I haven’t owned a Nintendo Console since the SNES. My first reaction when I saw the first Switch promo was: I want one.
The concept and execution here looks great. I haven’t been following the Switch too closely since the reveal, but I’ll be keeping my eye on it.
My main concern is the accessories. Seems like a lot is required outside of what comes in the main box.
Typed on Macbook
I learned just yesterday that it’s possible to share notes (from iOS/macOS’ built-in Notes app) with others via iCloud. I’ve been aware of this functionality in Reminders for some time now, but I’m glad to know that it’s present in Notes as well.
My girlfriend has long maintained a shopping list, and I’ve always needed to defer to her to add items to the list. Now with iCloud notes sharing we’re both able to contribute to the list.
The steps to share a note are super simple:
The party on the other side will see your note, and when tapping on it, the note will automatically open in Notes.app and you’ll have fast syncing shared notes.
If in the future you need to add more people to the list, or remove someone’s access, just tap the plus person icon - people can be added, removed, or sharing can be stopped entirely from here.
Typed on Octopage
Apple is opening its new campus “Apple Park” in April.
Steve would have turned 62 this Friday, February 24. To honor his memory and his enduring influence on Apple and the world, the theater at Apple Park will be named the Steve Jobs Theater. Opening later this year, the entrance to the 1,000-seat auditorium is a 20-foot-tall glass cylinder, 165 feet in diameter, supporting a metallic carbon-fiber roof. The Steve Jobs Theater is situated atop a hill — one of the highest points within Apple Park — overlooking meadows and the main building.
What a fitting tribute.
[via Macrumors & Apple]
Typed on MacBook
A few days I added a Kinesis Countoured Model 110 to my collection. The predecessor to the Advantage and the Advantage 2, this model is over 20 years old.
I got the board for a steal on /r/mechmarket. The seller said the board was not functional, producing only a beeping tone when plugged in. I figured that if all else, even if the built-in electronics weren’t functional that I could hand wire a matrix for it. Much to my surprise, using my PS/2 to USB adapter, the board is fully functional.
The Kinesis is notable for its split design and ergonomic keywells.
ErgoDox derives much of its design from the Kinesis. Given that I’ve been using an ErgoDox as my daily driver at work for some time, using the Kinesis (albiet briefly) has proven fairly easy.
From the side you can see the sculpting of the keywells. At first glance the sculpting appears haphazard, but in using it, the sculpting has proven to be brilliant. Clearly a lot of time and effort went into this design by the Kinesis engineers.
Standard for Kinesis boards of the time, this one has plate mount Cherry MX browns. I’ve never actually had a full board with browns before. They have a decent tactile bump, at 45g they’re light, but not too light. I did notice that they are quite scratchy, a common complaint about Cherry browns.
As I said, the board is over 20 years old. Tag dates it to circa 1993.
The I/O includes a PS/2 port for connecting to your PC, and 2 RJ-11 jacks used with optional foot switches.
Cracking the board open, you can see how nuts the internal electronics are. By my count there are 7 PCBs inside, including the control electronics.
Each keywell has this separated PCB design, terminating in a ribbon cable connected to the ‘main’ PCB.
Each side of the board also has 9 rubber membrane keys. These also terminate in a ribbon cable also connected to the main PCB.
The main PCB contains the keys for the thumb cluster. Each keywell PCB connects to it. The control electronics connect to this board.
The main control electronics are pretty crazy. With jumper cables on several of the circuits. Not sure if this is due to errors during design, or if the jumpers are intentional.
Of course, I can’t leave well alone, so I have modifications planned for this board.
Typed on Blue Alps64
Fixing A Broken Mailserver
By Morgan • February 6, 2017
For two years now I’ve been managing my own email server built on Mailinabox. I first built out the box in the wake of the Snowden revelations. It occurred to me that while Gmail does offer state-of-the-art encryption on their data at rest, it was entirely possible that Google would be subject to NSLs and definitely even mass data collection.
Of course, email never really was designed for security, and unless you’re using PGP on every message it’s possible for anyone listening on the wire to intercept messages as they come and go. Despite this, I felt it was best to decentralize myself - and thus remove as much of my digital identity from Google as possible.
If one’s threat model is a nation state actor there is no perfect defense against that, but it is possible to minimize the attack surface or at least make it a bit more difficult to be attacked or surveilled by being removed from as many centralized systems as possible. Thus, Mailinabox.
Everything was working perfectly until a few months ago - the build of my box predated Mailinbox’s LetsEncrypt integration, so I used an SSL cert issued by Comodo, and later WoSign. It was time to get myself moved off those options and on to LetsEncrypt (and in the wake of news of misdeeds by both Comodo and WoSign that was a good decision), however my box was being stubborn. Even if I SFTP’d into the machine and removed the existing certs, I couldn’t get any new certs to apply.
Digging around the Mailinabox support forums, I found the proper script to invoke:
./management/ssl_certificates.py --force
After that the LetsEncrypt cert was successfully applied, but weird stuff started happening to the server. Where once the status pages would show me all was well, I started getting failures instead. Despite the Status Checks page failing, the box was fully functional.
I let the box continue to run until today - when it finally broke on me.
Once a LetsEncrypt certificate is issued, Mailinabox is supposed to automatically renew the cert every 90 days. Today, my original LetsEncrypt cert expired. First warning was my phone telling me over and over again that it couldn’t connect to the mail server.
I was unable to get new emails on my phone, and my desktop machine was making similar complaints.
First step was to go out to the box’s admin page in an attempt to issue a new cert from the TLS console. In the interest of security, Mailinabox deployments enforce HTTP Strict Transport Security (HSTS), which enforces SSL after you visit an encrypted site for the first time. HSTS is there to prevent a user from being exposed to downgrade attacks. In this case, with an expired certificate it prevented me from initiating a web connection with the site at all.
Next step was to SSH into the server and attempt the ssl_certificates.py script again - foiled! I got an error and it wouldn’t run. The server was telling me it had issues with OpenSSL - this was likely the result of my messing around with the server months earlier trying to force it to get a LetsEncrypt manually.
I hoped that an update would fix it, but unfortunately it did not. Just attempting to run the update to Mailinabox v0.21C didn’t work. Again I was encountering errors regarging OpenSSL.
Time to build a new box
At this point I figured the only resolution was to build out a new box and attempt to migrate/recover all my data. Fortunately there is a guide on how to do that here.
First I ran a manual backup.
cd mailinabox
sudo management/backup.py
By default Mailinabox does daily backups, but it was best to have a totally up-to-date backup. I also went into Mail, Contacts, and Calendar on my local machine and exported everything I had, just in case I was unable to restore from the backup on to the new box.
Then it was time to get the backup off the machine, so I fired up FileZilla and SFTP’d into the box. Per the Mailinabox instructions it’s neccessary to only grab /home/user-data/backup/secret_key.txt and /home/user-data/backup/encrypted, but I opted to backup the entire /user-data/ folder.
I then got started spinning up a new server with DigitalOcean. It was necessary to rename my old droplet to box.missourivalleyambulance.com to box.missourivalleyambulance.com.old. I was able to get the new box up and running quickly, including the Mailinabox install. The setup for this is actually down to a single curl command.
curl -s https://mailinabox.email/setup.sh | sudo bash
After the box was set up and fully configured, I went over to GoDaddy to set up the new IP address. One thing that’s brilliant about Mailinabox is that it hosts its DNS - so the only thing needed on the registrar’s end are the nameserver addresses.
Then it was time to SFTP into the new box, upload the /user-data/backup/encrypted/ folder, rename the existing /user-data/ folder to /user-data-old/ and run the restore command.
cd mailinabox/home
export PASSPHRASE=$(cat secret_key.txt)
sudo -E duplicity restore file:///home/backups/encrypted /home/user-data/
A quick server reboot, and the box was back to its original configuration.
The timing for this failure was quite good actually. My domain was up for renewal with GoDaddy, expiring on 2/10. Since I was doing all this work with rebuilding the server today, I took the time go get my domain transferred over to Hover. I’m just a few hours into being a Hover customer, but so far I’m pretty impressed. Their site offers step-by-step guides for how to get a domain released from GoDaddy and prepped for transfer to Hover. From the time I initiated the transfer until it was complete was just under an hour. Hover even automatically copied over all the nameserver glue records, so there was no fighting with those trying to get DNS working correctly with the mailserver.
It’s funny - when I first got this mail server up and running 2 years ago it took me ages to get everything configured correctly. The whole process took me weeks. The largest barrier was getting the old Comodo SSL cert & DNS up and running correctly as I had no idea what I was doing. Today I experienced an unexpected failure of my mailserver, requiring a total rebuild. I was able to get it all resolved within a few hours. The largest parts of the rebuild today was just waiting for all /user-data/ directory information to transfer from one server to another, and waiting for DNS records to propagate after moving the server to a new IP address.
Typed on ErgoDox Test Board</p