Fox Island Dive Sites

Fox Island has four well-known dive sites:

  1. Fox Island Bridge
  2. Z’s Reef
  3. East Wall
  4. West Wall

Map showing all 4 sites. Fox Island Bridge to the N, Z’s Reef to the NE, and East and West wall are the S most on their respective sides of the island.

Tides and Currents

Due to the narrow channel between Fox Island and the Kitsap Peninsula (the Hale Passage near Artondale), tidal currents rip through at a good clip. Watch your tide & current tables and time your dive accordingly.

In case you have tide tables but don’t have current tables…

As of 2025, in the Hale Passage low tide more or less matches the low (flooding) slack. That is, the rising slack current (from ebb to flood) is 5-30 minutes after low tide. But you probably want to dive at high tide, not low tide. High tide lags the high (ebbing) slack. That is, the falling slack current (from flood to ebb) is between 2 and 2.5 hours before high tide. At high tide, the ebb current is already well established.

1. Fox Island Bridge

This is at the South (Fox Island) side of the bridge. There is open free parking. This site is not mentioned as a marine preserve and is open to fishing.

2. Z’s Reef

This site is only accessible by boat, because the shore along the reef is entirely privately owned. Also, it’s along Hale’s passage so watch your tides & currents. Z’s Reef is designated as a marine preserve by the WA State fishing regulations, so there is no fishing or taking of marine life of any kind.

Drop in from a boat at the slack current about 2 hours before high tide. The shore drops off moderately steep, and 60′ depth is not far from shore. The wall can be hard to find because visibility is often 10′ or less.

3. East Wall

This site is at the SE end of Fox Island, at the Fox Island Fishing Pier park. Obviously, given the name, this is not a marine preserve. Fishing is allowed, both pole and spear. The pier is quite high with no access to the water.

Drive in; the site is usually not crowded and there is plenty of parking. There are guardrailed paths down to the pier – do not follow them. Instead, just after entering the park look to your right. Across the grass near the restrooms there’s a small green sign, easy to miss, that says, “Beach Access”. This goes down stairs then turns left into a dirt path that leads down to the beach.

The elevation change from the parking lot down to the beach is about 75 feet, so if you’re SCUBA diving you might want to make 2 trips or use a cart.

The beach is gravel with an easy entry & exit. This photo from the pier shows where the footpath reaches the beach:

Here’s the view from the beach after walking down the footpath:

This site is at the SE entrance to Hale’s Passage, so the tidal currents can be strong. Watch your tables and time your dive accordingly.

So, if you have tide tables but not current tables, dive about 2.5 hours before high tide.

4. West Wall

This site is on the W shore of Fox Island at the end of Kamus drive. As you drive in you’ll see a yellow sign saying “no turnaround”. From there, it’s about 0.3 miles to the shore and a steep descent. Don’t park here, but continue driving down the road.

Near the end of the road there’s a gravel area at the dead-end of the road that looks like a parking lot, but is posted “no parking”. Just 100 feet or so up the road from this, there are wide spots in the road with room to park, if nobody else is there.

The shore is aligned approximately 135* to 315* compass (magnetic) heading, or SE to NW. Looking straight out from shore is about 225* or SW. As of May 2025 there are 5 buoys; 3 to the right and 2 to the left. Swim straight out to the buoys and descend. Bear left (south) as that is where you’ll find the wall.

This site is exposed to more open water, not a narrow channel, and is consequently less subject to strong tidal currents. High slack is always a good time to dive, but you have more timing flexibility at this site than at the others.

View from the shore in May 2025:

DME and its Limitations

What It is

DME means “Distance Measuring Equipment”. It is a navigation instrument used in airplanes. DME predates the era of GPS, but it still used. To understand what DME is, it helps to first understand what a VOR is, because DME facilitates navigation by VOR. I assume the reader is already familiar with VOR.

DME operates at frequencies in the 1 GHz range (960 to 1215 MHz), nearly 10x higher than VOR (108 – 117.95 MHz). DME ground stations are virtually always colocated with a VOR. To use the DME you tune it to the same frequency as the VOR. Yet how can that be, if the DME operates at a higher frequency? Every VOR frequency has a specific designated DME frequency. When you tune the VOR frequency into a DME, it looks up the corresponding DME frequency and uses that instead of what you tuned.

Why do things this way? Since VOR and DME stations are virtually always colocated, tuning the same frequency for both the VOR and the DME is convenient and reduces pilot workload.

How it Works

Unlike a VOR, which is receive-only, a DME both receives and transmits. The DME in the aircraft transmits a pulse, the DME ground station receives this pulse and transmits a reply. The DME in the aircraft receives this signal from the ground station and uses the time elapsed (the speed of light, plus a fixed latency) to compute the distance to the ground station.

The astute reader might wonder, what if several aircraft are all pinging the same DME ground station at the same time? How does each aircraft’s DME receiver know which transmission from the ground station is for itself? The answer, in a word, is jitter. The DME in the aircraft transmits multiple pulses uniquely jittered, or spaced pseudo-randomly in time. The DME ground station transmits the reply to each aircraft with pulses using that aircraft’s jitter. The DME in the aircraft listens only to replies that have its unique jitter, ignoring the rest.

One consequence of this is that each DME ground station can support only a limited number of aircraft. That limit is around 100.

What it Provides

Distance to the ground station. This is “slant distance” which includes your altitude. A nautical mile is 6,076 feet, so if you fly directly over the DME ground station at 6,076 of altitude it will show a distance of 1.0, not zero.

Ground speed. The DME computes this from the distance changing over time, so it is the speed relative to the station. But it’s based on slant distance. If you are flying directly to or from the station, it is your actual ground speed if you are far away from the station. Yet as you get closer to the station, when flying directly overhead it will show a ground speed near zero since you’re moving almost tangent to the station directly below you. If you are flying around the station in a circle, the DME speed will be zero, since your distance to the station is not changing.

Time to the station. Some DMEs compute and display how long it will take you to reach the station, based on your distance and speed, if you fly directly toward it.

Limitations, or Ways DME can Fail

Because the DME in an aircraft must transmit (unlike VOR which is receive-only), the transmitter power is limited. The power of a DME transmitter varies by model. I’ve seen it as low as 25 watts and as high as 100 watts.

When it comes to electrical devices and circuits, receivers usually last longer than transmitters. Transmitters use more power, which is current and heat, and over time those heat cycles take their toll. Thus, while many VORs still work when 40+ years old, this is less common for DMEs.

DME frequencies are in the GHz range which is direct line of sight. And the DME antenna on the airplane is usually on the bottom of the fuselage. Thus if you don’t have a direct line of sight to the station (you’re at a low altitude, there are mountains between you and the station) it won’t work.

ADS-B Out transmits on 978 or 1090 MHz, both of which are in the same range as DME. Thus, ADS-B Out may cause conflicts and prevent DME from working.

Each DME ground station can only support a limited number of airplanes at a time. If the station is in busy airspace, it may ignore your airplane’s DME signal and your DME won’t work. Having a low powered DME transmitter exacerbates this problem, since over-saturated DME ground stations prioritize the strongest signals and ignore weaker ones.

Bluetooth in a Windows 10 VirtualBox VM

Introduction

While all of my computers run Linux, sometimes it’s useful to have Windows – fortunately, not often. Due to the long wet grey dreary winters here in the WA state Puget Sound area, I recently got an indoor cycling trainer. You can use lots of different software with these. The software emulates rides in either the real world (based on video & GPS tracks) or the virtual world (like a video game). It connects to the trainer using Bluetooth or ANT+ to dynamically control the resistance (simulating hills) and measure the rider’s power output.

The only software I could find that runs natively on Linux is very basic and not well supported. These include Auuki and Golden Cheetah. I wanted something more full featured. The next best thing would be Android.

Android?

Most of the popular apps (Zwift, MyWhoosh, Rouvy, Kinomap, icTrainer, etc.) support Android. MyWhoosh was out of the question because it consumed 7 GB of space on my tablet before it could even start running. It is a big, slow, steaming pile of bloat-ware. Most of the others are too expensive for my frugal nature. So I started with icTrainer, which is less well known. At $30 per year, it is the least expensive of the non-free apps. They had great support, promptly answering a couple of questions I emailed them. Their Android app ran just fine on my old slow tablet. The rides I downloaded are huge since they have full video, and icTrainer stored them on the external SD card, which was a nice plus.

So far, so good. But I wondered if I could run indoor cycling software on my laptop, which runs Ubuntu 22. This would give me a bigger screen, and the ability to drive an even bigger external monitor. But it would require getting Windows to work.

Windows 10

First I installed VirtualBox on my Ubuntu 22 laptop, then unearthed an old Windows 10 installer ISO file and unused license key I had hanging around. The Win 10 install went fine and I installed the icTrainer Windows app, which also went fine. The problem was: how to get the Windows 10 VM to use the laptop’s Bluetooth so icTrainer could control the trainer?

I’ll cut to the chase. Start by ensuring that the Win10 VM is shut down.

First, shut down Ubuntu’s bluetooth service, so it releases the computer’s Bluetooth hardware.

sudo service bluetooth shutdown

Next, find the computer’s Bluetooth hardware. It’s considered a subset of the USB system, so list the USB devices:

lsusb

In the list, look for an entry related to Bluetooth. On mine, it is this:

Bus 001 Device 003: ID 8087:0a2b Intel Corp. Bluetooth wireless interface

Next, start the Win10 VM and then log into it.

In VirtualBox, go to USB Devices, look for that same device in the list, and check the box so VirtualBox so it can make it available to the VM.

Now in Win10, confirm that it’s there by going to “Device Manager” and finding the Bluetooth section. If it doesn’t appear, try rebooting the Win10 VM.

At this point, the Win10 VM has access to the computer’s Bluetooth and any apps that use Bluetooth (such as indoor cycling training programs) should work.

Signal Messaging both Mobile and Desktop

I’ve used Signal on my phone for several years now, since some of my friends use it. It’s always supported Android yet recently I learned they also support Windows, Mac and Linux. Combined with being secure and open source, it’s becoming my go-to messaging app all around.

Video calls work smoothly on this Ubuntu desktop, as well as on my Android phone which runs LineageOS 22 (Android 15).

To install on your phone or tablet, simply get it from the standard app stores.

To install it on Windows or MacOS, go to the site (linked above) to get the download and follow the usual steps.

How to install it on Linux:

First get the app key and store it locally:

wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg

Next add the key to your local keyring:

cat signal-desktop-keyring.gpg | sudo tee /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null

Next, add the Signal repo to your local list:

echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | sudo tee /etc/apt/sources.list.d/signal-xenial.list

Finally, install the Signal app from the repo:

sudo apt update && sudo apt install signal-desktop

 

Email, IP Addresses and Blacklists

Introduction

I have a web & email hosting account so my email is on my own domain. A while back I wrote on this topic: http://mclements.net/blogWP/index.php/2024/02/06/email-send-blacklisting-ip-addresses/

That turned out to be a temporary solution and the problem kept recurring. I recently devised a permanent solution. I’ll describe this solution first, then get into the story of how I discovered it.

How it Works

Here’s what happens when I send an email from my own domain. Consider the email as foo@bar.com sent using MyHost SMTP servers.

  1. My email client (Thunderbird on Linux) calls GMail’s SMTP server to send an email from foo@bar.com
  2. The GMail SMTP server receives the call and says, “foo@bar.com isn’t a GMail email address. Do I recognize this?”
  3. The GMail SMTP server sees that I have added foo@bar.com as an external email account and verified it.
  4. The GMail SMTP server sees that I have told it to call the MyHost SMTP server to send email for foo@bar.com, and provided MyHost login credentials.
  5. The GMail SMTP server calls the MyHost SMTP server to send the email from foo@bar.com
  6. The MyHost SMTP server sends the email using the IP address of the caller, which is the GMail SMTP server’s IP address.

This ensures that the IP address associated with email sent from the MyHost account is not my Comcast assigned IP address, but that of GMail’s SMTP server. Thus, it passes all the various internet email security checks.

The Symptom

As I mentioned above, the problem kept recurring. I send email and sometimes it is rejected with a reply that looks like this:

host eig-east.smtp.a.cloudfilter.net [18.215.58.191]
SMTP error from remote mail server after end of data:
550 Gk0Tt29WcHdOCGk0UtJxy2 - <foo@bar.com> message rejected AUP#SNDR

I checked whether this IP address is blacklisted at this site: https://mxtoolbox.com/blacklists.aspx

It shows more than 40 different blacklists, all but 1 of which are green / OK. It was blacklisted by Spamhaus ZEN with reason PBL. In their words:

PBL - Spamhaus PBL is a DNSBL database of end-user IP address ranges that should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use

In other words, internet SPAM and security has gotten so bad that servers don’t accept email from any IP address except those pre-cleared as public SMTP servers. When it comes to delivering email, they have shifted from blacklisting to whitelisting.

Previously I thought I could solve this by using the IP for my DNS name, instead of the one assigned by Comcast. But my hosting provider refused to do that and it wouldn’t help anyway.

The Solution

Google has employees whose job is to keep their SMTP servers on all the whitelists and off all the blacklists. When my hosting provider’s SMTP server sends email, it uses the IP address of whoever called it. If I can get Google’s SMTP servers to call my hosting provider’s SMTP server, then my email will deliver with a whitelisted Google IP address.

And Google provides a method to do exactly this!

Before starting, have the information for the SMTP server you want to use: hostname, login name, password, etc.

Point your browser to https://gmail.com, go to Settings, See all Settings, Accounts and Import.

In the “Send mail as” section, check the button for Reply from the same address the message was sent to.  Then click the link Add another email address. Follow the instructions in the window that pops up to verify the email account and SMTP provider.

Next, go to your email client settings and tell it to use the GMail SMTP server to send mail for your hosting provider email.

That’s it – you’re done.

Ubuntu 24!

Introduction

My home desktop has been running Ubuntu 18 since it came out in April 2018. As all even numbered versions, it has LTS (long term support) for 5 years, which ended last year. Yet the reliability of Ubuntu is a double edged sword. It runs so long, without filling the hard drive with garbage, without fragmenting the filesystem, without losing performance, that over the years you customize it so many ways that by the time you need to upgrade, it’s hard to remember everything you’ll need to set up in a new system.

So why upgrade at all? After 5 years there are no more updates. No more security patches, and for most of the applications you can only run old versions. So you need to upgrade to use the latest versions of applications and stay on top of security.

You can upgrade in place to keep everything you’ve configured, with do-release-upgrade. But this only takes you up 1 step to the next LTS version (18 to 20, 20 to 22, etc.). So I’d have to do that 3 times! And it doesn’t guarantee that everything you set up will work – though it usually does.

This time around, 6 years and 3 versions behind, I decided to do a full upgrade from 18 to 24 and wipe the system boot drive. I waited until Ubuntu 24 was released on April 25 and then hit the keyboard.

Install

I actually use XUbuntu, a variant of Ubuntu that uses the XFCE desktop instead of Unity. I prefer the XFCE desktop, as it is more traditional and faster, using less CPU and RAM. Even if the computer is fast enough to support a more heavyweight desktop, why waste the CPU and RAM on that? Even if Unity was as lightweight and fast as XFCE, I would still prefer XFCE.

First I backed up my system using deja-dup. Most of my data files are on separate hard drives, which I would not be erasing. So I only needed to back up my home directory and an “apps” directory that I use for software that is manually installed. I also reviewed my apps and files to ensure that all the software I wanted to install was available on my data drive: DEB, TAR, etc. As my desktop has 4 drives, I wrote down the device and UUID for each so I could recognize them during installation.

Next I downloaded the ISO file, burned it to a DVD, rebooted to the DVD which started XUbuntu. I selected to do a manual install, reformatting the system drive. I selected “minimal installation” because I didn’t want a bazillion crapplets that I’ll never use, but also “include 3rd party and binary software”. This all went smoothly and it also automatically installed the NVidia drivers for my GTX1660.

Next, I removed the DVD and booted, my computer came up in XUbuntu 24. Yay! But now the real work begins…

Configuration

Firefox

Firefox is a mess in Ubuntu 24. First, by default it installs as a Snap, which nobody likes. And, on top of this, they’ve crippled its access to the filesystem. You can remove it from Snap with snap remove firefox and then install with apt install firefox, but the next time you update it will revert back to the Snap install. To get it to stay this way you’ve got to edit some config files to tell the system to always install it from apt.

Next, I found that Firefox could not download files. After scratching my head for a while I realized this is because my home Downloads folder is a link that points to my data disk. And I also discovered that I could not open local documentation HTML files for the Android and Java SDK. Putting 2 and 2 together, I realized that someone decided to cripple Firefox’s access to the filesystem. WTF!?

I suspect this is the “younger generation” of developers, who think the local filesystem is somehow “unsafe”, and really unnecessary anyway since they do everything in the cloud. That is the only reason I can imagine for the crazy idea of crippling such an essential function. Most sites say that installing Firefox from apt instead of Snap solves this. Perhaps it once did, but not anymore in Ubuntu 24. With some Googling I learned they’ve created an AppArmor config that restricts filesystem access for Firefox. My fix was to configure AppArmor to disable the Firefox controls, like this:

sudo ln -s /etc/apparmor.d/usr.bin.firefox /etc/apparmor.d/disable

Altogether, this got Firefox working properly again.

Backups: Deja-Dup and Duplicity

To restore all of my backups I’d have to be root because some of the files to be restored are system, owned by root not by me. No problem, right? Think again. My backups are on a separate disk that I mount to a local folder /dsk3. When I ran deja-dup to restore a backup, it would unmount that drive!

If I ran deja-dup as myself, it would work only because it wasn’t root so its attempt to unmount the drive would fail. This was fine, it still worked, even if only by accident. But with deja-dup it is impossible to restore a backup that you have mounted to a separate disk, if you run it as root.

I could not find a solution to this, so I only restored my home and apps directories mentioned above. That’s all I really needed to back up, so I got lucky.

Thunderbird

I installed from apt and it saw all of my email that was restored from the backup – both my local folders and all of my IMAP email server accounts. Bang!

Python and Virtualenv

In Ubuntu 24 Python works differently. The system Python is now 3.12 instead of 2.7, which is nice. But the procedure for installing virtualenv and virtualenvwrapper that I used for Ubuntu 22, does not work in 24.

First, use pipx instead of pip. That is, pipx install virtualenv.  After that, pipx install virtualenvwrapper. At this point they are installed but the don’t work. Next, I had to change the environment variables and python & wrapper script locations:

export WORKON_HOME=$HOME/.virtualenvs
export VIRTUALENVBIN=$HOME/.local/share/pipx/venvs/virtualenvwrapper/bin
export VIRTUALENVWRAPPER_PYTHON=$VIRTUALENVBIN/python
source $VIRTUALENVBIN/virtualenvwrapper.sh

I created some virtualenvs, listed them, etc. it all works fine – great!

Pulseaudio and Pipewire

Ubuntu 24 audio is working, but it runs pipewire instead of pulseaudio. I had pulseaudio configured to avoid resampling for bit perfect audio. Pipewire is not doing this; it resamples everything to the system default sample rate of 48 kHz. With some reading, I found a simple way to configure this.

The pipewire config files reside here: /usr/share/pipewire

In particular, the primary config file is: /usr/share/pipewire/pipewire.conf

But rather than edit this directly, you can leave it in place there and create another config file that overrides individual settings.

Create this directory if it doesn’t already exist: /etc/pipewire/pipewire.conf.d

And in that directory, create text files (having any name) that override individual settings. For example I created this file: /etc/pipewire/pipewire.conf.d/pipewire-custom.conf

# Daemon config file for PipeWire version "1.0.5" #
#
# Copy and edit this file in /etc/pipewire for system-wide changes
# or in ~/.config/pipewire for local changes.
#
# It is also possible to place a file with an updated section in
# /etc/pipewire/pipewire.conf.d/ for system-wide changes or in
# ~/.config/pipewire/pipewire.conf.d/ for local changes.
#

context.properties = {
    ## Properties for the DSP configuration.
    default.clock.rate = 48000
    default.clock.allowed-rates = [ 44100 48000 88200 96000 176400 192000 ]
}

stream.properties = {
    resample.quality = 14
}

After doing this, when I play audio files using VLC, with an external DAC connected to my sound card’s SPDIF output, the external DAC shows the sample rate changing to the native sample rate of each file that I play. It works!

Also: the DSP library PulseEffects was replaced with EasyEffects, a newer version that works with PipeWire. This new version has a feature I like: it does not resample all audio to the system sample rate like PulseEffects did, but plays audio at its native rate without resampling, changing the system rate to match the audio. Very nice!

Audio Update

Audio stopped working on each bootup. After some troubleshooting I discovered that the kernel module for my Juli@ sound card is not loaded. How to check this?

First, run lspci -k and it shows you all your PCI cards, and for each, which kernel module it uses. This told me the card is plugged in and the module is snd_ice1724.

Next, check whether that module is loaded, or really check for all sound modules by running: lsmod | grep snd_. This did not list the snd_ice1724 module.

So, load the module manually by typing: sudo modprobe snd_ice1724. After that, repeat the above command to see if it’s loaded. Bingo! It was. And after doing this, audio started working.

Now here’s the mystery: normally you can tell the system to load new kernel modules by creating files in files in /etc/modules.load.d. For example I created this file:

-rw-r--r-- 1 root root 53 Apr 29 18:02 /etc/modules-load.d/snd_julia.conf

The contents are simple:

# kernel module for the Juli@ sound card
snd_ice1724

This should tell Linux to load the module at boot, so I don’t have to load it manually. But my system still doesn’t load this module. Or maybe it’s trying but failing, but I can’t find any errors. And I also looked for it in blacklists, but it is not a blacklisted module. Indeed, if it were the system shouldn’t let me load it manually.

At least I can fix the problem, but I don’t know why it doesn’t load automatically when it detects the sound card, nor manually from the config file, so I’m stuck loading this module manually at the command-line.

PS: another kernel driver that I must load manually is snd-usb-audio. This is needed to use external DACs that plug in via USB, like my Schiit Jotunheim. Add it to the list above.

Java, Tomcat and PostgreSQL

I installed openJDK versions 8, 11 and 21, using apt, then ran update-alternatives to set the default to JDK 8. Even though it’s old, a lot of software requires it and won’t run on the newer JDKs.

Next I installed Tomcat, version 10 is what comes with Ubuntu 24. That was simple enough.

Then I needed the PostgreSQL JDBC driver so my Tomcat server could talk to databases on other servers in my home network. I found the JAR file online, copied it to /usr/share/java and linked it to /usr/share/tomcat10/lib.

Finally, I copied my audio recordings JSP app to Tomcat. First I made a directory for the app: /var/lib/tomcat10/webapps/audiorec. Then I copied the source files (JSP) to that directory. BANG! It just worked.

Apps and Games

I installed Steam and after configuring it, it saw all of my games on my separate disk drive. And it saw my configs since I restored my home directory. All good? Nope.

Two games I’ve been playing recently are Valheim and Bioshock Infinite. Steam showed how long I had been playing and when I most recently played. And the games are supposed to save your progress in the cloud. But when I started the games, they started from scratch. They had no notion of any prior game play or saves. I lost all my progress in the games.

On the brighter side, the games now run natively in Linux, where previously with Ubuntu 18 they only ran reliably from Proton, the Windows emulator. Same hardware, same drivers, the only difference is Ubuntu 24 versus 18. So I don’t know why, but that is nice…

Printers and Virtualbox

Back in 2019 I bought the TurboPrint driver for my Epson SureColor P400 printer. This is a good thing, since Epson doesn’t have a Linux driver for this printer – even though they do for most of their other models. Yet the TurboPrint driver installed and worked just fine, it doesn’t need the Epson driver. Turboprint is excellent, and essential for anyone who wants to print photo quality from Linux.

I have a Windows 10 VM for software that doesn’t run on Linux. Just a couple of apps, Epson’s CD print and Suunto’s link for my GPS wristwatch. I installed virtualbox simply from apt and it just worked – my VM came up just fine. Of course I did have to edit my system groups to ensure that I am in both plugdev and vboxusers in order for the Windows VM to be able to see USB devices like the printer and the watch.

Addendum: IOMMU

What the heck is IOMMU, you might ask? Indeed, I asked the same. I noticed a bunch of errors in dmesg, like this:

DMAR: DRHD: handling fault status reg 3

With some Googling I found it is related to a CPU chip function related to RAM called IOMMU. I’ve been using Linux since Ubuntu 8 in 2009 on a wide variety of desktops and laptops, and I’ve never seen this before. Maybe this desktop’s CPU is too old to support it – it’s an i7-4770 from around 10 years ago. Still reliable & fast, so why replace it?

The solution was to add a kernel boot parameter iommu=soft. I did this by editing the /etc/default/grub file, then running update-grub. Confirmed fixed.

Conclusion

Of course there was a bunch of other stuff. And I’m not even done yet. But the computer is mostly working again, with most of my data and apps restored. I’ll get the rest of it working over time.

What to do with $1000

I’ve read some articles on this recently and most of them miss the most important points.

The situation: typical middle class worker who is making ends meet, but maybe not by much. You unexpectedly get $1000. What’s the best way to use this money? Let’s assume you don’t have to pay income tax on it – if you did, set aside 20% to 25% of it now.

Number 1 is to pay off credit card and similar debt. If you don’t have any, congratulations, move on to Number 2. Credit cards have high interest rates and the interest is not tax deductible. Every dollar you put toward that pays for itself in spades. And most importantly, after paying off that debt, don’t take out more! The first step to get yourself out of a hole of debt is to stop digging. That means work out a budget within your means and stick to it: spend less than you earn.

Number 2 is to pay off other kinds of debt. For example, car loans. If you can’t pay it off in full, send extra money to reduce the amount of debt. Every extra dollar you make for a payment goes 100% toward principal – unlike the rest of the dollars in the payment, which are a mix of principal and interest. But don’t pay off a mortgage early if the interest rate is less than 5% (especially if tax deductible). Every dollar you put toward paying off a mortgage early gives you better returns if you invest it.

Finally, if you have no debt other than mortgage, invest whatever is left over. For retirement investing, put more money into your 401K or IRA. If it’s already maxed out, you can put after-tax dollars into a Roth IRA. Even if you make too much money to quality for Roth, you can still do it through the “Roth backdoor”. That is, put after-tax dollars into a traditional IRA, then immediately roll them over into a Roth IRA. If you can’t do any of that, invest by simply buying funds. For long term investments (more than 5 years), equities and equity funds are the way to go. For 1-5 years, reduce volatility with a blend of stocks and fixed income. For < 1 year, fixed income like a CD may be best.

Audio Phase: Shift versus Inversion

It is said that a 180* phase shift is the same as a polarity inversion. That is, it flips a wave to its mirror-image across the time axis. If we imagine a simple sin or cos wave, we see that this is true. 180* is half a wavelength, slide it that distance either forward or back, and you get the same wave with polarity inverted. Another consequence of this lies in audio room tuning. If the distance between 2 walls is half a wavelength of a particular frequency, the wave reflecting from the wall, being inverted polarity, cancels the wave arriving which causes a dip or null at that frequency. Those same walls will also boost waves at twice that frequency because that same distance between the walls is their full wavelength, so the reflected wave is in phase with the arriving one.

But this doesn’t work with a general musical waveform. No amount of sliding it left (back) or right (forward) in time will invert its polarity. Intuitively, we see that a musical wave is not symmetric or repeating like a sin or cos wave. The musical waveform is much more complex, containing hundreds of frequencies all superimposed. Any distance we slide it left or right represents a phase shift at only 1 particular frequency. Alternately, sliding it left or right can be seen as a phase shift at all frequencies, but a different phase angle for each, since the distance it shifted is a different number of wavelengths for each frequency it contains. As in the above example, it boosts some frequencies and cuts others. This is what happens in a comb filter.

Since every frequency has a different wavelength, it’s hard to imagine how a phase shift of the same angle at all frequencies could even be possible. It is possible, but to do it we need to expand into another dimension and use complex numbers. That computation creates a new waveform that is the polarity inverted version of the original. You can find explanations of this all over the internet, for example here: https://www.audiosciencereview.com/forum/index.php?threads/analytical-analysis-polarity-vs-phase.29331/

Because of this, when speaking of music and audio I prefer the term “polarity inversion” to “180* phase shift”. Even though they can be equivalent, the former is concise while the latter is somewhat ambiguous since one must also specify at what frequencies the phase shift is applied.

Email Send, IP Addresses, Blacklisting

About a month ago emails that we sent were bouncing, being rejected by the destination servers saying one of the IP address where it came from was blacklisted. I host this site and our email through Hostgator, using their SMTP server to send email. So my first guess was that the Hostgator SMTP server was blacklisted. It’s plausible, as it’s shared by many customers, some of whom may be spammers. But the IP address from the email bounce message didn’t match that server. Turns out it was the IP address that Comcast assigned to my home router. So Comcast assigned me a blacklisted IP address! Perhaps Comcast shares that IP with other customers and one of them has been spamming.

However, email sent from my GMail SMTP was not bouncing. Looking at the email headers, GMail’s SMTP does not forward the IP address of the client who sends it; it sends its own. So one possible solution would be to get the Hostgator SMTP to stop forwarding my IP address, but instead use its own, or even use my own IP address for this domain, mclements.net. I contacted Hostgator support and they said they could not configure the SMTP server to do this.

In the meantime, as a temporary workaround I configured my email send to use the GMail SMTP and CC my other email. It’s clumsy but works.

My next option was to change my Comcast IP address. I called support and they confirmed that Comcast uses DHCP, so getting a new IP address should be as simple as turning off my modem & router, then turning them back on. I knew it wasn’t that simple because I had done that and the IP address never changed. The DHCP has a lease with a time duration. You need to disconnect long enough for that to expire before getting a new IP address. I left them off overnight and still got the same IP address.

DHCP servers often (though not always) use the client MAC address as a hash when providing IP addresses. If you can change the MAC address of the router that connects to your cable modem you are likely to get a new IP address. I dug into my router menus and found a config option to do exactly this: you can enter any MAC address you want, or have it copy the one from the PC you are using to connect to the router. When setting MAC addresses manually like this, one must be careful because the MAC address is not just a random number. The first several hex codes are assigned to manufacturer and device type. You should ensure that what you enter is a valid MAC address.

In short, this worked. After changing my router’s MAC, Comcast issued a different IP address that was not blacklisted, and now my email is not bouncing. Since these IP addresses belong to Comcast, I called to let them know the old IP address was blacklisted so they can deal with it.

Summary of steps:

  1. Configure your router to use a different MAC address
  2. Turn off the cable modem and router
  3. Turn on the router
  4. Turn on the cable modem and wait…

After step (4) it may take longer than usual to get an internet connection. When the router negotiates with Comcast for a connection, if its MAC address is different and Comcast assigns a new IP address, the process can take longer.

Bikes: Electronic Shifting

In late 2021 I bought a new road bike, a Fezzari Empire. One of the reasons I bought it at that time is because that was the last year that Shimano offered its best components (Ultegra and Dura Ace) with mechanical shifting. Since then, they are only available with electronic. SRAM has also gone to the “dark side”.

Why don’t I like electronic shifting? Everyone else seems to love it. They say it works perfectly. Perhaps it does (when it’s not failing due to dead batteries) but mechanical shifting works perfectly too. It’s been perfected over decades and it is simpler, cheaper, lower maintenance, more reliable and durable.

My reasons include:

Electronic shifting has batteries that can die on a ride. To be safe, you need to add a spare battery to your ride kit. These batteries also must be charged periodically, and replaced when they wear out.

Mechanical shifting, once adjusted properly, works perfectly for several years and thousands of miles without needing adjustment or maintenance (other than periodic cleaning, which electronic shifting also requires).

Electronic shifting is less durable and reliable. Consider a multi-day stage ride. Electronic shifting requires you to bring extra batteries or find a way to charge them. It’s extra hassle with no corresponding benefit. Lachlan Morton, who won the Tour Divide in 2023, had electronic shifting. The batteries were a hassle during the ride (charging and replacing), and later it failed, forcing him to jerry-rig his derailleur with a spare spoke.

Electronic shifting is also considerably more expensive.

Electronic shifting has no real benefit to justify the expense and hassle. It’s not lighter, nor more efficient, nor faster, and it’s actually less durable and reliable.

Getting philosophical, electronic shifting contradicts the classic purity of what a bicycle should be: a simple, elegant, purely mechanical machine. No batteries, no electronics, no software. The only power source should be the person riding it.

In short, electronic shifting is a complex, expensive, fragile solution to a problem that doesn’t exist.

So why do so many riders like it? It’s high tech, more expensive making it more exclusive, and the latest trendy shiny object. Pros use it, which can make sense since their bike only has to last 1 day, they don’t care how much it costs or how long it will last. But for those of us who aren’t GC contenders in the Tour de France, I’m surprised so many cyclists drink the kool-aid and can’t see that the Emperor has no clothes. And bike companies love it because they can charge you 3 times the price for the equipment, lock you into their “ecosystem”, get a new revenue stream selling batteries, and every few years forcefully deprecate old systems forcing people to upgrade.

No thanks, I have mechanical, the shifting is sublime, it’s simple and user-serviceable, and it will last me the next several decades until (God forbid) I’m too old to ride bikes anymore.