A Trip to the Coast

We took an extended-weekend trip out to the northern California coast last weekend.  We left Wednesday afternoon (April 5) and headed out to the Red Lion Hotel in Eureka.  We got in a little late so it was straight to bed the first night.

On Thursday we headed out to the Elk River Trailhead & Old Town of Falk Walking Tour to take the ~2 mile round-trip path out to what I was led to believe was a ghost town.  But, at least as far as we could see from the trail, there really isn't anything to see left of the old logging town.  You can see some of the remnants of the old caretaker's house from the 1970's, but that's about it.

Though the goal of the hike was a bit of a letdown, I really liked the quiet of walking through the redwood forest with mostly nobody else around.

After our hike we headed to the Loleta Cheese Factory (not to be confused with the Cheesecake Factory restaurant).  They had already completed their cheese production for the week so we didn't get to see any being made, but we had lunch at their grilled-cheese bar and then completed their garden scavenger hunt.

We bought some cheese to bring home and then headed back to the hotel.  For dinner we walked across the street to the China Buffet.  Corinne was happy to have a plate of green beans and honeydew.

On Friday we got up and headed out to the Samoa Cookhouse for breakfast.  They claim to be the last operating cookhouse (from the logging days).  They have a daily-changing, set, all-you-can-eat menu served at communal tables.  We had pancakes, eggs, sausage, orange juice, and biscuits with gravy.

We needed to fill up for our drive up north.  Our first stop was at Trees of Mystery and stereotypical tourist trap, but with the unique draw of gondola rides through the redwood forest.  We were thwarted in this plan due to a power outage and the gondolas weren't running.  So we kept on driving up to Crescent City to see the Battery Point Lighthouse.

The road up to Crescent City from Eureka (US 101) seems to have suffered some damage from California's rain this year.  Several sections were down to one lane due to landslides, with construction going on to rebuild the lost roadways.

Here the stormy weather made for a much more interesting visit.  You can see a wave crashing over the far side of the cliff upon which the lighthouse sits.  It's an operating lighthouse with a 24/7 staff.  Its cliff is an island during all but low-tide and when low-tide aligns with midday they offer tours.

We got there a little early for the tour, so we headed to the Apple Peddler for lunch where we narrowly avoided getting caught out in an impressive hailstorm.  After lunch we headed back to the lighthouse for a tour.

The stormy sea made for some moody pictures I really like:

I would have taken more long exposure pictures of the waves, but I didn't bring my tripod, so I took a few by setting my glove down on some seaweed on a rock and putting the camera on that.  This rather limited my subject options.

On the way back from Crescent City we tried Trees of Mystery again, but the power was still out.  However, I snapped this picture from the parking lot.

Dinner was at Marcelli's Pizzeria.

Saturday morning we got up and had breakfast/lunch at Kristina's Restaurant before heading out to Trinidad State Beach.  Our GPS unit doesn't understand where that is and attempted to kill us.  It wanted me to drive down some steep, dark, dirt/mud, little one-lane road. I vetoed that option and Jess used her phone to find our way to actual beach access.

I call this "Heather versus the ocean"

After the beach we ate at the Lighthouse Grill in Trinidad and then headed back in to Eureka to get dessert at Vampire Penguin (shaved snow sundaes).

On Sunday we packed up and headed on the road back towards home.  We drove through Avenue of the Giants where I snapped this picture:

Then we stopped off at Chandelier Tree to see if I could squeeze the van through a tree.  We managed to squeak through but not much room to spare.

Heather and Corinne desperately needed to get out of the van and run around for a bit, so we stayed at the tree for a little while.  Heather explored the meadow and Corinne played with the gravel.

Then it was back in the van until we managed to find a Taco Bell for a quick dinner before pushing on home.

Facebook's Image Recognition/Tagging System

I've noticed recently that Facebook has been applying an automatic image recognition/tagging process to any pictures that are uploaded to their system.  The general idea is to get a computer to "understand" what's in a picture.

In Facebook's case, images are given a textual description automatically which is used to provide meta-data that can be accessed by screen-readers (used by the visually impaired when using computers).  This isn't about facial recognition (though Facebook is doing that as well).

For example, I came across this picture from a friend of mine:

Which Facebook's artificial intelligence system automatically tagged with this information:

Image may contain: sky, twilight, outdoor and nature

Automatic image tagging/recognition has been a popular field of research, but this is the first time I've seen it actually used in a production system for something useful.

It's pretty good too.  Here's one of interest to the Dickerson family at large:

Which Facebook automatically describes as:

Image may contain: 8 people, people smiling, people standing and indoor

I just found that interesting.  That's all.

Who's waging war against HTTPS?

In April 2016, Let's Encrypt went live.  Let's Encrypt is a group making it significantly easier to encrypt web traffic.  Some entity seems to have begun waging a war of public opinion against them.

Previous to their existence conveniently securing web traffic meant paying money to a company which would then provide you with a "certificate" for your website.  Servers and browsers use these certificates to create a secure communication path between them.  This secure path (denoted by URLs starting with "https://" rather than "http://") prevents entities between your computer and the website from seeing or altering the data being sent to and from the website.

Because of the cost and inconvenience many websites used unsecured connections.  However, places like banks, shopping, and healthcare providers have pretty much always used secure connections.  It took a few years but eventually social media websites began using secure connections by default as well.

Before Let's Encrypt, millions of websites only had their content available via unsecured communications.  For many people, like myself, running websites without any goal of making money from them the expense and hassle of certificates wasn't worth it.  Now, my websites are all available through secured connections, for free, thanks to Let's Encrypt.  (To be clear, many websites still haven't taken advantage of this service yet, but they at least have the option now.)

But, if banks and such use secure connections anyway, why do we care about Let's Encrypt, should I care if "someone" can see that I'm reading this blog post?

Maybe.

On March 28 Congress voted to repeal FCC regulations that prevented your Internet Service Provider (ISP) from spying on your web traffic and using that information to their financial benefit.  The regulations also prevented ISPs from altering your web traffic for similar purposes (e.g., injecting ads into a webpage when you view it).

Maybe you don't care if Comcast, or AT&T, or Verizon knows you like to knit and shop at JoAnn's Fabrics.  But maybe you'd be concerned if they started selling information to other companies about you visiting cancer treatment websites, or rape support groups, or divorce attorneys, or any number of kinds of sensitive information.

Using encrypted connections doesn't solve this problem entirely, but it makes the information available to your ISP a lot less useful.  For example, your ISP would still be able to tell you're looking at Amazon.com, but they wouldn't be able to tell if you're looking at knitting needles or books about infertility treatments.

Regardless of your stance, someone seems to be working hard to turn public opinion against Let's Encrypt and again make it harder to encrypt web traffic.  Articles like this one: "14,766 Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites" have been showing up all over the Internet recently, all making similar claims that it is Let's Encrypt's fault that people are falling for fake PayPal scam websites.

I don't think it's actually PayPal behind these articles, because this problem is nothing new, but the concerted, direct attack on Let's Encrypt is new.

Let's Encrypt does not verify the identity of the person requesting a certificate (which other certificate providers will do for steep fees, $300+ per year, these "verified" certificates are significantly different than the "non-verified" certificates issued by Let's Encrypt).  Instead Let's Encrypt verifies that you control the website for which you're requesting a certificate, slightly different.

The argument made by these articles is that now someone can get _a_ certificate for "paypall.com" and people will think that the green lock icon on their browser means they're connected to "paypal.com" instead.  Which it doesn't and never has.  The "verified" certificates show up differently in your browser.  For example, on this blog you'll see something like this:

With a "verified" certificate you'll instead see something like this:

This indicates that the company issuing the certificate verified that the company requesting the certificate is "PayPal, Inc." and the certificate is for "paypal.com".

The articles want you believe Let's Encrypt is somehow at fault if people end up at "paypall.com" with a green lock and think it's "paypal.com".  Let's Encrypt isn't providing "verified" certificates or trying to solve that problem.  The problem they're trying to solve is that too much web traffic is unencrypted by default because certificates were expensive and inconvenient.

Someone with a vested interest in being able to read and/or modify your web traffic has been working really hard to get these articles out and make it look like some kind of "public safety" issue.

I have no idea who that entity may be, but it's making me really annoyed.  Let's Encrypt is a good thing for anyone that thinks that their Internet communications should be private by default.

Update 3/31: Engadget just ran one of the attack pieces too: "When the 'S' in HTTPS also stands for shady".  Which is the most mainstream source running these articles that I've seen thus far.

To be completely clear, when a URL starts with HTTPS it only means that your connection is encrypted between your computer and the website--it has never meant anything about who is running the website is or whether the website operator is trustworthy.

Corinne's 2nd Birthday!

Corinne turned 2 yesterday.  The night before, she decided sleep was for the weak and stayed up 4 hours past her bedtime.  She was happy as could be, but she needed to be asleep.  The consequences were felt the next day.

Also, being St. Patrick's Day, Heather had special activities at school and was totally worn out by the time she got home.  (She did not manage to catch any leprechauns either at home or at school.)

Corinne doesn't seem to have a favorite food other than grabbers, so we tried Chick-fil-A for dinner.  She wasn't interested in any of the food.  She did have fun wandering around the restaurant though.

So then it was home for presents and cake.  She very much enjoyed opening presents.

(FYI: If you know kids that like My Little Pony Friendship is Magic, seasons 1-3 are only $12 each on Amazon; which is not only reasonable, but a good price, especially for a kids' show where the norm seems to be to gouge.)

But things went downhill when we started singing Happy Birthday.

And Heather was saddened by the whole thing too:

Corinne's been sick on and off since Christmas.  This week she got her third ear-infection diagnosis in that time frame.  Hopefully her future birthdays are a little healthier and more enjoyable.

A Hike up Brushy Peak

I went for a hike at Brushy Peak Regional Preserve today.  Water is still just coming out of the hills and turning trails into mud, but it was only a few places that were really bad.  I made it about 3.5 miles before I couldn't keep my feet dry anymore.  Luckily, I only had another half mile to go so I didn't end up with massive blisters.  But my shoes were covered with mud.

The path runs through cattle grazing land up in the hills above Livermore.  I started taking pictures of the cows.  They became quite interested in me and started forming a circle around me.  I was getting a little concerned, but they shooed away when I got up to leave.

Several times I came across a few cows just hanging out on the path daring you to approach them.

I started on the West Loop Trail and then transferred to the Brushy Peak Trail where I found a copse of trees growing around the stream as it tumbled down the hill.  So I took a rest and then pulled out my tripod to take some more "smooth" water pictures.

Once I packed up and got moving again I reached the highest part of the path (it doesn't actually go to the peak as far as I could tell).  Some nice views of Livermore from up in the hills, especially while everything is still green.

Then it was down again and through the mud to get back to the parking lot.  I hiked a little over 4 miles and it took me about 4 hours.  I wasn't intending to hike that far or be out that long, but there weren't a lot of options for trails and hiking a trail and then just turning around is lame.  My legs are going to be sore tomorrow though.  Surprisingly I don't seem to have a sunburn.