Squirrel Tech Support

Last year in October, I did a release of Fox squirrels for Greenwood Wildlife Rehabilitation after they had been rehabilitated. These squirrels couldn’t go back exactly where they came from because the owner of the property wasn’t available to give permission, which is required by Colorado Parks and Wildlife regulations. A wonderful lady that was on the release candidate list offered to take them so I drove them to their new home. Since it was an October release and winter was close, each of the two batches got their own nest box to start out. Before I put them up, I noticed that there were a lot of other nest boxes already up. Come to find out she had been offering to take squirrels for many years.

I warned her about the danger of overcrowding, when the squirrel density is too high it can cause serious issues and lead to death for some squirrels. As they compete for food sources and are forced to spread out, they can move to yards or areas that are not as suitable for them. Forcing a squirrel out of their home has a high probability of leading them to their death, as they find themselves in a new area without food, shelter, or knowing escape routes. I ended up putting the boxes up because that late in the season we had no other viable release sites. Since she was supplementing their food with sunflower seeds, bird seed, and corn, it was a lot better option than anything else.

Jump to today when I get a call from her asking if I could help. Apparently one of her old nest boxes, that she thinks may be 20 years old, fell out of the tree this morning. She said no one from Greenwood or anywhere else she called could come help her put the box up. So I found myself driving out to Arvada to see if I could get it done quickly before hauling ass down south for an early afternoon appointment. I spent an hour, most of it trying to figure out a way to get it back up in the tree and stable. This was tricky because the support board for the nest box had rotted out, leading to it falling, and it wasn’t usable. I had to run to the local hardware store for a hammer and some eye hooks but ultimately it just wasn’t happening.

 Rotted original nest box.
Rotted original nest box.

I left but told her to call me later that afternoon while I tried to think of a solution. Shortly after I left, I got a call from her saying that Greenwood could spare one of the big nest boxes, identical to the one that fell. She left immediately to get it which meant over an hour on the road. I had planned on returning tomorrow to work on it but the idea of squirrels not having their nest overnight didn’t sit well with me. Unprotected and sleeping in a tree is very risky; predators and even the wind are threats. After my appointment down south I drove back to Arvada with my own ladder and drill which I knew would be needed for the new box.

New box built by a Boy Scout troop and donated to Greenwood.
New box built by a Boy Scout troop and donated to Greenwood. (Box is upside down)

I don’t know much about relocating squirrels from one nest to another. Since they enjoyed a protective nest box, I wasn’t sure if that factored in if it was being replaced by a similar one. They obviously look different and no doubt smell different to the squirrels as well. So I removed some of the bedding from the old nest box and put it in the new.

Bedding in the old box included leaves, twigs, dirt, and almost unrecognizable piece of fleece that was put in originally.
Bedding in the old box included leaves, twigs, dirt, and almost unrecognizable piece of fleece that was put in originally.

My hope was that the bedding being moved over would help the squirrels understand this was the new home. The next challenge came in the form of where to put the box. Whoever had put the old one up had a much taller ladder than hers or mine, so there was no way to get it back up that high. The angle of the tree made it so most of the trunk space was not suitable due to it being uneven, the box being angled, or branches.

The new box with old bedding moved over along with two new pieces of fleece since we didn't know how many squirrels lived in it
The new box with old bedding moved over along with two new pieces of fleece since we didn’t know how many squirrels lived in it.

Ultimately, we ended up removing an old bird house that had never been used since installation and putting the new box in its place. It wasn’t quite as high as I would have liked, but higher than some other nest boxes that have been put up. One side offered easy access to the box off the tree trunk but the other might not have been perfect, but a squirrel could definitely go from trunk to that entrance too. I left her place at 7pm with a strong hope that the squirrels who watched us do all that understood what had happened. She told me she’d watch tonight to try to see if any went in and would watch in the morning like she always did to see if squirrels emerged. I left a huge handful of sunflower seeds on top of the box and even more below at the foot of the trunk to help them while they adjust.

Today was the first day in my new career as Squirrel Tech Support apparently.

The new nest box hanging in the tree.

[Update: This morning she texted to let me know that squirrels were eating the seeds and one went into the new nest box. She says “Looking good for them!!!”]

DC26 Attrition Badge Round-up

This is the first DEF CON I am attending after a long break. For kicks I decided to make up a run of DC26 Attrition badges like prior years and conferences. Depending on who you ask, the badge is a decoration only, or it gets you into fabulous parties and amazing events. Anyone with a badge is encouraged to embellish.

Since the July 5 announcement of the badge, I increasingly focused on using them to raise money for charity. That, in turn, prompted several people to ask for details of the badges and the money raised. This blog will hopefully answer those questions and maybe inspire others to help out when they can. If you aren’t interested in the quick story, scroll down to the inspiration section please.

First, a link-heavy summary. On July 7, I did the first charity challenge looking to raise money for the ACLU, GLBT Community Center of Colorado (The Center), and Planned Parenthood. I also started giving out a a handful of personal challenges to random people expressing interest in a badge with fun results.

On July 10, I did a second charity drive bigger than the first. I also offered one badge up as part of an art challenge for the best original art featuring Lazlo. Deathjaw17 won that with this epic piece:

In addition to the art, I did a few other trades including for this slick challenge coin as well as a few other DC26 badges. At this point some of the winners of badges started posting pics, including with chickens, with epic beasts, and with bubbly! The Lazlo badge also got a tour of Philly and a sweet visit to the CompSci building in War Games. One badge went out and lead to a fun picture and backstory of a ‘dojo squirrel’. During this process, I got an unexpected care package from Kentaro, that he sent before I sent him a badge, and @Otterannihilation received a badge and sent back an amazing gift as a thanks. Meanwhile, pictures of badges kept coming:

    Inspiration and the Opposite

By this point, after two big charity drives, and several subsequent one-off drives, it was clear to me that raising money for charities was a great option. Badges were in demand and a lot of great people were willing to throw in money to help great causes. This also led to some other great opportunities that aren’t donations to charity, but amazing ways to help out. The level of inspiration and good-will in our industry is always refreshing, one of the few things that keep some of us from losing all hope. More on that later.

The opposite of inspiration came in two forms. First, while the badges w/ lanyards cost $298.60, but the postage to mail them out to x people cost $448.12, meaning the entire effort cost $746.72. This was due to the lanyards, which meant the badge couldn’t go as an envelope; they had to go as a package. Each envelope cost $3.50 domestic, $10 Canadian, and between $13.75 and $14.25 to mail international. This resulted in one fun trip to the post office that took around 30 minutes and produced a generous receipt.

The second came in the form of being questioned and challenged about my badges repeatedly, and being accused ofstrongly [reinforcing] exclusive cliques within infosec“. After assuring someone this was not “a dark stunt satirizing infosec exclusionism and signaling“, giving information on the charity contributions at the time, and reminding everyone that “the charity-driven badges are open to *anyone*. i have sent badges last week, and will send some this week, to people I don’t know and have had little to no interaction with“, I still faced questions about if I was reinforcing the exclusive cliques in infosec. I’ll say this definitively; I am not reinforcing cliques at all. This is trivial to see if you remember the definition of a ‘clique’, and consider that I don’t know half the people getting a badge other than a brief Twitter interaction.

OK, back to the inspiration. At the suggestion of Noah, with his input, two badges were given out to people who volunteered to provide InfoSec training for free. First, Jim Manico volunteered to give one of his well-known and appreciated AppSec classes in December on his birthday, for free, with the focus of recruiting women, LGBQT, and/or PoC for the class. Additionally, Bones volunteered to give design and give an infrastructure/cloud security pentesting course. I also suckered her into slipping in a not-so-subtle requirement.

An even bigger inspiration, and one that shocked me, was the community stepping up to donate to charity for a badge. Once I saw the generosity, I ran with it and focused on using a majority of the badges to continue raising money for charities I support, and ones that the donors support. The charities that received donations in return for badges included the ACLU, Cavy Care, Center for Genocide Research and Education, Colorado Animal Rescue, Electronic Frontier Foundation, Greenwood Wildlife Rehabilitation Center, Hawaiian Humane Society, Kids in Need Foundation, Planned Parenthood, Retriever Rescue of Colorado, SaveABunny, Special Operations Warrior Foundation, Sprout Therapeutic Riding and Education Center, The Wild Animal Sanctuary, and Women in Security and Privacy (WISP). A total of 69 donations from 67 heroes between 2018-07-06 and 2018-07-28, raised a total of $8453.47. I’m still happily shocked at this outcome.

I also want to thank Heidi for chatting and educating me about Women in Security and Privacy (WISP) and their initiative to help more women get to DEF CON. Over a week of chatting, it started out as “this is my first DEF CON and it is rough financially” to her being one of the recipients of the WISP grants. Even better, one of the people that donated and won a badge said to give it to someone else. I suggested Heidi and they said that was a good choice! So on top of getting help to DEF CON, she got a badge, and I threw in some stickers to round out the fun.

Finally… are you sad you didn’t get a badge? Depressed that you didn’t get a chance to donate to charity to win one? Fortunately for you, there is one last chance! Jives reached out and we’re partnering for a big charity auction, with a couple days left! You can bid to win a DerbyCon ticket, a DC26 Attrition badge, and a custom box of shit! Bid now, bid often, win this sucker

A Personal Challenge

A personal challenge, as in, the kind where i challenge myself. Last year, I got my friend Tamba a birthday gift of entry into the Tough Mudder Colorado. Since I was not in appropriate shape, I signed up as a spectator and ended up photographing the event. Two nights before the event, Tamba broke his ankle. Undeterred, he iced it on the drive up, wrapped it, and ran the race. After seeing that, I figured I should challenge myself.

This year, I got him the same present and signed up myself to participate. If you aren’t familiar with the Tough Mudder, or similar events, it is designed to test your endurance and physical ability. It isn’t enough to run the course, which is 11 – 12 miles in Colorado. You face 20 or more obstacles, some of them quite brutalchallenging.

This morning we got out of Denver on time but ran into a slight problem. During our philosophical discussion of post-apocolyptic planning and survival options, we missed our exit. Before we realized it, we had overshot by some 25 miles (the next exit happened to be many miles from the last). Our 1:20P start time was looking grim. By the time we turned around, parked, took the shuttle, checked in, and dropped our bags, we joined the final starting group of the day at 2:00P. This was a concern to me because the Mudder has a ‘cut off’ time (4:30P this year) where you may get sent down the mountain a much quicker way, out of the event. This meant I had to do about 5 miles of uphill, from 7,400 feet to a summit of 9,600 feet, in 2.5 hours. Given my asthma, that didn’t look feasible. Having been sick the entire week with a bad cough and serious congestion, that didn’t bode well either. This also meant that I started the race on about 350 calories, as we didn’t have time to get a bit more food in Avon, CO as planned. Doh! Clearly not my ideal circumstances for running the Mudder, but I didn’t have any other option.

This year’s course:


Of the 11 miles, I ended up doing about 9.5 of them. At the top of obstacle 6 (The Gauntlet), because it was right at 4:30, we barely made the cutoff (or were minutes late). Instead of cutting us off, we got moved directly into the downhill part of that obstacle, going over huge snow/ice ‘ramps’. These were rough as the ice was jagged and cutting many hands trying to slide down them. Upon reaching water station 3, I was dizzy and light-headed, and it didn’t go away with rest and water. Over ten minutes later, it was clearing up a tad but not going away completely. I sent Tamba up a brutal half mile+ uphill while I cut over to where water station 4 is (but it wasn’t really there). This gave me another 20 minutes to recover so I could continue the course. While we were only at ~ 9,000 feet, the lack of oxygen was affecting me and I am sure it was mild altitude sickness as well as dehydration. By the time Tamba got around that loop, I was ready to go on. From water station 5 to obstacle 15 was the final uphill push of the course, or so I thought. I slowly made it up that one, but didn’t have the energy for the very last uphill between obstacle 17 and 18. From just past 17, I took the access road down to obstacle 19 before finishing the course.

Ultimately, the lack of food as well as the amount of uphill (more than last year) sapped me completely. My legs were a constant dull pain by halfway through the course, and my back had a sharp pain from mile 2. Usually a solid hike does not hit my back at all, even in similar trail conditions. While I didn’t quite do the full course and had to skip some obstacles, we were on the course for over 4.5 hours.

Starting at 2P, we were able to catch up to the other 2 people running from Tamba’s gym (Amy and Lecia) who started at 1:20P as planned. Despite my very slow pace on the uphill, we ultimately passed some people and finished about an hour before the final person. While recovering, we also watched as an 80-year-old man crossed the finish. That is hardcore. Team Up Gym:


An exhausted, hungry, bruised, and sick me:


The one upside to all this? Post-Mudder dinner! This was the first time I was able to eat a plate of Nachos without Tamba yelling at me about fat and calories. The other thing? Biggest plate of nachos i’ve seen in my life, from Dillon DAM Brewery (note the fork for size reference):


Twitter, the Ultimate Better Business Bureau

Over the last year, I have learned that Twitter has become the ultimate medium for getting a company’s attention. When you complain about a company and include their @ name, the potential for a lot of people to see it is there. As such, companies have quickly figured out to be very responsive, and very quick in responding to public complaints there. Personally, I have had good luck with this, and found many companies to be responsive and quickly fix, address, or promise to look into my issues. Today, I had another quick win.

ABC news sends out email-based news flashes for high profile happenings. I subscribe to them, as well as the blasts from CNN. ABC’s mail however, for a year+ now, has not carried a date header. This means that mail comes in, and if you sort by that date, it doesn’t sort well. It is also just bad etiquette not to follow a 30+ year old RFC that mandates that header in all emails. I took @ABC to task over it this morning before I went skiing:


By the time I got home, ABC had sent out another news blast, and this time it carried the date header! After over a year, all it took was a single Twitter complaint.