Mostly about my amusement

Author: Jan Dembowski (page 8 of 96)

sed to the rescue again

Some days you just want to quickly edit a bunch of config files in one go.

One of the reasons I use Ubuntu LTS is that it’s got long term support (<light sarcasm>is that why it’s got LTS in the name?</light sarcasm>) and I make configuration templates that I just reuse in all the places. Poodle was announced and the short of it is that you need to disable the SSLv3 protocol on your web server.

No big deal. Visit your sites-available directory and change “SSLProtocol All -SSLv2” to add “-SSLv3” at the end. 17 times.

*Drinks more coffee and makes that face*

Or you know, run this command after checking you have “SSLProtocol All -SSLv2” in those mod_ssl config files.

sed -i.bak -e 's/SSLProtocol All -SSLv2$/SSLProtocol All -SSLv2 -SSLv3/g' *.conf

The -i.bak is to create unedited copies because bad things do happen to nice people.

Once I made sure that the files were edited I ran these commands to restart the web server and test.

service apache2 restart
openssl s_client -connect blog.dembowski.net:443 -ssl3

I promptly saw this line.

140496364975776:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:

And all was right in the world. I deleted the .bak files and finished my coffee.

This time it’s not the phone company’s fault

Around 8 AM Sunday my dial tone went “Buh-By!” and none of my phones worked. They were getting juice but no dial tone. I have Verizon FIOS and called the support line on my cell phone.

The phone company put a box on the outside of my house so with the tech on the line I disconnected my house and plugged an old phone into the test jack. Instant dial tone. Swell.

What’s wrong with my house phone cabling? Well… what’s not wrong with it?

Dad and I used to run phone and network cabling for contracting jobs and Dad would always run the cables to a closet. Each of those runs were terminated on a 66 block. Dad never liked the 110 block, he was an old timer that way.

When we cabled up my old house we did the exact same thing: straight run to the basement closet for each line, terminated on a 66 block. The phone company was on that block too and a few punches later and the whole house worked. The network cabling went the same way and the hose phone closet was an organized thing of beauty.

Not so much with this house and the closet is a horror show and somewhere there’s a short. There’s no block mounted and all the phone lines are twisted together. I’m going to have to run new cable and that’s going to mean cutting holes into some walls. This is going to suck wind loudly but maybe I can use this to finally wire up the second floor as I wanted to for years.

“If anyone else drives the car, we will impound it.”

Nice blog post title. That’s the memory that sticks out from my Dollar Rent A Car experience. It turns out that Lily and I do not react well to being treated badly when doing something innocuous like renting a car. I’ll explain.

Oh, and if you do rent a car? Call your insurance company and credit card first. You may not need to pay for extra car insurance from the rental company.

VIVA LAS VEGAS!

Recently my family went on a vacation to Las Vegas. Our flight was delayed so we arrived about 1 AM New York time and everyone from the flight was tired.

McCarran airport organizes its rental car companies offsite and we took a quick shuttle bus to the location. When we got to the Dollar counter the gentleman pulled up our reservation, looked at our ID, credit card, etc.

Soon we got down to brass tacks.

Him: “Which of these insurance plans do you want?”
Me: None of them, thank you.

The plans were arranged on a card like so.

  1. Buy this one! This one! Me! Be safe! Safest!
  2. Meh. OK then, suit yourself. But I hope nothing bad happens for your sake.
  3. You. Cheap. Bastard. You suck. See if I care.

You get the idea. The minimum plan was an additional $25 per day that we didn’t need.

Him: “What? What? You are going to drive the car with no insurance?”
Me: We have that covered via our car insurance and the credit card.

Did I mention that Lily and I have traveled before? Not our first time at the rodeo.

The credit card I used covers almost up to the KBB value of the rental car and that’s a secondary insurance. With our main auto insurance it covers more; we called both companies and checked.

Him: “Where are you from?”
Me: New York.
Him: “Well, this is Nevada, not New York. It’s different here. Your coverage doesn’t work here.”

Gee, thanks buddy. I thought we were in Newark, NJ. I’m sure you know what you are talking about.

This led to more scintillating conversation where both my wife and I were treated like idiots. The rep behind the counter kept interrupting us, explained to us repeatedly that we had to select and buy an insurance option from him.

Him: “You are going to rent this car without insurance??”
Me: No, we have-
Him: “Do you understand that if ANYTHING happens to this car we will come after YOU?”
Me: I expect that-
Him: “Are you prepared to replace this car?”

Seriously, that happened. I get that they feel that they need to “inform” the customer. But I work in support too and that’s never an appropriate way to talk to people let alone customers.

Me: So, you are refusing to rent us that car?

Now that sped things up. He began to angrily process our reservation. Honestly, he was acting like we were stealing food from his family.

Him: “Who is going to drive the car?”
Me: Just me.

And that’s when he said it. I’ll just make this a little bigger to stress that.

impound-the-car

I snorted out loud at that one. For a second I really wanted to get into it with this malcontent and ask “Even if I use valet parking and how would you know?” but we were wasting enough time. We didn’t come to here to spend time with Dollar Rent A Car.

I do all the driving on vacations. I like to, it’s not really a problem for me. I would have preferred to have added Lily as a driver but I didn’t want to prolong this any further.

While waiting for my papers I did shoot off this tweet.

Twitter is a good venue for complaining.

Hello? Dollar Rent A Car? This is not how you ever treat customers.

It’s just a car rental. While that may be a big deal for a car rental company, it’s only something I do maybe once a year. And I did accept and drive off with the car so I wasn’t mortally offended.

Next time I need a car? There’s no chance that I’ll even consider Dollar again. It’s not that I think Dollar a “bad” company but after that first impression why would I ever give them my business or recommend them to anyone?

When I’m the customer you only get one pass at me with your stunning ignorance and bad attitude.

No more @import for me

Well, at least not for current WordPress child themes.

I like child themes and always recommend that people use them instead of modifying any WordPress theme directly. Using a child theme makes your changes belong to you and they won’t get erased when the original theme gets updated.

I’ve told people to use something like this in their child theme’s style.css file.

/*
Theme Name: Sorbet Child theme for Mostly Harmless
Theme URI: https://blog.dembowski.net/
Description: Child theme for the Sorbet theme
Version: 0.1
Author: Jan Dembowski
Author URI: https://blog.dembowski.net/
Template: sorbet
*/

@import url("../sorbet/style.css");

/* Start your custom CSS after this line */

See that @import line? That had previously been required if you wanted to inherit the parent theme’s CSS. At the moment my child theme does not have that @import anymore and instead I’ve created a functions.php file with these lines in it.

<?php

function mh_sorbet_child_style() {
        wp_enqueue_style( 'sorbet-parent-style', get_template_directory_uri() . '/style.css' );
        // wp_enqueue_style( 'sorbet-child-style', get_stylesheet_uri() );
}

add_action( 'wp_enqueue_scripts', 'mh_sorbet_child_style' , 5 );

Which really is a more WordPress way to do it. I added a function mh_sorbet_child_style() where I first queue up the parent theme’s style.css and then queue up the child theme.

Notice how I commented out the second line? The parent theme already queues up the current theme’s style.css file and in my case that is sorbet-child/style.css. In my child theme I do not need to queue it a second time as it’s not necessary.

But I do want to ensure that the parent theme is queued up earlier than the child theme CSS. That’s why I add the wp_enqueue_scripts with a priority of 5 instead of the default 10. That should always load the parent CSS first. If the theme does not queue up it’s style.css that way then I would un-comment out that line.

Just as before, any new CSS will go into my child theme’s style.css file.

 

OK, no more Xmarks for me

I like the idea behind Xmarks but there seems to be something I am doing that’s just not working.

Here’s what I’ve done.

  1. Installed Xmarks on all of my browsers. For Internet Explorer this meant a small system tray app.
  2. Made one set of bookmarks the Master To Rule all of My Bookmarks™. I did that once and confirmed that Xmarks has those bookmarks via the My Xmarks page. Neat page BTW.
  3. Synchronized all of my browsers. The first time I selected “the download and erase bookmarks on this browser” option.
  4. Bookmarks are synchronized! Sweet.

A few days later I started losing whole sections of my bookmarks. Not so sweet. Fortunately Xmarks has a great revision system and I was able to roll back to the set I wanted. Repeatedly. Sometimes more than once an hour.

I think the culprit is Chrome but I just couldn’t get the darn thing to behave. I’m sure Xmarks is not at fault, It’s just that one of my browsers never attended kindergarten and doesn’t know how to share with the other kids.

I’m back to manually synchronizing my bookmarks which isn’t a big deal as I don’t add to them that frequently. For Firefox I’m using Mozilla Sync which has developed into a nice option from years ago. For that browser it just works and also synchronized my add-ons, preferences, etc. For Chrome the bookmarks are shared using the Great Google Data Collection Experiment™.

This may have been why I stopped using this software in the first place. Meh, back to sorta syncing my bookmarks at least in Firefox and Chrome.

What if everyone felt this way and talked about it?

This past week hasn’t been an easy one. The world lost a charming, well-loved and talented man. This has inspired people to talk about depression and how it affects all of our lives.

Why don’t people talk about it? Because it’s personal and when it happens to you it sucks and hurts. But what many people are not aware of is that they’re not alone. It happens to a lot of folks and everyone shouldn’t feel like help is not available. It is and you can get support.

Years ago I was catching up with a friend on the phone and somehow I had said this:

I’ve forgotten what it feels like to be afraid.

I meant it too. I had a great job, my family was doing well, my commute was easy (work was a 10 minute drive away). At that moment on the phone I could not remember the tenseness, the dread, the fear of doing everything wrong at work and in my personal life.

I remembered those times but I could not remember at that moment what it felt like. It was gone and I was finally relaxed and at peace. It made me nervous but that was OK.

Less than a year later I called Lily on a Friday just before noon and said how sorry I was but I needed to quit my job immediately. It was not working out for me and without getting myself into trouble I can say that some people do not deserve the label “human being”.

Lily’s response was exactly as I had hoped.

It’s fine, it’s going to be alright. Don’t worry just do what you have to do. It’s OK.

Support is important and it counts. I resigned and was granted the next 2 weeks off paid. Some of the people I dealt with were raised by a family after all.

I had to quit. Normally being depressed makes a situation worse but for many months at work I was feeling trapped. I became short-tempered, I was eventually talking to myself in front of Lily (thankfully just her I think). I began to respond to everyone either defensively or with outright hostility. I came down with shingles.

Walking away was the start of my dealing with my problem. After a short 30 day break I found new work. While it’s not always flowers and sunshine, it’s good and I’m lucky to be in that environment where I can contribute positively.

That’s how depression is for me

It’s that unreasonable fear and sadness about everything I do. Sometimes it’s from a bad day or it comes for no reason at all. It’s being angry at myself and eventually others. It’s being frightened all the time and it feeds itself in a sick loop. Sometimes it stops me cold. It’s not always there thankfully, and usually it’s delivered in small doses and I cope with it. When it really hits hard I can’t get a thing done.

I deal with it by relying on my family and friends especially Lily. I do reality checks all the time. I have to as sometimes someone will say a word to me and I’ll need to step back and realize that they didn’t mean to upset me.

When I don’t deal with it I lash out at those near me. I treat others badly and I become ashamed.

Help when you can even if you don’t understand

People who are dealing with this aren’t bad, or weak, or anything. They need help and support. My support is my family and it works for me. I hate using this phrase, but for me this is not that bad.

Some aren’t that lucky and hurt themselves or others. If you suspect someone is dealing with this try to be supportive. Even an “Are you OK?” can help turn it around and your support means the world to people. It’s a dialog and if that doesn’t work then just being around can make it better.

If you are going through this then it’s OK. You might not know it but you are not alone. Others are coping and getting support and that can happen for you too. It’s hard but talk to someone about this, write about it, put it down on paper. Consider seeing a doctor. It just may help you cope and you can begin to feel better.

Feeling better even in degrees is a great relief and no one should deal with this alone.

Wash, rinse, repeat kitchen faucet edition

A week or so ago my kitchen Delta faucet slipped on its mount and refused to go back. The faucet was held in position by 2 wimpy 8th of an inch plastic tabs. I have 2 kids and you know what happened. At least it lasted 3 years.

Last Saturday I got a new Kohler replacement as I like to give new companies a chance. The faucet mounted fine but it sprayed everywhere and washing dishes as like washing them in the rain. It’s not adjustable enough and I’m returning it.

I’ve just installed a new Delta faucet and it gets the Dembowski Household Seal of Approval™. It also has the same wimpy plastic tabs to hold it into position so in less that 3 years I expect to do this all over again. Delta has a lifetime warranty and I plan to speak with them about the last faucet.

I am so keeping the box and all the parts for the new one.

I may have broken my Feedburner feed

After I converted my WordPress install to 100% SSL I noticed that my own feeds in Tiny Tiny RSS were not updating. Years ago I forwarded my RSS feeds to Feedburner and 301 redirects from https://blog.dembowski.net/feed/ https wasn’t working.

I can’t even remember why I used Feedburner. I’m pretty sure I turned it on in a moment of “What’s that button do? *Monkey pushes button*”.

I’ll keep testing but eventually I’ll disengage Feedburner and just use https://blog.dembowski.net/feed/ instead.

Edit: This work around seems to fix it.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} blog.dembowski.net [NC]
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/feed/$
RewriteCond %{REQUEST_URI} !^/index.php$
RewriteCond %{QUERY_STRING} !^feed=rss2$
RewriteRule ^(.*)$ https://blog.dembowski.net/$1 [R=301,L]
</IfModule>

The part starting at line 5 is where I added conditions so that the SSL 301 redirect will be ignored.

Why not use SSL and be done with it?

On the Internet there has been talk about Google and SSL based web sites. Apparently you may get a small boost if you switch to https. I myself doubt that (I’m jaded that way) and the additional SSL math will slow down busy sites a little. But I don’t get enough traffic to care really and I do like to play. This seems easy enough to do.

I Like Server Based Solutions and I Cannot Lie

I use WordPress multisite and on my web server I have a valid SSL certificate installed. I’m already using Apache’s mod_substitute to modify https://blog.dembowski.net/ to https: before it get’s sent to the browser for my SSL site.

Why not switch to SSL and be done with it? I could have used a tool to change all the WordPress database references to https but I’m running multisite and I wanted to be a little more site specific so I added this to my .htaccess file above the WordPress part but below the “Get Lost, I don’t like you” part.


<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} blog.dembowski.net [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://blog.dembowski.net/$1 [R=301,L]
</IfModule>

So far it hasn’t broken anything and is limited to my this one and not the other sites. I’ll keep an eye on it but there’s no reason for me not to leave it that way. I like server based solutions but for other people a HTTPS plugin may be an easier way to go.

The only downside is that I will need to maintain my SSL certificate but I plan to do that anyway.

So this means I wear a tin foil hat?

Not really but it does mean in most cases people visiting my site will get the traffic encrypted between my site and their browsers.

*Adjusts Tin Foil Hat™ and skips conversation about  SSL transactions and man in the middle interception*

It’s more a concern that someone will have some key logger or other hack installed on their machine.

Sniffing unencrypted data on the Internet is easy. Doing so for encrypted SSL traffic is more difficult. It would require the Bad Guy or Spook to have access to the private certificate issued by the certificate authority. Or exploit a server bug and harvest the SSL private certificate from the web server. That would never happen right…?

If your interested in how it all works then start with this Wikipedia article on TLS. This Digicert article is good too and may be easier reading. In the meanwhile anyone coming to my site will get redirected to the SSL based version.

That was a short walk and I installed Xmarks

When I switched the laptop back to Firefox I bemoaned the lack of being able to synchronize my browser’s bookmarks with each of my other devices. That was on the list for why I used Chrome in the first place:

  1. Shared passwords
  2. Shared history
  3. Shared bookmarks
  4. Participating in the massive data collection experiment known as The Great Google™ BOW BEFORE THE DATA COLLECTION MONSTER!

That last one always made me tighten my tin foil hat just a little.

Shared passwords are easy with 1Password. I set it up to synchronize with Dropbox, picked a reasonably complex password that I can remember and just go. I have my passwords on Windows, Mac, my Android phone and the iPad. It doesn’t work with Linux as far as I know but I always have my phone with me and it’s all good.

Using Xmarks covers the other items and it works well.

I use it to synchronize my bookmarks and history but I turned off the other add-on items like site info. This shouldn’t surprise me as I’d used this tool before and I still can’t recall why I stopped using it (though it might have been because it shutdown for a while).

It works in the background and with those other features disabled it’s really transparent and unobtrusive. That’s good software design: it performs it’s job and gets out of your way. Cool.

I could setup my own server to sync with but I don’t think my bookmarks are really that telling. That doesn’t mean there is not a lot of good social engineering potential in my bookmark data: it’s just that I’m already tracked one way or another by the Great Google Monster™ so Xmarks isn’t high on my list to be concerned about.

Featured image photo by B Rosen