My Train of Thought Down the Internet Rabbit Hole

Stop #1

While reading Twitter, social network analysis and data jouralism by Alessandro Zonin, one of many articles I found this morning during my first visit to LinkedIn‘s Data Journalism group,

Stop #2

I clicked a link to an obscure book (Who Shall Survive? by Jacob Levy Moreno) cited by the author. I am so grateful for the age in which we live where not only can I instantly go to the 84-year-old primary source without leaving my seat but then send my very own free copy to multiple devices with which I can read it anytime, anywhere.

I love archive.org (home to the WayBack Machine, among literally–and I mean literally in the literal sense–millions of other things).

Stop #1 again

A couple charts in Zonin’s article inspired a couple ideas for my Spotify app but I didn’t know the name of the chart type I wanted to use so I

Stop #3

Googled “types of charts” and, after opening a few results in other tabs,

Stop #2 again

I returned to archive.org and searched for “charts” wondering if there were other really old cool books related to data visualization.

One of the results was Charts On Ciphered Codes by William F. Friedman which is interesting to me in and of itself because I love Edgar Allan Poe who was one of the greatest cryptographers in history but also interesting because the book is in the William F. Friedman NSA Collection. So I clicked it

Stop #4

and saw it is also in the nationalsecurityarchive which, of course, I clicked. Here’s that collection of collections:

nsia.png
Those are just the top results. Look at all that yummy goodness!

Stop #5

 

The National Security Internet Archive (NSIA) above includes, among a giant pile of candy like the Friedman NSA Collection, the NSA Archive.

nsa.png
Am I the only thinking, “What are the Venona Documents”?

That Dept. of Army Technical Manual and a Field Manual that appeared a little further down both reminded me of my best friend from high school and college who collected lots of books that probably creeped most people out. He was not only one of those people with shelves of true-crime novels about serial killers but he also had books he could only find at gun shows like the infamous How to Kill from Paladin Press and an innocence-shattering Department of Defense book on … the title either called it “advanced” or “enhanced” interrogation. He bought this and I saw it in the early 90s, 10-15 years before such a term entered the mainstream vernacular.

Stop #6

So I googled that. First, I searched for “DOD advanced interrogation handbook”. What I find most interesting about these are URLs … I am also so grateful to live in a country were our government is this transparent and the rest of us are free enough to question and criticize our government.

advanced.png

The results often included “enhanced” so I then started searching for “enhanced interrogation” — that auto-populated as “enhanced interrogation techniques pdf” so I used that.

enhanced.png

I opened many of them in other tabs but think I’ll just close those and get back to thinking about things less dark on this Wednesday like … today is my wife’s birthday and my daughter is baking a cake.

Well, I closed all of them except for this one …

charts.png

 

 

Advertisements

My Second Cron Job

Nothing like waiting until the last minute.

I’ve been getting increasingly frequent “renew your Let’s Encrypt cert” emails but the task kept getting postponed because I didn’t have the command(s) memorized and wanted to create a cron job for it but whenever I thought of it, I didn’t have the time or whatever to look it up or do it.

That’s my excuse.

Yesterday, I received the “your cert expires in 0 days” email and promised myself I’d renew it yesterday.

I didn’t.

This morning, I got up and had a faint hope that it expired at an exact time and not just the date. I checked that last email and the gods were merciful. I had a few hours left. Just renewed it and saw this in bright red amidst the bright green:

Encountered vhost ambiguity when trying to find a vhost for but was unable to ask for user guidance in non-interactive mode. Certbot may need vhosts to be explicitly labelled [sic] with ServerName or ServerAlias directives. Falling back to default vhost *:443 ...

I was concerned, especially because it was a particularly important subdomain, but below that I also saw (in the normal bright green):

Congratulations, all renewals succeeded.

I do want to check into that though. I’ll probably be as quick about that as I was about renewing …

I did, however, create the cron job so I wouldn’t have to stress or worry about it in the future. Things to note:

That tute states, “The certbot Let’s Encrypt client has a renew command that automatically checks the currently installed certificates and tries to renew them if they are less than 30 days away from the expiration date.” DO shows a cron task that tries the renew command every single day so if the cert is within 30 days of expiration, it gets renewed.

I know it’s a tiny little command, but I hate the idea of something happening every single day that doesn’t have to. I think running the command bi-monthly is best (“best” meaning it makes me feel like I’m beating the system) so I thought using * * 31 * * would be super-nifty. I thought months with 31 days are pretty much every other month so it would be perfect and I’m so brilliant.

When I drew it on the whiteboard I saw

  • It would have worked for today (Nov 24) because Oct 31
  • It would work for the next renewal in 90 days on Feb 24 because Jan 31
  • Before it hits another two consecutive renewals successfully (Aug and Nov 2018) it would totally miss May 2018 because April has only 30 days.

This concept could still work if I could get it to attempt renewal on the first day of a month following any month with 31 days.

TIL: You can use If statements in UNIX shell scripts.

For now, so that I can complete this task, we’ll just go with the first day of every month.

I’ll update this post once I write the shell script.

Hmm …

Just typed sudo ctrontab -e and saw what looked like an empty file. That command is what I usually see in cron tutorials. I wonder what it does …?

So, while I file that question away in a drawer I may never check, I’ll just edit the crontab file like I did in My First Cron Job post … as I suspected and hoped, my other command is, indeed, there with my new job now beneath it.

cronExperiment

But there are still at least a couple things I want to know.

  • In my first cron job, I indicated a user because one (just one) tute said to and the directions in the file have a column for that. Do I need that? I didn’t put one for my new cron job so we’ll see.
  • In the first job, there’s a command to change directories which makes sense for the file and the scripts in that file. DigitalOcean’s tutorial that inspired my second job/line of code includes /usr/bin/certbot renew but, knowing that I can run certbot from any location, I’m going to see if I can omit that path. The script should run in a few days and I’ll also have a couple more months during which I can experiment.
  • That second command in the job writes the output of renew in a file located at /var/log/le-renew.log but that log file didn’t exist and I haven’t created it. I’m thinking that the command creates the file if it doesn’t already exist. We’ll see in a few days.

I wish I’d noticed where the renew command I did earlier stored any output. The tute states output should have included a line saving debug info to /var/log/letsencrypt/letsencrypt.log and I had already check in that letsencrypt folder to see if le-renew.log was in there. Trying to cd into it as me got me Permission denied and trying as root got me No such file or directory!

So, as I said, we’ll see …

S is for Security

Google‘s gMail security is so amazing. I’ve gotten warnings before but today’s was like, wow.
See a similar previous episode: gMail Security Roxor My Soxor
I’m working on my app and testing an email function for which I was using a temporary gMail account. I uploaded the file to (what was until a few minutes ago) a public GitHub repo with the address/username and password fully visible.
In less than a couple minutes, the red band across the top of my gMail page appeared, telling me somebody in the Phillipines had my password and just tried to get into my account! Immediately, I …
  • Changed the password to that gMail account
  • Turned off “Allow less secure apps” (I had it on while troubleshooting)
  • Added my cell phone number to that gMail account for recovery purposes
  • Upgraded to a paid* GitHub account and made that repo private
  • Changed the database user’s password for that app
  • Setup two-factor authentication for my host’s control panel

*Yeah, security is worth the investment. A point made by the caption, “Think security is expensive? Try [getting hacked].” Click comic below for the source of that quote and the comic.

commitStrip-english650-final

I Am So Ungrateful

Hours and hours today of stuff going right. Things installing easily and working perfectly. Updating huge chunks of code (without testing) without a problem.

Then, after about twelve hours … one little thing isn’t working … and I feel like throwing a tantrum.

Stupid SSL!

Update: Nevermind. It worked fine. It just look longer than my patience allowed for.

They Come in Threes

It’s been quite the week.

Chelsea Manning was released yesterday. Today, Sweden dropped stopped the rape charges investigation against Julian Assange.

I wonder what Edward Snowden is thinking right now.

WannaCry Customer Support?

The two things I know about the victims:

  • They use Windows XP
  • They must pay using Bitcoin

The first thought I have:

Do the hostage-takers provide documentation?

Even if the victims weren’t using Windows XP — which is, of course, pretty telling — most people, let alone someone using Windows XP, have only even merely heard the term “bitcoin.”

Even those desperate enough to pay might quickly and increasingly reconsider as they attempt to learn about, acquire, and use bitcoin. “Diminishing returns,” I would think, will ascend (or, perhaps, “descend” is more accurate) to a whole new level.

My Site Is Secure

Just bought my first TLS/SSL certificate. Feel cool. Like I’ve gone through a rite of passage. Like I’m not an amateur. Also continuing to make php forms and such more secure in the app itself.

Pretty pleased with myself.

Learning TONS. Such as: I need to change references to all my javascript (bootstrap, etc.) so my site can get back to it’s normal, pretty self.