Tuesday, September 17. 2013
(boy, i seem to be blogging a lot today)
the relationship between drivers and tech can be a touchy one. lots of drivers really don't like interacting with tech inspectors, they just kind of assume that it means trouble. and i have, at times over the years, seen incidents that would seem to justify this sort of reaction. but there's another type of driver and tech interaction that i'm blogging about today.
giving tech a heads up
from time to time, drivers will tell a tech inspector what they think is going on in their class. this can be pretty interesting, and usually happens at the beer party after the day's activities. i kind of like hearing this stuff - but drivers need to understand certain things about how i might (or might not) respond to their information. and it's rarely personal, unless something comes up that spins it that way. and the spin usually comes when the driver is being disingenuous about something.
first example
years ago, an ITS driver who is no longer active came up to me at the beer party and told me about all the stuff that he was sure the RX-7 ITS drivers were doing. i listened carefully, but didn't commit to a response (i generally don't). the funny part was that when i did impound ITS to check for the (mandatory) window glass and ride height later that season, this very driver had substituted plastic windows for glass windows in his doors - which is not permitted. this driver was clearly trying to use tech to go after other drivers in his class, and this is the sort of situation where if that is discovered, i might just take it personally - because i feel like someone is trying to play me for a fool.
second example
more recently i recall a National race where two drivers in showroom stock kept showing up in tech to describe bad things the other driver was doing that we should check. Really Guys? if you think he's cheating, file the protest and post the bond. or maybe get a room - either way, just leave tech out of it. we are not going to respond to this.
what may happen
If you do come up to me and suggest something that might be going on, I will probably not do anything right away. I may want to research, and may want to talk to other drivers in the class to get their take on things. I may need to take steps to get certain tools to the track. Even bringing something up a couple of days before a race is likely to not get anything done promptly. Tools may not be easily accessible. Two weeks is way more time than 3 or 4 days if you need something shipped or have to buy something. And I need to be careful about appearances; tech should not be perceived as responding to any particular driver's agenda, unless the agenda is clean racing. If you do contact me 2 weeks before a race to arrange equipment, you should be planning to file the mechanical protest, and not be trying to get me to impound someone you don't like.
tools
Also, if you do decide to actually file a mechanical protest, a couple of suggestions:
1) file it early in the race weekend. that gives us time to decide how we're going to approach it. once the protest is filed, we can take steps to secure the vehicle and prepare for whatever is needed. for intrusive things, we might seal the engine and plan for disassembly after the race. and by the way, be aware that mechanical protests filed in the last hour before the race are not timely and won't go anywhere.
2) don't offer us tools. the protested party will use their own tools for any disassembly, under supervision of a tech inspector. after disassembly, tech can't use measurement tools supplied by a party to the protest. on one occasion, a bunch of drivers got together to file a protest of one of their competitors, and since they'd planned well in advance, they brought some very nice tools to the track for the needed measurements. they were very offended when we told them we couldn't use them - but if we had, there would have been nothing but trouble down the line. i seriously doubt we would have made it past the committee at the track if we'd used the protestor's tools to measure the protested engine.
what's in the toolbox
There are some useful things in NEDiv that can be at the track, but they won't necessarily spontaneously appear.
1) bore and stroke gauges for center plug engines. yes, we can bore and stroke some cars without pulling heads, but not all of them. but we won't necessarily have these tools at every race.
2) there is a whistler which can be used to measure compression without pulling a head
3) some regions have puff testers, which can be used to measure displacement in some motors - in particular, american pushrod v-8s are candidates for this measurement.
If I knew in advance I might need this stuff, it can certainly be at the track.
updated - got the unsubscribe link wrong
i just got a spam in the inbox that doesn't look like any i've seen before.
Subject: Your Neighborhood Is On Lockdown Due To Child Predator Alert
It's trying to panic you into visiting the site (which I will not link to here, i suspect it's a malware site that will only be live for a short period of time). But the "unsubscribe" link is pretty funny:
I do not care to know when predators are in my neighborhood here
Where the trailing here is a link to, perhaps, another malware site.
To the guys still running the old tires
Guys, the old Spec Racer Ford rain tires haven't been permitted for a year now. The numbers are right on the side, and they're faster than the new tires, so if you think you can get away with it, you're fooling yourselves. If a competitor files a protest, you will lose.
To the guys running the new tires
Let's try that self policing thing. The numbers are on the side of the tires, out where you can see them, and if you protest someone running the old tires, you will win. There's no tear down bond involved, just a protest fee, which, if memory serves, you get back.
updated below - 2013-09-17
What is a Certificate and what is a Certificate Authority?
How does a web site prove who they say they are?
The short answer is they go to a Certificate Authority and purchase, after supplying some proofs, a certificate that says who they are.
The long answer is that much of the cryptography infrastructure of the internet depends on the Public Key Infrastructure (PK), which is based on the X.509 standard for digital certificates. These certificates provide a framework for "proving" that an actor is who they represent themselves to be, and for negotiating the encryption to be used for a secure connection. There are two groupings of certificates, self-signed certificates and certificates derived from Certificate Authorities (CAs). CAs can be public entities (you can get "store bought" certificates from Verisign, Geotrust, or whoever) or private ones. if the latter, they aren't much different from self-signed certificates.
Network applications that use certificates typically have a list of CAs for whom they will accept certificates, and you can add CAs or individual certificates in some cases if you decide to trust them. When your browser sets up an https: connection to an online store, these certificates are in play. this is how you, at least in theory, know that sears.com is really Sears and not some joker playing at being Sears in the interest of stealing credit card numbers.
This makes CAs a target and a very attractive one, at that. If you can compromise a CA, you may be in a position to create certificates that allow you to pretend to be someone else, which permits all sorts of nasty attacks. And CAs have indeed been compromised, and at least one that i'm aware of has had to shut down because of the extent of the compromise. You see, once a CA has been compromised, the trust relationship is broken - you cannot distinguish between the "real" and the "fake" certificates, and the game is over.
This is where it gets terrifying
We know that the government, under the cover of various and sundry security provisions, has sent orders to outfits like Lavabit, essentially ordering them to operate fraudulently by continuing to sell a secure service while secretly supplying "secured" data back to the government. This is a huge ethical dilemma, which the owner of Lavabit dealt with ethically by simply shutting down his business. The ethics of any ensuing government prosecution are left for the reader's consideration.
Should we assume that we know about all the orders in play? Of course not, for every ethical business owner there are no doubt other corporate entities who have chosen differently. So at this moment, can we trust any US based Certificate Authorities? I think the answer is a resounding no. And this means that anything that depends on certificates from any US based CA, whether it's a secure website or an IPSec based Virtual Private Network, is no longer trustworthy. And that should terrify us all.
So what can we trust?
We can trust private/public key systems that don't depend on X.509, like PGP/GPG. These work using the concept of web-of-trust, where you agree that you know that someone is who they say they are and accept their key. In theory, self-signed certificates are now more reliable if you can verify the identity of the signer. This is in essence a variation on web-of-trust.
The problem with endpoints
This still doesn't mean much if the security end points are compromised. The NSA can do that, but it's expensive so they're more likely to do things like attack the Certificate Infrastructure. But your PGP/GPG key won't mean much once they hack into your PC or Mac and install a keylogger. But I've depressed everyone enough for one day.
Update - 2013-09-17
FYI, I am now using OpenPGP to sign everything sent from my primary email account. The fingerprint is 3133 3F6D AB20 AC3F 9C88 DC61 0F2C 74F4 7012 C7FA, short id is 7012C7FA, keyserver is hkp://keys.gnupg.net. it's a 4096 bit RSA key. cheers!
Friday, September 13. 2013
I have gotten a lot of good use out of entry level Garmin Nuvis. What i haven't gotten is long life. Typically i get maybe 2-3 years out of one before either the slider switch on the top fails or the USB connector fails. These failures are generally out of warranty and the only thing Garmin offers is an exchange for a refurb unit that is close to the cost of a new unit.
I don't recommend paying for lifetime maps on Nuvis. The lifetime of a well used Nuvi is simply not that long.
Having said that, i will probably replace the current Nuvi (failed slider switch) with another Garmin when the time comes, but i may consider going a little upmarket next time out.
|