The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Tuesday, April 22, 2014

The Computer Is Your Friend, Citizen!

I'm sitting in the Ft. Lauderdale Office of the Corporation, using the Lookout email client when it throws up this obnoxious message that my pasword expires in thirteen days.

Your password will expire in 13 days! Please hurry up and change it now! Now! Change it! CHANGE IT! You don't want to be caught with an expired password two weeks from now? Do you? Then what? You'll be without email, that's what! And guess what? To change your email password requires sending an email! But you can't! Because your password expired! Even though it won't expire for two weeks, I'll remind you every ten minutes to change it, because … well … XXXXXXX CHANGE IT ALREADY!

Okay, so it's not quite that obnoxious, but still, I find it annoying that it'll remind me several times a day that my password will expire. And the thing is—we have a 90-day expiration date for email passwords. Only it's not really 90 days, but 77 days if you don't want to look at the obnoxious “UPDATE ME” message.


I used to ignore it until a three days or so when this policy was first mandated, but now, I just give in and change my password when the computer wants me to change my password. I'm not in charge here, the computer is. Or rather, the Lookout server is in charge. Me? I just rotate through the same X passwords because coming up with a new password that meets the minimum standards of:

Minimum of six characters, but a maximum of five characters, all of which must be unique, at least seven of them must be alphabetic in nature, two must be numbers, and at least as many punctuation characters as there are vowels used, unless you used no vowels, then the maximum number must be no greater than the number of numbers used minus upper case characters.

Yeah, I just came up with X passwords that pass muster, wrote them down on a piece of paper (which if I'm caught with by Corporate Security results in no less than five hours spent in front of a “web seminiar” on “Computer Security And You! The Top Ten Things You Must Do To Ensure a Happy And Secure Computer.”


Yes, this bothers me just as much as that little number in the upper corner of the App Store icon on my iPhone, reminding me, taunting me, that I haven't updated in the last twenty minutes.

And here I thought computers were to serve our needs …

Stupid MyPlusFaceSpaceGoogleBook

First it was the death of my Stupid Twitter Trick, and now, three years later, the MyPlusFaceSpaceGoogleBook interface is kaput.


Now to figure out what got borked.

Update a few minutes later

Okay, my server doesn't like the secure certificate that MyPlusFaceSpaceGoogleBook is presenting.

Stupid MyPlusFaceSpaceGoogleBook, part ][

The error I was getting from libcurl (which I use to inform MyPlusFaceSpaceGoogleBook I've updated this blog) was:

curl_easy_perform(AUTH) = problem with the SSL CA cert (path? access rights?)

Okay, so there is some certificate authority that OpenSSL doesn't like now (probably because of the heartbleed bug which didn't affect my server since I'm running a pre-heartbleed-bug-enabled version of OpenSSL). Curious as to where this information was stashed, I ran strace on mod_blog and found a list of certificate authories in /usr/share/ssl/certs/ca-bundle.crt (you can tell I'm well versed in this stuff if I'm resorting to debugging tools to locate this information).

So it looked like it was time to update that file. Well, seeing how OpenSSL was written by monkeys (no, really), the current format for ca-bundle.crt is now vastly different from the format I'm using for ca-bundle.crt, enough to cause this:

CRASH(20409/000): pid=20409 signal='Segmentation fault'
CRASH(20409/001): reason='Address not mapped for object'
CRASH(20409/002): address=0x9
CRASH(20409/003): CS=0073 DS=007B ES=007B FS=0000 GS=0033
CRASH(20409/004): EIP=00BE42BC EFL=00010246 ESP=BFEE7608 EBP=BFEE7628 ESI=08430EB8 EDI=00000000
CRASH(20409/005): EAX=B7F006C0 EBX=00CBBFF4 ECX=00000068 EDX=00000001
CRASH(20409/006): UESP=BFEE7608 TRAPNO=0000000E ERR=00000004
CRASH(20409/007): STACK DUMP
CRASH(20409/008):        BFEE7608:                         00 00 00 00 00 00 00 00 
CRASH(20409/009):        BFEE7610: B8 6A 46 08 C0 06 F0 B7 68 00 00 00 F4 B2 19 00 
CRASH(20409/010):        BFEE7620: C8 6A 42 08 68 00 00 00 58 76 EE BF BC B6 17 00 
CRASH(20409/011):        BFEE7630: 65 6F 42 08 01 00 00 00 68 00 00 00 B8 0E 43 08 
CRASH(20409/012):        BFEE7640: B7 6A 46 08 00 00 00 00 57 B6 17 00 F4 B2 19 00 
CRASH(20409/013):        BFEE7650: C8 6A 42 08 68 F1 42 08 F8 76 EE BF 0D DC 18 00 
CRASH(20409/014):        BFEE7660: C8 6A 42 08 01 00 00 00 65 6F 42 08 68 00 00 00 
CRASH(20409/015):        BFEE7670: 14 F3 42 08 00 00 00 00 68 00 00 00 00 00 00 00 
CRASH(20409/016):        BFEE7680: C8 6A 42 08 C8 6A 42 08 00 00 00 00 00 00 00 00 
CRASH(20409/017):        BFEE7690: 67 43 57 53 A9 6A 46 08 63 6F 42 08 E4 76 EE BF 
CRASH(20409/018):        BFEE76A0: A8 76 EE BF 00 00 00 00 2D 21 C5 00 1F 00 00 00 
CRASH(20409/019):        BFEE76B0: 63 6F 42 08 02 00 00 00 02 00 00 00 D9 47 19 00 
CRASH(20409/020):        BFEE76C0: 01 00 00 00 01 00 00 00 00 00 00 00 C8 6A 42 08 
CRASH(20409/021):        BFEE76D0: C4 F2 42 08 01 00 01 00 F8 76 EE BF 28 E1 18 00 
CRASH(20409/022):        BFEE76E0: 01 00 00 00 68 00 00 00 18 C3 18 00 F4 B2 19 00 
CRASH(20409/023):        BFEE76F0: 68 F1 42 08 C4 F2 42 08 38 77 EE BF AF ED 18 00 
CRASH(20409/024):        BFEE7700: 68 F1 42 08 27 77 EE BF                         
CRASH(20409/026):        ./build/boston[0x805d7b8]
CRASH(20409/027):        ./build/boston[0x805df94]
CRASH(20409/028):        /lib/tls/[0xbb79b0]
CRASH(20409/029):        /usr/lib/[0x17b6bc]
CRASH(20409/030):        /usr/lib/[0x18dc0d]
CRASH(20409/031):        /usr/lib/[0x18edaf]
CRASH(20409/032):        /usr/lib/[0x18f242]
CRASH(20409/033):        ./build/boston(notify_facebook+0x39c)[0x805a000]
CRASH(20409/034):        ./build/boston[0x8050745]
CRASH(20409/035):        ./build/boston(main_cli+0x1cc)[0x80505f4]
CRASH(20409/036):        ./build/boston(main+0x147)[0x805243f]
CRASH(20409/037):        /lib/tls/[0xba4e93]
CRASH(20409/038):        ./build/boston[0x804ce15]
CRASH(20409/040):        ./build/boston
CRASH(20409/041):        --config
CRASH(20409/043):        --cmd
CRASH(20409/044):        NEW
CRASH(20409/045):        --update
CRASH(20409/046):        NEW
CRASH(20409/047):        --file
CRASH(20409/048):        /tmp/e
CRASH(20409/050):        [redacted]

Woot! Way to go, OpenSSL!

So updating ca-bundle.crt is a “No go!”

The next option?

curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,0); /* in other words, no validation */

It's not like what I post on the Internet is private. And there are no errors nor crashes. Hopefully, this is enough to fix the issue.

Update a few seconds later

Nope. No error. But no MyPlusFaceSpaceGoogleBook update. Grrrrrr …

Update at 2:06 AM, Wednesday, April 23rd, 2014

Okay, I stupidly removed the code that sent the authenticated token from MyPlusFaceSpaceGoogleBook back to MyPlusFaceSpaceGoodBook. All is right with the world now.

Obligatory Picture

[“Only the highest fidelity images are used for identification purposes!”

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site:, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2018 by Sean Conner. All Rights Reserved.