Conversations like the one I had the the other night are among the reasons that having the group of friends I do is so wonderful. Talking about relationships and the way people think and feel and being able to compare intricate notes with Josh took me well past midnight. I fell asleep in my sister’s huge puff-chair, which wasn’t the best place to sleep. I got chilled and didn’t sleep particularly well.

It’s been a relatively intense week. I am working, so I have my time to myself, but Josh and Ryland are here, mostly at Ruth’s, Max is here, mostly here in my house. All of this while dealing with major life changes.

Carrie’s moving out. The house is full of half-packed bags, things being sorted into piles labelled in our heads as “mine” and “yours”. I’m not entirely sure what I think. I’m going to miss having Carrie around. I’ll miss the companionship of having someone to share dinner with, a good reason not to eat dinner over some piece of work or while chatting online.

What we choose to leave behind and what we choose to take with us is such an odd choice. There are more art supplies being left behind than I suspected would be, and not as many cookbooks. I’ve inherited a tarantula of the acanthoscurria geniculata sort. There’s seed catalogs and a garden to plant. So much is the same as it has been while Carrie’s been in the youth corps. It’s a bit eerie.

I think we can be friends. There’s tension between us, but so most of my angst is having my routine disrupted and having it be hard to get a moment alone. I have my things to do, though, and she has her life to live. I can’t be possessive. I don’t think it’s in my nature.

Ryland’s taking off with Max and Carrie early tomorrow.

• How double-entry accounting works and why,
• what each layer of the OSI 7-layer model is, and why,
• how recursive descent, LR (and LALR(1)) parsers work,
• if they use a Unix-type operating system, the filesystem layout standard for their OS,
• XML, including a little reading on the top-down document-type versus the bottom-up piecemeal-type debates,
• how to locate relevant W3C and IETF standards, drafts and intermediate documents,
• basic C, including how to include a header, how to write “Hello, World”, how to allocate and free memory, and how to link a simple program,
• how to use diff(1) and patch(1),
• how to use cvs(1) or svn(1), preferably both,
• basic SQL, and how the JOIN operator relates to the ⊂ operator,
• and how to speak basic POP3, SMTP, and HTTP.

More should probably be here, but there it is.

Incident No. 25: Kimothy’s Mouth.

Sheer brilliance.

Doh. I shouldn’t stay up so late arguing with Polyergic.

I want to see the Dresden Dolls some time Really Soon.

I said today that I missed ASL pronouns in English. I am always confused in complicated conversations involving more than two subjects when there’s too many pronouns. I can’t ever remember which thing “it” is referring to.

Imagine if you had a set of pronouns, “de”, “dele”, “dela”, “delo”, “delele”, “delala”, “delolo”, “delalala”, ad infinitum. The first is “it” as we know it, the first subject, but a bit less ambiguous as it wouldn’t change. “Dele” would be the second person you referred to, and so on. “Les went to the store and de left before it got dark. De went to the park. Meanwhile, Sam went to the store too, and then to the park. De and dele went home and were happy”.

Perhaps it’s harder to keep track of, since we’re not used to keeping track of the subjects and objects of sentences, and unlike ASL, you don’t make it obvious when you use a slot.

I went snowshoeing with Ethan and Eric and their friend from Grand Junction, Michelle. I’m a little sunburned but I feel very, very alive. The sky was deep blue with perfect light-grey clouds. It was well above freezing — I didn’t even stay wet more than a few seconds. We hiked up from Red Mountain Pass, at about 10,000 feet, up a couple miles to one of the huts back there, stomped around a bit above there, and came back down.

I had one of the nastiest hypoglycemic attacks I’ve had coming into Ridgway, making me feel literally like I was going to keel over, but we got chinese food right after, which was excellent, and I felt much better. I think hormones fuck with my metabolism. It’s gonna be interesting to see how that pans out. Just gotta adjust my diet.

<pre>aredridel@mizar:~$ ls /home/storage/Music/ | wc -l 666 </pre>

I got my first dose of hormones today.

I don’t feel any different. . . yet.

Make windows suck less.

Hate on Blogs.

Hate on printer makers.

Pick how you’re gonna go.

Have a nice day.

I cut my hair! It’s just past shoulder length and swishy and I’ve a blonde streak down the left side. Dawn took off seven inches while I bit my lip and wasn’t sure it was what I Really Wanted. It looks really good. For the first time in months, I can look in the mirror and not wince. I am so happy!

I practiced playing simple harmonies on the cello to several songs (The Four Seasons’ Allegro movement, and several poppy pieces) last night. It’s a lot of fun and a good way to get me moving again.

This is wrong for several reasons. It’s the usual “unrecognized certificate” warning, this one is the variation for when the hostname and server cert name don’t match. I chose this dialog simply because it’s easy to trigger.

The biggest problem is with the word “trust”. It’s asking you to accept only if you trust 206.168.112.32 and theinternetco.net. First off, the IP address has nothing to do with it. Since we’ve got a mismatch going, that IP could be being spoofed. You can’t trust it, and yet it’s asking you to considder it. Next, theinternetco.net — the problem here is more subtle: it’s asking you a technical question, should I connect to this site? but advising you to make the decision on a non-technical basis, do so only if you trust the domain (and I’m extending in typical fashion here, that the domain really means the company who owns or operates it. The problem is that not only do you have to trust them to be honest, but you have to trust them to be competent. When microsoft.com’s certificate was cracked (or was it stolen?), the warning above would have come up … we’ve covered that the IP could be spoofed, and since the certificate isn’t valid, we can’t authenticate that, and it would have said microsoft.com right there. Any sane user, given the information that dialog box provides, would have connected. And they’d fall right into Joe Cracker’s hands.

The solutions to this aren’t easy. The reason it’s not been solved is that it’s not a technical problem. To know whether you should trust a connection to a server, you have to take into account three things: Is the company trustworthy? Are the admins competent? Is this who it says it is?

Is the company trustworthy? can’t be answered technically: we only know through prior transactions and through word of mouth. This can be subverted with PR campaigns, too, and slander.

Are the admins competent? is nearly impossible to guage without a longstanding relationship. Some companies you may never know. In fact, it’s easier to find a trustworthy small company than a large one on this basis.

Is this who it says it is? is subject to all sorts of attacks: A stolen certificate allows one to impersonate the server. Tricks with character sets can trick one into thinking that “Pаypal” is actually “Paypal” and similar. And if the certificate authority is broken into, You can’t even meaningfully check the digital signature there either.

After I started writing it, I found a similar rant by Bruce Schneier.

It’s conversations like this one on Aspect-oriented programming in Ruby that make me a true geek who doesn’t sleep enough.