Grubb's thoughtspace

Michelle has her head down in a bowl full of steaming water with oregano oil in it. Twitter tells me I've been on that stupid site for 10 full years of my life. That's hard to believe.

Does anyone remember how fun the internet was 10 years ago? How full of possibility it seemed? How many different sites and blogs and forums and lists you visited on a daily basis? It seems in hindsight like it was dozens, if not more. RSS was so much fun, adding blogs to your blog roll, writing posts in Wordpress, learning about how all this stuff works.

Now?

The list of sites that I visit on a daily basis is down to about 2 or 3, and they suck more every day. Twitter is one of them. It was a place that was full of hope and possibility and now it's a capitalistic, dystopian internet shithole that I can't stop visiting because it's one of the last interesting places on this internet here in 2019.

I've attained my goal of getting out of the music grind, though not in the way that I'd wished 10 years ago. We're financially stable and generally vastly happier than 10 years ago, and that's not at all to be discounted. But the work of building the internet, I dunno. Something is missing these days.

At minute 0, upon hearing the news

Wow, that is an incredible amount of money. How could their ad revenues possibly be worth that kind of a figure? And to all these people on Twitter saying “I hope you'll still release your content on other platforms because Spotify sucks!”, good luck folks. That's not how this works.

2 minutes later

Oh I get it, they're going to borrow the Netflix, Amazon Prime, Hulu, everybody else model and start presenting their own content in their own little walled garden. Oh well, I really enjoyed Reply All. Guess I better download all those back episodes while I still can.

A day or two later

Oh now I get it. This is how Big Tech will start getting their disgusting claws around the last bastion of the fun and open internet that still exists in the form of podcasting. If I were Thor I would bring a mighty anti-trust hammer down on all these assholes. I hope it's not too late, because they control all the channels of distribution and are about to start controlling all the channels of creation. I hate the internet.

But seriously Gimlet, I'm really frickin disappointed. I guess the fact that your very first podcast is called “Startup” is a giant hindsight clue as to your intentions but I really thought your image as young, scrappy journalists shedding light on some of the internet's darker corners was genuine. I guess everybody has a price, and I guess Spotify is calling up every successful podcasting company right now to see what theirs is.

It's absurd that we have mechanisms to block email spam but we still, in 2019, do not have mechanisms in palce to block phone call spam (robo calls). This is an attempt to think of a standardized interface that all phone companies in America must implement in order with legislation that has yet to be written.

background

I have recently implemented a little DNS server in my house. DNS is sort of like the internet's phone book: it takes a domain name and tells you what IP address to find that domain at. The reasons for implementing my own DNS server are two fold: – Your ISP is your default DNS server. This means that even if you are using HTTPS for eveything and you think your web browsing is encrypted and hidden from snooping, you're still telling your ISP about every website you visit by virtue of your computer calling them to do a DNS lookup everytime you request a webpage. every time you request a webpage. This offends my growing paranoia. – By setting up this little DNS server in my house, I'm able to block certain domains that I don't want to be served. In practice this means using a gadget called “Pi-hole” that crowdsources the process of listing out domains that are known to be either ad networks or connected with serving malware. There are currently 112,784 domains on the lists that I'm using, so even when using the NY Times mobile app that's covered with ads

All wireless carriers must permit the blocking of calls by blocked numbers. Each account (phone number) should have an accessible method by which users can add numbers to block at the carrier level. This is like the “block this caller” feature on the iPhone but at the carrier level.

Starting a new series in order to help myself remember the good ones. This was a daily deal on https://www.thewinebuyer.com, which as it turns out is the parent of the north Jersey staple Bottle King store. I've recently discovered the website after a google search for “north jersey cheap wine cases” or something like that and have been spending way too much on wine lately.

Anyway, I bought 6 bottles of this for $10 each, and would definitely recommend it to anyone who likes dry red wine. Not minerally or overly fruity, just tasty; surprisingly so given the price. I'd definitely buy a case of this if I hadn't bought so much other stuff lately.

Here's a link if you're in NJ – https://www.thewinebuyer.com/sku40422.html

Casa Castillo Monastrell 2016

Hello. This post was inspired by a couple of interactions that I've had recently with family members who wished to do something that required some measure of privacy and security, but who also don't need to be given an entire handbook of online security best practices to read. This post shall hopefully function as a primer for those of you who wish to tighten up your online security practices, starting from square 0.

Why bother?

The entire point here is to make it harder to a) get into your private information and b) get something useful out of your private information should someone get in. Your entire goal here is just to make it harder than the next guy; the digital equivalent of locking your car when you park in public.

Q: But there's so much information/accounts/junk out there, how would anyone find me, or why would they bother to find me?

A: They're not looking for you. They have scripts and bots to do the sifting of interesting looking data, email addresses, password combinations to try. By this point all of our data is out there from the Equifax hack, the Adobe hack, the LinkedIn hack, and a thousand others that we never heard about.

(Probably) nobody is going to be targeting you directly, they just have computer scripts that trot around the internet and try the digital equivalent of walking through the mall parking lot looking for an unlocked car. Just don't be that car.

Step 1: Password manager

Q: What is a password manager?

A: Just what it sounds like. It is a system that stores your passwords and account names for you. They can also generate very strong passwords for you and store those. What this accomplishes is two fold:

  • It prevents you from having to remember what password you used for this site or that site, and it can automatically fill the user and password fields on whatever it has stored. Just click a button in your browser to have the login fields populated when you want to log in to something. This alone is life-changing in a minor way.
  • Since you don't have to keep the password in your head anymore, it prevents you from reusing the same or almost the same password on multiple sites. It generates strong and unique passwords for you.

We've all heard that we shouldn't reuse passwords but it's impossible not to do that if you're relying on your brain to store them. I personally used small variations of 3 different passwords on hundreds and hundreds of accounts over the last 10-12 years. I finally began using an honest to God password manager when I started this Platform.sh gig 2.5 years ago and have since added ~170 account logins to my password manager.

Only a dozen or so of these are sites I use regularly – work and banking stuff. The rest are random sites with which I've transacted some kind of business – the online printer for the kids schoolbooks that I used once so far, that cool wood stove that I bought online for my brother in law for their new house, etc. I may never do business with these outlets again, or maybe I will, but the point is that they don't have another copy of that same password I use everywhere else in their database*. If they get hacked, at most the Bad Guys get my email address (though I've gotten wide to that lately, too).

Q: So how does this work?

  • You sign up for an account, may I recommend Bitwarden, and choose 1 strong master password that functions as the encryption key for everything that you store in the password manager. This really should be a strong thing that you'll be able to remember but that you haven't used anywhere else. This is the last password you'll need to remember ever, so take your time.
  • You install the plugin for whatever browser you use. Look in the middle of the front page: https://bitwarden.com/ and click on the plugin for whatever browser you use. You'll need to login after you install it, but this will manage saving user/password combos on sites when you log in (it'll offer to save new ones for you) and will auto-fill the user/password field on sites that you've previously saved your credentials.
  • Optional, but recommended: I think all of my family members are on iPhones at this point, so install the Bitwarden iPhone app as well. This will give you the same benefits on the phone, and integrates with your apps as well.

Q: Store my passwords in an online service, are you nuts?!

A: You're not actually storing anything on their servers except for encrypted gibberish. Actually, it's not even gibberish, it's binary bits. They don't even know what information of yours they're storing because all the encryption and decryption happens on your computer/phone/whatever before it gets sent to them. They're just storing encrypted blobs so if they ever got hacked, the payoff for the hackers would an encrypted pile of blobs. Useless, and safer than using the same password over and over.

Like I said at the top, all you're trying to do is make it harder then the next guy who isn't practicing good security and this is the first thing you should do.

Step 2: Never send sensitive information via email. Never.

But I'll just delete it from my “sent” box after I send it.

That doesn't mean that the recipient deleted it. That doesn't mean that the email service that you use deleted it. That doesn't mean that the email service you use has good security practices and there's not somebody watching the entire system for emails with the header “account information” or “credit card” or “wiring instructions”. I mean, the last one is possibly a little hyperbolic but I know for a fact that some of you are still on AOL for email. Can you count the number of times AOL has changed hands since you've had that address? Each of those acquiring companies has a vested interest in mining data out of AOL's user base and that means making copies of whatever might be useful some day. Do you trust all of them?

So what should I use?

Honestly: Apple Messages is actually end to end encrypted, which makes it as safe a communication method as anything you are likely to use. If you don't have an iPhone then just get one. They are the only big company out there right now that treats their users with respect with regards to their private information. When you and the recipient each delete the message, it's actually deleted, since whatever other data remains out there is encrypted and safe.

What else?

I'd recommend not using an email address that's tied to your internet provider or your job or some service that you used a long time or anything related to Google or Facebook or any other business whose model is not respecting your privacy. If you're looking for suggestions, I use a service called Fastmail that provides a lot of cool features and lets me use my own domain for email. I also pay for it, so I have an amount of trust that they'll still be in business 5 years from.

If you don't care about that but still want to have a portable email address (not tied to ISP or job) then I'd recommend ProtonMail.

So we traveled to Michigan for the holiday week last week and decided to take our popup. Yes, it's freezing in Michigan in November, but let me explain.

My brother in law just built an amazing new house on 70 acres or so and has plenty of room for us inside, but we have a popup camper that has been thoroughly overhauled and the beds are amazing. Like, more comfy than our bed at home almost. It's also just nice to have your own space, regardless. We took it out there over the summer and had such a great time that our one week trip turned into almost two, due in no small part to those amazing beds.

So when packing up I was noticing that, yeah, these tires are looking a little old. They tend to crack from dry rot when they sit in the elements, and we haven't replaced them since we bought the camper almost 4 years ago. I was going to replace them in the spring before we go down to Florida.

Well ofc one of them went, half way across PA. The ordeal was minor, but I did end up having to call AAA because the spare was flat :face_palm:. We got on our way and stopped at the Rural Kind in Clearfield PA to buy a new spare, but I ended up buying 2 new tires anyway. The trip home was smooth as could be, presumably because the new tires were a) new and b) steel belted radial tires instead of nylon, bias-ply tires (prone to catastrophic failure). The trailer used to kinda oscillate slightly side to side in turns, but yesterday perfectly straight.

The brakes even worked way better, which lead me to wonder if maybe the old tires were locking up wehn we braked. The brakes always kinda sucked on that trailer, but now they're great, so maybe those old tires were just so bald that they locked up and glided along without really doing much in the way of braking? The wear pattern on the remaining old tire that didn't blow had further evidence of this theory.

Anyway, Rural King and keep your trailer tires in good shape. And call AAA whether you thiknk you'll need them or not because it takes an hour for them to get there. You can always cancel.

I remember when I started writing my previous blog, the internet felt really fun. Many people I knew or wanted to know or just wanted to know what they were thinking had their own blogs, RSS was a thing that was encouraged by companies like Facebook and Google. It felt different than it does now.

I've been listening to podcasts for years, mainly electronic music, and have only really discovered lately podcasts of the story-telling type. The Vintage Airstream Podcast, several that follow news and politics in a more thought-provoking, less click-baity way. They're great for listening to in the car on long trip obviously, and they're mainly what I listen to when I run. It's the only way really that I can keep up with news and current events without coming away feeling sad or angry.

I hope Facebook and Google don't embrace and extinguish this medium, because it's the only part of the internet lately that still feels like the internet used to...

The thing about doing anything nice to your house is that it then exposes how the rest of your house needs updating as well. We've lived here for 12 years now, and have redone damn near everything internally that is not fun to do: the furnace last winter, the water pump the year before that, the electrical is always causing us issues. Basically we've always been too broke to do the fun stuff.

Well recently we decided “fuck it” because the stone steps leading up to our stone house were shot. Like, stones falling out the sides and treads that were not attached to their foundation shot. A “scarecase” was what our friend called it. So we finally got a few days in said friend's calendar for him to come out and do something about it.

It looked so good when done that we had to go to the Depot and get a storm door for what used to be a plain old screen door leading from our little mud room off the kitchen out on to these stairs. Then we started thinking about the windows, and this is how it starts. Like I said, we bought this house a long time ago with the object of fixing it up, just taken us a loooong time to get to a place financially where it was even remotely possible.


side note: Every picture I've ever taken is in iCloud. Why can't I right click a picture and get a public URL for it so I can easily share pictures I've taken via this blog? This seems like the simplest idea in the universe.

Hi there. I've decided to start a new blog and try to stick with it for a little bit. The old one will stay where it is of couse, since it's a realtime journal of the last 10-ish years of my life, but today starts a new era.

The last two years in a nutshell -

  • I have a tech startup job that I love.
  • I work from home.
  • I jog 6 miles a day when the weather allows
  • I tried brewing a little beer, but it was a lot of work so I don't really do it lately.
  • We bought a 1977 Airstream Sovereign, that I suspect will appear here quite often (pics coming once I decide how to deal with them)
  • I get promoted today to “Director of Customer Care”, because I'm reasonably empathetic and definitely technical and have been at this gig for long enough to more or less know my way around.
    • We're growing like crazy, I was #32 or so back in July 2016 and we're over 100 now so that's interesting.

I've been doing this job for the last 2 years that's called “presales”. Essentially I'm a technical sales person, or the developer on sales calls or however you want to think about it. I'm about to start transitioning out of that gig so I might write a few missives about what I learned about that in the last couple years. It's funny, my thoughts and opinions on How To Presales are coming together now that I'm about to stop doing that.

Anyway, this will be a test of how much I can get done in 5 minutes in the morning over coffee.