Category Archives: General

Home

He had bought a large map representing the sea, 
 Without the least vestige of land: 
And the crew were much pleased when they found it to be 
 A map they could all understand.
from The Hunting of the Snark
by Lewis Carroll
This is my personal website. Feel free to look around.

I recommend:

  • Dropbox for keeping files synced between computers. Sign up for Dropbox using this link and we both get extra space.
  • Crashplan or Mozy for backups.
  • Dreamhost for web hosting.

Here: {cms_selflink page=’58’ text=’About ‘}{cms_selflink page=’76’ text=’Camp Dixie’} Blog {cms_selflink page=’54’ text=’Hobbies ‘}My home page {cms_selflink page=’70’ text=’Uffish Thoughts’}

Elswhere: Camp Dixie OpenSourceList.org UGA Police

Ads: Summer Camps Open Source Software Georgia Dance Band

Site Admin

SSL is holding back encryption on the Web

I have combined below 2 of my comments on a blog post over at http://www.owlfolio.org/htmletc/more-ssl-errors/ . I post them here as my own permanent copy.

Please stop treating self signed certs as worse than no security! I still can not understand why Mozilla treats a small increase in security as if it were a massive decrease. Give self signed certs equal status as no security.

First of all, don’t let people use self-signed. Really, just don’t. Their is no need for that.

You may not have a need but I do. This stubborn insistence on forcing encryption to be locked with identity verification has crippled the use of encryption on the web. Yes I understand the importance of the combination, but SSH handles the problem properly. The Perspectives extension takes the SSH model and adds another level of protection.

SSL certs are too much of a pain to get, setup and maintain. Small admin mistakes cause scary looking errors for end users, often when no actual problem exists.

If I use a self signed cert on my own website, I know I can trust it, I don’t need someone else to vouch for me! I can handle adding the cert in my browser, but my Wife and family get freaked out and the end result is we must teach them to ignore the error, or not use encryption. Not exactly the ideal outcome.

Yes MITM happens, but it’s not exactly common. The Perspectives extension is one better way to handle it.

Encryption without authentication is not useless, far less valuable, but not useless. As long as I continue to see the same cert, I don’t need anyone else to ‘authenticate’ my site for me! The same goes for the internal site I setup for work. When I tell people “this is our intranet web site”, I am vouching for the authenticity of the site. No one else need get involved.

If I can be certain that the Amazon.com website is presenting me with the same cert it has presented me with the last 50 times I went there, I can be reasonably confident that it is the real Amazon.com. If I know other people elsewhere are seeing the same cert I can be even more confident.

Phone as desktop replacement

As more and more people replace desktops with laptops. I wonder what will happen when smart phones start to be powerful enough for most of our computing needs. Will phones replace the laptop and the desktop?  Add a docking station for a full size monitor and keyboard and some of the phones out now could almost be good enough.

1and1 can be really stupid.

First let me say that I like 1and1. I have hosted all my websites with 1and1 for several years now and have had only minor issues.

When I first signed up with 1and1 I created 2 separate packages, they were both associated with the same account. One for my personal sites and one for all of Camp Dixie’s sites. At the time it seemed like it might be important to have some separation between Camp Dixie’s official sites like CampDixie.org and CampDixie.net that Camp Dixie owned and unconnected or unofficial sites like OpenSourceList.org and CampDixieAlumni.org that I owned.

Eventually I decided that I could still have that seperation with out having sperate hosting packages so I decided to move all the domains to one package.

This is where it gets stupid.

If I were transferring a domain, say JasonAirlie.com from one web host to another, I could leave the hosting active at the old host and start it at the new. As the DNS changes for JasonAirlie.com propagated some people would see the site at the old host, some at the new host. There would be no downtime, email would not bounce, search engines would have no problem finding my site and the transition would be relatively painless.

Since both domains are hosted at 1and1, under the same account but separate packages, to move a site from one package to another I would have to delete the domain from one hosting package, wait for the change to become final, 1-2 days, and then recreate the domain on the other package. During all that, my website would be inaccessible and email would bounce. Staying with 1and1 would be more painful than moving to another web host. The reason for this is obviously a technical limitation of their system. However allowing this limitation to remain gives customers a large incentive to take their business elsewhere.

So I will be slowly moving all my domains to Dreamhost.

Weave is awesome

Weave, an addon for Firefox that syncs bookmarks, passwords, cookies, and the like, is very awesome. It is still in an early testing phase, and thus subject to the occasional hiccup, but when it works properly it can be quite handy. With the possiblity of it someday being able to sync other things, like plugins, browser settings, and plugin settings. It could soon be even cooler.

Back from Camp Dixie

Just got back from Camp Dixie. I spent to wonderful weeks up there. I am tired and a bit worn out but nothing a night or 2 of rest and readjusting to my work schedule won’t fix.

Wiki plugin wanted

I want a Firefox add-on that will let me cache select Wikipedia pages for offline reading, and automatically update the cache as needed.

Oh and work with my intranet TikiWiki as well.

Mount an ISO in Windows

Many is the time I’ve had an ISO CD image and wanted to use it without the waste of burning it to CD first. The fact that my CD burner fails about half the time makes it all the more important to me. Well after much searching I’ve finally found the application that allows me to do just that. FileDisk allows you to mount a file as a disk. ISO Recorder Power Toy lets you create your own ISOs. With these two you can create and use ISOs. Now if I could edit an ISO I’d be happy.

Eventually I’ll add these to OpenSourceList.org. Which I’ve decided I will start adding to soon, even though the code isn’t complete.

Just installed WordPress

Just installed WordPress. It’s a nice piece of software, has a beautiful admin interface, but an ugly default theme. I’ll change it someday. I’ve got to cateogorize and re-assign all my old posts first. Whee!

The Election – 2000

As I write this, a week after the Presidential Election we still don’t know who won. Part of the problem is simply due to the incredible closeness of the vote. The main problem lies with the archaic way we vote.

I am not talking about the Electoral College, which I think is as valid today as it was when first established.

The actual ballots and how they are punched, checked, marked, and above all counted, are hoplessly out of date and should be replaced.

There are many technical issues and detailed checks and balances that will need to be addressed but a general approach is easy to determine.

Each voter is mailed their precinct card, just like we already do. The new precinct card will contain a voters unique ID# and a random default password. The ID# will be randomly generated so that they can not be easily guessed. Additional steps, such as sending a conformation code to each mailing address could be added if necessary.

Voting could be done either via the web, using any browser that supports SSL, or at the polling place using the same web based interface (ensure consistency). The machines at the polling place should be on an isolated network (to prevent hacking) and connected only to the central state voting commission computers.

Using a basic HTML form it is easy to prevent many of the common problems that currently cause votes to be discarded. Radio buttons can easily prevent multiple selections. By forcing the voter to specify that they abstain from voting for a canidate or issue rather that just leaving that section blank, simple JavaScript can alert the user to missed sections before the vote is even submitted.

After voting each voter is given a reciept that is the only record of how they as an individual voted. The reciept is simpy a confirmation page sent to the web browser. It contains their name (maybe not?), their ID#, vote#, how they voted on each issue (including abstentions) and a plain text (not human readable) public key signature block at the bottom that “certifies” or “verifies” that it is an offical reciept (perhaps enclose an encrypted copy of the vote information in that block).

The voters ID# is tossed out and not stored with the vote. Each vote is assigned a unique vote#. If a voter suspects that their vote was not correctly recorded they simply present the vote reciept. The vote# is matched to the vote# stored in the election database. The database entry is compared with the reciept.