Week ending Sunday 2014/08/17

Monday 09:42 · Hey @duncan climbed on board the private-by-default train: https://t.co/6aUycxpCoV You should too. [Original.]

Monday 10:03 · @hfiguiere Time to fix up t.co/fyJcnhfitW! [Original, responding to @hfiguiere.]

Monday 10:05 · @hfiguiere Much better than nothing. [Original, responding to @hfiguiere.]

Monday 10:06 · @hfiguiere It’ll cost you <$100/yr plus a half-hour of server reconfiguration. I don’t see any excuse not to. [Original, responding to @hfiguiere.]

Monday 10:09 · @hfiguiere Also see cacert.org - but if you don’t think increasing privacy is worth $100, you’ve clearly taken your stand. [Original, responding to @hfiguiere.]

Monday 10:12 · @hfiguiere Huh, you’re right. But for a commercial non-wildcard cert, it’s <$10/yr. [Original, responding to @hfiguiere.]

Monday 10:13 · @hfiguiere OK, your position is clear. Let me revise: Non-nihilists should increase their sites’ privacy. [Original, responding to @hfiguiere.]

Monday 10:30 · @evanpro It’s the economics: Everything we do to increase the cost of surveillance is a win: https://t.co/DQGcnCgGwM [Original, responding to @evanpro.]

Monday 10:30 · @evanpro Removing Web plain-text is very low-hanging fruit with substantial benefit. Why not do that first? [Original, responding to @evanpro.]

Monday 10:33 · @evanpro I agree: blow up the CA biz, shout at vendors for e2e crypto, etc. Am working a bit on Keybase & OpenKeychain myself. [Original, responding to @evanpro.]

Monday 10:34 · @evanpro @kylemathews Absolutely. Especially the second idea. [Original, responding to @evanpro.]

Monday 10:35 · @hfiguiere Yeah, but US judges trying to assert extraterritoriality. They might get away with it, too. :( [Original, responding to @hfiguiere.]

Monday 10:37 · @hfiguiere Hm, I wonder if landscape has changed since then? Because *someone* is gonna blow that biz up, I think, I’d love it to be Moz. [Original, responding to @hfiguiere.]

Monday 10:38 · @TheSteve0 Yeah, but power is asymmetrical. Google could maybe ignore Iceland or even Canada. But the US? [Original, responding to @TheSteve0.]

Monday 10:40 · So, it looks like cacerts.org certs are useless. Is there currently any source of useful free certs? [Original.]

Monday 10:40 · @TheSteve0 I’m sure you’re right. Another argument for stamping out plain-text http: connections. [Original, responding to @TheSteve0.]

Monday 10:43 · OK, https://t.co/MzNLKy2VeV free certs look good enough for most purposes, to me. [Original.]

Monday 10:46 · @evanpro www.ssls.com/ is down below $5 now. But once you’re down in that range, it hardly matters. [Original, responding to @evanpro.]

Monday 10:48 · RT @SRobTweets: @timbray Have you checked out @Firebase hosting? All domains are served over SSL by default https://t.co/wDjIKOfEzm [Original.]

Monday 10:49 · @dstufft I’m highly unconvinced of that. I think the business really needs to be disrupted. [Original, responding to @dstufft.]

Monday 10:52 · @nelsonenzo D’oh, yeah. [Original, responding to @nelsonenzo.]

Monday 10:53 · @reaperhulk In your opinion, is the CA business a healthy one with good integrity? Sure doesn’t look that way from outside. [Original, responding to @reaperhulk.]

Monday 10:54 · @aral Absolutely. But dropping plain-text *increases* privacy. See https://t.co/DQGcnCgGwM [Original, responding to @aral.]

Monday 10:55 · @reaperhulk Yup. I still think disruption would be beneficial (and probably lower prices). [Original, responding to @reaperhulk.]

Monday 11:00 · @bascule Value of removing plain-text is still hugely positive. Worried about the perfect being the enemy of the good. [Original, responding to @bascule.]

Monday 11:02 · @bascule Not sure about “better”, but those are really good ideas that deserve wider adoption. [Original, responding to @bascule.]

Monday 11:03 · @bascule Thing is, any old site can move to TLS in an afternoon at a cost of <$100, and the benefits are significant. [Original, responding to @bascule.]

Monday 11:08 · @bascule Yup. Mind you, an afternoon of sysadmin time probably costs more… [Original, responding to @bascule.]

Monday 11:15 · What is the name of the brain disease that makes PR companies do general email blasts whose subject begins: EMBARGOED NEWS… [Original.]

Monday 11:16 · Hearing considerable buzz that the <~$10 cert services may be cheaper than the free ones when you factor in time & irritation. [Original.]

Monday 11:20 · What @igor said: “Vancouver is Silicon Valley (If You Want It)”: www.igorfaletski.com/vancouver-is-silicon-valley-if-you-want-it [Original.]

Monday 11:24 · @djco Hearing good buzz about namecheap and www.ssls.com/ [Original, responding to @djco.]

Monday 11:26 · @jbminn Yeah. My feeling is, it’s such a soft target that someone’s going to disrupt massively before too long. [Original, responding to @jbminn.]

Monday 11:32 · @alexwh Hah, excellent. [Original, responding to @alexwh.]

Monday 12:21 · @aral I worry about G&FB etc, but I worry about crooks & spooks more. [Original, responding to @aral.]

Monday 13:22 · @pkedrosky Wonder what the 10-year ROI will look like in 2024… [Original, responding to @pkedrosky.]

Monday 14:05 · 5.3-second exposure (accidental). [Original.]

Monday 14:16 · @paulg Absolutely; but liberals are in the minority. [Original, responding to @paulg.]

Monday 14:18 · @paulg This has been on the table since 2002: https://t.co/np6p4aEHHz *sigh* [Original, responding to @paulg.]

Monday 14:18 · @_km Actually kinda puzzled tbh [Original, responding to @_km.]

Monday 14:25 · @_km “shaky hands” is idiomatic. [Original, responding to @_km.]

Monday 14:37 · @giladbu Offer is clear that Right of Return can be compensated away. [Original, responding to @giladbu.]

Monday 14:38 · @giladbu It’d be pretty tractable for Israel, except for the settlers. So sad. [Original, responding to @giladbu.]

Monday 15:17 · [JavaFX LOL] @OpenJDK: JEP 209: JavaFX Scene Builder Update: openjdk.java.net/jeps/209 [Original, responding to @OpenJDK.]

Monday 16:24 · @drinkynet @hfiguiere Based on what I’ve been hearing, unless cost is a huge issue I don’t really recommend StartSSL. [Original, responding to @drinkynet.]

Monday 16:40 · @alexindigo @aral It’s fine to share your v0.5 plaintext site with friends - when you bring in the public, privacy becomes an issue. [Original, responding to @alexindigo.]

Monday 16:59 · I mangled JSoup so you can use it with Android/Studio/Gradle: https://t.co/BJU6WNNMts Best practice for cross-platform Java isn’t obvious. [Original.]

Monday 17:35 · @alexindigo Fair enough; but it’s cheaper than $10/year, or free from StartSSL.com (with a bit of irritation). [Original, responding to @alexindigo.]

Monday 17:36 · @alexindigo Anonymous *publishing* is a whole different problem set. I worry more just now about people who are app/site users. [Original, responding to @alexindigo.]

Monday 20:46 · @nelson Book’s pretty good too. But currently struggling with “The Thousand Autumns of Jacob de Zoet”. [Original, responding to @nelson.]

Monday 23:00 · RT @jricole: “Good Morning, Afghanistan!” Robin Williams entertaining the Troops, 2007 www.juancole.com/2014/08/williams-entertaining-afghanistan.html?utm_source=dlvr.it&utm_medium=twitter [Original.]

Tuesday 10:40 · Having trouble building with Gradle & Studio & recursive fGit submodules? I was: stackoverflow.com/questions/25270646/making-a-studio-gradle-project-build-both-locally-and-inside-another-project [my solution may be insane] [Original.]

Tuesday 10:57 · RT @mattyglesias: Epic @pbeinart takedown of Hillary Clinton on Israel: www.haaretz.com/opinion/.premium-1.610007 [Original.]

Tuesday 11:12 · Not enough of a game-engine weenie to know if I should be impressed by this Obduction (Myst/Riven reboot) teaser: https://t.co/HznEmUQgsc [Original.]

Tuesday 13:51 · @nelson I hear occasional complaints about lag, but only experience it rarely. Found your local community? [Original, responding to @nelson.]

Tuesday 13:54 · @nelson lotsa gay Ingressers BTW. We have a suburb controlled by bears ☺ [Original, responding to @nelson.]

Tuesday 13:59 · @nelson It has happened. Breeders have bred, even. [Original, responding to @nelson.]

Tuesday 16:58 · @joshu I’d say yes; PHP would scare away the kind of quality engineers a startup would like to hire. [Original, responding to @joshu.]

Wednesday 10:18 · WhatsApp says: You are your phone number. Slack says: You are your email address. [Original.]

Wednesday 10:21 · Bitcoin price been sliding steadily, I wonder how far it goes? [Original.]

Wednesday 10:36 · Wired’s outstanding Snowden interview has such high JS-based production values that I can’t read it on my N7. Bad trade-off, I think. [Original.]

Wednesday 10:38 · @nelson Venison for dinner? [Original, responding to @nelson.]

Wednesday 13:32 · Anti-PGP piece: blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html I think that USED PROPERLY, existing OpenPGP infrastructure remains a strong tool. [Original.]

Wednesday 15:10 · miniLock looks interesting: https://t.co/FN2fzq55yH [Original.]

Wednesday 18:53 · I wonder if the people in charge in #Ferguson know that, to revive a useful phrase, “The whole world’s watching.” [Original.]

Wednesday 18:57 · Live feed from #Ferguson: new.livestream.com/accounts/9035483/events/3271930 [Original.]

Wednesday 19:06 · Number of #Ferguson protesters seems pathetically small. [Original.]

Wednesday 19:37 · So I assume a hundred thousand or so angry Americans will assemble in #Ferguson tomorrow? [Original.]

Thursday 08:09 · RT @blaine: Ways to trigger the apocalypse, #65534: force ux designers to work with open source operations hackers. [Original.]

Thursday 08:14 · @amyhoy try typing this info Google whatever site: [Original, responding to @amyhoy.]

Thursday 08:58 · @amyhoy sorry bye. [Original, responding to @amyhoy.]

Thursday 09:45 · Moz folks doing a tweet chat this afternoon about Net Neutrality: https://t.co/mYVJcdGQPX [Original.]

Thursday 21:21 · SpiderOak warrant canary: https://t.co/w2qhZosfDw Super-interesting. Left a comment. I’m dubious: https://t.co/2kKXkTjgiL [Original.]

Thursday 21:27 · @zahra_rene ain’t dead yet. [Original, responding to @zahra_rene.]

Thursday 21:36 · CP Rail is trying to bitch-slap Vancouver city council: www.cbc.ca/news/canada/british-columbia/community-gardens-ripped-up-along-arbutus-corridor-1.2737029?cmp=rss I hope the city gov is talking to really mean lawyers. [Original.]

Friday 08:21 · Dan Geer's Black Hat talk is remarkable, should be required reading for anyone who, well let's just say everyone: geer.tinho.net/geer.blackhat.6viii14.txt [Original.]

Friday 08:29 · @danudey CP is bargaining hard. I'm just hoping the city has a legal club to hit back with. [Original, responding to @danudey.]

Friday 09:13 · @danudey 1) CP have no interest in running trains on that property. [Original, responding to @danudey.]

Friday 09:14 · @danudey 2) This is a real-estate-price negotiating tactic. It’s legal, but shitty and really hurts people. [Original, responding to @danudey.]

Friday 09:15 · @danudey 3) I’m just hoping the city can find a legal bargaining maneuver to inflict pain on CP management/shareholders. I bet they can. [Original, responding to @danudey.]

Friday 10:35 · So weird… there may or may not be a land war going on in Ukraine right now, nobody seems to know. [Original.]

Friday 10:39 · “@hjlow: @timbray everything is not on twitter” [He’s kidding, right?] [Original.]

Friday 10:40 · @al3x …not to mention elevated risk of gun violence. [Original, responding to @al3x.]

Saturday 08:44 · @b_judah reasonably easy to ignore them [Original, responding to @b_judah.]

Saturday 08:53 · RT @rudytheelder: (Capybara & spider monkeys) RT @arealliveghost: I wonder if anyone notices I'm staring at this pic for 30 mins t.c… [Original.]

Saturday 09:47 · RT @jzy: What it's like to play online games as a grownup theoatmeal.com/comics/online_gaming [Original.]

Saturday 15:03 · @BWJones If your camera had a WYSIWYG EVF, there’d be no problem… [Original, responding to @BWJones.]

Saturday 17:19 · @BWJones And the X-T1 better still, I’d say. [Original, responding to @BWJones.]

Saturday 17:37 · @BWJones I am hopelessly seduced by the X-T1 EVF. [Original, responding to @BWJones.]

Saturday 19:12 · @jsundmanus The kittens are WAY cutter than you. [Original, responding to @jsundmanus.]

Sunday 07:21 · More or less every blogger does this too, including me. Hmmmm... https://t.co/tf2DRnJu0P [Original.]

Sunday 07:27 · @BWJones where you say "though" do you mean "because"? [Original, responding to @BWJones.]

Sunday 07:43 · @nelson One assumes so. But not pure text links of course. [Original, responding to @nelson.]

Sunday 08:46 · Hild, by @nicolaz, is a pretty terrific book: https://t.co/ypycpxHaR8 [Original.]

Sunday 09:50 · Huh, I didn’t know about this: https://t.co/hwCAXkSS0K [Original.]

author · Dad · software · colophon · rights
picture of the day
August 17, 2014
· Short-form (350 more)

By .

The opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.