makes many outbound connections

On my Macbook is making about one connections per 15 seconds. When I saw this on my Pi-Hole logs I was suspicious of a rootkit. It appears to be ExpressVPN (expressvpnd) daemon connecting with Apple to, ostensibly, verify internet connectivity and or the time. The image below shows the tcpdump revealing expressvpnd connecting with (underlined). If you are experiencing odd/frequent outbound requests run a TCPdump as shown below.

Issue command: sudo tcpdump

The key point is that connections to a given domain (in this case an Apple domain: are not necessarily nefarious. This situation underscores that many legitimate app developers enlist stable domains for basic housekeeping functions (time keeping, connectivity checks etc).

Lastly, I love ExpressVPN. If you read this post and are in need of a VPN service ExpressVPN is the way to go. {ExpressVPN, if you read this I love your service, feel free to credit my account with additional months!}

Super slow lifting

I recently read Body by Science by Doug McGuff.  I’m late to the information therein, but it’s a considerable departure from the ‘train until you vomit and then go back to the gym the following day‘ theory of exercise and fitness.  I think the constant training obsession helps sell gym memberships, yet the average schlub is not an Adonis.

McGuff’s thesis is one where you attempt to balance ‘muscle load’ and rest. This balance achieves muscle growth and helps improve strength and fat loss. Muscle load is defined as slow movement of weights ‘5-10 second cadence up then equally slow down.’ The muscle is loaded by a mass of ~80% of maximum for about 60 seconds. He explains this achieves sequential recruitment of slow, intermediate and fast twitch muscle fibers. The hypothesis is a collection of ideas by Arthur Jones (inventor of Nautilus equipment) and Mark Mentzer (body building champion and trainer) distilled masterfully. It is worthy of a consideration if you are stuck at a fitness plateau or are among the “hard gainers.”

Since starting this regimen in January 2019 I’ve added about 4 to 5 lbs of mass without increasing my waist size. Over this time my strength has improved consistently and ascending stairs at work or home has become easier. This is especially remarkable because it requires one strength training workout per week, each consisting of one set for each of five exercises. Since the movements are slow and deliberate there is minimal strain on joints, a benefit for those with arthritis and or sports injuries. The shorter time investment opens exercise to more busy people and or saves time for the after work athletes. The drawback is that it is completely draining every time you go to the gym. There is little to no rest between sets, it is not conducive to checking Twitter or Instagram between sets.

My introduction to Bitcoin: Extortion scam

I received a funny e-mail this morning. {ominous music to sad trombone sound}. It was marked as spam but made it to the inbox: Its message header was:

Return-Path: <> Received: from compute4.internal (compute4.nyi.internal [])  by sloti8d1t26 (Cyrus 3.1.5-895-g0d23ba6-fmstable-20190213v1) with LMTPA;  Tue, 26 Feb 2019 04:30:00 -0500 X-Cyrus-Session-Id: sloti8d1t26-1551173400-2680779-2-4563902645168648978 X-Sieve: CMU Sieve 3.0 X-Spam-known-sender: no ("From == To and no DKIM or SPF for from domain, likely forged");  in-addressbook X-Spam-score: 29.8 X-Spam-hits: BITCOIN_DEADLINE 0.2, BITCOIN_MALWARE 2.999, BITCOIN_SPAM_07 3,   DATE_IN_FUTURE_06_12 0.001, DCC_CHECK 1.1, DOS_OE_TO_MX 3.086,   FSL_BULK_SIG 0.821, HDR_ORDER_FTSDMCXX_DIRECT 1.952,   HDR_ORDER_FTSDMCXX_NORDNS 2.083, HELO_MISC_IP 0.001, ME_FROM_EQ_TO 0.01,   ME_NOAUTH 0.01, ME_NOAUTH_FROM_EQ_TO 1.5, ME_VADESPAM 5,   ME_ZS_LISTED 0.001, MIMEOLE_DIRECT_TO_MX 0.001,   NO_FM_NAME_IP_HOSTN 0.335, RCVD_IN_PBL 3.558, RDNS_NONE 1.274,   SPF_NEUTRAL 0.652, TO_EQ_FM_DIRECT_MX 1.214, XPRIO 1.027, LANGUAGES en,   BAYES_USED none, SA_VERSION 3.4.2 X-Spam-source: IP='', Host='noreverse', Country='CN', FromHeader='org',   MailFrom='org'

In bold you’ll see that DKIM and SPF identifiers are absent and therefore “likely forged.” Strike one. Strike two is the IP address. Sent from 124.2017.151.85 which is in Guangdong CN. A quick look at my mail access logs shows no logins occurring from outside Canada.

Hi! As you may have noticed, I sent you an email from your account. This means that I have full access to your account.

I’ve been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited. If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device. This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence. Why your antivirus did not detect malware? Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent. I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.

With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use. If you want to prevent this, transfer the amount of $782 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”). My bitcoin address (BTC Wallet) is: 1GoWy5yMzh3XXBiYxLU9tKCBMgibpznGio After receiving the payment, I will delete the video and you will never hear me again. I give you 48 hours to pay. I have a notice reading this letter, and the timer will work when you see this letter. Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes. If I find that you have shared this message with someone else, the video will be immediately distributed. Best regards!

-an extorting script-kiddie that entertained Allan on Feb 26 2019.

Then I learned something even better. There is a bitcoin abuse database:

Several people have reported this person/group for extortion. The funniest thing however, is this link. It summarizes how much Bitcoin the person has earned:

Despite multiple, visible reports, only $650 of Bitcoin have been generated by this person(s). Clearly bad at what they do.

I know so little about internet technology, but I know well enough to check suspicious emails for their headers. In case you’ve received a seemingly frightening e-mail check the header.

I’m leaving the bitcoin address below to make sure it gets picked up by search engines


Switching to FastMail

I started with webmail using HotMail. Then in 2004 I received an invite to Gmail via At the time Gmail had 1 GB of storage, infinite storage by the standard of the day. Gmail added features as time went on and, mostly, improved. Its search functionality is, as of writing, unparalleled. In 2011 I switched my domain e-mail to Gmail. Gmail was the incumbent, was cool and lived up to it’s ‘don’t be evil’ slogan. In the past year the wheels have come off the ‘don’t be evil’ trope with the advent of Project Dragonfly.

The Inquistr reported “{Google CEO}Pichai’s statements at WIRED 25 provided more details about the project. He acknowledged Google’s plan to create a censored search engine for China and said that the company found that it could serve well over 99 percent of the queries despite China’s strict censorship laws. (emphasis mine)

The project drew condemnation from Google employees. Their letter against Project Dragonfly can be found on Medium.

Needless to say with Snowden’s Prism revelations and the revelations of Project Dragonfly, ‘don’t be evil’ is utter hogwash.

The alternatives are many. I’ve used Outlook365. It is a fine service but feels stodgy. An oft recommended service was FastMail. I’m a week’s old customer of their service. Below I’ll note answers to some of my concerns before migrating my e-mail.

FastMail is fast.

I can say with certainty that they live up to their name sake. The service is extremely quick and, according to NoScript, appears to connect only to FastMail servers:

FastMail connects to alone

Similarly, uBlock origin did not register any connections to third party servers. To connect, I needed to disable the cookiemonster extension for FastMail by way of a whitelist exception.

The migration from Gmail was facile. I needed to tell Gmail to allow access to all email via IMAP. Then I followed the step-by-step process of entering my Gmail credentials into FastMail and my Google-specific app password. A few hours later about 30,000 messages and their replies migrated perfectly.

So far the most pleasant feature that is not touted more loudly is the allowance for static web pages. FastMail allows you to set up a static web page. A static webpage is enough to advertise your name and contact info and links to a blog and LinkedIn or similar.

Overall FastMail is a fine alternative to my domain Gmail setup. It leaves little to be desired.

Macbook Pro not waking up after deep sleep/hibernation.

The problem:  My 2017 Macbook Pro would wake partially from a deep sleep (here, a deep sleep is what happens when you close the lid and leave your computer overnight).  In my instance of this problem my display would wake but my trackpad would take sometime to be active (> 60 seconds).  During this time, the keyboard would be completely unresponsive.  Unlike the trackpad it never seemed to wake.  If my trackpad woke, I would select restart otherwise I would perform a hard reset.

The usual advice is two fold:  Reset SMC.  Reset PRAM. 
Other advice is to go through the output of “pmset -XXXX”

This advice did not help me despite performing each reset several times and comparing my pmset output to those posted by others online.

What did help was as follows:

Go to “System Preferences” and find “Printers and Scanners.”

Control+click the items listed in the left half of the window (I chose the panel with printers)

Select option “reset printer system.” {I’m paraphrasing because I’m not at my Mac right now}

-I saw this solution on Reddit which was linked from elsewhere.

Addendum:  The wake problem did not occur after an overnight hibernation followed by a twelve hour inactivity.

Addendum:  Still waking after deep sleep. 

Addendum: 72 h on and the Macbook still wakes as expected.

Addendum:  It’s acting up again!

Has not recurred since 10.14.3 update

Two year anniversary post

December 16th, 2018 marks two years since I chose to change my health and size.

Top right shows my drivers license photo Nov 2013 versus Nov 2018.

I thought it fun to compare photos from 2008 and 2009 as well.  Two things are abundantly clear: Smaller face and less hair in contemporary photos.

The greater challenge going forward will be maintenance of weight loss.  Weight re-grain is extremely common.  A study funded by Novo-Norodisk and reported at says:

“… over the two years, fewer patients maintained their weight. In the modest, moderate, and high weight-loss groups, 40.0 percent, 35.9 percent, and 18.6 percent of patients, respectively, regained over half of their lost weight during the maintenance period.”

In the best-case scenario I have ~ 20% chance to regain at least half my weight loss.  Others report that it may require only 1 year to regain half of weight lost.  This is rather grim but I’m ever the optimist.

My proclamation for 2019, like the one I made on my “Fat white guy” journey is public.  I will maintain my existing (as of 2018-December-09) waist line while increasing my mass.

Cats not afraid of cucumber

Lester and Macy Gray (Right)

A colleague asked me whether my cats were afraid of cucumbers.  I have been a cat person for 25 years.  Never heard of this phenomenon but it is mentioned in TV show Rick and Morty, episode “Pickle Rick.”

My cats were truculent and pawed the cucumber.

With tongue in cheek I proclaim: Cats not afraid.  N=2 P<0.0000000000000000000052.

Star project (nee that Fat white guy) 2018-Aug-25

Star project entry 3; 2018.

HIIT.  Tabata.

On August 24th 2018 I was 174.8 lbs.   This is a -4 lbs discrepancy with the last weigh-in.

Visibly I’m the same.  My targeted mass building was dedicated to my legs and shoulders.  I can say with certainty that my legs have become bigger.  In the thigh, certain pants have become considerably tighter.  I do not have such clear indication for my shoulders.

Commutes to work have become slightly longer.  As such, my back is prone to more discomfort with the extended periods of sitting.  I’ve decreased farmers carries to a maximum of one set per week.

Last time I mentioned Tabata training.  The training regimen calls for 8 cycles, each 20 seconds long at maximal effort followed by 10 seconds of rest.  I only now reached 5-6 cycles with regular consistency with a few months of effort.  The workout was extremely hard despite being in my best shape in years.