Joining the ranks of bike share programs in other cities, Indego is Philadelphia’s version. The basic concept is the same and pretty simple. You check out a bicycle from one of many kiosks located about the city, ride around, then return it to an empty dock when done. The program is manufactured by B-cycle but owned by Philadelphia; it’s similar but not identical to programs in other cities, such as Austin or Denver.
more...
This wasn’t the post I intended to write today, but then I noticed that the certificate for www.tedunangst.com had expired, and repairing that became a prerequisite for getting anything else done. At the time, my first snarky thought upon discovering Firefox wouldn’t let me connect to my site anymore was “Oh, hurray, don’t I feel safe.” Then I went through the update nonsense and thought a bit more seriously about it.
more...
The first book in Lev Grossman’s magician trilogy, The Magicians, is one of my favorite books. Its two sequels, The Magician King and The Magician’s Land are not.
more...
Some people were hanging around Michael Lucas’s table at BSDCan, and the topic of conversation turned to Tarsnap. (Lucas has a book about it.) Each person went round the circle and said they were happy to pay Colin for his service, but when it was finally my turn I was forced to admit that while I would pay for Tarsnap, I found a bug and so, thanks to the bounty, it may be more accurate to say I get paid to use it.
more...
Notes and thoughts on various OpenBSD replacements and reductions. Existing functionality and programs are frequently rewritten and replaced for the sake of simplicity or security or whatever it is that OpenBSD is all about. This process has been going on for some time, of course, but some recent activity is worth highlighting.
more...
The Netflix blurb for Hot Girls Wanted promised to spotlight the amateur porn industry and the women it exploits. I was expecting something along the lines of a traditional documentary; lots of interviews, investigative reporting, some slide shows. Instead, it’s more Real World style, with a camera crew following a group of women around and observing their lives. There are some fact slides presented during scene transitions, but for the most part very little of what happens is deliberately directed at the viewer.
more...
From Time’s surprisingly healthy snack foods list.
Is the implication that corn fed beef jerky requires artifical preservatives? What makes grass beef so naturally resistant to spoiling?
I presented a talk about signify at BSDCan on Friday. It went really well; during and after the talk many people told me I was wrong.
more...
This weekend BSDCan 2015 was held at the University of Ottawa. I was told it was the biggest, bestest BSDCan ever. Certainly, there were a lot of talks, giving rise to a four track split. Personally, I think that may be too many. Some of the best conferences I’ve attended have been two or even one track. To the credit of the organizers though, they did a great job of splitting up talks such that I was rarely in the position of having to choose between two talks I really wanted to attend. Some talks were about new developments, which I’m interested in, some talks were about system administration issues I’d really rather not know anything about. One of the consequences of multi-tracking though is that the OpenBSD people go to the OpenBSD talks and the FreeBSD people go to the FreeBSD talks, etc., making it less of a BSD conference and more like an OpenBSD conference and a FreeBSD conference running side by side. Fewer tracks would mean more forcible cross attendance. But it’s a minor quibble. BSDCan has become a victim of its own success.
more...
I generally like my iPhone. I think it’s fairly secure, and Apple seems pretty motivated to keep it that way (even if they don’t have the purest intentions, caring perhaps more about jailbreaking than my safety). But the way the way they go about releasing security fixes is terrible.
Highlighting two lines from a preview of iOS 8.3. First:
“As always, it’s a good idea to wait a few days to see if the update causes any problems.”
Sound advice. My phone is pretty important. I don’t like when it doesn’t work.
“As always, the iOS update includes a slew of security fixes.”
Cupertino, we have a problem.
I figure 24 hours is about the amount of time it takes from a security patch to be released until weaponized exploits show up. After that, if you’re not patched, you’re living dangerously, depending on the nature of the bug. Bundling new features with a high risk of regression with security fixes means users wait to upgrade.
The iOS 8.3 update is 280MB. It can’t even be downloaded over the air, only via wifi. Security patches are important enough that they should always be made available separately. Then I could download them, even OTA, without fear of regression.
What aggravates me most is that this is business as usual. As always. We’re training people not to patch. Users should be embarrassed to admit they’re running unpatched software; instead it’s regarded as the prudent choice.