I got my first dose of hormones today.

I don’t feel any different. . . yet.

Make windows suck less.

Hate on Blogs.

Hate on printer makers.

Pick how you’re gonna go.

Have a nice day.

I cut my hair! It’s just past shoulder length and swishy and I’ve a blonde streak down the left side. Dawn took off seven inches while I bit my lip and wasn’t sure it was what I Really Wanted. It looks really good. For the first time in months, I can look in the mirror and not wince. I am so happy!

I practiced playing simple harmonies on the cello to several songs (The Four Seasons’ Allegro movement, and several poppy pieces) last night. It’s a lot of fun and a good way to get me moving again.

This is wrong for several reasons. It’s the usual “unrecognized certificate” warning, this one is the variation for when the hostname and server cert name don’t match. I chose this dialog simply because it’s easy to trigger.

The biggest problem is with the word “trust”. It’s asking you to accept only if you trust 206.168.112.32 and theinternetco.net. First off, the IP address has nothing to do with it. Since we’ve got a mismatch going, that IP could be being spoofed. You can’t trust it, and yet it’s asking you to considder it. Next, theinternetco.net — the problem here is more subtle: it’s asking you a technical question, should I connect to this site? but advising you to make the decision on a non-technical basis, do so only if you trust the domain (and I’m extending in typical fashion here, that the domain really means the company who owns or operates it. The problem is that not only do you have to trust them to be honest, but you have to trust them to be competent. When microsoft.com’s certificate was cracked (or was it stolen?), the warning above would have come up … we’ve covered that the IP could be spoofed, and since the certificate isn’t valid, we can’t authenticate that, and it would have said microsoft.com right there. Any sane user, given the information that dialog box provides, would have connected. And they’d fall right into Joe Cracker’s hands.

The solutions to this aren’t easy. The reason it’s not been solved is that it’s not a technical problem. To know whether you should trust a connection to a server, you have to take into account three things: Is the company trustworthy? Are the admins competent? Is this who it says it is?

Is the company trustworthy? can’t be answered technically: we only know through prior transactions and through word of mouth. This can be subverted with PR campaigns, too, and slander.

Are the admins competent? is nearly impossible to guage without a longstanding relationship. Some companies you may never know. In fact, it’s easier to find a trustworthy small company than a large one on this basis.

Is this who it says it is? is subject to all sorts of attacks: A stolen certificate allows one to impersonate the server. Tricks with character sets can trick one into thinking that “Pаypal” is actually “Paypal” and similar. And if the certificate authority is broken into, You can’t even meaningfully check the digital signature there either.

After I started writing it, I found a similar rant by Bruce Schneier.

It’s conversations like this one on Aspect-oriented programming in Ruby that make me a true geek who doesn’t sleep enough.

I’ve known Jess six years. Naela six and a half. Robyn seven. Tessa, five and a half. Dawn, six. Nick, seven. Julia, seven. Max, seven. Joey, six. Wow.

From the gosh-that’s-pretty department, GNUStep Theme Mockup.

GNOME usability issues:

• Ambiguity between notification-area icons, launcher applets, task-switcher buttons (if enabled) is really bizarre
• Apps that hide to the notification area vs minimization.

And non-GNOME GTK apps:

• Inconsistent use of Control-W as close window.
• Some still have Control-Q to close all windows, often without warning.

I discovered a nice little trick for GNOME users running GStreamer apps. You can play sound across the net from any GST app, like so:

Open gstreamer-preferences, and set the sound output to the “Custom” option. Put in the text entry underneath esdsink host=1.2.3.4 where 1.2.3.4 is the IP address of where you want the sound to go.

On the destination host, make sure ESD is running with the options -public -tcp.

I’m pondering coming out to a group of more-or-less coworkers. I’m not sure I want to (they think I’m female (Yay that!)) … and they only know me online, so in some ways, I’m exactly where I want to be.

Not sure what to do.

Yesterday, Susan at the pet store said that I should write technology articles for the local papers. She’s one of these people who avoids turning on her computer due to lack of understanding. I like the idea.

I woke up at 7:40 from a dream where I was late to work, had left my cell phone (and alarm clock) at work, missing two important appointments. A very unusual way for me to start the day.

Read the news, realized I had a conference call at 9. Which was a no-show. Got breakfast at 10:30, and the radio played TMBG and the Indigo Girls while I ate.

I’m listening to an old mix that Robyn gave me right now. “I’ll Be That Girl” is such a button-pushy song for me. I ate burritos with sour cream and avocado and barley and tomatillo salsa in them, just like I did living there. I’d love nothing more than a mug of tea and to go wander to the park with Robyn and talk.

I spent a half hour extolling the virtues of Orson Scott Card’s work to an avid non-reader of fiction. Life is fun.