Author Archives: Kelson
Finally Upgraded!
After way too long, I finally upgraded the processor on my desktop. I’d held off because that always involves upgrading the motherboard, which is major surgery on the computer, and with a small child who wants to grab everything, that wasn’t really a good idea. Replacing phones and tablets, and replacing the Windows box, sure, those are relatively simple. Nothing fragile is open for several hours, and we use them all the time.
But I’ve recently done some small maintenance with him around and he’s been able to keep his hands to himself and just look, and I’ve trusted him to help with a few things like clipping in the panels on unused drive bays and opening/closing the main case screws.
I ordered a processor/mobo/memory combo from NewEgg, and it showed up on Saturday. I waited until Sunday morning to get started, knowing that these things always take more time than you expect (and typically at least one extra trip to the computer store). No surprise, it turned out I needed a new power supply for the new motherboard. In an odd echo of the last time,* I drove out to Fry’s and found one with the connectors and wattage I needed, with a rebate on it, then picked up some takeout for lunch.
The kiddo was able to leave the half-disassembled box alone while I was out. Things were strained by the time I was finished around four, and he had a full-on meltdown at the grocery store later, but I got the new hardware installed.
It’s amazing how much smoother everything runs now. I feel like I can actually use the computer again!
*I may have done another upgrade between then and the time we moved, but I only remember adding the wireless card in 2010 so that I could move the computer desk to another room and put the crib in its place. I definitely hadn’t done anything this major on the home desktop since he was born.
Free Shavocado!
This sign used to say FRESH AVOCADO. But for several years, it’s said something more like FRE SH AVOCA DO. I’m not 100% certain, but I think they may have actually moved the SH further from FRE and toward AVOCADO a few times…and now they’ve finally just added another E.
After I posted it to Instagram, a friend on Tumblr pointed out that the “Free Shavocado” tag already exists. I found a short video of the sign in its “FRE SH AVOCA DO” state, narrated by someone giggling and saying, “Come to Del Taco! They have free sha-VA-ca-doo!” Even funnier: The restaurant updated the corporate sign between then and now without correcting the spacing.
Or maybe that’s when they decided to “fix” the spelling instead!
Out with the old tech, in with the…slightly less old.
I finally removed the floppy disk drive from my desktop. I don’t know why it took me so long, except that it wasn’t in the way of anything. Living with a small, inquisitive child means either making hardware changes at night or keeping the work brief, and timing it so that he still has enough metaphorical spoons to keep his hands to himself.
HTTPS is a lot easier than it used to be.
The cost of implementing HTTPS on your own site is a lot lower now than it used to be. For instance:
- Let’s Encrypt offers free certificates for any site, and some web hosts have software integration that make ordering, verifying and installing a certificate as simple as checking a box and clicking a button. (I’m impressed with DreamHost. I turned on secure hosting for some of my smaller sites a few months ago by just clicking a checkbox. It generated and installed the certs within minutes, and it’s been renewing them automatically ever since.)
- Amazon now has a certificate manager you can use for CloudFront and other AWS services that’s free (as long as you don’t need static IP addresses, anyway) and only takes a few minutes to set up.
- CloudFlare is offering universal HTTPS even on its free tier. You still need a cert to encrypt the connection between your site and CloudFlare to do it properly, but they offer their own free certs for that. They’ll also let you use a self-signed certificate on the back end if you want. (It’s still not perfect because it’s end-to-Cloudfront-to-End instead of end-to-end, but it’s better than plaintext.)
You may not need a unique IP address anymore. Server Name Indication (SNI) enables HTTPS to work with multiple sites on the same IP address, and support is finally widespread enough to use in most cases. (Unless you need to support IE6 on Windows XP, or really old Android devices.)
Now, if you want the certificate to validate your business/organization, or need compatibility with older systems, you may still want to buy a certificate from a commercial provider. (The free options above only validate whether you control the domain.) And depending on your host, or your chosen software stack if you’re running your own server, you may still have to go through the process of generating a request, buying the cert and going through the validation process, and installing the cert.
But if all you want to do is make sure that your data, and your users’ data, can’t be intercepted or altered in transit when connecting to reasonably modern (2010+) software and devices, it’s a lot less pain than it was even a year ago.
The hard part: Updating all your old links and embedded content. (This is why I’m still working on converting Speed Force and the rest of hyperborea.org in my spare time, though this blog is finally 100% HTTPS.)
And of course dealing with third-party sources. If you connect to someone else’s site, or to an appliance that you don’t control, you have to convince them to update. That can certainly be a challenge.
Expanded from a comment on Apple: iOS to Require HTTPS for Apps by January at Naked Security.
Why would you risk eating out with a food allergy?
On every news story about someone who experienced a severe allergic reaction outside the home, there will be someone who says, “If it’s that dangerous, why would you even risk it? Keep your kid at home and make all their food yourself from scratch all the time!”*
Let’s think about this.
A car could kill your child. Today, tomorrow, years down the line. This is not a hypothetical. This is a fact, and it’s a risk that you live with.
Why on earth would you risk letting your child cross the street? Keep them at home! Don’t let them out of the house in case someone jumps the curb!
That’s…not exactly practical, is it?
You don’t keep your child inside 24/7 to avoid cars. You take them outside, with precautions. You teach them to stay on the sidewalk, cross at corners and crosswalks, and look for cars before crossing. You walk with them until they’re old enough to walk safely on their own.
You rely on drivers to follow the rules of the road…but you still look both ways in case someone’s distracted or feels entitled and plows through a red light anyway.
And then your children can live their lives out in the world instead of being frightened recluses who hide in the basement whenever a car goes by.
You can’t eliminate risk 100%, but you can manage it.
The exact balance is going to be different for each person with an allergy.** But it’s not unreasonable to expect the food industry to follow basic safety procedures to avoid cross-contact — and to not introduce a danger that wasn’t there to begin with.
—
*Even if you have the time to prepare every meal at home, there’s still the risk of mislabeling or cross-contamination in the supply chain. Right now, there’s an ongoing recall of baked goods produced with peanut-contaminated flour. A year ago, supplies of cumin were tainted with peanuts. That impacted everything from prepared foods down to bulk-bin spices. Everyone’s at risk with the massive listeria recall of vegetables, allergies or no.
**Heck, it’s different for each of my allergies, and I’m one person. I’ll cheerfully walk into a coffee shop that serves almond milk and soy milk, but won’t set foot in one of those burger places that plops a bin of peanuts on the table. Even with my Epi-Pen. That’s just playing live-action Frogger.
What makes online posts feel “permanent?”
Sophos reports that Facebook is testing a feature to hide new posts from your timeline so they don’t feel so permanent. Of course they’re still searchable until you actually delete them, so they’re still permanent in that sense.
What’s odd: Facebook posts don’t feel permanent to begin with, even though they effectively stick around forever.
Thinking about it, two things make an internet post feel permanent to me:
- Can I count on it sticking around?
- Can I count on finding it again?
Facebook, despite a lot of improvements over the years, is a mess. The newsfeed algorithm means you can’t just keep scrolling back. The timeline view isn’t reliably complete. Search is kind of a crap shoot. Don’t get me started on trying to find a particular old post on Twitter!
And that’s dealing with sites I can expect to stay online over time. A post on a forum, or a comment on someone else’s blog, or any social network could easily vanish in someone’s server crash or business shutdown.
If I can’t count on being able to find what I post a few years down the line, it feels like it’s temporary, even if it isn’t.
This is one reason that my Flickr portfolio feels more permanent than my Instagram photos: I can find them without resorting to third-party apps. If I want to find a particular photo on Instagram, I have to page down through my profile until I find it. On Flickr, I can find a 10-year-old photo of a fountain in seconds by searching for “fountain” and expanding the “Your photos” section of the results.
Then again, running my own site is only reliable as long as I can afford it. If something happens to me, and I can’t pay for hosting anymore, what then? I figure I’d simplify things down to where I could get a basic, super-cheap hosting plan. Make the blogs read-only so they can be served statically from a shared server or S3 bucket, or move them to WordPress.com, or just be willing to let them crash under load. But what if I’m incapacitated and can’t convert it? Or just plain not there anymore? If I really want to keep my corner of the web up “permanently,” I’m going to have to make a plan ahead of time.
Otherwise my carefully preserved photos, articles, and extended musings will be toast…leaving behind as context only broken links and all my supposedly (but not really) ephemeral offhand remarks on Twitter and Facebook.