Confessions of a Noob Landlord I - How to Fix a Gas Range

|

  1. Have a tenant email you asking you to check out a strange chemical smell coming from her oven when she uses it.

    From: Tenant

    Date: January 20, 2015

    Subject: Oven problems

    To: David

    Hi David,

    I’m sorry to keep email [sic] you with problems, but over the past few weeks the oven has increasingly emitted a chemical smell. Any time the oven is turned on there is a strong burning/chemical odor from the back of the unit. The rear is unusually hot and the smell is so strong that it burns our eyes and noses, so we’ve stopped using it entirely.

    Thanks for your attention,

  2. Call Lowe’s Home Improvement store where you bought the gas range. They’ll schedule a repairman to come by and send you an email confirmation.

    From: CareFB@lowes.com

    Date: Tuesday, January 27, 2015

    Subject: Lowe’s Repair Scheduled Notification

    To: David

    David,

    Thank you for contacting Lowe’s Service Advantage. We appreciate the opportunity to assist you. This e-mail is to confirm your appointment for service.

    Appointment Information

    Date 2/10/2015

    Time slot AllDay

    Service Provider Information

    Business name NORTHEAST APPLIANCE PROS, INC.

    Phone number (781) 618-1966

    Product Information

    Brand HOLIDAY

    Type Freestanding Gas Ranges

    Model number SAK101OO

    The service provider will attempt to contact you prior to your appointment. Please call us at 888-775-6937 if you need additional assistance or want to cancel or reschedule your appointment. This message was sent from an unmonitored account; please do not respond to this e-mail.

    Thank you, Lowe’s Service Advantage

  3. Call Northeast Appliance Pros Inc. to confirm the appointment. They’ll say the don’t have availability, never confirmed the appointment with Lowe’s, and tell you to call Lowe’s back to schedule an appointment with a different company.

  4. Call Lowe’s at (866)-286-9158. Someone will pick up and tell you this is their “network admin number.” She’ll tell you to call their service number (888)-775-6937 and transfer you.

  5. Now a different Lowe’s employee in the service department will tell you something completely different from the first time you called. He’ll say the gas range was purchased within a year and is thus covered by the manufacturer’s warranty. He’ll tell you to call the manufacturer Holiday directly at (800)-858-5844.

  6. Carol from Holiday will pick up and transfer you to their service department.

  7. Tom at extension 21 will pick up and say to call their service provider Harrison Refrigeration.

  8. Call Harrison Refrigeration at (617)-323-2662. Peter will pick up and say they aren’t authorized to work on Holiday stoves and tell you to call Holiday again.

  9. Realize you didn’t write down Holiday’s number so go back to step 3.

  10. OK. When you’re back at step 5, Tom will tell you to call Harrison again but instead of “Holiday” use the name “Peerless Premier” which is the manufacturer’s actual name, not Holiday which is what Lowe’s uses for whatever reason.

  11. Peter at Harrison will say he’ll take a look at their schedule and call you back.

  12. Wait an entire day. Realize Peter stood you up.

  13. Call Harrison back. Get a different representative. Ask him if he’s Peter. He’ll say Peter’s sitting next to him. Ask to book a repairman. He’ll ask you what’s wrong, you’ll describe what the tenant said. He’ll ask you if the oven is clean and that it’s not just food in the oven burning. No, the tenant said it smells chemical. OK. We can send someone over, but if it’s not a manufacturer defect, the warranty doesn’t cover the service visit, and we’ll charge you $75. Tell him you’ll ask the tenant again.

Congrats! You are now done with part one. Stay tuned when I publish the rest of the guide next week.


How to Troll Your Roommates With a Shared Router

|

This article will show you how to troll your roommates or family by sending their browsers to this amazing website where He Man sings “What’s Up” by 4 Non Blondes (flash required) whenever they try to visit facebook.com.

What you’ll need:

  • administrative access to a router (I used a Netgear router with firmware WNR1000v3 leased from Time Warner)
  • router firmware that lets you configure static routes, port forwarding, etc
  • a server connected to the router (I used jarvis which runs Ubuntu 12.04)
  • DNS software running on that server (I used bind)

What you won’t need:

  • access to your victims’ devices (we will be doing something more sophisticated than simply editing /etc/hosts)

How the prank will work

We will intercept the DNS queries unsuspecting devices make to the router for facebook.com and reply back with the IP address for He Man. The router will send those DNS queries to your server instead of legitimate DNS servers and your server will reply back with the IP for He Man. Your roommates will be confused.

Configure your router

If you’re connected to the router, you can find the router’s IP address with ifconfig. If you’re on a Mac, you can also go to Network settings -> [select the connection on the left hand side for the router] -> Advanced -> TCP/IP -> find the “Router” IP address.

Go to that IP address in a browser.

Most routers will show you an admin page that prompts for a username and password. The default is usually admin/admin or admin/password.

Find the page that lists the devices connected to the router. Note down your server’s IP address.

Set the DNS servers for your router to Google’s DNS servers: 8.8.8.8, 8.8.4.4.

Setup a static route for each of these Google IPs that point to your server.

Install and configure DNS software on your server. I used bind9 and followed this tutorial by Digital Ocean. I skipped the secondary DNS server and reverse zone files and anything after that.

/etc/bind/named.conf.options
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
acl "trusted" {
    localhost;    # ns1 - can be set to localhost
    192.168.254.1;  # apartment router
};

options {
    directory "/var/cache/bind";

    recursion yes;                 # enables resursive queries
    allow-recursion { trusted; };  # allows recursive queries from "trusted" clients
    allow-transfer { none; };      # disable zone transfers by default
 
    // Time Warner DNS to avoid infinite loop
    forwarders {
        209.18.47.61;
        209.18.47.62;
    };

    dnssec-validation auto;

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
};
/etc/bind/named.conf.local
1
2
3
4
5
6
7
8
9
10
11
//
// Do any local configuration here
//
zone "facebook.com" {
    type master;
    file "/etc/bind/zones/db.facebook.com"; # zone file path
};

// Consider adding the 1918 zones here, if they are not used in your
// organization
include "/etc/bind/zones.rfc1918";
/etc/bind/zones/db.facebook.com
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
;
; BIND data file for facebook.com zone
;
$TTL  604800
@ IN  SOA jarvis.davidxia.com. jarvis.davidxia.com. (
            3   ; Serial
       604800   ; Refresh
        86400   ; Retry
      2419200   ; Expire
       604800 ) ; Negative Cache TTL
;
; name servers - NS records
    IN      NS      jarvis.davidxia.com.

; name servers - A records
jarvis.davidxia.com.          IN      A       192.168.254.8

; 192.168.254/8 - A records
facebook.com.        IN      A      205.186.179.191
www.facebook.com.    IN      A      205.186.179.191

Make sure you use different DNS forwarders than the ones you specified in your router, otherwise you’ll create an infinite loop. I used Time Warner’s DNS servers.

Check your server returns He Man’s IP when asked for facebook.com.

dig facebook.com @localhost +short
205.186.179.191
dig heyyeyaaeyaaaeyaeyaa.com @localhost +short
205.186.179.191

Add iptable rules to replace the router’s incoming DNS query packets’ destination IP with your server’s IP to make your server from actually respond to them. Add rules for both UDP and TCP for both IP addresses for a total of four.

sudo iptables -t nat -A PREROUTING -p udp -d 8.8.8.8 --dport 53 -j NETMAP --to 192.168.254.8
sudo iptables -t nat -A PREROUTING -p udp -d 8.8.4.4 --dport 53 -j NETMAP --to 192.168.254.8
sudo iptables -t nat -A PREROUTING -p tcp -d 8.8.8.8 --dport 53 -j NETMAP --to 192.168.254.8
sudo iptables -t nat -A PREROUTING -p tcp -d 8.8.4.4 --dport 53 -j NETMAP --to 192.168.254.8

Check you get the following output.

sudo iptables --list -t nat

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
NETMAP     tcp  --  anywhere             google-public-dns-a.google.com  tcp dpt:domain192.168.254.8/32
NETMAP     tcp  --  anywhere             google-public-dns-b.google.com  tcp dpt:domain192.168.254.8/32
NETMAP     udp  --  anywhere             google-public-dns-b.google.com  udp dpt:domain192.168.254.8/32
NETMAP     udp  --  anywhere             google-public-dns-a.google.com  udp dpt:domain192.168.254.8/32

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Now check your router returns He Man’s IP when asked for facebook.com.

dig facebook.com @192.168.254.1 +short
205.186.179.191
dig heyyeyaaeyaaaeyaeyaa.com @192.168.254.1 +short
205.186.179.191

Use tcpdump to debug if this doesn’t work.

And you’re done! Kind of… There are a few things that still don’t work. The IP address for He Man is probably a server that hosts multiple domains and doesn’t know which one to go to if only given the IP. Bind can’t return a domain name, so I made bind return an IP address which led to a static page with some Javascript that simply redirects to heyyeyaaeyaaaeyaeyaa.com.

1
2
3
4
5
6
7
8
9
10
11
12
<html>
  <head>
    <title>Redirecting...</title>
  </head>

  <body>
    <p>Redirecting...</p>
    <script type="text/javascript">
      window.location = 'http://heyyeyaaeyaaaeyaeyaa.com/';
    </script>
  </body>
</html>

The major wrinkle is that Facebook uses SSL/HTTPS so modern browsers will just show a warning and not request the page. So you can really only redirect from HTTP sites to other HTTP sites, but hopefully this prank is still worth something. I certainly had fun with it :)


Can I Please Have an Unsubscribe Option for Physical Mail?

|

I hate email spam and fanatically guard my inbox from it. I try to not give out my real email address unless it’s for an account I need or a service I find useful. These include bank accounts and billing accounts like credit cards and utility bills.

But I inevitably receive spam. Gmail does a great job of filtering out most of them. But for ones that get through, I appreciate organizations that add an unsubscribe link in their email footers. They are doing themselves a favor because I’m going to click that link instead of marking their email as spam which might hurt their email reputation and actually make it harder for their emails to get into inboxes overall.

Almost all my physical mail is junk, but none of them tell me how to unsubscribe. It’s rather unfair how companies collect and use my email in the first place. They ask me for it when I buy something for the first time without explaining how they’re going to use it, or in the off-chance they do explain, it’s usually about following up on my purchase.

In the months that follow, they send me with sales offers and catalogues. Why would a merchant waste the goodwill I gave them by sending me unsolicited mail? I should be asked to opt-in to promotional and marketing mail. Okay, maybe they’re too lazy or their employee forgot. Then at least give me an option to unsubscribe.

Not only does it crowd my mailbox, I now have to worry that when I move, some sensitive piece of mail might find its way into a strangers hands and be exposed or used maliciously.

Here’s an example of a letter I received from Mount Sinai. I’ve only visited Mount Sinai once to ask a surgeon about what my options were for two herniated disks in my lumbar. I can’t think of any other way Mount Sinai got my mailing address.

The more I think about the letter in the photo above, the more I start to wonder. How and why did my email from a surgical consultation get passed on to Mount Sinai’s fundraising department’s mailing list? Does this violate HIPAA?

They should at least provide me a method to unsubscribe myself. Something like a website, phone number, even a mailing address. Instead they don’t even provide a postage paid envelope for the check they expect me to write.


Corporate Lingo

|

From elementary school through college, I learned standard English writing and speaking. But when I started working, I noticed there was something different about the language people spoke and wrote in the corporate world and the one I was taught in school. I couldn’t put my finger on it, but the jargon felt impersonal, verbose, bombastic, and loved nouns rather than verbs.

Here are some examples of sentences I’ve heard people utter with a straight face at work:

  • What’s the ask?
  • Our win of the week was…
  • After doing an A/B test, our learnings are…
  • The deliverable is forthcoming.
  • We are waiting for sign-off.

Why do we pervert perfectly good verbs into dreadful nouns? What’s wrong with

  • What does he want?
  • Our achievement this week was…
  • After doing an A/B test, we learned…
  • I will send the result to you soon.
  • Do you approve?

To fit into a corporate setting, be verbose and bombastic.

  • “We can get the deck turned around tomorrow.” instead of “We can give you the updated deck tomorrow.”
  • “The layout will be leveraged for all other workstreams.” instead of “Everybody will use the same f**king layout.”
  • “Please flag anything you might want to escalate.” vs “Tell us if you’re worried about anything.”
  • “Let’s talk offline.” (People have said this to me in person. What do they even mean? Aren’t we already offline?)

Blatantly misuse words.

  • “Please revert with comments.” vs “Please comment.”

And finally, just make up words that sound like Newspeak.

  • “Let’s future-think our mobile design.”

How about “buy-in” or “ideation” or “react” as a noun? People also say “we” when they really mean “you” as in “We should do this.” ie “You should do this.” This usually occurs when speaking to subordinates.

I’m reminded of George Orwell’s “Politics and the English Language” essay in which he criticized political language for being vague and meaningless. He called this kind of language a “contagion” and encouraged people instead to write and speak with concreteness and clarity.

I’m also reminded of the Java programming language which loves nouns instead of verbs. Here’s a fun explanation by Steve Yegge titled “Execution in the Kingdom of Nouns.”


How to Connect to Freenode IRC via SSL

|

It took me a while to figure out how connect to freenode’s IRC servers via SSL today. Here’s a reference for my future self and anyone else who might find this helpful.

N.B. I use weechat as my IRC client.

  1. Pick a nick that’s not already taken. Weechat kept retrying unsuccessfully when I used one that was already taken.
  2. freenode has instructions here on how to connect via SSL
  3. I run weechat on Ubuntu 12.04 and had to install the intermediate and root certificates mentioned in the link above. Otherwise, weechat complains that it doesn’t recognize the certificate.
  4. sudo mkdir /usr/share/ca-certificates/extra
  5. Copy the Gandi and InstantSSL certificates to that directory.
  6. Let Ubuntu add the new certificates’ path relative to /usr/share/ca-certificates to /etc/ca-certificates.conf by running sudo dpkg-reconfigure ca-certificates.

This should be all. Here’s the weechat IRC configuration for freenode which should be written to ~/.weechat/irc.conf.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
freenode.addresses = "dickson.freenode.net/7000"
freenode.proxy
freenode.ipv6
freenode.ssl = on
freenode.ssl_cert
freenode.ssl_priorities
freenode.ssl_dhkey_size = 1024
freenode.ssl_verify
freenode.password
freenode.capabilities
freenode.sasl_mechanism
freenode.sasl_username
freenode.sasl_password
freenode.sasl_timeout
freenode.autoconnect = on
freenode.autoreconnect
freenode.autoreconnect_delay
freenode.nicks = "davidxia"
freenode.username
freenode.realname = "David Xia"
freenode.local_hostname
freenode.command
freenode.command_delay
freenode.autojoin
freenode.autorejoin
freenode.autorejoin_delay
freenode.connection_timeout
freenode.anti_flood_prio_high
freenode.anti_flood_prio_low
freenode.away_check
freenode.away_check_max_nicks
freenode.default_msg_part
freenode.default_msg_quit
freenode.notify

New Yorker Redesign

|

The New Yorker recently redesigned their web site and made all articles free for a limited time. Everything looks great except for that giant sticky header that takes up at least an inch of your screen. I hope they get rid of it.


Amsterdam 2014

|

I visited Amsterdam after coming going to Stockholm for work recently. It was my first time there. Amsterdam’s canal, bike paths, and green spaces are beautiful.


Indonesia 2014

|

Nanette and I traveled to Indonesia and visited Borobudur, the site of the world’s largest buddhist temple, and hiked Mount Rinjani, an active volcano.