To make up for posting that downer of a TSA article how about some photos from the day I spent in Jasper National Park? Click any image to go to the Flickr page and see it in larger sizes. Or you could just view the entire set!
Having just returned from a trip to Canada I have now experienced the new TSA security theater1 for flights inbound to the US from abroad. Hopefully your own experience will not mirror mine, but if these restrictions stay in place this post could be helpful to some.2
At check-in we discovered that the TSA will allow outbound flights to take backpacks and carry-ons, but when coming back into the country you must check them. In my case I was required to check both my backpack and my suitcase. This incurred a $20 charge for something I was forced to do, but the agent “generously” allowed me to check my backpack for free. Since that backpack was explicitly designed to hold only my laptop and camera equipment I had to pick a lens, attach it to my camera body, grab my (bare) laptop, and hope the rest of my equipment wasn’t damaged.
Once we dropped off our bags we entered the actual screening line. The staff there announced that each passenger would have their personal effects individually inspected and then they would undergo a body search. My agent searched through the belongings I had left (cell phone, keys, belt, shoes, wallet, coat, camera, and laptop) relatively thoroughly. She even looked through my wallet. I was informed that the new rules do allow laptop bags as long as they contain nothing but laptop-related equipment, as well as camera bags with the same restriction. Of course, you can’t carry two bags on so that doesn’t help people who need both.
After this I was supposed to receive a pat down search, but since every screener was busy the agent used an alternate method. She instructed me to rub my hands in my pockets and then hold my palms out face up so she could rub a tissue on my hands to check for bomb residue. Once cleared I was allowed to gather my things and proceed to the gate.
On the plane the lack of a case for my camera or laptop became more of an issue. Both overhead and under the seat are difficult locations when your equipment has no protection, but eventually my items were stowed. We were seated in the second to last row of the plane, which became the last when the flight attendants requested that those behind us move to different seats further up. The rationale given for emptying the final row was to help prevent the congregation of people near the lavatory and this rule was strictly enforced. We were also told that we would be required to put away all electronic devices and remain buckled in and seated for the final hour of our flight into Chicago. Anything that could obstruct the lap (such as a coat, blanket, or pillow) had to be stowed overhead or underneath the seat.
Our flight completed without incident3, but these new restrictions aren’t making me feel safer — they’re becoming real obstacles to using air travel.
Having realized that I haven’t looked at WordPress theme development in nearly a year, I decided to search around and ended up switching over to Mystique. The theme offers a wealth of features and even obsoletes some plugins and widgets I was previously using. I’m not sure if I’ll stick with it long-term but it’s certainly a very polished product. Fidgetr may need a few upgrades to keep up with the times… Let me know in the comments if you spot anything broken!
I’ve put quite a few custom CSS tweaks in already, some of which I’ve listed below. Others who use the Mystique theme may find these changes helpful.
Short and sweet. This command will parse and give you a list of revoked serial numbers:
openssl crl -inform DER -text -noout -in mycrl.crl
Most CRLs are DER encoded, but you can use -inform PEM if your CRL is not binary. If you’re unsure if it is DER or PEM open it with a text editor. If you see —–BEGIN X509 CRL—– then it’s PEM and if you see strange binary-looking garbage characters it’s DER.
As internationalized domain names (IDN) proliferate more people need to test with, and ultimately purchase, IDN certificates. If you need to generate a CSR or even a self-signed certificate for an internationalized domain follow these steps:
For CSR generation1:
openssl req -new -nodes -out mycsr.csr -keyout mykey.pem -newkey rsa:2048
For self-signed certificate generation2:
openssl req -new -nodes -x509 -days 3650 -out mycert.cer -keyout mykey.pem -newkey rsa:2048
Either way, follow the prompts and when you reach Common Name paste the text you copied from the punycode converter. Now you can submit your CSR to a certification authority or install the self-signed certificate for testing.
Gizmo5 (recently acquired by Google) gives you a SIP phone number that you can link to Google Voice. This lets you use the Gizmo5 application to receive phone calls. But what if you want to use a real phone? Enter the ATA (Analog Telephone Adapter). Using a VoIP ATA you can hook in a normal telephone and receive calls from your Google Voice number like a landline!
For this tutorial I’m going to give the configuration requirements for a Linksys/Cisco PAP2T. Unfortunately, ATAs have a myriad of settings so it’s difficult to say exactly what you need to configure if you’re not using this model, but hypothetically speaking the settings should be similar.
With that caution out of the way let’s get started…
To do this you will need an ATA (preferably a Linksys PAP2T-NA), a Gizmo5 account, and a Google Voice account. If you don’t have a Gizmo5 account you’re out of luck for now, because new signups are closed. If you meet these requirements then you’ll need to look up your Gizmo5 SIP number (starts with 1747). This can be found in your account overview at my.gizmo5.com. Write it down or copy it to a text file because we’ll use it in a few different places.
Connect your PAP2T-NA to your network. It will obtain a DHCP lease, but you need to know the IP so you can look at the web interface. To find this, you can typically go look at the “device list” on your local router (which is frequently found at http://192.168.1.1). The ATA should show up named “LinksysPAP”. Once you’ve found the IP, type it in your browser and you will see this screen.
Now you’ll need to click admin login, then click advanced view, then click line 1. This will bring you to this screen:
Now scroll down and find the following options. Make sure they’re set as follows (don’t touch any other settings)1.
Sip Port: any port from 5060-5099
Proxy: proxy01.sipphone.com
Use Outbound Proxy: no
Outbound Proxy: leave blank
Use OB Proxy in Dialog: no
Register: yes
Make Call Without Reg: no
Register Expires: 60
Ans Call Without Reg: no
Use DNS SRV: no
DNS SRV Auto Prefix: no
Proxy Fallback Intvl: 3600
Proxy Redundancy Method: normal
Display Name: Your Name
User ID: 1747####### (Gizmo5 ID)
Password: yourgizmo5password
Use Auth ID: yes
Auth ID: 1747#######
Preferred Codec: G711U
Use Pref Codec Only: no
DTMF TX: Auto
Dial Plan: ([2-9]xx[2-9]xxxxxx|011xx.|1[2-9]xx[2-9]xxxxxx)2
Now click regional and change the ring waveform to “sinusoid” and the ring voltage to 90.
Finally, you’ll need to set up STUN support under the SIP tab. At the bottom of the page set the following settings:
STUN Enable: yes
STUN Server: stun01.sipphone.com
EXT RTP Port Min: 3478
Click save settings and let’s move on to configuring Google Voice.
Head to the Google Voice website, click settings, then click “add another phone”. Select Gizmo, put in your 1747 number from earlier, and follow the directions. When it calls you to verify the number the landline you’ve connected to your PAP2T-NA should now ring. Once you’ve verified the phone you are done. To test you can call your Google Voice line yourself, or use the Google Voice website to call someone else! Enjoy your free phone.