Thursday, March 31, 2011

Injectors

I pulled the "air chamber" off and got the injectors out. The air chamber is this big aluminum thingy with a jillion hoses going to it that's between the throttle-body and the intake manifold. You have to remove it to get the injectors out.

I got it out and the only casualty (so far) was I broke the line going to the PCV valve. It was old and had gotten brittle. Easy enough to replace with a 6" piece of 5/16 hose. I had to cut the one end of the busted line off the PCV valve and when I did this my jackknife slipped and I put a deep slash in my thumb. If I was a liberal I'd demand a purple-heart, take a month of sick days, and sue Toyota & the knife maker for a jillion dollars. It really is a deep cut though, was still bleeding tonight about9 hours later.

I found a guy in Pflugerville that cleans injectors. I debated doing it myself. I've got some REAL carb cleaner but I'm afraid it might eat the plastic parts of the injectors and ruin them. They're expensive, $50-75 each, so I don't want to muck them up. He only charges $15 each. We'll see how it goes...

So what's up with Bammie invading Libya? Not really vital to our national interests. Perhaps he knows he's going to be ousted in 1212 and doesn't want to be known as a prez who didn't invade another country. Now he's arming the al queda rebels. Weren't those the bad guys? I miss GWB.
Posted by at No comments:

Sunday, March 27, 2011

4runner

I found a 89 4runner off a chick on Craigslist 3 weeks ago. 200K+ miles and she said she quit driving it because she could pull it out of first gear without putting in the clutch (So???) They said it hadn't been started in 2-3 years so the battery was dead and I would not be able to start it much less test-drive it. Every body panel on it has some dings with the worse being the driver's front fender; the neighbor backed into it, knocking it into the door so it wouldn't open more than 1/3. They hadn't pried it open with a tire-iron like most morons do; all that does is create more bodywork. Interior was better than average for the age. It's the SR5 model, 4wd, V6, and 5-speed. It had obviously never been off-roaded as it was clean and straight underneath. Tires were very good. Looked completely stock except for green shag carpet and a cheap equalizer. I got it for $800.

I trailered it home and pulled it off the trailer with the tractor. It almost yanked the rear bumper loose, the damn thing was about to fall off and it had a 2" ball!

I parked it in the shed and the first thing was to drop the fuel. These things actually have a drain-plug in the fuel tank - sweet! The tank had about 8 gallons of green-funk in it. Next I pulled the tank, which wasn't much work either. The in-tank fuel pump and fuel-level sending unit were caked in rust. The pump was locked up from the grunt so I ordered a new one online for about $25. I cleaned the sending unit and got it working again. The tank looked pretty bad inside. I hit it with the pressure washer and it cleaned it up surprisingly well. The only crap still in it is on the top of the tank where I couldn't hit it with the washer.

She had some service records in the glove box that I went through. She got raped on a master cylinder, $288! (I can get them for $50.) The last time it was worked on was 2002 so I assume
it was parked in 2002. There were no tags or registration to tell me otherwise.

I put a battery in to check the lights. The highbeams weren't working. I took the switch apart and it buzzed out okay but when I put it back together still no workie. Hmmm... Apart again for a better look; it had enough continuity to turn on the buzzer in my meter but there was about 25 ohms across the contacts. I pulled the switch apart and they looked a little burned. After a little time with a points file and a cleanup with contact cleaner and they were reading close to 0 ohms closed. Put it back together and the lights work correctly, except for the back license-plate light. I cranked the key and the motor turned over! That's a good sign; I know it isn't locked and the starter works.

I checked out the rear bumper and it's mounted to 2 sheet-metal points either side on the body. 3 bolts total (1 was missing) and all the mounts were ripped on the body. They also had some 20ga angle-iron going to the frame, which did no good. It was about to fall off on it's own and they actually towed something with it. Criminal!

I got the new pump in a few days, reassembled everything, and put a battery in. Then I jumpered the fuel pump and let it run for a few minutes to cycle some new gas through the system before trying to crank it. It took a minute or so of cranking but it slowly started firing. Sound like it's hitting on 3-4 cylinders, not bad!

I did a compression test which showed a couple cylinders a little weak. Next I ran a leakdown test which is much better. Cylinders 2, 3, and 6 were leaking pretty bad through the intake. #3 was the worst at 50% leakdown. Sounds like it needs a valve job.

I started tearing it apart in prep to remove the motor. Looks like a big job. Then I got to researching and there's a product called "SeaFoam" that's supposed to clean sticking intake valves. I figured I'd give it a try; $10 crap-shot against doing a valve job. You put 1/3 of the can in the tank and let it warm up and then pour it into the intake through a vacuum line. After the can is empty you let it sit 15-30min and then start it up. It'll smoke like hell for a while as it knocks the crap loose. It didn't seem to stop the missing but it was running a little better. I took the plugs back out, did a leakdown again and the valves had sealed! 2 cyl's were a little low, 91% and 86% but leaking through the rings this time. (I could hear air coming out the crankcase vent.) I stuck my stethascope on the lifters to listen for them clicking. $6 sounded real good, #2 and #4 were weak, and #1 wasn't doing anything. I couldn't get to #3 and #5 because they're under the intake thingy. I got another can of SeaFoam and treated it again, hoping it would help the injectors. Also put in a new set of platinum plugs because it had some cheap ones that were shot.

The next morning I started it up cold and it was running pretty smooth; didn't seem to be missing. But after it warmed up it started missing again. I let it cool down, restarted it (ran fine) and it started missing as it warmed up. Hmmm... I change out the fuel filter and cursed those Toy engineers for putting it in such a crappy place. It's on top of the crossmember so it's hard to get to but there's an open spot on the frame 8" forward; wouldn't have cost any more to locate it there. I digress... Must have taken an hour to swap out the filter. Good thing I did; the old one was almost competely clogged. I fired it up again; same symptoms. #1 and #3 don't seem to be firing at all and #2 and #4 are weak. The injectors on #2 and #4 don't sound near as strong as #6 but #1 sounds really good even though that cylinder doesn't seem to be firing. I shot some carb cleaner into a vacuum line and the engine sped up some, so I think some cylinders are starving for fuel. Most of the problems I've found have been fuel-related. I was hoping that driving it would clean out the injectors but I'm staring to think I'm going to have to pull the injectors and clean them manually. There's a couple of places I found that will clean them for a little over $100 or I can do it myself for under $20, but I've never done it before. Either way I have to remove them which is quite a job on the V6 because there's a lot of crap in the way.

Other stuff: The rear pinion seal is leaking; common but it takes a 30mm or 1 3/16 socket to remove remove the yoke on the pinion. Will have to purchase one as I have a 1 1/8, which won't fit, and 1 1/4, which is too loose.
Posted by at No comments:

Tuesday, March 22, 2011

Miss Me Yet?

Posted by at No comments:

Tuesday, February 22, 2011

Password Security

I went to a seminar at lunch today over at National Instruments. Some group called "OWASP" that had me on their mailing list. It was free, about hacking passwords using the GPU, so I gave it a shot.

The speaker, Rick Redman of Korelogic, is a professional hacker who is hired by companies to try to break into their systems.

How passwords are stored: Typically when you sign up to some internet site (facebook, blogger, paypal, etc.) you have to enter a username (or email) and password. They store the password on their servers. Usually they run the password through some encryption and store the encrypted password. An example of a simple (crappy) encryption algorithm would be to increase every entry by one. Make every 'a' a 'b', every 'b' a 'c', every 'S' a 'T', every '6' a '7', etc. Here's some examples:

Un-encrypted password
 Pencil
Number1Hasher
Encrypted Password
Qfodjm
Ovncfs2Ibtifs
When you enter your password "Pencil" the first time they store the encrypted password "Qfodjm" in their password file. Then everytime you log in and enter your password it runs it through the same encryption algorithm and verifies it matches. "Pencil" will yield "Qfodjm" and match while "Pancil" will yield "Qbodjm" and fail.

There are less than a dozen common encryption algorithms. Some are fairly simple (not nearly as bad as mine) and some are quite complex but the algorithms are all known and readily available. Usually the more simple algorithms are used because it takes more CPU cycles to execute them or the implementer is just lazy.

A couple years ago a company called "RockYou!" wrote a plug-in for facebook. They asked for you facebook password so they could link in with your facebook friends, interests, etc., and said they would never store the password. Well it turns out they actually did store it and they didn't even bother encrypting them. They had horrible security on their own server and someone hacked it using an old, well-known hack (SQL injection?) and got full access. They snooped around and found a file called something like "passwords.txt" which contained 32 million un-encrypted text format. The hacker posted the file on the net and hackers around the world downloaded it and went to town. The entries looked something like this:

username
email
password
johnsmith
 jsmith@aol.com
pencil
janedoe
 janedoe1@myspace.com
123456
superhasher
 hasher1@yahoo.com
onon
So now you could hack anyone's facebook account that used "RockYou!". Not really a big deal in itself, but the password file was gold. Turns out most people love to reuse passwords, so the hackers simply went to paypal and tried to log in using these email accounts and passwords. Most didn't work but a whole bunch of them did work and then it was just a simple matter to tell paypal to transfer money from these user's accounts to themselves. After paypal they tried the same idea on a few of the major banks and mutual fund companies next and, well you get the idea... Yikes!!!

Not done yet... Before this the hacker community had a "dictionary" of what they thought were the most common passwords they'd use when trying to hack into an encrypted system. An amazing number of people use things like "password", "password1", "pencil", their favorite sports team or college, etc. So there was a dictionary of about 500 words that were tried against every account. The list wasn't that good so their success rate of cracking the passwords were low. But now they had a list of 32 million actual passwords that people used. They piped this into a spreadsheet and found the most common ones, and then updated and vastly improved their dictionary. To illustrate how poor of passwords are commonly used, here's the top 10:
  1. 123456
  2. 12345
  3. 123456789
  4. password
  5. iloveyou
  6. princess
  7. 1234567
  8. rockyou (hacked website was "rockyou")
  9. 12345678
  10. abc123
By having this huge database they vastly improved their knowledge of what people commonly use for passwords, so they can had a better dictionary and were able to write smarter algorithms for hacking passwords.

There's a couple of free tools they recommended: John The Ripper, hushcat, and oclhushcat. John is open source, the other two aren't. oclhushcat is valuable because it uses the GPU instead of the CPU, which is at least 2 orders of magnitude faster. You feed these tools an encrypted password, some parameters like the dictionary and what to check for, and it uses brute force to tries every combination of password you specified to find a matching solution.

What I came away with:
  1. Never use the same passwords for goof-off accounts (facebook, blogger, etc) as I do for ones with data I need to protect, i.e. online banking.
  2. Verify that my "strong" passwords weren't on the list.
  3. Avoid using any site that has access to your money that forces weak passwords. For instance, RockYou! would not allow special characters.
  4. Have a better idea of what people commonly do and avoid it:
  • Mix lower and upper case letters, and don't just capitalize the first letter, i.e. "Password"
  • Add numbers and not just at the front or back, i.e. "password123"
  • They know all the tricks for substituting numbers/special characters for letters, i.e. '3" for 'E', '$' for 'S', 'I' for '1", etc.
  • Horizontal keyboard patterns like "qwertyuiop" (top row) are well known and checked for
  • Vertical keyboard patterns like "NHY^6yhn" are known too. (Up in caps, down in lower case)
  • People love putting in dates, i.e. "2011", "Feb2011". These are used especially when they have to change their passwords monthly.
  • Common and uncommon names of people, places, sports teams, etc are known.
Last of all he said the best hash encryption algorithm was bcrypt, MD5 the worst. They may have to try several million passwords to find a match, each time running through the encryption algorithm. It takes a couple seconds to compute bcrypt, which kills their brute-force methods whereas MD5 takes a few milliseconds.

There was a guy last year at defcon who built a machine with 6 high-end GPU cards. It could crack any 8-character MD5 password in 2 minutes (or something along those lines...) This is by using brute-force, i.e. checking every possibility of every character combination (6.6 quadrillion) instead of using intelligent search patterns. A longer password stored with bcrypt would take much longer but could still eventually be cracked. The idea is to make it so time-consuming (in terms of CPU cycles) that they'll give up and find easier prey.
Posted by at No comments:

Monday, November 22, 2010

You may be a muzlim...

  1. If you refine heroin for a living, but you have a moral objection to liquor...
    You may be a Muslim

  2. You own a $3,000 machine gun and $5,000 rocket launcher, but you can't afford shoes...
    You may be a Muslim

  3. You have more wives than teeth. ..
    You may be a Muslim

  4. You wipe your butt with your bare hand, but consider bacon unclean...
    You may be a Muslim

  5. You think vests come in two styles: bullet-proof and suicide...
    You may be a Muslim

  6. You can't think of anyone you haven't declared Jihad against...
    You may be a Muslim

  7. You consider television dangerous, but routinely carry explosives in your clothing...
    You may be a Muslim

  8. You were amazed to discover that cell phones have uses other than setting off roadside bombs...
    You may be a Muslim

  9. You have nothing against women and think every man should own at least four...
    You may be a Muslim

  10. Your cousin is president of the United States...
    You may be a Muslim

  11. You find this offensive or racist...
    You may be a Muslim
Posted by at No comments:

Wednesday, August 18, 2010

I'm a Happy Camper

I won this at a benefit banquet the Austin Friends of the NRA put on last night. Red's Gun Range was kind enough to donate this fine weapon. It's a Browning Composite Stalker in 30.06. It came with the Redfield 3-9x50 scope, matching case, and bore-snake.
Posted by at No comments:

Friday, August 06, 2010

Country Music

Posted by at 1 comment:

Monday, August 02, 2010

Nice



The Resolute Desk was built from the timbers of the HMS Resolute and was a gift from Queen Victoria to President Rutherford B. Hayes in 1880. Many presidents since Rutherford Hayes have used the desk at various locations in the White House, but it was Jackie Kennedy who first brought the desk into the Oval Office in 1960 for President Kennedy. It was removed from the White House for only one time, and this was after the assassination of President Kennedy in 1963, when President Johnson allowed the desk to go on a traveling exhibition with the Kennedy Presidential Library. After this it was on display in the Smithsonian. President Jimmy Carter brought the desk back to the Oval Office, where President Ronald Reagan, President Bill Clinton, President George W. Bush and now President Barack Obama have used it in this, its most famous location. It is considered a national treasure and icon of the presidency.
Posted by at No comments:

Tuesday, May 04, 2010

Right again

Re: My 4/16/2009 post with the poster below... Some laughed at me then, called me crazy, etc etc. The numbers from the National Shooting Sports Foundation are in.









20082009
Jobs166,200183,424
Wages$6,361,205,400$8,210,881,000
Econ Impact$19,199,634,700$27,846,304,300
Posted by at No comments:

Tuesday, February 23, 2010

Delaware Upgrades

Governor Jack Markell (D) has signed House Bill 258 into law. (Right to carry reform bill)
Posted by at No comments:

Monday, February 01, 2010

Definition

Posted by at No comments:

Sunday, December 13, 2009

Obamaville


COLORADO SPRINGS, Colo. (KRDO) -- Someone has put a lot of thought into a welcome sign that may surprise you, it's in front of a homeless camp off I-25 in Colorado Springs.

Its message, "Welcome to Obamaville, Colorado's fastest growing community." Despite repeated calls no one could answer the question, who put up the sign?

To some homeless the sign's message says enough. Mark Limonez, a homeless man living in "tent city", says the sign doesn't make him feel good about trying to get back on his feet. "Guys are trying to work but there's not enough work out there, so they go pan handling or flag a sign" Limonez says, "I've never seen so many camps since I've been out in the streets - there's no money."

There are no logos on the front of the sign and no clues to where it comes from.

Posted by at 1 comment:

Saturday, October 24, 2009

An argument for gun control

Posted by at No comments:

Thursday, October 22, 2009

Poor Home Invaders

San Marcos Police Investigate 2nd Home Invasion This Week

Last night’s disturbance, in the 700 block of Oscar Smith Dr., comes on the heels of another break-in Tuesday night at a San Marcos apartment complex. The San Marcos Police Department’s Commander Penny Dunn says this time, the 21-year-old intruder got a surprise. “When he came in through a back door, one of the residents shot the suspect who was armed with what we have recovered as a BB gun that resembles a real pistol.”

Commander Dunn says the intruder, whose name has not been released, was shot three times. She says he made his way to Central Texas Medical Center and was later transferred to University Medical Center at Brackenridge in Austin. She says he’s in stable condition, but so far, no charges or arrests have been made.

Tuesday night, two men from San Antonio broke into the apartment of a man living at University Heights Apartments on North I-35 in San Marcos. The resident was allegedly shot by one of the intruders and later hospitalized. The two men were arrested in the apartment complex.
Posted by at No comments:

Tuesday, September 22, 2009

Damn bugs!

Saturday night one of these guys was walking across the living room. I found the one in the pictures below outside 3 years ago. It's not a photoshop hack - they really are that big. The latest one was even bigger, so big I was afraid to pick him up with needle-nose pliers so I sucked him up with the vacuum. I've got one of those whole-house vacuum systems. I checked the canister the next morning and it wasn't in there so it's in the pipes in the walls ... somewhere.





Killed 2 scorpions in the house last night. Ugh!
Posted by at No comments:

Monday, September 14, 2009

Home at last

I just got this back from my taxidermist on Sunday. I think it was 4 years ago with my bow when I killed him. It was my first nice buck with a bow and I thought he was majestic enough to warrant preserving so I had him mounted.
Posted by at 4 comments:

Tuesday, September 08, 2009

Savannah Mugging

This ad was supposedly posted on Craig's List 05-27-09, 1:43 AM EST:

To the guy who tried to mug me in downtown Savannah night before last.

I was the guy wearing the black Burberry jacket that you demanded that I hand over, shortly after you pulled the knife on my girlfriend and me, threatening our lives. You also asked for my girlfriend's purse and earrings.

I can only hope that you somehow come across this rather important message.

First, I'd like to apologize for your embarrassment when I drew my pistol after you took my jacket. The evening was not that cold, and I was wearing the jacket for a reason. My girlfriend had just bought me that Kimber Model 1911 .45 ACP pistol for my birthday and we had picked up a shoulder holster for it that very evening.

Obviously you agree that it is a very intimidating weapon when pointed at your head, wasn't it?

I know it probably wasn't fun walking back to wherever you'd come from bare footed since I made you leave your shoes, cell phone, and wallet with me. After I called your mother or "Momma" as you had her listed in your cell, I explained the entire episode of what you'd done. Then I went and filled up my gas tank as well as four other peoples in the gas station on your credit card. The guy with the big motor home took 150 gallons and was extremely grateful! I gave your shoes to a homeless guy outside Vinnie Van Go Go's, along with all the cash in your wallet. (This made his day!)

I then threw your wallet into the big pink "pimp mobile" that was parked by the curb — after I broke the windshield and side window and keyed the entire driver's side of the car.

Later, I called a bunch of people from your cell phone. Ma Bell just now shut down the line, although I only used the phone for a little over a day now, so what's going on with that?

Earlier, I managed to get in two threatening phone calls to the DA's office and one to the FBI, while mentioning the president as my possible target. The FBI guy seemed really intense and we had a nice long chat (I guess it was long enough for them to have traced your number).

In a way, perhaps I should apologize for not killing you, but I feel this type of retribution is a far more appropriate punishment for your crime. I wish you well as you try to sort through some of these rather immediate “pressing issues” and can only hope that you have the opportunity to reflect upon and perhaps reconsider the career path you've chosen to pursue in life.

Remember, next time you might not be so lucky.

Have a good day!

Thoughtfully yours,
Alex

P.S. Remember this motto — “An armed society makes for a more civil society!”

Posted by at 3 comments:

Monday, July 20, 2009

Bottle Openers


Made from gemsbok (aka oryx) horns we found while stalking same. Required because sometimes they really put the caps on tight & you need extra leverage...
Posted by at No comments:

Monday, May 18, 2009

Houston H3 30th Highlights

  • Good times albeit I've never had a bad time with H4.
  • ~50 hashers total, only 5 from Austin
  • Great seeing folks again after many years.
  • Funny seeing HooterBill get pissed cause he got there 5 minutes after Friday's trail started so he had to do it solo. Took him 1:15 to do a 1-mile trail, came back raising hell about how f'kd up it was so he did it again and it still took him over an hour. Gave the rest of us a good laugh.
  • Drunken ranch hand at Fri campfire kept telling me to turn it up. Retard: It's an acoustic guitar!
  • Good trail Sat but no BallBuster (wimps!) Welcome cold front during trail.
  • I'm wondering how long it will take before someone shows up with a "tippy cup champion" tattoo (latest drinking-game fad.) Before that it was 3-man, then beer-pong, et al.
  • Keg-stand is a bad way to cure hicups.
  • Hog Stradler loves being reminded of...
  • Perfect Sunday trail but that was the 1st time I was ever expected to shovel shit for the privlege of hashing. WTF?
Posted by at 1 comment:

Thursday, May 07, 2009

Apples

The family apple orchard had always produced an abundance of super quality, firm, sweet, scrumptious apples due to the dedicated diligence, work ethic and attention to detail of the owner/operator Apple family. Of course, Mother Nature was helpful some years, and a real problem others. On bumper crop years, the Apple family could hire extra workers because the crop demanded so. Others, not so much.

At some point, a union organizer entered the scene, demanding a guaranteed wage for a guaranteed number of workers. Logic dictated that the fluctuation in productivity would ultimately determine profit and the capability to hire workers. But somehow, logic was abandoned by this new unionized workforce, and more horrifically, negotiations always seemed to insist on worker benefits but not quality, efficient productivity.

As fate would have it, following a particularly cold, dry spring, apple production fell off, but the workers insisted on being paid based on past, higher productivity. The Apple family simply couldn't pay what was not produced, and the union workers took over the orchard. Demanding more money than was coming in, and paying little heed to quality control, the bloodsucking whiners virtually guaranteed the ruination of the once great orchard, and ended up cutting down the trees to sell for firewood. Welcome to the Obama AF of L See I'm Sleeping America, or Zimbabwe, I can't tell.

Producers and parasites. Assets or liabilities. Can there really be a question?
Posted by at No comments:
Subscribe to: Posts (Atom)