SSL

On December 12, 2012, I stopped receiving mail sent to my email address at triplewhitefox.com. It was two days before I realized it. You see, I have it picked up by Gmail from the triplewhitefox.com server so I can use Gmail for dealing with all of my email. I also have a Gmail address for the same inbox. So, I was still receiving some mail – the mail sent directly to my Gmail address.

It turned out that, without warning, on that date Gmail stopped supporting secure, encrypted SSL connections where the server did not have a valid certificate. From Gmail help:

As of December 2012, Gmail uses “strict” SSL security. This means that we’ll always enforce that your other provider’s remote server has a valid SSL certificate. We made this change to offer a higher level of security to better protect your information.

This was precisely my situation. I was using a self-issued certificate that came installed on my web server. I had, in the past, considered a proper SSL certificate and migration to https but I was put off by the cost of a certificate. Most providers charge hundreds of dollars and they must be renewed every year or two.

Not wanting to transmit my mail to Google over a non secure connection, I started to search for alternatives. I found one in StartCom which provides a basic SSL Certificate for free.

Over the past few days I have worked on installing one on my web server and also on my mail server. It was a little tricky to get my Dovecot mail server running with the certificates but the post here was very helpful. I also found the certificate checker at digicert helpful while debugging my configuration. You just enter your hostname:port and it checks the certificate.

As a side effect of securing my mail, triplewhitefox.com is now available over https.

The home page: https://www.triplewhitefox.com

The forums: https://triplewhitefox.com/servlet/forum

This blog: https://triplewhitefox.com/WordPress/

Admittedly, it is not perfect. Some links in the various parts of the site will switch you back to http. I need to do some cleanup. I could make a global change to force all traffic to switch to https but I think I will hold off on that until I see how well it goes with this hybrid solution. Also, the site includes some non-secure content in the form of the ebay ads so, if you view the certificate, you will see a warning about this.

 

A couple behind-the-scenes Web site changes

Alas, it’s winter and the Mustang is in storage. While many of you work on your cars in preparation for the next show season, I work on this web site. In the last week I have performed a couple web site changes you probably would never notice but, I feel, are important enough to bear mentioning. And, to let you know that, I’m still here, behind the scenes, keeping things working, trying to make things better and planning for the future.

Item #1: Installed ThinkUp in order to better manage TWF’s social presence

I  started first using Twitter to connect and then, in 2011, added a Facebook presence for TWF. Honestly, I am still trying how to figure out how best to use them relative to their strengths and weaknesses. When I have something to say it still feels like I have to think too hard about whether it should be a blog post, forum post, tweet or a Facebook entry. I hope that it starts to feel more natural soon.

Regardless of the avenue chosen, I really like to be in charge of my own data. Using Twitter and Facebook for the site has meant giving some of my data over to a 3rd party. It has been useful for building a following but I worry that I might lose it somehow, someday

I have been aware that there are tools to get the data out of these networks. I just never took action about it. I listen regularly to the TWiT series of Podcasts including This Week in Google so I often hear about a project called ThinkUp. It is a tool not only to take ownership of your social data but to get meaningful metrics back out about the effectiveness of your usage of the medium.

It is the kind of solution that most users of Facebook wouldn’t choose, though. You need your own server or at least to know someone who has one to share. It’s less service and more solution.

The TWiT network’s “Triangulation” series recently interviewed Gina Tripani, who is the brains behind ThinkUp. On the show, she conveyed that its architecture might limit ThinkUps adoption but it was, in fact, perfect for me. I have a server on which this site runs and, being a modern PHP/MySQL install, it met almost all of the requirements for ThinkUp!

The install process for ThinkUp verified the server setup and the only thing I needed to add was a package called cURL. The cURL install literally only required two command lines to be executed

apt-get install php5-curl
/etc/init.d/apache2 restart 

before I was up and running. And, I’m no Linux guru. Otherwise, it was as simple as any WordPress install I have done and much simpler than the Drupal install.

The only glitch I have with it is that I have two Facebook profiles under the name ‘John Jones’ (I know, I know, multiple profiles is a big no-no) . One is related to my TWF page and the other is my personal one for family. They are indistinguishable in ThinkUp.

And, it not just me that can’t tell them apart, ThinkUp can’t differentiate which one I want when I choose from the list and always directs me to the one related to this site rather than my personal one. I hope that gets straightened out in a future release. It is really a minor annoyance, though.

Bottom line, ThinkUp is now harvesting all of the social data from Twitter and Facebook into a database on my own server. I can feel confident that this data is still my own.

Item #2: Changed domain registrar from GoDaddy to Hover

I only mention this next one because it went so seamlessly. I was petrified that there would be a glitch during this process and my site would be down for some period of time. I had previously migrated foxfeaturecars.com over but that was easy – it is just a pointer to this site that no one really knows about.

For a little background, I had been using GoDaddy since 2003 back when they were just about the most affordable registrar. I had no problems with them really. A lot of what they are criticized for just didn’t impact me.

My main concern was domain privacy where my contact information was public. Sure, they offer privacy controls, but it costs an extra $10/year. With Hover, it’s included. The transfer went very smooth and I bet no one even noticed the brief time the transfer occurred and the site may have been unavailable.

Two weeks without cable

Tomorrow marks two full weeks without cable TV. This is a status report of how it is going.

Prime Time Viewing

With the holidays here there are not a lot of new episodes of the shows that we like to watch. And, with time off from work, we have more time to watch TV later into the night. Last year at this time we really got into Dexter on Netflix. This year, there are still plenty of good serial shows from the last few years of cable and broadcast TV that we never saw. So, I think we will be looking into those to fill the gap. I am pretty excited about this because our old cable TV standby at night was to watch HGTV. That became kind of a rut.

Last night we looked for a show that we watched a few episodes of on Netflix sometime earlier this year – Pushing Daisies. Unfortunately, it is no longer available there. But, having the Mac Mini attached to the TV finally realized its value. Season 1 of Pushing Daisies is available online on TheWB.com. The only apparent drawbacks to this were two. First, the commercials pretty much alternated between the same two from HP. At each ‘commercial break’ there were two commercials. Often the two were the same commercial repeated twice. They could have at least played one of each commercial. I don’t know if advertisers realize it but by making your commercials repeat annoyingly might go against any benefit from having people view them at all.

The second, and most problematic drawback was that the first episode that we watched twice ended abruptly and the player went to the next episode before the one we were watching completed. This seems to be a bug in the player.

ESPN

The Monday night game this week 16 of NFL football was the Falcons vs. the Saints. Neither one is my team so, technically, I would have been OK if I had missed it. But, I was looking forward to watching Drew Brees attempt to break Dan Marino”s passing record. I was aware of the availability of streams for watching this that are not so ‘on the up and up’. My wife actually enticed me to find one suggesting that I should be savvy enough. I took it as a challenge. In about 15 minutes I was able to find a way to view it. The quality was viewable but poor. The picture was less than Standard Definition but a solid enough stream that it was up for the entire game. It was difficult to follow the action on passing plays but, heck, it was good enough to count as having watched this important game.

Kids Shows

I caught my son trying to change the TV to the channel that used to be the Cartoon Network while it was on the antenna. At 7, he still doesn’t quite understand what not having cable means. The kids still enjoy Netflix content but were missing their Scooby Doo. A couple weeks ago, I had purchased a couple of episodes; one from iTunes and one from Amazon Video on Demand (VOD) to see how they worked. I settled on Amazon VOD as the choice going forward. Even though I like to have the content I buy locally on my computer instead of in the cloud, since DRM is used for both I saw little advantage for the iTunes way of downloading it. It just makes my iTunes library larger and impacts backup sizes.

So, today we purchased a season of Scooby Doo. It’s the classic one that I grew up watching in the 1970’s. It was $16.99 for 16 episodes. My plan is to buy one season of something for them each month.

Cutting the cord

We have considered dropping cable at times over the last couple of years especially after we established a Netflix account last year at this time. The 11 days we spent without cable due to the October 2011 snow storm was pretty much enough to convince us that we could live without it.

Well, we finally did it! I dropped off the cable equipment at the Comcast office this morning. But, it wasn’t before putting some measures in place to insure that we have content to keep our kids and us happy.

The old way (with the cord)

We were paying $82 per month for cable TV which amounts to $984 annually. We had a pretty standard package with the addition of HD programming and an HD DVR. No premium channels. Like most, we only watched a fraction of the channels we had access to. And, a lot of it was time-shifted. The kids usually watched recorded shows from the DVR, Netflix or the free shows from Comcast’s On Demand. My wife and I watched the networks usually through recorded shows on the DVR, some cable news and HGTV.

We have three TVs used for most of our TV watching. One in the family room, one in the living room and one in the bedroom.

The family room is where we had the HD DVR and where the kids do most of there TV watching. We already had a Playstation 3 there which was occasionally used for games but got good steady use for access to Netflix, playing DVDs and also to view video from our networked media server, an HP MediaVault 2120. The video on there has been acquired through various sources including content extracted from our DVR. It covers both kids and non-kids programming, tv shows and movies.

The second TV in the Living Room is mainly only used for NFL football using an existing HDTV antenna. It did have cable but not HD cable which I refused to watch because I find it hard to watch football without HD.

The TV in the bedroom is rarely watched. It is mostly used for watching the early morning news when getting ready for the day.

The new way (without the cord)

We had several viewing goals for our overall TV entertainment:

  1. Keep the kids happy with their favorite shows (Scooby Doo, Johnny Test, Sponge Bob, etc.). The general profile for their viewing is to watch the same shows and movies over and over
  2. Live sports – specifically NFL football
  3. The ability to record live TV for later viewing and/or viewing network shows on our own schedule

Item 1.) was covered partly through our Netflix subscription but we added Amazon Instant Video which we get through a new Amazon Prime account and, although the kids content choices are slim, it also provides the ability to purchase movies and TV shows in the future. Amazon seems to be a good avenue for this even though we have become much more into iTunes as we have added more i-devices. When the kids get bored with Netflix we have the option of buying TV shows by the season for them.

To get Amazon Instant Video on the TV we added a Roku LT to the family room. Although, it is slightly redundant to the PS3 in terms of access to Netflix, we have found that it is much more usable for our 7 year old. We also added an HDTV antenna to the living room TV to get network over-the-air (OTA) programming.

Item 2.) is handled through the existing HDTV antenna in the living room.  This leaves out Monday Night Football which can only be watched via ESPN which is not possible without cable. We already could not see Thursday night games since our Comcast did not carry the NFL Network so no change there. So, the big loss here is MNF.

Item 3.) is addressed through the addition of a Home Theater PC (HTPC). My choice was a Mac Mini. I considered other solutions including building my own but the price point for other solutions all ended up in the $500-$600 range where the Mac Mini is. The Mini is currently attached to the living room TV which now will be used more regularly for standard TV watching. An Elgato EyeTV attached to the Mac Mini allows us to watch and record live TV and to schedule recordings. We can also view virtually any web content including standard Hulu. This allows us to avoid the monthly fee for Hulu Plus.

To make the Mac Mini more easy to use, a free software program Plex is used for a more friendly non-computer like interface. It integrates Netflix, Hulu and much of the web content available through web sites like ABC, NBC, HGTV and others. The Mac Mini also runs iTunes which gives us access to that content as well as another outlet for purchasing/renting TV and movies.

Our annual costs are for Netflix and Amazon Prime ($7.99*12 + $79.99 = $175.87). If I hadn’t become so addicted to 2 day shipping we probably could drop the Amazon Prime since we will probably use Amazon Instant Video mostly for purchase and rentals and not the free stuff. We were already paying for Netflix even with cable so it is somewhat unfair to count it now as a new non-cable annual expense.

To keep our costs at 50% of the old cable costs, even with the Netflix and Amazon Prime, we could still afford to spend $25/month on purchased and/or rented content.

And, then there’s the initial outlay for the new devices:

Mac Mini. $564.99
Apple wireless keyboard. $58.00 (black friday deal)
Apple Magic Trackpad. $58.00 (black friday deal)
Roku LT. $49.99
Elgato Eye TV. $55.24
Terk HDTVA antenna. $39.98
Wineguard FL-5000 antenna. $24.98
2 @ HDMI cables. $15.98

Total: $867.16

At least in the first year we won’t be saving any money but should roughly break even as long as we don’t spend on more content. I think the Mac Mini is a great addition to our household. It will get used by the kids. They are already familiar with Mac OS since they use it at school. It also feeds my gadget lust. I actually funded it through some money I keep aside just for such things.

I think we have it covered from all angles. And, then some. I’ll provide updates as our setup matures and we learn more about what works and doesn’t work.

Here’s a link to a post that inspired me to go the Mac Mini route: Mac Mini HTPC Setup

Migrating from Lotus Notes to Gmail

In a way it pains me to do this. This may seem like an anti-Lotus Notes thing but it is not. I think Lotus Notes is very valuable when used in the right situations.

For a long, long time I have Lotus Notes as my email client. I never liked Outlook and Lotus Notes is what I used at work and have always been involved with it from an application perspective. Last year, I changed from using the Lotus Notes client for my triplewhitefox.com address to GMail. It just made sense. By having my mail in Gmail, I could get better access to it via my phone.

That left me with my mail archive in Lotus. With the arrival of my new laptop, I began migrating all of existing Windows applications and data. So, it left me wondering if, at the same time, I should migrate my email off of Lotus Notes. Simultaneously, I am involved in work with helping someone do this exact move – Lotus to Gmail.

Of course, there are commercial programs to do this. But, for doing it once this seems overkill and an unnecessary expense. In researching this I came across some good articles that helped me get it done.

The first was an article from the site Sales IT Tech entitled Transfer Lotus Notes Email to Gmail and Unleash That Captured Information. It provided the basis for my transfer procedure.

  1. Connect Lotus to Gmail via IMAP
  2. Create a label structure in Gmail to parallel the Lotus folder structure
  3. Copy email within Lotus to the mapped IMAP account folder by folder

The problem I found was that, once in Gmail, the time/date stamps of the email messages were that of the time/date of the upload, not the original time/date of the email message. That led me to the next useful article on fixing the problem: Import messages through IMAP – message date wrong in Inbox

Basically this added several more steps:

  1. Install Mozilla Thunderbird
  2. Link Thunderbird to Gmail
  3. Create a local folder structure in Thunderbird to mirror the Gmail structure
  4. Using Thurderbird, copy mail from Gmail to local folders
  5. Delete the mail in Gmail
  6. Empty the trash in Gmail
  7. Using Thurderbird, copy the mail from local folders back to the Gmail folders

This fixes the time stamp issue.

For me, the biggest challenge was the time involvde in moving my 7,000 messages that resided across over 80 folders. I have mail going back to 1998. At first, I was doing this on my old laptop running Windows XP and Lotus Notes 8.5.1. I experienced many IMAP timeouts in both Notes (an error message resulted) and Thunderbird (it just stopped responding). I settled into doing it in batches of about 100 documents at a time.

I later moved to doing it on my new laptop running Windows 7  Home Premium 64 bit again with 8.5.1 and had nearly no IMAP connection problems and was able to do hundreds of documents at a time. I still split up large collection of documents.

Finally a new laptop – Thinkpad T520

As I have previously mentioned, I finally pulled the trigger on a new laptop, the Lenovo Thinkpad T520. I wanted a solid and reliable laptop and the Lenovo T-series has offerred that for many years.

It was tricky to time the purchase as Lenovo is constantly changing the configurations they offer as well as the coupons available.  My interest in Lenovo started in March when the T510 was available. I almost went with the T510 when a really great configuration was obtainable for the mid $700’s. For a while I kicked myself for not jumping on that deal as I watched and watched the pricing but then justified my indecision as I decided to wait for the T520 with Sandy Bridge.

I found the Lenovo forums at notebookreview.com to be very helpful in figuring out the discounts and the finally configuration.  I pretty much bought the most basic configuration that met my needs and opted to do my own upgrades since purchasing them from Lenovo are more expensive  than buying them aftermarket. From Lenovo, I configured the following upgrades for the standard T520i:

  • Intel Core i5-2410M Processor (2.30GHz, 3MB L3)
  • 15.6″ HD+ (1600 x 900) LED Backlit Anti-Glare Display
  • 720p Camera
  • 9 cell Li-Ion Battery
  • Intel Centrino Advanced-N 6205 wireless

From Amazon, I also ordered a Corsair 4 GB DDR3 Laptop Memory Kit to add to the standard 2GB of RAM. I ordered a Intel Solid-State Drives 310 series – Solid state drive – 80 GB to install via the mSATA slot which allowed me to keep a spinning HDD which I upgraded from the standard 250 GB 5200 RPM drive to the Western Digital 320 GB Scorpio Black SATA 7200 RPM.

The upgrades were painless and only involved removing a few screws to gain access. Memory and HDD install from the bottom. mSATA SSD installed unde rthe keyboard. It was kind of weird to crack open a brand new laptop but everything I read about Thinkpads indicated that they were among the most serviceable out there.  My overall procedure was as follows:

  1. Setup Windows 7 on the machine as shipped
  2. Created recovery disks (for the rebuild on the new drive)
  3. Installed additional 4 GB memory
  4. Booted to verify that memory was recognized for a total of 6 GB
  5. Removed keyboard and installed SSD
  6. Removed 250 GB HDD
  7. Booted with Recovery boot disk and installed OS from recovery disks to SSD (only installed drive at the time)
  8. Setup Windows 7
  9. Reinstalled 250 GB HDD
  10. Booted to Windows 7 and verified boot drive was still SSD
  11. Turned off scheduled defragmentation

I didn’t decide on the HDD upgrade until a few days later.

  1. Replaced  250 GB drive with WD Scorpio Black 320GB 7200 RPM HDD
  2. Partitioned new drive as D: and used Quick format on it
  3. Installed Truecrypt
  4. Encrypted D: with volume encryption. AES, RIPEMD-160 to favor performance vs security
  5. Set to auto-mount encrypted volume as E:

Now that I have it all together, I am very happy with the result. I have my OS and applications on the 80GB SSD and my data on the 320 GB HDD. Boot up and general operation are really fast.

HP Laptop Replacement – Finally Coming

A long while ago, I posted about about display problems with my HP dv8000 laptop. At the time I was thinking about a replacement. Since that time, more and more vertical lines have appeared. So many so that I don’t notice when a new one appears. I estimate that there are well over 100.

HP dv8000 Vertical Lines

I have just been sticking it out hoping to get as much life as I can out of this machine. Despite some problems like this display one and overheating (which I spent four hours pulling it apart and cleaning the fan to solve) it has served me well.

Well, more than a year later, that replacement is actually going to happen. I decided to skip HP this time around and went with Lenovo. I generally keep my computers for a long time so I want something that will last the test of time. This will only be my fourth computer purchase since 1994! The dv8000 will be the first one that didn’t make it to six years before being replaced. It is 5 1/3 years old. Not too shabby.

I don’t do any PC gaming so I find that I am OK with something below the latest and greatest available. Although I am not suffering this time around and going with a 2nd generation Intel Core i5. Although, I’m moving down from a 17″  to a 15.6″ screen I am getting an overall higher resolution. It is absurd that most 15″ laptops come with 1366 x 768 screens. I had to upgrade from that.

Right off the bat, I’m planning to do a few upgrades on my own since buying something like memory is cheaper through amazon than through the manufacturer. I ordered direct and it just shipped today. I should have it by early next week.

Feature Mustang Registry Updates Underway

My last round of web site updates included changes to the 1992 and 1993 Feature Mustang registry forms. This changed it from simply emailing a submission to me to including  the submissions in a database. With the old email-based submission, I processed everything locally and uploaded a new web page with the statistics. After I went to the online database. I never updated my workflow to use the new data. As a result, submissions have been coming in and the statistics pages have not been getting updated.

Well, over the last week, I have started to create a new statistics process that pulls directly from the database. The result looks substantially like the old page but is much more accurate as the approach removes the likelyhood of an error in manually transcribing the data.

The page now includes the date of the latest submission so you can tell how up to date it is. When a submission comes in, it doesn’t go directly to the stats. I still need to review it before it gets added. This allows me to look for errors and to identify cars that have been previously registered. The page also includes the number of submissions pending my review.

To date, I have completed the  conversion for 1992 statistics and am going to start next on the 1993 statistics.

Link: 1992 Registry Statistics

Web sites changes

It’s been a long process but last night I have finally released changes to the content part of TripleWhiteFox.com that make management of it much easier. By “content part” I am referring to everything but the blog and forums.

My old way of maintaining the site was through hand-coded HTML that I updated through a text editor. This method goes way back to 1999 when I first started a web site and that was an accepted practice. These days it is not and, more importantly, it is a productivity barrier. When I started to use WordPress for my blog I got a taste for how nice it is to write content directly on the site. I wanted that across the whole thing.

So, back in November 2009 I started to explore software that could do that and settled on Drupal. It is a Content Management System (CMS). There are simpler CMS options but I have some dynamic content to integrate so I needed a lot of flexibility. Drupal has delivered that. The “content part” of the site is now running on it. I still have a few things to work out but it is pretty much there.

My next steps will be to move the blog from WordPress into Drupal and then finally convert the forums to a more up to date package.