I bought a new printer, the Brother HL-3170CDW (sometimes stylized HL3170CDW, as on Amazon). It’s a small office color laser, with all the doodads (wireless, ethernet, duplex, color). I didn’t really need it, the HL-2070N black and white printer I’ve had for several years now was working fine, but every once in a while I wondered if I’d find use for a color printer. Maybe I was making due with B&W because that’s all that was available, and having a color printer would unleash a creative blast of fancy greeting cards. I mulled it over for a few years, but then the price briefly hit $170 on Amazon. Done.

more...

Amazon has a trade-in program where they buy back electronics (and books, etc.) and give you store credit. If the item isn’t in good enough condition, they’ll return it to you. About two weeks ago, I sent in a Canon camcorder I never really used. Got a credit. Then today I received a package from Amazon. The magic camera elves in Kentucky (where the Amazon trade-in depot is located) turned my camcorder into a Canon DSLR camera. The box even included the camcorder packing slip I printed out and sent with the first package.

I assume the traded in DSLR was found wanting in some respect and on its way home when my packing slip and address got shuffled into the mix. I would forward it on its way, but the only address I have is my address. If it had a lens, maybe I could even use it for a while, but alas it’s only the body. Guess I’ll just stick it in the corner for a while until somebody asks for it.

Reflecting on a metaphor I made the other day. There’s a saying, “When all you have is a hammer, everything looks like a nail.” Thinking about some new users’ experiences with OpenBSD, I think OpenBSD is a lot like a screw, whereas Linux/OS X is a nail. First, they serve roughly the same purpose. They are, from a distance, roughly the same size and shape. You can even drive a screw into wood using a hammer, though it will be a frustrating experience (especially if it’s a machine screw). Once you learn to use the right tools, however, screws are also easy to work with, and maybe a better choice if what you’re looking for is a secure fastener (though I may be biased). OpenBSD generally follows the same POSIX standard as other unix flavors, so lots of things will be similar, but there are differences as well and ignoring them is not recommended.

A personal followup of sorts regarding Bay Area public transit and its solutions. I’m trying to get from the SFO airport to Facebook headquarters. My friend suggests Uber, seriously and repeatedly. Just for giggles, I inquire with the Google Maps what my options are. Take BART to another BART to Caltrain to a bus and hoof it on foot from there. All told, about as fast as the Oregon Trail and with a total fare cost probably approaching my plane ticket. How do people live like this? (How did I live like that?)

Related: A Walking Tour of Silicon Valley.

“Occam’s Razor is pre-Snowden thinking. Like 9/11, Snowden changed everything.” - tptacek

Some thoughts on what it means to be POSIX compliant and why OpenBSD deliberately fails to comply in some cases. For background, I think the POSIX standard is a bit ridiculous, but that’s more about the absurdities one encounters when super strictly interpreting a standards document. This is more about refusing to follow along with even a more even handed interpretation.

more...

I previously described the bcrypt pbkdf. The design is still the same, but yesterday djm noticed a fatal flaw in the implementation. The regress test which I created on amd64 was failing every test on i386. Obviously not good.

more...

The cool thing to do is encrypt all your network traffic. This used to be cool, but it’s even cooler now. I don’t really see much point to encrypting your nytimes.com visits, but I guess some people don’t like others knowing what kinds of news articles they read. (We all know you just read the gossip columns.) Anyway, the downside is minimal to non-existent, so go for it.

But wait! I was reading about The Dictionary of Numbers and got to the downside mentioned at the end. The browser extension was also modifying the text of a bank statement. Ordinarily, I’d say the easy thing is to only use amusing extensions on http, but not https, sites. How does that work in the brave new world of all https all the time?

Used to be https served a dual role as a signifier of serious business. Now it doesn’t, but we haven’t really replaced it. True enough, it was never a reliable signifier, and maybe the best thing to do if running with a dozen funny extensions is use a different browser (profile) for serious business.

I wonder how this affects phishing. When “https is secure, make sure your bank uses https” permeates into the general conscience, does it become “if everything is https, everything is secure“? Does the prevalence of https inspire false confidence in the web or will people learn that https was never a good signal for determining the legitimacy of a (possibly forged) web site?

Happy Canada Day! And almost 4th of July. Some shock and outrage to go with the fireworks. Don’t worry, I’m not entirely serious. The contrarian in me made me do it.

more...

I’m not sure what trickery LinkedIn uses to trick my connections into endorsing me, since they don’t seem like the kinds of people who would do so voluntarily, but LinkedIn never fails to notify me of my ever growing reputation. (I wonder if and how many people I’ve endorsed.) Today’s email was pretty sweet:

I've just endorsed you for new skills & expertise!

Amp expertise is definitely going on the resume.