Feorlen's Other Blog

When I threw out the offhand comment that I should write about my personal digital security, I was expecting it would be the usual social media post that gets lost in the undertow (particularly right after the holidays.) But so many people emphatically said Yes!! that I decided I would resurrect an old dead blog and get started.

There are a lot of things I do because I know I’m being watched, both on the Internet directly but also the growing ways my personal information is collected or I’m “digitally observed” in public. The revelations of the past few months have made clear that this is the way the world is now. In the absence of political solutions, we individually must decide what technological measures we will take in response to the widespread surveillance of average people. The only way to completely opt-out of data collection is to opt-out of modern life: banks, credit cards, mobile phones, travel, earning a paycheck. Even just being in public often means your image is being recorded, and increasingly checked against databases. It’s not been science fiction for a while now.

Perhaps you will find some of this old hat, but maybe there will be new ideas or even the encouragement to do something you “ought to” but haven’t actually gotten around to. Even if you think something’s not for you, knowing it is possible is valuable information for the future.

I’m going to try to avoid most of the political discussion surrounding this topic and stick to the practical. But one of the reasons I do go through all this trouble is to push back against a dreary non-controversial world of constant surveillance, where privacy is a luxury good and most people have to live with the knowledge that everything they say or do or buy or read will be compiled into a dossier that can be consulted by sufficiently interested parties. The “safety” of conformity is the most astoundingly depressing future I can imagine.

A little about me:

I’m just this average nerd, you know? I’m not a security researcher or cryptographer, I’m not fond of that level of math to be honest. But I’ve been working with computers for a very long time and have learned from my security researcher and cryptographer friends and colleagues that I am right to be wary of how the vast amount of digital data I generate can be used. You will find I talk a lot about the concerns of residents of big cities, frequent travelers and users of Apple technologies, because I am all those things. I invite others to contribute their experiences, and welcome recommendations for guest posts. (Windows people, I’m looking at you!)

I hope you find this effort valuable, and invite you to learn along with me.

We got home this afternoon from DC after attending the very surreal Comedy-Political show known as the Rally to Restore Sanity and/or Fear at the National Mall. (We were supposed to get home last night, but I will spare you that disaster.) Yes, we spent nearly 48 hours to attend a 3 hour event. It cost us a fair bit, we had to deal with several different and unrelated transportation meltdowns along the way, and parts were highly annoying, but the overall conclusion was it was completely worth it.

This evening I found this link to a survey for rally participants, to look at who participated and why. At the end are some free-form response boxes for two questions: “Why did you participate in the Rally to Restore Sanity?” and “What did you get out of it?” I started writing and found my responses were turning into a blog post so here are my answers.

Why did I go?

I’m tired of loud-mouth talking heads claiming to speak for me, “protecting” me (or my marriage) from modern multi-cultural America or telling me which vague monster under the bed I’m supposed to be afraid of this week. Or worse, claiming sole ownership of the banner “Real American” by virtue of political opinion, religious belief or geography.

The most obvious offenders on that account are currently conservatives. These are the people who have convinced my parents that Glenn Beck would surely have written the Federalist Papers himself had someone else not gotten to it first and to rail at lazy brown people sucking at the teat of tax-funded services while they themselves enjoy Social Security and Medicare benefits.

Their public school and state university-educated children, women in traditionally male professions, can only dream of such things for our future retirements. My sister would love to produce the oft-requested grandchildren if she were not the sole provider for her family and medically uninsurable without her billable-hours based employment and group plan. But that Obama health insurance reform, it will be the downfall of America, don’t you know. That same America their grandparents came to with hardly a penny to their names, demonized by previous generations of immigrants from elsewhere and many dying of preventable causes that because of government-funded research we now have ready solutions for.

There are a lot of difficult problems to solve in this country, but partisan bickering and stonewalling are only wasting hot air burnishing credentials with one’s friends, not saving one person from dying of preventable disease or ensuring one child’s education. Can we do everything? Of course not. But the loudmouths on the fringes and those pandering to them will not even try if it would mean missing an opportunity to make a political point at the expense of their enemies.

I could have participated in a local event but I am fortunate I currently have the resources to travel. (I remember all too well the times I didn’t.) I don’t want to be an activist, I’m just a modest someone going about her business but have found that I am forced by my anger into that role just to find a way to live my life on my own terms. I went to be counted, a pissed-off moderate irritated enough to put forth considerable effort to make a point. I also felt it important to go to DC and not just a local gathering in a liberal stronghold that is easily written off as “Look At Those Silly Californians!”

What did I get out of it?

In a practical sense, I got to spend orders of magnitude more time dealing with a poorly-organized and overcrowded transportation system than I actually spent at the event (where I couldn’t hear or see anything anyway.) I also have a big credit card bill I’ll have to pay next month. While I’m taking this survey, I’m watching the archived C-SPAN video to see what I missed.

But I’m a frequent enough traveller that I’m familiar with the potential, right down to the Metro meltdown and multiple cancelled flights. And as a rule, I don’t go to festivals for a reason. But this wasn’t about whether or not I expected to have a good time at a comedy show, or even that I was able to see family before heading back to the airport. (Efficiently combining trips is reasonable, you know.)

The organizers denied this was a political event, something I disagree with. It was not partisan but it was certainly political. Hundreds of thousands of people, many more if you consider those who could not make it to an event, saying “I’m tired of the Crazy and I’m not going to let you pretend to speak for me any more.” I got to be there to be part of that statement. If it’s true that “90% of life is showing up” then this was important enough to me that I was going to do whatever I could to show up. Yes, I was there. Yes, I was counted. I was disappointed that the crowd was so dense that nobody could see my height-challenged self holding a cleverly-made sign, but whatever. The rest is irrelevant.

A bunch of new hardware arrived this week, including my iPad. It’s rather handy while I’m sitting here for migration assistant to finish moving a ton of stuff to the new laptop. So I downloaded the iPad word press app to see what it is like. It had no trouble setting up access to this blog, but is unhappy with spinnyspinny. Right off I can see the utility of being able to manage my blogs this way, but doing all this typing with the on-screen keyboard is no fun. If eventually Apple adds a dvorak keycap I might have a hope of typing normally but without that it’s major one-finger time.

WordPress isn’t letting me do what I want with the pictures so I have created a separate page for images:

http://feorlen.org/haiti/index.html

No, we are not going this time but folks from Inveneo are. We have been working all week to get ready. I’ve been posting what I’m doing on Twitter and I’ll be posting some of the pictures I’m taking around the office here.

http://www.manresarestaurant.com/

This weekend we went to Manresa, as guests of our friends for their wedding rehearsal dinner. This sort of thing is typically as much as I ever get of “Fine Dining” as we usually either cook at home or grab something from a nearby taqueria. (I recently mentioned to someone “I’m not sure the last time we ate anywhere that even takes reservations.”) But I do vaguely stay informed of trends, mainly to see how I might apply them in my own cooking. So you can take this in the context of someone who cooks, but is not a hardcore restaurant-visiting foodie. I had never heard of the place, and indeed it was the second choice for our hosts as the other restaurant had suddenly gone out of business. From looking at the websites of both, perhaps the other might have been a better option for the stubbornly picky eaters in the group, but so be it.

The location in Los Gatos hinted at a certain pretentiousness that I typically avoid, in the same way I don’t hang out in Noe Valley. On some tables there were large arrangements of roses, clearly awaiting romantic dinner dates to arrive. But we were greeted warmly despite having to move the reservation 30 minutes for being late and several in the party obviously uninterested in the suggested business casual attire. Our servers spent as much time as we needed to explain the menu, which was helpful. It was mostly taken up with the groom’s parents, although I was able to inquire about a few things that seemed dangerously dairy-laden. The way it works is once seated you order four items from the menu and they are served in something vaguely resembling a traditional sequence of courses. (I would imagine most people do get salad/soup/entree/dessert or thereabouts, but this is not at all required.)

First arrived the bread, which was a spectacular sourdough. If it wasn’t hearth baked, then that is some mighty impressive oven they must have there to get that kind of result: a touch of carbon on the outside and chewy and moist inside with huge holes. Yes, moist, which is damn hard to get in a yeast bread that has any kind of rise whatsoever. Made me wax nostalgic for my late, lamented sourdough starter. At any rate, I ate a lot of it.

Next were two different items: a strawberry gazpacho and some sort of savory cream made to look like an egg and served in an eggshell. I was expecting an amuse-bouche and thought the gazpacho was it, but then arrived the egg. I noticed our host (who is vegan) had something else entirely. I asked the server what it contained and when I politely pushed it aside she offered to bring a non-dairy option, a grape? granita with flavored soda of some sort. So that was nice (and I liked the granita) although being unfamiliar with the menu I wish I had known I could have requested more explicitly non-dairy options. (Mostly that was not a problem until it came to dessert.)

My first course was sea bream sashimi, with olive oil and seasonings. It was laid out in thin slices to cover the center of the plate in a circle, I have no idea what the little shredded tower of something was in the center (radish?) but it tasted good. I like raw fish. Next was a soup, a puree of greens poured over some vegetables, whole and in pastes, and a mustard sauce already in the bowl. The “mustard cream” had a little dairy in it but not enough to be a concern. I liked the texture of the crunchy sweet corn and getting a little of this and a little of that from the different flavors was fun.

Dillo had a dish of vegetables prepared several ways, cooked and raw that was exceptional. Little tiny vegetables of all sorts, although in the dim light I couldn’t begin to say what most of them were. There was reportedly a fennel bulb that Dillo much appreciated. The cooking broth was made into a foam, which I’m kinda unsure about, but it tasted ok. I understand foams are a hot foodie thing right now, so whatever. The veggies were enough right there. Our hosts, one vegan and one vegetarian, always have this dish. Then he had the lobster with cardoons, pickled green strawberries, foie gras and some other stuff I can’t remember. He wasn’t a fan of the duck liver but we liked the rest. Strawberries in a savory dish was unexpected. The parents of the groom ordered the same thing and were clearly disappointed their plates with a small bit of lobster mixed with other things didn’t come with butter, lemon and a bib.

Next I had roast pork, medallions of what might have been tenderloin with a layer of fat that was crispy and fried on the outside. Like thick potato chip crispy. Fried pork fat is yummy so I really liked that and the meat was good too. Not dry or anything. Dillo had chicken, I don’t remember quite what was with it but he set the chicken skin off to the side of the plate and dangerously close to mine, so it vanished when he wasn’t looking. About now we were really feeling sorry for the staff, who had to deal with the father of the groom sending back his chicken because it was “raw.” And after the second attempt we determined that his idea of properly cooked chicken is grilled until dry so his moist chicken breast was unceremoniously pushed away, uneaten.

The dessert selections were a problem, all of them featured stuff I can’t eat like ice cream and coffee. I ordered the apple dish with the ice cream on the side, thinking that would avoid most of the dairy. Well it came layered like a Napoleon with apple, caramelized sugar and cream. Very attractive, but more dairy than I was willing to deal with. I was able to pick it apart and give Dillo the cream part (swapping it and the ice cream for his beignets) but it was a little messy. Our host had requested something entirely different and vegan. Since we ordered everything at the start, I didn’t know what was going on when I could have more conveniently done something about it. I only found out later that our host had requested basically his entire meal specially made vegan. After all the fuss with the chicken incident, I wasn’t about to embarrass him any further by pressing the subject regarding my dessert. I can deal.

All in all I enjoyed the meal, even if my unfamiliarity with the menu and the chef made a couple things a little more of a surprise than I might have preferred. The portion size was modest, but with several courses plus bread it’s not like I was hungry after. I actually prefer that to having to choose only one thing and even then taking part of it home. (We were staying in a hotel, so this was less than desirable.) I was willing to experiment so I wasn’t intimidated by various stuff I didn’t recognize on the menu. This is absolutely the kind of place where you are there for the experience and to be entertained, not merely to count the nutritional values and see that they add up.

Our servers had everything totally under control, every course came out together even for a large party and no water glass was permitted to be less than half full. (I will note that the orchestrated service is a little less creepy for those not accustomed when you don’t feel outnumbered by the staff.) They also graciously handled cranky parents, although I would not choose to bring certain people to such a place. Whether or not we go back will depend on a great many other things (this was very expensive, getting to Los Gatos is a big pain and so is a meal that runs late into the evening) but I would be happy to make a return visit. If they were open earlier on weekends I would totally go mid-afternoon, as it was I was grateful to have taken a nap earlier in the day so I could make it past 9pm without threatening to fall over.

For various reasons, I’ve found myself needing to decode email file attachments in base64. (It’s ugly and involves mailx. You don’t want to know.)

Here’s how to do it:


openssl base64 -d -in infilename -out outfilename


from macosxhints.com

More stuff documented so I don’t forget it. Also, this is my manual upgrade process for WordPress. In this case, I’m going from 2.5 to 2.8.

Backup my hacked akismet. I modified it to write a logfile, so I’ll put the old version back in after the upgrade. One of these days I’ll hack up a newer version.

Back up the database for the target site:
mysqldump –add-drop-table -h localhost -u username -p feorlen_org > /my/backup/location/28jun09backup.feorlen_org.sql

Back up everything on the site, just because. (Instead of only the WordPress directory.)

Disable plug-ins from the admin interface.

Copy the install package to the top level directory. Copy to a safe location wp-config.php. Delete the following:

the contents of my wordpress directory
wordpress/include
wordpress/admin

(I have no cache or widgets directories this time.)

Restore the saved wp-config.php.

Temporarily rename my custom named directory to “wordpress” and untar the archive over it. Then put it back. (Because I’m lazy.)

Go to the admin page and follow the directions. Replace new akismet with my old hacked one. Delete that crazy Dolly thing. Re-enable plugins.

Test.

I’ve suddenly found myself running out of fds, which brings things to a screeching halt. For future reference, here are some helpful things to remember.

Check the current settings with launchctl:

www.feorlen.org[feorlen]:/etc$ launchctl limit
cpu unlimited unlimited
filesize unlimited unlimited
data 6291456 unlimited
stack 8388608 67104768
core 0 unlimited
rss unlimited unlimited
memlock unlimited unlimited
maxproc 1000 2500
maxfiles 256 unlimited


change for this shell only:

www.feorlen.org[feorlen]:/etc$ launchctl limit maxfiles 1024 unlimited


Make systemwide changes in launchd.conf:
http://support.apple.com/kb/TS1659

WWDC is come and gone and I’m home with shiny new goodies. I installed Snow Leopard on my laptop during the week and that went well. Exchange support seems to be working and various glitches are (mostly) minor. So I started plotting to upgrade my server.

Talking to some folks in the IT lab, what I got was they have been working on upgrade and migration. That’s nice to hear as I’m always skeptical. Tiger->Leopard was new hardware for me so I just started from scratch, but this time I’d rather not. With the mess that my email has been lately I decided to jump in and give it a try. I was ready for some wonderful automagical upgrade goodness, and to be rid of cyrus forever.

After getting a good, bootable backup I put the DVD in and let it go. I got to the second reboot and there it sat: The cheerful Welcome screen, staring at me for 90 minutes until I finally power cycled the box. On reboot I got more of the same. It’s basically sitting there continuously flushing the firewall rules. So far, I’ve filed the bug and they are looking at some logfiles. And in the meantime, imapd is still crashing.