The Joys of Having an Expired SSL Certificate

A frustrating waste of time.

A few months ago, when it became clear that the Republican led congress was going to allow ISPs to sell our browsing history to the highest bidders, I got a bit more concerned about security. In my research, I came across an article that recommended that users never visit a website without an SSL certificate.

If you don’t know how to tell whether a site has an SSL certificate, the easiest way is to look at the full URL. If it starts with https:// instead of http:// it has an SSL certificate. Think of that extra character, the s, as standing for secure.

Also, some web browsers display a special icon — such as a lock — near the URL or possibly in the status bar at the bottom of the page.

One thing is for sure: You should only enter personal data in pages that are SSL-protected. So if you don’t know how to check for a secure page in your browser, learn.

Of course, at the time, this blog did not have an SSL certificate. I’d done some research in the past and decided it wasn’t worth the cost. After all, although I do get a few donations — thank you generous supporters! — it isn’t as if this site earns any money for me. Hosting costs enough money; buying a certificate wasn’t in the budget.

Still that article made me wonder if I were losing visitors because I didn’t have that certificate. So I did some more research and discovered that my WordPress host, Bluehost, offered a free SSL certificate for subscribers. I made a few calls, clicked a few links, installed a WordPress plugin, and voila! I had a coveted https:// URL.

And then I pretty much forgot about it. After all, typing in the old URL (without the s) still pointed people to the new one. And who types in the whole thing anyway? If you put in any combination of URLs to get to this site — or if you clicked a link that took you here — some sort of behind-the-scenes magic put you on a secure page.

Yesterday changed that. I went to check the site and was faced with the following message:

Page is Not Secure

WTF?

Of course, I discovered this about 30 minutes before a friend was due to arrive to detail my helicopter and I had about a half dozen other things I wanted/needed to do before he arrived — like get dressed? (It was 5:30 AM.) So I did the easy thing: I called Bluehost and asked them what the hell was going on.

The support guy I got was very fond of the hold button. I don’t know if it’s because he really needed help or if he was working on more than one call at a time. I was on hold for most of the 45 minutes our call lasted. While I waited, my friend came, I greeted him in my pajamas, I made him coffee, and I put a bowl of cherries in front of him, occasionally interrupting our conversation to speak with the Bluehost support guy when he came back on the phone.

My big concern was this: people would be scared away by that message. They’d click a link, get to my site, and leave, thinking they’d get a virus or something. I needed the problem resolved quickly.

I was told that Comodo, the organization that provided the SSL certificates, had sent me some sort of verification email that I needed to click a link in. I told him I’d never gotten a message, although it could have been sorted into spam and automatically deleted. He asked me to check a specific email address. I told him I didn’t have that email address. “Well, that’s where the message was sent.”

This made no sense. It was not the email address I had on file with Bluehost. It was an email address on my domain that I had never set up. I checked and verified that it didn’t exist. Comodo had sent an email message to an address that I’d never created or used.

Seriously: WTF?

Mr Hold Button told me to create the address, which I did while he waited. Then, after putting me on hold for a while longer, he told me they’d send a new message and that I should follow the instruction in it.

By this time, I was tired of dealing with the problem. I needed to get dressed. I needed to pull the helicopter out so my friend could get started on it. I needed to do the other things I needed to do. So I told him I’d check in a while and hung up.

And then I forgot about it.

You see, I have a life and that life does not revolve around dealing with computer issues. That was my old life. My new life is far more interesting.

Besides, I had no intention of adding that new email address to any of my email clients on any of my devices. That meant I had to sit at a computer and go to the Webmail feature on Bluehost to check the message. Not exactly something I’m likely to remember.

But I got reminded again this morning when it still didn’t work right. One of my readers emailed me. I also noticed when I attempted to approve two comments.

I checked that stupid email inbox. Empty.

I got on the phone with Bluehost.

This time I got a guy who didn’t like touching the hold button. He stuck with me while we worked through the problem. There was a lot of silent time. He was texting with Comodo. I was starting to write this blog post. Occasionally, he would update me. Occasionally I’d whine to him about how ridiculous the whole thing was. He was suitably sympathetic. I was as apologetic as I could be. After all, it wasn’t his fault.

In the end, the email message finally came. I clicked the link — but not after lecturing him about how we’re not supposed to click links in email messages. I entered the secret code. He confirmed some stuff on his end. I snacked on some cherries. When he said, “Try now,” I did.

The problem was fixed. It had taken 22 minutes.

We wished each other a nice day. When I got the survey at the end of the call, I gave him a good score.

So it looks like this site is secure again — at least until the next time Comodo decides it needs to verify me.

And yes, this did impact site traffic. I had less than half my usual visitors yesterday and started today at about one quarter the traffic I should have had by noon.

Another Waste of Taxpayer Money

I knew the FAA was slow, but this is ridiculous.

I’m terrible about opening my mail. I routinely fetch it from my mailbox (which is two miles from my home) and leave it on the dashboard of whatever vehicle I’m driving. Or toss it behind the seat. Or bring it inside, but leave it in my “inbox” pile. No matter where it enters my life, it sits there for a long time. Truth be told, there’s a six-month period in early 2014 when I just stuffed it all in a box and lost it in my garage. (I honestly think there’s a black hole in there.)

This time of year, when I’m actually expecting checks, I pay a little closer attention to what comes in the mail. That’s why I noticed the letter from the FAA and opened it within two weeks of receipt. (Heck, I knew the FAA wasn’t sending a check, so why rush?)

Inside was the letter dated 5/19/2017 that you can see below.

FAA Letter
So the FAA basically waited 17 years to give me an opportunity to opt out of releasing my address to the public.

It basically says that back on April 5, 2000 (not a typo), Congress and the President — Bush 43, I guess — enacted a law that required the FAA to make pilot addresses available to the public. Fortunately, I can opt-out of this invasion of my privacy by signing the letter and sending it back to the FAA.

But I have to hurry! Even though it took them 17 years to send me this letter, I only have 90 days to respond.

Can you believe this crap?

My first thought was what a waste of taxpayer money this is. Wikipedia reports that there were 590,039 certificated pilots in the United States as of 2015 year-end. That means the FAA had to print and mail 590,039 letters just like the one I got.

Maybe that’s why it took so long? Maybe they just got up to the Ls?

So the FAA has blown through 1181 reams of paper and a similar number of boxes of envelopes. Even if they got bulk rate on mailing all those envelopes, they’ve still spent well over $100,000 on postage. Somebody had to handle the mailing — even if a machine stuffed the envelopes, someone still had to tend to that machine and get them to the post office. How many trips to the Post Office is that? Do they have trucks standing by for mass mailings like this?

So how much money have they pissed away on this so far? A quarter million? More?

And then there’s the processing. I’m not going to the website. I’m going to sign the letter and mail it back. There’s got to be some poor slob in Oklahoma City who’s sitting at a desk just waiting for envelopes with signed letters to come in. He or she has to look up each one in the system and toggle a check box to say we want our addresses kept private. And then what? Do they actually file all that paper? Stick it in filing cabinets? How many filing cabinets do they have? How many rooms does that fill? Do they have buildings filled with filing cabinets of paper?

Paper!

And for what? What gives Congress and the President the right to decide that the public is entitled to the addresses of certificated pilots? What is the benefit of such a rule? Why would they even do this?

And who the hell wouldn’t opt out?

This is stupid from start to end. it’s wallpapered with stupid.

But that’s our tax dollars at work. Imagine how many educational programs the cost of this mailing would have funded. How many Meals on Wheels dinners. How many airport improvements, for Pete’s sake.

Why are the people in Washington so damn stupid with our money?

Naked on the Deck

And other benefits of a home with privacy.

Lately, I’ve taken to relaxing on my deck after a shower or soak in the tub. Naked.

Naked on the Deck
This chair outside my bedroom door to the deck is a perfect place to relax after a shower or soak in the tub.

I can do that where I live. My north-facing deck is covered and blocked from the road by my home. There’s a hill to the west that separates me from my closest neighbor. To the north and east, the land drops away, leaving me with a clear view down to the Columbia River Valley with more than a quarter mile between me and the closest home or orchard.

I have a comfortable chair out there where I can relax, letting a warm summer breeze tickle my skin and dry water droplets my towel missed. I listen to the birds or the crickets or the orchard sprayers while looking out over miles of orchards, scattered homes, a small lake, the winding Columbia River, basalt cliffs, and the city of Wenatchee off in the distance.

It’s one of the perks of living someplace with privacy.

My home in Arizona had nearly as much privacy and I admit I occasionally lounged on my upstairs patio there after a shower or bath — mostly on a warm winter afternoon when the sun flooded the covered area. But I was far more likely to drop my towel at night than during the day; my neighbors were a lot closer and more likely to spot me out there. I’m shy.

My vacation home in northern Arizona was the ultimate in privacy. No one was ever around up there. That place also had a deep silence broken only occasionally by the sound of the flapping of a raven’s wings or a car wandering onto the rumble strip along the closest paved road two air miles away. Or a jet, 30,000 feet up, flying on the jet route over the Grand Canyon.

I value privacy — real privacy. That’s one of the reasons I live on ten acres two miles down a gravel road on the edge of town. Yeah, it’s a long drive — 10 miles to the nearest supermarket — but it’s so worth it.

People complain about loss of privacy from big data collection by social media or portable devices or government agencies like the TSA. Yet these same people live in homes 20 feet from their neighbors’ and rely on association-approved fences to keep those same neighbors from watching their backyard barbecues. Or they share walls with neighbors in apartments or condos and can hear their neighbors sneeze or argue or have sex. Or their windows look out into community spaces, thus requiring them to close the blinds if they don’t want their neighbors to watch them eating dinner or watching television.

I lived like that for a while: in a fishbowl condo that reminded me so much of a movie that I named the network Rear Window. I hated having to use blinds to block out prying eyes — and light. I hated the thought that I had to change the way I lived my life just because I lived so close to other people.

But here in my new home, I don’t have curtains or blinds on any of my windows. I don’t need them. No one is going to look in — no one can. And no one wants to — most of the people out here have their own lives and don’t need to poke their noses into their neighbors’ business. (Sadly, not all of them have learned what living in the country is all about, but I suspect they’ll learn that lesson soon. Seriously: some people who live in metro areas really should stay there. They’re not welcome here.)

So I’ll relax naked on my deck whenever I like, basking in the privacy that my semi-remote home gives me, glad that I made the decision to rebuild my life here, in a place I love, on my terms.