Category Archives: Site Updates

Why am I still blogging? (And why about this stuff?)

This blog has been around 15 years. Social media has mostly moved on, to silos like Facebook and Twitter. People don’t follow random personal blogs. Topic-focused sites are what people actually read, and even that mainly following links from silos.

Meanwhile there are so many major things going on that make the things I post about here — comics, fandom, photos of things I found interesting, random tech thoughts — seem trivial.

So why keep a blog going? And why write about trivialities, and not big things like the battles over civil rights, healthcare, environmental protections, war?

As for the first: Some of it is stubbornness. And some of it is wanting to keep part of my writing/photo presence somewhere “permanent” (to the extent that anything online is).

As for the second: I’ve never really liked talking news and politics online. I rarely feel like I can add anything that hasn’t already been said (probably better) by someone else. Also, online conversation has gotten way too toxic. On the other hand, while the little things may be trivial, they add up. They add up to your life. It feels like I might actually have something to say that’s not already been said a thousand times by people more familiar with the issue than I am.

Plus it’s a way to assert some normality in a world that feels decidedly abnormal.

I’m not likely to come up with anything super-profound on the most important topics, but I can make short statements, and I can amplify other voices. And I’m trying to come to grips with the fact that that’s important. I’ve been reading a lot more and posting a lot less over the past year or so, but even if I can’t say anything profound, I shouldn’t stay silent.

So I’ve been microblogging, and linking, and reposting — all things that are better suited for a service that’s built around those use cases. When I have something longer to say, I do try to pull it in here, because a blog post is better than a Twitter thread… But I think more people probably see my retweets than my blog posts, anyway.

Finally pulled the HTTPS switch!

That took a lot longer than I intended.

But I’ve finally made all of Hyperborea.org run over HTTPS.

It’s been possible to view the whole site over HTTPS ever since I turned it on for the admin area of this blog years ago, but I left HTTP as the canonical URL and didn’t redirect anything until I updated the Les Mis section, and later this blog. Now, any page you visit on this entire site should load over an encrypted connection.

(Well, any page except for the old Dillo RPMs page, since that minimalist web browser still only has experimental HTTPS support.)

The problem is when you have decades of hand-crafted web pages to go through, it can take a while to make sure everything embeds only secure or same-origin content. Every image, every script, every video. I had to update lots of absolute links, remove some widgets and ads, update other widgets, embedded videos and metadata…and just a bit at a time in my spare time.

Finally I switched on the redirects this morning. Even that took longer than expected, because I’d forgotten that mod_rewrite rules in a directory override any parent directory’s rules, so I had to copy the HTTP-to-HTTPS rewrite rule to each folder that had its own rewrite rules. Then I had to fix the interaction between mod_rewrite and ErrorDocument that was causing custom errors to redirect to the error template instead of loading it behind the scenes.

Adding the S in HTTPS

I finally moved the public side of this blog over to HTTPS last weekend. Traditionally I’ve preferred to put public info on HTTP and save HTTPS for things that need it – passwords, payment info, login tokens, anything that should be kept private — but between the movement to protect more and more of the web from eavesdropping and the fact that tools are making it harder to split content between open and encrypted sides (the WordPress app sometimes gets confused when you run the admin over HTTPS but keep the public blog on HTTP), I decided it was time.

The last sticking point was putting HTTPS on my CDN, and I’d decided to try getting Let’s Encrypt and CloudFront working together over the weekend. Then Amazon announced their Certificate Manager for AWS, which took care of the hard part. All I had to do was request and approve the (domain-validated) certificate, then attach it. Done!

Downside: Because I opted for the SNI option on the CDN, rather than pay the premium to get unique IP addresses on every CloudFront endpoint, the images won’t work with older browsers like IE6. (Server Name Indication is a way to put more than one HTTPS site on the same IP address.)

On the other hand, the cert I have on the site itself is SHA2-signed (as it should be, now that SHA-1 is no longer sufficient), so it wouldn’t work with older browsers even if I turned off the CDN and kept the images on the server.

It’s the first time I’ve actually broken the ability of older browsers to see any of my personal sites. I’ve broken layouts, sure, but not completely cut them off. In general I’d rather not, but I think I’m OK with it this time because

  1. SHA1 really does have to go, SHA2 is well-established, and it’s not like I’m providing downloads of modern browsers or a critical communications forum for people who are stuck with ancient hardware/software because that’s all that’s available to them.
  2. SNI has been around for TEN YEARS.

And as it turns out, DreamHost’s ModSecurity rules block IE6 to begin with, so the whole site’s already broken in that browser.

So I guess next time I redesign I can finally drop any IE6 workarounds. :shrug:

Moved to a faster server, ALMOST moved to NginX

As of last week, this site is being served to you by a shiny new SSD-backed VPS at DreamHost. I was hoping it would be running NginX as well, but try as I might, I couldn’t get WordPress in a subdirectory to play nice with NginX. Speed Force worked fine, but it’s at the top level of a site. Ramblings and Re-Reading Les Misérables aren’t.

Fortunately, the new virtual servers are faster and cheaper (newer hardware, after all), and with the rest of my sites running NginX I end up with about the same overall memory footprint for two VPSes so that I could put this back on Apache. I suppose that saved me time converting the zillions of .htaccess rules I’ve amassed over the years. And with the faster systems, they’re able to handle more complex/simultaneous actions without timing out or spiking memory.

2014: Still Plugging Along

I’ve been making more of an effort to post here this year, though it’s been a long time since the site had many regular readers. I’d like to do more long-form writing, but that’s just not in the cards these days.

Some highlights:

Century Blvd - railroad bridge remainsLos Angeles/California: I’ve been following the demolition of a bridge near LAX to make way for a future Metro station, wrote a series of thoughts on the California drought, and looked at a slowly emptying mall in Anaheim.

Lunar eclipse mosaicScience: I caught two eclipses this year: a total lunar eclipse with the family, and a partial solar eclipse near the office. Katie did her own controlled experiment on wireless signals and seeds following up on some of the questions that should have been asked in that school experiment that went viral back in spring.

Katie as Alice (OUATIW) cosplayEntertainment: I’ve been reviewing Les Miserables adaptations, including two movies, a comic book, a live parody and a children’s book. I also finally saw productions of Ragtime and Into the Woods. (Good ones, fortunately.) Comic-Con (San Diego), WonderCon, and Long Beach Comic Con of course, including Katie’s awesome Alice (Once Upon a Time in Wonderland) cosplay at SDCC. And then there was 5 things to do with a smart watch at Comic-Con (#1 is to wear it with a Dick Tracy costume).

Troubleshooting is what brings people in the most. Finding the missing Windows 8.1 update was the most popular post of the year, though it’s 15th on the list behind older posts, most of which are also tech tips. It seems wireless networking on Linux is still more challenging than it ought to be.

22 Egress 1/2 MileMostly I’ve been trying to continue the occasional series that have been here for so long: funny signs, interesting/odd photos & observations, comic conventions (though less of that these days). Admittedly that means there’s a lot of overlap with my Instagram and Flickr streams (even more now that my phone is good enough to be my most often-used camera), but I try to add description and context when I post here. On that note, an old photo of a long-gone freeway “Egress” sign got some surprise attention from Reddit at one point.

Rainbow over El Segundo Giant's Chess Set Restroom for ME 9 Cent Only Stores Exploring the Creek Sunset Palm Tree Female Magneto at WonderCon Use Vertical Transportation