Wednesday, January 31, 2007

The True GIft

So, I'm sitting hear watching VH1s "classic albums" doing "Electric Ladyland"; and I'm seeing how one of the greatest rock albums of all time was crafted from moment to moment.

I had forgotten how much I loved "Burning of the midnight lamp; and "Rainy Day Dream Away" "Long Hot Summer Nights" and "House Burning Down" and... you listen to it, and theres Jimi, completely unmistakable, but if you didn't know it was Jimis playing, it's completely different music than you'd expect. Jazz, blues, gospel, classical... Just awesome stuff.

Every minute that goes by, all I can think is how much Jimi had. He had the true gift, and nothing in this material world can touch that.

Tuesday, January 30, 2007

Recipes for REAL Men, Volume 19 - Chicken Salmonella

That's actually my little joke, because this recipe features barely cooked chicken, dredged in egg and flour, and covered in an egg based sauce.

It's been a while since I've done one of these... long overdue if you ask me; and I figured I'd make it a good one.

The recipe is actually a basic variant on chicken a la Francese (which is an italian dish, invoking a french feel), with my own little twists.

The basic chicken francese, has a lemon butter, and black pepper sauce; but I prefer this kind of a variant sauce Allemande with it (a Veloute, mixed with a Hollandaise, makes an Allemande... sort of).

Ingredients:
2 boneless skinless chicken breasts with tenderloin attached (typically about 1.5lbs)
1 cup flour
1/2 cup chicken broth
1/2 cup dry white wine
1/2 cup mushrooms, sliced (optional)
2 challots, minced fine (optional)
2 eggs
2-4oz butter
2oz parmagiano regiano
2 fresh lemons, juiced
1-2tblsp olive oil
1tblsp red wine vinegar, or vinegar based hot sauce
Seasonings:
2 cloves garlic
2 tblsp fresh parsley, finely chopped (substitute chervil for a more french flavor)
2 tblsp fresh coarse ground black pepper
1 tblsp fresh basil, finely chopped (substitute tarragon for a more french flavor)
1 tblsp fine ground white pepper
1 tblsp hot chili pepper powder
1tsp dried oregano
1tsp dried basil
1tsp garlic powder
1tsp onion powder
Salt to taste
Preparation:
First step, section the chicken breast into small cutlets or tenderloins, and pound thin; but not too thin. You want the chicken thin enough that it will cook quickly under gentle heat, but not so thin that it will either fall apart, or get tough when cooked.

Heat the oil, and the butter in a large, deep walled skillet, on medium heat; until the water boils off and the butter lightly browns. Let the nutty aroma develop, but don't burn the butter.

Smash the garlic (and if your using them, the shallots), and lightly saute in the butter on medium to medium-low heat.

Combine the dry spices, except the black pepper and half the cheese, with the flour; in a tray or container etc... large enough to dredge the chicken through. Beat up the two eggs in a vessel large enough to dip the chicken in; along with a teaspoon of vinegar, or a vinegar based hot sauce.

Turn the heat up a little bit on the butter and oil, but be careful not to burn it, or let it get too hot. You want it just hot enough to gently cook the chicken. Dip the chicken pieces in the egg, then heavily dredge them in the flour, and lay them in the hot butter and oil.

Fill the pan quickly and evenly, and gently cook 'til the edges just start to turn white; moving often, and adding additional oil or butter as necessary to maintain a shallow fry up the edges of the meat.

Add in the basil, and if you are using them, the mushrooms, then turn the chicken pieces, and cook as with the other side, again making sure not to burn the flour or the butter and oil.

Once the chicken is just barely cooked, pull it out onto a plate and cover with foil. DO NOT FULLY COOK THE CHICKEN IN THE PAN, the residual heat will carry over cooking on the plate.

At this point you should have the start of a solid roux in the pan. There should be 2-4 ounces of oil-butter in the pan, and a golden, or walnut roux forming. Make sure theres at least 3oz of the hot fat in the pan, and add enough of the leftover flour mixture to make at least a half cup of roux.

Add in the cracked black pepper, and cook the roux to walnut, or chocolate stage (depending on how you like your roux). Deglaze the pan with the broth and wine mixture, incorporating thoroughly.

Temper the sauce into the remaining beaten eggs, and then add it back into the pan, again incorporating thoroughly. Once it's smooth, add in the lemon juice, stir in til completely smooth.

At this point, the sauce should be very slightly custardy, but still flow nicely. The ideal texture is just a bit thicker than coating the back of a spoon. If necessary, you can cook a bit more, but be very careful about the heat, or the egg could curd up and the fats could separate.

Once the desired texture has been reached, take the sauce off the heat, and lightly toss in the parsley.

Plate the chicken, over rice or pasta; or if you're feeling really ambitions on a bed of fresh chunked tomatoes and cucumbers, with risotto.

Spoon the sauce over the the chicken (and the pasta or rice if you like), and garnish with parsley, freshly shredded cheese, and chunked tomatoes.

The recipe serves two; or if you use a smaller chicken portion with a large side or starch base, four.
And be sure to check out:

Recipes for REAL Men, Volume 19 - Chicken Salmonella
Recipes for REAL Men, Volume 18 - I'll give YOU a good stuffing turkey (1)
Recipes for REAL Men, Volume 17 - REAL Coffee
Recipes for REAL Men, Volume 16 - DTG (Damn That's Good) dip
Recipes for REAL Women, Volume 15 - More Chocolate Than Cookie
Recipes for REAL Women, Volume 14 - Millions of Peaches
Recipes for REAL Women, Volume 13 - Mels 10,000 Calorie Butter Cookies
Recipes for REAL Men, Volume 12 - Lard Ass Wings
Recipes for REAL Men, Volume 11 - Bacon Double Macaroni and Cheese
Recipes for REAL Men, Volume 10 - It's the meat stupid
Recipes for REAL Men, Volume 9 - Labor Day Potatos
Recipes for REAL men, Volume 8 - It's a pork fat thing
Recipes for REAL men, Volume 7 - It may not be Kosher...
Recipes for REAL men, Volume 6 - Andouille Guiness Chili
Recipes for REAL men, Volume 5 - Eazza the Ultimate Pizza
Recipes for REAL men, Volume 4 - Two Pound Meat Sauce
Recipes for REAL men, Volume 3 - Highbrow Hash
Recipes for REAL men, Volume 2 - MuscleCarbonara
Recipes for REAL men, Volume 1 - More Beef than Stew

Monday, January 29, 2007

Crass Commercialism

There is an Amber alert going on right now in Arizona, and the sheriffs department has activated the media alert contingency.

This is where the local broadcast media break into their programming, and let everyone know about the alert, and the pertinent details, so if you see the abducted child, or the suspect or vehicle, maybe, just maybe you will have heard the alert and be able to alert law enforcement.

All in all, it's a good system, and hopefully is very helpful in recovering abducted children before it's too late.

Here's the part that inspired the title however:

My local NBC affiliate broadcast the alert of their feature programming (at the time it started, it was Heroes), but they stopped the alert broadcast for commercial breaks, and then restarted it once the commercial breaks were over.

So... it's important enough, that to help save a childs life, they break into normal programming (which I absolutely agree with); but it's not important enough that they interrupt the GOD DAMN COMMERCIALS!

And the award goes to...

Saturday, January 27, 2007

Not exactly surprising...

I am:
Robert A. Heinlein
Beginning with technological action stories and progressing to epics with religious overtones, this take-no-prisoners writer racked up some huge sales numbers.


Which science fiction writer are you?

Juggling Acts

Sorry my posting has been rather sparse these past couple of months, to say life has been complicated would be quite the understatement. I've been juggling a few very complicated situations and I haven't had the time or clarity of mind to write much.

At this moment Chris is on the phone with his mother trying to explain the gravity of the situation to her and trying to instruct her in what she has to do. It's very possible he will be managing her affairs from now on, with me helping him sort through and accomplish what needs to be done.

On Thursday we will be headed back to federal court for what is (hopefully) the last hearing on this particular case. I'm confident the judge will rule in our favor (though there is always the possibility that he won't) but it's still a rather trying and stressful affair.

On most other fronts things are okay. The kids are in good health and happy. My brother's kidneys are healing beyond all understanding of the doctors and he needs dialysis less and less. My father will start receiving full Social Security in May and has started letting the client base for his aircraft maintenance business dwindle so he has less and less work in expectation of semi-retirement. My mother is doing better health-wise and her blood pressure seems to be under control. My other 2 brothers are doing well, my grandparents are all right, and life is mostly stable elsewhere in the family. And Chris and I are all right, we both have a little pain due to our conditions but no more than usual.

So things overall are ok, we just have these two very complicated issues to deal with. But whatever happens we will be ok. The two of us are united, and that's all we need to weather these storms.

Mel

Just call me Mel, everyone else does.

Friday, January 26, 2007

Never Mind, god loves me after all

Scientist develops caffeinated doughnuts

DURHAM. N.C. --That cup of coffee just not getting it done anymore? How about a Buzz Donut or a Buzzed Bagel? That's what Doctor Robert Bohannon, a Durham, North Carolina, molecular scientist, has come up with. Bohannon says he's developed a way to add caffeine to baked goods, without the bitter taste of caffeine. Each piece of pastry is the equivalent of about two cups of coffee.

While the product is not on the market yet, Bohannon has approached some heavyweight companies, including Krispy Kreme, Dunkin' Donuts and Starbucks about carrying it.

Omens and portents..

I just turned on the radio, and these three songs came on in a row:
  • Cream - Born Under a Bad Sign

  • The Band - The Weight

  • The Allman Brothers - Whipping Post
Think maybe someone is trying to tell me something?

Thursday, January 25, 2007

Let it rain

Flash back to 2000-2003 for a minute...

For a long time, actually pretty much my entire life because I never had a childhood, I was always just a little adult; my life sucked pretty hard, not because of lack of material goods (whether I had them at the time or not), but because I was doing harmful and destructive things to myself and to those around me; without a personal, emotional, and spiritual understanding of what I was doing (I had an intellectual understanding, it wasn’t helping).

I went through a long series of increasingly bad relationships, and increasing stimulus seeking behavior (high risk activities, or high stress activities), just to try to genuinely feel something.

This led to major injuries ending my first planned military career, a failed marriage, a couple failed businesses; and then me dropping out of the world in Ireland for a while, after 9/11 and my business partners screwing me over.

In my life, I’d been filthy rich, and dirt poor and homeless. I’d had the time of my life, and I’d been through absolute hell; but none of it every really penetrated the shielding if you know what I mean.

Just letting myself live my life; instead of constantly pushing for everything (well... I went a little nuts for a while, but after I calmed down), separated me from my old life, and my old way of doing things; but I still wasn't really living, I was more existing.

Then my mother went into what we believed to be the final stages of her cancer; and I came back to the states. That was Christmas of 2002; in fact I arrived December 22nd.

I had made my break from my old life in Ireland; but I hadn't processed and internalized all of that yet; and I certainly hadn't figured out what I was going to do for the rest of my life yet.

I was basically in limbo.

I came back to the US at Christmas; and from January to September I lived in the cheapest place I could. I ate pretty much nothing but 4 cheap hot dogs a day ($0.99 for 8), on cheap bread ($0.79 a loaf) with mustard (stolen from the deli counter), maybe some baked potatoes, cucumbers, and apples, the occasional canned pineapple or oranges, a vitamin pill, and a gallon of generic mixed iced tea every day; because it cost me a total of about $2 a day to eat; and I was living off what was left over from Ireland.

Literally, all I did during that time was work out, read, and think. I didn’t own a TV or a DVD player, or anything technological other than a laptop loaded with thousands of books. I had no internet connection, and very little in the way of posessions, other than a library card, a bus pass, my clothes, and a few bags and boxes that I had taken home from Ireland or stored with my mother.

I lived that way for 8 months or so; and in that 8 months must have relived my entire life about ten times; and relived every mistake I’ve ever made, about a thousand times.

When I finally came out of it in September; I had what I was missing.

Before then, I’d taken the intellectual lessons of my life, and used them well. I’d learned to work the system, and work the people around me; but I’d never gained any wisdom, or any understanding of things below the surface. Oh I had an intellectual perception of motivation and the like, and how to react, and predict people and their reactions, but there was no understanding of the deeper things beneath that in MY life.

Finally, I UNDERSTOOD. I had taken the sum of my life, and squeezed the WISDOM out of it; and I was ready to get back to living my life again.

I had achieved material wealth, and intellectual wealth; but I was unhappy, because I was morally and spiritually empty (and I’m not just talking about god here, I’m talking on a total, personal level). I had to reset, and review my life to understand that, get past it, and start filling my life back up again.

Now I’m here, 4 years after coming back from Ireland; and my life is great. Before, I couldn’t be happy, now I couldn't be happier; because I have Mel and the girls. They are what give me purpose and meaning beyond simple existence. They are what I do those things I don't want to do in life for.

Thing is, I would not have been ready for Mel and the kids, if it weren't for those 8 months. That's not to say it wouldn’t have worked out in the end, but it would have been a lot more difficult and taken a lot more time. As it was, I was sitting there, ready and waiting for the greatest thing in the world to come into my life; and when it did I was able grab hold, and to enjoy it.

So anyway, a couple years ago, I helped my mother buy a house.

Coming out of that 8 months period, I got my shit back together; and I bought the house with my mother. The original intent was actually that I'd move in with her; because she can't live alone anymore. I was paying her mortgage and bills for a while, until she got her divorce settlement, and in theory until her disability started (my mother is essentially 100% disabled because of nerve and spinal damage as a complication of cancer).

Well, my mothers disability was denied the first time, as is common (there is so much disability fraud, the SSA simply denies everyone as much as they possibly can because they assume you are faking it). She was supposed to have worked with a disability specialist attorney to get things going.

In the mean while, we bought a house on a three year A.R.M.; with the plan that we'd let the house appreciate in value for the three years, sell it, and then my mother would live the rest of her life off the proceeds, and her disability. For the most part, that plan has worked out, the house is now worth $200,000 more than we bought it for; and she's been making the payments out of her settlement.

First, my mothers health deteriorated faster than she had expected; and she decided she didn't want to live with me when I'd have to do so much to take care of her... I wasn't happy (for one thing I was paying a mortgage, and rent on a condo), but I lived with it.

Then, a few months after we bought the house, I lost my job; and my brother moved in with my mother; so I stopped paying for things. My brother then floated in and out of jobs for a while, mostly just sucking off my mother; and often stealing from her.

Anyway, after I was working again, my mother said everything was fine, so I didn't try and help her financially anymore.

Meanwhile, her health has been steadily deteriorating; which was honestly part of my mothers "plan", which was pretty much to die before she ran out of money, then have her life insurance pay off all her debts to leave her assets to my brother and I... which wasn't such an unreasonable plan considering she was supposed to have maybe a year left to live; though not one I much cared for.

thankfully she "stabilized" in the middle of last year; or rather I should say her deterioration slowed a lot. I talk about the problems shes had elsewhere so I wont go over them again, but lets say she won't be recovering, and the doctors aren't even sure why she's still alive, and why she doesn't drop dead at any moment.

Last week, my mom called me up and said she was going to be putting the house up for sale; and would take the proceeds and move to Florida, close to my grandmother (something she'd been thinking of the last few years). I was of course concerend, but I thought this would be a good move; and I was hoping that my mothers life was finally moving in a positive direction.

My mother called me today, in tears, almost unable to speak.

You've got to understand, although I know things haven't been "all right" for months, when she's spoken to me at all (shes been avoiding me), she insisted everything was fine. I just thought it was because she's ashamed of her disability (and oh boy she is).

It turns out, she managed to go through her settlement four times faster than she had budgeted for (and we're talking about hundreds of thousands of dollars in cash here). Worse, she's never followed up on disability, medicare, or medicaid (and she has $2000 a month in medical bills and prescriptions); and she's been living off her credit cards, and cash advances since last summer; to the tune of $80,000.

Shes never made a plan, or even had a cogent idea of what she was going to do if she lived; because she just didn't have any concept of what her life could or would be, or how.

And now, she has nothing; but her house.

My mother was crying, because she had just spoken to her mortgage company. She was so whacked out by her illness that she missed a credit card payment a few months ago; which triggered penalties and freezing of additional credit on her cards. She couldn't get any more cash advances, so she just stopped paying her bills.

Now it's three months later, and they say they are going to foreclose on the first, if she doesn't pay her three months back mortgage including taxes and penalties. In addition, her electric bill, gas bill, and water/garbage bill havent been paid in three months either, oh and of course her minimum credit card payments haven't been paid.

The reason she hasn't been talking to me, is because she was ashamed because she was running out of money, and credit, and didn't know what to do. She was ashamed she had to come to me for help, and she couldn't bring herself to do so.

Of course every minute she put it off has made it worse, but she's been paralyzed by bother her illness, and by her pride, shame, and fear.

I just had to pay $7500 for the lawyers, and Christmas, and birthdays; tax season is coming up, and I'm going to owe somewhat (not sure how much yet, I don't have the W2s from my first half of the year); and although I make a lot, I don't make enough to pay for two full sets of household expenses.

But this is my mother; and she's going to not only going to lose everything we've put into the house, as well as its appreciation in value; but she's going to be homeless.

So I put off every bill, diverted every payment, restructured everything I had, and tomorrow, I'm going to go make her mortgage, and utility payments... which I can't afford, but I can't afford not to.

She put the house up for sale a few days ago, the realtor figures it will sell and close within 90 days; but between then and now, I'm going to have to support my mother, and her house; along with supporting my own family.

Presuming we cut out all the non-essentials, we can do it; and still pay the lawyer, and for Rosies school tuition; but it leaves absolutely nothing for emergencies or contingencies ('course, this is an emergency in and of itself). I can't tell you how much I hate that.

You might be asking, where is my brother in all this?

MY brother and I have a hard relationship... that's actually a hell of an understatement. MY brother has made me put my finger on the trigger of a pistol that was aimed at his head. He is... an almost entirely despicable person.

For much of the past few years, he has simply not felt like working; and he could get away with it because my mother enabled him, so he just didn't bother working.

Well,for the past six months, he hasn't been working, because he hasn't been able to. Of course I haven't spoken to him since last July, and that for a matter of minutes; and my mother hasn't been telling me what was going on.

In October, my mother called me in the middle of the night to tell my my brother was in the hospital having seizures; but I never heard anything more, even after trying to follow up through other family. MY mother didnt even return my calls at all until Christmas day.

Well, today my mother told me he's been having the seizures, because he has cancer.

My 27 year old brother.

He has a golfball size cancerous growth in his stomach, ulcerating his stomach lining and effecting him systemically. His immune system is weakened, and he's having CNS effects, including the return of the epileptic seizures he had as a child (they stopped happening when he was about 5).

The mass was growing over the past few months, but has stopped; they haven't decided on a course of treatment yet, they are not sure if they are going to try surgery, radiation, or chemotherapy. He's scheduled for a biopsy in two weeks (I don't know why so far away) and they'll decide then what to do.

So now; just as my life finally has meaning, and purpose, and satisfaction, and happiness.. Today my mothers life, and my brothers life, fall apart.

They say it never rains, but it pours eh...

Wednesday, January 24, 2007

Nope, not gay either

THats a gratuitous reference to the song "I'm not gay, I'm Emo" by the way...


You are 8% Emo. Ha Ha!

Immovable Force.

You're fine. Something bad happens, you shrug it off. No Big deal right? Good job. Carry on. Thanks for playing...

How Emo Are You
Quizzes for MySpace

Theory of a Deadman

Three questions:

1. When did they clone Nickleback?

2. For gods sakes WHY?

3. Who's responsible for it so I can kill them?

A Different Kind of Home Security

DANGER! DO NOT OPEN THE "SQUISHY LOVE BALL" EMAIL, IT'S A VIRUS THAT WILL MAKE YOUR COMPUTER HARD DRIVES MELT AND POISON YOUR FIRST BORN CHILDREN AND AND AND....

No, really, it won't.

Not that I don’t appreciate the desire to help, but please do not forward these sort of things to me, or to your friends or family, or to your co-workers, or to your mailing lists (especially not to your mailing lists).

Don't forward them, even if they come directly from someone you know and trust; or if they say they come from Microsoft, or Symantec, or McAffee, or IBM, or the Department of Defense, or anyone else for that matter; because no reputable organizations send out email virus alerts over the Internet (sometimes your own IT department will, but still, don't forward those warnings to other people).

Most of these virus alerts, are what we call social engineering attacks. They are mostly just chain letter hoaxes; but even the real warnings end up clogging email systems up as much as real virii do. In fact the original writers of the emails are doing that DELIBERATELY; because they know that you want to be helpful and will forward it on to everyone in your address book, who will forward it to everyone in their address book etc..

There are in fact entire web sites dedicated to these virus hoaxes; how to recognize them, and what to do about them (and real virii for that matter).

Now, that doesn't mean you should ignore security; it's good that you want to do something about it; but you need to know the RIGHT thing to do to protect yourself.

We've talked a lot here about how to protect your home physically; but there's a big hole there in protection that we haven't covered. We need to talk about how to protect your information; which is almost as important to your safety as your doors and windows are.

Protecting physical information (especially against identity theft), is another issue we'll talk about later; but it's one where lots of good resources are available online right now. The shorthand version is pretty simple: watch your mail, check your credit every 90 days, and buy (and use), a shredder.

What I don't see very often is good, basic, and comprehensive, advice for keeping your computers and networks secure.

Folks, I do this for a living. Most of you know I'm a security consultant. My company does physical, electronic, and personal security consulting; but for years now, most of my business (and most of my money) comes from information security consulting. I get paid more (a lot more) for protecting peoples information, than I ever got for protecting their property, or even their lives.

Think about it, what would hurt you more. Losing your big screen TV, or losing 10 years of your billing, investment, and tax records?

I do this for large companies mostly (hell, I'm currently working for one of the 100 biggest companies in the world), but I also perform services for small business and for private individuals; and if people would just follow the basics, in both big companies and at home... well, I'd be out of a job.

OK, that sounds good, but actually I wouldn't, because there will always be the hard problems that the basics don't solve; but my job would involve a lot less cleaning up after dumb, easily preventable, mistakes. Preventing them is simple, but cleaning up after them is NOT; and it takes a huge amount of time, effort, and money.

How much money?

How about between 200 billion, and 2 trillion dollars a year world wide; either wasted by malware attacks, or spent cleaning up after them. Those estimates vary hugely, because of different methodologies and estimations etc... but either way it's a lot of money.

On a personal level; my rate for professional consulting is as high as $1250 a day (or $156.25 an hour, four hour minimum - short term, non contract, inclusive corporate rate with no travel); and even for my high volume, long term contract customers it only goes down as low as $75 an hour (my "friend rate" is $40 an hour if I bother charging at all; and it usually takes a friend pestering me unreasonably for a while before I'll charge them, or even accept the money they try to force on me. I DON'T work for family ever, except my mom who I obviously don't take money from; it's just not worth the grief and pain later).

My rates are typical of the industry for serious professionals; and even storefront services like Geeksquad, FireDog, and DataDoctors charge similar rates. Geeksquad for example charges at least $350 to clean up one computer; and that's only if it fits in their standard time period of three hours; which isn't really enough time to do a good job (Geek squad services generally come out to about $125 an hour). If they have to completely rebuild your PC they charge $650 and up... and GeekSquad aren't exactly the best in the business if you know what I mean (to be fair, there are some very good people who work for GeekSquad; the problem is there are far more not very good people who work for them).

Now if only I actually took home that $75 rate for a 40 hour week. Unfortunately, our government, and business expenses being what they are... Anyway, neither here nor there.

It takes an absolute minimum of about three hours, and will typically take me between 6 and 12 hours to completely and properly clean up one single badly virus infected PC; and it can take far longer than that (though some tasks are automated so I can clean multiple systems at the same time sometimes). If a customer doesn't have backups, and originals of all their software, often times I have to literally rebuild every piece of a system from the ground up; which can sometimes take days. Once a registry is compromised, or your system is rootkitted, if you don't have backups, it can literally take days to clean it up; and it may not even be possible.

Hell, if they DO have their original software, most of the time it's easier, and more cost effective, to just pull my customers information off their systems; then wipe them clean and start over; which usually tops out at around six to eight hours per machine.

Worse, if you have one badly infected system inside your network, you can bet most of the other systems in the network have been infected as well; and the costs just add up.

It's become so bad, a lot of folks have taken to just buying new computers when their old ones become too loaded up with viruses and spyware; because it's easier, and even cheaper, than cleaning it up.

None of that would be necessary, if people were trained in how to take some basic security and maintenance measures; and then followed that training (and in fact I offer a one day class on doing just that. $1250, up to 20 students, customized to your environment and onsite at your facility. I also offer a $250 for a two to four hour, individually paced and tailored class, for a single individual in their home or office. It's one of my most popular pieces of training).

I'm talking about these numbers, and about hard hard it is and how long it takes to fix, not to brag about my technical ability, and not as an advertisement for myself (though hey, if you're paying, I'm easy). The biggest complaint I get from small business owners is how much it costs to secure their systems; and the biggest complaint I get from home users is that it's too hard or complicated. Well to that I say, it's a lot more expensive, and a lot harder, to fix the problem afterwards; especially in comparison to how cheap and easy these basic steps are.

Now, when I say (actually in this case repeat over and over again) basic, I really mean it. These things aren't hard, they aren't expensive, and they aren't all that complicated. There are a few very basic things that everyone should do with their computers, especially online, to keep themselves safe; and I'm going to talk about them here (please note, these are all important, they aren't in order):
  1. The first and simplest thing you can do to protect your information security, is not opening attachments of any kind (even after a virus scan) unless you are absolutely clear that their source is clean, and that the person sending it to you did so intentionally (some viruses will pretend to be your friends by taking over their email programs and sending themselves to everyone in the address book).

    In fact, you should just delete without reading (or even previewing) any email with a strange subject line, or an attachment; from someone you do not know (unless it was expected); and you should probably just delete anything with a .exe, .com, .bat, .jar, .js , .asp, .zip, or .scr attachment even if you're pretty sure the person sending it to you is OK; unless you specifically asked them to send you that file.

    That one step alone will take care of better than 90% of the problems people experience with malware (bad software like virii and worms) through email.

  2. If Microsoft, or PayPal, or Ebay, or McAffee or any other company sends you an email with a link in it, or an attachment, to install special patches or security software to block scams or viruses... Yeah guess what... that's a scam designed to get you to install spyware. Legitimate companies don't send security download patch links or attachments by email.

    You may receive a genuine security alert by email from a software vendor, or your bank, or pay pal etc... If you do, go to that vendors web site by typing in the web sites name yourself, then go to their support page, and download the latest patches and updates manually. Better yet, if the software has it's own update mechanism (most security software does, as does Windows), then use that; and turn on the automatic updating feature if it has one.

  3. If you get an email asking for you to enter a password, or that your account has been compromised and you need to update it or it will be cancelled, or that you need to enter personal information, or a credit card; no matter how real it looks, it's probably a scam. This type of scam is called phishing, and all they are trying to do is steal your information.

    Legitimate companies do not send emails asking for this sort of thing EVER. Really, never. Even if it has the little security symbol, and the logo, and the link says it is going to www.paypal.com, it's not. It's a scam.

  4. Do not follow strange links, and in general do not click on links in email, or from a website you aren't familiar with. If you need to visit the site referenced, copy the site name and enter the URL manually in your browser. That’ll take care of most phishing and malware sites.

  5. Remember, email and instant messages are not private, or secure. Even though it SEEMS like they are private, they aren't. They're like writing out a message, and then posting it up on the bulletin board in the breakroom with someones name on it. Sure it's intended for them, but other people could be reading it too.

    Maybe a more appropriate image would be the difference between a letter, which is sealed in an envelope that people can't see through, and a post card; which has the writing out there in public where anyone who feels like looking can read it. You wouldn't send your bank account numbers to someone written on a post card would you?

    Instant Messages and chat rooms are just as bad (or worse). They're more like shouting your information across a crowded room for anyone to hear it.

    The simple rule is, never write anything in email or Instant Message that you wouldn't want published in the newspaper.

    Yes, that's hard. Email is such a common communications method; and we use it for private correspondence all the time, what can we do to make it more secure?

    Simple, don't put passwords, account numbers, legal details etc... in any unsecured email ever (or even better, in any email, no matter how secure you think it is). For all private information over email, learn how to use email encryption. Hushmail is simple and cheap (or free for basic accounts), PGP is free for personal use; there are lots of options (and I'll talk about those in another article in the future).

    Oh, and NEVER EVER EVER communicate with your lawyer, agent, broker, or accountant (or anyone else you have confidential, legally sensitive, or financially sensitive business with), over email; except for inconsequential things like meeting times.

    In fact I'd recommend not even doing that; because email doesn't always have an expectation of privacy in the event of a law suit or criminal case; and can in some cases be searched without a warrant or subpoena.

  6. Use Firefox, or Opera, or a Mac, or anything other than Windows, Internet Explorer, and Outlook or Outlook Express. Almost all viruses are written to exploit vulnerabilities in Microsoft software (because that's what most people use, and virus writers want to hit as many people as possible); and there are plenty of them, because the way MS designs software, everything is very tightly interconnected. That's great for your convenience as a user, but it also means that any weak point in any MS software anywhere, can be exploited to compromise the whole damn system.

    I've switched all my browsing to FireFox, and moved all my email usage to online webmail, with built in virus protection.; and I recommend anyone else with an always on internet connection do the same (unless your IT department makes you use Outlook and I.E. in which case, it's their fault, not yours).

  7. Don’t download programs (or images or music or videos), even little ones like screen savers; from sources you don’t absolutely know and trust to be legitimate. Even then virus scan EVERYTHING you download off the net before the first time you open it. Sometimes legitimate software gets compromised by crackers (not hackers. Hackers are good guys, crackers are bad guys).

    Also, don't play online games at site you don't absolutely trust. They download little applications to your computer that can do the same thing as virii; without you even knowing it. Actually any website can do the same thing under certain circumstances so be careful.

  8. Keep a virus scanner program running that actively scans all your incoming and outgoing network traffic (including traffic between hosts behind your firewall); and that specifically scans your incoming and outgoing email.

    Oh and with your virus scanner, you don't want to enable the feature that scans all files every time you access them (usually called “on access” scanning) unless you are in a high threat environment, or just have a blazing fast computer and hard drive that you don't mind losing a large portion of your performance on; because that's what they do. On access scanning slows most computers to a crawl (if a user is having performance issues its one of the first things I check).

    If you have the performance overhead, and a lot of memory in your machine; and you want more security without slowing down your filesystem too much; choose a virus scanner that remains active in memory, and scans any code that tries to execute. This will intercept threats better than on access scanning, without as big a performance hit (though there is still a hit).

    Importantly, update your virus scanner at least weekly; or configure the automatic update system built in (they almost all have one) to do so for you so you won't forget. Also, try and automatically schedule a full virus scan to run at least once a week.

  9. Use two different spyware scanning/blocking/cleaning programs (or even three); run them in the background whenever you are on a network (which for most computers is all the time); and then update, and run a full scan with each of them (along with your virus scanner) at least once a week.

  10. Keep your systems up to date, and with the latest security patches applied; either as soon as vendor tested and released for home users, or as soon as IT approved for work users. I can’t describe how critical this step is, the propagation of most worms and OS level exploits is almost always through unpatched systems.

  11. Choose good passwords for your computers and online accounts; and change them regularly; but don't make your passwords so complex or change them so often that you need to write them down to remember them.

    Good passwords are at least eight characters long, have but letters and numbers of special characters, and aren't based on dictionary words. They should be changed, at a minimum, every 90 days; though I'd really recommend every 30 days if you can do that without forgetting them or writing them down.

    The most common trick I tell people to use, is to pick a song lyric, then take all the first letters of the words in the lyric, and that's the middle of your password. Then take the number of words in the lyric, and stick that on the beginning or end of the letters. Finally, add a punctuation mark to the other end, and voila, there's a reasonably secure password.

    Please, don't write your passwords down; and especially don't store them in computer files, or worse, in your email. For gods sakes NEVER send passwords via email or instant message; because ANYONE could be reading them.

    Also, try not to use the same password for all your sites. I know lots of different passwords are hard to remember, but if one site gets cracked by bad guys, that then could compromise every account you've used that same password for.

  12. Don't open up file sharing to the world; either on your local network, or by using file sharing programs. If you absolutely must open up some file sharing, get someone who knows security to help you set it up so that you aren't giving away the store accidentally.

    Also don't run any programs or services on your computer; that allow the outside world to access your system directly. This includes things like chat servers, web servers, FTP servers, bittorrent trackers etc... If you don't have a properly configured firewall, intrusion detection, and security audtiting systems, you don't want your computer to be publicly accessible in any way.

  13. This is the absolute most important security tip I can give you: Run your network through a hardware firewall.

    An unprotected windows machine on a public network will on average be compromised within 4 minutes.

    Yes, I said 4 minutes. No joke, no exaggeration. If you turn on a windows machine and put it on the public internet (your cablemodem is the public internet); on average within 4 minutes an automated attack bot (a computer that scans for vulnerable systems) will find your computer, and start to try to compromise it.

    You absolutely MUST have a hardware firewall on your home network; even if you only have one PC.

    The so called firewall software that companies sell you to run on your desktop (ZoneAlarm and the like) is usually not very useful on its own; and sometimes will do more harm than good. If you know what you're doing and how to interpret it's warnings it can sometimes be helpful, but most folks just dismiss every warning it gives; because they are almost never configured properly. Even when they are running at 100%, they still only protect against a small subset of threats. That said they are better than nothing, so if you're on a strange network, or using a laptop in the field etc... go ahead and use them; just don't think you are secure because of them.

    What you need to do is put a firewall facing outward from your network, and have all your computers sit behind it.

    Almost all wireless access points, and cablemodem/dsl/home networking routers have at least basic NAT and PAT capability, which will act as the most basic sort of firewall device by hiding your internal systems from the outside world. That said, I strongly recommend that if you can afford it you purchase a real firewall, which will help protect your home network and system far better.

    All of the major networking hardware vendors produce home firewalls for reasonable prices, and some of them like Checkpoints home and small office systems, and Sonicwalls similar products, are actually quite effective security devices. Also, some of the higher end home gateway products from vendors like Netgear, d-link, and Linksys (the three most common home networking vendors), use licensed technology from serious firewall products (like those above), or from linux firewalls.

    You could also take a spare old computer that's too old to even run Windows XP on, throw two network cards in it, and download a LiveCD of SmoothWall or IPCop or another firewall on a disk. Then you plug one side of the computer in to your cablemodem or dsl modem, plug the other side of the computer into a switch for your network to connect to, reboot with the firewall CD in the drive, and follow the simple directions. You'll have a very effective hardware firewall (more effective than most of what the network companies sell), in about 15 minutes, essentially for free.

  14. The second most important tip I can give you, THEY WILL GET IN!

    No matter what you do; no matter how good your firewall or security software, or virus software is; eventually something will get in and screw you up. There aer just too many threats and variables out there to control all of them; so you need to be prepared, and understand how to deal with it when something DOES happen. Heck, it may not be viruses, it might be losing your laptop on the train, or having it stolenfrom your luggage, or your kid spilling soda on your machine or any nubmer of other things.

    There are two elements to prepareing for incident or disaster; and the second is a big enough topic it will have it's own point; but the element I want to address in this point is to preppare your systems to be compromised.

    How? How can you prepare to have your laptop stolen, or a virus try and zombie bot your machine, or a piece of spyware try and steel your info?

    Well, two things. Firast, lock your systems down as much as possible, second, monitor as much as possible.

    Set up your systems services and software (or have someone help you do so), so that they can do the least damage. Don't have two systems you control automatically trust each other; because if one is compromised, the other will be. Disable all unneccessary system services. Write protect the registry and critical system files. Install software that tracks (or prevents and tracks) changes to the registry and system files (it's available free). Install auditing tools for your system so that if there is a successful attack you can have a record of what to fix.

    Most importantly, store as little sensitive information, and do as little sensitive business as possible on a machine that leaves your house (like a laptop), or connects to the internet. Oh and that includes things like removable storage devices (usb drives, thumb drives, flash cards) as well, which are even easier to use, and to lose.

    For those sensitive bits of information that you jsut have to have on an internet connected machnie, laptop, or removable device; YOU ABSOLUTELY MUST ENCRYPT THEM. Good encryption will keep crackers from stealing your data, unless they can get your encryption keys. Talk to someone who knows about the subject how best to implement and secure your encryption setup, but really it isnt all that hard. Heck, encryption (not very good encryption but stil...) is even built in to windows.

    What's encryption you say? Think of it as scrambling your data all up in code; and only descrambling it with your secret descrambler code (whcich could be a passsword, or a file, or a piece of hardware even). It just makes it so that people can't read your files, without your keys. Just as important, it also means that people can't CHANGE your information without your permission either. Can you imagine what would happen if someone broke into your computer, and changed some of your financial records, or your legal contracts?

    Even very decent encryption systems can be had for free, or low cost. Though at first it seems a pain to use them, and there may be a bit of a performance hit; the benefits of being sure that your information cant be stolen, or changed without your permission are more than worth it.

  15. Finally, and this is the msot improtant thing every computer user must do PERIOD, whetehr in regard to security or not; you absolutely MUST perform regular backups of your incremental data (the stuff that you use the computer to work with, like your personal files, settings, etc...); and a separate periodic backup of the entire computer, for restoration and recovery purposes. That way if you DO have a bad virus attack, or far more likely if you have a hardware or software failure; the most you’l lose is the data between the attack and your last backup (which is hopefully no more than a week ago).
If you do all that (and it’s easier than it sounds) the chances you’ll have a virus cause problems for you directly (it may still screw up your network from all the other people not following basic security rules) are very small, and those left over are the viruses you can’t really protect against by yourself anyway; like morphing worms, and other malware that exploit low level holes in networks and operating systems that haven't been patched yet. That's one of the reasons why you keep a good backup, and also one of the reasons that guys like me exist.

You DO keep a good backup don't you? Lemme guess, no like most users you don't right? Well my next techie post will be about keeping good backups OK.

That's just the kind of caring, thoughtful guy I am.

Oh and while we're on the subject, please don't send me any "Bill Gates will pay you by tracking this email", "Timmy has cancer", "the secret cookie recipe is"... or really ANY OTHER CHAIN LETTER OF ANY KIND.

Thanks, I really appreciate that.

Monday, January 22, 2007

Stabilization Mythology

Sit down in a comfy chair, and grab a beverage of choice before you start this one folks, because it's going to be long, and somewhat obscure.

Tonight, I'm back once again to address a common firearms myth; this one actually a bit more technical than most. We're going to talk about bullet stabilization, specifically that of 5.56 nato and .223 bullets.

This is a common subject of misinformation, because most folks don't understand what bullet stabilization is, or how rifling really works for that matter.

Worse, 5.56 is the default chambering of the AR platform rifle, which is the default rifle choice for tactical Tommies everywhere; and as we all know mall ninjas love nothing more than incorrect information.

Actually, to be fair, even otherwise knowledgeable gunnies don't generally understand the variables involved in stabilization, because they don't have a background in the physics or aerodynamics of external ballistics; and because they hear a lot of bull, that sounds kinda OK, and since they don't know any better, take it as truth.

Before we even begin, let me refer you to the best source on ammunition for the AR platform, and 5.56 nato in general; the ammo oracle. There really is no better collection of information on 5.56 ammunition anywhere.

Also, these same principles apply to all elongated bullets (i.e. anything that isn't a ball), no matter what the caliber is; I'm just using the 5.56 as an example, because it is the most common rifle available with many different twist rates, and also the chambering for which the most misinformation is circulating.

Ok, down to business

First, what is stabilization and how does it work?


Modern rifling has a twist, to impart spin to the bullets leaving the barrel. This spin helps to make bullets in flight more stable in two ways:

First, the spin causes gyroscopic stabilization; which is just like how it sounds. A spinning mass resists being disturbed off the axis perpendicular to the direction of rotation due to gyroscopic inertia; which is rigidity in space induced by radially symmetric (which means the forces are the same along all radii - i.e. identical all the way around in all directions) centrifugal forces.

This is the primary component of spin stabilization for pointed bullets (ball bullets are primarily stabilized aerodynamically, because they tumble as well as spin), and it's force component significantly outweighs most of the aerodynamic components of ballistic stability which I will describe in the next section.

In simple English, bullets spin like a top, and they don't "fall over"; just like a top doesn't.

Now, the second element of stabilization caused by rotation, is aerodynamic. Objects rotating in a fluid (and that's what air is), generate radially symmetric lift (again, this means the lift is the same in all directions).

Anyway, this means the bullet is neither pulled down, nor pulled up by these forces (technically this is incorrect in some very small and specific ways, but for purposes of this illustration it is a valid assumption); or rather it is pulled down and pulled up, as well as pulled to all sides and in all radial directions, equally. When something is being pulled in all radial directions equally, just as with a gyroscope, it resists deflection in the axis perpendicular to the pulling forces.

There are two other components of aerodynamic stabilization, and those are form lift (which is the lift created by the shape of the object itself as it passes through the air) and the angles of attack and incidence; but neither are useful in this discussion at the moment.

The first common myth about stabilization
, is that the heavier a bullet is, the faster it must spin to be stabilized. In fact this isn't really true, heavier objects gyroscopically stablize at lower rotational velocities than lighter objects (the flywheel effect); and though the aerodynamic stabilization componenst required for heavier objects are greater in magnitude than for lighter objects, the differences in weight and relative difference between force components, between different examples of the same diameter bullet loaded for the same cartridge, are generally small enough that the aerodynamic component of the stabilizing forces required do not change significantly.

The issue with bullet stabilization is actually length not weight
; but because the diameter of the bullet is fixed (we are after all talking about different bullets in the same caliber), there are really only three things which generally change the weight:

1. Profile: if the bullet is less tapered, then it will be heavier for a given length, but generally less ballistically efficient (though not always).

2. Construction: If the bullet is solid copper it will weigh less for a given length than a jacketed lead (the 37gr copper solid varmint bullets for example, are the same length as 45gr jacketed lead bullets). If the bullet is a tracer, or steel penetrator type armor piercing it will also weigh less than a solid lead jacketed bullet for a given length. Also if a bullet is hollow (or partially hollow such as some MilSurp .303 or 7.62r loads), it will obviously weigh less for a given length.

3. Length: The longer the bullet, presuming construction and profile remain the same, the heavier it will be

Generally, this means that a change in length is the same as a change in weight; and since bullet length isn't commonly discussed or published; and because weight is a more important component in interior ballistics, we mostly refer to different bullets and loadings by their weight.

The reason why length is important, is because of the center of gravity, and center of pressure of the bullet; and their relationship.

Center of gravity is a commonly known (if not necessarily commonly understood) concept; which simplified, is the balance point of the bullet. If you very carefully put the bullet on a razors edge at the exact center of gravity, it would in theory balance and just sit there, stable.

The center of pressure is a similar concept; in that it is the point where the aerodynamic forces acting on the bullet are balanced along the longitudinal axis of the bullet (the length).

If your center of gravity, and center of pressure are identical, then your bullet will exhibit exactly neutral stability. This means that the bullet will neither resist deflection, nor will it correct or accelerate any deflection that occurs. Again, if you balance the bullet on the razors edge, it should in theory stay in the same spot until it's disturbed by outside forces.

Of course the center of pressure on a bullet is rarely exactly at the center of gravity. Not only that, but as a bullet accelerates, decelerates, and changes it's angles of attack and incidence (the angle between the longitudinal axis, and the direction of travel; and the relative angle between that axis, and a plane perpendicular to gravity), the center of pressure will change; sometimes radically. Changes in pressure and balance, cause instability.

Now, there is a component of the forces on a bullet called the moment of inertia. The further the action of a force is away from the center of gravity of an object, the greater its moment of inertia. A given force will have a greater effect on an object, at a greater moment of inertia.

In simplified terms, the further away from the CG the force is, the more leverage it has. The more leverage a given force has, the more change it will induce.

How does this apply to bullets in flight?


Well, the longer the bullet is, the greater the moment of the forces, therefore the larger the effect of aerodynamic forces on the bullet are; and more specifically the more they change as the rotational and linear velocity of the bullet change. Additionally, longer bullets have more chances for imperfections, and imperfections also cause changes in the effect of aerodynamic forces.

The very definition of stability is resistance to change; and the more change there is, the less stability there is.

OK, so that what stabilization is, and how it works, but why is it important?

Simply put, stable bullets are predictable.

If a bullet is stable in its flight, it is more likely to hit the same spot as the last bullet.

That is precision.

If a bullet is stable in flight, it is more likely to hit what they are aimed at.

That is accuracy.

Precision produces grouping; accuracy produces scoring (or stopping); both of which are kind of important in the application of firearms for both competitive and practical purposes.

Encapsulated: stable bullets are both more accurate and more precise. Longer bullets require more stabilizing forces to maintain stability. Faster twist means greater gyroscopic effect, and greater stabilizing aerodynamic forces.

Now, the second major myth is "Overstabilization".

Some folks believe that you can "overstabilize" a bullet, and therefore reduce accuracy. For all practical purposes, there is no such thing as overstabilization, so generally faster twist doesn’t hurt accuracy with lighter bullets...

Except in reality it does, for three reasons: unbalanced aerodynamic effects, out of balance bullets, and structural failure due to overspin.

The problem with very light bullets, its that they are more lightly constructed. This makes getting them perfect and consistent and perfectly balanced more difficult. Additionally, any imperfections there are, will have a greater effect because they do not have the mass (and thus the inertia) to resist destabilization.

The faster bullets spin, the more aerodynamic lift is generated. Though the lift is radially symmetrical, thus it balances itself out as explained above; the totality of force is still greater, and therefore there is greater potential energy in case of upset. Very slight imperfections in the bullet cause aerodynamic disturbances which upset and partially offset the stabilizing effects of faster spin.

Those same imperfections, along with slight variations in the distribution of mass throughout the bullet, also cause out of balance “wobble” or precessional destabilization (as opposed to precessional drift, which is motion in the axis and direction of rotation due to gyroscopic forces).

All of these factors upset the bullets to varying degrees, causing instability, and reducing accuracy and precision.

This is true of heavier bullets as well; but their greater inertia makes the forces required to cause upset far greater; as well as increasing the tendency to damp out upsets and return to stable orientation.

Finally, because lighter bullets are more lightly constructed, they are also not as strong; and the faster rotation of higher twist rates causes the internal stresses on the bullet to be higher (torque, centripetal and centrifugal force, shear forces between the layers of construction etc...); which may cause the bullets to disintegrate either in the air from imperfections in the bullet, or on impact; without penetrating the target.

This is common with the lightest varmint bullets driven at very high velocities, and is sometimes called "poofing", or "going poof", because when the bullet disintegrates there is sometimes a visible puff of lead and copper residue in the air. This tendency is unsurprising when you consider that a bullet traveling at 4000 feet per second, may be rotating as fast as 400,000 RPM.

Earlier I said that for all practical purposes, overstabilization doesn't exist in the real world of shooting. This isn't to say that too much gyroscopic stabilization can't occur, but that it's effects are generally so minimal as to be insignificant.

Now, some folks will tell you that you can stabilize a bullet so much, that the bullet wont follow a proper ballistic arc; the gyroscopic effect causing the bullets nose to always point upward at the original angle the bullet was fired at, and cause the bullet to keyhole the target.

To a slight degree this can be true; but only at extremely long or extremely short ranges does this become an issue.

Even some otherwise informed and reputable sources (including the ammo oracle) will tell you this is a problem but this is simply not true of almost all bullets, fired at almost all angles. You would need to have a very short, very heavy bullet, fired at an extreme angle, with a very high twist rate, and with a shape that puts the center of pressure in an odd relationship to the center of gravity, for this to significantly reduce observed accuracy at anything but the absolute shortest, or longest ranges possible.

A bullet in flight will naturally tend to stabilize in a ballistic arc, with the base of the bullet behind the nose, because as the angle of attack changes, the center of pressure will move slightly behind the center of gravity. The base of the bullet acts like the trim tab of an airplanes tail; it tends to react against deflection, and oscilate in a cycle of reducing magnitude until the various forces on the bullet balance out, and stable state is regained.

In general when looking at bullet flight, gravitational forces, thrust forces, gyroscopic forces, and aerodynamic forces will naturally find a balance of ever decreasing magnitude, to produce a smoothe arc. Gravity itself will tend to pull the nose of the bullet down, while deflection lift (equivalent flat plate effect, also called weathervaning) will tend to keep the base of the bullet up. This aerodynamic tendency should overcome any tendency to maintain the initial angle of incidence because of high gyroscopic forces. In a vacuum, that same smoothe arc exists, but the orientation of the bullet will not be stabilized aerodynamically; and the bullet will tend to remain oriented in the intial direction of firing.

The only cases in which this would not be true, is if the range were so short that the bullet had not had time to straighten out from an initial disturbance, or if the range were so long and velocity so low that combined with a very high angle of incidence, a very high angle of attack, and a very high twist rate, the aerodynamic forces on the bullet had reduced to the point where the bullets rigidity in space was stronger than the weathervane effect.

There is one particular component of force that can slightly reduce accuracy due to overstabilization; and that is through precessional drift as described above.

Precessional drift is when a rotating object tends to translate horizontally in the direction of rotation, due to gyrosopic momentum overcoming static inertia (the centrigual force of the flywheel effect pulls the flywheel sideways). If a very light bullet is spun significantly faster than required for stability, at long ranges this precessional drift can slightly reduce accuracy. The heavier, and the longer, a bullet is; the more it will resist this tendency.

There are two other common and related myths I want to address:

Boattail bullet stability, and the bearing surface myth.

Some folks believe that boattail bullets are more stable, and will stabilize at lower twist rates; for varying reasons, but often because they believe that the length of surface contacting the bore makes a difference in stability.

Unfortunately, this is entirely incorrect. Sometimes boattail bullets are more stable, especially at extreme ranges; and they are certainly more aerodynamic in general; but not all boat tail bullets are more stable in all loadings or situations, and if they are more stable, it has nothing to do with the length of the bearing surface of the bullet.

The reason why boattail bullets sometimes stabilize better, isn’t because of surface contact with the bore. Why would twist rate or stabilization have anything to do with surface contact with the bore?

The primary reason boattails can sometimes be more stable, is because the boattail base is less susceptible to aerodynamic upset; and is also less likely to be nicked by a rough crown or bore imperfection. Additionally, what imperfections there are have less effect on the bullet because they are at a smaller radius (and thus exhibit lower gyroscopic forces), and have less aerodynamic pressure applied to them

Often however, very light boat tail bullets are MORE susceptible to upset, because under some circumstances they do not exhibit as much positive stability (the tendency to damp out oscillations from a disturbance) as flat based bullets, as they have less incident flat plate area behind the center of pressure.

Hollow base bullets are even more interesting, in the effects that they have on turbulent flow, and base upset; as well as their deformation characteristics out of the bore which can cause a shuttlecock effect; but that's neither here nor there.

Some folks believe the bearing surface length is important, without regard to bullet design, but this too is incorrect.

You’ll note that the reason why twist rate increases stability, is because faster rotation means more aerodynamic forces (radially symmetric lift) as well as more gyroscopic forces. This has nothing to do with bearing area. Let me say this again: The bearing area and rotational velocity of the bullet in flight, are not interrelated.

You could have nothing more than a bearing band 1/8” long, and the bullet would leave the barrel spinning at the same rate, and with the same rotational energy (though a slightly higher linear velocity presuming gas seal integrity was maintained) as if the bullet were a perfect cylinder (presuming the rotational forces weren't so great that they distorted the bearing band of course).

In fact bearing bands are used by many large diameter (.50cal and above) rifled projectiles; as well as many projectiles used in 18th and 19th century in muzzle loaders; because the use of bearing bands reduces friction and fouling. Also some cast lead revolver bullets use a bearing band design for the same reasons.

Heck, boat tail bullets are even longer per given weight than flat base bullets are, so they would have an even faster required spin rate if it weren't for the factors I spoke of above. If you can shoot heavier boat tail bullets through a slower twist barrel accurately, it is for the reasons I mentioned above... welllll and one more thing

Now, I said up near the beginning of this piece, that form lift, or rather to be more specific aerodynamic characteristics based on shape, could be important; but it wasn't relevant to the discussion here specifically with regard to twist rate, length, weight, and stabilization.

That's not strictly true; because different shapes of bullet, even with identical weight and length, will have different aerodynamic characteristics based on their shape. It's just that for the most part, those aerodynamic differences are quite small between different spitzer bullet designs, different roundnose bullet designs, different flat base bullet designs, and different boat tail bullet designs.

Most often, bullets compared with each other will all be of a single design type i.e. they will all be pointed nose or all be round nose etc... There can be significant aerodynamic differences between round and pointed nose bullets, and flat base vs. boattailed bullets.

Some shapes exhibit greater tendencies toward positive stability. Some shapes have greater stability at lower velocities, and less stability at higher velocities or vice verse. Some shapes deal with things like shock waves, turbulence, or flow separation better than others.

This relates to boattail bullets specifically, because overall, the boattail spitzer (meaning pointed at the front with a gentle ogive, and tapered at the back with a flat base behind the taper) is the optimal form for maintaining both stability and aerodynamic efficiency in the velocity ranges we are dealing with for rifle bullets. Sharply pointed bullets with a tapered base generally deal with shockwaves and moving centers of pressure better than other bullet designs; resisting shockwave upset and turbulent flow upset better.

So yes, often boattail bullets will be more stable; but that doesn't necessarily mean they will stabilize at a lower twist rate (though sometimes it does). It really depends on the relationship between the CG and the CP of the bullet, as described above, total aerodynamic forces, shockwave characteristics etc... and it's not something that can be easily predicted by a lay person, or by anyone without a supersonic wind tunnel and measuring equipment for that matter.

Simply, other than the general differences between pointed and flat or rounded nose; and flat or tapered base bullets; those comparisons are not useful for practical purposes.

Oh wait, one more myth I forgot about?

What about tumbling bullets? I mentioned above that the myth was that the original M16 barrels and ammunition were made deliberately unstable so they would hit the target "tumbling".

This also, is very untrue. As we've described above, a bullet that is tumbling in flight is likely not to hit the target at all, and it's terminal effect will be entirely unpredictable and inconsistent.

The stabilization in air of a bullet has very little effect on it's terminal performance; except that a bullet which is unstable in air, will generally become more unstable in flesh. Bullets that are stable in air may "tumble" in flesh, or they may not; and "tumbling" itself is generally a misstatement of what happens.

Important to this discussion, rifling twist rate doesn't significantly effect the stability of the bullet once it enters flesh.

I take a much more in depth look at "Tumbling Bullets" in: Terminal Tumbling

How does this apply to actual rifles?


Well, every rifled barrel has a twist rate, and that twist rate determines how fast the bullet will spin. You choose different twist rates based on the length (which as we discussed above, is effectively the weight), of the bullets you wish to shoot.

Common MilSurp 5.56 ammunition is 55gr or 62gr, so that is what most owners will prefer to optimize their rifles for; but if you are interested in very long range shooting, or shooting larger game you want heavier bullets; and if you are interested in popping varmints, you want lighter bullets.

Of course the most common rifle chambered in 5.56, and the rifle which engendered this discussion, is the AR-15/M16.

The original AR15 specification used a 1:14 twist barrel, and 55gr bullets. It was this twist rate and loading which created the "M16 bullets tumble" myth, because the 55gr bullets were not fully stabilized with rifling that slow.

The rifling twist was shortened to 1:12 with the M16A1, then to 1:9 with the A2, and finally 1:7 with the A3 and A4; specifically to support longer bullets such as tracers (not to support the standard 62gr bullet, which will stabilize just fine at 1:9).

Of course there are other common platforms for the 5.56 round.

Early Mini-14 barrels were 1:14 (online sources disagree on some of the following dates by the way), but were changed to 1:10 in '78, then to 1:7 in '86, and to 1:9 in '95. Current production Mini-14 barrels are 1:9.

I am not aware of the current production twist rates for the Galil (the original barrels were 1:11, and I believe current production are 1:9 but I can't confirm), or SIG 550 series. The HKG36 is 1:7. The Steyr AUG was initially produced with 1:12 barrels and are currently produced with I believe 1:8. Initial production SA80 rifles also used 1:12 twist, and current production (HK revisions) use 1:7.

Bolt action rifles chambered in 5.56 or .223 are most often rifled with slower twist rates; to appeal to the varmint shooters who most often buy them. The majority are rifles in 1:14 or 1:12 rates.

Heres a link (warning, PDF), to a table with the twist rates of many common rifles.

What are the practical applications of all this?


First, you can generally safely shoot any of the common loadings (presuming the length is short enough), with most any twist barrel, except at the extreme ends where bullets will never even partially stabilize, or will disintegrate right out of the bore (which is funny to watch by the way; as your friend starts to swear "damn it, I'm SURE I had a good hold on that one and my zero is perfect" ). The loadings may not be very accurate past 25 yards, but they'll fire safely.

One should also note that completely unstable bullets will still likely hit your target at under 25 yards, and even partially stabilized bullets should be fine out to at least 50 yards, and maybe as much as 100 yards; again except at the extreme ends of the scale.

There seem to be a few critical destabilization points, or points where the natural tendency to be disturbed are greatest. These tend to be when the bullet first leaves the muzzle, and/or clears the muzzle blast, when linear velocity slows by 1/3, when the bullet drops below 2500fps, when the bullet drops below 1500fps, when the rotational velocity slows by about 1/3, and when the bullet drops under supersonic.

Since a 5.56 bullet fired from out of an 18” or longer barrel is basically supersonic until it hits the ground (presuming it's aimed at something closer than 800 yards away); and most loads will stay above 1500fps (and above 1/3 of their intial rotational velocity) out to those ranges, they aren't really something to worry about unless you are firing at extreme ranges.

Really what we're talking about is the first few microseconds, and the last few hundreths of a second of travel, when the bullet is leaving the muzzle or muzzle blast, when it drops below 2500fps, and when it loses 1/3 of its initial velocity (which are often very close to each other in the AR platform)

Generally speaking, the ranges that we're concerned about as destabilization points, are 25 yards, 50 yards, 100 yards, 200 yards, 300 yards, 600 yards, and 800 yards.

For example, a 75gr bullet fired out of a 1:12 barrel will be severely understabilized from the moment it leaves the bore, and will tend to go at least partially unstable in under 25 yards (pretty much within microseconds of leaving the muzzle); and may become completely unstable, not even hitting your target; though 25 yards is so close it is likely the bullet will at least impact a man sized target.

A 62 gr bullet from the same barrel will be partially stabilized, and will most likely maintain stability out past 50 yards, and possibly out to 100 yards (though not much if any further, in fact possibly not quite reaching 100 yards).

Why can't I say it will absolutely not be stable? Because every bullet is different, and because instability is unpredictable (that is after all, its literal nature). You can only talk about what is likely.

The same 75gr bullet fired from a 1:9 barrel will most likely not go unstable 'til well past 100 yards, and even may be stable out past 300 yards (depending on bullet design).

From a 1:8 barrel that bullet will pretty much remain stable until it hits the ground or drops below supersonic (more than 800 yards out typically). The 62gr bullet will stabilize completely from that 1:9 barrel, and not destabilize til past 800 yards as well.

Speaking in gross generalities; we can talk about what twist rates are likely to properly stabilize what weights of bullet; given conventional bullet design and construction.

The 40gr and under varmint bullets will fully stabilize with 1:14 or sometimes even 1:16 barrels; and will tend to overspin and disintegrate with anything faster than 1:12 or so. 45-50gr bullets will generally fully stabilize with 1:14 twist, but may require 1:12, and will not tend to overspin until 1:9.

55gr milsurp bullets will partially stabilize (out to 100 yards or so) at 1:14 and fully stabilize out past 400 yards at 1:12 (for shooting at longer ranges, a faster twist is recommended); but do not generally overspin until 1:7 or thereabouts. I haven’t seen a 55gr milsurp disintegrate from overspin in a 1:7 barrel, but there is a small but clear reduction in accuracy at long range between a 1:9 barrel and a 1:7 barrel with the 55gr bullets.

62gr bullets will partially stabilize with 1:12 to the point where they will group at 25-50 yards, and generally at least hit the target at 100 yards (though the groups will be more like shotgun patterns), but really need 1:10 to fully stabilize. They will not overspin with any barrel I’ve seen.

Most 68-69gr bullets will do all right with 1:9 but do better at long range with 1:8; though some will stabilize at 1:10.

Most 70-72gr will also stabilize at 1:9, but do better with 1:8.

Some 72-75gr bullets will do well with 1:9, some need 1:8.

Bullets heavier than 75gr really need 1:8 minimum and prefer1:7.

77-82gr bullets generally need a minimum of 1:7 (though the 77gr SMK will at least partially stabilize at 1:9 and do reasonably well with 1:8) ; and I’ve even seen 1:6 barrels. I know there are 1:4 barrels, but I've never seen one.

Generally speaking bullets heavier than 72gr are close to critical OAL for proper feeding from an AR. Most 75gr bullets are ok, but most bullets over 75gr will not properly feed. Some bullets as light as 72gr won't feed, and some 77gr bullets will (again, the 77gr SMK); depending on construction and profile. I don't know of any bullet heavier than 77gr that will proper;y, reliably, and consistently feed from a full AR magazine, but there are 82gr loadings that will single feed in match rifles.

There are bullets available for .223 at up to 102gr weight; but those are for long throat single shot match rifles; and will not magazine feed from any rifle I know of. I would presume it is these bullets that the 1:4 barrels are made for.

Now, there is a rule of thumb formula (the Greenhill formula) , which can be used to estimate the spin required to stabilize a given bullet:

150 x diameter squared, divided by bullet length = required spin

So for a .224 caliber bullet .6 inches long:

150 x .224^2 divided by .6 = 1 in 12.5 inches

The formula can be reversed to derive maximum bullet length which can be stabilized by a given barrel twist.

The formula changes to:

150 x diameter squared, divided by twist rate

Example for a .224 caliber barrel of 1:12 twist:

150 x .224^2 divided by 12 = .627

The barrel will stabilize a bullet .627 inches long, or shorter (which happens to be about the length of a 55gr bullet).

Ok, so what should I buy, and what ammo should I shoot through it?

Weeelll, that's a toughie. Whatever platform of rifle you choose, you should optimize it for the general use case. Will you most often be plinking with milsurp ammo, or are you going to be busting chucks all day long with painstakingly hand assembled match grade varmint rounds?

The first consideration is surplus and bulk ammunition. The most common surplus and bulk loadings use 55gr and 62gr bullets. 55gr loadings overspin a bit at anything faster than 1:7, and slightly overspin at 1:7. 62gr ammunition won't properly stabilize with twist rates slower than 1:9 (actually 1:10, but that's not a commonly available twist), and works fine with most any faster rate. This would suggest that if you want to shoot MilSurp, a barrel of 1:9 or 1:8 would be your best choice.

Why not go faster?

As a civilian, you won't likely be firing armor piercing or tracer rounds. Also unless you are going to be firing at very long ranges, or at game larger than coyotes, you don't need to use the extremely long and heavy bullets which need the faster twist rates.

Based on those two assumptions, you don't need to have a 1:7 twist barrel; and if you DO have such a fast barrel, you can't really shoot anything lighter than 55gr bullets out of it(and really should stick to 62gr or heavier).

Of course if you ARE shooting at game bigger than Coyotes (men are significantly larger than coyotes), or at ranges longer than 300-400 yards (and especially longer than 600 yards); then you are probably going to want to shoot longer heavier bullets.

The single most effective defensive loading available for the AR platform rifle today is the 77gr BTHP Sierra Match King, or 77gr Nosler special purpose BTHP (sold as the "custom competition") loaded to about 2850fps. This is the spec for the Mk262 loading, developed for the JSOC special purpose rifle; and is effective at both short and long ranges, from both short and long barrels.

The 77gr bullet design used in this loading, is very specifically the longest design of it's profile which will feed properly and consistently in the AR platform(many 77gr bullets will not). It has the most consistently effective terminal performance from all barrel lengths of any 5.56 ammunition.

The only problem? The 77gr bullet used, requires 1:8 or 1:7 to stabilize properly. It will partially stabilize out to 100 yards with 1:9 and 300 yards with 1:8, but it really needs a 1:7 barrel to fully stabilize past 300 yards (of course most folks won't be shooting past 300 anyway...)

So if you plan on shooting anything from 55gr to 77gr bullets out of an AR, a 1:7 is just fine; you just can't really shoot anything lighter. If you only plan on shooting 55gr and 62gr... or maybe out to 68gr, then go ahead and get the 1:9, and you'll be able to shoot some of the heavier varmint loads as well.

If you are going to be primarily varminting with the rifle, then I recommend you choose a 1:12 twist barrel, unless you are planning on primarily using the very lightest 37-42gr ammunition, in which case you should go with 1:14. The 1:12 is a versatile twist rate that will allow you to fire even the lightest varmint loads, while still preserving the capability to use 55gr surplus, and in an emergency even 62gr ammunition.

If you're going to do a little bit of everything, buy a 1:9 barrel. You can shoot everything down to the 45gr varmint loads, and up to the 68gr hunting lods, and still get good results.

So, any questions?

Oh, and in case you were wondering, this post clocked out at about 4900 words. Only half as long as my longest, but still a stiff hit. It took me about 3 continuous hours to write it, then another two hours or so of re-writes.