A few weeks ago I listened to "Welcome to the Welcome Wagon" on the excellent VPRO Luisterpaal (http://3voor12.vpro.nl/luisterpaal/). I ordered the CD and today it has been delivered by mail.
The reason I happily pay a few extra bucks for a CD is that there is artwork included and in this case the artwork provides a little background about the work.
This album was recorded and produced by Sufjan Steven and his musical touch stands out. What I did not know is that the music was composed and performed by Pastor Vito Aiuto and his Monique Aiuto. The music classifies itself as folk/gospel.
I do not regularly look at music in the Gospel category. The reason is twofold. First the message does not appeal to me, and second, and more important, is that Gospel music is often stereotypical and not inspired.
This album is different. Although it clearly has a religious message it is inspired, made with the appropriate lower belly feelings, and sometimes has a touch of humor. The album is cleanly produced, lighthearted but still has balls. Proof? At the moment I wrote this paragraph the tune "American Legion" is played, it brings tears to my eyes...
While I do not believe in God there are emotions that one could classify as religious. Sometimes they are communicated through music. And while not true for all tracks this album contains such an examples.
Read more about "Welcome to the Welcome Wagon" at Asthmatic Kitty Records.
B: I hate your guts
D: Why? Do I remind you of yourself?
B: Nah... you murdering sonofabitch. I only scare them, break their legs, and occasionally cause a cardiac arrest --frighten them to death-- while you continue to cross the line.
D: Which line, your line?
I never cross my line. Harry's code helps me to ...
B: Henry's fucking code. You working on my nerves, damned. It never takes more than 20 seconds before you bring up Henry's code. Its a damned lame excuse for your nocturnal cutting-a-psychopath tours.
D: And how are those different from your nocturnal scaring-a-psychopath tour?
... [silence]...
D: and his name is Harry, not Henry, you fuckface
B: You sound like your sister now
.. [silence]...
D: According to the code I should kill you
B: And I should make you relive your worst nightmare a dozen times... That kind of terror worked with others.
D: Not with me, not with me, thanks to Harry.
B: Fuck Harry.
D: Fuck you, Bruce
B: Not today Dexter, sleep well.
D: sleep well, sweet dreams
Last weekend I got "A Propos Bistro" by Stephane Reynaud. A book with 299 mouth watering recipes, great pictures, great recipes, and a bit of humor. It is one of the best cookbooks that I've laid my hands on recently. Although I have not yet prepared any of the recipes they look straightforward and very standard. Very inspiring!
Controleer of het adres begint met <a class="body_text_link" href="https://www.trend-watcher.org/JavaScript:openWin('/ing/pp/page/external_link/redirect/0,3042,1859_180483_849292156,00.html?ExternalLinkId=849292156','arcot','scrollbars=yes,left=10,top=10,location=yes,resizable=yes,toolbar=yes,menubar=yes,status=yes,height=600,width=800');" target="_top" onclick="linkCode(this,'o','https://postbank.arcot.com - 849292156','849292156');">https://postbank.arcot.com</a>. Hiermee heeft u een veilige verbinding om uw SecureCode te registreren.
This is for those folk in google land querying for "applescript make new mailbox Imap"
Today I finished my first applescript. Using components from several other scripts I set out on the following task.
One of the subtasks is to build the mailboxes in IMAP with these directory structures. Taking an existing example (The MailArchiveByDate scropt from Dough Hellman) I first took a left to right approach. Writing out what happens internally in a test script would look like:
-- Emulating what would happen in the code loop:
make at the end of the mailboxes of account (name of theAccount) new mailbox with properties {name:("ArchiveRepository")}
make at the end of the mailboxes of account (name of theAccount) new mailbox with properties {name:("ArchiveRepository/domain.of.list")}
make at the end of the mailboxes of account (name of theAccount) new mailbox with properties {name:("ArchiveRepository/domain.of.list/listname")}
-- etc etc
In Doug's code functionality is achieved by:
-- Find the month archive mailbox. If this does not
-- exist, we create it.
try
set monthMailbox to (mailbox archiveMonth of yearMailbox)
on error
log "Creating " & archiveMonth & " mailbox"
if imapAccountName is "" then
make new mailbox with properties {name:mailboxName}
else
make at the end of the mailboxes of account imapAccountName new mailbox with properties {name:mailboxName}
end if
set monthMailbox to (mailbox archiveMonth of yearMailbox)
end try
Unfortunately this does not seem to be portable to all IMAP servers. My email server generates an error when I try to CREATE "ArchiveRepository/domain.of.list" while "ArchiveRepository" already exists and is not a container of other mailboxes.
The obvious solution is create the mailbox using the full path, all the way to the last mailbox that will not be a container of mailboxes but of messages. An example is below:
try
set rootMailbox to mailbox ArchiveRoot of theAccount
on error
display dialog "Creating " & mailboxName & " mailbox in " & name of theAccount with icon 1
make at the end of the mailboxes of account (name of theAccount) new mailbox with properties {name:(mailboxName)}
set rootMailbox to mailbox ArchiveRoot of theAccount
end try
set ListDomainBox to my ReturnChildMailbox(rootMailbox, TheDomain, theAccount, mailboxName)
set ListnameBox to my ReturnChildMailbox(ListDomainBox, TheListName, theAccount, mailboxName)
set YearBox to my ReturnChildMailbox(ListnameBox, archiveYear, theAccount, mailboxName)
set QuarterBox to my ReturnChildMailbox(YearBox, Quarter, theAccount, mailboxName)
log "Box set to " & name of QuarterBox as text move theMessage to QuarterBox
Where ReturnChildMailbox does the appropriate creation
on ReturnChildMailbox(ParentMailbox, childname, theAccount, FullPath)
tell application "Mail"
try
set ChildMailbox to (mailbox childname of ParentMailbox)
on error
display dialog "Creating " & childname & " mailbox in " & name of ParentMailbox & return & FullPath with icon note
make at the end of the mailboxes of account (name of theAccount) new mailbox with properties {name:(FullPath)}
set ChildMailbox to (mailbox childname of ParentMailbox)
end try
end tell
return ChildMailbox
end ReturnChildMailbox
Maybe I'll post the script at some point ;-)
This is for those folk in google land querying for "hpss Unable to bind to socket"
I am running a tiny appliance that is configured with Voyage linux. Its my always-on box that runs as web, mail, print, and file server. Between a update or two printing stopped working. A few minutes of investigation told me that something went wrong when starting /etc/init.d/hplip. It generated the following error:
Nov 3 19:22:39 tiny hpiod: 1.6.10 accepting connections at 2208...
Nov 3 19:22:40 tiny python: hpssd[24441] error: Server exited with error: Unable to bind to socket
Reinstalling cupsys, hplip, and foomatic did not fix this problem.
It took me quite a while to figure out what was wrong: localhost did not resolve to 127.0.0.1. The reasons for this are manyfold but boil down to the fact that I try not to mess with the default configuration to much and that that default configuration happens to create an /etc/resolv.conf that points to opendns resolvers. Those do not resolve localhost to 127.0.0.1 but to their web-traffic-magnet address.
The fix: make sure that /etc/hosts existed with a mapping from 127.0.0.1 to localhost
Updated: Aug 22 to add that the Postbank now informs their users about the use of the arcot domain.
Updated: Aug 24, some slights textual edits.
Often people argue that DNS spoofing will not impact peoples ability to do banking and such. With the current practices both with user interfaces as well as the practices that the banks themselves deploy I claim that this is close to nonsense.
The basic attack is that user Alice wants to connect to her website: www.postbank.nl, in order to do a secure transaction the bank will redirect her to a secure website. If Alice is smart she will check the security of the connection by looking at the padlock and verifying if the domain she connects to make sense.
This is not going to work as long as:
The obvious DNS based attack is to redirect the unsecured postbank.nl site and provide link to postbank.malice.nl that have valid certificates. We all know that getting a certificate for postbank.malice.nl is a trivial matter, it takes an e-mail address and a credit card number.
Below is an example that banks take it for granted that users trust Arcot.com as a middle man for either Mastercard or the Postbank. And personally I have never heard of arcot.com, so what do I know.
The point I am making is that as long as Banks and Creditcard companies are implementing practices that make users get used to being redirected to completely unrelated, albeit HTTPS secured domains, they will not help to create a mindset where users will understand when they are subject to certain kinds of fraud, like phishing.
My experience today
Apparently there is some new mechanism introduced to secure Internet credit card payments. Its called MasterCard SecureCode. I did not know about this, but that may be because I have not seen the snail mail yet. I was introduced to this new protection mechanism to protect against fraud while trying to pay for a conference.
The original website redirected me to a site from tripledeal.com for the payment transaction. Even though the original website did not tell me that the transaction was to be handled by triple deal I decided to take the leap of confidence based on prior experience.
So far so good.
At the end of the payment process a new validation step is introduced: I am invited to go to my bank to validate the payment.
So pressing the "To Your Bank" button opens up a new window.
Oh... wait.
This screen asks me about details about my credit card. I need to be extra suspicious about entering information. Let me click on the padlock to verify that I am actually talking to my bank.
Oh.. so an organization called arcot.com is claiming to represent my bank? I do not believe that, anybody could be claiming to be my bank, even with that little padlock in place.
So, there is this new validation scheme I have never heard of, that needs some of my credentials, and that takes me to a site that does not seem to be my bank? What more do I need to suspect that I am subject of an elaborate phishing attack?
Let me read the page once more... Oh it says more information can be found at postbank.nl/SecureCode. So lets go there https://postbank.nl/SecureCode .... timeout. Let me try over a non secure channel and see what I get (depending on trailing/nontrailing slash).
So lets call the bank.
I called the Postbank's creditcard helpdesk I got a perfect explanation about the introduction of the SecureCode technology. I explained that I got a pop-up from postbank.arcot.nl, was put on hold, and was then explained that dealing with Arcot was OK.
The fortunate point was that I did not need to explain that me dealing with arcot.com was in sharp contrast with the anti-phishing policies that the banks deploy, and that the postbank helpdesk person actually understood that the pop-up should have originated from a postbank.nl or maybe mastercard.com domain. But he had no way to escalate the problem and asked me to report in e-mail.
Time to write a mail. I plan to post the correspondence in a follow up.
Update Aug 22.
It seems something happened. The postbank website now mentions:
* Let op, als u hierop klikt wordt u naar een website geleid die geen Postbank adres heeft. Controleer of het adres begint methttps://postbank.arcot.com. Hiermee heeft u een veilige verbinding om uw SecureCode te registreren.
Which is basically a warning that you will be dealing with arcot.com and that that is OK.
This does partly address the problem
Today I upgraded, without any hesitation, my license for Curio that came with version 5 today.
I payed with Pay Pal and got a nice confirmation mail. Being a bit touchy about user interfaces and domain names (see my post earlier today) I post the following without comment.
Powered by 
