Musings of a Web Technologist
Here’s a handy command to display the Internet facing IP on a Unix/Linux command line. This is particularly useful on systems where lynx is not available, and where the system might be behind a firewall so that the public IP cannot be discerned from ifconfig output.
curl -s myip.dk | grep 'IP Address' | egrep -o '[0-9.]{3,}+'
I have updated Ville’s Ergonomics Recommendations as of today. Since the list was previously reviewed and updated a few years ago, many links had to be updated along with the content that now reflects the technology today. Hopefully the resource provides useful pointers for anyone looking for information on computer workstation ergonomics!
Note that you can always access the ergonomics resource easily from the blog’s main menu.
Today when I was accessing some internal resources that are protected with an SSL cert that has been signed by the internal CA, I got an SSL error I hadn’t seen before: “This site’s security certificate is signed using a weak signature algorithm!” (see image below). With a quick test it was clear this was only an issue with Chrome. And a few Googlings later I found it was thanks to a recent auto-upgrade to Chrome 18. Most of the Google hits were discussing this error in the context of Facebook – apparently some facebook servers are configured with an old, expired intermediate certificate. But this was not the case with my server cert, signed with the internal CA cert.
Digging some more, I came across a post by Dave Christiansen where he points out an obscurely documented switch for openssl req command. That works great for single self signed certs, but what if you’re using an internal CA? The CA cert can be created with “-sha512” command using “openssl req” (as outlined in Dave’s post), but then when you sign server certs with “openssl ca” – even when you’ve created the CA cert with the “-sha512” switch – Chrome still throws the same error.
The trick is to specify an equally obscurely documented argument “sha512” for the “-md” switch with “openssl ca”, like so:
openssl ca -md sha512 -config /etc/ssl/openssl.cnf.internalCA -policy policy_anything -in my.server.name.csr -out my.server.name.pem -keyfile ../private/internalCA.key -days 3650
Now the signed server certificate reflects “sha512RSA” as the Signature algorithm, and the Chrome error is gone.
As availability of the remaining Microsoft Trackball Explorers is waning on eBay (or perhaps you’d like to buy a new device rather than a vintage piece whose bearings have worn down, buttons stick, etc.), I have been considering the alternatives. There are few options, although their ergonomics is not quite as spot on as the venerable TBE‘s which fit like a glove.
But they are workable, and human beings adapt. 🙂 There is an interesting point I just realized, and I thought of sharing it. Kensington’s misleadingly named Expert Mouse works very well in situations where the work surface is low (as it should be for decent ergonomics) so that it is possible to use a third party arm-rest (my preference is “330 000” series ErgoRest forearm support) with it. When your hand ‘floats’ above the trackball, it is quite pleasant to use for extended periods of time.
However, in many situations the desk height is too high and Expert Mouse suddenly becomes much less pleasant to use. Its own wrist support is not that comfortable, especially when more of your arm’s weight is on it. In such situations Logitech’s wireless M570 (for some reason “M570” sounds like a model of Mercedes-Benz to me ;)) works reasonably well. M570 is like a TBE in reverse. For some reason Logitech opted to place the ball at the thumb and button/scroll wheel controls at the forefinger/middle finger. I wish Logitech introduced a model with the controls (trackball/buttons+scroll wheel) reversed and we’d essentially have a new TBE… but even as it is, it works reasonably well. If you haven’t used a thumb-controlled trackball before it will take you a week or two to become fluent with it, and even then the accuracy is not quite as good as it would be with a forefinger-controlled trackball. But it’s close enough for M570 to work well. And M570 is small enough to lug along with your laptop – a lucky co-incidence since I think M570 works better in less-than-optimal ergonomic settings which you are more likely to encounter while on the road.
N.B.
While both manufacturers provide drivers/utilities for their respective devices, be sure to check out X-Mouse Button Control software as it is able to teach your trackball cool new workflow-improving tricks!