Posted on
by

Circular shadow on the sidewalk, with lots of bright crescents inside, all facing the same direction.

For a lot of reasons, we didn’t arrange another road trip to see today’s total eclipse like we did in 2017 (which was amazing, by the way!). It was only partial out here in California, and not even with as high a magnitude as the one last October.

But we had clear skies, so we broke out the eclipse glasses from 2017 again. After testing them first by looking directly as a bright indoor lamp to make sure there were no scratches. And I’d heard that colanders make interesting patterns (each hole works as a pinhole camera) much like overlapping leaves do, so I brought that out — as you can see, it worked quite well!

I do kind of regret not being able to get out to see this one as total. Partial eclipses can be really cool, especially if you have multiple ways to observe them, but XKCD has a point. There really isn’t any comparison to experiencing totality, and it doesn’t come through very well in photos.

I bet northern Spain is already booked for 2026.

It is interesting to think that solar eclipses happen every year — usually twice! — but they’re not always total, and they’re only visible from a small part of the planet at a time. And sometimes that’s a slice of, say, Antarctica or Siberia or out in the middle of the ocean. Not rare for the planet, but definitely rare for any given location.

On one hand, it’s no wonder people used to see them as omens. With travel and communication slow (and in many cases impossible) in the ancient world, if you’re only going on what’s been seen in your area, it seems super-rare and unpredictable. On the other hand, cultures with sophisticated enough astronomy like the ancient Babylonians were able to calculate the eclipse cycle thousands of years ago!

One bit of funny timing: We’ve been catching up on the last season of The Magicians. Today we got up to an episode that…well, let’s just say the moon figures very prominently in it!

Update: Axios posted a nice map last week showing how fully booked AirBnBs are for the day in different parts of the US…which shows the path of totality *very* clearly!

Posted on
by

Me, driving a smallish gas-fueled car in the 2000s: Wow, gas has gotten expensive these days, but at least I’m not spending too much per tank.

Me, driving a hybrid car in the 2010s: Yeah, gas is still expensive, but I’m still not spending too much per tank, and I think I’m filling it less often than I used to.

Me, driving a plug-in hybrid to the grocery store and back during the first year of the pandemic: I have no idea how much gas costs. I haven’t filled the tank since the before times. I hope the gas engine still works.

Me, driving the same plug-in hybrid normally during the 2020s: Oh yeah, gas is kinda expensive. At least I don’t have to fill up the tank very often, and it’s not too much when I do.

Me, driving a rented gas-fueled SUV to the next county and back once: WTF I’M SPENDING HOW MUCH TO FILL UP THIS TANK!?!?!?

Posted on
by

Interesting spam/phish technique: Look for subdomains with CNAMEs or SPF records that point to abandoned domains that you can then register…and effectively take control of the subdomain or SPF.

They haven’t seen any cases where it’s been used to host a phishing site at, say, an msn.com subdomain, but they’ve seen thousands of cases where it’s been used to pass email verification checks.

The article describing “SubdoMailing” gives a detailed example of a spam that made use of an msn.com subdomain that was used for a sweepstakes way back in in 2001 that used a CNAME pointing to the long-abandoned domain name for the contest, but the subdomain was never actually deleted.

Lesson: check your DNS for any dangling references to outside domains that might not exist anymore!

Posted on
by

Last Friday, I dropped off my ballot for today’s primary election. I’ve got to say, I really appreciate the new approach in LA County of mailing everyone eligible a ballot, maintaining permanent drop boxes at relevant locations (libraries, etc.), and opening some polling places early to accept completed ballots.

MUCH more convenient than needing the time on one specific day and, in elections with a lot of turnout, waiting 45 minutes, an hour, or longer.

The longest I’ve waited was when I was living in Orange County, either 2003 or 2004, and they actually had to apply the “if you’re in line at closing time, you get to vote” rule. Someone brought a box of to-go coffee from the Starbucks down the street (I think Starbucks might have donated it, too?) and was offering it either to the poll workers or to those of us still in line.

The first election in which the county implemented early voting and flexible polling places (instead of requiring you to get to the specific place on your sample ballot) was also the week before COVID-19 hit the area. Now that I think of it, they still didn’t send out an actual ballot by mail unless you requested one. That changed that when it became clear COVID wasn’t going to just blow over before November. Since then some of the smaller, local elections have been mail-only.

Four years….WTF

Posted on
by

The year is 2006. I’m complaining on my blog about businesses training their customers to fall for phishing attacks.

The year is 2011. I’m complaining on my blog about businesses training their customers to fall for phishing attacks.

The year is 2022. I’m complaining on my blog about businesses training their customers to fall for phishing attacks.

Corporations haven’t learned. Unfortunately, their customers have learned from all this training. And so has the fraud industry. Even if you’re usually savvy about this sort of thing, you can get caught up if the circumstances put you just off-balance enough to line up the holes in each overlapping layer of security.

I trusted this fraudster specifically because I knew that the outsource, out-of-hours contractors my bank uses have crummy headsets, don’t know how to pronounce my bank’s name, and have long-ass, tedious, and pointless standardized questionnaires they run through when taking fraud reports. All of this created cover for the fraudster, whose plausibility was enhanced by the rough edges in his pitch – they didn’t raise red flags. Cory Doctorow on “Swiss-cheese security.”

And here I am, in 2024, complaining on my blog about…well…you know.