You know the drill: This blog is a virtual office for my ministry. I can’t do everything, so some things are excluded by necessity. I’m only human. By the same token, you need not buy into everything you see here.
But virtual space is surely different from meat space, despite the use of metaphors. A primary example is that I only have to write a book one time; it can be multiplied endlessly, in effect. The cost of the resources required to make virtual copies is minuscule by comparison to that of physical copies. And a thousand of you can crowd into my virtual space all at once and nobody has to smell anybody else.
Paul was accused of being harsh and dictatorial in his letters, but wimpy and unimpressive in person. Near as we can tell, Paul had no charisma or charm in the flesh. I suspect this was his “thorn in the flesh.” His written persona and fleshly persona appeared as two entirely different people unless you got to know him well. Just so, my physical presence might bear little resemblance to the impression of me you get here on this blog. Most people who read my nerdy computer stuff are shocked by my very un-nerdy physical presence. You’d have to know me rather well to see the consistency.
This reflects the nature of my calling. I decry activism until it comes to the question of Open Access. Even then I’m not so much an activist as a practicioner. Most activism is religion-in-effect. In my case, religion controls the type and extent of activism I engage. I’ll support your publication of hatred for my religion because I have nothing to lose by Open Access, and everything to gain. In my religion, I don’t set the boundaries of membership and I don’t even imagine I can change anyone’s mind. God handles those things. I’m just along for the ride. I make noise because I can’t be silent, but I have no interest in silencing anyone else.
So I write nerdy computer stuff as an expression of my mission in virtual space. You can ignore that stuff. Alternatively, feel free to ignore the religious stuff and read my technology posts. Take what you can use. But I don’t confuse methods and means with the mission. My religion demands Open Access in the virtual context.
Scripture did not anticipate digital content. However, it does address itself to oppression and limits to governing authority. God sets my domain. What He does not place in my hands is not mine to control. The godly flavor and feel of dominion is determined by the context of the Bible narrative, not our current civilization and social structure. It was necessary for me to write several books trying to explain just how different that is, so I’ll simply note the fact itself here. What most people associate with godly dominion is nothing like God’s character. I am required to operate by what I know of His character, and it does not permit the kind of controls commonly used by governments and businesses. The biblical concept of property ownership is radically different from that of Western Civilization.
In essence, the issue is unjustly exernalizing the costs of your convenience. “Love your neighbor as yourself,” Jesus said. The nature of the Internet is that everyone and everything is all one level. Once access is granted, all participants are equal in certain ways. Influence and power is voluntarily granted in the minds of humans to other folks, but the Internet knows no such thing. You can control specific access to your machine, but not to anything digitized and sent over the Net.
If you can encrypt it, fine. If you can control access to the decryption keys, fine. You and I know that private stuff between few parties is pretty easy to keep private that way. If you intend to manage access for a much wider audience, it breaks down quickly. That’s reality, but it also reflects a deeper moral principle of God’s character — covenant boundaries. Our world refuses to recognize covenants, but God enforces them anyway. God can rewrite covenants; you aren’t God. Once a covenant is established, it binds all parties except God (though He has been known to bind Himself voluntarily). Private sharing between a few is one kind of covenant. Attempts to sell access violates covenant principle, because God does not permit cash-based covenants.
Covenants are personal in nature. If we are not bound together before God in covenant, then there is no covenant. Contracts don’t qualify. Depersonalizing something makes it also inherently dehumanizing, and God hates that. So attempts to sell keys for decryption and related restricitons on digital data are damned. Attempts to control how data is used once released outside very personal boundaries is an abomination to God. It’s not about the technology, nor the money, but God is looking at the personal factor.
So, for example, if my server transmits something to your computer for display in a browser, God condemns any effort to keep you from saving a copy once the digital content is on your machine. As far as God is concerned, the digital content has entered your domain and you can do what you like with it. Any controls I attempt to assert is evil, and your attempts to circumvent are holy, to state it in the simplest terms. And if I write crappy software controls on my server that you can circumvent to access something, it is evil to make laws in meat space that punish you for it. Once that computer is on the Net, it’s entirely on me to protect the content from your snooping.
By the same token, demanding you submit personal private information for digitization puts on me a very high burden to protect your privacy. If I fail, I am culpable for all losses you suffer; I have in effect become partners with the snoops. Cracking is not immoral in itself. It is just a question of technology. If governments can engage in electronic snooping and sabotaging your system, it is morally legitimate for anyone else. In other words, meat space authority cannot be forced upon the virtual space without bringing God’s wrath.
And we have no business claiming some inherent “right” to digital privacy that excludes attempts by government agencies to access that data. If you did manage to agitate until Congress made laws to stop the NSA from planting spyware on your computer, the NSA would simply lie about it and do it anyway. Get this: The government is loaded with demonic slimy bags of shit. That’s the nature of the secular state. God will punish them for their evil, but cracking your vulnerable Windows computer is not evil. Microsoft personnel will be punished for their deception and marketing practices, monopolistic behavior, and their unjust abuse of Windows users. But if you refuse to learn how to use anything else, what you get is what you deserve. Their evil is no secret; if you tend to holy cynicism, you would know about their sins.
God calls all humans. Those who acknowledge Him can decide in their hearts what He requires. If you sense no call to deal with the complexities of computer technology, but must use computers anyway, you’ll have to trust God for the results. If God afflicts your conscience about it, take appropriate action. However, it is evil to demand other humans invest their resources for your convenience and profit. All the more so if you refuse to acknowlege God in your heart.
So it works both ways. The attitude that you shouldn’t have to exert any effort to get what you want is not from the Holy Spirit. In virtual space in particular, no other agent on the Net is obliged to you without a personal covenant.
There is some vague possibility some folks might find this useful…
The other day I hauled out my Win7 laptop to complete formatting before submitting my book to the publisher. It had a copy of Word 2003, the last version I can tolerate, and Word format is pretty much required by the publisher (it’s pretty common among publishers) but mine isn’t too picky about the version. I had WINE running on the laptop with Word 97, but that’s too old for the publisher’s scripted conversion process.
This required a very long and convoluted process of updating everything on the Win7 laptop. At least one update persistently failed, and nothing I could find would resolve this. It’s typical of MS products, as you may know, that the least bit of individualizing of your system breaks everything because the Borg of Redmond is hostile to human uniqueness. You have to understand that Windows development tends to be highly compartmentalized, while the system is not. So the developers of one part are not only clueless about what the folks in the other parts are doing, but might actually be in some kind of perverted passive-aggressive competition to break each others stuff. This, in the guise of insisting they are doing it right and the other teams need to get on board. At any rate, it was the usual tears and agony for the end user in my case.
Granted, this is a relatively low-spec laptop, so the hardware is already a tad cranky, but it’s the best I could do. Win7 was the least painful of the MS solutions that run on this device. But this was aggravated by the pervasive “screw-the-user” attitude of all the essential supporting service companies: anti-virus, anti-spyware, etc. All of them have adopted the MS attitude of simply forcing the system to do certain things without giving the user a clue what or why. The only time they bother to inform you is when they can profit from exaggerating or outright lying about what’s going on. The exact same companies never treat Linux users this way when they make products for Linux.
I decided it was time to research afresh the various options I can tolerate in Linux and see if I could ditch Windows on this laptop (Dell Inspiron 15-3542). First, backup the Win7 installation completely so it can be restored (I did the same with the original Win8.1). The RedHat clones had already failed, much as I like them. The stable Ubuntu and friends were a mess, so I tried OpenSUSE 13.2. No consistent sound and it simply locked up when I tried to log out. Before giving up, I tried the latest weekly update of Debian 8 pre-release (AMD64 version).
Worked perfectly out of the box. So I’m writing this on said Debian laptop right now. Yes, the hardware is still a little wonky (especially the cheap touchpad) but it was worse under Windows. I decided to use the “non-free firmware” version of the net install CD, because I knew the networking stuff was not fully Open Source yet (RealTek 8101 ethernet and Atheros 9565 wifi) and only needed one other non-free package for the Bluetooth (an ar3k module).
That meant I would need to add a VM to run WinXP with Office XP (still got good CDs for those). Since Virtual Box was already in the standard Debian repo, that was the shortest path. However, it’s been broken into lots of little packages, so I had to figure it all out and install most of them:
But this allows you to install from the CD you put into the host-machine tray, instead of forcing you to extract the ISO from the CD and mount it as a virtual drive, as is the normal practice with Virtual Box. So I was able to process the book that way and it’s all good.
The only other issue remaining is that I am still trying to parse the various options in
synclient to tame this cranky touchpad.
Otherwise, Debian 8 AMD64 runs very on Dell’s Inspirion 15-3542.
Addenda: Joking comment about how much the US Army needs to re-hire me as a civilian cyber security guy and train military folks to use Linux so they can stop getting serious viral infections just about guaranteed due to obstreperous bureaucratic habits. I’m ready to go to work yesterday, but I tend to think it would require some pretty heavy pressure from way up the chain of command before anyone would take seriously such a suggestion. Windows-based habits are burned into the very concrete on which military computer offices stand.
Hopefully this will be the last time I write about installing any OS. The only reason I do this one more time is that I find Win8 to be an abomination for us older folks who don’t like pretending our computers are just big cellphones. I downgraded from Win8 to Win7. I won’t offer much hand-holding, but here are some useful notes for those wishing to try it themselves.
I assume you have your own copy of Win7 for this. Installation isn’t that bad, but you’ll have to catch the BIOS at boot up (hit F2 as soon as you see the “Dell” logo on the screen) and turn off secure boot the enable legacy boot, which disables UEFI.
But before you start, you’ll probably want the entire set of Win7 drivers burned to a CD. Please note the following logical steps:
1. Go to Dell’s official support page for this model.
2. Do not let Dell install their support utilities. Ignore that offer because it’s badly botched up and will not solve your problems consistently. Also, do not download Dell’s Touchpad driver. It’s very badly wrapped in rotten .NET code that seldom works properly after installation. The older driver from Synaptics itself is better because it uses a simple Win-GUI toolset. Besides, it actually offers more features. (BTW, this ratty cheap touchpad works poorly on every OS except Win7; on Kubuntu it was totally unusable but it’s tolerable on Debian 8).
3. What you’ll see on the official drivers list is incomplete. Take what’s there, then go to this page. That Dell offers this sort of listing is one of the best kept secrets. You’ll need stuff like the USB host controller, the Intel Chipset driver, and the 1705 Bluetooth and Wifi driver, along with the Rapid Technology driver (SATA driver).
In general, you’ll want to install the base chipset driver first, then the graphics, followed by the SATA and USB, then everything else. Please note that the BIOS update cannot be installed from the CD. It must be copied to the hard drive first, then you can install it.
Mine runs pretty snappy with Win7. Good luck.
Can the Law of Noah apply to computers?
My wife has run Win7 on her desktop machine since it was released. It’s not that she never found any unwanted malware, but that it never affected the operation of her system. Her efforts always paid off, and her protective software saved her from any sorrows. This is someone who surfs a lot of Facebook and other places where scams and malware have been passed through false advertising, but it never hit her.
This machine is under my moral dominion. Someone gave me that computer, and I eventually passed it over to her. Aside from Facebook and the games there, she uses it for her family history research, and chases recipes and natural medicine. Other family members have used it some, as well. It’s not that the pastor is so holy and righteous, but he and his wife are reaping the blessings of the Laws of God. When you seek His favor and meditate on the implications of His moral character, He extends His hedge of protection over all that you do for His glory. Everything you touch then belongs to Him.
So if He wants us to suffer something, there’s a reason for it and we bear it with grace. Apparently He’s not interested in us having to deal with computer problems of our own. I still fix a lot of other folks’ computers, but ours tend to be pretty stable and manageable.
BTW, I did have another problem with the laptop. Apparently the developers at RHEL, from whence CentOS gets all their code, are not interested in making everything work properly on laptops. It is server software, after all. That’s where Red Hat’s income is. So it burned through a battery charge in about half the time it should have, and refused to connect to my Android device, and a few other things just didn’t go quite right. So I gave up.
Someone had given me a copy of Win7 and I installed that. It’s a hassle because I had to chase down the drivers, since the manufacturer had no plans to support Win7 on this thing (it’s a Win8 machine). I don’t get all the software I like pre-installed, and it means worrying about a whole bunch of things that don’t affect Linux. I’m sure there’s a reason for that and I am not going to speculate, but I sense that God is showing me something. So I am at peace and things work, but it’s a lot of work for me. I’m not worried in the sense of anxious, but in the sense that I know Windows is much more vulnerable than Linux, so it needs more care. The shepherd has to herd computers, too.
At any rate, I’m doing the best I know to please my Father and seek His favor. My story is that it has always paid off in terms of His promises. That it hasn’t always been what I wished simply shows I need help getting my wishes adjusted.
As previously noted, I don’t anticipate actually needing encrypted communications for myself. However, some of you may see a need, or other folks may come into my world feeling the need.
Encryption is touted as primarily a means of digital privacy. If you worry about people intercepting you communications and seeing what’s in them, then encryption reduces the risk. I maintain that my bigger concern is not so much snooping as that someone might change my message. It turns out that encryption can support that in some contexts, since a message that can’t be read also cannot be changed.
To be honest, the best security doesn’t require a computer, but few of us are ready to dig into things like one-time pads. So we rely on software designed to make it more convenient. These days, it can be downright transparent. That is, you can set things up on most computers to do it all automatically and stop giving it so much thought.
The most widely used system for ordinary folks like us is Pretty Good Privacy (PGP), a system designed some years ago. These days the version easiest to get for free is Gnu Privacy Guard (GnuPG) which uses the same basic concept as PGP, but is free and maintained as Open Source software. It’s a standard feature on Linux and Unix computers, but is also available for Windows and Mac.
The Windows version is here and it’s a complete package with everything you need. The Mac version is here and you’ll need to study a bit, because I don’t deal with Macs enough to be of much help. If you use Linux, there are lots of GUI tools and the simplicity of operation varies widely. You could also learn how to run it all from the command line, if you prefer.
The whole point is that the first thing you do is create your own encryption key. It has to be tied to an email address. This means you consider carefully and decide whether you might want to dedicate some email account just for this purpose. For reasons that aren’t obvious, this would be a huge boondoggle if your account is webmail only. That would mean encrypting a message as a file, then sending the file as an attachment in the email. It’s a whole lot easier to simply use an email client that is designed to handle it directly, but that means selecting an account that you can run from your computer directly, not webmail. There are lots of free ones out there that provide you direct access from a standard email client (using POP and SMTP protocols), and many ISPs will allow you to hold more than one as part of the service. This is not about free email accounts, so we presume here that you have one selected for this purpose, one that is not used for much of anything else.
I will note in passing that you can do it with Gmail, because they allow that kind of usage, and you can do it with the IMAP protocol for any service that permits it. If you use Windows Live Mail, so far no plugin exists, so it’s like webmail in that respect. If you use Outlook, developers are working on it, but it’s a ton of work for the user to integrate and may not work anyway. Keep those for your regular email, and get something like Thunderbird just for your encrypted email traffic. There is also something called Claws for Windows that does it, but Claws is a little challenging to use due to lack of automation in configuring it. With Thunderbird, it’s a simple as installing an extension made for it, called Enigmail.
Here is one of the best guides for Windows users, and it happens to include illustrations on how to do it with Claws, if you prefer. I highly recommend you create your key first using the simplified GUI tools included in the GPG4Win package. I recommend you use 2048 as the minimum key size. Passwords are discussed elsewhere on this blog, so use the search function. You can use an entire sentence if you know you can remember it and type it precisely every time; spaces are acceptable in this case.
There are two ways to share your key with other folks. I export mine to the default GPG keyserver — hkp://keys.gnupg.net. You can find me as
“Ed Hurst <firstname.lastname@example.org> 0223AD6F” if you use the GUI to search for and import keys. Make sure you don’t pick up on some old key I may have used before and lost. I forgot to make a revocation certificate the first few times I played with this, so make sure you create one and save it somewhere. That way, if you decide to change to a new key for any reason, folks will know the old one is no longer valid. (Disregard; I lost that key and can’t recover it. I’ll post a new one in a new message later.)
Please note that you must exchange your public key with someone else in order to use encryption with them. You need a copy of my key and I need a copy of yours. I don’t have room to explain how this works in detail, but your public key is not the same as your private encryption key, but it still enables folks to encrypt messages to you that only you can open. Using their public key, you can do the same. In the lingo of GPG, you have to have my key on your keyring to use it, and I have to have your key on mine. We each have to mark the keys as trusted. Ideally you would exchange these keys face to face using a jump drive or something like that. However, the keyserver concept will do well enough for the level of security we might need. From all anyone can tell, the NSA struggles (generally cannot and keeps trying) with breaking this PGP style of encryption.
Once you’ve done all of that, fire up Thunderbird and set up the account you’ll be using for this. Then install the Enigmail extension as explained in the linked tutorial and it should walk you through a simple automated process of setting itself up for encryption. It knows where to find the keys most of the time.
The other way to get hold of me with a fair degree of security is to get a free account at Unseen, which is hosted in Iceland and wholly unlikely to let any outside law enforcement or spy agencies to see your mail. My address there is “broken” — if you log onto their webmail and send a message to my account there, it never leaves their server.
Well, that was a real disappointment.
Just when I thought I had everything as I wanted it, Debian began puking on me. Wifi wouldn’t work consistently and the machine crashed three times in one day. In other words, it wasn’t working well enough on this peculiar machine. I really was hoping to settle down on that issue, but it was not to be. So I reinstalled CentOS 7. At least it is consistent with wifi and other hardware drivers.
Part of the whole thing was the sheer convenience of having WINE on which to run my old MS Office 2000. It matters because when I publish my books, they have to be in Word format and LibreOffice does things differently, even when exporting to the Word format. The result is simply not good. Further, while my grammar is just fine, I do commit typos and simple human errors of leaving out words, or leaving in words from edits, and I rely on Word to catch that stuff. LibreOffice does not have anything comparable.
WINE is not available for CentOS to run 32-bit Windows apps. A virtual machine is possible, but it runs dog slow on this laptop. This thing is specced for long battery life, which means a slower processor speed, which means it takes forever to get the VM open and then to do much in it.
Turns out that Microsoft has been offering a cheaper version of MS Office online for free. I already had an account with their Outlook online service, so the same login works without a hitch. From what I can see, it’s adequate for the demands of my book publisher.
It won’t matter too much whether you trust the cloud services. More and more, it becomes the necessity of life. Got an Android device? You have to have a Google account. That account comes with access to all of Google’s services: Docs, their version of Facebook, the free cloud storage, etc. I’m using the cloud because I don’t have a lot of choice.
I’m not a purist; this is just a tool. A major tool worthy of an awful lot of time and effort, but still just a tool. Running Windows 8 (which came with the laptop) is simply not an option because I can’t control the things I find it necessary to control for my mission. And because the hardware is so new, there’s not many Linux distros that will work and I’m sick of the distro sampling lifestyle of most Linux users. It’s not a religion for me, so I’m not chasing the holy grail of Linux perfection, which is no more real than the grail. Choosing CentOS and running it properly means accepting the limitations of software choices.
I can live with this.