Rails SSL – certificate verify failed

Woke up one morning to find the outbound ssl connections my app (Ubuntu / Apache2 / Ruby on Rails) was trying to make, are no longer working (it was working just fine yesterday) with the following errors:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

It took a frustrating couple of hours digging around, and ending up on several unhelpful stackoverflow answers, for me to come to this conclusion:

The trusted SSL certs for my servers were out of date:

/etc/ssl/certs/ca-certificates.crt

The fix: Find the latest version of ca-certificates.crt and replace it.

If you don’t drink you’re a pussy

Drinking alcohol is a human social experience that I do not understand.

I can drink at most 2 beers, or other alcoholic equivalence of that. But even then, I find the feeling of drinking alcohol to be very discomforting. I get nauseated, I don’t like the feeling of losing control of my senses, and feeling just sick in general.

It amazes me how much people can drink. It amazes me more how much people crave drinking, and how drinking is an absolutely normal part of the human experience and an essential part of enjoyment and entertainment.

Every culture, every country, every nationality has alcohol and drinking is a crucial part of social bonding and celebration.

Because of this, I often feel like an outsider at social events. I can pretend to enjoy alcohol, but in my mind, it’s like ingesting a poison to pacify peer pressure.

I don’t understand when in human society did alcohol consumption become a necessary adaptation. It’s perhaps just as important, or more important, than having the ability to shake hands, smile, and chit-chat with fellow human beings.

Sometime I wonder if we co-evolved with alcohol, and that some how it is essential to the survival of the human body, so that is why most people have a craving and desire for it. If that is the case, my DNA is some how screwed up and I lost that trait.

I don’t begrudge people for drinking. It’s like my obsession with crawfish, I am sure some people will find that very strange. But I have begun to increasingly notice that drinking often leads to some very bad decisions.

The one clear bad decisions that I have watched countless people make, after drinking, is driving intoxicated. I know, I know. We’ve all been educated about the dangers of driving drunk, but you would have to be lying if you tell me that you’ve never had friends or family drive while clearly intoxicated.

Yes… When I do witness such events, I always offer my advice and help, but there it is not easy to convince someone that they have had too much. They will ALWAYS tell you they are fine.

It’s easy to intervene if that person is a close friend, but it is almost IMPOSSIBLE to do anything for anyone else. I am not a praying man, but I have on numerous occasion prayed that the person I am asking to not drive, just make it home ok.

The other thing I don’t understand is why people drink around their family members. I understand and can sympathize with drinking around friends and having some great drunken fun, but why would you want to be ass drunk around your mom?

Anyways. Just some thoughts from a pussy who can’t drink.

How to tether the Nexus 5 on T-mobile

On the Nexus 4, you could easily tether on tmobile by enabling the hotspot.
On the Nexus 5, they disabled it. If you connect to the hotspot and browse, it will redirect you to t-mobile’s website.

Here is how to get around that. (Credit: xda-developers)

  1. Download the Android SDK
  2. Enable debugging on your phone: Settings > About Phone and then tap on ‘Build Number’ 10 times.
  3. Connect your android to your computer
  4. Find the program “adb” in “platform-tools” and run the following commands
  5. # get your device's serial number
    adb devices
    # load adb shell for the device found above
    adb -s <serialNumber> shell 
    # in adb shell run this magic command
    settings put global tether_dun_required 0

That’s it. Your phone can now tether.

This technique is awesome because it does not require rooting your phone and you are only using official tools provided by Google itself. No third party apps necessary.

Google pays ransom

It’s very interesting to look at the list of groups that google donates their money to:

http://www.google.com/publicpolicy/transparency.html

On this list are both left and right foundations, as well as democrat and republican congress members.

There are many groups on this list that I find absolutely disgusting: Heritage Foundation, Ted Cruz, Texas Public Policy Foundation, etc…

But I guess it’s not really fair to say that Google is bias or conservative, since they also donate to groups that I like: Electronic Frontier Foundation and The Brookings Institution.

I don’t know what to think about it. The more I look at it, the more it just looks like this is a list of people Google pay ransom to.

PSA: You can not load multiple Temporary Cards into an American Express Serve Account

Just found out that you can not buy multiple temporary American Express Serve card from CVS and load them into one American Express Serve Card. You actually can’t even load them in if you already have a Serve account. Those Temporary Cards are basically just Credit Cards with a one time option to convert them into Serve accounts. Which is pointless really…

How to use Lenovo OneKey Recovery Factory Restore

I have a Lenovo G450. I wanted to change the hard drive. The recommended way to do it is to use OneKey Recovery and burn a DVD to re-install the OS. Who has DVD-writable discs lying around? Not me.

Here is how to re-install the Windows Operating System that came with your Lenovo OneKey Recovery easily. You can even put this on a USB stick to make it easier.

  1. Unhide the hidden OneKey Recovery partition on your hard drive named “LENOVO_PART”
    • Use PTEDIT32.zip
    • When you open PTEDIT32, you will see all the partitions. One of them will be “type” — “12″ which is a hidden partition type. Change that to “type” — “07″ (like the others)
    • Save and reboot
  2. Find the OS image in the hidden partition. It should be under “LENOVO_PART\OKRBackup\Factory\OS.okr”
  3. Download this tool “Windows Automated Installation Kit” to get the program imagex.exe and bcdboot.exe (you have to install the program, then look around in the program files for imagex.exe and bcdboot.exe)
  4. Format the destination Hard Drive you want to load the OS onto. You could either have this Hard Drive connected as an external HD, or you could have loaded it from WinPE or something…
  5. Run imagex. Tell it to use the OS.okr image to write the OS to your desired destination. Like this:
    imagex.exe /apply C:\path\to\OS.okr 1 D:\
  6. Once it’s finished, make the new OS installation bootable with:
    bcdboot.exe D:\Windows
  7. Reboot and you’re done.

This make it super easy for you to backup and move your Lenovo Factory OS partition. No more stupid OneKey Recovery console, or DVD burning.

Sources:

Who has my student loans?

I have auto-pay for my student loans. Today I got a letter in the mail from “Great Lakes” saying I owed them money.

I was like, WTF is this, “Great Lakes”? Is this some sort of phishing attempt?

Nope. It’s a legit loan company. Some how my student loan got transferred to them.

Ok fine. So I have other student loans, how do I find out who owns those loans.

So to google “Who has my student loans?”.

This seems like a legit place to start: https://www.nslds.ed.gov/nslds_SA/SaFinLoginPage.do

Opened in Chrome

student-loans

What the heck is this? They want me to play a game? “If using arrow keys, move mouse off of grid so it does not conflict with keyboard. Use the up and down arrows to move to desired number within column; use right and left arrows to move between columns.”

As a seasoned web developer, I can’t begin explain to you how absolutely RIDICULOUS this is.

But you what, it is what it is. I’ll play along… BUT….. The fields look broken. How am I going to play this game if you can’t even display it correctly?

Alright, maybe they don’t like Chrome. Let’s try Safari. Nope. Alright, how about Firefox? Nope.

I guess I am going to have to get Internet Explorer. Nope, I am on a Mac, no IE today.

But let me get this straight, to be more secure, I should use Internet Explorer? Nope.

I am done.

Man, the government IT departments are run by monkeys. Monkeys with knives.

I can not watch a bad movie

I was watching Olympus Fallen and I just could not bring myself to finish it. The plot was so stupid and illogical I couldn’t continue.

I have a problem.

I don’t think it’s normal to get so involved and worked up by imaginary things.

I lack the ability to let things go and just go with the flow. It’s like a mental disability.

My brain can not detach my emotions from the story.

Shopping mall in my Davis neighborhood

In the last couple of years, the area around my neighborhood has been slowly developing into a shopping center. It all started with Target, then a Chase bank opened across the street, and now it’s about to grow into a full-blown strip mall with a brand new TJ Maxx and many new un-named stores.

While I am not going to protest these new changes, I do not like them.

Some might say I am a NIMBY (Not In My Back Yard), but that’s not it. I am not opposed to them being built in my backyard, I am opposed to them being built period.

I understand that this narrow view may hinder economic and social progress. I know many people choose to bring these shopping malls into their towns and cities for economic and convenience purposes, and that’s fine by me. I also understand the inherent hypocrisy in my position because I am a frequent patron to many of these places.

But I personally want to live in a community with like minded people who do not care for these types of businesses. I frankly don’t believe many of us would miss them if they were gone, or only existed in communities where people welcome this type of establishment.

They bring with them a lot of traffic, noise, and trash. While for some people this trade off is welcomed, I personally would much rather pay extra taxes to offset any economic incentives they may bring into the community. And as for the convenience of having them close by, well — we already solved that problem with Amazon.

President Obama and the new HealthCare.gov site

This problem pisses me off so much I am writing about it again. Today President Obama made a speech acknowledging many of the problems with the site, but he still did not provide any explanation or adequate solutions.

If I had a direct line to Obama, here is what I would say:

  1. President Obama should have reached out to his friends in Silicon Valley. Just a couple of years ago, he had dinner with all the big shots in the Valley: Facebook, Google, Apple, etc… Those people know a lot about running high traffic websites. He should have reached out to them for help.
  2. They should have stressed test and BETA tested the site. Seriously, how hard would it have been to open the site to BETA testing. One easy way to is just post a link on reddit. You will instantly get thousands if not millions of visits. Let real, internet savvy, people poke around. All of these stupid problems they are having would have been unearthed within seconds.
  3. There should have been a better workflow. They keep complaining that the system was complicated because it has to communicate with so many different services. You know what I do when I have to rely on third-party connections? I run all of that in the background. Away from a live user session. They should have done this. They should have created a SIMPLE registration system to collect user information. That system would not need to be archaic and backward compatible with anything else. It could have been build with the latest and greatest technology, made to scale easily, and independent of all other systems. This system could have, at the very least, registered the user and store their contact information. Then if they can not provide the user with real-time quotes or enrollment, it could tell the user to check back at a later date, or wait for an update. This way, they could have run all of the heavy processing in the background away from the heavy traffic. This is like basic computer architecture!