-card of scratch-off-numbers or something. We need a one-time-password that is consumer-simple I think.

Either that, or I need to start lying about my billing address to these folks.