He had bought a large map representing the sea, 
 Without the least vestige of land: 
And the crew were much pleased when they found it to be 
 A map they could all understand.
from The Hunting of the Snark
by Lewis Carroll
This is my personal website. Feel free to look around.

I recommend:

  • Dropbox for keeping files synced between computers. Sign up for Dropbox using this link and we both get extra space.
  • Crashplan or Mozy for backups.
  • Dreamhost for web hosting.

Here: {cms_selflink page=’58’ text=’About ‘}{cms_selflink page=’76’ text=’Camp Dixie’} Blog {cms_selflink page=’54’ text=’Hobbies ‘}My home page {cms_selflink page=’70’ text=’Uffish Thoughts’}

Elswhere: Camp Dixie OpenSourceList.org UGA Police

Ads: Summer Camps Open Source Software Georgia Dance Band

Site Admin

SSL is holding back encryption on the Web

I have combined below 2 of my comments on a blog post over at http://www.owlfolio.org/htmletc/more-ssl-errors/ . I post them here as my own permanent copy.

Please stop treating self signed certs as worse than no security! I still can not understand why Mozilla treats a small increase in security as if it were a massive decrease. Give self signed certs equal status as no security.

First of all, don’t let people use self-signed. Really, just don’t. Their is no need for that.

You may not have a need but I do. This stubborn insistence on forcing encryption to be locked with identity verification has crippled the use of encryption on the web. Yes I understand the importance of the combination, but SSH handles the problem properly. The Perspectives extension takes the SSH model and adds another level of protection.

SSL certs are too much of a pain to get, setup and maintain. Small admin mistakes cause scary looking errors for end users, often when no actual problem exists.

If I use a self signed cert on my own website, I know I can trust it, I don’t need someone else to vouch for me! I can handle adding the cert in my browser, but my Wife and family get freaked out and the end result is we must teach them to ignore the error, or not use encryption. Not exactly the ideal outcome.

Yes MITM happens, but it’s not exactly common. The Perspectives extension is one better way to handle it.

Encryption without authentication is not useless, far less valuable, but not useless. As long as I continue to see the same cert, I don’t need anyone else to ‘authenticate’ my site for me! The same goes for the internal site I setup for work. When I tell people “this is our intranet web site”, I am vouching for the authenticity of the site. No one else need get involved.

If I can be certain that the Amazon.com website is presenting me with the same cert it has presented me with the last 50 times I went there, I can be reasonably confident that it is the real Amazon.com. If I know other people elsewhere are seeing the same cert I can be even more confident.

Phone as desktop replacement

As more and more people replace desktops with laptops. I wonder what will happen when smart phones start to be powerful enough for most of our computing needs. Will phones replace the laptop and the desktop?  Add a docking station for a full size monitor and keyboard and some of the phones out now could almost be good enough.

1and1 can be really stupid.

First let me say that I like 1and1. I have hosted all my websites with 1and1 for several years now and have had only minor issues.

When I first signed up with 1and1 I created 2 separate packages, they were both associated with the same account. One for my personal sites and one for all of Camp Dixie’s sites. At the time it seemed like it might be important to have some separation between Camp Dixie’s official sites like CampDixie.org and CampDixie.net that Camp Dixie owned and unconnected or unofficial sites like OpenSourceList.org and CampDixieAlumni.org that I owned.

Eventually I decided that I could still have that seperation with out having sperate hosting packages so I decided to move all the domains to one package.

This is where it gets stupid.

If I were transferring a domain, say JasonAirlie.com from one web host to another, I could leave the hosting active at the old host and start it at the new. As the DNS changes for JasonAirlie.com propagated some people would see the site at the old host, some at the new host. There would be no downtime, email would not bounce, search engines would have no problem finding my site and the transition would be relatively painless.

Since both domains are hosted at 1and1, under the same account but separate packages, to move a site from one package to another I would have to delete the domain from one hosting package, wait for the change to become final, 1-2 days, and then recreate the domain on the other package. During all that, my website would be inaccessible and email would bounce. Staying with 1and1 would be more painful than moving to another web host. The reason for this is obviously a technical limitation of their system. However allowing this limitation to remain gives customers a large incentive to take their business elsewhere.

So I will be slowly moving all my domains to Dreamhost.

Weave is awesome

Weave, an addon for Firefox that syncs bookmarks, passwords, cookies, and the like, is very awesome. It is still in an early testing phase, and thus subject to the occasional hiccup, but when it works properly it can be quite handy. With the possiblity of it someday being able to sync other things, like plugins, browser settings, and plugin settings. It could soon be even cooler.

Back from Camp Dixie

Just got back from Camp Dixie. I spent to wonderful weeks up there. I am tired and a bit worn out but nothing a night or 2 of rest and readjusting to my work schedule won’t fix.

Wiki plugin wanted

I want a Firefox add-on that will let me cache select Wikipedia pages for offline reading, and automatically update the cache as needed.

Oh and work with my intranet TikiWiki as well.


Friday, May 23 2008 I got up at 3:50 am and drove up to Camp. I stopped just inside the gate and changed into my tuxedo. I slowly drove into camp, with my windows down, hoping not to hear the dogs start barking.

Luck was with me and I parked at the Big House with no sign that Rhonda or the dogs were awake. I opened my trunk and started removing the boxes of tea candles (from the Dollar Tree). I placed the candles along the railing, lighting some immediately so as to not have everything spoiled if I was caught before I finished.

As I was working, I heard Rhonda open the side door and let 2 of the dogs out. That shook me a little. After getting all the candles placed, about 15 had gone out so I went back and re-lit them. My hand was shaking a little, and the lighter was losing some if it’s umph. I spread some rose petals (fake, from the Dollar Tree) on the ground and on the table, mixed in with the candles. Lastly I put some flowers (fake, from the Dollar Tree) on the table. All was ready. I took a deep breath and rang the doorbell. Nothing. Her doorbell doesn’t work. I went to my car, and honked the horn. Nothing. I went back to my car and did ‘shave and a haircut’ on my horn.

Rhonda came out side wearing PJ’s and with a slightly befuddled look said “What? I need a jacket”. She then went back inside and closed the door to get a jacket. She came back out, this time I had enough time to actually ask the question. Her immediate response was

“No, no, now’s not the time!”

Fortunately I could tell she wasn’t answering me, she was just overwhelmed.

It took her about 15 minutes, but she eventually said yes.

We (she) called everyone and told them the news, then we cleaned out the gutters.

The Ring

Rhonda: “I couldn’t ask for a better engagement ring.”
Me: “Good, cause you’re not getting one!”

The next day we went to Wal-Mart and I bought her a $9 ring that she can wear even when she is working.

Firefox password manager

As a heavy user of the Internet I have a lot of passwords. Initially I used a text file to keep track of them. Later I moved to a spread sheet, and finally to a password manager that ecrypts the password store.

Firefox also has a password manager, however it is fairly primative. I can’t store arbitrary information about a site or passwords for arbitrary systems. I can’t store the password data at a specific location or switch between password files for personal use and password files for work without switching Firefox profiles.

I can’t easily open up the password file in other applications.
The password manager doesn’t help me to generate passwords.

Someone, please make the password manager in Firefox more fully featured. Compatible with standalone apps and powerfull enough to use as my main password manager.

iFolder Ideas

I’ve been avidly watching the iFolder project for a while now. I’m currently using iFolder 2.0 at work and love it, I was thrilled to hear that iFolder went open source and have high hopes for the project. Progress on the peer to peer part has been dissapointingly slow, but understandable. The only real quibble I have is that the developers seem to be unecessarily complicating certain areas that should be simple.

Specifically , if I want to share a folder I should be able to designate an iFolder and create invitations that give the bearer the rights to access the share. Letting the user figure out how to get the invite to people, reduces complexity. Most people know how to send a attachment in email. Consider the invite a key, although an optional additional level of authentication, say a password, would be nice.

Other ideas:

Embed a user name inside the invitation.
If I send an invite to Fred and I suddenly see 300 simultaneous connections from computers using Fred’s invite, then I can disable that invite and possibly issue Fred a new one. If I want to issue seperate invites to 30 different friends, all to the same iFolder share, I can assign rights and even revoke the invites individually. If I want to issue a single invite to all my friends then I can. I can name the invites user as an individual “Bill”, or as a group “Website design team”. Individual machines IP addresses may change, and users may use same invite on more than one machine, but the name tells me who is connected. Allow the host to see who (based on name I assigned in invite) is accessing a share and on how many simultaneous connections.

File name only sync.
Create all the files and subdirectories but don’t sync any of the data (0 byte files). This allows for a quick sync, I can decide if I really want to subscribe to this iFolder, and lets me pick individual files to sync fully.

Secure / blind sync
Client computer gets only encryped copies of the files, allows users to let friends or family to host blind backups. Make sure to encrypt the file names too.

Move sync.
Moves files from host/server to client. Once the sync is complete, the file is deleted from the host but remains on the client. This allows me to easily move files from one machine to another.

Multiple levels of access on the same share.
Bill has read and write, but Ted only gets read access.

Revision control system built in.
Track versions of files and show who and when made what changes.

Scheduled / throttled sync
Allow the host to limit number of files to sync to others per day.
Don’t sync file until specific day and time.

P2P with Authoritative host
A central host has the Official versions of all files, all peers sync their changes with that host.
But when host is down, peers sync their files with each other until Authoritative host comes back online and straigtens things out.

Force Peer sharing.
Once server knows that there is a full copy of a file out on the peers, point all other peers to the peer copy of the file. Saves host bandwith.

P2P redunancy
Peers keep record of all other peers (and hosts) latest IP, peers only need to find one other peer still connected with the share to get reconnected to the host. Works even if host is not on stable ip. Have the host go out and try to find peers when the host restarts iFolder.

Searching for Dr. David B. Freeman

I am desperately looking for Dr. David B. Freeman, author of Pop J: The life of Albert Allen Jameson, a camping master. The book does not seem to be available anywhere and I’d like to find out if he has plans to publish it. As an alumnus of Camp Dixie as well as staff I have a great deal of interest in this book. I remember him coming by to talk to Miss Ann when he was doing his research. I know Camp has a few copies of the book, but would like to make sure it is more widely available.

Moving CampDixie.org Again

I’m getting all set to move the summer camps site. It will save a bit of money, and simplify administration. The new host has been running all of my sites for a while now and I’m happy with them. Most of my preparation is done but I probably won’t move the site for a few weeks yet. I need to make sure Camp Dixie is all setup for the email change as that should be the only change they will notice.

Simplify, simplify

I need to simplify my life.

I tend to create clutter and I need to start eliminating it. Files, emails, useless gadgets that I don’t need. I probably spend more time and effort keeping things I don’t use than I would money by just re-buying things I actually need when I find I need them. I’m going to work to emiminate as much as possible. We’ll see if I succeed. I won’t ever be finished, but every bit I accomplish helps me.

Fall 2005 Catchup

So. The summer went pretty well. From what I hear. I don’t normally get sick much, but this summer, right in the middle of Camp, I got so sick that I wound up in the hospital for about 2 days. This thoroughly annoyed me, as I wound up not getting to be part of Camp much this summer. Oh well. It may work out for the best though. I wound up saving a bunch of vacation time and if they let me use it all next year, I’ll be there almost all summer. Keeping my fingers crossed.

I’ve been just slightly sick on and off since then, and I was out sick from work almost this whole week. My doctor has me on some antibiotics and I’m going to make sure that I stick to them till they are all gone. I want to be well and stay well.

Camp Dixie recently had a get together at Stone Mountain, just for the older ones. We’ll be doing one for the younger ones soon.

Camp Dixie 2005 Started

Well, Camp Dixie’s Summer 2005 season has started. I’m not able to be there full time, yet again, but I’m there as much as I can. The first day went well and we have a good bunch of kids. This is a small week, which the children like, and lets the staff get into the swing of things. We did a special flag lowering ceremony the first night, for the flag that we had left up since last year in honor of Miss Ann. Brett, Merry, and Dylan did a very nice job. Council fire went well, and I almost lost my voice singing. I bet they’re having a blast. Wish I was there.