We kept it gray

Thanks to the work, feedback, and help of many others over a period of years, I can now call myself a published author! (*)

(*) Technically correct - the best kind of correct!

RFC 8308: Extension Negotiation in the Secure Shell (SSH) Protocol
RFC 8332: Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell (SSH) Protocol

Though to be completely correct – the first was this small but honorable mention in 2012:

RFC 6668: SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol

This Futurama quote is now applicable to me as well. :)

The five principles of negotiation (for young adults)

I'm not yet 38, but if I'm not yet experienced enough to teach these basics, I may never be. All of this advice is based on my past mistakes. Take it with a grain of salt, and apply with prudence. :)
If you can at all avoid it – don't negotiate with scrooges.You can recognize a scrooge in that they not only negotiate hard, but also low-ball every offer, and seem to want to nickel and dime you with respect to every term and condition.If you can avoid negotiating with these people, avoid it. If you are selling, sometimes they will still buy your stuff on your terms, but most of the time they walk away from the transaction.You want them to walk away. If you get their business, you will be a slave to them.In most transactions, there can be substantial give and take. A fair price is 50, but a buyer is willing to pay up to 80 – with clenched teeth. At the same time, the seller may be willing to sell for as low as 20 before they really regret it. Scrooges are hell-bent on maximizi…

Missing web security feature: Signed web assets with browser validation

It is finally expected that reputable websites use TLS for all connections. Google, Bing, Facebook, Reddit, many smaller websites, even this blog – we all use HTTPS by default. This protects the privacy and integrity of internet browsing from intrusion near the user, or between the user and server.

At the same time, though, a security threat is encroaching from the server direction. Increasingly, no one except a few large corporations has control over their servers anymore. Even data that needs to conform to HIPAA security requirements is being moved into "the cloud" – which is to say, onto computers managed by a few companies. This is primarily the largest cloud provider, Amazon; trailed by Microsoft, IBM, and Google.

It's not just that the servers reside at these large providers in the form of virtual machines which can potentially be accessed by the provider, or any government that can compel them. It's also that increasingly, servers are being abstracted away. Am…

Samsung Galaxy: Buggy alerts in both Samsung and Google Calendar

I used to rely on the Calendar app on my Samsung Galaxy. Then, something changed. Maybe it's that I upgraded the phone; maybe an update broke the calendar functionality. Either way, for some reason, alerts now no longer work.

I was supposed to be on a call today. It was scheduled a week in advance, so I used the Calendar app. The event was set up, and was configured to alert me 30 minutes before. The time zone was correct. The phone was on; sound was on; and the app was permitted to alert and show notifications.

There was no alert. I was not present on the call, and this may have cost my company business.

I remembered this happening once before, but at that time I figured I must have configured something incorrectly. This time, I double checked. An alert should have happened, and did not.

My wife uses a different Samsung Galaxy with the same app, and has also experienced alerts that don't occur.

I tried switching the Samsung Calendar app for the Google Calendar app. But the sa…

Thoughts on Bitcoin - and why I cashed out of BTC at $18k

From one point of view, cashing out is foolish. The price has gone up, and will go further. From another perspective, holding so much in BTC was already insane.

In 2013, I swallowed my pride for not having invented Bitcoin, and invested a total of $60,000 in it. About $30,000 was into Butterfly Labs mining hardware. This turned out to be mostly a scam. Time after time, the company delayed delivery, while actually, they were using hardware prepaid by their customers to mine Bitcoin themselves. A year later, I was able to receive my order refunded. I'm not sure that would have happened if it wasn't for a friend.

With the other $30,000, I bought around 250 coins on MtGox, at around $120. For months after, I had a disturbing gut feeling about leaving them there. I rationalized that it's safer to trust the world's largest exchange than to store them myself. When MtGox came crashing, I salvaged around 30. For a year, I beat myself up for ignoring my sixth sense.

I have now s…

Mudanzas Mundiales: 82 days to move things from Costa Rica to Texas

This is to record, for posterity or otherwise, that Mudanzas Mundiales took 82 days to move about 15 boxes of our household items from San José, Costa Rica, to Texas.

We hired them for this move because we previously used them for a move within San José, and they did a great job then. This time, we hoped it might take 1 week. We were told 2 weeks. But actually, they packed our things September 14 – and they arrived December 5.

The boxes were not stuck in customs. They arrived in Miami November 20, just before Thanksgiving. From this point to delivery, including customs, took 15 days.

For around 66 days, the boxes were stuck in a warehouse in Costa Rica.

For the first 2 weeks after they packed our things, they didn't even respond to our emails and phone calls. We had to reach out to someone who knows the owners. Only after, they responded.

It still took as long as it did. Their explanation was that they experienced "problems getting a quote", and they had been moving thei…

Left vs. right: reason and compassion vs. blind principles

What's left and what's right in political terms is hard to define from an international perspective. The Overton window can shift so much that what's left in the US is right in France. In countries with a socialist past, where the main issues are economic, the left may even seem more repressive, and the right seems progressive and liberal.

There are some trends we can identify:
The right tends to be economically permissive, but restrictive of personal freedoms.The left tends to be economically restrictive, but permissive in personal freedoms.The overarching theme, though, is this:
The right claims to value principles, and can tolerate any suffering to uphold them – especially if it's other people's. Yet when out of view, rightists often do what benefits them, not what they say in public.The left tends to think this is cruel and evil.This pattern can be seen in all areas of disagreement:
When it comes to abortion, the left wants to minimize suffering – of the child, of…