Recipe: Storm in the Garden

Recipe: Storm in the Garden

Ingredients

  • 10 ml lavender vodka
  • 10 ml orange vodka
  • 10 ml hibiscus vodka
  • 200 ml ginger ale
  • ice

Instructions

  1. Drop the ice in a pint glass, pour in the ginger ale. Add the vodkas layered gently on top, ending with the bright red hibiscus.

Preparation time: 2 minute(s)

Number of servings (yield): 1

My rating 5 stars:  ★★★★★

Perfectly Timed Photos - Water Globe - collyr.com

Perfectly Timed Photos - Water Globe - collyr.com.

Sam Amidon - Wedding Dress

via YouTube.

Having vs. Owning | ps pirro

Sometimes people get confused about the difference between having something and owning it.

“I have an ipod” signals ownership. “I have a dog,” or a child, or a spouse, implies a relationship, a mutuality between sovereigns. Things get messed up for us, and for those with whom we are in relationship, when we confuse the one for the other.

Ownership denotes control. Relationship is wrapped up in reciprocity.

Ownership is unilateral. In relationship, something is always owed to the other. Always.

As a general rule, if a thing is alive — and for the animists among us, this includes pretty much everything — what you have is a relationship. Even if the law says otherwise.

[Having vs. Owning | ps pirro](http://pspirro.com/2013/01/20/having-vs-owning/).

If It’s Reasonable in Denver: Lessons in Location Tracking from Colorado

If It’s Reasonable in Denver: Lessons in Location Tracking from Colorado.

World smallest V12 engine - YouTube

http://youtu.be/m3KdpzL3Hkk

via World smallest V12 engine - YouTube.

Augmented Reality TARDIS! - Cheezburger

Augmented Reality TARDIS! - Cheezburger.

Some thoughts on configuring web servers

If there’s one thing that has always made me annoyed running a web hosting and services business it was the low level details of configuring virtual hosts in Apache and every other web server on the planet.

It’s all scriptable, but it’s error prone and completely graceless.

Users want to be able to define their own rules.

Apache configuration syntax, when included, can break the entire configuration. It’s not dynamic. Reloads in a hot web server can be expensive.

Ngingx and Lighttpd are marginally more consistent, but still stink at delegating.

Configurations are sometimes order-dependent, sometimes evaluated root to leaf node, sometimes leaf node to root, and sometimes require recursing into the request handler to make decisions based on on “what if” scenarios.

I’d willingly trade a lot of power in configuring a web server for something simple and able to be delegated to users.

There are some basic requirements:

  • Ability to configure redirects (and custom responses) for specific URLs and for entire subtrees of URL space. (I’m of the opinion that this should often not be handled at the application layer, since it’s most often needed to deal with changes to URL structure during application upgrades and transitions.)
  • Ability to map URLs to handlers located within the document root, without exposing the filenames of those handlers. (Thank you, PHP, for moving us backward 5 years in URL structure in an effort to teach us how simple deployment should be.)
  • The ability to direct entire subtrees to a handler.
  • The ability to direct entire subtrees to a handler if the request is not satisfiable with a url-to-path mapping.
  • The ability to direct requests to a handler if url-to-path mapping yields a file with a particular suffix (or perhaps indirectly via MIME type)
  • The ability to tweak url-to-path mapping if url-to-path mapping yields a directory.
  • The ability to add a variable passed on to a handler at any point in the subtrees of URL space, including setting it to a value from any part of the request headers, including a fragment of the URL.

And operationally, I want to be able to delegate the configuration of entire virtual hosts and preferably also subtrees of URL space to users, and have them only able to break the parts delegated to them.

1944 Red Velvet (cup) Cake

This is a red velvet cake made in a WW2 era way, using beets for moisture and color. The trick to getting good color rather than mud is to keep the batter acidic: lemon and buttermilk and a complete lack of alkaline leavening are what make this recipe unusual.

Boil two medium beets and puree. (You need one cup)

Cream two sticks of butter with a cup of sugar. Beat in two eggs as completely as you can.

Mix two tablespoons of lemon juice with 3/4 cup buttermilk. Add a cup of the beet puree.

In a bowl, mix a cup of flour and a quarter cup of natural (non-Dutch process) cocoa powder. (I used Hershey’s).

Beat the three mixtures together, adding some of the butter, egg and sugar mixture alternating with some of the beet and buttermilk mixture.

Pour into greased cupcake pans and bake at 350 until a toothpick or straw comes out clean.

This will be a soft, moist cake, almost custard. It released from the pan easily for me, though my cupcake pans are cast iron and a little unusual.

I used most of my batter as a layer under a cheesecake, but that’s a story for another time.

Perhaps it is broken, the cover of your diadem […], darkness collar […]?

An excellent and beautiful work by my friend @vruba.

Perhaps it is broken, the cover of your diadem […], darkness collar […]?.

Configuration injection in node.js

[gist id=3927254]

The world is a complicated place

Part 1 of an ∞ part series

:; cal 9 1752    September 1752 Su Mo Tu We Th Fr Sa        1  2 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

using jsrender templates with jQuery UI

Load the script:

[gist id=1343709 file=head.html]

Define your template:

[gist id=1343709 file=template.html]

Then connect it with a jquery UI dialog:

[gist id=1343709 file=action.js]

Cephalapod Surprise Chowder

Chop four slices of bacon and start cooking them over medium heat.

Chop one small onion, three small carrots, two sticks of celery.

Add them to the cooking bacon, with the fat.

Let them cook until the onions start to go transparent.

Add a cup or two of beer.

Add 3 or 4 fingerling potatoes, cut into small bite sized pieces.

Add water to cover and let this simmer until the potatoes are soft.

Chop four or five small squid into half-inch square pieces. Tentacles can be left in larger pieces.

Put these in a pan with a few tablespoons of melted butter. Cook briefly until the squid firms. (Ten or fifteen seconds, thirty at most.)

Add the squid to the simmering potato mixture.

Add a cup or two of small scallops, and a cup of small shrimp.

Cook a roux, equal parts butter and flour until the flour is golden-brown.

Add it to the simmering mixture and whisk to combine, and remove the heat.

Add 3/4 cup of heavy cream, or 1 1/2 cups of half and half.

Let stand for a bit, and serve.

Season with salt and pepper, and add a quarter cup of chopped fresh dill.

Simmer until warmed through again. Don’t let the scallops overcook.

Let cool slightly

A simple primer on cryptographic primitives

A field guide

Or “don’t trust anything that screws these up even slightly.”

Key

A private, hard to guess piece of information, meaningless on its own, but used to secure other pieces of information.

Public Key / Private Key

Specifically, these are keys with certain properties: They come as a pair, they’re usually a couple prime numbers (which are mathematically hard to factor, which is where their security comes from)

Things encrypted with one key can be decrypted with the other and vice versa.

Hash

Using a cryptographic hash function (which is often based on an encryption function, but not always) takes an often big piece of information and turns it into a fixed length token that represents it, in a hard to fake way. Even small changes will make a cryptographically strong hash function change its output entirely.

Some example hash functions: MD5, SHA1, SHA256, SHA512

Signature

The result of using a key and a hash function together on a piece of information to give some proof that the information wasn’t forged. If the key and signing algorithm used are public/private paired keys, then the public key can verify that the information was signed by the private key.

Certificate

A signature on a public key, and usually some ID information. If the certificate was signed by a trusted party (trust is a complicated thing, though) then there’s usually some assurance that the information signed by the the private key that matches the certificate is from a known source. Of course, can you spot a forged ID?

HMAC

A way of hashing information with a key securely to form a signature that can’t be altered. Turns out that if you just start with the key and add data to the end of it, then hash that, an attacker can keep adding things and keep running the hash function from where it left off and the signature will look valid. HMAC mixes the key with the information being signed in a way that prevents this.

Salt

When you’re using a hash to make information hard to brute-force, you make sure that an attacker can’t just build a list of all the likely things and see if you have them by adding randomness to the thing you’re hashing. Now, since this changes the hash value, you have to include it in a way that the thing comparing the hash can do the same way, so a salted hash often looks like data + salt = $salt$HASH. Usually this is combined with a very slow, hard to do hash function, so you can’t just whip through all the possibilities on a fast computer in a day or two. Computers keep getting faster, though…

TL;DR

Key = random unguessable; Key + hash = signature, signature + keypair = certificate; Hash + salt = hard to crack hash + salt.