Year: 2014

Categories
Critters

Elephants escape Shrine circus in St. Louis and damage cars

I have spent considerable time building a list of negative incidents associated with circus elephants in the United States since 1800. Thanks to Google’s newspaper archive, I’m discovering several more to add to what is already a large list.

Of course, sometimes the incidents happen in real time.

Three circus elephants got loose and damaged two cars in the parking lot of the Family Arena on Saturday afternoon before being corralled by trainers, according to the circus’ sponsor.

Dennis Kelley, president of the Moolah Shriners of Eastern Missouri, which has been sponsoring the Moolah Shrine Circus for decades, said the incident happened during a performance about 5 p.m. He said no people were in the parking lot when the elephants somehow escaped from the back of the arena in St. Charles. The elephants roamed an area of the parking lot where only circus and Shriners employees’ cars were parked.

Two cars were damaged, he said.

Circus elephants damage cars during brief escape in Family Arena parking lot

According to Fox News, four vehicles were damaged.

And now the story has been picked up by the Washington Post, which noted that the venue’s loading door was also damaged.

Yes, I think we can assume the USDA is quickly coming to investigate the Royal Hannaford’s elephant handling. The Royal Hannaford is the actual circus contracted by the Shriners, and this is not the Royal Hannaford’s first incident.

KMOV notes the elephants were from the children’s rides. “Officials confirmed these are the elephants children can ride, however, no children were on the elephants when they got loose.”

Elephants have hurt handlers, children, and adults when used for rides. It would be safer to send your kids out into a busy street to play.

CNN has video of the elephants in the lot, and eye witness accounts. Note that this wasn’t a simple case of elephants just wandering out of their enclosure—evidently they panicked during a performance. This was a potentially extremely dangerous situation, which the circus is attempting to downplay. I expect severe repercussions from the USDA.

CNN story

Circuses haven’t been good for elephants, and forcing them to perform in circuses hasn’t always been that great for people, either.

PDF of the Elephant Incident List

Categories
Critters Environment

Go Vegan!

In comments to a story at Food Safety News, (Report: ‘Bycatch’ Blamed for Nine Dirty Ocean Fisheries Off U.S. Shores), about the distressing amount of bycatch associated with several fisheries, a commenter to the story wrote:

Even if bycatch could be ended, which it won’t be, fishing would still remain a horrific agony for the billions of fish who are intentionally caught. Science has shown fish to be sentient: able to suffer terror and pain. All for a food that presents such hazards to human consumers as concentrated mercury, dioxins, PCBs and other toxins, cholesterol, saturated fat, etc.

There is a bounty of humane and far more healthful and environmentally responsible food choices. This includes the many marvelous vegan seafood options that are convenient, affordable and delicious. Recipes, products and more can be found on the Vegan Seafood Resources page of Fish Feel.

I noted the response was irrelevant to the story. “Not so!” was the reply.

My response:

While we’re waiting for the utopian world where people sit side by side with lions and tigers, and all only eat fruit that gently falls out of the tree on its own, we need to face the problems associated with our food supply today.

I have a hint for you: the world is not going to become vegan overnight. I doubt it will become vegan in the next several decades–if ever.

So we can either ignore all problems unless the solution is premised on “Go Vegan!”, or we can look to do better, one step at a time.

Doing better in regards to seafood means a) eliminating bycatch, c) ensuring a healthy ocean environment, and c) preventing overfishing. This particular story is related to the issue of eliminating bycatch.

While it is true “Going vegan” is a solution…it’s not going to happen. It isn’t. Oh, maybe for a small percentage of people, but not the vast majority of humans. Not today. Not this moment.

So, according to you, there is no solution other than Go Vegan. One then presumes your argument is let 65% of the bycatch die for no reason. Let sharks and sea turtles and other marine life just die for no reason, because if people aren’t willing to go vegan, we don’t care.

Because, “Go vegan!” is all that matters

I know several vegetarians and vegans who understand that, though going vegan is a solution, it can’t be the only solution we offer. If “Go Vegan!” is the only solution we’re willing to contemplate, we’re condemning domestic livestock to a miserable life, millions of sea creatures to an unnecessary death, and other wildlife to predation by humans who see them only as “target” or “nuisance”.

Categories
Legal, Laws, and Regs

Judge strikes blow against groups

Think back on the last donation you made for a cause. Perhaps it was to the Natural Resource Defense Council to aid them in their court battle to protect the Palisades Interstate Park. Maybe it was the Sierra Club, to support its Clean Air Act lawsuit against a Montana coal-fired power plant, or to any organization or individual battling Chevron in its epic, and manic court fight against Ecuadorians, lawyers, journalists, filmmakers, big tech companies, and most US environmentalists.

The donation was made. Your side of the court battle will win, or it won’t. End of story. Or at least, you think it’s the end of the story.

Imagine that eight years after you made the donation, you get a legal letter or subpoena from an intimidating Washington DC law firm representing the coal plant or oil company, informing you you’re going to be deposed and/or forced to appear in court in an ongoing racketeering lawsuit against the organization you supported. Said lawyers will explain that they are seeking co-plaintiffs in their multimillion dollar lawsuit, with an implication underlying the communication that if you’re not with us, you’re agin us.

And all because you donated $10.00 to an organization like the NRDC or the Sierra Club, to support them in their efforts.

Does this sound far-fetched, insane, impossible? Think again, because that’s just what’s happening in the RICO court case brought by Feld Entertainment (parent company of the Ringling Brothers circus) against several animal welfare groups and individuals because of the groups’ legal efforts on behalf of circus elephants.

Magistrate Judge Facciola of the DC district court ordered the animal welfare group defendants (the Humane Society of the US, the Animal Welfare Institute, Born Free USA, and Fund for Animals), to turn over confidential donor lists containing the names and contact information for every person or organization that donated money to the groups to support the then Endangered Species Act (ESA) lawsuit against Ringling Brothers.

From the order:

Accordingly, defendants will have to provide Feld with the names of 1) those donors who received a solicitation and earmarked a donation to support the ESA lawsuit or Rider (or both); and 2) those donors who attended a fund raiser and earmarked a donation in the same way. Donors who neither received a solicitation nor attended a fund raiser cannot possibly have been defrauded and therefore the disclosure of their identities is unnecessary.

By denying the animal welfare groups’ motion for a protective order for the donor information, Judge Facciola is giving permission for Feld Entertainment’s lawyers to contact, and question, these individuals. Feld’s lawyers assert in court documents that those who donated to the animal welfare groups in relation to this court action were defrauded, and would, therefore, be willing to enter the court as co-plaintiffs with Feld Entertainment, owner of Ringling Brothers circus…the organization considered the poster child for circuses with trained elephant acts, the very thing these donors deplore.

Not a problem, you might think, and seemingly Judge Facciola concurs with you. The scenario Facciola seems to have in mind is that Feld’s lawyers will politely have a chit chat with the folks, ask a few questions, get a few replies, and life will go on. And if the donors despise Ringling Brothers as much as I say, these polite chit chats should be short, and to the point.

Real life is never as simple or as black and white as court documents may imply. I have read most of the deposition transcripts from the earlier ESA (Endangered Species Act) case, which Judge Facciola most likely has not. Of course, he hasn’t; he wasn’t the presiding judge in that case. If he had, though, he might come to realize, as I have, that the opinion Judge Sullivan formed about the ESA case was based, for the most part, on out-of-context responses by an unsophisticated man from the Midwest (Tom Rider), under a daunting barrage of questions fired by an intimidating group of high powered Washington DC lawyers. I would like to think that if Judge Facciola did better understand the actual circumstances leading up to Judge Sullivan’s decision—the reality, not the fiction presented by Feld in court documents—he might have paused, just a moment, before subjecting innocent non-party citizens to the same treatment.

I’ve already sent out warnings into the community of those fighting for the welfare of circus elephants about what may be coming their way. I’m not a lawyer, so can’t give advice, but I have stated if I were to receive notice from Feld’s people, I would never appear in a deposition without having a lawyer present—yet another unconscionable burden on people who did nothing more than donate ten bucks eight years ago in order to help circus elephants.

Judge Facciola’s decision was a not a good one—disregarding argument and cavalier as regarding the First Amendment protections due to the non-party donors. That’s the key: he’s disregarded the rights of those not represented in the court room. And by doing so, he’s setting precedent that should seriously worry any group fighting for any cause—whether it be against the Keystone pipeline, for the wolves, in support of safer and healthier food, clean water and air, or circus elephants.

Thankfully, the animal welfare groups are fighting back to the limits set by law. But I worry, I seriously worry, the impact this case can have on any activist group in the future. Particularly after the Chevron court win and the glee with which corporations now consider RICO as both shield and weapon.

Think about it: how willing will you be to donate ten bucks to a cause if it meant you’ll be yanked into court years later?

Categories
Government

Fox falls all over itself to condemn the EPA…again

I wrote a more recent story on this particular battle, after Johnson filed a lawsuit against the EPA via, who else? Pacific Legal Foundation.

update March 22

A story in a local news station provides both video and photos of the “little pond”.

That’s no pond, it’s a bloody lake. It has a dock. A dock.

This is a contrived controversy.

Earlier coverage

Fox just published a story about a poor blue collar in Wyoming, threatened with horrific fines for building an environmentally friendly little pond on his land.

Wyoming welder faces $75,000 a day in EPA fines for building pond on his property goes the headline, and I’m sure the folks at Pacific Legal Foundation are on a plane, right now, racing to the location in order to represent the family in a lawsuit against the EPA.

According to Fox:

All Andy Johnson wanted to do was build a stock pond on his sprawling eight-acre Wyoming farm. He and his wife Katie spent hours constructing it, filling it with crystal-clear water, and bringing in brook and brown trout, ducks and geese. It was a place where his horses could drink and graze, and a private playground for his three children.

But instead of enjoying the fruits of his labor, the Wyoming welder says he was harangued by the federal government, stuck in what he calls a petty power play by the Environmental Protection Agency. He claims the agency is now threatening him with civil and criminal penalties – including the threat of a $75,000-a-day fine.

That EPA…what a bully. Poor man was only building a little pond, providing water for local wildlife and a place for the kiddies to play.

The only problem is the story is as much fiction as fact. Two minutes is all it took to locate the EPA letter of violation. And the letter tells a different story.

According to the letter, the Army Corps of Engineers knew about this “little pond” in 2012 and contacted the Johnsons. From the violation:

On October 11,2012, the United States Army Corps of Engineers (Corps) conducted an inspection of the Site and confirmed that Respondent or persons acting on his behalf had discharged or allowed the discharge of approximately 12 cubic yards of dredged and fill material below the ordinary high water mark of Six Mile Creek during construction of a darn. The work resulted in filling an approximately 40-foot reach of the creek and inundation of an approximately 745-foot reach.

Dumping 12 cubic yards of fill material into a creek is what we call a “dam” back where I come from. Perhaps they call it something else in Wyoming.

The Corps contacted Johnson several times but received no response back. It turned the case over to the EPA for enforcement.

On May 30,2013, the EPA performed an inspection of the Site and verified that an approximately 40-foot reach of Six Mile Creek had been filled during the construction of a dam, impacting approximately 785 feet of the Six Mile Creek channel. The dam was observed to be composed of sand, gravel, clay, and concrete blocks.

I suspect that the Johnsons effort to fill the pond with “crystal clear waters” consisted primarily of running a backhoe in and dumping cement blocks on the creek.

The EPA also invited Johnson to contact its representatives, multiple times, but he ignored all communications. Eventually, the EPA issued the letter with the violation notice. Now Johnson is crying to his Republican Congressional leaders and Fox news about the sudden appearance of the big bad EPA, dumping down on this poor little land owner.

There’s a reason for laws preventing people from damming water sources such as creeks and rivers on their property—their actions impact on others. I suspect the Army Corps of Engineers found out about the “little pond” when impacted neighbors complained.

And once again, Fox has failed to do its job in its haste to cast the EPA in the worst possible light.

Google Map of the farm:

View Larger Map

Categories
Technology Weblogging

Web Server 101 for Ghost

update

I disabled the Ghost weblog because I don’t want to maintain two different weblogging software applications, and Drupal is my primary weblogging software.

The configuration listed here was sound and reliable for well over six months.

—-

Recently I installed Ghost on my server. Ghost is a Node.js weblogging tool that you can host yourself or have another organization host for you.

It’s not a complicated application to install. There’s even a How to Install Ghost web site, with handy instructions for installing Ghost in various environments.

Take my environment, which is Ubuntu Linux hosted on a Linode VPS. You could order a brand new VPS, but chances are your server is already set up, and you’re just looking to install Ghost.

You have to install Node.js first, of course. Then you download the Ghost source code, and install the application, using the following steps:

mkdir -p /var/www/
cd /var/www/
wget -O ghost.zip https://ghost.org/zip/ghost-latest.zip
unzip -d ghost ghost.zip
cd ghost
npm install --production
cp config.example.js config.js

Next you edit the configuration file, changing the default IP and port values to ones that allow people to access your new Ghost weblog:

host: '[your Linode public IP]',
port: '80'

Lastly, start that puppy up:

npm start --production

 

Now, you’re all set, good to go, blasting full ahead on all cylinders…

…right for that wall that is about to hit you, hard, in the face.

A reality check on that environment

Let’s back this sweet scenario up to, oh, step 1: your environment.

True, you could be installing Ghost in a brand new environment with nothing else installed. Chances are, though, you’re installing Ghost in an existing system that is already running a web server. Chances are also good the web server you’re running is Apache, which is running on port 80, the same as your new Ghost installation.

So what happens when you try to run Ghost on the same port you’re using with Apache?

If you try to start the application withnpm, you’ll get an almost immediate error response signaling that an unhandled error event has occurred, and to contact the Ghost author. If you try to start the Ghost application via another tool, such asforever, you may not see an immediate problem at the command line, but if you access the Ghost site via a browser, you’ll get a 503 “Service Temporarily Unavailable Error”.

You’re getting an error because you can’t run both web services at the same port. You then have two options to run your Ghost weblog. Option 1 is to shut down Apache or install Ghost on a machine where Apache is not installed, and then you can run Ghost at port 80. The second option is to find a way to get Apache (or other web server) and Ghost to co-exist.

Let’s take a look at that first option: running Ghost in a stand alone environment at port 80.

Running Ghost in a Stand Alone Environment

If you don’t have Apache installed, or no other web service running at port 80, you could follow the steps I gave earlier, and you might expect Ghost to start. You might, but you could be in for a surprise.

If you try to start Ghost with a line such as the following:

npm start --production

You’ll most likely get an error. If you try to start Ghost up directly, using Node, you’ll find that the error is EACCES, “permission denied”. The reason why is that port numbers below 1024 are what is known as privileged ports, requiring root permission. When you tried to start up Ghost as a normal user, you lacked the permissions to start the service.

You might be tempted to use sudo to start the Ghost application:

sudo npm start --production

And yes, Ghost should be alive and well and running on port 80. But this command just triggered a visceral response from security minded web developers, because now Ghost (which is currently in beta development and unlikely to be hardened) is now running with root privileges. Not even Apache, hardy veteran of the web wars that it is, responds to web requests with processes running with root privileges.

Behind the scenes, when you start Apache as root, it spawns a worker thread that handles a web request. This worker thread runs with the privileges of a non-root user, typicallywww-data. If you’re running a Linux server, you can issue the following command and see that one Apache process is running as root, while other child processes are running as the Apache user (www-data).

ps -ef | grep apache

Other web servers, such as Nginx, operate under the same principle.

So, what do you do if you want to run Ghost at port 80?

Well, you can start Ghost up on port 2368 (the default port) and then go where most folks don’t dare to go by tweaking iptables to redirect port 80 to port 2368, or something similar. Bottom line, though, is you just don’t run Ghost as a stand alone web server/application, period.

In an issue thread at github the architects behind Ghost have stated that they see Ghost as an application, not web server. As such, they don’t recommend that people run it directly, as a web server. Instead, they recommend using Ngnix or Apache as the web server, and then reverse proxy to Ghost. Both Nginx and Apache are hardened from a security perspective, and both do a better job providing other services the Ghost folks won’t be providing.

The Ghost folk recommend using Ngnix,and you can use Ngnix as reverse proxy for both Apache and Ghost if you’re hosting Apache applications. For myself, I don’t need the extra level of complexity or the performance boost that Ngnix can provide for static files, so I decided to go with Apache as reverse proxy. I’ll cover the steps I took, but first, let’s return to that running instance of Ghost.

Running Ghost Forever

My Ghost weblog is currently running at Shelley’s Toy Box. Shelley’s Toy Box is my hack and trash domain where I’ll try new things. I thought about getting a separate VPS for it, but can’t really afford it at this time, so I’m making do with a virtual host for now.

Ghost is running at port 2368, the default. Yes, this means you could also access the Ghost weblog at http://burningbird.net:2368, and completely bypass Apache doing so, but we’ll get to that in a little bit. For now, I have started Ghost usingforever:

forever start  -l forever.log -o out.log -e err.log index.js

If Ghost crashes and burns,forevershould start it back up. However, if the server, itself, gets re-booted, Ghost isn’t restarted. Luckily, since I’m running Ubuntu, I can use Ubuntu’s Upstart to re-start Ghost withforever.

I created a simple file named ghost.conf in /etc/init, with the following text:

# /etc/init/ghost.conf
description "Ghost"

start on (local-filesystems)
stop on shutdown

setuid your-userid
setgid your-grpid

script
    export HOME="path-to-ghost"
    cd path-to-ghost
    exec /usr/local/bin/forever -a -l path-to-logfiles/forever.log --sourceDir path-to-ghost index.js

end script

Now when my system re-boots, the Ghost weblog restarts. And it restarts as my non-privileged user thanks to thesetuidandsetgid.

Using Apache as reverse proxy

Apache has a good description of forward and reverse proxies, but simply stated, a reverse proxy allows web users to access both Apache and Ghost in our servers, seemingly on the same port 80.

I’ve not used Apache as a reverse proxy before, so this is new territory for me. After going through variations that left my server crawling on its knees, I found a routine that seems to work well, or at least, not work badly.

First, I had to enable bothmod_proxyandmod_proxy_http:

sudo a2enmod proxy
sudo a2enmod proxy_http

I’m not turning on forward proxying, so didn’t uncomment any of the lines within the proxy.conf file in Apache’s mods-available subdirectory.

I already have several virtual hosts configured, so it was a simple matter of creating another for Shelley’s Toy Box. In the settings, I turnProxyRequestsoff, just because I’m paranoid (it shouldn’t be on), and then add myProxyPassandProxyPassReversesettings:

<VirtualHost ipaddress:80>
    ServerAdmin shelleyp@burningbird.net
    ServerName shelleystoybox.com

    ErrorLog path-to-logs/error.log
    CustomLog path-to-logs/access.log combined

    ProxyRequests off

    <Location />
            ProxyPass http://ipaddress:2368/
            ProxyPassReverse http://ipaddress:2368/
    </Location>
</VirtualHost>

I specify my ip address for the virtual host, because I have used two IP addresses in the same server in the past, and may again in the future.

Once I enable the site and reload Apache, I’m good to go.

a2ensite shelleystoybox.com
service apache2 reload

The only issue left is the fact that people can also access the Ghost weblog directly using other domains and the 2368 port (i.e. http://burningbird.net:2368). Since I’m running Ubuntu and am using iptables, I add the following rule:

iptables -A input -i eth0 -p tcp --dport 2368 -j DROP

This prevents direct access of port 2368, while still allowing Apache to proxy requests to the port. I maintain it between boots using iptables-persistent. However, it is modifying iptables, so you have to balance modifying iptables against people accessing the site via another site domain and direct access of the port.

Ghost as Weblog

Ghost is an important addition to the Node.js community because weblogging software appeals to a broad range of interests and experience levels. That latter is particularly important because we’re now seeing with Ghost the issues people face when running a Node.js web application, particularly in a world where Apache is so ubiquitous. Ghost is a learning experience, and not just for the Ghost developers or users.

Having said that, at this time I don’t recommend Ghost for people who are only looking for a weblogging tool. Ghost is still in the early stages of development and lacks much of the basic functionality we’ve come to associate with weblogging software. However, if you’re interested in Node.js development and are looking to get in on the ground floor of a weblogging application (before all the complex bells and whistles are added), Ghost can be a fun and educational alternative to Drupal or WordPress.

Whatever you do, though, don’t run Ghost with root privileges. It’s no fun to get your butt bitten off.