Month: November 2017


Again this year, no one wanted to make the pumpkin pie for Anya’s preschool feast. So I volunteered. I didn’t want to make the same pie a few days later for our dinner.  A bit of Internet searching and I found a dairy free pie for her class and a carrot pie for us. Both were incredibly good.

Because these are custard fillings, I blind baked the crusts. When dough is in pie plate, lay aluminium foil over the whole thing. Pour white sugar into the lined pie plate. Bake at 350 — 40 minutes for non-refrigerated coconut oil crust, 60 minutes for butter crust that was refrigerated for an hour after being placed in pie plate. Remove from the oven, allow to cool, and pick up the aluminium foil with the sugar & dump it back into the sugar bag. Since the crust is already baked, I covered the pie’s edges with aluminium foil to bake the completed pie.

Vegan Pumpkin Pie – adapted from and

Pie Filling:
20 oz pumpkin puree
14 oz can coconut milk without emulsifiers
2 tbsp ground flax (or 2 eggs)
1/4 cup rolled oats, powdered in food processor
1/3 cup brown sugar
2 tsp cinnamon
1/2 tsp fresh ground nutmeg
1/8 tsp ground cloves
1/2 tsp salt
1 tbsp vanilla extract

2 cups all purpose flour
1/2 tsp sea salt
2/3 cup solid coconut oil
6 tbsp ice cold water

Put about half a cup of water into a glass and place in freezer.
Mix salt and flour, then use a pastry blender to cut in coconut oil.
Add 4 tablespoons of water from freezer and mix in. Add a little more water, a teaspoon at a time, until dough forms.
Split dough in half, wrap with clingfilm, and refrigerate for 30 minutes.
Preheat oven to 350 degrees.
Remove from refrigerator and roll out dough. Place into pie plate and bake for 30-40 minutes until it is cooked.
Remove crust from oven and allow to cool while making filling.

Preheat oven to 400 degrees.
Drain watery liquid from tin of coconut milk and reserve. Combine coconut milk solids with pumpkin puree and mix to combine.
Add sugar, spices, vanilla, and salt. Mix well.
Add ground flax seed (or egg) and mix. Pour into pie crust, cover crust edge with aluminium foil, and bake for 30-50 minutes until pie has mostly set.
Cool, refrigerate for 4+ hours.

A lot of kids really enjoyed the pie (it never occurred to me that “picky eating” extended to pie … but I learnt last year that, yeah, a lot of kids won’t eat pie. Especially not a pie that’s got any sort of could-be-a-veggie in it. For a normal snack/dessert, I make the filling, put it in ramekins, and steam it in the pressure cooker. Same flavour without the trouble of making a pie crust.

The recipe made two “normal” sized pies (i.e. not deep dish), and there was plenty for twenty people (sixteen kids, four adults). With enough left over that all three of us got a slice after class 🙂 Since I expected to have pumpkin pie on Tuesday, I wanted to make something different on Thursday. I found a carrot pie at and adapted it a little bit. I used the all-butter crust from Smitten Kitchen.

1.5 lbs carrots
2 T butter
1/2 cup heavy whipping cream
1/2 cup maple syrup
2 eggs
1 1/2 tsp cinnamon
1/2 tsp nutmeg
1/2 tsp salt
1/4 tsp ginger
1 tsp vanilla
2 tbsp tapioca powder

Preheat oven to 350 degrees.
Boil carrots for 20-30 minutes until they are tender. Drain water & return to heat to evaporate excess liquid.
Place carrots, butter, and cream in a food processor and puree until smooth.
Add the remaining ingredients to the food processor and puree until well mixed.
Pour into cooled crust and bake at 350 for 60 minutes until pie is set (knife inserted into centre comes out clean).

Served with maple whipped cream — add a few tablespoons of maple syrup to one cup of heavy whipping cream and whip until stiff peaks form.

This pie was really good too – Scott didn’t realize it was carrot-based until I mentioned it. It’s creamy and spicy and really good. So good we didn’t manage to get any pictures 🙂

Paul Ryan’s Cindy

Paul Ryan wants to talk about how his tax bill is going to help this mythical Cindy person. She was invented by the House Ways and Means Committee in a discussion of how awesome their tax bill will be for everyone.

What if Cindy’s employer offers tuition reimbursement? Completing her degree is part of pursuing “her own professional aspirations”. Bummer! Tuition reimbursement is now taxed — so the 5250$ she is given to pay for University is now taxed, so the 711$ savings is now 186$ in tax savings. Still a savings, but not as impressive as the initial story. The budget also cuts moneys to local schools. Does the county reallocate funds from road repair to update text books? Cindy blows out a tire in an unrepaired pothole and that’s where her 186$ in savings goes. Maybe the school cut services instead. Great, she saves 186$ but at the expense of her kids education. Does the state just raise their income taxes? Does the county raise property taxes? Cindy doesn’t own her own home, but rent has to cover property tax expenses. Does her landlord lose money or does the landlord raise Cindy’s rent to cover the new local taxes? Cindy’s public library was going to build out a maker space where her kids could gain familiarity with 3D printing and robotics. Does the county raise taxes to fund the library, or do her kids miss out on this opportunity? Maybe she ends up saving a few hundred dollars a year in taxes, but losing beneficial services. Or maybe she ends up paying 300$ more in rent and is behind a hundred bucks a year.

The committee’s cherry picked scenarios aren’t exactly alternative facts, they’re real facts. But they conveniently omit the larger picture that is an individual’s budget. Not to mention hundreds of other real scenarios where an individual or business ends up paying more in federal taxes under this tax plan. Or, in Cindy’s case, saving money on federal taxes until the extra child tax credit expires and then paying more under the plan.

And none of their scenarios address the likelihood that Cindy will be working for many more years because this debt increasing fiasco of a tax plan will create a situation where we have to save money by enacting something like Ryan’s path to prosperity plan. Which ups the Medicare eligibility age, so individuals who could have retired under the current scheme now need to work just to retain medical benefits.

Nothing Is New

I keep seeing articles hyping the anonymity of bitcoin-type “currency”. That’s not a new concept in value stores. Non-registered bearer bonds allowed untraceable fund transfers. As bearer instruments are not illegal in the United States, such bonds can still be issued. The holder cannot get any tax exemptions on interest paid for the bond, but you can transact business using bearer bonds. And just like bitcoin-type currencies … you’re screwed if someone takes it. Bonds provide legal recourse – bitcoin, not so much. If no one wants to pay a couple hundred thousand dollars for your bitcoin, you have little bits on disk. It’s like an anonymous stock — it’s worth whatever people are currently willing to pay for it.

As a data storage technique – distributed across the world, redundant, but ultimately meaningless in its sub-components to anyone who happens to have a snippet – it’s intriguing. But as a non-dodgy way of transacting business, it’s just silly.

More Corporate Tax Rate Bullshit

I’m never sure if ‘lower the corporate tax rate’ people are just completely ignorant of how business accounting actually works or just a pack of liars (not mutually exclusive, I know).
The idea they promote is that CapEx isn’t deductible like a business’s current expenses – CapEx gets depreciated over a number of years. If I buy a new snazzy machine for my manufacturing plant and pay half a million dollars for it, I actually deduct 100k a year for the next five years. Depreciation calculations are more complicated, but the crux of it is [cost] / [years over which product depreciates]. And there’s a whole table defining depreciation periods.
*But* section 179 deductions allow the full cost to be deducted the first year. These deductions have a 500k limit and a spending cap of like 2 mill. The whole thing is more complicated because there are years where bonus depreciation is a thing … but like the “OMG the corporate tax rate is 35%” (on business that have over 18 MILLION a year in taxable income) … “Lowering the corporate tax rate will spur investment” is only *maybe* true for companies talking about multi-million dollar investments. This isn’t something meant to help the small manufacturer. Say my small/medium business that sunk half a mill into a snazzy machine and *didn’t* depreciate it over time. Under Section 179, I deduct the whole equipment purchase this year … which is a bigger savings the *higher* the corporate tax rate happens to be. Thus I’ve got less incentive to invest in new equipment if the tax rate is lowered.
Since they’re talking about 35% tax rates, we’re writing tax code to benefit GE (Apple, Amazon, insert your favorite enormous company here) … it isn’t like capital expenditures aren’t written off income AT ALL. Depreciation is spread out over the useful life of the equipment. Computers depreciate over 5 years. Cars and trucks depreciate over 5 years too. Equipment used in the manufacture of musical instruments depreciates over 12 years.
What makes investing in large capital expenses more attractive? I’m GigantorGuitarCo and we’re talking two hundred eighty million dollars in receipts and a hundred fifty mil in taxable income. And I buy a six million dollar something-or-other to make guitars. At a 35% corporate tax rate, my tax deduction by depreciating that purchase is 2.1 mil. At the 20% corporate tax rate, I only reduce my taxes by 1.2 mil. And yeah it sucks that I had to outlay six million dollars this year and only got to save 175k on my taxes. But doesn’t it suck *MORE* to spend six mil and only save 100k on my taxes??
Now the theory is that lowering the corporate tax rate will leave the companies with more money *to* invest. In this case, GigantorGuitarCo didn’t *have* 6 million dollars and instead spent years using sub-optimal processes because they simply didn’t have the money to invest – regardless of how much they’d be able to save on taxes *by* making that investment. I’m paying 52 million in taxes at 35%, but next year my taxes, at 20%, will be 30 mill. Frees up 22 million dollars, and I use that money to buy a whole bunch of equipment. Honestly, my best case would be that the corporate tax rate was 20% for ONE YEAR. Lets me free up capital to invest in my business, then give me the maximum tax benefit as I depreciate out the equipment.
But that’s mathematics without thinking about business. As the CEO of GigantorGuitarCo … wouldn’t I use a loan (business interest is tax deductible too), hire a couple of new tax attorneys, or lose some equity and do a fund raising round to get that six million dollars if the machine was going to provide some huge benefit to my company? And if the machine isn’t going to provide that much benefit … why wouldn’t I take my 22 mil in tax savings and stash it somewhere? Buy the machine when we *need* it, or when tax rates go up and the ROI calculation is different.
Sure there are edge cases where lower tax rates will spur investment in the business — *some* CEOs raised their hand when Gary Cohn asked if they planned increased investments when the GOP tax plan passes. [Although these may just be die-hard trickle-down guys who will SAY anything to promote corporate tax cuts] But the entire point of business’s investment (and the rational for depreciating CapEx instead of allowing full cost deduction in the first year) is that the new thing-a-ma-bob adds value to your business. My six million dollar investment makes guitars better/faster/with less human labor, thus increasing my profit margin. Said another way, CapEx is meant to increase employee productivity. Short some dramatic surge in demand … increased productivity means *fewer* employees. Not stellar economic stimulus, that.

The Colloquial Occam’s Razor

Occam’s razor – it is futile to do with more things that which can be done with fewer – is colloquially rendered as “the simplest solution is the most likely”. We had multiple tickets opened today for authentication failures on an Apache web server. Each malfunctioning site uses LDAP authentication and authorization against an Oracle Unified Directory. Nothing in the error logs. The service account from the Apache configuration can log in and query the directory from the box using ldapsearch, so the account is valid and there is nothing in the OUD preventing access from this particular host.

That’s a puzzler, and I was about to take down a lot of web sites to reload the service with its log level set to debug. Not even sure what made me do it, but I went out to the groups and looked at their member lists. Oops. Something had gone wrong with the identity management platform and employee accounts had been cleared from the groups (all of the contractors were still members, which made it even stranger). Added a few people back into groups appropriate for their position, voila they could log into their site again.

No idea how the identity management group restored the memberships, but verifying people who should have been members (who had been members and had done nothing to remove their memberships) were actually members of the group saved a lot of time running through debug logs. Sometimes the simplest answer is the most likely.

Apple FaceID

The irony of facial recognition — the idea is that you trade some degree of privacy for enhanced security. There are 10k four digit codes – a 1:10000 chance of any specific code unlocking your device. Apple touted a one in a million chance of facial recognition unlocking your phone.

So you trade your privacy for this one in a million super secure lock. Aaaaand a Vietnamese security firm can hack the phone with a mask. Not even a *good* mask (like I take a couple of your pictures, available online, synthesize them into a 3d image and print a realistic mask).

This feat wasn’t accomplished with millions of dollars of hardware. It took them a week and 150$ (plus equipment, but a 3d printer isn’t as expensive as you’d think).

Boyd v. United States or Riley v. California provide fourth amendment protection for phone content … but that only means the police need a warrant. Fourth amendment, check. Fifth amendment … Commonwealth of Virginia v. Baust  or  United States v. Kirschner says that you while cannot be compelled to reveal a passcode to allow police to access your phone (testimonial) … a fingerprint is not testimonial, it is documentary. And can be compelled. As with a lot of security, one can ask why I care. If I’m not doing anything wrong then who cares if the police peruse my phone. But if I’m not protesting, why do I care if peaceful assembly is being restricted. I’m not publishing the Paradise Papers, so why do I care if freedom of the press is being restricted? Like Martin Niemöller and the Nazis – by the time they get around to harming you, there’s no one left to care.

Pumpkin Pie Poncho

I bought Candy Castle Pattern’s Pumpkin Pie Poncho pattern when it was first released. I finally made one today. It is a quick project. The pattern piece get cut up and isn’t really reusable. Saves paper if you are just making one, but requires extra printing or tracing if you are making multiples of the same size.

The pattern says it needs 1.25 yards of a 60″ wide lining fabric for a size 6. Problem is – I only had one yard of the flannel lining, and it was 42″. Looking at the pattern piece for the main body is not a rectangle – one side is a lot narrower than the other. Instead of folding the fabric in half and cutting two pieces along the folded line, I folded the fabric just enough the poncho body fit on the part with two layers. Cut one piece along the fold

Then unfold the fabric fold the *other* side down — there will be parts where there is only one layer of fabric – where the first piece was cut. Align the pattern piece so the widest section is away from the cut section. The narrow section of the pattern fits on the fabric with two layers. Cut the second poncho piece.

Unfold the fabric – there is a odd shaped bit adjacent to each poncho cutout – these can be used to cut the hood piece (or cowl). Voila – poncho lining from one yard of 42″ wide flannel.

When I started fitting the pieces together, I realized this could be done as a reversible poncho. Doing so required modifying the process a bit — the main piece fabric and lining were still aligned right sides together.

I used clips instead of pins, so Anya was able to ‘test’ the poncho as it was being constructed.

Serged along the bottom curve, turned right way about, and top stitched. The pocket fabric was still sandwiched between to attach it.

The top stitching runs right along the serged part, so it’s a little bit stiff and puffed up.

Then the fabric and lining along the arms were stitched separately – leaving the seams encased inside the ponch. The two pieces of each hood were serged together. The two hoods were nested inside each other, right sides together, and serged along the front. Turned the hood right side out and top-stitched along the front. The two fabrics, at this point, are free along the neckline. The main fabric of the hood was lined up, right sides together, along the poncho neckline and serged just to the main fabric poncho body.

The lining fabric was the tricky bit. The same basic process – line the fabric up, right sides together, with the poncho body lining material and serge it together. *But* it cannot be completely stitched on the machine a the stitching reduces the hole through which you are sewing the material. I serge it for all but about 5″ – moving the still-opened hole along the seam being sewn. I then turned the remaining edges over and hand-stitched the remaining bit that is right along the front neckline. Anya doesn’t like hoods that wrap around her neck (although she’ll wear a scarf, go figure!), so I modified the hood to have a small gap along the front.

The process is a little more difficult, but we’ve got a pawprint poncho and a snow leopard one. There’s no pocket on the flannel side — mostly because I didn’t have enough fabric 🙂 But she keeps her arms on the inside and uses the snow leopard pocket.


Ray Moore

I assume the crux of the support for Moore’s alleged behaviour is consent. Doesn’t explain why anyone would need to trot out virgin births as an example of how OK underage sex is (uhh, *virgin* birth). Doesn’t speak to how non-consensual pussy groping is OK either.

Thing is – consent is a challenging with younger people. I remember *being* a 14-18 year old girl feeling urbane and sophisticated because some older guy was interested in me. Exactly as WaPo put it – “flattering at the time, but troubling as they got older”. Especially when I was older and saw other underage girls expressing the same pride in their relationship. However much some 30-something guy is willing to smile and nod while a young teen prattles on with her deep thoughts, intellectual stimulation was NOT what the guy is after … and it was dismaying to realize, in retrospect, the same logic applied to me.

The entire point of statutory rape is that people under whatever bright-line age of consent exists in the jurisdiction don’t have the wherewithal (i.e. experience with life) to provide consent. Modern society is moving that way — NY enacted resolutions over the summer that move the legal marriage age up to match the consent age: 17 (before that legislation, having the court/parents sign off on a marriage was an end-run around statutory laws). Someone who wants to argue that Moore’s actions were acceptable *because* the kids were OK with it … would they be willing to put forth legislation eliminating both balancing tests and bright-line ages??

OpenHAB Cloud Installation Prerequisites

We started setting up the OpenHAB cloud server locally, and the instructions we had found omitted a few important steps. They say ‘install redis’ and ‘install mongodb’ without providing any sort of post-install configuration.

# This is optional – if you don’t set a password, you’ll just get a warning on launch that a password was supplied but none is required. While the service is, by default, bound to localhost … I still put a password on everything just to be safe

vi /etc/redis.conf # Your path may vary, this is Fedora. I've seen /etc/redis/redis.conf too

# Find the requirepass line and make one with your password

480 # requirepass foobared
requirepass Y0|_|RP@s5w0rdG03s|-|3re

# Restart redis

service redis restart

# Install mongo (dnf install mongo mongo-server)
# start mongodb

service mongod start

# launch mongo client


# Create user in admin database

db.createUser({user: "yourDBUser", pwd: "yourDBUserPassword", roles: [{role: userAdminAnyDatabase", db: "admin"}]});

# Modify mongodb server config to use security

vi /etc/mongod.conf

# remove remarkes before ‘security: ‘ and ‘authorization’ – set authorization to enabled:

99 # secutiry Options - Authorization and other security settings
100 security:
101 # Private key for cluster authentication
102 #keyFile: <string>
104 # Run with/without security (enabled|disabled, disabled by default)
105 authorization: enabled

# restart mongo

service mongod restart

#Launch mongo client supplying username and connecting to the admin database

mongo -uyourDBUser -p admin

# it will connect and prompt for password – you can use db.getUser to verify the account (but you just logged into it, so that’s a bit redundant)

MongoDB shell version: 3.2.12
Enter password:
connecting to: admin
> > db.getUser("yourDBUser");
        "_id" : "admin.yourDBUser",
        "user" : "yourDBUser",
        "db" : "admin",
        "roles" : [
                        "role" : "userAdminAnyDatabase",
                        "db" : "admin"

# Create the openhab database — mongo is a bit odd in that “use dbname” will switch context to that database if it exists *and* create the databse if it doesn’t exist. Bad for typo-prone types!

use yourDBName;

# Create the user in the openhab database

db.createUser({user: "yourDBUser", pwd: "yourDBUserPassword", roles: [{role: readWrite", db: "yourDBName"}]});

# You can use get user to verify it works


# Now you can launch the mongo client connecting to the openhab database:

mongo -uyourDBUser -p yourDBName

# It will prompt for password and connect. At this point, you can use “node app.js” to launch the openhab cloud connector. Provided yourDBUser, yourDBUserPassword, and yourDBName match what you’ve used in the config file … it’ll connect and create a bunch of stuff


Strange spam

We have been getting spam messages with the subject “top level quality of paint bucket” both at home and at work. I get that it costs essentially nothing to send a million junk e-mail messages, so it doesn’t take a lot of sales for a campaign to be profitable. But are there seriously people who buy their paint buckets from cold e-mails? Especially e-mails that I thought were trying to sell me buckets of paint.

And how lazy is a spam campaign that uses static strings in the subject field?