Rubenerd

Congratulations to the OpenBSD developers for the 51st release of their operating system! Download and verify their bootable images here and give it a spin. I’m going to this weekend, and not just because Natasha Allegri drew an omage to one of my favourite paintings for it :).

OpenBSD continues to provide a viable, secure, performant, and efficient alternative to some other open source OSs you may have heard of. Even if you don’t run it directly, we all benefit from their tools and their pursuit of engineering excellence. Their efforts give me hope for the industry.

Today’s Music Monday still tugs at my heartstrings and makes me nostalgic for a place to which I’ve never been.

(My sister’s fiancé worked for a few months in Raleigh and loved it. Maybe I need to add it to the list).

VPNs have been in the news again, which is a nice segue into a few things I’ve been thinking about them of late. Here’s another listpost!

• Web companies informing us that they’ve detected a login from a new location (often due to use of a VPN) sounds like a great idea, but isn’t it also a great spearfishing vector? Hey, we detected you logged in on a site, better click (this fake URL) to verify. If you’d man-in-the-middle’d someone’s network, this would also be the best way to trigger someone to log into a site again so you could steal their credentials.

• Does every network technology have to be an abbreviation?

• I’m encouraged by the growing number of people questioning the simplistic advice that using a VPN solves all privacy and security concerns. People still think Private Mode in web browsers are private though, and on the flip side I’m worried that it’ll discourage people from using VPNs at all. We really need to get better about educating people outside our infocomm bubble.

• VPN is only one letter away from being an acronym with one of the letters changed. Three letters changed, is a phrase with the same number of words.

• IPsec has done as much to hold back secured comms than it’s protected. Emails disputing this will be redirected over an unsecured channel to a null modem cable connected to a SIP gateway serving a fax machine with a broken PDF export tool and toner cartridge.

• I’m surprised how often VPNs are openly advertised as ways to circumvent geoblocks. We all do it, but isn’t it legally dubious and a terms of service violation? I’m also surprised more streaming platforms don’t block the IP ranges of known VPN providers. Perhaps it’s too much of a moving target, or the streaming platforms would rather keep you as a customer and look the other way than enforce arbitrary rules by their content providers.

Jim Kloss asked me a few years ago if I still used the NoScript Security Suite, the Firefox plugin that only permits sites you choose to load dynamic content. I sung its praises here for many years, but I felt the modern web’s reliance on scripting made its use increasingly untenable. Graceful fallbacks are also a thing of the past, so sites will just refuse to load anything.

I’d emulated some of what I had in the past with the excellent uBlock Origin, but the protection still felt leaky. As I mentioned last week, so much of the modern web doesn’t feel distasteful as much as it is user hostile, and it’ll only get worse until there’s a Hail Mary moment in the industry, the entire edifice collapses under its own bloated weight, or when the general population gets fed up. It’s happened before.

Maybe I was feeling nostalgic for the days when I had to go through a laundry list of domains until a site was functional again, but I reinstalled NoScript again over my recent break. It’s… less frustrating than I remembered. Either that, or the benefits of using it outweigh whatever inconvenience it represents again. Maybe the modern web is so awful, selectively-enabling domains in a plugin is a less frustrating experience. That says something.

The best thing its done is disable third-party font downloads, so you don’t get flashes of empty pages before text loads and reflows around the other page elements. You also get a feeling pretty quickly for sites that are carefully designed for accessibility, and those who think fallback is what happens when you lean too far in your chair. Maybe for tired web developers who are told by their managers that such concerns aren’t important, that’s exactly what they end up doing. For those who think fallbacks are a good idea, maybe we should saw off their chair legs.

Your mileage will definitely vary (YMWDV?), but give it a try again if you used it in the past but gave up. You might be as surprised as I was.

I’m sitting at a coffee shop again for the first time in what feels like an age. I’m at their outside tables with the sun on my face, and the nippy morning breeze ruffling my uncut hair! Talk about having a renewed appreciation for what you once took for granted.

The only sign of our times was the barista asking for my Covid certificate. She told me all her customers thus far have been great about it, but I feel for retail staff who may encounter a horse tablet snowflake.

Lockdowns were eased in New South Wales a week ago, but Clara and I decided to be cautious and see how things played out. Neither of us are heading to our respective offices for another few months, and we’re avoiding large gatherings. It might be overkill given the vast majority of the population are now vaccinated, but let’s see.

I did a macOS software update recently and was greeted with a Relocated Items.nosync folder on my desktop.

Inside was a PDF explaining what it was:

During the last macOS upgrade or file migration, some of your files couldn’t be moved to their new locations. This folder contains these files.

These configuration files were modified or customised by you, by another user or by an app. The modifications may be incompatible with the recent macOS upgrade. The modified files are in the Configuration folder, organised in subfolders named after their original locations.

To restore any of the custom configurations, compare your modifications with the configuration changes made during the macOS upgrade and combine them when possible.

There was only one affected file: /private/etc/shells. I’d echo’d the path of the OpenBSD portable Kornshell from pkgsrc into it so I could use it as my daily driver, because I’m a gentleman.

The notice above had me believing they’d replaced my config, but instead they’d retained my original file and put their desired changes into the relocated folder. A quick diff, which sounds more like a band name, showed:

12d11
< /opt/pkg/bin/oksh

I think I’ll be fine keeping that.

I use week numbers for all sorts of things. It gives me more granularity than a month, and they’re more accurate for certain use cases. For example, people assume a month has four weeks, but 48 leaves us four weeks short of the 52 weeks in a year. Renters and mortgage payers know all to well the fun of realising a specific month has three payments, not two.

(As an aside, that’s yet another reason why envelope budgeting is great. Before I required any tenancy agreement I signed to be paid monthly instead, I’d average out the cost of rent over twelve months and keep that extra in the “rent” envelope, so I’d never be surprised when those triple payment months appeared).

That uncharacteristically verbose introduction aside, this is how you can calculate the current week number from an epoch or existing date:

=WEEKNUM(A1; 21)

I was confused why this wasn’t returning what I expected when I didn’t include the second parameter, but WeekNumber.com explained:

21 is a code that identifies ISO week numbers among other week numbering schemes.

Boom.

From Kronii’s latest Minecraft stream. I can relate… all too well!

Friend of the site and coffee blogger James Gallagher emailed a month ago (thanks spam filters!) with a new project he’s launched: IndieWeb Search.

It’s a search engine for independent websites (mainly listing people who participate in the IndieWeb community, but others are listed too).

For all my talk of independent and small-scale writing and syndication, I haven’t got anywhere near as involved in the IndieWeb as I should. This looks to be another great resource; it’s now in my daily websites list :).

People who read dreams, maybe you can help me out.

According to my journal last night, I had a dream in which I felt cheated that a bar of Dove soap I’d purchased didn’t have the characteristic dove logo stamped into it. I packed some boxes in disgust for some reason, but was barred from leaving the apartment on account of our front door being jammed. I tried breaking it open with a crowbar, but then I heard a bookshelf collapse, and became distracted over how I’d explain to the landlord why we’d painted the ceiling blue.

Upon waking up for my morning coffee run, I noticed our shoe horn stuck into the side door jam, and a freshly unpacked bar of soap in the sink. I’d have jumped out of my skin if the energy was forthcoming.

As an aside, I had to look up what the various parts of a door were called, and stumbled upon this excellent article by Marvin:

If you’re embarking on a door replacement or new build project and you’re overwhelmed with all of the technical terms, we’ve got you. This post breaks down all the parts of a door so you can understand the terminology and how all the parts and pieces come together. Understanding the basic parts of a door makes it easier to talk with contractors and dealers to choose the right door for your project.

For example, did you know the bar between a sidelight and a door is called a mullion? Doors are great, they let you enter a room that would otherwise be inaccessible with just walls.

Another interesting fact would be, if one were included here.