New Host & DNSSEC


A week or so ago I moved this site from its previous host to, an outstanding web host in Phoenix that has a very libertarian outlook on free speech. The “nearly” in their name refers to the fact that you need to pay for hosting. There should have been minimal disruption, and all posts, images, comments, etc. have been transferred over with (as far as I can tell) no problems. If you do find any problems, please let me know.

As a result of the move, the site is now available over HTTPS to those who wish to read over a secure connection. All parts of the site, including the RSS feed, are available over a secure connection. In addition, I’m using Public Key Pinning to reduce the possibility of someone spoofing the site when its viewed over a secure connection. Of course, everything will continue to be available over standard, insecure HTTP for the foreseeable future: I’m simply providing more options to those who are interested.

In addition, is now DNSSEC-enabled. If your internet provider or DNS resolver support DNSSEC (Comcast and Google Public DNS, for example, do. Others vary in their support.) then you can be reasonably assured that when you visit this site it’s authentic and not spoofed. If the site is being spoofed (unlikely, I know) and your ISP/DNS resolver supports DNSSEC, for your safety the domain simply won’t resolve. If your ISP or DNS resolver doesn’t support DNSSEC, you’re no worse off than you were before; you simply won’t get the additional assurance that DNSSEC provides.

In short: if you want, you can read the site with a higher assurance of security than you could with most banks. If not, nothing’s changed. I just like geeking out.

You’re Not Helping

The new Fox & Friends host, Elisabeth Hasselbeck (formerly the lone conservative on ABC’s The View) suggested during the Tuesday morning show that “the left” was trying to make Monday’s mass shooting at the Washington Navy Yard about “gun control.” Instead she pointed out that the country doesn’t need a national registry for guns, it needs one for to [sic] track video game purchases.

– GamePolitics

As a gun owner and a gamer, I find remarks like this to be firmly in the “you’re not helping” category. Millions of people in the country (and many more all over the world) — including myself — enjoy playing video games, including those with violent content. The vast, overwhelming majority of gamers are ordinary people who go about their lives without harming anyone.

Is there some overlap between violent madmen and those who play video games? Almost certainly, just as there’s some overlap between violent madmen and those who use toothpaste, watch movies, hold particular religious beliefs, listen to certain musical groups, hold a specific political view, etc. However, as far as I’m aware, there’s no conclusive evidence that any of these things have a causal relationship with violent outcomes.

As fellow gun-rights supporters have pointed out, violent crime rates have dropped over the last few decades while the number of privately-owned guns has increased. Over the same time period the sale of video games, including violent ones, has also increased as has their realism and detail.

Blaming video games for violent crime is a bold claim. Is it possible? Perhaps, but if I may quote Carl Sagan, “extraordinary claims require extraordinary evidence.” Such evidence is not forthcoming. Making unsupported claims of this type is silly, counterproductive, and makes gun-rights advocates look absurd by association.

IPv6 Enabled

I’ve enabled dual-stack IPv6 and IPv4 connectivity on this site. There should be no problems, but if you experience any please let me know.

CloudFlare Testing

I’ve decided to test CloudFlare service on my blog.

It’s basically a DDoS-resistant caching service that should increase page loading speed for visitors.

In addition, it also detects potentially malicious traffic (ranging from spammers to botnet members) to the blog and will block them with a “challenge” page that describes why they were blocked and offer a CAPTCHA to proceed. While it’s supposedly quite good at not blocking legitimate users, it may inadvertently challenge ordinary visitors. If this occurs to you, please let me know (either by email or by filling in the appropriate field on the challenge page).

I Got Nothing

Sorry folks. Nothing much has been happening recently. I haven’t been to the range in months, haven’t taken new shooters out in a while longer, have been about a month behind the times when it comes to gun-related news, have fallen behind in reading other blogs, etc.

I’m alive (at least for now; I’m going to be skiing all next week), excited about having gotten into graduate school, and generally getting along fine.

As an aside, if you haven’t played the video games Mass Effect and Mass Effect 2, you’re missing out. I was a bit skeptical of a third-person shooter/RPG, but I was wrong. They’ve seriously been the most-bang-for-the-buck entertainment that I’ve had in years (since Star Wars: Knights of the Old Republic which, interestingly enough, is made by the same company as Mass Effect). Tons of replay value, too.

“Enterprise-class”, my ass

The university has licensed a particular brand of anti-virus software for all students, faculty, staff, etc. The department I do IT work for (my day job) has a central console that allows administrators to monitor the status of the anti-virus software on all the computers on the network.

I know it well, as I was the one who set it up.

Unfortunately, it’s a piece of crap and is two major versions out of date (the university only got the newer versions a short while ago). It’s also not going to be supported soon, so we had to upgrade it.

Most end-user software seems to handle in-place updates really well. Mozilla Firefox, Windows, even Acrobat Reader update really easily. Certain other software, like Apache, MySQL, and other such things also update reasonably smoothly.

This anti-virus console is not one of those things.

I honestly couldn’t think of something that’s more of a pain in the ass to upgrade.

It turned out to be faster and easier to simply install the newer console on a different server, configure it by hand, and then manually re-install the client software on the 200 or so desktop systems (again, by hand) than it was to try to upgrade the existing console.

The new one’s quite a bit better than the old one, but there’s still no built-in “upgrade in-place” feature, so in a few years someone’s (hopefully I’ll be in grad school by then) going to have upgrade to the next version. That’ll suck; a lot of the configuration is stored in some unknown way, and not accessible to the GUI or the configuration files. If even the tiniest thing gets out of whack (which happens on occasion), diagnosing the problem (not to mention fixing it) is a massive pain in the ass.

Compare that to Windows Server Update Services — a simple Group Policy change on the clients1 and the clients get all their Windows Updates from the WSUS server, which can manage which updates are to be deployed to clients. Quick, simple, and scalable, all through an intuitive GUI.

Say what you will about Microsoft, but they have enterprise-class management down pat. This anti-virus company, though…not so much…

  1. We don’t have an Active Directory, so we can’t push it from a central system, but have to do the changes by hand. There’s a lot of inertia and legacy systems here. Oh well. []


Google evidently has two separate account namespaces:

  • Google Accounts
  • Google Apps account

Google Accounts can be, but are not necessarily, a Google Mail/Gmail account. One can have a Google Account without having a Gmail account (e.g. and can use such an account for accessing services like Google Reader, Google Docs, etc. I created such an account years ago for my personal email address.

Google Apps accounts are accounts associated with Google Apps, which are separate from regular Google Accounts. Google Apps provides email service for my personal domain.

Unfortunately, this means that both my Google Account and Google Apps account had the same username, which lead to considerable confusion.

I’m just now trying to get this all straightened out by only using Google Apps for email and XMPP chat and migrating all my other services (like Google Reader, Google Voice, etc.) to a single Google Account. This is exceedingly frustrating.

On Changing Mail Servers

My personal, non-blog-related domain has used Google Apps for email for years. In essence, one gets all the benefits of Google Mail (excellent spam filtering, IMAP/POP/SMTP, huge amount of storage, reliable infrastructure, etc.), but for one’s own domain. Very handy.

One of the advantages of having one’s own domain is that one is not bound to a specific email provider; one can change the back-end provider relatively easily and with essentially no disruption. Over the last 11 years, my personal domain has had probably half a dozen providers handling email, with Google Apps providing service for about the last four years.

While I’ve been quite satisfied with Google Apps1, I always like to check out alternatives at intervals, much like I do with car insurance.

Fortunately, Google makes moving away from their services extremely easy: it’s trivial to move mail to the new server by IMAP, and a few simple changes to my DNS records now direct mail to the new server. Everything was done with about 5 minutes of work.

There’s two quirks with moving away from Google Mail, though.

The first is that Google Mail is primarily web-based, and offers IMAP/POP service as a feature, while the new service is primarily IMAP/POP with webmail as a feature, and so their webmail is pretty basic.

The second is that Google has excellent spam filtering, mostly based on the input of its brazillions of users marking messages as spam or not spam. The filtering takes place on the server side, which keeps spam levels in one’s inbox to a minimum regardless of whether one uses webmail or IMAP/POP. Marking messages as spam or not spam is trivial and totally in-band (click a button on the webmail interface, move the message to an IMAP folder if using a client).

The new provider offers some server-side filtering, but it’s nowhere near as good as Google’s, and using the server-side filtering requires identifying spam or non-spam via out-of-bound methods (clicking a link in the email, which opens a browser window) which is a bit tedious. I can do better filtering on the client side, but that means that accessing my email with the webmail interface (which doesn’t have the filtering ability of my mail client) results in a massive amount of spam polluting the folder.

Slightly frustrating, to say the least.

I’ll give this other provider a few more days to see if their spam filtering can adapt to deal with the onslaught, but for my purposes (mostly webmail, with occasional IMAP use), Google Apps’ service appears to be better. However, in the event that Google turns to the dark side, it’s good to know there’s options.

  1. Although there are a few quirks when using IMAP due to the fact that Gmail uses “labels” instead of “folders”, they’re minor and easily adapted to. []

Technology Marches On

In 1993, I was but a young lad of 11. At the time, my parents purchased a PowerBook 165c, the first color Mac laptop. It had a whopping 33MHz processor, 4MB of RAM, an 80MB hard disk, and a 8.9″ 8-bit 640 x 400 color passive matrix display that could display 256 colors. It weighed about 7 pounds. According to LowEndMac, it cost about $3,400. Ouch.

Today, I was looking at a new netbook made by System76, a small, independent company that sells hardware with Ubuntu Linux pre-installed. This computer has a HyperThreaded 1.66GHz processor (50x faster than the PowerBook if you only count one thread, 100x if you count both threads), 2GB of RAM (500x as much), a 250GB hard disk (3125x as large), and a 1024 x 600 LED-backlit screen that can display millions of colors. It weighs 2 pounds, and costs $389. It’s also physically smaller, has a battery that lasts about 4x as long, and has a stupidly fast wireless card.

All that in 17 years.

Firearms, however, have been around for quite a bit longer than 17 years, yet modern firearms are essentially the same as they were fifty years ago.

Where’s my Star Wars-esque blaster gun? Get crackin’, guys…