Month: January 2018

Photographing the Orion Nebula

UPDATE: Revisited the photos I took early in 2018 of the Orion Nebula and did some “levels” adjustments to get a better view. This particular shot was snapped at 600mm zoom (Sigma 150-600 lens) on a Canon 6D. F/6.3, 0.8 seconds exposure, ISO 3200.

The constellation of Orion is best visible in the Northern hemisphere during crisp and clear winter nights. It’s very prominent with its four “corner” stars (top two Orion, the hunter’s shoulders, bottom two the hem of his skirt) around the three-in-a-line belt and the dangling sword.

With the camera on a tripod and various lenses set to shutter speeds based on the rule of 500 I mentioned previously (precludes star trails), I had a go at photographing this constellation and then zooming in on that sword of his, which harbours the Orion Nebula. You will have to read the earlier post if you want more details about what settings to use for stellar photography.

It was a clear night last night and the moon had not yet risen, so I switched off all the house lights and ventured into our back garden with camera, tripod and shutter release. I didn’t quite get a low-noise sharp photo even with my Sigma 600mm zoom, but I did get something. I will try again on the next clear night while Orion is still riding high.

Constellation of Orion, sword showing nebula

That splodge in the middle of Orion’s sword is a glowing cloud of gas and dust some 1,344 lightyears from Earth (give or take 20 ly). It is the brightest nebula in the night sky and visible to the naked eye and the closest region of mass star formation. It is a star nursery where gravity pulls together that dust and gas over the course of millions of years into new stars.

Protect yourself from Meltdown and Spectre

You probably heard that there’s a new computer security threat out there. Well, actually there are two and between them, they affect pretty much every computer chip you might have whether in your PC, tablet, smartphone or other devices.

The first is Meltdown it is a hardware rather than a software (apps) vulnerability and is present in the computer chips made by Intel that have the “x86” architecture, which is pretty much every PC with “Intel Inside”. The bug could let a hacker gain access to everything on your system, logins and passwords, bank details, encryption keys, personal documents and photos. However, once exploits for this vulnerability are known it was likely that the major cloud providers such as Amazon Web Services (AWS) and Google Cloud Platform would be among the computers affected the worst (they have now been patched, I believe). ARM chips are affected by Meltdown to a lesser degree.

Microsoft and Linux providers have already hastily patched their “kernels” to overcome the Meltdown problem with Intel chips, so let your operating system carry out its updates urgently to stay protected. The Register describes the patching process as a requisite redesign of MS Windows and Linux.

Here’s how the site described its scoop on the vulnerability on Tuesday:

...a blueprint blunder in Intel's CPUs could allow applications, malware, and JavaScript running in web browsers, to obtain information they should not be allowed to access: the contents of the operating system kernel's private memory areas. These zones often contain files cached from disk, a view onto the machine's entire physical memory, and other secrets. This should be invisible to normal programs.

Unfortunately, for older Intel processors these patches will likely lead to a reduction in chip performance of up to 30%, which means your PC is going to run a lot slower than it did before this vulnerability was found and patched.

The other vulnerability, or should I say vulnerabilities, there are many, is referred to as Spectre. It is also a hardware vulnerability affecting Intel, AMD, and ARM chips. ARM processors are present in many of the world’s mobile devices and Internet of Things (IoT) devices from washing machines to smart TVs. In fact, Spectre affects pretty much every computer and smart device. It does not rely on specific features of the chip design present in Intel chips but works across all of them.

There is no single patch for Spectre. Specific vulnerabilities may well be addressed with operating system updates but this one is not going away any time soon. According to The Register, a malicious script on a web page could churn away using Spectre bugs to extract login cookies for other sites from your browser’s memory. “It is a very messy vulnerability that is hard to patch, but is also tricky to exploit,” the site says. Chip designers are likely to have to design out the bug in their hardware to preclude attacks based on Spectre.

The industry has apparently known about Meltdown and Spectre for at least six months and has spent that time spinning its public relations campaigns working on solutions to the problems. Oh, if you’re running an older version of Windows than Windows 10, there will be no patches (time to upgrade your OS). More information about who is affected on the BBC site.

At least one tech blogger has a slightly different take on the whole issue suggesting that as long as you allow your operating system to patch itself/update you won’t have any problems and the 30% performance hit will only arise in rare, special circumstances for very few users. Either way, here’s my general advice on security that applies regardless of what bug or vulnerability is currently in the news:

What should you do?

  • Well, update your operating system in a timely manner as and when the providers release patches.
  • Update your antivirus and firewall.
  • Back up your data files now (should be done regularly anyway).
  • Lock down what you allow your web browser to run in terms of scripts, use a noscript type plugin/addon/extension and disable Flash and Java and their ilk, this will break some sites but they are vulnerable, and always were, to security insults and malware anyway).
  • Avoid downloading software/apps/executables from dodgy sites. If you must install software of unknown integrity use a sandbox/virtual machine to do so. (Google sandboxie for one of those).
  • Use a password manager for your logins, make it use strong passwords, and keep its master password secret and offline. Log out of and exit your password manager when you’re not using it or if you plan to visit websites that might be suspect so that its keys are not retained in computer memory and so it is not running should someone get access to your computer while you’re not using it.
  • Clear browser history and cookies every time you exit your browser or leave your computer unattended, this is an inconvenience, but means that someone in a shared office space or wherever, cannot harvest anything from you.

How to restring a Telecaster

TL:DR – Fender Telecasters have an unusual style of stringing that requires some prior knowledge about the way the machinehead tuning posts work.

Restringing a Fender Telecaster requires a twist…well, not a twist, a kink. First, you must cut the string to the required length and then bend a 90-degree angle into the very end. You then push the kinked end into the hole and start winding it on. You can add the kink as you push the string into the hole, but either way, it has to be done.

If you don’t put that bend into the end, you’re liable to have the string ping out of the hole as there’s really nothing keeping it in there (other types of tuning peg have a hole through the stem itself which sort of precludes this pinging out. An extra tip is to use a capo at fret 3 or 4 to hold the replacement strings loosely in position while you do this job.

Machine heads are used on mandolins, guitars, double basses etc., and are usually located on the instrument’s headstock. The non-geared tuning device on a violin, viola, cello, lute, and older Flamenco guitars are called friction pegs. Friction pegs can be painful and so many of those instruments have microtuners at the bridge too, just as you would later find on many guitar tremolo (more strictly speaking a vibrato) systems with a locking nut, particular the floating type developed by Floyd Rose.

By the way, you did know that’s where the Deep Purple song title came from, oh and the eponymous band, didn’t you?

A close look at filthy lucre

Money is dirty, filthy in fact, take a close look at these British coins. Lucre from the Latin lucrum meaning riches, as in lucrative. See also cash, dosh, bread (bread and honey, Cockney rhyming slang), moolah, dough, loot, lolly, loose change, coppers, coins, shrapnel, spondulix (from either the spondulox shell or spondylo- meaning spine/vertebrae for how a pile of coins looks, …etc.

The New Bedford River

The New Bedford River is a near-straight drainage channel between Earith and Denver Sluices. It is also known as the Hundred Foot Drain because of the distance between the tops of the two embankments on either side of the river.

New Year’s Day 2018, one bank was cut short and you could only walk so far along it before you’re wading into the water. It happens every year, nothing unusual. The man-made cut-off, bypass, channel for the River Great Ouse in the Fens of Cambridgeshire, allows water from the land to drain into the sea (at The Wash). The drain itself is tidal and you can see the ebb and flow at Welney, which is more than 30 km from the coast.

There was lots of bird activity along the Drain: pied wagtail, grey wagtail, redwing, grey heron, starling, robin, coal tit, great tit, blue tit, long-tailed tit, chaffinch, meadow pipit, goldfinch, buzzard, wren, kestrel, mute swan, black-headed gull…