{ "version": "https://jsonfeed.org/version/1.1", "title": "Posts on Assorted Nerdery", "description": "Recent content in Posts on Assorted Nerdery", "home_page_url": "https://bostonenginerd.com/", "feed_url": "https://bostonenginerd.com/posts/index.json", "language": "en-US", "icon": "https://bostonenginerd.com/apple-touch-icon.png", "favicon": "https://bostonenginerd.com/apple-touch-icon.png", "items": [ { "title": "Boston Public Library", "date_published": "2025-09-27T20:09:26-04:00", "date_modified": "2025-09-27T20:09:26-04:00", "id": "https://bostonenginerd.com/posts/bostonlibrary/", "url": "https://bostonenginerd.com/posts/bostonlibrary/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003e\u003cstrong\u003eCool discovery\u003c/strong\u003e: Anyone who has their primary residence in the Commonwealth of\nMassachusetts, works in Massachusetts, or owns residential property in the\nCommonwealth can \u003ca href=\"https://www.bpl.org/your-library-card/\"\u003eapply for and receive an eCard for the Boston Public Library.\u003c/a\u003e\nYou don\u0026rsquo;t even have to physically show up at any of their branches to get these\nbenefits.\u003c/p\u003e\n\u003cp\u003eThe library provides a ton of digital resources to Massachusetts residents.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFree access to the \u003ca href=\"https://www.bpl.org/resources-types/newspapers/\"\u003eBoston Globe and Boston Herald\u003c/a\u003e, NYTimes and WSJ websites.\u003c/li\u003e\n\u003cli\u003eAccess to \u003ca href=\"https://www.economist.com\"\u003eThe Economist\u003c/a\u003e,\u003ca href=\"https://www.csmonitor.com\"\u003eChristian Sciene Monitor\u003c/a\u003e, and many other magazines through \u003ca href=\"https://ezproxy.bpl.org/login?url=https://www.pressreader.com\"\u003ePressreader\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eStreaming music through a service called \u003ca href=\"https://bostonpl.freegalmusic.com/\"\u003eFreegal\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStreaming movies and television shows through a bunch of services like\u003ca href=\"https://boston.kanopy.com/\"\u003eKanopy\u003c/a\u003e,\u003ca href=\"https://biblioplus.com/library/bpl.org\"\u003e and biblio+\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLots of ebooks and other magazines through\u003ca href=\"https://bpl.overdrive.com\"\u003eOverdrive / Libby\u003c/a\u003e,\u003ca href=\"https://bostonpl.boundless.baker-taylor.com/ng/view/library\"\u003eBoundless\u003c/a\u003e,\u003ca href=\"https://ezproxy.bpl.org/login?url=https://search.ebscohost.com/login.aspx?authtype=ip,cpid\u0026amp;custid=s8464198\u0026amp;groupid=main\u0026amp;profile=eon\"\u003eFlipster\u003c/a\u003e,\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.bpl.org/resource/oreilly/\"\u003eTechnical books, audiobooks and online courses from O\u0026rsquo;Reilly\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere\u0026rsquo;s even a free \u003ca href=\"https://www.bpl.org/resource/headspace/\"\u003eHeadspace membership\u003c/a\u003e available for those who are in need of meditation!\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.bpl.org/popular-online-resources/\"\u003eGo check it the online resources out!\u003c/a\u003e\u003c/p\u003e\n" }, { "title": "One year with PV", "date_published": "2024-12-21T11:32:25-05:00", "date_modified": "2024-12-21T11:32:25-05:00", "id": "https://bostonenginerd.com/posts/pvoneyear1/", "url": "https://bostonenginerd.com/posts/pvoneyear1/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eIn October 2023, I had 23 solar panels installed on my roof in the Boston area.\nThis post series will summarize our experience with the system thus far.\u003c/p\u003e\n\u003ch2 id=\"procurement-process\"\u003eProcurement Process\u003c/h2\u003e\n\u003cp\u003eWe went with a company out of Arlington, Massachusetts, for the project.\nI found the company using \u003ca href=\"https://www.energysage.com\"\u003eEnergySage\u003c/a\u003e, a quote aggregator. EnergySage is a\nconvenient way to get multiple quotations from different local companies.\nThere are others, including \u003ca href=\"https://www.solar.com\"\u003eSolar.com\u003c/a\u003e, who provide a similar service.\nEnergySage is a Boston company, so I preferentially chose them.\u003c/p\u003e\n\u003cp\u003eThe quoting process with EnergySage is straightforward. You put in information\nabout your house, which gets farmed out to several companies to provide\nbudgetary quotations. They provide a convenient comparison table for the quotes.\nIn my case, I received seven quotations back, with more or less equivalent\nequipment. I selected a subset of these to pursue further \u0026ndash; some quotes were\nwell out of line with the others. Two of the vendors were very responsive, and I\nselected one of them.\u003c/p\u003e\n\u003cp\u003eThe nice thing about EnergySage is that their platform shields you from\nreceiving spam calls. You can communicate with the companies through\ntheir portal before providing your contact information to the short-listed\ncompanies. I started seriously considering PV in 2021 and went through a round\nof project quotations before pulling the trigger in 2023.\u003c/p\u003e\n\u003ch2 id=\"system-description-and-costs\"\u003eSystem Description and Costs\u003c/h2\u003e\n\u003cp\u003eIn August 2023, the winning quotation priced the system at $3.26/W for Hanwa\nQ-Cells 405W panels paired with Enphase IQ8-M inverters.\u003c/p\u003e\n\u003cp\u003eBased on a report released by EnergySage (\u003ca href=\"#citeproc_bib_item_1\"\u003e“Energy Sage Marketplace Intel Report H1 2024” n.d.\u003c/a\u003e) in\nOctober 2024, I paid what has become the average cost today. If you\u0026rsquo;re\ninterested in PV, this report is a good read on the current market situation.\nIt\u0026rsquo;s incredible how cheap solar can be in areas that don\u0026rsquo;t have good net\nmetering policies and cheap labor.\u003c/p\u003e\n\u003cdiv class=\"table-caption\"\u003e\n \u003cspan class=\"table-number\"\u003eTable 1:\u003c/span\u003e\n System Costs and Rebates\n\u003c/div\u003e\n\u003ctable\u003e\n \u003cthead\u003e\n \u003ctr\u003e\n \u003cth\u003eMilestone\u003c/th\u003e\n \u003cth\u003eAmount ($USD)\u003c/th\u003e\n \u003c/tr\u003e\n \u003c/thead\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd\u003eDown Payment\u003c/td\u003e\n \u003ctd\u003e1000\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eOne month Prior\u003c/td\u003e\n \u003ctd\u003e14679\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eInstallation Complete\u003c/td\u003e\n \u003ctd\u003e14697\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003ePermission to Operate\u003c/td\u003e\n \u003ctd\u003e1000\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eTotal Outlay\u003c/td\u003e\n \u003ctd\u003e30376\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e\u003cstrong\u003eIncentives\u003c/strong\u003e\u003c/td\u003e\n \u003ctd\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFederal Investment Tax Credit (30%)\u003c/td\u003e\n \u003ctd\u003e- 9112\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eMassachusetts Tax Credit\u003c/td\u003e\n \u003ctd\u003e- 1000\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e\u003cstrong\u003eNet Cost\u003c/strong\u003e\u003c/td\u003e\n \u003ctd\u003e20264\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eAfter tax credits, the system was around $20k. Both tax credits came\nback in early 2024 when I submitted my taxes for 2023. The tax credit is\nnon-refundable, meaning you need to have a tax liability larger than it\nto take full advantage, though \u003ca href=\"https://www.energy.gov/eere/solar/homeowners-guide-federal-tax-credit-solar-photovoltaics\"\u003eit is possible to carry it over to a subsequent\nyear\u003c/a\u003e.(\u003ca href=\"#citeproc_bib_item_2\"\u003e“Homeowner’s Guide to the Federal Tax Credit for Solar Photovoltaics” n.d.\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eOther related expenses include:\u003c/p\u003e\n\u003cdiv class=\"table-caption\"\u003e\n \u003cspan class=\"table-number\"\u003eTable 2:\u003c/span\u003e\n Other Related Expenses\n\u003c/div\u003e\n\u003ctable\u003e\n \u003cthead\u003e\n \u003ctr\u003e\n \u003cth\u003eItem\u003c/th\u003e\n \u003cth\u003eCost\u003c/th\u003e\n \u003c/tr\u003e\n \u003c/thead\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd\u003eNew Roof\u003c/td\u003e\n \u003ctd\u003e$14000\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eElectrical Panel Upgrade\u003c/td\u003e\n \u003ctd\u003e$3500\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eAlthough necessary for the project, these expenses are not formally considered\npart of it. My roof already needed replacement, and the electrical panel\nreplacement happened as part of a broader household electrification effort.\nIncluding these as part of the ROI calculation is not fair.\u003c/p\u003e\n\u003cp\u003eThe final design for my system included 23 \u003ca href=\"https://us.qcells.com/q-peak-duo-blk-ml-g10/\"\u003eHanwa Q-Cells Q.PEAK DUO BLK ML-G10+\u003c/a\u003e\npanels. These panels are paired with \u003ca href=\"https://enphase.com/store/microinverters/iq8-series/iq8m-microinverter\"\u003eEnphase IQ8M\u003c/a\u003e microinverters to reduce the\namount of clipping. The inverters have a maximum output power of 325W, which is\nabout 25% less than the solar panel\u0026rsquo;s maximum output. Even the panels can cause\nclipping on the inverters, this is occurs rarely. Panels are usually\nnot installed in ideal locations \u0026ndash; the panels are not facing due south or on a\ntracker, they\u0026rsquo;re not at the perfect angle, etc.\u003c/p\u003e\n\u003cp\u003eClipping on our system has happened since the inverters are undersized compared\nto the panels, but it\u0026rsquo;s not common. Figure \u003ca href=\"#figure--fig:clipping\"\u003e1\u003c/a\u003e shows an example of when\nthis happens. It took some digging to find this in my archives.\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"figure--fig:clipping\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\n \n \u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/posts/pvoneyear1/data_clipping.svg\" loading=\"lazy\" alt=\"An example of power production over a day where clipping is observed. You can see between the red vertical lines, the power output is flat indicating that system produces the maximum power.\"\u003e\n\u003cfigcaption\u003e\n\u003cspan class=\"figure-number\"\u003eFigure 1: \u003c/span\u003eAn example of power production over a day showing clipping. The power output is flat between the red vertical lines, indicating that the system is producing the maximum amount of power.\u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003ch2 id=\"process\"\u003eProcess\u003c/h2\u003e\n\u003cp\u003eAfter signing the contract to move forward with the system, a representative\nfrom the vendor came out to visit my home and make some measurements of the\nroof. They took photos of the electrical panel and looked in the attic at the\nrafters to check the spacing and size.\u003c/p\u003e\n\u003cp\u003eAfter this, the engineering team at the vendor got to work and submitted a pile\nof paperwork to the utility and my city to obtain the necessary approvals and\npermits. The design underwent multiple iterations due to some new fire code\nrequirements described in \u003ca href=\"#headaches\"\u003eHeadaches\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThe timeline from signing the papers to getting Permission to Operate (PTO) was\n108 days. The actual installation took only two days.\u003c/p\u003e\n\u003cp\u003eDuring the installation, there were two inspection steps. The city is supposed\nto inspect the physical installation to ensure that all setbacks are maintained\nand the system properly ties into the framing. They are also required to\nsign off on an electrical inspection after everything is tied in. After this\ninspection, the installer can ask the utility to make the meter swap and grant\npermission to operate the system.\u003c/p\u003e\n\u003cp\u003eIn my case, I believe that the city waived the physical inspection of the\nequipment, but they did come out for the electrical inspection.\u003c/p\u003e\n\u003cp\u003eKudos to the technician from Eversource for working Black Friday and swapping my\nmeter out.\u003c/p\u003e\n\n\n \n \u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/posts/pvoneyear1/pv12mo/timeline.svg\" loading=\"lazy\"\u003e\n\u003c/figure\u003e\n\n\u003ch2 id=\"headaches\"\u003eHeadaches\u003c/h2\u003e\n\u003ch3 id=\"setback-requirements\"\u003eSetback Requirements\u003c/h3\u003e\n\u003cp\u003eOn December 9, 2022, the Commonwealth of Massachusetts adopted the 2021 NFPA 1 fire code. The new edition makes the access requirements on the\nroof stricter than in the past.A 36\u0026quot; walkway on the roof plane is now required, and the setback from the roof ridge should also be 36\u0026quot;.\u003c/p\u003e\n\u003cp\u003eSection 11.12 describes the requirements for photovoltaic systems, but due to\nsome crazy licensing restrictions I cannot copy the relevant sections here.\nThey may be \u003ca href=\"https://www.nfpa.org/codes-and-standards/nfpa-1-standard-development/1\"\u003eviewed here\u003c/a\u003e for free, but an account is necessary. They also have\nridiculous password requirements, considering it\u0026rsquo;s a free account.\u003c/p\u003e\n\u003cp\u003eUnfortunately, this new code means we had to install a smaller array than\nthe initial design. We lost four panels from the south-facing portion of the\narray and had to put some panels onto a less productive face.\u003c/p\u003e\n\u003ch3 id=\"equipment-problems\"\u003eEquipment Problems\u003c/h3\u003e\n\u003cp\u003eThus far, we had one issue with the system at installation. All of the\nmicroinverters communicate with a piece of equipment called the IQ Combiner 4.\u003c/p\u003e\n\u003cp\u003eThis unit manages:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMonitoring the grid connection to shut off the power if the grid drops.\u003c/li\u003e\n\u003cli\u003eCommunicating with the microinverters underneath each panel.\u003c/li\u003e\n\u003cli\u003eMonitoring the power output and, optionally, consumption from the electrical panel\u003c/li\u003e\n\u003cli\u003eSending data to the Enphase Enlighten monitoring system.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe Ethernet connection on the IQ Combiner 4 unit was faulty. The Enphase remote support RMA\u0026rsquo;d a board for us and, the installer replaced it during a follow up visit.\u003c/p\u003e\n\u003cp\u003eSince then, we have had zero issues.\u003c/p\u003e\n\u003ch2 id=\"next-steps\"\u003eNext Steps\u003c/h2\u003e\n\u003cp\u003eIn the next post, we\u0026rsquo;ll review the system\u0026rsquo;s electrical performance, and in the third post in this series, we\u0026rsquo;ll cover the financial performance.\u003c/p\u003e\n\u003ch2 id=\"references\"\u003eReferences\u003c/h2\u003e\n\u003cstyle\u003e.csl-entry{text-indent: -1.5em; margin-left: 1.5em;}\u003c/style\u003e\u003cdiv class=\"csl-bib-body\"\u003e\n \u003cdiv class=\"csl-entry\"\u003e\u003ca id=\"citeproc_bib_item_1\"\u003e\u003c/a\u003e“Energy Sage Marketplace Intel Report H1 2024.” n.d. Accessed November 21, 2024. \u003ca href=\"https://www.energysage.com/data/\"\u003ehttps://www.energysage.com/data/\u003c/a\u003e.\u003c/div\u003e\n \u003cdiv class=\"csl-entry\"\u003e\u003ca id=\"citeproc_bib_item_2\"\u003e\u003c/a\u003e“Homeowner’s Guide to the Federal Tax Credit for Solar Photovoltaics.” n.d. Energy.gov. Accessed November 27, 2024. \u003ca href=\"https://www.energy.gov/eere/solar/homeowners-guide-federal-tax-credit-solar-photovoltaics\"\u003ehttps://www.energy.gov/eere/solar/homeowners-guide-federal-tax-credit-solar-photovoltaics\u003c/a\u003e.\u003c/div\u003e\n\u003c/div\u003e\n" }, { "title": "Hybrid Water Heater Review", "date_published": "2024-08-10T23:00:00-04:00", "date_modified": "2024-11-28T11:51:23-05:00", "id": "https://bostonenginerd.com/posts/waterheater/", "url": "https://bostonenginerd.com/posts/waterheater/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eOne of the recurring joys of home ownership is plumbing. In 2021, the water\nheater in our home developed a small leak. Fortunately, the leak was small\nenough where we had some time to work out the next steps. Our long-term goal for\nour home is fully run on electricity for both comfort and climate reasons.\u003c/p\u003e\n\u003cp\u003eThe domestic hot water system that existed in the home when we bought it used\nthe indirect heating loop in the oil boiler and an unplugged electrical water\nheater as a storage tank. The boiler was setup to maintain a set point between\n120F and 170F all year round. Looking at the summer usage of the boiler, we used\nbetween 0.5 and 1 gallon of oil per day to keep the boiler hot. Extrapolating\nthis, I estimate that heating water was burning around a full tank of oil per\nyear \u0026ndash; around $900/yr at the $3.50/gal price in Feb 2022.\u003c/p\u003e\n\u003ch2 id=\"installation\"\u003eInstallation\u003c/h2\u003e\n\u003cp\u003eThe first step in installing the HPWH was to have our electrician run a 240V 30A\ncircuit to the location. Our electrician did this some weeks prior to the water\nheater\u0026rsquo;s arrival. Although the water heater\u0026rsquo;s normal consumption is around 400W,\nit has traditional heating elements which turn on in a few different scenarios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eHot water utilization is too high for the heatpump to keep up\u003c/li\u003e\n\u003cli\u003eThe ambient temperature is too low in the area the unit is installed.\u003c/li\u003e\n\u003cli\u003eThe heat pump has some mechanical problem or coolant leak which prevents the\nheat pump from operating.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe subsequent steps were performed by a local plumber. The existing storage\ntank and hardware were removed , and the indirect loop on my boiler was capped\noff. The new hot water heater was connected to the existing hot water line.\nFinally, a condensate pump and flexible tubing were connected to move the\ncondensate created by the cold side of the heat pump to a drain.\u003c/p\u003e\n\u003cp\u003eThe version of the water heater that I bought has an automatic shutoff valve and\na leak detection circuit, so we installed the unit onto a drip pan. This will\ncontain any water which may spill from a leak, and concentrate it so the leak\ndetection circuit shuts off the cold water input.\u003c/p\u003e\n\u003cp\u003eAs I recall, the \u003ca href=\"https://files.myrheem.com/webpartners/ProductDocuments/2679665F-4FDA-42AC-8DBF-A938F4CA2FAC.pdf\"\u003emanual\u003c/a\u003e suggests connecting the water heater to the rest of the\nhouse using a flexible line, however the plumber who installed it used rigid\ncopper for the connections. In addition, the manual suggests using a\u003ca href=\"https://en.wikipedia.org/wiki/Heat_trap\"\u003e heat trap\u003c/a\u003e\non the cold water input. This was not done in my installation, but is on my\nto-do list to correct. I\u0026rsquo;d suggest reading the manual and reviewing the\ninstallation plan with the installer prior to commencing work. This isn\u0026rsquo;t to\ncomplain about our installer \u0026ndash; they were good to work with and did clean work\nat a reasonable price on a fast schedule.\u003c/p\u003e\n\u003ch2 id=\"costs\"\u003eCosts\u003c/h2\u003e\n\u003cp\u003eIt always annoys me when I read great writeups of projects, and they skip the\ninstallation costs. Of course, this happened in 2021, and prices are strongly location dependent.\u003c/p\u003e\n\u003ctable\u003e\n \u003cthead\u003e\n \u003ctr\u003e\n \u003cth\u003eItem\u003c/th\u003e\n \u003cth\u003eManufacturer\u003c/th\u003e\n \u003cth\u003eModel\u003c/th\u003e\n \u003cth\u003ePrice\u003c/th\u003e\n \u003cth\u003eStore\u003c/th\u003e\n \u003c/tr\u003e\n \u003c/thead\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd\u003eWater Heater\u003c/td\u003e\n \u003ctd\u003eRheem\u003c/td\u003e\n \u003ctd\u003eProterra 50gal XE50T10HS45U0\u003c/td\u003e\n \u003ctd\u003e$1514.13\u003c/td\u003e\n \u003ctd\u003eHome Depot\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eDrip Pan\u003c/td\u003e\n \u003ctd\u003eEverbuilt\u003c/td\u003e\n \u003ctd\u003e24\u0026quot; Al Drip Pan\u003c/td\u003e\n \u003ctd\u003e$20.98\u003c/td\u003e\n \u003ctd\u003eHome Depot\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eCondensate pump\u003c/td\u003e\n \u003ctd\u003eLittle Giant\u003c/td\u003e\n \u003ctd\u003eVCMX-20ULST\u003c/td\u003e\n \u003ctd\u003e$49.95\u003c/td\u003e\n \u003ctd\u003eHome Depot\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eAt the time, the Chase Sapphire Card had a Pay Yourself Back option at Home\nDepot. I was able to use credit card points to pay for the water heater and the\nother items.\u003c/p\u003e\n\u003cp\u003eThe installation costs:\u003c/p\u003e\n\u003ctable\u003e\n \u003cthead\u003e\n \u003ctr\u003e\n \u003cth\u003eItem\u003c/th\u003e\n \u003cth\u003eCost\u003c/th\u003e\n \u003c/tr\u003e\n \u003c/thead\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd\u003eElectrical Circuit\u003c/td\u003e\n \u003ctd\u003e~$300\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003ePlumbing and Disposal\u003c/td\u003e\n \u003ctd\u003e$800\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eIn 2021 Massachusetts, \u003ca href=\"https://www.masssave.com/\"\u003eMassSave\u003c/a\u003e, the state efficiency program offered a $600\nrebate if you installed a heat pump water heater. Since then, both the state and\nfeds offer even more generous rebates to install these efficient systems.\u003c/p\u003e\n\u003ch2 id=\"performance\"\u003ePerformance\u003c/h2\u003e\n\u003cp\u003eWe have owned the water heater for approximately three years at the time of\nwriting. The elements on the tank kick on ~5 times per month on average, mostly\nduring the wintertime when multiple sequential showers happen. The elements have\nbeen turning on more frequently since last June 2023 when I replaced our highly\nefficient shower head with a model which uses a much higher flow. You can see in\nthe plot below that the summertime usage is higher after this. One item to note\nis that the power monitoring system was not hooked up during August / September\n2022 while our electrical panel was getting upgraded.\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"figure--fig:waterheater-power\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\n \n \u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/posts/waterheater/energy.svg\" loading=\"lazy\" alt=\"A figure showing power utilization over time. The power goes from ~40kWh per month to over 80kWh/month in the wintertime.\"\u003e\n\u003cfigcaption\u003e\n\u003cspan class=\"figure-number\"\u003eFigure 1: \u003c/span\u003ePower usage since installation\u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eIt\u0026rsquo;s also interesting to look at a single cycle. In the plot below, you can see how the power used by the water heater increases with time as the water in the tank gets hotter.\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"figure--fig:waterheater-cycle\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\n \n \u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/posts/waterheater/one.svg\" loading=\"lazy\" alt=\"A figure showing the power usage over one cycle. The power usage increases from 0 to around 400W, with the amount increasing to 450W over the approximately one hour cycle.\"\u003e\n\u003cfigcaption\u003e\n\u003cspan class=\"figure-number\"\u003eFigure 2: \u003c/span\u003ePower usage during a heating cycle\u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eFinally, this is a plot of a water heating cycle where the electric elements\nkicked on during a particularly long heating cycle during the winter. I\u0026rsquo;m not\ncertain what was happening at this time, but I suspect several showers were\ntaken along with dishes and laundry. There are multiple times where the HPWH\npower usage goes down \u0026ndash; indicating that the temperature in the tank is lower.\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"figure--fig:waterheater-element\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\n \n \u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/posts/waterheater/element.svg\" loading=\"lazy\" alt=\"A figure showing the power usage over one heavy day of usage. The water heater kicks on the electric elements for around 1 hour, causing a large spike in energy consumption up to 5000W.\"\u003e\n\u003cfigcaption\u003e\n\u003cspan class=\"figure-number\"\u003eFigure 3: \u003c/span\u003ePower usage during a heating cycle\u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003ch3 id=\"carbon-footprint\"\u003eCarbon Footprint\u003c/h3\u003e\n\u003cp\u003eOn another project, we calculated that our old boiler system used approximately\na full tank of oil each year. This was done using data from a \u003ca href=\"https://www.smartoilgauge.com\"\u003eSmart Oil Gauge\u003c/a\u003e\nwhich reports the oil level in my tank hourly all year round. We looked back at\nthe usage from the summertime before we replaced the water storage tank with our\nHPWH, and extrapolated the usage from that to the full year. Not exactly a\nprecise measurement, given that the boiler is on in the winter time anyway but\nit\u0026rsquo;s a reasonable approximation.\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://www.eia.gov/environment/emissions/co2_vol_mass.php\"\u003eEnergy Information Administration publishs the carbon emission equivalent\nfor a number of fuels.\u003c/a\u003e Diesel or Fuel oil releases approximately 22.5 pounds of\ncarbon dioxide per gallon. Using the estimation that heating water for domestic\nuse burned a full 275 gallon tank of oil annually, we can calculate that hot\nwater caused around three tons of carbon emissions from my household.\u003c/p\u003e\n\u003cp\u003eEIA also publishes the carbon intensity of the \u003ca href=\"https://www.eia.gov/electricity/state/massachusetts/\"\u003eMassachusetts grid\u003c/a\u003e as around\n952lbs per MWh. Our water heater used 700kWh (0.7MWh) in 2024, making our carbon\ndioxide emissions from the HPWH around 666 lbs of carbon \u0026ndash; or around an 89%\nreduction in carbon dioxide! We have a PPA agreement in place to purchase 100%\nrenewable power, which should reduce that further \u0026ndash; though that\u0026rsquo;s mostly an\naccounting trick. In addition, we have solar panels on our roof which should\nreduce our usage further.\u003c/p\u003e\n\u003ch3 id=\"conclusion\"\u003eConclusion\u003c/h3\u003e\n\u003cp\u003eWe\u0026rsquo;ve been quite happy with our Rheem Proterra HPWH so far. Others online seem\nto have reliability issues with the newer units, but we have not encountered any\nproblem with ours yet. Our unit provides the hot water that we need reliably and\nefficiently. Hopefully we will not have to exercise the 10 year warranty!\u003c/p\u003e\n" }, { "title": "Temporarily Enabling Analytics", "date_published": "2023-09-04T14:00:00-04:00", "date_modified": "2024-08-10T22:51:52-04:00", "id": "https://bostonenginerd.com/posts/cloudflareanalytics/", "url": "https://bostonenginerd.com/posts/cloudflareanalytics/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI\u0026rsquo;m trying an experiment with Cloudflare analytics and have enabled it on this page.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;ve enabled a Javascript beacon on the page footer which supposedly allows me to collect pageviews.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.cloudflare.com/web-analytics/\"\u003eAccording to Cloudflare\u003c/a\u003e, this beacon plays nice with keeping readers information private.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eCloudflare Web Analytics does not use any client-side state, such as cookies or localStorage, to collect usage metrics. We also don’t “fingerprint” individuals via their IP address, User Agent string, or any other data for the purpose of displaying analytics.\u003c/p\u003e\u003c/blockquote\u003e\n" }, { "title": "ELECTRIFY ALL THE THINGS!", "date_published": "2022-05-13T16:00:00-04:00", "date_modified": "2024-08-10T22:51:52-04:00", "id": "https://bostonenginerd.com/posts/electrification/", "url": "https://bostonenginerd.com/posts/electrification/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eIf you\u0026rsquo;re coming here from the Chelsea Research Festival, I\u0026rsquo;ll be uploading more information about the project in the coming days.\u003c/p\u003e\n" }, { "title": "T-Mobile Home ISP Service Review with OpenWRT", "date_published": "2021-05-20T17:39:00-04:00", "date_modified": "2024-11-20T21:26:05-05:00", "id": "https://bostonenginerd.com/posts/tmobile-isp/", "url": "https://bostonenginerd.com/posts/tmobile-isp/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eComcast and I have long had a strained relationship. I recognize that the\nservice they\u0026rsquo;ve offered in the houses and apartments that I\u0026rsquo;ve lived in has been\nreliable. However, I\u0026rsquo;ve never been a big fan of their business and billing\npractices.\u003c/p\u003e\n\u003cp\u003eFor example, I purchased my own DOCSIS 3.0 cable modem some years ago when I\nfirst got their internet service. Some months in, I noticed that they were\ncharging me for a cable modem rental. When I contacted them about this, they\nwere insistent that I prove to them that I bought my own cable modem before they\nwould refund the fees. I might recall this incorrectly, but I believe they had\nrequested that I fax my proof of purchase to a number as they did not have an\nemail address setup for such things.\u003c/p\u003e\n\u003cp\u003eAfter that, it was smooth sailing until they charged me full freight for the\nservice and refused to honor the deal they had agreed to. At the end, we put\nsome reasonable deal in place for internet service for some years.\u003c/p\u003e\n\u003cp\u003eTwo years ago, my wife and I bought a house and transferred our service there.\nAs part of that, Comcast has an automatic contact renewal program on their\nwebsite. I agreed to an additional two years at the rate I was paying \u0026ndash; and\nafter a month or two, my bill went up dramatically. Apparently I had exposed\nsome glitch in their system which signed contracts on their behalf that they had\nno intention to honor. After weeks of wasted time, I ended up giving in and\naccepting crappier service for more money since I didn\u0026rsquo;t have any other option.\nLooking back, I should have filed a complaint with the Massachusetts Attorney\nGeneral.\u003c/p\u003e\n\u003cp\u003eFinally, in November 2020 Comcast announced both a \u003ca href=\"https://arstechnica.com/information-technology/2020/11/comcasts-data-cap-finally-goes-nationwide-in-expansion-to-12-more-states/\"\u003e1.2TB data caps\u003c/a\u003e and a\u003ca href=\"https://arstechnica.com/information-technology/2020/11/comcast-raising-tv-and-internet-prices-including-a-big-hike-to-hidden-fees/\"\u003e rate\nhike\u003c/a\u003e. Coincidentally, our data usage somehow jumped up 20% the month after they\nannounced the data cap enforcement. I hadn\u0026rsquo;t been keeping track of our data\nusage on our router at that time, so I can\u0026rsquo;t rule out that our usage did\nactually increase - but the timing is suspicious.\u003c/p\u003e\n\n\u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/images/tmobile/comcast_data.jpg\" loading=\"lazy\" alt=\"Image of data usage showing a jump from 800GB to 1000TB after cap announcement\" width=\"400\" height=\"189\"\u003e\n\u003cfigcaption\u003e\n\u003cspan class=\"figure-number\"\u003eFigure 1: \u003c/span\u003eComcast Data Usage\u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eAlthough Comcast did backpedal on the data cap enforcement, this has led me to\nseek other options in earnest. In our city, you have two choices for\n\u0026ldquo;broadband\u0026rdquo;: Verizon\u0026rsquo;s DSL and Comcast. In today\u0026rsquo;s age, with the \u003ca href=\"https://idlewords.com/talks/website_obesity.htm\"\u003eWebsite Obesity\nCrisis\u003c/a\u003e in full swing 1.5Mbps is not going to cut it for a multi-user household.\nThere are some companies who service larger buildings like NetBlazr and Starry,\nbut they\u0026rsquo;re not interested in working with single family homes.\u003c/p\u003e\n\u003cp\u003eLast December, I saw some news on Reddit about a new \u003ca href=\"https://www.t-mobile.com/isp\"\u003ehome ISP service from\nT-Mobile\u003c/a\u003e. They were targeting speeds of 50Mbps / 50Mbps upload and download\nwithout data caps for $50 / mo inclusive of taxes, fees and including the\nequipment. Our Comcast plan included ~100Mbps download with a paltry 5-7Mbps\nupload for over $100/mo. The Comcast plan included a cable package which is\nrarely used, but the bundle was cheaper than the standalone service.\u003c/p\u003e\n\u003cp\u003eIn January, we decided to give the T-Mobile service a try. Although their\neligibility webform said our address wasn\u0026rsquo;t eligible, the customer service\nagents said that we were.\u003c/p\u003e\n\u003ch2 id=\"solution\"\u003eSolution\u003c/h2\u003e\n\u003cp\u003eThe Nokia \u0026ldquo;trash can\u0026rdquo; looks like an extremely powerful device, but it\u0026rsquo;s crippled\nby locked down software. There aren\u0026rsquo;t many knobs that you can turn on the device\n\u0026ndash; perfect for my parents, but not great for someone who already has a network\nsetup. In my use, I found there were a few issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNo bridge mode, so it\u0026rsquo;s not exactly a 1:1 replacement for the cable modem.\nThe Nokia device pulls down the IP address from T-Mobile. Using your own\nrouter connected to the Nokia router means you\u0026rsquo;re dealing with a double-NAT\nsetup.\u003c/li\u003e\n\u003cli\u003eThe T-Mobile DNS servers are a bit flaky. Configuring my device to use\nanother DNS server improved this by quite a bit.\u003c/li\u003e\n\u003cli\u003eThe \u003ca href=\"https://www.bufferbloat.net\"\u003eBufferbloat\u003c/a\u003e is pretty bad. When the connection starts to get saturated,\nthe ping times grow substantially.\u003c/li\u003e\n\u003cli\u003eNo ability to setup isolated networks for untrusted devices.\u003c/li\u003e\n\u003cli\u003eThe 5G connection seems to have flaked out over time.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"setup\"\u003eSetup\u003c/h2\u003e\n\u003ch3 id=\"network-overview\"\u003eNetwork Overview\u003c/h3\u003e\n\u003cp\u003eI already have a reasonably well setup home network using an \u003ca href=\"https://www.openwrt.org\"\u003eOpenWRT Based\u003c/a\u003e\n\u003ca href=\"https://www.turris.com/en/omnia/overview/\"\u003eTurris Omnia Router\u003c/a\u003e, with separate IP ranges and WiFI networks for trusted\ndevices, guests and untrusted IoT devices. I also have a nice UniFi Access point\nwhich covers my entire home quite well. Due to this I decided to accept the\npotential headache from double-NAT and put the router behind the T-Mobile\ndevice.\u003c/p\u003e\n\u003cp\u003eT-Mobile doesn\u0026rsquo;t have enough IPv4 addresses available for all of its customers,\nso they run an IPv6-first network and use Carrier Grade NAT (CGNAT) to allow\nmultiple users to share a single IPv4 address. This comes with a performance\nhit. Fortunately IPv6-enabled websites are becoming more and more common. As\nsuch, it is desirable for the devices on my network to be able to have a real\nIPv6 address.\u003c/p\u003e\n\u003cp\u003eI don\u0026rsquo;t pretend to understand IPv6 address allocation perfectly. There are\nmultiple ways in which your device can get an IP address. XFinity supported\n\u0026ldquo;prefix delegation\u0026rdquo; which tells your router that it can feel free to hand out\naddresses in a given range to all of the devices connected to it using a DHCPv6\nserver. Unfortunately, the T-Mobile router doesn\u0026rsquo;t allow delegation to your\nrouter. Fortunately OpenWRT supports a \u0026ldquo;relay\u0026rdquo; mode for IPv6 address allocation.\nIn order to enable this, a few settings need to be changed from the default\nsettings:\u003c/p\u003e\n\u003ch3 id=\"openwrt-omnia-configuration\"\u003eOpenWRT / Omnia Configuration\u003c/h3\u003e\n\u003cp\u003eI had to make some configuration changes to the OpenWRT-based Turris Omnia in order to improve the performance.\u003c/p\u003e\n\u003ch4 id=\"ipv6-relay\"\u003eIPV6 Relay\u003c/h4\u003e\n\u003cp\u003eWhen I plugged the WAN port of the Turris Omnia into the LAN port on the Nokia\nrouter, the Omnia pulled down an IPv4 and IPv6 address. The Omnia proceeded to\nhand out private 192.168.1.0/24 IPv4 addresses to the clients connected to it,\nbut did not assign any IPv6 addresses to the clients.\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://www.reddit.com/r/tmobileisp\"\u003e/r/tmobileisp\u003c/a\u003e subreddit has some good advice on occasion. I ran into a\n\u003ca href=\"https://www.reddit.com/r/tmobileisp/comments/luslbf/how_are_you_getting_around_the_lack_of_ipv6/gpuuim4/\"\u003ecomment from a user\u003c/a\u003e which provided some ideas on how to work around this. The\nfollowing code blocks show the LAN and WAN6 blocks of my /etc/config/dhcp file.\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"code-snippet--WAN6\"\u003e\u003c/a\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;display:grid;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig dhcp \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;lan\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option interface \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;lan\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option start \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;100\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option limit \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;150\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option leasetime \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;12h\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option dhcpv6 \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option ra \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option ndp \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option ra_management \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;1\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list dhcp_option \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;6,192.168.1.1\u0026#39;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003c/p\u003e\n\u003cdiv class=\"src-block-caption\"\u003e\n \u003cspan class=\"src-block-number\"\u003e\u003ca href=\"#code-snippet--WAN6\"\u003eCode Snippet 1\u003c/a\u003e:\u003c/span\u003e\n /etc/config/dhcp WAN settings\n\u003c/div\u003e\n\u003cp\u003e\u003ca id=\"code-snippet--WAN6\"\u003e\u003c/a\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;display:grid;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig dhcp \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;wan6\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option dhcpv6 \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option ra \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003e option ndp \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;relay\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option master \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;1\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option interface \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;wan6\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option start \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;100\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option leasetime \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;12h\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option limit \u003cspan style=\"color:#e6db74\"\u003e\u0026#39;150\u0026#39;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003c/p\u003e\n\u003cdiv class=\"src-block-caption\"\u003e\n \u003cspan class=\"src-block-number\"\u003e\u003ca href=\"#code-snippet--WAN6\"\u003eCode Snippet 2\u003c/a\u003e:\u003c/span\u003e\n /etc/config/dhcp WAN6 settings\n\u003c/div\u003e\n\u003cp\u003eAfter making these changes, the devices on my network were all able to pull IPv6\naddresses down. I believe that they\u0026rsquo;re assigned by the Nokia gateway.\u003c/p\u003e\n\u003ch4 id=\"dns-settings\"\u003eDNS Settings\u003c/h4\u003e\n\u003cp\u003eThe T-Mobile DNS servers are a source of many complaints on Reddit. It seems that they can be a bit overloaded at times. Due to this, I wanted to configure my router\nThe Turris Omnia uses a non-standard DNS resolver called \u003ca href=\"https://www.knot-dns.cz/\"\u003eKnot\u003c/a\u003e. It\u0026rsquo;s written by\nthe same folks who built the Omnia. Most OpenWRT devices seem to use DNSmasq, so\nmost of the documentation online is based around this.\u003c/p\u003e\n\u003cp\u003eIn the \u0026ldquo;Foris\u0026rdquo; simplified management interface on the Omnia, you can select the DNS server you would like your router to use.\u003c/p\u003e\n\u003cp\u003eI chose to use the Cloudflare DNS servers due to their \u003ca href=\"https://www.cloudflare.com/application/privacypolicy/\"\u003ereasonable privacy\npolicy.\u003c/a\u003e Their IPv4 endpoints are 1.1.1.1 and 1.0.0.1. In addition, they provide\nIPv6 endpoints at 2606:4700:4700::1111 and 2606:4700:4700::1001. They also have\nend points which provide adult content and malware filtering.\u003c/p\u003e\n\u003cp\u003eI believe that I had to add in the IPv6 endpoints into the following file:\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"code-snippet--WAN6\"\u003e\u003c/a\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;display:grid;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ename\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;99_cloudflare.conf\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003edescription\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;Cloudflare (TLS)\u0026#34;\u003c/span\u003e-0t5f4rdas9T4rewq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eenable_tls\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;1\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eport\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;853\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003eipv4\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;1.1.1.1 1.0.0.1\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex; background-color:#3c3d38\"\u003e\u003cspan\u003eipv6\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;2606:4700:4700::1111 2606:4700:4700::1001\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eca_file\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;/etc/ssl/certs/ca-certificates.crt\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ehostname\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;cloudflare-dns.com\u0026#34;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003c/p\u003e\n\u003cdiv class=\"src-block-caption\"\u003e\n \u003cspan class=\"src-block-number\"\u003e\u003ca href=\"#code-snippet--WAN6\"\u003eCode Snippet 3\u003c/a\u003e:\u003c/span\u003e\n /etc/resolver/dns_servers/99_cloudflare.conf\n\u003c/div\u003e\n\u003ch4 id=\"bufferbloat\"\u003eBufferBloat\u003c/h4\u003e\n\u003cp\u003e\u003ca href=\"https://en.wikipedia.org/wiki/Bufferbloat\"\u003eBufferbloat\u003c/a\u003e is a condition where the latency of a network connection increases\ndramatically under load. This can make applications which are time sensitive\nlike video and voice chat malfunction when the network connection is loaded.\u003c/p\u003e\n\u003cp\u003eThe Nokia router does not seem to have any mitigations in place for this, so I\nenabled Smart Queue Management (SQM) on the Omnia. In general, this trades off a\nbit of maximum throughput for more consistent latency performance.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;m using the CAKE queueing algorithm, \u003ca href=\"https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm\"\u003eas described in this article on the\nOpenWRT website\u003c/a\u003e. This did make a notable improvement in the bufferbloat\nperformace.\u003c/p\u003e\n\u003ch3 id=\"external-access\"\u003eExternal Access\u003c/h3\u003e\n\u003cp\u003eUnfortunately, the T-Mobile service does not provide a publicly routable address\nwhich means that remotely accessing local resources is a challenge. There are\nonline services which can mitigate this. One option would have been to connect\nrouter to a server with a public IP address and use that host as a means of\nconnecting to local servers. There are some other commercial solutions. I\nsettled on one called Tailscale at the recommendation of tptacek on Hacker News.\nSo far it works well on all of my devices. Occasionally I will need to open the\napp on my iOS devices to reconnect, but that\u0026rsquo;s all.\u003c/p\u003e\n\u003ch2 id=\"concerns\"\u003eConcerns\u003c/h2\u003e\n\u003cp\u003eAlthough T-Mobile has been reasonable enough to work with commercially, they\nhave had a history of concerning privacy practices. In 2018, \u003ca href=\"https://www.vice.com/en/article/d3mjvy/tmobile-phone-location-data-abuse-senator-ron-wyden\"\u003ethey were caught\nselling location data to data brokers who then resold to a number of unsavory\nparties including bounty hunters.\u003c/a\u003e Supposedly this practice has stopped, but they\nhave not ever responded to my requests to confirm whom my location data was\nshared with.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.vox.com/recode/22325420/t-mobile-verizon-att-ad-targeting-data\"\u003eIn addition, they have recently launched an ad platform which leverages your\nbrowsing history to target ads.\u003c/a\u003e There is an opt-out which I suggest everyone\ntake advantage of, but you shouldn\u0026rsquo;t need to opt-out to this kind of nonsense.\nIt should simply be illegal.\u003c/p\u003e\n\u003cp\u003eWith all of my complaints about Comcast, they were definitely better on this\nfront. Depending on how things evolve with T-Mobile, this might end up being a\nreason to switch back.\u003c/p\u003e\n\u003ch2 id=\"conclusion\"\u003eConclusion\u003c/h2\u003e\n\u003cp\u003eWe\u0026rsquo;ve been running the service for approximately a month, and it\u0026rsquo;s been fine.\nGood enough that we canceled our Comcast service. For whatever reason, we only\npull a 5G signal sporadically so most of our data are transferring over LTE.\nDespite that, we get approximately 50Mpbs down / 50Mbps up rather consistently\nwhen connected directly to the Nokia \u0026ldquo;trash can\u0026rdquo; either via Wifi or plugged in.\nOn the occasions when the device pulls a 5G connection, the download speed\nincreases to around 200Mbps.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;m looking forward to seeing what T-Mobile brings us with future network and\nsoftware upgrades. I\u0026rsquo;m hoping that they will make positive steps to address the\nprivacy considerations.\u003c/p\u003e\n\u003cp\u003eI think that our long term relationship with T-Mobile may hinge on their\nimproving their privacy practices. Hopefully they will come to the light and\nstart to protect customer data better.\u003c/p\u003e\n" }, { "title": "Setting up a UPS for a home lab", "date_published": "2021-01-23T00:00:00Z", "date_modified": "2021-01-23T00:00:00Z", "id": "https://bostonenginerd.com/posts/home-ups/", "url": "https://bostonenginerd.com/posts/home-ups/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eAfter a recent power outage at our house, I purchased a UPS to help keep the\ninternet online the next time. In addition, we noticed that when there was an\noutage the power tended to come on and off multiple times before stabilizing.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;ve been trying to buy products from brick and mortar stores rather than Amazon\ndue to the \u003ca href=\"https://www.latimes.com/business/technology/la-fi-tn-amazon-counterfeits-20180928-story.html\"\u003eprevalence of counterfeit products mixed in with legitimate goods.\u003c/a\u003e In\nour area, \u003ca href=\"https://www.microcenter.com/\"\u003eMicrocenter\u003c/a\u003e tends to be a decent option for computer and maker related\nitems. They offer a price match which removes the downside of purchasing in-person.\u003c/p\u003e\n\u003cp\u003eI ended up purchasing a \u003ca href=\"https://www.cyberpowersystems.com/product/ups/battery-backup/le1000dg/\"\u003eCyberpower LE1000DG UPS\u003c/a\u003e. There were other options, but\nthis one seemed reasonable enough. When I got it home, I discovered that there\nwas a USB port on it. This port allows a computer to monitor the status of the\nUPS. I thought this was pretty neat, as it would allow me to automatically\ncleanly power down devices selectively depending on how long the outage lasts\nfor.\u003c/p\u003e\n\u003cp\u003eThe router we use at home is a \u003ca href=\"https://www.turris.com/en/omnia/overview/\"\u003eTurris Omnia\u003c/a\u003e. \u003ca href=\"https://cz.nic\"\u003eCZ.NIC\u003c/a\u003e, a Czech ISP created the\ndevice for use as the digital center for homes. The device has a moderately fast\nCPU, generous RAM and eMMC memory and allows the use of an m-SATA SSD to expand\nthe storage available on the device. Having the high spec allows the router to\nshare a few roles like running a \u003ca href=\"https://www.wireguard.com\"\u003eWireguard VPN\u003c/a\u003e, an \u003ca href=\"https://openvpn.net%20\"\u003eOpenVPN VPN\u003c/a\u003e, print server, or\n\u003ca href=\"https://www.nextcloud.com\"\u003eNextCloud server\u003c/a\u003e. It even has the capability to run \u003ca href=\"https://www.linuxcontainers.org\"\u003eLinux Containers\u003c/a\u003e using LXD.\u003c/p\u003e\n\u003cp\u003eThe software on the devices is \u003ca href=\"https://www.openwrt.org\"\u003eOpenWRT\u003c/a\u003e based which means there is a lot of\npackaged software available. One of the packages available is the \u003ca href=\"https://networkupstools.org/\"\u003eNetwork UPS\nTools (NUT)\u003c/a\u003e package. This package consists of two parts:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enut_server - a daemon which connects to the UPS hardware.\u003c/li\u003e\n\u003cli\u003enut_monitor - a daemon which periodically communicates with the nut_server to\nget the status of the hardware.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"software-installation\"\u003eSoftware installation\u003c/h2\u003e\n\u003cp\u003eFortunately, OpenWRT packages the NUT software and provides a \u003ca href=\"https://openwrt.org/docs/guide-user/services/ups/software.nut\"\u003enice wiki page\u003c/a\u003e. I find using the command line\ninterface more convenient than using the LuCi web interface to install and\nconfigure packages.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026gt; opkg update\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026gt; opkg install nut nut-common nut-upsmon nut-upscmd nut-server nut-driver-usbhid-ups\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eFor space reasons, OpenWRT splits out the drivers from the NUT software. \u003ca href=\"https://networkupstools.org/stable-hcl.html\"\u003eThe\ndriver / UPS pairings are on the NUT website\u003c/a\u003e. For the LE1000DG UPS, the correct\ndriver is the USB-HID one.\u003c/p\u003e\n\u003cp\u003eAfter installing the software, we need to setup the configuration.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig driver_global \u0026#39;driver_global\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option user \u0026#39;nut\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig driver \u0026#39;ups\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option driver \u0026#39;usbhid-ups\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option port \u0026#39;auto\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option pollinterval \u0026#39;15\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig user\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option username \u0026#39;upsuser\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option password \u0026#39;1337p455w0rd\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option upsmon \u0026#39;master\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig listen_address\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option port \u0026#39;3493\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option address \u0026#39;192.168.1.1\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig upsd \u0026#39;upsd\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option maxage \u0026#39;15\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option statepath \u0026#39;/var/run/nut\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option maxconn \u0026#39;1024\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option runas \u0026#39;nut\u0026#39;\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig upsmon \u0026#39;upsmon\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option hostsync \u0026#39;15\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option deadtime \u0026#39;25\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option notifycmd \u0026#39;/usr/sbin/sms.sh\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option onlinemsg \u0026#39;UPS %s on line power\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option onbattmsg \u0026#39;UPS %s on battery\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option lowbattmsg \u0026#39;UPS %s battery is low\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option fsdmsg \u0026#39;UPS %s: forced shutdown in progress\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option commokmsg \u0026#39;Communications with UPS %s established\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option commbadmsg \u0026#39;Communications with UPS %s lost\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option shutdownmsg \u0026#39;Auto logout and shutdown proceeding\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option replbattmsg \u0026#39;UPS %s battery needs to be replaced\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option nocommmsg \u0026#39;UPS %s is unavailable\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option noparentmsg \u0026#39;upsmon parent process died - shutdown impossible\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option lowbattnotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option commoknotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option commbadnotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option shutdownnotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option nocommnotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option noparentnotify \u0026#39;EXEC+SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list onlinenotify \u0026#39;EXEC\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list onlinenotify \u0026#39;SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list onbattnotify \u0026#39;EXEC\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list onbattnotify \u0026#39;SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list fsdnotify \u0026#39;EXEC\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list fsdnotify \u0026#39;SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list replbattnotify \u0026#39;EXEC\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e list replbattnotify \u0026#39;SYSLOG\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003econfig master\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option upsname \u0026#39;ups\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option port \u0026#39;3493\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option powervalue \u0026#39;1\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option username \u0026#39;upsuser\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option password \u0026#39;1337p455w0rd\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e option hostname \u0026#39;192.168.1.1\u0026#39;\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eIn the upsmon configuration section, note the \u0026ldquo;notifycmd\u0026rdquo; line. This line calls\na user defined program to do something when an event happens. In my case, I\u0026rsquo;m\nusing \u003ca href=\"https://developer.flowroute.com/api/messages/v2.1/send-an-sms/\"\u003eFlowroute\u0026rsquo;s SMS API\u003c/a\u003e to send me a text when the power goes out and back on.\u003c/p\u003e\n\u003cp\u003eThe SMS script uses curl with the access token and API jey to send a message\npassed in as an argument. The text of the message is from the \u0026ldquo;onlinemsg\u0026rdquo;,\n\u0026ldquo;onbatterymsg\u0026rdquo; and other similar lines.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#75715e\"\u003e#!/usr/bin/env bash\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#75715e\"\u003e\u003c/span\u003eset -euo pipefail\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eACCESS\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;API_ACCESS_TOKEN\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eKEY\u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e\u003cspan style=\"color:#e6db74\"\u003e\u0026#34;API_KEY\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecurl https://api.flowroute.com/v2.1/messages \u003cspan style=\"color:#ae81ff\"\u003e\\\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#ae81ff\"\u003e\u003c/span\u003e-u $ACCESS:$KEY -X POST \u003cspan style=\"color:#ae81ff\"\u003e\\\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#ae81ff\"\u003e\u003c/span\u003e-H \u003cspan style=\"color:#e6db74\"\u003e\u0026#34;Content-Type: application/json\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#ae81ff\"\u003e\\\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#ae81ff\"\u003e\u003c/span\u003e-d \u003cspan style=\"color:#e6db74\"\u003e\u0026#34;{\\\u0026#34;to\\\u0026#34;:\\\u0026#34;TONUMBER\\\u0026#34;\\\u0026#34;,\\\u0026#34;from\\\u0026#34;:\\\u0026#34;FROMNUMBER\\\u0026#34;, \\\u0026#34;body\\\u0026#34;:\\\u0026#34;\u003c/span\u003e$1\u003cspan style=\"color:#e6db74\"\u003e\\\u0026#34;}\u0026#34;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eReplace the API_ACCESS_TOKEN, API_KEY, FROMNUMBER and TONUMBER with the appropriate values for your environment. So far this has worked quite well for me!\u003c/p\u003e\n\u003cp\u003eNow that we have communication with the UPS and notifications sorted out, the\nnext step is to configure other computers running on the UPS to power down\nsafely when the power goes out. The threshold for each device should depend on\nhow critical a service is.\u003c/p\u003e\n\u003cp\u003eOn my network, I have a small fileserver that I\u0026rsquo;d like to shut down when the power goes off. This machine is running a recent LTS version of Ubuntu.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ sudo apt install nut-client\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eThis installs a client which can communicate with the nut server running on the router. The installed configuration file (/etc/nut/nut.conf) has a lot of comments in it, but the key line is the following:\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"org-example-block---etc-nut-nut.conf\"\u003e\u003c/a\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMODE=netclient\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003c/p\u003e\n\u003cp\u003eThe /etc/upsmon.conf file should include the following lines:\u003c/p\u003e\n\u003cp\u003e\u003ca id=\"org-example-block---etc-upsmon.conf\"\u003e\u003c/a\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMONITOR ups@192.168.1.1 1 upsuser 1337p455w0rd slave\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSHUTDOWNCMD \u0026#34;/sbin/shutdown -h +0\u0026#34;\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003c/p\u003e\n\u003cp\u003eThe \u0026ldquo;slave\u0026rdquo; designation indicates that the system should power down when the UPS\nlevel is critical. You can call out a custom shutdown script to perform some\nactions prior to shutting down.\u003c/p\u003e\n\u003ch2 id=\"final-thoughts\"\u003eFinal Thoughts\u003c/h2\u003e\n\u003cp\u003eThis setup has been running at my house for several months now, and worked as designed during a power outage. My file server shut itself down, preserving power for my cable modem, wireless access points and my router.\u003c/p\u003e\n" }, { "title": "GE Profile Stove turning on by itself", "date_published": "2021-01-02T10:30:00-05:00", "date_modified": "2024-08-10T22:51:52-04:00", "id": "https://bostonenginerd.com/posts/stoveonfire/", "url": "https://bostonenginerd.com/posts/stoveonfire/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003ePrior to moving in our house, we replaced the old coil burner stove with a nice\nfancy GE Profile Induction range - their PHS930SL2SS model. I grew up with a\ncoil burner and don\u0026rsquo;t really want to relive the experience! Overall, we\u0026rsquo;ve been\nhappy with the stove, but we\u0026rsquo;ve had several issues addressed under warranty -\nmostly minor.\u003c/p\u003e\n\u003cp\u003eMinor issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe convection fan\u0026rsquo;s nut came loose and it flew off while cooking - easy repair.\u003c/li\u003e\n\u003cli\u003eThe temperature probe and jack required replacement after some usage - easy repair.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eHowever, we have had one major issue with the stove \u0026ndash; \u003cstrong\u003ewhile using the oven,\nthe induction burners on the left side will turn themselves on.\u003c/strong\u003e When this\nhappens, the burner controls for the misbehaving burners won\u0026rsquo;t work reliably. In\norder to turn the burners off you have to engage the \u0026ldquo;lock mode\u0026rdquo; on the stove,\nwhich has the unfortunate but understandable side effect of turning off the\noven. This has happened many times over the past year - and has persisted even\nafter a new control panel.\u003c/p\u003e\n\u003cp\u003eA video of the issue occurring:\u003c/p\u003e\n \u003cvideo width=\"320\" height=\"240\" controls\u003e\n \u003csource src=\"/images/inductionstove/stove.mp4\" type=\"video/mp4\"\u003e\n Your browser does not support the video tag.\n\u003c/video\u003e\n\u003cp\u003eIn the video, the burners pop on and off \u0026ndash; but we\u0026rsquo;ve also had them turn on and\nset to a particular level. When this happens it\u0026rsquo;s difficult to turn them off\nunless you use the \u0026ldquo;panel lock\u0026rdquo;.\u003c/p\u003e\n\u003cp\u003eWe have noticed that this state is most likely to occur when we\u0026rsquo;re cooking food\nwhich lets off moisture in the oven using convection mode - roasted potatoes are\na frequent culprit. Often times there will be a lot of steam which comes out of\nthe oven when you open it. There are ventilation holes on the left side of the stove\ndirectly above the oven opening. Our theory is that this hot moist air comes up\nthrough the ventilation holes and condenses on the backside of the control\npanel. The condensed water droplets can cause phantom touches on the capacitive\ntouch screen.\u003c/p\u003e\n\u003cp\u003eWe contacted GE about this and have filed a report with the \u003ca href=\"https://www.cpsc.gov/\"\u003eConsumer Product\nSafety Commission\u003c/a\u003e since this is dangerous - if there is a pan on the stove, it\ncould heat uncontrollably. Just before the holidays, GE Appliance (a division of\nHaier) Corporate reached out. I provided them with all of our findings. It will\nbe interesting to see what they come back with in the New Year.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;ll update this post as new information comes.\u003c/p\u003e\n\u003ch2 id=\"update\"\u003eUpdate \u003cspan class=\"timestamp-wrapper\"\u003e\u003cspan class=\"timestamp\"\u003e\u0026lt;2021-01-23 Sat\u0026gt;\u003c/span\u003e\u003c/span\u003e\u003c/h2\u003e\n\u003cp\u003eGE Appliances got in touch with me a short while ago and they have replaced the stove with their latest production model free of charge. We haven\u0026rsquo;t had a chance to use it much yet - but it seems fine so far.\u003c/p\u003e\n\u003cp\u003eThe most interesting part about it is that the new \u0026ldquo;Air Fryer\u0026rdquo; mode requires a WiFi connection. It\u0026rsquo;s not clear why this is, as there are no extra sensors or anything like that used. It worries me that they could shut off whatever service it\u0026rsquo;s using in the future and brick that feature.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;ll try to put a more thorough review together sometime soon.\u003c/p\u003e\n" }, { "title": "Chevy Volt Air Filter - The manual is wrong!", "date_published": "2020-10-18T20:39:00-04:00", "date_modified": "2024-08-10T22:51:52-04:00", "id": "https://bostonenginerd.com/posts/voltfilter/", "url": "https://bostonenginerd.com/posts/voltfilter/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eAfter our old Ford Fusion went for a swim in a rainstorm, we brought home a 2016\nChevy Volt. We\u0026rsquo;ve enjoyed driving the car over the past year. It\u0026rsquo;s a lot of fun\nto drive - and we really appreciate almost never needing to stop at a gas\nstation. My wife likes the car as well.\u003c/p\u003e\n\u003cp\u003eWe\u0026rsquo;re coming up on the 45,000mi service checkpoint. In general, electic vehicles\ndon\u0026rsquo;t have much to maintain. At this checkpoint, GM suggests changing the engine\nair filter and the passenger cabin air filter.\u003c/p\u003e\n\n\u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/images/volt/volt_maintenence.png\" loading=\"lazy\" alt=\"2016 Volt Maintenance Schedule\" width=\"400\" height=\"170\"\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eThe usual first step in changing the air filter was to check the user manual.\nAccording to the \u003ca href=\"https://my.chevrolet.com/content/dam/gmownercenter/gmna/dynamic/manuals/2016/Chevrolet/Volt/2k16volt1stPrint.pdf\"\u003emanual available from the Chevy website\u003c/a\u003e, the correct part\nnumber is an AC Delco Part A3148C.\u003c/p\u003e\n\n\u003cfigure class=\"image\"\u003e\n\u003cimg src=\"/images/volt/volt_parts.png\" loading=\"lazy\" alt=\"2016 Volt Spare Parts List\" width=\"400\" height=\"141\"\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eWhen I searched all of the typical automotive supply companies - AutoZone,\nO\u0026rsquo;Reilly, RockAuto, they all showed a different part as the correct one. Digging\ninto this further, I found this thread on an online Volt forum. It turns out the\nmanual is incorrect. It seems that they never updated the manual\nwhen they released the Gen2 car in 2016. \u003cstrong\u003eThe correct part is AC Delco A3217C\u003c/strong\u003e.\u003c/p\u003e\n\u003ctable\u003e\n \u003cthead\u003e\n \u003ctr\u003e\n \u003cth\u003eModel Year\u003c/th\u003e\n \u003cth\u003eGeneration\u003c/th\u003e\n \u003cth\u003eAir Filter Part\u003c/th\u003e\n \u003cth\u003eCabin Air Filter\u003c/th\u003e\n \u003c/tr\u003e\n \u003c/thead\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd\u003e2012\u003c/td\u003e\n \u003ctd\u003e1\u003c/td\u003e\n \u003ctd\u003eAC Delco A3148C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2013\u003c/td\u003e\n \u003ctd\u003e1\u003c/td\u003e\n \u003ctd\u003eAC Delco A3148C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2014\u003c/td\u003e\n \u003ctd\u003e1\u003c/td\u003e\n \u003ctd\u003eAC Delco A3148C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2015\u003c/td\u003e\n \u003ctd\u003e1\u003c/td\u003e\n \u003ctd\u003eAC Delco A3148C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2016\u003c/td\u003e\n \u003ctd\u003e2\u003c/td\u003e\n \u003ctd\u003eAC Delco A3217C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2017\u003c/td\u003e\n \u003ctd\u003e2\u003c/td\u003e\n \u003ctd\u003eAC Delco A3217C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2018\u003c/td\u003e\n \u003ctd\u003e2\u003c/td\u003e\n \u003ctd\u003eAC Delco A3217C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003e2019\u003c/td\u003e\n \u003ctd\u003e2\u003c/td\u003e\n \u003ctd\u003eAC Delco A3217C\u003c/td\u003e\n \u003ctd\u003eAC Delco CF185\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eConsidering how few parts are actually replaced during maintenence on the Volt,\nI\u0026rsquo;m surprised they had the same misprint two years in a row! Moreover, this\nisn\u0026rsquo;t documented in any errata that I could find. Of course, GM will\nlean on the information in the manual to deny warranty coverage.\u003c/p\u003e\n\u003cp\u003eHopefully this post will save some time for someone out there!\u003c/p\u003e\n" }, { "title": "Happy New Year!", "date_published": "2018-12-31T23:39:00-05:00", "date_modified": "2024-08-10T22:51:52-04:00", "id": "https://bostonenginerd.com/posts/happy-new-year-2019/", "url": "https://bostonenginerd.com/posts/happy-new-year-2019/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eHappy New Year to All!\u003c/p\u003e\n\u003cp\u003eWe have a lot to be thankful for this year - loving family, good job,\netc. There\u0026rsquo;s an awful lot wrong with the world, but there\u0026rsquo;s an awful\nlot that\u0026rsquo;s improving also. [1]\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;m looking forward to doing my part to keep the ship afloat for another\nyear!\u003c/p\u003e\n\u003cp\u003e[1] \u003ca href=\"https://www.csmonitor.com/World/Progress-Watch\"\u003ehttps://www.csmonitor.com/World/Progress-Watch\u003c/a\u003e\n**\u003c/p\u003e\n" }, { "title": "Paypal cutting off VPN services", "date_published": "2016-02-06T00:06:00-05:00", "date_modified": "2024-08-10T22:51:50-04:00", "id": "https://bostonenginerd.com/posts/paypal-cutting-off-vpn-services/", "url": "https://bostonenginerd.com/posts/paypal-cutting-off-vpn-services/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI saw recently that Paypal would start blocking VPN and SmartDNS\nservices. Their rationale is that VPN services can be used for\ncopyright infringement.\u003c/p\u003e\n\u003cp\u003eThey are correct in that VPN services \u003cem\u003ecan\u003c/em\u003e be used for copyright\ninfringement \u0026ndash; they can be used to shield your IP address from others\nand to make it appear that your traffic is coming from some other\nlocation. However, this isn\u0026rsquo;t the only use of a VPN service. I use a VPN\nservice to shield my traffic from being intercepted and modified by my\nlocal Internet providers.\u003c/p\u003e\n\u003cp\u003eAs an example, several years back, I stayed in the Fairmont SFO for a\nwork trip. The Fairmont is a beautiful hotel with very nice service.\nUnfortunately their WiFi service insists on injecting advertising frames\ninto all of the non-SSL secured websites that you visit. I immediately\nsigned up for a VPN service to protect against this.\u003c/p\u003e\n\u003cp\u003eOther providers have a history of similar behavior \u0026ndash; see the\n\u003ca href=\"https://www.eff.org/deeplinks/2014/11/verizon-x-uidh\"\u003eVZW PermaCookie\nscandal\u003c/a\u003e from a few years back. I\u0026rsquo;ve also heard that AT\u0026amp;T\u0026rsquo;s broadband\nservice is rolling out similar programs. From what I can tell, it seems\nthat your local ISP should be treated as a potentially hostile actor.\u003c/p\u003e\n\u003cp\u003eMoreover if you\u0026rsquo;re using an open wireless access point, all your traffic\nis being transmitted in the clear. Everyone can see what you\u0026rsquo;re\ntransmitting and what sites you are visiting. A VPN can also be used to\nprotect against this.\u003c/p\u003e\n\u003cp\u003eMy use of a VPN is to secure my Internet traffic from my local internet\nprovider \u0026ndash; either at my home or using the open WiFi at coffeeshops and\nhotels, not for copyright infringement.\u003c/p\u003e\n\u003cp\u003eI believe that PayPal is mistaken in this case \u0026ndash; VPNs have substantial\nnon-infringing uses and should not be shut down because some users use\nthem to pirate TV shows.\u003c/p\u003e\n" }, { "title": "Letter to the White House regarding cryptography.", "date_published": "2016-01-15T00:00:00-05:00", "date_modified": "2024-08-10T22:51:50-04:00", "id": "https://bostonenginerd.com/posts/letter-to-the-white-house-regarding-cryptography/", "url": "https://bostonenginerd.com/posts/letter-to-the-white-house-regarding-cryptography/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eBack in December, Ed Felten and the White House asked for \u003ca href=\"https://petitions.whitehouse.gov/response/we-want-hear-you-encryption\"\u003epublic\ncomment\u003c/a\u003e on the EFF\u0026rsquo;s pro-cryptography petition. This is the letter\nthat I had sent. I urge you to file a comment.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDr. Felten and President Obama,\u003c/p\u003e\n\u003cp\u003eI strongly urge you to support the unfettered deployment of strong\nencryption without compromise or backdoors.\u003c/p\u003e\n\u003cp\u003eThe fact of the matter is that people have a right to be secure in\ntheir persons, papers and effects. The UN Declaration of Human Rights,\nto which the United States is a signatory specifies in Article 12 that\n\u0026ldquo;No one shall be subjected to arbitrary interference with his privacy,\nfamily, home or correspondence, nor to attacks upon his honour and\nreputation.\u0026rdquo; In today\u0026rsquo;s world, strong encryption is a necessary\ncomponent to prevent arbitrary interference with our privacy and\ncommunications \u0026ndash; by both state and commercial actors.\u003c/p\u003e\n\u003cp\u003eAt the end of the first Cryptowar in the late 1990s, we decided that\nthe risk of not deploying strong encryption outweighed any potential\nof criminal usage. All the known ways of reducing the strength of\nencryption algorithms have one intractable problem \u0026ndash; math has no way\nto only allow the \u0026ldquo;good guys\u0026rdquo; to decrypt communication without\nproviding similar capability to the \u0026ldquo;bad guys\u0026rdquo; \u0026ndash; repressive nations\nand criminals. None of these techniques work; smarter people than I\nhave been saying this for many years \u0026ndash; see the work by Bruce\nSchneier, Matthew Green, and even you Professor Felton. As you pointed\nout last March on the Freedom to Tinker blog, the FREAK attack shows\nthat we\u0026rsquo;re still dealing with the fallout of the weakened cryptography\nof yesteryear. [1]\u003c/p\u003e\n\u003cp\u003eEven assuming that there was some way to design a system in which the\nstate could retain access as needed, how does one determine who has\naccess? Is it only for the Five Eyes or NATO nations? Or will the\nwhole world have access? Despite NSA Director Rogers\u0026rsquo; assurance that\n\u0026ldquo;we can work through this\u0026rdquo;, I\u0026rsquo;m not so sure.[2]\u003c/p\u003e\n\u003cp\u003eSilent Circle\u0026rsquo;s Jon Callas pointed out a flaw in this: \u0026ldquo;We said in\npublic we would not tolerate bad people subscribing to our service,\u0026rdquo;\nhe said. \u0026ldquo;We also know that what that really means is really kind of\nsquishy. Let me give you an example: Let\u0026rsquo;s take the Dalai Lama. We\nsupply communications services to the government of Tibet. Is the\ngovernment of Tibet good guys or bad guys? We made the decision the\nDalai Lama is a good guy, but if you ask the Chinese, they\u0026rsquo;re bad\nguys.\u0026rdquo; [3]\u003c/p\u003e\n\u003cp\u003eThe United States should be leading the charge for private\ncommunications, not working to prevent this. Many politicians have\ninvoked the image of the \u0026ldquo;Shining City on a Hill\u0026rdquo; as a proxy for\nAmerican Exceptionalism. We should strive to live up to this dream\n\u0026ndash; and not adopt the techniques of repressive nations for a\npurported short term gain. The Snowden documents have shone a light\ninto a dark place. Let\u0026rsquo;s use this as an opportunity to live up to\nthe best images of ourselves.\u003c/p\u003e\n\u003cp\u003eThank you, Merry Christmas and Happy Holidays,\u003c/p\u003e\n\u003cp\u003e1:\n\u003ca href=\"https://freedom-to-tinker.com/blog/felten/freak-attack-the-chickens-of-90s-crypto-restriction-come-home-to-roost/\"\u003ehttps://freedom-to-tinker.com/blog/felten/freak-attack-the-chickens-of-90s-crypto-restriction-come-home-to-roost/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e2:\n\u003ca href=\"https://www.washingtonpost.com/news/the-switch/wp/2015/02/23/heres-how-the-clash-between-the-nsa-director-and-a-senior-yahoo-executive-went-down/\"\u003ehttps://www.washingtonpost.com/news/the-switch/wp/2015/02/23/heres-how-the-clash-between-the-nsa-director-and-a-senior-yahoo-executive-went-down/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e3:\n\u003ca href=\"http://www.csmonitor.com/World/Passcode/2015/1217/Tech-firms-push-back-on-reactionary-politics-following-terror-attacks\"\u003ehttp://www.csmonitor.com/World/Passcode/2015/1217/Tech-firms-push-back-on-reactionary-politics-following-terror-attacks\u003c/a\u003e\u003c/p\u003e\u003c/blockquote\u003e\n" }, { "title": "Vizio Privacy Policies", "date_published": "2015-11-21T21:21:00-05:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/vizio-privacy-policies/", "url": "https://bostonenginerd.com/posts/vizio-privacy-policies/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI recently came into possession of a nice new Vizio Smart TV. It\u0026rsquo;s\npretty nice - 1080p, Netflix, etc. As part of the process for\nconnecting the television to the internet, they made you agree to a\nnumber of different license agreements and privacy policies. In a fit\nof UX mastery, they did not show the privacy and license agreements on\nthe television, instead instructing you to type a long URL into your\nweb browser and reading the policies there. Nevertheless, they\ninsisted upon your agreement before connecting to the Internet.\u003c/p\u003e\n\u003cp\u003eFor fun, I decided to look up the privacy polices that I was agreeing\nto. There are some interesting bits there. The whole Vizio privacy can\nbe found \u003ca href=\"http://www.vizio.com/privacy/\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVIZIO, Inc. and its affiliates (\u0026ldquo;VIZIO\u0026rdquo; or \u0026ldquo;we\u0026rdquo;) respect your\nprivacy. Your privacy is a priority at VIZIO, and we take\nresponsible measures to protect it.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWhew! I was really concerned that they didn\u0026rsquo;t care about my privacy!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThis Privacy Policy also contains information on Smart\nInteractivity, a feature on Internet-connected televisions that\nrecognizes onscreen content and may in the future permit you to\ninteract with this content. You have the option in your television\u0026rsquo;s\nsettings menu to disable this feature, which is set to \u0026ldquo;on\u0026rdquo; by\ndefault. As part of Smart Interactivity, VIZIO may collect and use\nanonymous viewing data associated with your television. VIZIO\u0026rsquo;s\ncollection and use of this viewing data is described below in the\nSmart Interactivity Supplement to the Privacy Policy.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe turn on data gathering by default for your convenience!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eBy accessing and using VIZIO products and services, you agree to\naccept the terms and conditions of this Privacy Policy, and you\nconsent to our use and disclosure of the information collected by us\nor submitted to us. You also acknowledge that you are aware that\nthis policy may change over time. The effective date of this Privacy\nPolicy is stated above.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe can change it whenever we want and if you don\u0026rsquo;t like it, you can\u0026rsquo;t\nuse your television.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWHAT INFORMATION WE COLLECT Non-Personal or Anonymous Information.\nNon-Personal or Anonymous Information. We also collect data in a\nform that does not, on its own, permit direct association with any\nspecific individual. We consider this Non-Personal or Anonymous\nInformation. We may collect, use, transfer, and disclose\nNon-Personal Information for any purpose. Examples of Non-Personal\nInformation we collect, use and share include the IP address you use\nto connect your Internet-connected products, your ZIP code, the\nonline services you visit, as well as information about your VIZIO\nproduct such as MAC addresses, product model numbers, hardware and\nsoftware versions, chipset IDs, and region and language settings. We\nalso collect information about the products you request or purchase,\nthe presence of other devices connected to your local network, and\nthe number of users and frequency of use of VIZIO products and\nservices. VIZIO also collects Anonymous Information regarding\ncustomer activities on our websites, on Internet-connected products\nand services, and on VIZIO\u0026rsquo;s Internet store.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe respect your privacy by collecting non-personal things like your IP\naddress, location, as well as the online services (websites?) you\nvisit! In addition, we portscan your network and send the information\nback to our servers. Do they also index the filex you have shared on\nyour Samba server?\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eCookies. VIZIO uses session and persistent \u0026ldquo;cookies\u0026rdquo; to collect\ninformation when you visit VIZIO\u0026rsquo;s website or online store, and uses\npixel tags (also known as pixels or web beacons) to place and read\nthese cookies. A cookie is a small data file that VIZIO transfers to\nyour device and is stored locally on your device. Cookies are used\nby thousands of websites in order to enhance the website\nexperience. When you visit VIZIO\u0026rsquo;s websites, we use cookies to\nidentify your device so that you do not have to re-register each\ntime you visit, and we use them to anonymously measure the traffic\nto our site and its different services and features. We also\ncontract with third party service providers who use anonymous\ncookies to tag visitors to our online store and website. These\ncookies may be persistent, which means that they enable us to track\nand target the interests of our users to enhance the experience on\nour partners\u0026rsquo; websites. Persistent cookies remain on your local\nstorage for an extended period of time. If you have one of these\npersistent cookies, you may see advertisements for our products\ndisplayed on other publishers\u0026rsquo; websites which you visit. Your\nbrowser contains features to help you manage cookies. You may remove\nor prevent placement of cookies by following the directions provided\nin your browser\u0026rsquo;s \u0026ldquo;help\u0026rdquo; file.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eI guess this is fairly standard these days on websites. uBlock and\nPrivacy Badger seem to do a reasonable enough job of filtering out ads\non the Internet.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eViewing Data. As part of Smart Interactivity, VIZIO also collects\nspecific information relating to your viewing of content on\nInternet-connected devices. This data is referred to as \u0026ldquo;Viewing\nData.\u0026rdquo; This collection of Viewing Data is described under the “Smart\nInteractivity Supplement to the Privacy Policy“ below.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe watch what you watch. For your convenience.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eViewing Data. The use of Viewing Data, including Viewing Data\ncombined with IP addresses or Non-Personal or Anonymous Information,\nis described under the \u0026ldquo;Smart Interactivity Supplement to the\nPrivacy Policy\u0026rdquo; below.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe combine that non-identifying data with the content that you watch for\nsome reason.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHOW WE PROTECT INFORMATION\u003c/p\u003e\n\u003cp\u003eProtective Measures. VIZIO has implemented systems designed to\nmaintain the confidentiality of the Personal Information that it\ncollects. VIZIO maintains internal practices designed to protect the\nsecurity and confidentiality of this information by, among other\nthings, limiting employee access to and use of this\ninformation. When you provide VIZIO with sensitive Personal\nInformation such as credit card numbers over the Internet, we\nencrypt your transmissions using SSL (\u0026ldquo;Secure Sockets Layer\u0026rdquo;), and\nother industry standard security technology. While no one can\nguarantee the security of a website, Internet transmission, computer\nsystem or wireless connection, we do employ common safeguards\nintended to mitigate the risk of unauthorized access or disclosure\nof the Personal Information we store or handle. We keep such\ninformation on servers located in controlled facilities that are\nprotected by firewalls and employ other technical measures designed\nto prevent intrusion or unauthorized access to our data centers. We\nmaintain written policies and procedures for the protection of the\nPersonal Information collected, stored, handled, or processed on our\nsystems. For employees with access to Personal Information, we\nprovide training to employees on privacy and data security.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe take security seriously! Just like Target.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHOW YOU CAN ACCESS OR REMOVE YOUR PERSONAL INFORMATION\u003c/p\u003e\n\u003cp\u003eIf you desire access to view, correct or remove your own Personal\nInformation, you may do so by emailing us at \u003ca href=\"mailto:privacy@vizio.com\"\u003eprivacy@vizio.com\u003c/a\u003e or by\ncalling 877-698-4946. If you request removal of Personal\nInformation, you acknowledge that residual Personal Information may\ncontinue to reside in VIZIO\u0026rsquo;s records and archives, but VIZIO will\nnot use that Personal Information going forward for commercial\npurposes. VIZIO reserves the right to maintain your Personal\nInformation if VIZIO has suspended, limited, or terminated your\naccess to the VIZIO website or VIZIO products and services for\nviolating any applicable Terms of Use or the VIZIO Internet Apps\nSoftware License Agreement. This paragraph does not apply to VIZIO\u0026rsquo;s\ncollection of Non-Personal or Anonymous Information.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eI\u0026rsquo;ll try to call these guys one of these days and find out what data is\nassociated with my account.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVIZIO.COM: DO NOT TRACK\u003c/p\u003e\n\u003cp\u003eVIZIO does not knowingly track Personal Information about visitors\nto VIZIO.com over different sites and over time, and it does not\nenable third parties to do so, regardless of whether VIZIO detects a\ndo-not-track or similar signal from a visitor\u0026rsquo;s browser.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eThis is at least good!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eSMART INTERACTIVITY \u0026ndash; OVERVIEW\u003c/p\u003e\n\u003cp\u003eSmart Interactivity is a feature on Internet-connected VIZIO\ntelevisions that recognizes onscreen content. Currently, we only use\nthis feature to gather data on a non-personal or anonymous basis, as\ndescribed below. You have the option to turn this feature off at any\ntime directly from the menu of your television.\u003c/p\u003e\u003c/blockquote\u003e\n\u003c!--quoteend--\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHowever, in understanding this feature of your VIZIO television (and\nyour option to disable this feature), we also want you to know that\nVIZIO is developing technologies that will permit you to interact\nwith content in a variety of ways. These interactions may include\nvoting in polls, accessing bonus content, and viewing advertisements\nthat match your interests, based upon your viewing behaviors. Only\nsome of these features (outlined below) are currently deployed,\nhowever. This Privacy Policy may therefore be modified from time to\ntime as new features and functionality become available.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eI am very glad that they\u0026rsquo;re willing to permit me to view advertisments\nbased on my viewing behavior!! I\u0026rsquo;ve turned this feature off.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWHAT VIEWING DATA WE COLLECT\u003c/p\u003e\n\u003cp\u003eFor VIZIO televisions that have Smart Interactivity enabled, VIZIO\nwill collect data related to publicly available content displayed on\nyour television, such as the identity of your broadcast, cable, or\nsatellite television provider, and the television programs and\ncommercials viewed (including time, date, channel, and whether you\nview them live or at a later time). This data is referred to as\n\u0026ldquo;Viewing Data.\u0026rdquo; The Viewing Data collected by VIZIO is anonymous and\ndoes not contain Personal Information. VIZIO does not collect\nViewing Data from televisions located outside the United States.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe track who your provider is, what you watch and when you watch it. And\nwe \u003cem\u003etotally\u003c/em\u003e don\u0026rsquo;t combine it with all that non-identifying information\nthat we talked about earlier!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eExcept where prohibited by law or policy, the Smart Interactivity\nfeature is turned on by default. However, at any time you may turn off\nSmart Interactivity (and the associated collection of Viewing Data)\nfrom the menu of your VIZIO television. Turning Smart Interactivity\noff will not affect the performance of your VIZIO television or any\nonline services. For specific instructions on how to turn Smart\nInteractivity off or on, see the text below under the heading “How to\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eFor your convenience, you\u0026rsquo;ve been opted into the fun!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHOW WE USE THE VIEWING DATA WE COLLECT\u003c/p\u003e\n\u003cp\u003eVIZIO currently uses the Viewing Data collected from Smart\nInteractivity for the following purposes:\u003c/p\u003e\n\u003cp\u003eBeginning October 31, 2015, VIZIO will use Viewing Data together with\nyour IP address and other Non-Personal Information in order to inform\nthird party selection and delivery of targeted and re-targeted\nadvertisements. These advertisements may be delivered to smartphones,\ntablets, PCs or other internet-connected devices that share an IP\naddress or other identifier with your Smart TV. VIZIO combines the\nViewing Data with IP address and other Non-Personal Information as\nwell as other non-personal information (such as demographic\ninformation) it obtains from third parties in order to enhance, model\nand further analyze the Viewing Data. VIZIO shares the Viewing Data\nwith media and data analytics companies as described below under the\nheading \u0026ldquo;How We Share the Viewing Data.\u0026rdquo; VIZIO does not combine or\nassociate the Viewing Data with Personal Information.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eWe will figure out what phones and other computers that you\u0026rsquo;re using\non the same network and combine that with a bunch of data we get from\nour \u0026ldquo;partners\u0026rdquo;. We then sell that bundle to ad networks who have been\ntracking your device location and they use that information to sell\nyou stuff! Remember all that they collect is non-identifying, but\nthose ad networks sure as heck know who you are.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHOW WE SHARE THE VIEWING DATA\u003c/p\u003e\n\u003cp\u003eVIZIO shares the Viewing Data in the aggregate with media and data\nanalytics companies who have a business need to analyze television\nviewing behaviors in the aggregate. This analysis permits these\ncompanies to make, for example, better-informed decisions regarding\ncontent production, programming and advertising. VIZIO minimizes the\nsharing of Non-Personal device identifiers such as IP addresses. In\nmost cases VIZIO hashes and replaces these identifiers before sharing\nthem with our media and analytics partners. When VIZIO shares IP\naddresses with third parties, VIZIO imposes strict conditions of\nconfidentiality and use on such third parties.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eI\u0026rsquo;ll just \u003ca href=\"http://arstechnica.com/tech-policy/2009/09/your-secrets-live-online-in-databases-of-ruin/\"\u003eleave this here\u003c/a\u003e. TL;DR, \u003ca href=\"https://www.cs.utexas.edu/~shmat/shmat_oak08netflix.pdf\"\u003eit\u0026rsquo;s not hard to deanonymize data\u003c/a\u003e.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWe also share Viewing Data to facilitate the display of tailored\nadvertisements on other devices. As of October 31, 2015, VIZIO will\nshare Viewing Data, together with the IP address associated with the\ncorresponding VIZIO television, with limited third parties with whom\nwe have specifically partnered. These third parties may combine this\ninformation with other information about devices associated with that\nIP address, in order to customize the advertisements displayed on\nthose other devices.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eYour Netflix habits will follow you around. Watching too much Aqua Teen\nHunger force? Prepare for Cheetos advertisements.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eYou always have the option to turn off the collection of Viewing Data\nin your television\u0026rsquo;s settings menu. However, for a period of time you\nmay continue to see tailored ads on other devices that were targeted\non the basis of Viewing Data that was shared before you turned off\ncollection.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eIt\u0026rsquo;s going to be hard to verify if they\u0026rsquo;re not collecting this\ninformation anyway and uploading it to the server.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHOW WE PROTECT THE VIEWING DATA\u003c/p\u003e\n\u003cp\u003eVIZIO first protects the Viewing Data by not combining or associating\nthe Viewing Data with Personal Information, even if VIZIO has\ncollected Personal Information from other sources, such as an online\npurchase, account creation, or product registration. VIZIO also\nprotects the Viewing Data according to the same standards that it uses\nto protect Personal Information and Non-Personal Information as\ndescribed above, including by requiring the third parties who analyze\nor use the Viewing Data to employ reasonable security measures.\u003c/p\u003e\n\u003cp\u003eEven though the Viewing Data does not contain Personal Information,\nVIZIO encrypts the Viewing Data before transmission over the Internet.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eBoth of these are good things for sure! Unfortunately, as we\u0026rsquo;ve seen\nin many other cases \u0026ldquo;anonymous\u0026rdquo; information is fairly easy to\ndeanonymize \u0026ndash; especially when you can correlate the IP addresses with\nother data sources.\u003c/p\u003e\n\u003ch2 id=\"summary\"\u003eSummary\u003c/h2\u003e\n\u003cp\u003eIf I continue to use the \u0026ldquo;smart\u0026rdquo; features of this television, I will\nhave to setup some firewall rules so that it can\u0026rsquo;t see anything else\non my network. Currently it\u0026rsquo;s connected to an open access point and\nonly has access to the Internet and no ability to see other devices on\nthe network.\u003c/p\u003e\n\u003cp\u003eSince I started writing this, \u003ca href=\"http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you\"\u003eProPublica has taken notice of the lousy\nprivacy policy\u003c/a\u003e. I recommend reading their analysis of Vizio\u0026rsquo;s SmartTV\nprogram.\u003c/p\u003e\n" }, { "title": "Notmuch of mail a setup Part 2 - notmuch and Emacs", "date_published": "2015-11-21T00:00:00-05:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/notmuch-of-a-mail-setup-part-2-notmuch-and-emacs/", "url": "https://bostonenginerd.com/posts/notmuch-of-a-mail-setup-part-2-notmuch-and-emacs/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eIn my previous post on this topic, I tried to detail the way that I\nfetch and send email using my laptop using a combination of mbsync and\nsystemd. This has been working extremely well \u0026ndash; it runs in the\nbackground and does the right thing when I am connected to the Internet.\nThe only issue with this setup is that I\u0026rsquo;ll occasionally need to clear a\nlockfile out of the .msmtp-queue directory. This is quite rare, however.\u003c/p\u003e\n\u003cp\u003eThe nicest thing about using a Maildir to store your mail is that you\ncan act on the mail using a variety of different programs \u0026ndash; some folks\nprefer using Mutt to read their mail, others prefer something else. Most\npopular mail software on Linux seems to support storing things in\nMaildirs \u0026ndash; with the apparent exception of Thunderbird.\u003c/p\u003e\n\u003cp\u003eOne of the killer features of Gmail when it came out was the ability to\nquickly search through your email and to automatically tag it in\ndifferent ways. This was one of the things that I missed moving my email\nto a local client \u0026ndash; Thunderbird didn\u0026rsquo;t particularly care for searching\nthrough my 25GB mail archive. Enter\n\u003ca href=\"https://www.notmuchmail.org\"\u003eNotmuch\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.notmuchmail.org\"\u003eNotmuch\u003c/a\u003e is a small piece of software\nthat wraps around the Xapian search library to index and search through\na large amount of data quite easily. The name comes from the fact that\nthe software doesn\u0026rsquo;t fetch your mail, send your mail or even really\nindex your mail \u0026ndash; i.e. it doesn\u0026rsquo;t do much.\u003c/p\u003e\n\u003cp\u003eNotmuch really does a few things:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIndexes your mail using Xapian\u003c/li\u003e\n\u003cli\u003eAssociates your mail with different tags \u0026ndash; similar to Gmail. The tags\nare stored in the database.\u003c/li\u003e\n\u003cli\u003eHelp search through Xapian efficiently.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt doesn\u0026rsquo;t:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGet the mail.\u003c/li\u003e\n\u003cli\u003eWrite the mail.\u003c/li\u003e\n\u003cli\u003eSend the mail.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat\u0026rsquo;s about it. It relies on other programs in order to actually do\nanything with the mail.\u003c/p\u003e\n\u003cp\u003eOne important thing to note is that everything in Notmuch is a tag. The\nactual folder structure of your emails doesn\u0026rsquo;t really matter \u0026ndash; all that\nmatters are the tags in the headers.\u003c/p\u003e\n\u003ch2 id=\"getting-setup-with-notmuch\"\u003eGetting setup with Notmuch\u003c/h2\u003e\n\u003cp\u003eFirst things first \u0026ndash; pull your email onto your local device. I describe\na working setup \u003ca href=\"https://bostonenginerd.com/posts/notmuch-of-a-mail-setup-part-1-mbsync-msmtp-and-systemd/\"\u003ehere\u003c/a\u003e. This setup includes\nboth pulling email off of the server and sending email through your SMTP\nserver.\u003c/p\u003e\n\u003cp\u003eNext, you will want to install notmuch and GNU Emacs. I installed both\nfrom my Linux distribution\u0026rsquo;s package manager. You will also want to\ninstall a second script called\n\u003ca href=\"https://www.github.com/teythoon/afew\"\u003eafew\u003c/a\u003e. Afew is a set of python\nscripts that assist in tagging your email. I installed afew to my\n~/.local/bin directory.\u003c/p\u003e\n\u003cp\u003eYou should setup the notmuch configuration file next. You can do this by\nusing the command \u003ccode\u003enotmuch\u003c/code\u003e. This will walk you through a few\nconfiguration steps where you need to identify your own email addresses.\nI added all of the addresses that I\u0026rsquo;ve ever used since I tend to store\nlots of email.\u003c/p\u003e\n\u003cp\u003eAfter running the configuration wizard, you will want to edit the\n\u003ccode\u003e[new]\u003c/code\u003e mail configuration so that it reads:\u003c/p\u003e\n\u003ch2 id=\"notmuch-config\"\u003e.notmuch-config\u003c/h2\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Configuration for \u0026#34;notmuch new\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# The following options are supported here:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# tags A list (separated by \u0026#39;;\u0026#39;) of the tags that will be\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# added to all messages incorporated by \u0026#34;notmuch new\u0026#34;.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# ignore A list (separated by \u0026#39;;\u0026#39;) of file and directory names\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# that will not be searched for messages by \u0026#34;notmuch new\u0026#34;.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# NOTE: *Every* file/directory that goes by one of those\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# names will be ignored, independent of its depth/location\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# in the mail store.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[new]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etags=new;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eignore=Trash\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eThis configures the \u003ccode\u003enotmuch new\u003c/code\u003e command to read in and index all the\nmail and apply the \u003ccode\u003enew\u003c/code\u003e tag to it. We\u0026rsquo;re using this tag to let \u003ccode\u003eafew\u003c/code\u003e\nknow what messages it needs to operate on.\u003c/p\u003e\n\u003cp\u003eNext, you want to configure \u003ccode\u003eafew\u003c/code\u003e. I\u0026rsquo;m using the following\nconfiguration file:\u003c/p\u003e\n\u003ch2 id=\"configafewconfig\"\u003e~/.config/afew/config\u003c/h2\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#default filter chain\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[SpamFilter]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[KillThreadsFilter]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[ListMailsFilter]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[SentMailsFilter]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003esent_tag = sent\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[ArchiveSentMailsFilter]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Filter.1]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emessage = \u0026#34;Facebook\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003equery = \u0026#39;from:facebookmail.com\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etags = +facebook;+unread;-new\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Filter.2]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emessage = \u0026#34;Spam\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003equery = \u0026#39;from:\u0026#34;Global Who\\\u0026#39;sWho\u0026#34; OR from:Touchfire OR from:Walk-inTub OR from:\u0026#34;Replacement Window\u0026#34;\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etags = +spam;-new\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Filter.3]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emessage = \u0026#34;Get mailing lists out\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003equery = \u0026#39;tag:lists\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etags = +unread;-new;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Filter.4]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emessage = \u0026#34;Get mailing lists out\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003equery = \u0026#39;to:geda-user@delorie.com\u0026#39;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etags = +lists/geda-user;-new;-inbox;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[InboxFilter]\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eStepping through the file:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSpamFilter - This filter looks throught the email headers for the\nheader \u003ccode\u003eX-Spam-Flag\u003c/code\u003e which should be set by SpamAssasian or something\nsimilar running on your email host. This tags the message as spam \u0026ndash;\nhiding it from your searches.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eKillThreadsFilter - Kill new messages to previously killed threads.\nGood for the ReplyAll chains from your Uncle about Obama.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eListMailsFilter - Look through the new messages and add a the name of\nthe list as a tag. Remove the item from your inbox. This is helpful\nfor high volume mailing lists so you can only check them when you want\nto. This filter uses the \u003ccode\u003eListID:\u003c/code\u003e header in the email. I have noticed\nthat a large number of commericial mailing lists are using the\n\u003ccode\u003eListID\u003c/code\u003e header to track their campaigns. This is a bit annoying and I\nhaven\u0026rsquo;t found a good way to fix it yet.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSentMailsFilter - Tag all the email that I\u0026rsquo;ve sent to others. This\nuses the \u003ccode\u003eFrom:\u003c/code\u003e header.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eArchiveSentMailsFilter - removes the inbox tag from sent email.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[Filter.1] - tag emails from facebook and remove them from the inbox.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[Filter.2] - filter out some common spam that I receive. Our spam\ndetection isn\u0026rsquo;t working too well on my email host.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[Filter.3] - remove all mailing list messages from the inbox.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[Filter.4] - one mailing list that I subscribe to doesn\u0026rsquo;t set the\nListID header used by the ListMailsFilter. It uses \u0026ldquo;X-Mailing-List\u0026rdquo;\ninstead. It was faster to just detect these and remove them from the\nmailbox than it was to do anything else.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe one thing lacking in the current setup is a way to move emails from\nthe Inbox to subfolders. Afew has a MailMover function, but I haven\u0026rsquo;t\nbeen able it to get it working well. This is necessary to move unwanted\nitems to the trash. I\u0026rsquo;ve been using mutt periodically to move older\nitems into an archive folder and to the trash.\u003c/p\u003e\n\u003ch2 id=\"get-the-mail-and-index-it-dot\"\u003eGet the mail and index it.\u003c/h2\u003e\n\u003cp\u003eNow that we have notmuch and afew to index and tag the email, it\u0026rsquo;s time\nto automate the process. In the previous installment, we wrote a small\nshell script to check the internet connection state, send queued email\nand pull down new email. Let\u0026rsquo;s extend it to handle some new commands!\u003c/p\u003e\n\u003ch2 id=\"localbincheckmail.sh\"\u003e~/.local/bin/checkmail.sh\u003c/h2\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#!/bin/sh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSTATE=`nmcli networking connectivity`\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eif [ $STATE = \u0026#39;full\u0026#39; ]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ethen\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e ~/.local/bin/msmtp-runqueue.sh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e mbsync nnytech\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e notmuch new\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e ~/.local/bin/afew -tn\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e notmuch tag -inbox tag:inbox AND tag:lists\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e exit 0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efi\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eecho \u0026#34;No Internets!\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eexit 0\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eThis script adds in some new commands to index new mail and to run afew\nto tag the mail. In addition, we run notmuch again to remove all mailing\nlists from the Inbox as they\u0026rsquo;re almost always not urgent.\u003c/p\u003e\n\u003ch2 id=\"now-how-do-we-read-our-email-again\"\u003eNow, how do we read our email again?\u003c/h2\u003e\n\u003cp\u003eAfter spending all this time getting our email downloaded, indexed and\ntagged we probably want to read our email. I\u0026rsquo;ve been using\n\u003ca href=\"https://www.gnu.org/software/emacs/\"\u003eGNU Emacs\u003c/a\u003e a lot lately and had\nread about the Notmuch Emacs client. The neat thing about Notmuch is\nthat it\u0026rsquo;s independent of the frontend that you read your mail with.\nThere are setups that work well with\n\u003ca href=\"https://notmuchmail.org/notmuch-mutt/\"\u003eMutt\u003c/a\u003e and even\n\u003ca href=\"http://git.notmuchmail.org/git/notmuch/blob/HEAD:/vim/README\"\u003eVim\u003c/a\u003e as\nwell as \u003ca href=\"https://notmuchmail.org/frontends/\"\u003ea number of other\nclients\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eI installed the latest version of the Notmuch frontend from the MELPA\nEmacs package archive. \u003ca href=\"http://melpa.org/#/getting-started\"\u003eGetting\nstarting with MELPA is described here.\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eSome .emacs.d/init.el-fu is required to get things working.\u003c/p\u003e\n\u003ch2 id=\"dot-emacs-dot-d\"\u003e.emacs.d\u003c/h2\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e:::lisp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Load up Notmuch\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(require \u0026#39;notmuch)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e; Setup some keybindings\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e; C-c m opens up Notmuch from any buffer\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(global-set-key (kbd \u0026#34;C-c m\u0026#34;) `notmuch)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Setup Names and Directories\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq user-mail-address \u0026#34;myemail@mydomain.tld\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e user-full-name \u0026#34;My Totally Real Name\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e; stores postponed messages to the specified directory\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq message-directory \u0026#34;MailLocation/Drafts\u0026#34;) ;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;set sent mail directory\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq notmuch-fcc-dirs \u0026#34;MailLocation/Sent\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Settings for main screen\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq notmuch-hello-hide-tags (quote (\u0026#34;killed\u0026#34;)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;A few commonly used saved searches.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq notmuch-saved-searches\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(quote\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e((:name \u0026#34;inbox\u0026#34; :query \u0026#34;tag:inbox AND -tag:work\u0026#34; :key \u0026#34;i\u0026#34; :sort-order oldest-first)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (:name \u0026#34;flagged\u0026#34; :query \u0026#34;tag:flagged\u0026#34; :key \u0026#34;f\u0026#34;) ;flagged messages\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (:name \u0026#34;sent\u0026#34; :query \u0026#34;tag:sent -tag:work\u0026#34; :key \u0026#34;t\u0026#34; :sort-order newest-first)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (:name \u0026#34;drafts\u0026#34; :query \u0026#34;tag:draft\u0026#34; :key \u0026#34;d\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (:name \u0026#34;mailinglist\u0026#34; :query \u0026#34;tag:lists/mailinglistID\u0026#34; :key \u0026#34;c\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (:name \u0026#34;all mail\u0026#34; :query \u0026#34;*\u0026#34; :key \u0026#34;a\u0026#34; :sort-order newest-first))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Message composition and sending settings\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Setup User-Agent header\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq mail-user-agent \u0026#39;message-user-agent)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq message-kill-buffer-on-exit t) ; kill buffer after sending mail)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq mail-specify-envelope-from t) ; Settings to work with msmtp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq send-mail-function (quote sendmail-send-it))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq sendmail-program \u0026#34;~/.local/bin/msmtp-enqueue.sh\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e mail-specify-envelope-from t\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;; needed for debians message.el cf. README.Debian.gz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e message-sendmail-f-is-evil nil\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e mail-envelope-from \u0026#39;header\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e message-sendmail-envelope-from \u0026#39;header)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Reading mail settings:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(define-key notmuch-show-mode-map \u0026#34;S\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (lambda ()\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;mark message as spam\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (interactive)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(notmuch-show-tag (list \u0026#34;+spam\u0026#34; \u0026#34;-inbox\u0026#34;))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(define-key notmuch-search-mode-map \u0026#34;S\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(lambda ()\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;mark message as spam\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (interactive)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (notmuch-search-tag (list \u0026#34;-inbox\u0026#34; \u0026#34;+spam\u0026#34;))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (next-line) ))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq notmuch-crypto-process-mime t) ; Automatically check signatures\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;Crypto Settings\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(add-hook \u0026#39;message-setup-hook \u0026#39;mml-secure-sign-pgpmime)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq epg-gpg-program \u0026#34;/usr/bin/gpg2\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;There was some problem with listing PGP keys in the Debian\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e;version of EPG. This magic from StackOverflow seems to resolve it.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(defun epg--list-keys-1 (context name mode)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(let ((args (append (if (epg-context-home-directory context)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (list \u0026#34;--homedir\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (epg-context-home-directory context)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#39;(\u0026#34;--with-colons\u0026#34; \u0026#34;--no-greeting\u0026#34; \u0026#34;--batch\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;--with-fingerprint\u0026#34; \u0026#34;--with-fingerprint\u0026#34;)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (unless (eq (epg-context-protocol context) \u0026#39;CMS)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#39;(\u0026#34;--fixed-list-mode\u0026#34;))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(list-keys-option (if (memq mode \u0026#39;(t secret))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;--list-secret-keys\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (if (memq mode \u0026#39;(nil public))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;--list-keys\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026#34;--list-sigs\u0026#34;)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(coding-system-for-read \u0026#39;binary)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ekeys string field index)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(if name\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(progn\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (unless (listp name)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (setq name (list name)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (while name\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (setq args (append args (list list-keys-option (car name)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e name (cdr name))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (setq args (append args (list list-keys-option))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(with-temp-buffer\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (apply #\u0026#39;call-process\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (epg-context-program context)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e nil (list t nil) nil args)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (goto-char (point-min))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (while (re-search-forward \u0026#34;^[a-z][a-z][a-z]:.*\u0026#34; nil t)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(setq keys (cons (make-vector 15 nil) keys)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e string (match-string 0)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e index 0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e field 0)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(while (and (\u0026lt; field (length (car keys)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (eq index\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (string-match \u0026#34;\\\\([^:]+\\\\)?:\u0026#34; string index)))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (setq index (match-end 0))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (aset (car keys) field (match-string 1 string))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (setq field (1+ field))))\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e (nreverse keys))))\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003ch2 id=\"how-to-use-it\"\u003eHow to use it?\u003c/h2\u003e\n\u003cp\u003eLoad up emacs, press \u003ccode\u003eC-c m\u003c/code\u003e and you\u0026rsquo;re off and running.\u003c/p\u003e\n\u003ch2 id=\"next-steps\"\u003eNext steps:\u003c/h2\u003e\n\u003cp\u003eI\u0026rsquo;m still working on refining the setup. My next steps should include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOrg-mode Capture integration\u003c/li\u003e\n\u003cli\u003eGetting afew to actually move email out of my inbox.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"feedback\"\u003eFeedback\u003c/h2\u003e\n\u003cp\u003eIf you have any feedback, please send me an email!\u003c/p\u003e\n" }, { "title": "New SSL Certificate", "date_published": "2015-11-03T21:21:00-05:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/new-ssl-certificate/", "url": "https://bostonenginerd.com/posts/new-ssl-certificate/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----BEGIN PGP SIGNED MESSAGE-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHash: SHA512\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMy SSL certificate expired on 11/1. I replaced it with a new\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecertificate today. The SHA256 fingerprint of the new certificate is:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e27:88:83:BF:22:D3:55:62:1C:2D:26:B2:8B:C9:AD:32:E3:C2:A6:BD:B7:C8:41:53:F9:38:D8:C6:AA:63:88:B1\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eThis is going to expire in February 2016. I will likely replace it\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ewith one from [Let\u0026#39;s Encrypt](https://www.letsencrypt.org) by then.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----BEGIN PGP SIGNATURE-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eiQEcBAEBCgAGBQJWOUgKAAoJEKtJwDCg2HMhXj0H/icGRxNn7cnlFUlEZ4Y5hujc\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eLlBOigcCT/A7HVmTSYq++7icj2J/XOw/CL2wVNok1oMe4KVT6VmLH3rs68BSzusB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003earGSFAz4Lu1MPPmBlmp2L3l2Gc8eWPzvfDS9S1pD0tO63ISVGAzj0rMwtMlogPV2\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eePd/lOIuICU8tUpWxNRt8LLrsOfMNYzuTV+5a6NVQS8OUpck/k3x6cYCpujXhXi3\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAPTT2o7s0VbvZP60iHZfMNzg6dQHEuywhmwmQuyyAy5LbefLyd+M8lN+4b/yzfw5\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eXVUIHx1Y/k5h5x9IFP//o6Y4fCRgMs0xhIAGWo0JZrwd8aQijjQx22qy+jBvfdg=\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e=WjLO\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----END PGP SIGNATURE-----\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n" }, { "title": "Getting Rid of Comments", "date_published": "2015-10-11T21:21:00-04:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/getting-rid-of-comments/", "url": "https://bostonenginerd.com/posts/getting-rid-of-comments/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI\u0026rsquo;m disabling comments on this blog as of today. I\u0026rsquo;ve only received a\nsmall handful of comments in the year or so that this has been up \u0026ndash;\ncertainly not enough to justify the user needing to download over 1\nmegabyte of javascript from Disqus when they load the page.\u003c/p\u003e\n\u003cp\u003eFeel free to email me - john at johnbyrnes.info if you have any comment.\u003c/p\u003e\n" }, { "title": "Getting the T-Mobile Jet (Huawei 366) USB Modem to work in Linux", "date_published": "2015-09-21T21:21:00-04:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/getting-the-t-mobile-jet-huawei-366-usb-modem-to-work-in-linux/", "url": "https://bostonenginerd.com/posts/getting-the-t-mobile-jet-huawei-366-usb-modem-to-work-in-linux/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI recently purchased a cheap T-mobile broadband USB stick for use with\nmy Debian Linux laptop. The device is the T-Mobile Jet 2.0 \u0026ndash; a\nrebranded Huawei UMG366.\u003c/p\u003e\n\u003cp\u003eAfter putting the SIM card in, I noticed that NetworkManager was\nunable to see the card. Some DuckDuckGo-ing led me to this \u003ca href=\"http://forums.linuxmint.com/viewtopic.php?f=53\u0026amp;t=119342\"\u003eLinux Mint\nforum post\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eApparently these sticks show up as a USB hard drive when you plug them\nin. This lets them include the drivers with the stick. Ejecting the\ndrive activates the internet connection. You can use a piece of\nsoftware called usb\\\\_modeswitch to change the device mode.\u003c/p\u003e\n\u003cp\u003eThe last post in the aforementioned thread has basically the correct\nstep to take in order to get the device to work properly. Instead of\nediting the system udev rule file, I added a new rule into\n\u003ccode\u003e/etc/udev/rules.d/41-huawei.rules\u003c/code\u003e.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Huawei E366 (T-mobile Wind)\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eATTRS{idVendor}==\u0026#34;12d1\u0026#34;, ATTRS{idProduct}==\u0026#34;1446\u0026#34;, RUN+=\u0026#34;usb_modeswitch \u0026#39;%b/%k\u0026#39;\u0026#34;\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eSpeed tests were as follows using speedtest-cli from the Debian\nrepository:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eTesting from T-Mobile USA (172.56.36.162)...\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSelecting best server based on latency...\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHosted by Atlantic Metro (New York City, NY) [6.18 km]: 144.517 ms\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eTesting download speed........................................\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDownload: 3.92 Mbits/s\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eTesting upload speed..................................................\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eUpload: 0.91 Mbits/s\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eThis is a about 2x faster than Bluetooth tethering to my LTE\nphone. The download speed from the Ookla app on my smartphone was\nabout 6Mbits/s. The HSPA+ speed from the dongle is perfectly\nacceptable.\u003c/p\u003e\n" }, { "title": "Internets on a Plane! (and service blocking)", "date_published": "2015-08-16T23:53:00-04:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/internets-on-a-plane-and-service-blocking/", "url": "https://bostonenginerd.com/posts/internets-on-a-plane-and-service-blocking/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cp\u003eI fly UA quite often and regularly get internet on my flights. The\nspeed and connection quality is quite acceptable considering that\nwe’re traveling through the air and talking through some\nsatellites. The rate is also quite reasonable - $1.99/hr for the slow\nlane and $3.99/hr for the fast lane.\u003c/p\u003e\n\u003cp\u003eHowever, on my last two trips, the following things have been blocked:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVPN access - I typically use a VPN when I travel to protect my\nwifi traffic. As the access points are unencrypted, I prefer to\nencrypt and route my traffic through a trusted host. It seems\nthat they’re blocking most of the gateways for my VPN provider.\u003c/li\u003e\n\u003cli\u003eweb.skype.com — Although I understand that you can’t really\nsupport VOIP, text chatting over the Skype web interface should\nbe perfectly acceptable. I’d like to avoid installing Skype on\nmy nice Linux laptop.\u003c/li\u003e\n\u003cli\u003eXMPP blocked - again, text chatting should be acceptable. TCP to\nports 5222 and 5223 are blocked.\u003c/li\u003e\n\u003cli\u003eUDP to ports 60000+ is blocked. This means that I’m unable to\nuse MOSH to connect to my home servers. I often chat through\nIRSSI + Bitlbee running on a server in my house.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eI verified that in each case, the service I was trying to connect to\nwas up.\u003c/p\u003e\n\u003cp\u003eFinally, I noticed that the feedback form was not protected by\nSSL. This should be the default on every website these days.\u003c/p\u003e\n\u003cp\u003eOverall the service gets a solid B. I was eventually able to find a\nVPN host not on the block list and was then able to access all of the\nnecessary services.\u003c/p\u003e\n" }, { "title": "GnuPG key update", "date_published": "2015-02-21T21:21:00-05:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/gnupg-key-update/", "url": "https://bostonenginerd.com/posts/gnupg-key-update/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----BEGIN PGP SIGNED MESSAGE-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHash: SHA1\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eI mistakenly deleted the secret key material for my PGP signing and\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eencryption subkeys. *facepalm* Please backup your keys. The master\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecertification key was left unaffected.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eThe updated key is here:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e- -----BEGIN PGP PUBLIC KEY BLOCK-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVersion: GnuPG v2\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emQINBFSzQfcBEACki1rn6UOSYCsfD2L3vvZlZD1yIMKjQeG8edUxn9RdSA80jZ56\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ey35GMBrlGkd0jvUyRlNIbPMe/FuRNrKh2DadTfo0qGO9js9b3jnI27g9v6F6yp7A\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003enTTAiXKvPVYN5qfjfTk14Go1X1arbHqX8o4wN0Xdh5osFZmqZuSynGQ/DVTE78Qa\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMENanBVgUqWHc/I1D/cH0cHAgBm2QNRhMrNXymb18TXJJgMDtGn5WQ/rX+Iajg+N\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eylifpcwajfLO+i90j/RxcSBOwCZORm8yUsHFjFGgcQV803Pmr10waDq++ZI5EOqv\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efZiIDH7MJfIblBHRj3fClGZcT3bhucy4LpRJ+SGvICXB2FcdZODN4h7tLJn1drtq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eI4mOk8TDOGqCeKtiNvX1oHTSR/STve8yvU5pjV8wifWOm4P1s9RbGmmxl1sAie5Q\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e6FFTIYguNOU2QJM/qAc9uJfSLrbcDvBJwPxEJMwqVwRxO3b2LB4sJnVX55jCJ698\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ejvELtkpNWY/e8UFHfAiXlTHb58Y2T39Jz1OXGC9Xn3F/VLU9dF/Il/0fHxV01orV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eaCx8B/n6aa3HRWLijWZFCsiRIfCRCTVCokU1nDJAutRO4TZSVT7xh7hRd2yTkciI\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eGoGslzmlSb4PmcWc2q80CM1cgBGKZj3X7/ed4ftbfsf3AEo7UeAvrwTwlwARAQAB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etB5Kb2huIEJ5cm5lcyA8am9obkBubnl0ZWNoLm5ldD6JAj4EEwECACgFAlSzQ4gC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eGwEFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHWpBG/VobiuR0cP\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e/AvBdrEmoLAW+9T0Nw28947Cout8991Dsbk0GbWOu+orE3xOe8Jui5LBYlfuLCo5\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euxphsUIoan5EA3EmcBtH+36gw997sEJS/HRwwrwMQJf/dL6tKrwVeqQqCf90124I\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003erKpTm2KCGMZ6deZxqru7Pfphlm5buri2TqsaAd0rfTJQNDUxXejAJyzTuF3DHqcC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDwJK/YsyBMBRN5GrRJaxK1tuO7jsgYjGF/nUOX1dKpT8K8oR2M0fUsLH7ra1fXxD\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ery5+BdUCYY1P47wMZLggFuPrKR0+4nGCBEm+6xXabwAPegK56X5sIEFaFvDrRFk1\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePgqgBYKkMreL2QGUYTa3qFSbqE75PE8ffukC5UoQhvdPnKCezdNJ+gG7HT/YS23F\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e1piF5Q/2Gw/dq0E4yGKSxHrNsoaHKrddlrRsZnDvKFv0EkI/6QgsG8tUTfjmF5Gw\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eL960Sc16a67R94b1fGt8ObyoQJHNFTogZh1Zcc+/2clDuez0lQYPrAFN4Hc64wtQ\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eKvnw6RKbV5yI9Nw7vHe1NqfhNoBUjkxZFXTKSOI8Z7fZsjTbnATrKBbbY83BdvKk\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eQo4Zpn5yQcBiqKKqIAJsw/Yu3TDKpa1sKR3CfkLmeT7okVQPwinOVBm3K8Y6d1pH\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ev93yMcVs7NNTMt6ySS5vhmo95KMYKI9Gd77Vs2395ApPtGBKb2huIEJ5cm5lcyAo\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eS2V5IFN1cGVyc2VkZXMgRDU0RDZCQjQgYW5kIGFsbCBwcmlvciBrZXlzIGFzIG9m\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eIDIwMTUtMDEtMTEpIDxqb2huQGpvaG5ieXJuZXMuaW5mbz6JAhwEEAECAAYFAlSz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eQnUACgkQbYdJ3tVNa7QiSRAA17CmZnCFquePMDl5DNjRjSWt2czuCLBWIHP+mxMv\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003er+F0xC2hsjrt7e3oTZfxOg0lvbQ05LZBorXBCyqysQzir6zSo3KAZ2b6JUEk9LB0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e4FCzel2K2jQSveTgUmT/4yTCZByVqjmq+gMvI5Vwfr2rTvh+iWLt07Saeuu8EbjF\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eu7cGA47JlZo+beO6nu6Rhv6BjBqW8x0alPEF0xEh5j3lApPx9enRP23G3JCeeqtz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e7v12xDP/+5mPS4Dexq/QoY3nEZBquXTbohj6GVg44fchTQnidJuVNNRQWQk86Mlk\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e/NJqbLrFrUJFvdi3j9AUiy7gtPKQC/KvD/WZGRLOxWWTX9US+KFHdMB7VFOjPMNu\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eLJc3v9S7wfgjbWR86YVL6ziLoDuHlUYkeyuDqaSO5lqypxzQxuM7f6ZQVrRRCr1W\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efItgYH7WnmBMh7zFCsK9Dw4EX1kKoOUTD9YdpXjm591GATsKIhVimaTHXWjUbVrN\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eken98oG1PCp21pZ3kB45k4RceHVyJvohRwVNKlPM30i7kcwdVGNFOwNzAsGkEfnl\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e9oEQuWRMN7AgHUKD+z5Ie2c8x7wdH31huBB3zAXDzowS4xYHN4m8U95pgoDCPaNv\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e6+eRvrnR3FDHlEb5OQeAm+3veyrhu6NrBKjigC8OHNFh04kCnL0lIc1vBDcHQYbP\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePxeJAj4EEwECACgFAlSzQfcCGwEFCQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4B\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAheAAAoJEHWpBG/VobiuufYP/A9WXBLCPCUXLE+weEGG2J6VSKVsuKh4J4+B8YJ0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e4qS/puDBsOFj79j4KY0FYRpsOTG74vGl4ttFB1uoCnBWydi4PukM8yNhu/Jly8ow\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eNEeNyESCO4qv9mNs7LRtt4f/Bah3ERvWam+GTyTHART7+hzFiwu4Gt/Jucjn2tOp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eJyEFN3+5ZB449ddGMqgXuDiCEIb2VgBF6CngeN2LwEZQRLYlEibWwJAIBEjiL5CU\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eKAIH9mDDXRWPFZKFunsfuFKNM35rEV54PO0KEDG3s5NTzWYddUY5GXAimyMZaVjH\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ewdXDg2X1wRdDvp9Fpv4YUUOtbyasJkiZxZ1i3NTLiFxrv9bkTqhkpQnx5JCfRL2p\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003evqoLQYvStXqHr0OKsO/ezbh3/KotTNMKr9MRzqIByz/rq4rKpN+j9l1rmsyegXsi\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eTgTz7le1xgMogxC0wJ7ZizH7Xmwz6whS8+FvWmjEAi78kULwoP7x4UdoWLNofe48\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eK9l4ub0FjjQjswv2ztAq88WPDBrZFYNksB+fRMAHRihMED+Zq8WWIrsnquMmqAMW\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e73KimmaXW6Qm+KjCgFrUkt4Z766WFN6UmSWuKDT/m1nsh372BxQq3z1i4m/WzjU4\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eR8deONc07w0wz2Ri2BEGatPR/A3Vj2um+uA80+jVL/8TPPP3DYMQjqlhsZRyXgqN\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euCajiQJBBBMBAgArAhsBBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVLNEcwIZAQAKCRB1qQRv1aG4ruU8D/9V5xKzYg8L5lZhazbk+HEdhNQqYeUY3D9u\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e8/rd5XqSq+7ya6+/awOaYFotEx8RATcVfelgzOOICrkGocM38Kou+o/xBIvr9YgR\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eOdQioWa5yjcoU+qx2KcSxVFQ13yow1y8s5rVjkl9otJ8QrEhDevEy4a3vp3qgz4X\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e16Lw307hC1YLuhot5ZAFZHc0aaQOG0E+r4pwrNe/sgGtgm1yVt2lg+mztWMWrxga\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eb9BUeaMO/lj42INsk2pCuroIVxrNZu+1+UpYF9NukibWUtWXf4xeURwOxSTxglL8\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDROh/mnNNyuAVHWFSqcjS3Jd2ScFRBkFUVX20OiTcaB8ik+nwT+OpfqD65bLa3rb\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eN5iTZxfY2Kv0hVBXO3KFYKmWJ55HhpmYX4md+O64JMK6NzMTrMFkFWRdGvJv50lu\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eK2b/b7XY88xctCQ8jmlerCMVy7RY+J/dhND8giVFDUFyYWebLeFAPGUWPMNTxXPt\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDmvmop22YEQR9ZlVd4+hXU8ufx/VbtEl90dvJ+bA9Gld8ZNoY1PxaMkA6qrR4B8G\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eNvwCCW1FMHrfOEQnMcwVEVkjxWPVYIqiCTvHNYSUeBR5Rbnwm+IiDE+uLuUBw1MB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVX679NC+Sd0d+pAfhu5FLio16YVnz/NY6vF1nbIQ0oCNtPLsOrxQf7B2Hg7UtlRo\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eYsz5fxXSirkBDQRUs0L3AQgA2GvvRuF5v4tfMhw7Czyv1jYWeMNa9dmY1KfgZL7d\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003el9/fIwgIPWZYWXTUVVHEpeDmktoNYcK6eTMkMWW96b9k/A0J3rzoeZf3LbdMB9qQ\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVvyuSLlpkMgWEBUxSmi8/XUst13Ak6lbO8WQEGOlbRw14WL3h/a8Qkx4Sh8ux6si\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAYAYi0yOtSHAPnjbrMTMFZSmgzuG/Rn5ReYjv4cIXt0xPuIId6ppuub9Yu3p9GZE\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ejq3cxs2SseUOYktgRgw7CXkg2iMdQwX0tju0ESKluAu9whD32dr+dVeHYipXzWrq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eToQ5plIoXZFNEfBliSnksF74AJfiOcpBJ0RofkpAECEUhQARAQABiQJHBCgBAgAx\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eBQJU6KhRKh0CT3JpZ2luYWwga2V5IG1hdGVyaWFsIGxvc3QuIEZhY2VwYWxtLi4u\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eLgAKCRB1qQRv1aG4rpztD/4xqhxwebzfBV+Z6ywNY4beSvvub10lR1UUr+XO4blr\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eUUBlXJsVNt22t0BgWAgFvQulbpBGUHANQ2aZei8NTN2grFxySRqHe+YZrtR4W3cB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eU6TuFq5F0QfJ2hIBANZoPBNCwTBaypqASfEghdRZMdSNfS08NqUZdnQfnNSq5cY7\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRQ5Ez9RoDA/k8udwVd/+VaSBhcB/HL+/cqKuwvc6ucauEooMsdykCs/szWmFH16j\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003elc6XxPIUKyjByFoeW4lvI1wc7NQjGh+Q05TT7+ByAgRXwvE0q4yPrMaHPQhGB+1o\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eT96RELuwqlFT1avPfzSU+oG10ewFibfkJZKK7bwxpsbYIFgpPVPaFR5NT0f/HPul\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eFaX4kD3AVI6bTOIKE2Sa38glRnVpPUFFZHzwUago4wbZGHlGTV4KA2HDj/TenLRf\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e513ZNUr9jERbj8dLAaY9MsYUnzySZVkkY6468E0sbNqk1nPyQr05pRcSqZc+NEu8\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e+ph8OvdTnqNJKQhPMQcfCrc0RbeyjsJ65CEWto0W+4YiiqCnVQVyHtn04wwZrnH7\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e/jmF1nCTWEgkJC8VhsbBegu58PzGX3nhtF8xs/W8/2ru51+1VjibI125N9YGZrGq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003exB7xPTLh9Aa0GwO5luoVo4vAJWiCIyulQSlGtYV1kM00G6fYtcxybNdJAsezpxJK\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e+4kDRAQYAQIADwUCVLNC9wIbAgUJAeEzgAEpCRB1qQRv1aG4rsBdIAQZAQIABgUC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVLNC9wAKCRAmBd1Xa2fmE7geB/9FDPlU6e9vuMtbJHT0MDUDFRSRINdB/9D0syAN\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003exRZrssXLkVgdc2G7nzoHPQLXfMBEM9RETMnh7+iRh8LLk1Py8Pmoqg6GfXefpdjX\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eXuHZxrMkPAoYUzrfb08hOe4B8HFnXdeHJU5V+SpUlvNiSPpRqApfY8KlbXAOKOvh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSPEA7yPXuOIKjj+HbcZXXGJtaptcplIISoXOMFVek6oeOVL5lCJpPhsboBM+WRx8\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003egp1NyKlCs2EsUaQ7bsMYD7szAodUmA8WFAgbw5FGtWhdVECprjfi+VmRMToIueta\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euxeIU+WlxMcPAmTLUw+gi+bkeZWAxgeBZglBxoS7uuVSVdrL+AIP/RUhphwWSS4Z\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e6mp1Rd/+XqaBzfXwTwwZDmT0giQzn9q8UWBlU4P7ZkaYUEUZzg/DjBb6EjA/Nirm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePBX6+iI1MhKyS38xQX36rRMXPzjjOskqCeh6Mw1SQRnAAqXgS5jLDkZC5EesgAHX\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003egRFzGx/CgLh6svj/OhNSXLS4ZayDhryquwDuA8QFf6Z3s5ZTSOxKmqu8Ix91g5RI\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eqx8dXw2ulua36WT+y1cO4IJ+w0fmr+VAxXHUspDpqFv1Zw8MaoLcr2LKo10Vnmrm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e7W5II4ELTjrAX0HyaXg6f6aRjPBdcosmSfyWrGTOupu+6mYQVDMuow6MrgTxlGu/\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDl26RiDo2Z6PyzVeDgWIyUTzgNsaODsgkY7LjuU9GUtmsbQaT/7H6QuC6hlgfFJw\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ez41nhhZVHkpHhVBiusJnbvNIa5NYz2IcGEmXgKxNQI/hYnlkAl2+gUhlbEMW+kCb\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCq1HSiGV1Yits4snCymrFxFR6si+OPziZSJIj+q0HfMTLl9MLi81CS9TJxaOAu6l\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAHypFAv4+qpTpPv2YIZlT0u+r/i1Zg2+2d3Tf5lcqHaZhDCBJwWKxKau+hshE+gf\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHe/jowgi5r5Yl5ZLeDGs60kVWv4UfeXPqn38Rnq5HX716iKfVNY+FRrBwtcip8DQ\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ey5xx2pSszNyU+GbNS57mT+SfdjACuidsuQENBFSzQzABCADJp/PGkWj3Ont0I7Q+\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eJkSI6GYMxBIYB/I6llaP2517pJ2AixUxSXJcDreHlYJ7bKdUiRocBIhO7XL1ZYSw\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e1mlFoPaSl+QuHjcXTQ4GxewSTv1aZOyjd3Tyo70ghEB4QlhV66Q9+v8ZlW+hJrNB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eO62vpqFaupp/dtSm0ItP6oUrQ1xui14mLWZf0LzKA+yDm2xykRxpCme+mvzoLpdC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eTRHo3Y3DLp9tpIp3+LGPwK4SA3O/DXsjh3slauf05YgXGhnzodz0QguesPK2eOGM\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCKJ85ErUA1YROlBP3HG28yK1aZTmBSiolcghSg24W8O7jZIy05iKUpIx/umRK7tV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e44rhABEBAAGJAiUEGAECAA8FAlSzQzACGwwFCQHhM4AACgkQdakEb9WhuK6soQ//\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSwdYwgseFegVOZ/VnyMrsm4GW6SuIqMIo+tqhEFdvq6TLr7MoioO3I91Cl0nU51d\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eONWvSmMQ0aSWYqD00YanrMG/BdIov+/zxVEN2SjHwocvbFVhuwE6M8+1ufO5GizP\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e/L0jvXFsUjJd9RfjqOKCfscoRLFxPj935J+QDkvr4XqTt0DsRmdghmHrCmZ/AXYt\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003erFdfkm0d+0DNnKt7ixcyYEvhXmcEbJPbXHyoKHUuvaN6eglc6HnxVVULAazhAluV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003em52o9/jyQMlT7y3rDS8+ZXUCSVHQDb4qcJH38KTGCXukJYFiFf3lWeqrdhT5NANv\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e+DxCw5F+9vv57rbzdUlS31P5OR+KcUNEkSfnCPDwMY5cJCe/ykrYkGX/rNSUGCNn\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eJvRVYAZLj3MxDcd5J9TKGn7dwKNn1s8hBOXHUMvW7YGR17u1fEVpbd9+fJSWCQMp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ekby/F58Ozpcch5vMSj/9ddXtFCs9twlsGStnvz0UcDAci02Ux5j/Vmk1R6/MIqUK\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDasw/mEJs3dRGcWPlg7n8ZgpzHiLnbutpEjqmfW+CCUlmElpS27WOxzW4rF+/m/n\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eJIp8biIwKl5Pz726TWAofD/vjD2u+li4MGe199xnlb0/CDTrvirZ4rTLY/fmUtK7\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eU/B1+c3Hr2EXU4C9BWzg5H7g9QPFa92llUOKCT1SoK6JAkcEKAECADEFAlToqFgq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHQJPcmlnaW5hbCBrZXkgbWF0ZXJpYWwgbG9zdC4gRmFjZXBhbG0uLi4uAAoJEHWp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eBG/Vobiu7aIQAJJPw5IVSG8pMfi3TON2st3GK2moFrw9QrlI/iTISnahnmh+igl/\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eQL8HFdIi500yQOmgxzqJKlV8aPedw823SCkKYZPEvOK39Gfpds49/khObPbuk7vz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecjPSI1RisPvZmBfqVy/mH0EMbwGswdYJUNqK1QZEkXLhiXHahG2GfOkE/S38RbOV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ekGevVSvbixMvDShU0OI9Ayw402sWMKG/flgH72mQ8vSDHxXMKn9tNDbq+ufrGD4/\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eopeOzVbnYIvuJZhWaQw7FTacztisEmq50E6R1sxLpFX+D52FpJoFv/c6ONCV/+Wt\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eNQ+QIUtJbYysJ3YvD2tLW2kA6+XDjwt0Go1GVaLiTVXy12ZEt6LX6cdpDNh6dSoz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etiirE2SXDY8v2t7P4PundkFdA/MAgSwO/Pmbs2+0aV1CDDN5A2qoqziF2dG91IDQ\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eeaS4UCxmoAgyS/xk5i/7MRc8jbPVV7mP3SQXREctNnQycjwgDAflQLLBCfUOBp16\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eWh1MPW7qaFl5cOGaUrVzUsFFezUOWp3Z3/iiKH2fYZL2EO7EicYVEqQ9+GWastJb\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003erlNSUhY3xcCUc7ELUOPanANfZrWDZ2/aRtdIqMHy9jlMsq8/SptLvw57pOnL2Obr\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ekd5bgvj/gYK+cXW6DF+W6ROOHvjrI5vcTPY940q/5DTAeckWKr7zEXfJuQENBFSz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eXcMBCAC1hpUZjpmmPSPzr58mgELbV8unfXtJiulMMjaMs4qAuodxHfHz3Avuw509\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efSsj/x8owgrPUPuyXHe6AfIs3udcUFPzboNsTYMhYXdQJw8GnoXxg8rTX/BeQxX/\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eIZYUYtKbbNjzJq8PYHFjOJHYNonaIuM7jW5IrqBaE1DnlQXGcuenJDeeeQC8kOZN\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCvRc7FyT3lNxB7xXhPXLqmb7liZZNr1nqKSdwQZaMNezliucUPcGrnQoahIVtu1Z\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eZzh+2TRNi58TaTKy0FMRkKvU4bq3azatPI4kvNTVv1bHZ2krKy9Rmj86fJBCwLlo\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e7vNB1A86FaariSjWZsEIFAzpHpX3ABEBAAGJAiUEGAECAA8FAlSzXcMCGyAFCQHh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eM4AACgkQdakEb9WhuK6c3w//W4KaUafaibNkwp82bf0XL6AtYSQIAaJWZqx5PmDG\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eEuftKvYd+6l4PwJn1JKXDmdwCZ7E5gqVTc9uWRfOmLpwnYvzrrK9Fs3OQpti0Wsm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euF+GjxEue9BzamdVOgzHCd2ykMnAIKZU3TTtrBxkjB1ZytyDuCoWDAP24lT6uQn9\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emzroEVltYEq75WsqnooSjpc0ZxBSq8rxaFY7Knnl78g9G2P8R2fDSwMgljxwgbB3\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRDSvGSIj1Rb2OEOprlpWoBrFmR3iA5zg4GcbL+lRr3bTV3zCkNdLJ41NterFrm3L\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ebh+6TX6YOXpz8l/wT2vIuiGvNe3m9728SLPZl3v/V0A2y340ZtWLVB5EL3XD88de\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eGvF4D1a4ulIo7K8V0XDtKS6LEsGYBSaw9gE5Rx85OexP9EYhyrh1RRZz1W0wX13V\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003elFsn44dKE1kLnThR4MbPRpE0Z/0WE9j7umrHzehFLO1oARCWlFKxjKtonSju0MAY\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHIxNImOYuVIsxJscJHDy009tnIKaxTlevXKHmEU9sUHSoNzhANjmR83fnh8hTmgr\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eZwQINj/7BrcHtgeLHFzXe90MwGvRrlgGRrbc9GwtlBwtjAzcb+vxatXHEwGiwICs\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eo/+oxjPi+XI4KxxyQxZ4464e9cPowf+GoTFXwp7LcsK7Um5AY5QtuiZWWKVqWZAm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ebweJAkYEKAECADEFAlToqFkqHQJPcmlnaW5hbCBrZXkgbWF0ZXJpYWwgbG9zdC4g\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRmFjZXBhbG0uLi4uAAoJEHWpBG/VobiuE7MP93ATTJFqq2JRNJsajicdpwbGuOnm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e9GuX5d+pNR7njcsxLYwa2aWrRAWh74/o4/61Grr5vHQbJaQSGG20EmMgIqLi8cUM\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ekNMM3GNjTYy/D3hoA5L/uW3RTNYUBOflEIodjpLEw5Iho5Sin03z5uitkZQhJpJA\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euovzu1QwYYNwRHrVjdkZ/w4dhkeEnkMTb+D5Oc1bUIeIqPIMjs6KlXXqxx+KhHaF\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euzgg4FEbk/Xq9i69+6vQ/vauH1giQCk/d0LQcM/ewn0nEaF2JQkPWDx1wCZcccQ8\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecBCQlV9DIsw8S7cNztizhqx3hzy/a8W7V3i6EY9Lyozp+o79cq+vCKyfg/lkbnj6\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecU+B2V4WkrE5rd+hOA3OetM/+AOOdXloBC7kAb7qrl+HlvSwepQ8SuPuLiaE270f\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eEPDI698HXQiAHTOLwANeirOTBzx5V7NMjxufGaKQoyHg82uSn6bwqZEeUX4ibZ6y\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003esWJRUG9VnbMO23/peT+eE0W4B/xr/Ytxiu6M/pifvq13RXFetZm87y7WXWfOD/2a\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e84RGRf/c2DOw8wOKw/9hT7WbqgCpbU0L4PuwfzYmG/EO/ENT0YODhNcBju5fc2JP\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e8dIOgnT5zrIAuWRpSSh65xUQPO6HDRVcLLfT9Q11LQIm7hR1W8wuOFZf7pFYSN0q\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ebN5X1O/09Ln/KFm5AQ0EVOioXwEIAMIs4joBabeUbK9CNT+/Ov122tme06r0u8hI\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eLzDOxynqonnu8jODFXVXZeYoLzfpqdhOmOzIk9/N5ne6z+9KPXeU9lw3hRLDpbhH\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e4EiOpQmsKG7LAzF179fsvvuPMMF4ejI2q/woXpy197FeUQMmeS+o93aWqldmLCkh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003elkJETAi39QVQmtzZpxIGf8hm0cvUIow41tFKsMyfiwN9ZV2AToKR4DhgXVYnAmZS\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e0s8IeuDtA1y4N95LyuSO/CBGEkt+xSG0EsQJ0fMWxAIZvdM/+IBXmICsPMi4jg04\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e0NPDgidH6KZ7LxWPhLJF14vmBiOpdAWROTZo20DeNO77sBXy1rcAEQEAAYkDRAQY\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAQIADwUCVOioXwIbAgUJAeEzgAEpCRB1qQRv1aG4rsBdIAQZAQIABgUCVOioXwAK\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCRCrScAwoNhzIX8lCACYS/+fn6WmuykSLIcX2D3iFiEPi2krJnkguvhbzCIDaE0T\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMBFnVruyPFf2mpi5n2oXYA7/3w9exqjEZGzFHP05TZaHpxBSY9Lv1zYog/qUTYJY\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eubbqj3KOAou6gqkiEI9Q8faMUREVsLA269m/0K2Aq9COA8QEKb89UCdB2J1962JJ\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003et2qzu7+9ju8rHW8QrG66KxnoZu68F/okM8bxEOXhIDDCmsBYfOpicV41x150NSwW\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eBFbIAu2DdzNGlEEFNf5v68dQgHGLqrX03sxq9uEJ+SHJJP31fpmVYXQTVgToC3s4\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eoD8P8ITvoJGaeyuuU7h1xms3UvWL2TccCHY7LU/EOngP/0TweKs9s8GiEuRA0kaj\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eT4uIdatg3YLhWUkZ9dYEGDnePFQNiAbnTTavOCJ7KI38eeUwHMkL6UD1K6K948Wt\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ezSkijiUDliBdXcXbdhnYPpS6k13E682kaqlHckVvND1EMyIv9p5aEO/7DDO1Rznj\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eztGqGt2mXra3zPP0ABvp1OMn3pHMHytWf/dThmaa5KYe8l+ZR13TjxCj1+zzMnvs\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003exofQNod5RoO2eDdHyv6opI6d+Mzarf/jhHrdgZP0A1PPI6jqddzSfTPciCmO37g7\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eO+SoXlo98l99D9yiNsf+cueGurqq79qD8rH0/mMSuwYcHjjaQCo9svP2vkRQPuJT\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eb4E8ZJGthub/yYHn4KjUULTMd3dyxVNEEzwAL46HKXR8c+eaCTmcTmItblmhPIO4\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e3vinn8CsMcFss3gwl5BsFyef1kcOfQ8nvQXcf9YLWUxHwhbGosX3Qj+F6DIhQe2t\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ezsUMjHPjBV+x27no+1kySBkMP1BX/qeQamd1BxKSIwVEEsJ35GSYfSiCadSKz0e0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e3lwzjVeIJ1//p7D4DdCJXXn5gZtmAG7qje+3RLuGexV8eMy8i4GdxA9Ca7B7OmEr\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eJ4XUjLAI8TjltqSMzL9I8Abiqomz7YcrvR4z2UqfEAPKaUFT3o+9oACAM+RAw4ts\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ezU+PJi2gXOPIz9+4tS8I6BqOuQENBFToqH8BCADHJMrzdc0aJpnDO+NZFalF0MvY\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eiYTLsHaCoemXfSVKKGBBe0DpvGXmx/9bhgnejqEu/5RDLB4UbSXcZhaGcWIQeTlB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eLOJaUqAP8wQQk7yBf39am9ZnCSUYl8EaXH3Yvy6ap0CRHgwFTZ/lTJxab4VJpV3v\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eH58dtmJnBJuytkMDzVyYNFMZHNI8S/LwLyKKKnZVMvbup3MWIlwJmYYl6zGYyXIt\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euCZPDsY4uLxi+CwS0OTY9TVvFpF2pEMYUEmyGc6LWLEwdf7yNbnplknCHcpTItrT\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMwdUBk4FdOS8O4TtZtWB6M8XxH7QK+ORRQuGXaKte73/44LXz3ylbEFBFiP5ABEB\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAAGJAiUEGAECAA8FAlToqH8CGwwFCQHhM4AACgkQdakEb9WhuK52KhAApIhlWxpm\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAgEGsYS1qKfZDS+s9F2m7wMAJmbTjEgHIQGz7RLO/H0vtUaofB7sr+3qWXFdeNdl\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etEVEiWtui/En8GX/jxT8dRX+tB6gw9wZsITg/zpT6wi4GcVtZb80ggJL/PNeA56a\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eFQAQ2j1LNp+AAa13n9+6xPBZZmDEN3VlbmPh5SE8HQuVmb/7VcMpxF/vcjvwzU9i\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e7FyTvZjgsunADcL8c2tcJbTMr1H6V0T8p0ONSioongzV6zjVqCzbbJcnrTXjs5fg\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eep2QKp4tlrfNs0By8wfNd9CSWS0g5zZZxBAPsJu9ZvRw6YAzDe0YOPIjuh4WWuPM\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eZknMH3Y3CS/AuI7c5PuiwGe5R2rvNWfgyNiGuoflGNo/2UGYlmV9GLNTtojIXyDq\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003er6qYThqIwoZCDKaF1HbkpQIGUm2UWhsChyQ3CHjTa0EFjqaK4ouQf3jQX0FHXhO1\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAN/OqjJF9sDg/Z5Ip1vHvBK11WkpxL+JzUIWOeGLCJ930DPe35F11C4xOGKggk4G\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e0NnZkF3eIeXnzzpO7s60u3voqN7mjoBul50H0xjMp4cpWRc0x0jtN7M7rVx0hM6W\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSI+o+AuizthmTBqPlxQslYIKDD38rJeTTJkE7xcelSa4Ot86/L1tpQwe7yPYbffW\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eBpGjgHybA5H97FlpNRZXHCwbRUYX8o60UwO5AQ0EVOiolAEIAMTidAKjv6icY7TC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eQ21kHxmUV1eflLpZrH7C7B7kmXVLfdeM9MFWLIxOdueZa3cZvdygxL4uBs1cjwrX\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e7ALunTlN9sZVakl7jyA2qQU/LgYbahSrDqkaQ2qqeMfPnhEATn9hv+7U3OfdtnZ6\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSA9Kx2OmtUcbhHbSMjR5ls5OtNE3pBfhwKey2I4sqJfbXfty0QWMOGCFV/zW6LLT\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePrU+rYsWrJDfYhamX/ICIHL/XIlKudXLc4oX8uo8Yqb5TxhsxgeD1N1Sm5ZlgsIg\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eU1cQjCoPyAHkRuFAEh5tFxSaO5pE92Py667vbj8FvtOjHu/eeWD/89lF9rcfpRlc\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eWhcdapcAEQEAAYkCJQQYAQIADwUCVOiolAIbIAUJAeEzgAAKCRB1qQRv1aG4rvPj\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eD/92Dj1wtWduRxDQteg1lPt/Fwo564O67lzknXGyjLqi9UGIc0gzfAA/SjfS1GjK\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAZE4egPFAZDLnPcEfEnASAjH9OB3UXJOCVdQ8eiMl7GJfVuibOXlS/U1iow89v0X\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etCddK2RGx+eNHixXoOcRp5VatJI8V+knFfZaJP1gVh1OHnJGTpQDX0z8H4PJnFgI\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCoS+QBtHjuOATfaqb+ljmZk9AMi0c4piXcL8cO/75wrjH5Q4imeQL0g7KQhoTAuV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAjm4Bd1qQ1yEXMTRL48uvGTCDdUgzrMiD1atDuLfMYlxnVjJMUM7aHZDqwxBFGO+\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e+GMvBDcU/KeC5NZMYeWE4WubM4NyLnU8vYQe2vD4yrJDQj9hegY3uSbfKaNhdXnO\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ev5q1xP3r+7KPf61JNUkTHD9Equlj4lHfiPGJlGATLI9QOrQjNBNratNonhWZ1ySM\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eot+A39hnloc8hqJIIIGM52m+rEJwoe0PDmw4G9WbTLGJPcdoBNAYEr/hOi64Xp8u\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etE/0LOy2ehTZ4GUjsu5j4Of5HEtZGWUb9/ye6Ngu7/NpLjd1a9CvysVoT2wM3A1U\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003egHJ5QJk14s4DlXLjDQe+RW+sQAD6RH5G/8xLelxOJbKD9uzg3xEO/0ZCjLuBi1Sg\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e3VeNi3ekId4dWZiwF0qi9VL/617oz6oYeYPlMFazfYymSQ==\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e=V+iC\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e- -----END PGP PUBLIC KEY BLOCK-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----BEGIN PGP SIGNATURE-----\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVersion: GnuPG v1\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eiQEcBAEBAgAGBQJU6PnNAAoJEKtJwDCg2HMhQ4wH/A/fxoPpQjxhWmLViNAwhe56\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ek+xQPMLI4wAQLGGVSnBgTeU28T+/NU+lS9+F7lNBqTQGWfwgTpe5+KnKzVsdN0nR\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e40sGb8t3/D6u5WH5xxmocyzT4l3OneD8SKqL6tn+G7HkiKLW22sjr5ogmQJ8mA3O\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003einFHQMBogeoMFKLnCfAONpfudyPagsTqxl40wQ5A+L5txEpIWFC5owFJcTBPYXlV\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eytmpJcA0GOqNLQXVIAyq/XZEj19tEThiNJ2PZ6dtV1uQhjeixJIM7PkiawlSW9Do\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e5vHqWcNa88aCpfzdisnXPkLlPITqOFmPyajSyzLA+3HitHSpx+s8EGSero4I9C0=\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e=NWqO\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e-----END PGP SIGNATURE-----\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n" }, { "title": "Notmuch of a mail setup Part 1- mbsync, msmtp and systemd", "date_published": "2015-01-16T21:21:00-05:00", "date_modified": "2024-08-10T22:51:51-04:00", "id": "https://bostonenginerd.com/posts/notmuch-of-a-mail-setup-part-1-mbsync-msmtp-and-systemd/", "url": "https://bostonenginerd.com/posts/notmuch-of-a-mail-setup-part-1-mbsync-msmtp-and-systemd/", "authors": [ { "name": "[BostonEnginerd]" } ], "content_html": "\u003ch2 id=\"overview\"\u003eOverview\u003c/h2\u003e\n\u003cp\u003eSome months back, I discovered the \u003ca href=\"http://notmuchmail.org/\"\u003eNotmuch\u003c/a\u003e\nmail reader. It\u0026rsquo;s a pretty sweet piece of software based on Xapian to\nindex and tag your mail. As of today, the email setup described here has\ndisplaced my Google Apps hosted Gmail for my personal domain. My goal\nhere is to document how I\u0026rsquo;ve setup my mail workflow.\u003c/p\u003e\n\u003cp\u003eAs it says in the name, Notmuch is not much of a mail client. It doesn\u0026rsquo;t\nget any mail, send any mail, or even display any mail. All it does is to\nprovide an interface to a Xapian index for your mail. We need to provide\nother software that will help us handle the other pieces.\u003c/p\u003e\n\u003cp\u003eOn one of my computers I\u0026rsquo;m using Arch Linux. I\u0026rsquo;ve tried just about every\nLinux distribution in the past fourteen years and have found Arch to be\na pretty good sweet spot for a workstation. The distro has stabilized in\nrecent years and a system upgrade seems to be less likely to completely\nbork your computer. I prefer debian stable on the server since it\u0026rsquo;s so\nwell tested. The instructions here might be a bit Arch-Centric. I\u0026rsquo;m\ngoing to discuss sending and receiving mail before discussing how to\nconfigure Notmuch. Sending and receiving mail are critical for just\nabout every GNU/Linux mail client and most of this should be generally\napplicable.\u003c/p\u003e\n\u003ch2 id=\"getting-the-mail\"\u003eGetting the mail\u003c/h2\u003e\n\u003cp\u003eMy mail lives on an IMAP server somewhere in cloud-land. I\u0026rsquo;ve had an\naccount on this machine for several years, but I\u0026rsquo;ve recently forwarded\nall of the mail for my domains to this server. There are several good\nIMAP clients these days that will synchronize the mail from your local\ncomputer with your mail on the IMAP server.\u003c/p\u003e\n\u003cp\u003eAmong the ones that I\u0026rsquo;ve tried in the past are:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://www.fetchmail.info\"\u003eFetchmail\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://pyropus.ca/software/getmail/\"\u003eGetmail\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://offlineimap.org\"\u003eOfflineIMAP\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://isync.sourceforge.net/\"\u003eMBsync\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMy mail setup requires the use of STARTTLS, so Getmail and OfflineIMAP\nare out of the question. They both support STARTTLS, but they\u0026rsquo;re using a\nPython library that doesn\u0026rsquo;t perform any verification of the certificate.\nThis leaves me open to a MITM attack where someone upstream can present\na fake certificate and proxy my traffic. I ended up using MBSync to\nfetch my mail from the server.\u003c/p\u003e\n\u003cp\u003eThe documentation for MBSync is pretty terse, but there\u0026rsquo;s a\n\u003ca href=\"https://wiki.archlinux.org/index.php/Mbsync\"\u003enice page at the\nArchLinux wiki.\u003c/a\u003e. I\u0026rsquo;ve included a configuration file that works for my\nneeds.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e =~/.mbsyncrc= ##\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Address to connect to\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eHost mail.servername.info\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePort 143\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eUser BostonEnginerd\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePassCmd \u0026#34;gnome-keyring-query get servername\\\\_mail\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSSLType starttls\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSSLVersions TLSv1.2\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSystemCertificates no # The following line should work. If get\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ecertificate errors, uncomment the two following lines and read the\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026#34;Troubleshooting\u0026#34; section.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCertificateFile ~/.cert/mail.servername.pem\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eIMAPStore servername-remote\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAccount servername\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMaildirStore servername-local\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# The trailing \u0026#34;/\u0026#34; is important\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePath ~/.mail/servername/\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eInbox ~/.mail/servernamw/Inbox\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eChannel servername\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eMaster :servername-remote:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSlave :servername-local:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePatterns *\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Automatically create missing mailboxes, both locally and on the server\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eCreate Both\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Save the synchronization state files in the relevant directory\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSyncState *\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eYou will need to get the ssl certificate from your server. If it\u0026rsquo;s a\n\u0026ldquo;real\u0026rdquo; SSL certificate signed by a CA, including the CA certificate\nshould be sufficient. If it\u0026rsquo;s self-signed, it\u0026rsquo;s easiest to get the\ncertificate from the server and save it to a file. The commandline\nopenssl command can do that for you:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eopenssl s_client -starttls imap -connect some.imap.server:port -showcerts\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eI just copied and pasted from the \u0026mdash;\u0026mdash;-BEGIN CERTIFICATE\u0026mdash;\u0026ndash; to the\nEND CERTIFICATE line into a file and referred to that in the\nconfiguration.\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;m using the gnome-keyring-daemon to store the mail password so it\u0026rsquo;s\nnot sitting on my hard disk in plaintext. There\u0026rsquo;s a program in the AUR\ncalled \u003ccode\u003egnome-keyring-query\u003c/code\u003e which allows you to interact with the\nkeyring on the command line. The \u003ccode\u003eget\u003c/code\u003e command gets the requested key.\nThere is a \u003ccode\u003eset\u003c/code\u003e command as well for storing a password. One of these\ndays, I might try to setup something that uses a certificate to\nauthenticate the client.\u003c/p\u003e\n\u003ch2 id=\"sending-the-mail\"\u003eSending the Mail\u003c/h2\u003e\n\u003cp\u003eThe second most important thing that a mail client can do is send mail.\nI\u0026rsquo;m using the SMTP server on my host, again using STARTTLS. To send the\nmail, I decided to use a program called \u003ccode\u003emsmtp\u003c/code\u003e which implements a small\nsend-only smtp client. The ArchLinux wiki has a\n\u003ca href=\"https://wiki.archlinux.org/index.php/Mbsync\"\u003enice tutorial on using\nthis also\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eAfter installing msmtp, you need to configure it. A working config file\nis below:\u003c/p\u003e\n\u003ch3 id=\"msmtprc\"\u003e\u003ccode\u003e~/.msmtprc\u003c/code\u003e\u003c/h3\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Set default values for all following accounts.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003edefaults\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etls on\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etls_starttls on\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etls_fingerprint AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003elogfile ~/.msmtp.log\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# A freemail service\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eaccount myserver\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ehost my.server.tld\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eport 9000\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efrom bostonenginerd@myserver\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eauth on\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003euser myname\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003epasswordeval gnome-keyring-query get myserver.smtp\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# A second mail address at the same freemail service\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eaccount myotheraccountname : myserver\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efrom myname@myotherdomain\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e# Set a default account\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eaccount default : myserver\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eI get the TLS fingerprint from the server using the \u003ccode\u003eopenssl s_client\u003c/code\u003e.\nAgain, I\u0026rsquo;m using the gnome-keyring to store the passwords encrypted on\nthe disk.\u003c/p\u003e\n\u003cp\u003eOnce msmtp is working you can send mail when your computer is online.\u003c/p\u003e\n\u003cp\u003eA nice feature would be to queue messages when the network connection is\ndown and send them when you come back online. Fortunately recent\nversions of msmtp come with a queue management script. On Arch, there\nare two included. I\u0026rsquo;m using the one called \u003ccode\u003emsmtpqueue\u003c/code\u003e which includes\nthree scripts - \u003ccode\u003emsmtp-enqueue.sh\u003c/code\u003e, \u003ccode\u003emsmtp-listqueue.sh\u003c/code\u003e and\n\u003ccode\u003emsmtp-runqueue.sh\u003c/code\u003e. These scripts pretty much do what they say. Copy\nthem to somewhere in your path.\u003c/p\u003e\n\u003cp\u003eUsing the scripts requires that you have a directory called\n\u003ccode\u003e~/.msmtpqueue\u003c/code\u003e. The email will be stored in this directory when you use\nthe msmtp-enqueue.sh command in your mail client. To send all the mail,\nyou can use the msmtp-runqueue.sh script when you\u0026rsquo;re connected to the\ninternet. In the past, I\u0026rsquo;ve had problems sending too many messages too\nquickly. If you encounter this, you can put a sleep command in the\nmsmtp-runqueue.sh script.\u003c/p\u003e\n\u003ch2 id=\"sending-and-receiving-automatically\"\u003eSending and Receiving Automatically\u003c/h2\u003e\n\u003cp\u003eNow that we\u0026rsquo;re able to receive and send mail from the command line, it\nwould be good to automate the process. I put together a hacked up script\nthat checks if we\u0026rsquo;re connected to the Internet, sends all of the mail\nsitting in the queue and pulls in new messages. \u003ccode\u003enmcli\u003c/code\u003e interacts with\nthe NetworkManager daemon to query the state of the internet connection.\nPossible answers are \u003ccode\u003enone\u003c/code\u003e, \u003ccode\u003eportal\u003c/code\u003e, \u003ccode\u003elimited\u003c/code\u003e and \u003ccode\u003efull\u003c/code\u003e. We only\nwant to go through the trouble of trying to send messages when we have\nfull connectivity.\u003c/p\u003e\n\u003ch3 id=\"scriptscheckmail.sh\"\u003e\u003ccode\u003e~/scripts/checkmail.sh\u003c/code\u003e\u003c/h3\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e#!/bin/sh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSTATE=`nmcli networking connectivity`\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eif [ $STATE = \u0026#39;full\u0026#39; ]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ethen\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e /usr/local/bin/msmtp-runqueue.sh\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e mbsync -qq accountname\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e exit 0\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003efi\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eecho \u0026#34;No internet connection.\u0026#34;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eexit 0\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eNow that we have this together, it would be awfully nice if my computer\nwould run this script periodically. There are two ways to do this now.\nOne way is to use cron. This is the standard way to accomplish something\nlike this.\u003c/p\u003e\n\u003cp\u003eI thought that I would take the opportunity to play with what seems to\nbe the new init system for major Linux distributions \u0026ndash; systemd. I\nhaven\u0026rsquo;t really been following all the drama surrounding this project,\nbut it\u0026rsquo;s the new init system for Arch, Debian and Fedora. I\u0026rsquo;ve noticed\nthat computers with systemd tend to boot substantially faster than the\ninitV based systems. I was inspired to do this based on a blog post that\n\u003ca href=\"http://joeyh.name/blog/entry/a_programmable_alarm_clock_using_systemd/\"\u003eJoey\nHess\u003c/a\u003e wrote to document building himself an alarm clock with systemd.\u003c/p\u003e\n\u003cp\u003eI wanted to check for new mail and send old mail every fifteen minutes.\nTo do this requires that I create two files \u003ccode\u003echeckmail.service\u003c/code\u003e and\n\u003ccode\u003echeckmail.timer\u003c/code\u003e in the \u003ccode\u003e~/.config/systemd/user\u003c/code\u003e directory.\u003c/p\u003e\n\u003ch3 id=\"checkmail.service\"\u003e\u003ccode\u003echeckmail.service\u003c/code\u003e\u003c/h3\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Unit]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDescription=check mail\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRefuseManualStart=no\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRefuseManualStop=yes\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Service]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eType=oneshot\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eExecStart=/home/bostonenginerd/scripts/checkmail.sh\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eThis file defines what the service does. \u003ccode\u003eType=oneshot\u003c/code\u003e indicates that\nthis is not a daemon and will just run and exit. Setting the\n\u003ccode\u003eRefuseManualStop=yes\u003c/code\u003e variable will make \u003ccode\u003esystemctl\u003c/code\u003e unable to stop the\nservice. In this case, that\u0026rsquo;s fine because the script will teriminate\nwhen it\u0026rsquo;s done running. Now we need to setup the schedule for running\nthe job.\u003c/p\u003e\n\u003ch3 id=\"checkmail.timer\"\u003e\u003ccode\u003echeckmail.timer\u003c/code\u003e\u003c/h3\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-text\" data-lang=\"text\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Unit]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDescription=Check Mail every fifteen minutes\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRefuseManualStart=no\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eRefuseManualStop=no\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Timer]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ePersistent=false\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eOnBootSec= 5min\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eOnUnitActiveSec= 15min\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eUnit=checkmail.service\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[Install]\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eWantedBy=default.target\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003cp\u003eIn this file, we\u0026rsquo;re setting \u003ccode\u003eRefuseManualStop=no\u003c/code\u003e because this will be a\nlong running service which we will can terminate at some point. In the\n\u003ccode\u003e[Timer]\u003c/code\u003e section, we set \u003ccode\u003eOnBootSec\u003c/code\u003e to five minutes. This means that\nthe checkmail.service job will not run until five minutes after the\ncomputer boots up. I put this in to wait some time for a network\nconnection to come up before trying to get the mail. The\n\u003ccode\u003eOnUnitActiveSec\u003c/code\u003e variable control the time delay in between repeats of\nthe job. Here it\u0026rsquo;s set to 15 minutes, but could be set for any interval.\u003c/p\u003e\n\u003cp\u003eTo start the timer, you should type\n\u003ccode\u003esystemctl --user start checkmail.timer\u003c/code\u003e. Using the command\n\u003ccode\u003esystemctl --user status checkmail.timer\u003c/code\u003e will allow you to see if the\ntimer was successfully started. To start the timer automatically, issue\nthe \u003ccode\u003esystemctl --user start checkmail.timer\u003c/code\u003e command.\u003c/p\u003e\n\u003cp\u003eAnother neat command is \u003ccode\u003esystemctl --user list-timers\u003c/code\u003e. This will list\nall of the timers that you have active and how long until they\u0026rsquo;re\ntriggered again. Neat stuff. Systemd is pretty clever.\u003c/p\u003e\n\u003cp\u003eIdeally we could simplify our script and add a systemd dependency to the\nservice that requires that the internet be active before running the\nscript. I\u0026rsquo;d love to hear any ideas on how to do that, or how to do this\nmore efficiently.\u003c/p\u003e\n\u003ch2 id=\"end-part-1\"\u003eEnd Part 1\u003c/h2\u003e\n\u003cp\u003eI\u0026rsquo;ll finish up the Notmuch specific portions of my email setup at a\nlater date.\u003c/p\u003e\n" } ] }