Ones and Zeros

After a local IFR flight with instructor M a few days earlier, instructor R and I did my long cross country flight for the IFR requirements. M and I had a good flight, it went smoothly and was straight forward.

The long cross country requires 250 nautical miles or greater along airways or ATC directed routes, with landings at three airports and approaches at all three. Our initial plan was to fly to New York City area, then fly the VFR corridor over the Hudson that’s become so famous recently. And last return with another landing elsewhere.

The TFR (Temporary Flight Restriction) on the Hudson in the aftermath of the mid-air accident there curtailed that part of the flight. (As information comes out on that I may write a post there if I can contribute something useful to the torrent of words so far.) The morning of the flight, the weather over NYC area was questionable though.

The forecast had been trending poorly as a front had stalled. But there were some different information, potentially conflicting. R and I talked it over. This earlier flight was a clear learning experience. I have a simple plane with no weather radar or weather detection equipment. If I’m embedded in clouds, I can’t see thunderstorms ahead. So we changed our plan to fly northwest to near Pittsburgh, then to State College PA area. This satisfied the legal requirement for my training, made both R and I more comfortable, and looked do-able.

The only problem was that the Pittsburgh area had fog with low ceilings and limited visibility. The forecast had it clearing by the time we got there, but that’s no guarantee. R pointed out we had a safe way out; the missed approach. So we picked Pittsburgh for the alternate, and as that was pretty close (thus likely to have the same weather), we also had a second backup plan to reverse the route. This was to fly to State College first, then Pittsburgh area second, there was enough fuel for this alternative even after we got to the Pittsburgh area.

I confessed to R before we launched that was was a little nervous about this flight. I’ve anticipated it for a while now, and then the last-minute change of plan combined with the anticipation to put me a little on edge. He reminded me that I wouldn’t be doing this now if I wasn’t capable, and that I was ready for this.

I got my clearance, we lifted off and climbed into and through the cloud layer. We got above that and I realize that this was just another routine IFR flight and relaxed. Longer than some others, but still just another IFR flight.

We flew at 6000 feet to the Hagerstown VOR, then turned on course to the next VOR. We went through a change of frequency by now. Then, ATC turned us direct to AGC. R didn’t like that, he wanted me to navigate by VORs. But there would be enough chance for that too later.

The scattered/broken cloud layer beneath us began to congeal some, some mist began appearing between the clouds down there too. It took a couple tries to get AGC ATIS, and R clued me into the time periods for ATIS update as well. He was relaxed, and spent the flight looking around, commenting on geography or clouds, and passing on various tips for flying IFR.

I’ve noticed before that when I take non-pilot passengers, they comment on the incessant radio calls in our area, and how I just hear the ones for my call sign when they miss it all the time. I’m working on a skill level higher than they are with respect to flying and the radio. Instructor R is operating on a level as high above me as I am above my passengers. He’s listening to ALL the radio calls for all the aircraft. He commented later, “Oh, that’s an aircraft from xxx airport.”

Instructor R’s strategy while flying, especially in this late stage is to act largely as backup, tip and helpful comment maker, and at appropriate times, to provide timely suggestions.  At various times we discussed the clouds, weather avoidance, strategies for using all my nav equipment so as to provide backup, polarized lenses on sunglasses, tricks and techniques for approaches, and local flying.

The AGC ATIS wasn’t updated, but we did the approach anyway. The airport was clear and visible from some miles out. R walked me through the procedure a couple times; I would fly the approach, and call out when I was a minimums, he would then call out when he saw the lights or the runway. If he didn’t call out that, I was flying the missed approach.

But that wasn’t necessary and we landed normally. Taxied off, and stopped to get fuel.

I’d already filed for the next leg before we left home. So once fueled and paid, we were ready to go. I fumbled the pre-takeoff routine again for clearance by asking for clearance and saying I was ready to taxi at the same time. I think I’ll make a flow chart for that whole planning, pre-flight, clearance routine. The VFR stuff is automatic for me, but the IFR and the variations at different airports are not yet automatic.

We departed and climbed as instructed to 5000 ft, my altitude for this leg. This was the shorter leg. I later did some calculations to figure the altitude to file for. You don’t want to climb too much for a shorter leg as you spend too much time climbing and not enough cruising. The plane goes slower in a climb, just like a car going up a hill.

This altitude put us more into the clouds. I noticed that a close miss of a cloud tended to push the airplane away from the cloud (as noticed by the heading). R said that it might be unconscious cloud avoidance on my part and that is probably right in some cases. But in a couple cases I was flying hands off (the controls were trimmed out and I was monitoring, so it was safe) and it still happened. My theory was that the rising air was starting to spill out horizontally around the cloud and pushing me to the side a bit.

The nice woman at New York Center gave us the weather at UNV and asked which approach I wanted. The VOR B approach - the one I wanted - was not available and NOTAMed out. So I chose the ILS 28 and we planned to fly only the localizer part of that. This was the long way around as we were coming from the opposite direction.  R pointed out in actual bad weather we would have flown the GPS approach that was better aligned with our route.  But I’d flown the ILS into AGC and the point was to get something different here. The center controller vectored us around nicely for the ILS 28 approach and we took it on down.

The approaches at UNV and AGC weren’t very complex, that is there weren’t numerous little stepdowns as there are on some of the approaches nearer home. They both came down in nicely lined up valleys.  (As the valleys were there first, technically the airports were the ones lined up to the valleys!)

After I bought us lunch, we filed and headed toward home. The computer at UNV wasn’t connecting to the network, so I called FSS and filed the old-fashioned way. The departure procedure at AGC and UNV were new to me. The airports around home don’t have much in the way of official departure procedures. Something to add to my flow chart and checklist.

This leg was at 7000 feet, would have been above the earlier clouds, but then the clouds were building some too. So, we were still in and out of them. We didn’t have to follow our whole route again, closer to home we got a direct to our initial approach fix for the GPS approach to home.

In discussions later, R told me I’m trying to basically reinvent the wheel each approach. I’m doing too much work and it should be more automatic. I should have the plane consistently configured, and use small power reductions for descent. I was descending too fast, then overshooting my altitude, then climbing back to it just in time for another descent. This process distracted me and I tended to loose horizontal heading as well. I don’t need to work that hard! Consistent configuration for each approach would simplify my life.

By and large, the cross country did reasonably well. There were things to learn, and I did learn and am learning (revising checklists and making that flow chart). Looks like another few polishing lessons and then the checkride!

On one random day recently a small computer that I maintain at work for some remote access received 1088 attempts to log on with 602 different usernames. This is not a particularly special machine, it’s address is not known or linked to from anywhere, it’s not large nor does it carry many logins. It is a smaller unremarkable computer in a small and lower-profile company. Important to the few people who use it but that’s all.

This isn’t unusual. It’s a bit of a slow day perhaps. There are also at least several hundred attacks on other services too, like attempts at using FTP. No matter, most services are turned off (as we don’t use them), and there are protections on logins and other services that I won’t fully detail here.

High profile services like Twitter, Facebook, etc will receive many more hack attempts naturally. Orders of magnitude more. In fact they were recently both unreachable due to a DDOS (Distributed Denial of Service) attack from a botnet probably. There’s a whole specialty of security for computers and IT networks now. This is not my field. I like to write software and security can be more admin-related. Besides, in my thinking at least, security work requires a level of paranoia which I don’t want to develop.  Fortunatly, others feel differently.

A botnet is a collection of compromised computers that can all be directed to bombard a target site - Twitter perhaps - with requests over and over again. If your computer is part of a botnet, a zombie, you notice it a bit slow, but the cumulative effect of all those requests funneling in on the target is overwhelming.

All those attempts on that computer at work were automated attempts at making it part of a botnet. Something I don’t want to be part of. A permanently-connected home computer (DSL or FIOS perhaps) could have the same level of attacks.  Make your passwords good, and turn off network services you don’t need. Avoid being a zombie in a botnet yourself.

That work machine is running linux, if you’re running Windows (and according to my web statistics you probably are), you’ve got a bigger problem.  Windows has as number of services that are defaulted on, and a few that can’t be turned off.  (That’s one of the reasons I don’t like Windows.) You will require a firewall in your DSL modem, fortunately, most have them.  Configure it to only allow just what you need and no more.

I’m not a security guy, that’s a whole ‘nother software specialty. But I write software, and have a fair amount of experience with networking software. That makes me aware of security issues. But I don’t need much doesn’t require much security experience at all to anticipate this kind of thing:

LAS VEGAS — It’s one of the most hostile hacker environments in the country –- the DefCon hacker conference held every summer in Las Vegas.

But despite the fact that attendees know they should take precautions to protect their data, federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader.

The reader, connected to a web camera, sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks as they passed a table where the equipment was stationed in full view. (See the full article here.)

I’m just a software/networking guy. And I know better than to carry an RFID-enabled card to DefCon. I know that RFID cards can be read remotely. And I have my concerns about RFID passports and other critical ID. So, you’d think that Federal personnel who ARE security geeks would know about this and realize the implications! After all, DefCon is a key conference for security people, you’re not there if you’re not interested in technical and computer security.

I’m also writing this here so that you’ll know - even if you’re not a geek at all - that more and more ID cards, credit cards, toll booth payment devices, and similar items have RFIDs. If you can wave it near something and have your card work, it’s an RFID. And it can be read by someone you don’t want to read it. Sometimes something that’s more convenient for you is more convenient for a thief too.

There are protections like passport wallets and the like. Or, you can decide when and where you want to carry it basing that on any potential effects of theft and the potential risk of that theft. But don’t be like the Feds at DefCon who were surprised with the obvious.

At the tail end of the Bush administration someone decided we needed new publicity photos of Air Force One (AF1), the president’s plane. This was, unsurprisingly, badly managed. NYC cops and government were told about this, but with specific instructions not to tell the public despite the objections of those cops and NYC government. Given the post 9/11 reaction to large planes flying low, there was the expected strong negative result.

The Washington Post now has a link to the photos posted by the DoD (PDF). AF1 is shown flying with a fighter jet.

I agree with a comment I read on a pilot’s email list, the photos could be a lot better. It was a waste of tax money and poorly managed photo shoot in several ways. Alarming New Yorkers was a bad idea. And I suspect the photos were shot through a window, not through an open door or photo port. I’ve done a little aerial photos and these shots don’t look usable to me, even with photoshop.  You can’t fix it if the original image isn’t clear.

That all being said, I think the problem was execution, not the idea of the photos themselves. Part of our government’s role is to promote America and American ideals. PR in other words. Having nice photos of AF1 can be useful for that. Although, if portraying us as a peace-loving nation is important then having a fighter jet in the frame isn’t such a good idea.