Phil Dreizen

Server Upgrade Fail

A recent upgrade did not go as smoothly as I had hoped, and this site has been garbled for a good week. The fix was easy. FWIW, I'm considering switching to an off the shelf static site generator.

Everything rusts, including websites - OpenId edition

Comments on this site essentially stopped working because of a lack of support for OpenID in general and the deprecation of the OpenID 2.0 standard specifically. OpenID is (or was?) an open standard for authentication, and allowed you to log into websites using just one URL that that was hosted by an "OpenID provider." There were OpenID providers like myopenid for those who knew what OpenID was. But large companies like Google, Yahoo, and Facebook also acted as providers, hiding the underlying technology, allowing users to log in with their already existing accounts.

What was nice about OpenID was that I didn't need to ask users to create an identity on my site. They just used their identity from somewhere else. And because it was an open standard, I didn't need to write code for each provider.

It seems since I last actively used this site, OpenID 2.0 was dropped, replaced with OpenID Connect. Besides Google, I can't seem to find anything that uses OpenID Connect. (I could be wrong about this, but it sure is hidden). And even Google prefers you use their "Google Sign-In" over OpenID Connect.

Of course, you see "Sign in with Google" and "Sign in With Facebook" all over the web. But it seems to me that if I want people to be able to sign in with Google,Facebook or anything else, I have to handle each case separately. Which is really annoying.

In any case, until I do something about the situation, I have to disable comments.

Everything rusts, including websites

I had been using twitterfeed as the means for automatically publishing posts from this blog to facebook. IIRC, twitterfeed would read from the rss feed and publish the latest posts. Well, twitterfeed closed their doors on Oct 2016. I'll have to find a new solution.

Hello world, yet again, yet again

I'm going to start using again, damn it! Really! It's just a matter of getting into the habit of using it.

I'm sure you are awaiting anxiously for the next post...

Hello World again! Also: A New Look!

Hello world, yet again. The first new post in over 2 years. Has it really been 2 years since I played that crazy Barbarian Prince session? Yes.

With this new post comes minor changes to the look. First, I've changed the font to inconsolata. I don't think I had realized just how relatively bad Courier New really is until recently, and I've settled on inconsolata as my monospace font of choice at the moment. I've also lowered the contrast, on the recommendation of Web Design in 4 Minutes, and do think it looks a tad better.


It sure is quiet around here! I pledge to return to getting at least 1 thing posted here a week. And this post doesn't count -- it's just practice.

Shinzon Considers a Word

After seeing a few requests for There's a word I want you to consider in the ol' apache logs, a few from old forum posts about Dark Knight Rises that have seemed to disappear off the web, I decided to bring Shinzon and Donatra back.

Praetor Shinzon: There's a word I want you to consider: Allegiance. It's something I demand from those who serve me.
Commander Donatra: Do I serve you?
Praetor Shinzon: Yes. And I think, faithfully. Commander Suran on the other hand... gives me pause.
Commander Donatra: Here's another word, Praetor: Trust. Do you trust me? How far does that trust extend? How... deep... does it go? What must a commander do to prove herself faithful to you? What must a woman do?
[she stretches her hand out to touch Shinzon's face, but he snatches it away at the last moment]
Praetor Shinzon: You... are not a woman. You are a Romulan.

But also:

Praetor Shinzon: There's a word I want you to consider: backstretch
Commander Donatra: Here's another word, Praetor: Idahoan

That link again is: now with more comments! (alpha)

Because at least two people have requested that I add comments, I've implemented a comment system. This isn't well tested by me or anything, so if you encounter bugs please let me know about them! And please, make feature requests. To leave a comment, you'll need to sign in with a 3rd party, like google or yahoo.

Adding comments introduces some...issues. So I wasn't originally in a rush to get it done.

The first issue is trying to combat spam. There are lot's of options to deal with it. Widely used options like recaptcha are in a war of escalation with spammers. As a result they've gotten so difficult to read, I find them too hostile to non-spammers like me. I considered rolling my own Ascii Captcha - it would generate random words in ascii art, and prompt the user to enter the word generated. (In fact, I DID develop this and chose not to use it...yet...) Though a system like this would be fairly easy to break, any time spent doing it would be specific to, and not really worth a spammers time. There are services like akismet that probably use baysian categorizers and the like to guess if a particular comment is spam. akismet is widely used right now, it's probably a good choice. Right now I don't have any of these in place...I'm hoping that since I'm requiring an openid login, spam will be reduced, though I don't actually know that it will help in anyway. I do have a simple honey pot in place. Apparently, spambots can't resist filling in form fields, and so I have a form field (no display) that must be left blank for a successful comment submission.

Then there's the concern that comes with any user submitted data: security. Inviting users to comment invites users to try break into the site. (Things like SQL injection). And, especially since comments are displayed right back on the page, another concern is users leaving malicious javascript code in the comments they leave (XSS). Third party libraries like htmlpurifier help with the later at least.

And what to do about anonymous users? I ultimately decided that having some kind of identity will reduce flaming. So, in order to leave a comment, you'll need to authenticate using OpenID. You'll be able to use lots of services (Google,Yahoo...) to authenticate this way.

Finally is the fact that there will be bugs. So I'm looking forward to angry friends telling me how they tried to leave a comment but couldn't. Why did I bother implementing this from scratch again?

RSS Feed Activated

Next major milestone has been met. You can now subscribe to here:

Starting again...again.

Hi Everyone. I'm starting this website (and this server) from scratch after having letting it go stale. The server is now running Debian Wheezy.

Some technical details follow: I'm trying something that is, arguably, insane. I'm writing the blog portion of this site in php, from scratch, backing it with a dbm database. The keys are the time of the post, and the entry itself is a JSON string representing the post. Arguably NoSQL inspired -- not that I know much of anything about NoSQL. In any case, something about the arrangement seems "simple" to me. Also, it lends itself to CLI tools to manage the posts. Also, I must be some kind of masochist.

So, when deciding on what kind of dbm to use, I made a "fun" discovery: Wheezy packages php5 with qdbm support and no gdbm support. But packages python with gdbm support and no qdbm support. And there doesn't seem to be any way to rectify the sitution using the repositories. This is quite annoying if I had wanted to use python and php to interact with the same underlying db, which I was considering doing. On the bright side, it stopped me from doing that.

Hello World!

Hello World!