Author: Simon

Posted on

S/MIME Revisited

This is more of a PSA than anything, but (unsurprisingly), with the lack of interest in general email encryption, apparently no one’s going to step up and offer us free email certificates anymore (why, LetsEncrypt?!).

Previous writeup:

S/MIME Email Encryption

Also, I discovered that Firefox removed keygen support, so you can’t use it anymore for certificate generation.  I missed that memo, and spent some time acquiring my domain-validated certificatewith Sectigo’s support team (being told repeatedly to use Internet Explorer, amusingly), before this detail was mentioned, and I was able to complete the process in Safari (this imports the certificate directly into Keychain, which then requires an export to send to other devices).

The formerly free COMODO (now part of Sectigo) certificates that I used to use now cost $20 per year (although the site now says $16.99, so they must have dropped it since).  Still, not bad, though irritating.  On the other hand, unlike COMODO’s free certificates, I did get actual support when things went awry, so you do seem to get what you pay for.  And, I was happy with their assistance in acquiring my domain-validated certificate earlier this year, so I’ll stick with them for now so long as they offer decent support.

Other than the company merger and the pricing structure change, and the fact that no one else on the internet appears to use S/MIME encryption, the installation at least remains the same on the various devices I use.  So, you know, encrypt away!  Except you won’t, because again, I’m the only person on the internet who appears to use S/MIME encryption.

Simon

Posted on

The Most Nutritious Vegetable

And it comes from a weed

I don’t know if it’s the most nutritious, but it’s certainly up there.  I speak of the humble sweet potato–a vegetable I never much cared for because people have this tendency to make it sweet with molasses and brown sugar.  Yet the vegetable itself I find to be more savory than sweet, and is better complimented with salt and butter.

Of course, salt and butter are not what make them nutritious.  But they are delicious.  So when the victory garden went in, and we decided to experiment, sweet potatoes made the list.

They eventually took over, so they’ll get their own spot next year.  I also learned that I’m terrible at digging them up, as I severed more than a handful before Liz took over.

There were quite a few, although I was disappointed with their size, save the goliath.  Next year we’ll start them earlier.

And they were about the easiest plant to grow.  No bugs ate them, and they required no attention.  I can see why they’re popular across cultures.  Surely some more attention would have swollen the harvest, but at least I can have the satisfaction of using my own sweep potatoes for the holiday dinners.

–Simon

Posted on

Blue Collar Cost

It’s been a while since I added an entry to the Quantitative Philosophy section.  And in light of the recent glass door replacement debacle, as well as my growing experience with home-ownership in general, I have enough information now to present a new calculator: The Blue Collar Cost Estimator!

What is this calculator?  Well, ever notice how what would seem like an affordable project immediately becomes cost-prohibitive when requiring hired help?  So here’s how it works: for any home renovation/repair, input what you think would be the conservative estimate for the raw materials.  The calculator will then add the contractor’s up-charge and account for the cost of labor (which is substantial).  Here’s the formula:

Estimated Materials Cost * 1.45 * 4 = Final Cost

Here’s the logic.  The 1.45x multiplier seems, at least anecdotally, to be the materials’ up-charge.  The 4x multiplier seems to be the labor charge, which inexplicably scales directly with the initial cost of the materials.  I guess they figure the risk of damage warrants greater skill/care?  Dunno.

But that’s it.  Nice and simple.  For calibration, I tested two expenses.  The latest was the door replacement, which I estimated would have a materials cost of $1000.   1000*1.45*4=$5800, the exact amount of the final cost.  We also had a garage door spring replaced, which I estimated at $120.  120*1.45*4=$696, which is pretty close to the $700-ish final cost we paid.

There you have it: the scaling cost of blue collar labor.  Glad I figured out how to install laminate flooring.  The last room I did would have cost us almost $2500.  So try to be handy–your wallet depends on it.

–Simon

Posted on

DNS

Of all the digital glues holding the Internet together, the domain name system is probably  one of the most critical, yet also the weakest.  The current protocol as a whole is unencrypted, and if it goes down, or is interfered with, then that prevents communication to anything not a hard-coded IP address.  But even then, SSL PKI breaks down unless the certificate in question was specifically exempted.  In short, a DNS failure would break the Internet.

And it was exactly that scenario in which I found myself recently.  I, the security-minded sysadmin of the home, had long since switched my DNS provider over to what at the time I determined to be the most privacy-minded and secure: Quad9.  And I never had any issues since.  But I made an error with my configuration: I specified two Quad9 DNS IPs, rather than using a different party as fallback.  And when, for inexplicable reasons, Quad9’s DNS servers ceased to resolve my DNS queries, I found myself offline–sort of.

Certain devices bypassed DNS, notably my work laptop and the Ring cameras.  Liz’s work laptop did not, however, which is an interesting aside in that mine must have a hard-coded VPN IP and hers did not.

But back to the main story.  I had never experienced a DNS provider failure before, and it took some rather lengthy late-night testing to figure out the problem.  Ultimately, I ended up switching back to OpenDNS with a Google fallback–not my ideal configuration, but one I’m sure won’t experience any downtime.

Yet in the end, I’m left to wonder: What happened to Quad9?  The Internet community as a whole offered no information, which I’m sure would have been available anecdotally had Quad9 truly ceased to function.  Perhaps Spectrum was blocking it?  But why would they do that, only to allow me to use other DNS providers.  If forcing customers to user their own, why didn’t they block OpenDNS and Google?

I posit this query to universe.  In the meantime, know that you may have issues with a Quad9/Spectrum configuration.

–Simon

Posted on

Sunflower

I used grow sunflowers back in the townhouse.  It was amusing to see the tops of those giant plants sticking above the privacy fence in that 12×12 area, but the limited space required vertical gardening to get anything resembling a respectable garden, and sunflowers fit the bill.

But when we bought the house, we stopped planting them, for no reason other than all the existing garden space was being used.  But then we tilled up grass for a new garden, and with the excitement of seemingly endless possibilities, sunflowers were thrown into the mix.

Then, as flowers do, they turned to seed.  And sunflowers make a lot of seed.  And squirrels are greedy bastards, but I can’t shoot them in my backyard.  So I harvested the seed.

I’ve tried other tools, but the katana really is the best one for the job

I don’t know what to do with them, so they’re hanging in the basement drying.  Maybe next year I’ll create a sunflower forest.

–Simon