Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

Subsonic & Caddy — oh my…

Dangnabbit.

Subsonic has the nasty habit of generating certain URLs in a very hardcoded way.

The login screen for example. If you call index.view and are not logged in, it redirects you to $ServerSubsonicThinksItIs/login.view.

That will be localhost, if you want to do the „oh yay, let’s reverse proxy here“ thing. To make matters worse, $ServerSubsonicThinksItIs also contains protocol and port. This is apparently due to the implementation of Subsonics „generate a yourhost.subsonic.org“ redirection.

As far as I can see, only the login and settings pages are the ones that are affected by this. They are still accessible if you manually add /login.view to your public address.

Of course, you can tell Subsonic to believe that it is on the servername you chose for it. As long as Subsonic and the reverse proxy server are in agreement of which host, path & port are shown to the browser, everything is fine. With non-encrypted http that is.

Of course you can re-enable https on Subsonic, in order to successfully proxy everything from A to B, but…

…Caddy checks the validity of the SSL certificate of whatever site it reverse-proxies to. And throws a Bad Gateway if it doesn’t like what it sees. This is actually done with a reason, but it doesn’t help me right now.

As far as I can see, I either have to wait for…

  • Subsonic finally learning to generate sane URLs or
  • Caddyserver being able to ignore faulty certificates upstream

Subsonic with Caddy

Ok, now that there is Let's Encrypt, I thought that I shouldn’t have to do this certificate hackery all the time when Subsonic updates or the StartSSL certificate expires.

Caddyserver is the first Webserver/Proxy that I found that has most of the process automated and build in, so I’m using this. Getting started with this was pretty straightforward: Download, expand,  create a config file and start up. My Caddyfile eventually ended up looking like this:

https://myserver.orkpiraten.de {
 proxy /somethingelse/ localhost:8085/
 proxy / localhost:4040
}

Well, it turned out to not be quite as easy. First I also had to make Subsonic stop hogging port 443. Those settings are found in /etc/default/subsonic. And while you’re at it, also edit out any certificates you may have added earlier in /usr/bin/subsonic. Oh, and make sure to note down which port non-https Subsonic runs, hopefully not 80, because Caddy needs that! I may have chosen 4040.

Restart Subsonic and make sure that you can reach it on the correct ports.

As stated, Caddy also needs to run on Port 80 for a brief moment. This is so it can do the certificate domain validation process. So edit your /etc/apache2/ports.conf to make sure not to block anything.

Restart apache2.

Now, to find out if everything works, start Caddy. If all is good, you’ll see a glorious all-ok message and can now access the server via https with a valid certificate.

But as you’ve undoubtedly noticed, Caddy isn’t running as a service yet. Thankfully Ubuntu has Upstart. So, add in a new file /etc/init/caddyservice.conf (thank you Mathias):

description "Caddy Server startup script"
author "Mathias Beke"
start on runlevel [2345]
stop on runlevel [016]
setuid runasme
setgid runasme
respawn
respawn limit 10 5
script
 cd /home/runasme/
 exec ./caddy

At this point I want to take a short moment to mention that whoever thinks that the Upstart Cookbook is an easy entry-level document is clearly out of their mind. Seriously, this „Cookbook“ has a whole chapter named „Critique of the System V init System“!

But I digress. If you don’t make the same mistake as me and confuse init with init.d, then you’re golden and now have a Caddy running as a service, forwarding requests to your Subsonic installation.

The only issue I haven’t been able to solve is that Subsonic has some stupid static URL linking going on which insists on opening the settings.view under http://localhost:4040/musicFolderSettings.view. But I can live with that.

Mehr Überwachung!

Ich wollte gerade einen längeren Text dazu schreiben in dem ich erneut darauf verweise, dass all die bestehende Überwachung wieder einmal erschreckend wenig (nämlich eigentlich gar nichts) verhindert hat, dass die Spuren, die jetzt aktuell geholfen haben aus unter anderem einem weggeworfenen Handy (unverschlüsselt) plus einem nicht gelöschtem Streckenverlauf im Navi eines Mietwagens bestanden.

Dazu könnte ich darauf verweisen, dass Terroristen immer auch einen weiteren Weg zur geheimen Kommunikation finden werden. Oder dass es denen ja eigentlich egal ist, weil sie ja eh auf eine Konfrontation aus sind.

Aber diejenigen, die das hier lesen sind eh schon überzeugt, und die anderen werde ich damit nicht überzeugen. Also lasse ich es…

Webcomic Montag: Die Apokalypse!

Lange war es still um diese Rubrik, aber ich habe ja wieder ein wenig neues Futter für Euch!

Fangen wir so richtig romantisch an. Romantically Apocalyptic um genau zu sein. Visuell ein meiner Ansicht nach herausragender Webcomic, irgendwo zwischen gezeichnet und photorealistisch. Die Story kann ich leider nicht wiedergeben, die ist zu bizarr. Generell sehen wir die Postapokalypse, wie sie der Captain, Snippy, Pilot und Engie erleben. Wenn Ihr seltsamen Humor und die Postapokalypse mögt, werdet Ihr das hier lieben.

Schwarzhumoriger und dabei aber auch zugänglicher kommt Gone with the Blastwave daher. Wieder Postapokalypse. Hier kämpfen namen– und gesichtslose Soldaten dreier nicht wirklich definierbaren Armeen gegeneinander. Warum? Daran kann sich niemand mehr so recht erinnern. Aber seit wann hält das Leute davon ab, aufeinander zu schießen, richtig?

BoingBoing, why you so bad?

I am really getting annoyed at BoingBoing by now. There is still the occasional interesting thing among the stream of articles they publish over the day, but that stream is getting worse and worse every day.

Of course, I can accept the „Cool Tools“ crossover, which is basically blatant advertising. Also, I can live the slightly more veiled advertising articles where they just grab some item, write a sentence about it and point you to an Amazon affiliate-link to buy it. I get slightly more upset about the fact that a good deal of the off-site links randomly have some ad-forwarder in between that my adblocker has to filter out for me. And then there are articles like this one: Criminal protip: don't confess "off the record":

Matthew D. Muller, 38, is in jail after confessing to a kidnapping, “off the record and on background” to a TV reporter.

If you follow the link under the text, or read the rest of the quote on BoingBoing, you won’t find anything about any confession, TV reporter or „off the record and on background“.  You need to follow the other link they thankfully provided later on with a stealth edit, which points you to Wired: ‘Gone Girl’ Suspect Confesses to Reporter—As FBI Listens In And in this link title alone, we learn that the confession was taped by the FBI, which immediately gives the story a whole different spin. But hey, Journalism is boring, Clickbait is much better, amirite?

Throwing BoingBoing out of my Feedreader now, thanks for the nicer times.

PS: I realize that this could be attributed to a simple human error, made in haste. But those errors get more and more frequent and the ad-article noise gets more and more annoying, so the bad by now severly outweigh the good for me. Sorry.

I void warranties

steckerDa im Schlafzimmer ja noch eine ordentliche Lampe fehlte, und der Berliner Sommer ™ überraschend warm ist, haben wir uns im Juli einen Deckenventilator angeschafft. Dann festgestellt, dass so Berliner Altbaudecken ™ sich ganz schön schlecht zur Befestigung schwerer Dinge eignen. Na gut, da gibt es dann ja Profis, die kann man für akzeptables Geld anheuern. Solche Profis finden dann mit Hilfe neumodischer Technik auf Infrarotbasis den Deckenbalken und bringen das gute Stück an. Allerdings mit dem Hinweis, dass der Balken schon recht dünn sei, und man da besser nicht zu viel dran rüttelt. „Aber so hält das, keine Sorge!“

Tja, und nach zwei Wochen ging er dann nicht mehr, der Deckenventilator. Und zwar wegen dem in diesem Beitrag abgebildeten Stecker-Buchse-Paar. Das hat nämlich einen Wackelkontakt. (Sehr eindrucksvoll sowas, wenn man da dann dran wackelt, blitzt es hübsch an der Leitung…) Das ist zum einen sicherlich im wahrsten Sinne des Wortes brandgefährlich, und trübt die Freude über so einen Ventilator, der dann gar nicht mehr ventiliert, schon beträchtlich.

Kein Ding, sollte man jetzt denken, hat ja Garantie das Teil.

Leider ist das teure gute Stück so konstruiert, dass ein Ende des kaputten Steckerpaares ziemlich gut mit der Deckenhalterung verbunden ist. So dass ich für den Umtausch das ganze Stück abmontieren müsste. Ihr wisst schon, das Stück, für das der Infrarotmessmann ™ hatte kommen müssen.

Nee, da mach ich dann doch lieber auf Punk, schneid das fragliche Stück raus, und ersetze es mit neuen Klemmen. Schön hell und kühl jetzt wieder…

10 things you didn’t know about rape, RPG and — ach, screw this!

A few days back, this thing made the rounds: Games sure are classy. In case you missed it, here’s the summary: Someone was selling a game module on DriveThruRPG that was named „Tournament of Rapists“. Someone else got upset about this and complained to DriveThruRPG, who… showed a remarkable inability when it comes to a) understanding the issue and b) how to handle this sort of complaint.

They got a lot of flak for this, so, after the weekend, they went into full defence mode:

Their new policy states: „If a reported title looks questionable, then we will suspend it from sale while we review its content internally, and we will speak with its publisher to determine the fate of the title on our marketplace. Our default will be to suspend titles rather than our prior default of letting titles stay public.“

They also state „We are no longer a wide-open marketplace.“

Which then made James Raggi from Lamentations of the Flame Princess fear for his income. Understandably so, as his products are quite controversial in some circles. I mean, they include walking penis demons and violence and sexual imagery. So he decided to go on a forward defence and used DriveThruRPGs messaging system (the only way to reach his customers there IIRC), to tell those who bought his stuff there how to not get screwed in the case of a pulled product.

Which in turn got someone elses panties in a bunch.

My take on this

First off: Bards and Sages Publishing is right on one thing: Pulling the Tournament of Rapists was, at that point in time, a sane thing to do for DriveThruRPG, and the wording of their policy indeed is more liberal than, say, Amazons. But the difference is that Amazon has a team that is comparatively well-schooled and professional when it comes to reacting to internet shitstorms.

DriveThruRPG has just shown that it completely fails in that regard. They completely missed the point of the initial complaint, they then tried to sorta-defend the thing, they didn’t go out and explained their points in a way that the wider audience will get that message, and then hastily set up a new policy without soothing the legitimate fears of the merchants.

And that is why James Raggi is probably right with his decision to set up precautions.

Nazis, Nippel und.. err, Facebook.

Gerade eben ging folgender Rant durch meine Timeline: Stephanie Marie von Mobilegeeks schreibt sich den Frust über all die rechten Deppen auf Facebook von der Seele — und den über Facebooks Reaktion darauf.

Facebook würde alles tun, damit Facebook ein sicherer Platz ist. Also, sicher vor nackten Brüsten und vermeintlich falschen Namen. Nicht vor gewaltbereiten Nazis und Euthanasie-Fans.

Tja, wir haben es hier mit einem klassichen Culture Clash zu tun. Und nein, damit meine ich natürlich nicht die Moschee vs Kirche Sache, die ja so vielen Dämlacken aufrichtigen Deutschen ™ so am Herzen liegt.

Sondern den Zusammenstoß zwischen den US-amerikanischen und den deutschen Anstandsbegriffen. Insbesondere dem Verhältnis zur freien Meinungsäußerung. Free Speech ist in Facebooks Herkunftsland eine heilige Kuh, während Sexualität und vor allem eben weibliche Nippel des Teufels sind. Und da Facebook natürlich die Standards des eigenen Landes für weltweit gültig erklärt, darf man sich hierzulande eben auch ungeniert als Rechten Depp outen und seinen Hass verbreiten. Solange sich das irgendwie als Meinung tarnt, wird man dort wenig bis nichts unternehmen. Schon alleine, weil der Personalbedarf für sowas (Beschwere aufnehmen, Text ansehen, reagieren, den unvermeindlichen Fallout bearbeiten) viel zu hoch ist.

Ich höre an dieser Stelle übrigens schon den Einwand: „Dann soll sich Facebook doch gefälligst endlich mal den regionalen Begebenheiten anpassen!“. Ja? Also, so rein hypothetisch, sollen die dann auch auf die Sitten und Gebräuche in z.B. Katar eingehen? Saudi Arabien? Nordkorea?

Überlegt Euch genau, was Ihr da fordert. Bis dahin bleibt: Kontra geben, solche Statements nicht unerwidert lassen, und in Deutschland strafrechtlich verfolgbare Äußerungen (konkrete Drohungen, Holocaustleugnung, Volksverhetzung) nicht Facebook sondern den zuständigen Behörden melden. Das mit der Anzeige geht übrigens ganz einfach, hier mal die Internetwache der Polizei Berlin.  (Mit https, ich bin begeistert!)

That Ashley Madison thing…

ashleyflowersOh, that Ashley Madison thing is really something that got the Internet going. And this here, that is one of the very few  actually funny reactions. The rest is either

  • explaining how those cheaters got what they’ve had coming, or
  • gleefully looking up folks and saying „gee, look what they did!“

Neither of which is particularly mature or helpful. Actually, downright unhelpful and deathly dangerous, as the case of the Saudi shows. And then there was this interestingly altered quote:

They came for Ashley Madison, and I said nothing, because I didn’t have an account. Then they came for Fetlife, and I said nothing, because I used a fake name and no pictures of myself. Then they came for OKCupid, and I said nothing, because dudebros are jerks and they deserve what they get. And then they came for my inbox…

Which gets closer, but still misses the point. The point being: When we use any service, be it on the internet or elsewhere, that service will most probably need to gather and make use of potentially private information. Otherwise it probably simply won’t work. (Have fun building a social network without any personal data in there.) And where there’s data, there will be people who want to take a look at that data. For the lulz, national security, blackmailing, finding their enemies, the reasons for this are varied.

The thing is this: We should be mad about the Ashley Madison hack. Really mad. Not because this is about people cheating on their spouses, or because there might have been blackmail involved, or.. whatever.

We should be mad that this company that got entrusted with personal data didn’t put this data into a secure place. That is what you should take away from this:

  • If you handle other peoples data — make damn sure that only legitimate people can get at that data. Do everything in your power to ensure that even if you do get hacked, people won’t be able to make use of what they find.
  • If you want other people to handle your data — make them accountable for what happens with that data. If they won’t agree to that, won’t let you in on their precautions, be aware that you could just as well make that data public right now! Because they will get hacked at some point.

Playing ViewScream

As there weren’t enough players for Haralds planned bi-weekly Labyrinth Lord game, he decided to run ViewScream instead. ViewScream, which is just now running the Kickstarter for the 2nd Edition, is a game that is explicitly designed to be played via videochat.

Rafael Chandler is surely no „Indie Author“ anymore, although his RPG products probably get lumped into that category. But he is a brilliant horror game designer if you ask me — and ViewScream, which plays on the isolation and despair of people sitting alone somewhere, reaching out to their colleagues for help, is an even more brilliant idea. The general mechanic is this: Everyone is alone, connected to the others via videochat. And everyone has at least one, maybe even more dire Emergency at hand, that is threatening their lives, and that they cannot solve by themselves. Your only hope for rescue? Someone else has to use up one of their Solutions (basically one or two sentences of technobabble that the game providesto you) and apply that to your problem.

In our game, each of us had three Solutions and two Emergencies — the kicker being, that not all of those solutions would actually work! None of your fellow players know how many Solutions you actually have, nor which of those will be successful: There are small indicators next to every Solution, telling you if they would work or not. So you pick a solution, narrate how you’d apply them, and then, more often than not, let the other players know that, alas, they weren’t working for some reason or the other… or that they were saved, because the solution did work. But the game is actually rigged in a way, that there usually are more Emergencies than workable Solutions. Enter the haggling, backstabbing, pleading and outright begging!

Yesterday, Harald threw us into some cyberpunk world, where we were just returning from what was supposed to be an easy-in, easy-out hack into some virtual world. Except it went horribly wrong, we probably had a traitor in our midst, the enforcers were on our asses, our equipment sprouted the most disturbing bugs and the clock was ticking…

About halfway through the game (which took about an hour), I realized that my character wouldn’t make it. So I let the virtual ghost that was riding my system take over and scare the bejeebus out of my fellow players, who were so eager to sacrifice me for their own sakes…

(The girlfriend was reading in the room next to me and later stated that she was on the verge of calling an excorcist to get those demons out of me.)

In the end, this was the most fun I ever had in a Hangout RPG session. The game provides custom overlays that enhance the mood, and the game mechanics are as close to freeform as you can get — while still providing enough structure and crunch to make things interesting on that angle.

The different characters are described in a gender-neutral and just vague enough way that basically everyone can fill those roles. But they are also provided with hooks and connections to each other to keep the game running and interesting. ViewScream encourages you to never leave character during gameplay, and as you never need to grab some dice or do anything that isn’t covered by the narrative, things feel very natural.

The first edition (with slightly clunkier rules) is free on DriveThruRPG, and the 2nd Edition is 10 bucks well spent on Kickstarter. If you are even remotely interested in playing a Horror game or in playing over videochat, you want to try this out!

breaking in and stealing shit..

There is a special spot reserved in my heart for Heist and in extension Grifter movies. I’m not sure why this is, but people breaking in to places with skill and gumption fills me with a warm and fuzzy excitement (Even if it is done in a rather silly way, as with the Olsenbande).

So… Ant Man. This is a Heist movie thinly disguised as a superhero action flick.

As a superhero action flick, it works nicely. Of course there are is the mandatory climactic battle scene, and it is a good one. But in the end, there are really only two „battle scenes“ — the obligatory superheroes-meet-for-the-first-time one, and the big fight with the villain.

But, for a superhero flick, all that is a surprisingly small amount of fighting. Instead we get (apart from chase scenes) quite a few scenes that highlight Scott Langs skills as a burglar. And the staple of any heist movie: Training Montages (seriously, about half the „action scenes“ we see is how Scott learns how to wear the Ant Man suit, how to run with his new miniscule allies, etc.)  and Caper Planning.  The inclusion of Scotts wannabe partners in crime is not just used as a source of comic relief but also helps establishing the „Heist“ aspect of the movie even firmer.

And as a Heist/Caper movie, Ant Man really delivers. You have the planning, the training, the near-flawless execution, good music, the easy talk among the team, the surprising things that go wrong, a reveal from the villain, all the little bits that make this sort of movie fun.

If you haven’t seen it, check out your local theatres right now!

 

Warum ich immer noch Perry Rhodan lese…

Japp, genau, diese Schundheftchen, die es jede Woche am Kiosk gibt. Lese ich seit bestimmt 25 Jahren, wenn nicht schon länger. Klar, die Variationen der Handlung sind überschaubar, viele Figuren eher holzschnittartig. Und grob gesehen ist jeder Handlungsbogen gleich:

  • Eine neue Sorte Aliens taucht auf
  • diese Aliens überziehen die Galaxie mit einem Konflikt
  • Die Helden fliegen los um die Herkunft und Absichten der Aliens zu erkunden
  • Die Erkundung gelingt, allerdings nur haarscharf
  • Mit den Ergebnissen gelingt die Rettung der Menschheit oder gar des Universums in allerletzter Sekunde

Also, warum lese ich diesen „Schund“? Zum einen aus Gewohnheit. Das ist halt ein liebgewonnenes Ritual, und mein Vater freut sich immer, wenn ich ihm alle paar Monate den ausgelesenen Heftstapel gebe.

Zum anderen aber aus einem ganz anderen Grund: Diese Serie behandelt zwar oberflächlich gesehen immer wieder nur Alieninvasionen in unterschiedlichsten Varianten, darunter geht es aber um etwas anders: Ein Ringen um den, ich nenne es mal salopp „darwinistisch erfolgreichsten“ Gesellschaftsentwurf. Jeder neu auftretende oder wieder verwurstete Antagonist bringt stets eine eigene Philosophie mit.

Diese wird eigentlich immer auch aus der Innenansicht beschrieben, also sozusagen wohlwollend erklärt. Natürlich haben alle diese Invasoren auch immer etwas schurkenhaftes, schließlich soll Perry ja am Ende als strahlender Held dastehen. Aber so ganz schwarzweiß wird eben doch nicht gemalt. Und häufig genug werden Teile der Invasoren in die galaktische Gemeinschaft aufgenommen. Und diese Gemeinschaft ist äußerst vielschichtig und –seitig.

Dieser Wettstreit von Gesellschaftsentwürfen ist sicherlich nicht das Hauptthema der Serie. Aber er ist immer dabei, und das Ergebnis steht, abgesehen von einem die Serie durchdringenden Humanismus, nie so richtig fest. Es gibt wohlwollende Diktatoren, radikal-direkte Demokratien, parlamentarische Demokratien, Oligarchien, Meritokratien, Tyrannen, Völker in Symbiose, Schmarotzer, Einzelgänger, Anarchien, Gesellschaften, die auf dem Recht des Stärkeren beruhen, und und und.

Das ist es, was mich trotz aller Widrigkeiten (teilweise sind die Plots eben doch flacher als die norddeutsche Tiefebene) bei der Stange hält: Diese breite Palette an Utopien und Gesellschaftsentwürfen, gepaart mit einem humanistischen Optimismus, dass die Menschheit sich positiv weiterentwickeln kann und will.

Welcome Home..

Those were more or less the first words that were shouted at us, when we all left the bus. For more than just a few, it was really a homecoming, but for me it was more the reassurance that I would be welcomed here, in this dusty, colourful and surprisingly loud place near Sarinam, that place called Nowhere.

I’ve been fascinated with Burner festivals since I read that Burning Man writeup in the Wired all those years ago in the late nineties. A festival in the desert? A place where everyone is accepted, where money is not a thing? To experience things in the moment, and then not leaving a physical trace afterwards? Not to mention all that art, either as objects or performance.

Anyway, when I learned that there isn’t just Burning Man, but a whole subculture of Burner festivals all over the globe, with one of these happening in the relative european neighbourhood, my plan was fixed: I would go there, and see things for myself!

And that is why, two weeks ago, I found myself in a dry riverbed valley, being greeted by half-naked hippies and throwing myself into the dust, making a very hot and dry and dusty snow angel. I was determined to be accepting and in-the-moment, come hell or high water!

What I got was heat, dust, techno music and two thousand loving hippies. Which was at the same time exactly what I expected, and also not at all what I was prepared for.

Let me say this: If you are even a mildly extrovert person, and if you don’t have a passionate hatred for all things Techno, this is the event you should experience at least once in your life. If you are more like me, an introvert person with a more than passing dislike for all things that go UNZ-UNZ-UNZ, then you should still go, but prepare yourself a bit better than I did.

Because Nowhere is exhausting. Physically, on account of all the heat, mentally, because your senses will be constantly blasted with new and exiting things, and emotionally, as you will be warmly greeted as soon as you show up, but can also be completely ignored and feel invisible from the moment on you start drawing back into your shell.

This is not something malicious, but probably not quite by accident either: The strong ethos of acceptance, consent and tolerance ensures that if you see someone doing whatever, your instinct isn’t: „oh, that is horrible, I should stop them doing that!“ but rather „Hmm, not my idea of fun, but they know themselves best, right?“

So, fellow introverts, if you go there, be aware that you need to communicate rather strongly and insistently. Then people will happily take you along to all the weird and fun things.

And boy, there were weird and fun things happening at Nowhere. Personally, I've officiated a wedding at this temple, celebrated christmas, listened to the story of the demon hostel of Montenegro, slept on a heap of pillows in the middle of an ongoing party, danced through the night, succombed to a hippie trap, learned how to give better massages and had a great time for most of the trip.

All in all, I was utterly unprepared for what happened to me there. And I’m not sure I’ll ever be…

Zwei auf einen Streich!

Rollenspiele sind ja seit über zwanzig Jahren mein Hobby. Und die meisten Spielrunden in dieser Zeit habe ich mit Leuten verbracht, die das auch schon mehr oder weniger länger machten. Im Nachhinein betrachtet ist es schon erstaunlich, ich glaube, ich habe in all der Zeit weniger als eine Handvoll Leute neu mit dem Hobby in Kontakt gebracht.

Umso mehr freute es mich, dass mich in kurzer Zeit tatsächlich gleich zwei Kollegen ansprachen, ob sie nicht mal mitspielen dürften. Ich trommelte also ein paar Spieler zusammen, und gestern gab es dann eine Einführungsrunde Monster of the Week. (Von meiner neuen Liebe zu den „powered by the Apocalypse“ Spielen erzähle ich ein andernmal.)

Was soll ich sagen, wie Enten im Wasser! Die Playbooks von MotW halfen natürlich immens, nehmen sie doch die Spieler an die Hand und bieten ihnen überschaubare und klare Alternativen. Dass neben den beiden Neulingen auch drei alte Rollenspielhasen als Spieler teilnahmen tat sein Übriges: H. stellte seinen ex Mall Cop Verschwörungstheoretiker vor, K den jungen Werwolf-Fratboy und S ihre Kleinmädchen-Profimonsterjägerin. Daran konnten R und F dann wunderbar anknüpfen, und boten einen mundänen Lokalredakteur sowie einen Meistereinbrecher mit verkaufter Seele.

Die Figuren vernetzten sich dann fast von selbst, es wurden Verwandschafts– und Beziehungsbande geknüpft, gemeinsame Abenteuer festgelegt, und nach einer Pizzapause ging es dann ins Abenteuer. Der Schauplatz wurde untersucht, Zeugen befragt, das gruselige Mädchen verfolgt und gegen Mitternacht brach ich dann den Abend mit einem zünftigen Cliffhanger ab.

Während der Vorbereitungen hatte ich ja kurz befürchtet, dass die norddeutschen Edelrollenspieler den Neulingen Spotlightzeit stehlen würden, aber diese Angst war vollkommen unbegründet. Im Gegenteil, keiner von den alten Hasen machte auch nur den Versuch, meiner Anwendung von „seperate the Hunters“ etwas zu entgegnen. „Das machen die schon.“ war die einhellige Meinung.

Zwischenzeitlich gab es natürlich einige Waldorf&Statler Momente, als sich die Edelrollenspielerriege über den Meistereinbrecher beömmelte, da dieser bei dem „Verhör“ des gruseligen kleinen Feenmädchens in so ziemlich sämtliche Rhetorikfallen tappte. Aber dabei fühlte sich niemand bevormundet oder gar blöd angemacht. Im Gegenteil, alle nutzten die Situation, um die Story voranzubringen und eben nicht einfach nur „ja ich auch“ zu spielen.

Mir hat das alles sehr viel Spaß gemacht, und ich bin sehr gespannt, ob ich von den Spielern noch ein Diary bekomme…

Islam, Karikaturen, Terror — punching up or down?

Vor einigen Jahren habe ich einmal einen spannenden Beitrag zum Thema „Comedy und schwierige Themen“ gelesen: Punching up. Lest das ruhig mal. Die Quintessenz ist diese:

Du darfst Dich mittels Comedy, Satire etc. über jemanden lustig machen, wenn dieser Jemand mächtiger ist als Du! Dann ist es Nobel und lobenswert. Ist das Ziel schwächer, dann wäre das ziemlich schlechter Stil und gemein.

In der letzten Zeit nannte sich plötzlich jeder Charlie, Karikaturen wurden wieder-und-wieder veröffentlicht, und danach dann die offensichtlich präsente und steigende Terrorgefahr angeprangert. Keine Frage: Menschen wegen Bildern oder schlechten Witzen physisch anzugreifen oder auch nur zu bedrohen ist inakzeptabel. Meinungsfreiheit ist ein hohes Gut, daß ich erhalten wissen will. Und auch ansonsten finde ich das Konzept spannend - mir sind zwar viele Mittel und Aktionen der linken Szene oder der Antifa zuwider, aber sie richten sich wenigstens nicht gegen Schwächere. Wohingegen ja die Rechtsradikalen gezielt auf eben diese Schwächeren Mitglieder unserer Gesellschaft treten.

Da zeigt sich schon allein an der Auswahl der Ziele, wer hier moralisch besser dasteht.

Aber zurück zum Thema: Wenn, im westlich-christlichen Abendland Mohammend-Karikaturen und Islam-Witze verbreitet werden — ist das dann Punching Up oder Punching Down? Natürlich muss man das tun dürfen, Meinungsfreiheit etc., aber muss man das auch gut finden?

Wer ist hier wirklich der Stärkere, gegen den mittels Humor angestunken werden muss? „Der Islam“ (was schon ein reichlich diffuses Gebilde ist), „die Terroristen“ (wieder: Ziemlich diffus als Gruppierung), „radikale Islamisten“ (schon etwas konkreter, aber immer noch sehr unscharf) oder gar „die Cartoonisten“ (die ja meist weiß, gebildet und sozial abgesichert&integriert sind. Insofern alles andere als Randgruppe).

Klar ist: Wer tatsächlich Menschen terrorisiert, verletzt oder gar tötet ist damit auf jeden Fall im Unrecht, egal warum. Aber handeln diese Leute aus einer Position der Stärke oder der Schwäche? Ich weiß es gerade nicht, finde es aber überdenkenswert, um die eigenen Reaktionen darauf zu kalibrieren.

Berlin!?

Ick bün ja ‚n Hamborger Jung. So richtig, mit Deng. Und jahrelang habe ich immer gepredigt: Nee, ich zieh hier nicht weg. Wohin denn schon. Ist doch so schön hier.

Tscha, und so zwischen Weihnachten und Sylvester saß ich dann mit Harald in Kris zusammen, den dritten Cocktail oder so intus, und das ist dann ja der Zeitpunkt, wo Männer auch mal anfangen dürfen, etwas weinerlich zu werden. „nee, also, so mit dem Job gerade, also, so richtig Spaß macht das ja nicht. Und dann schaut das bei der Firma ja auch gerade nicht so rosig aus.. ach, ich weiß nicht.“

Freunde sagen dann einem aufmunternde Dinge. „Das wird schon.“ oder „lass Dich nicht unterkriegen!“

Gute Freunde sagen einem dann: „Du, ich kenn Dich ja. So einen wie Dich, den könnten wir doch auch bei uns im Laden brauchen!“

Sehr gute Freunde besichtigen nach dem erfolgreichen Vorstellungsgespräch mehrere Wohnungen in Deinem Namen, damit man nicht ständig für 20-Minuten-Termine nach Berlin fahren muss.

So kommt es also, daß ich nach über 41 Jahren in Hamburg, und 7 Jahren Consulting-Geschäft bei der SMP Management AG nach Berlin ziehe. Wo ich dann PreSales bei SysEleven mache — einen Job auf den ich mich mittlerweile ziemlich freue, weil ich dann endlich der Mensch-Geek-Übersetzer sein kann, der ich schon immer sein wollte!

The Perils of JollyOrc in the Lands of the „feeling Lucky“

My music player is usually set to shuffle over all songs in my library. Now, my music library is… diverse. You’ll find nearly everything in there. Well, it’s very light on Techno and similar things, but you get the drift.

And sometimes, that shuffle mechanism produces pure gold by chaining just the right things together:

<!--[if lt IE 9]><script>document.createElement('audio');</script><![endif]--> http://www.orkpiraten.de/blog/wp-content/uploads/Playlistkram.mp3

Third-Party Certificate for Subsonic on Linux

This is more a reminder-post for myself, than anything else, because every year my StartSSL-Certificate expires, I need to redo this and have to look it up anew. It is based on the basically excellent writeup at fatframe.com, which has a few tiny errors and does not include the info on how to use a non-standard password. (This info I got here at konkretor. Thanks!)

  1. Get a free certificate here.
  2. Once you receive your certificate you will need to combine the private key, server cert, and intermediate certs into one file. Simply open all three in a text editor and copy/paste everything into a new text file without any blank lines. I added mine in the following order:
    Private Key (myserver.key)
    Server Certificate (myserver.ssl)
    Intermediate Certificate (sub.class1.server.ca.pem)
  3. Save this text file as subsonic.crt. Do not mess this up as I did on the first try by using cat in the wrong way, as every new part should start at a new line.
  4. Next, convert the cert from PEM to PKCS12 format using the following command. Choose any password you like. In fact, do not choose the default password of „subsonic“. Memorize that password:
    openssl pkcs12 –in subsonic.crt –export –out subsonic.pkcs12
  5. Use Keytool to import this new keystore:
    keytool –importkeystore –srckeystore subsonic.pkcs12 –destkeystore subsonic.keystore –srcstoretype PKCS12 –srcalias 1 –destalias subsonic
  6. use zip to import the new keystore into the subsonic jar:
    sudo zip /usr/share/subsonic/subsonic-booter-jar-with-dependencies.jar subsonic.keystore
  7. Now tell subsonic the new non-generic password:
    1. open the subsonic starter:
      sudo nano /usr/bin/subsonic
    2. insert a line with the new password and save, at line 113ish (press alt+c to see line numbers)
      –Dsubsonic.ssl.password=123456 \
  8. Restart subsonic, and enjoy your custom SSL certifcate:
    sudo service subsonic restart

That’s all Folks!

My take on the shirtstorm…

Last week, science did awesome things. Or rather: Earned the fruits of having done awesome things 10 years ago. We landed a spaceship on a comet and had it talk back to us. That is really, really awesome.

And during this event, the lead scientist did a sartorial booboo: He chose to wear a very boldly patterned shirt that was gifted to him by a good friend. And a shirtstorm occurred, as the „bold pattern“ actually consisted of provocatively half-naked women. Which is really a not very (socially) smart and sexist move.

Now, I highly doubt that Dr. Taylor is a sexist. He seems like a hoopy frood who knows where his towel is, with awesome tattoos and a great beard and hairdo. And the shirt in question was a gift, hand-made by a female friend. And he obviously has at least one foot in the rockabilly/burlesque scene, which is actually full of people who do know what feminism means and who fully support this.

All that makes him very probably (I don’t know him) a good person and not a misogynist asshole that objectifies women. But it still doesn’t make him socially smart in every way. Which is totally ok, not everyone is, nor needs to be. I’m not that socially smart either.

Still, in the context of presenting a major science success to a very diverse and international audience, wearing this shirt was a bad idea. Most of those who see it don’t get the rockabilly/burlesque background, they don’t know that it was a hand-made gift, they don’t know Dr. Tayler or how he usually behaves. They just see some bloke in a shirt full of nekkid ladies. And then jump to conclusions. So there’ll be folks who immediately think that „I wouldn’t wear this around ladies, so can’t be any women in this project!“ or other dumb stuff.

And that is why it is still somehow important how we dress. I have tattoos. I love to wear „odd“ shirts. I play computer games and enjoy pen&paper roleplaying games. And heck, yes, I like New Burlesque and thus occasionally have saucy background pictures on my home computer desktop. I’m not ashamed of either of these things, and if asked, will tell you about them, often enthusiastically.

But I also know what sort of message appearances send, so I do dress for the occasion, be it a meeting with a client, going out for drinks with friends, having dinner with family or presenting awesome computer facts to a diverse audience. And I do know when to not draw attention to this or that facet of my interests, because I understand that they might detract from the message  I actually want to send.

And that is the actual tragedy of the #Shirtstorm, that the very exciting science suffered negative attention.

GateKeeper — first impressions

keychain-dongleEarly this year, I backed the GateKeeper — a small dongle that locks and unlocks my PC based on proximity. The general idea is that you clip a small bluetooth sender to your belt, and a dongle on your PC checks the signal strength to determine how close you are to it.

By now, the small black box has arrived, and I’ve done a bit of testing with it. The good news: It works.

The bad? It’s a bit fiddly. The USB dongle is, at least in my opinion, at the same time way too big and way too fragile looking. The dongle that you’re supposed to take with you is also not as tiny as hoped, although small enough. But my main gripe is with the usability.

Of course, the signal strength of a small bluetooth emitter will vary. If there are keys in the path between sender and receiver (likely, if you add it to your keychain), if you move, if other signals interfere — then you may suddenly find your computer locking up in the middle of your work. You can adjust the sensitivity, but then you may find that you can walk a bit too far for your liking before your computer gets locked.

usb-dongleAlso, the Android app appears to be still in quite a beta state, I didn’t find it very usable.

But this is just my first day of testing, and apart from that, things work quite nicely: My system locks when I leave it, and it unlocks when I come back, although sometimes with a slight delay. At the moment, I think it’s more of a convenience thing than a real security tool. If, for example, the USB dongle gets removed, or the software tool gets stopped, your computer won’t lock or unlock automatically anymore. And it does take a small leap of faith to just walk away from ones workstation, assuming/hoping that it’ll lock.

At roughly 50$, it sits exactly at that awkward price point where it is slightly too expensive for simple gimmickry while it is not that a security boon to those who are willing to spend that money (meaning: Big Companies).

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl