Tuesday, June 9, 2015
Globe Theatre stage and seating
Our first day in London began with a trip to the new Globe Theatre, a reproduction of the theatre many of Shakespeare’s plays were presented in long ago. The original theaters are long gone, but a few years ago an American philanthropist, Sam Wanamaker, spearheaded the building of a new theater in the original style. We took a tour of the open-air theater, and got an appreciation from our tour guide what an awful experience (by today’s standards) it must have been to attend or put on those performances several hundred years ago, before frequent bathing and while body lice and fleas were common. Yecch!
After the tour we went through the exhibits, with more on the life of Shakespeare, much like what we experienced at Stratford-upon-Avon. I did get to see a crumhorn (musical instrument) which turned out to be a woodwind, much different from the brass instrument I had pictured.
Entrance hall en route to Parliament
Our next stop was at the Parliament Building. I asked the guard if it might be possible to hear the House of Commons in session, and after making sure we didn’t have any sharp objects with us we were invited in, through metal detectors, into a great hall. We passed through that hall and a couple of smaller ones, and waited briefly to be called on to proceed up to the gallery. Much like visiting the U.S. Congress, there was a checkroom where they take your mobile phones, cameras, and other electronic devices, only here the attendants were smartly dressed in white tie and tails.
The House of Commons was much more orderly than I had been led to believe, although there were shouts of “hear, hear!” and of dissent from time to time. The debate was interesting, dealing with addressing differences on voting ages between the UK and the EU. We left after a couple of the 8-minute speeches.
On our way down, one of the staff asked if we would like to visit the House of Lords as well. Of course we did. The Lords’ chamber is considerably older than the Commons chamber, and somewhat more gilded. It was also more intimate, both because it was smaller and because it didn’t have a glass divider between us and the proceedings like Commons does. We heard some of the question session at the beginning of the day where the Lords ask questions of one of the government ministers, and the announcement of legislation being introduced by various Lords.
Afterwards we walked by Westminister Abbey but decided not to visit because of limited time. We returned to our hotel to change clothes for the evening.
Queen’s Theatre, waiting for Les Misérables to begin
We had tickets to see the long-running production of Les Misérables this evening. I found a high-rated Italian restaurant on Yelp, Bocca Di Lupo, and we were able to get reservations. We dressed up and had a very enjoyable dinner. Les Mis was of course wonderful; Celeste had a particular appreciation for the production having been an assistant stage manager for a youth production of it this past spring.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
Monday, June 8, 2015
Today we did our drive back from York to London. It was interesting getting out of the hotel’s tiny parking lot, but most of the rest of the trip was on motorway and went very smoothly. I was more comfortable driving on the left at that point as well. I was struck by the courtesy of the British drivers: when I signaled a lane change, they actually made space for me rather than rushing to fill the space as they do so often back home.
The Hogwarts Express locomotive
Our intermediate stop today was Warner Brothers Studios, the primary site for the filming of the Harry Potter series of movies. As you might expect, they have turned this into quite a tourist attraction. The exhibits were excellent; I was very impressed with the attention to detail on everything, down to the writing of original stories for the newspapers that appeared only fleetingly on the screen. My only disappointment was the heavily promoted “butter beer” they served at the snack bar. It turned out to be just an overpriced cream soda with some dairy froth on top.
We continued to Heathrow to return the rental car and then took the Underground to our hotel, the Premier Inn near the Earl’s Court tube station. Like so many British hotels I have stayed in, the route from the lobby to our room was somewhat circuitous, involving two elevator rides and a passageway across the street. It was late when we finally arrived, so we grabbed a light dinner at the hotel.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
Model of Hogwarts
Sunday, June 7, 2015
We had planned two days in York and vicinity, perhaps driving out to the North York moors on the second day. But we decided there was still too much to see in York to leave town today. I was also not anxious to get back in the car yet.
Micklegate Bar, one of the gates to Old York
We began by catching the tour bus to the York Castle Museum, on the opposite side of town from our hotel. The 24-hour ticket we bought yesterday was still good this morning. The Castle Museum emphasized the Victorian and later periods including World War I and the 1960s. My only disappointment was that the purported telegraph messages really weren’t — they were just beeping noises. There were a few newer “artifacts” too — the Motorola Razr 3 phone we had brought to use with a European SIM that was in my pocket was also on display!
We wanted to have a tea while in York, but couldn’t figure out how to fit it in. We compromised by having tea with our lunch at a tea room on the Shambles. My Yorkshire rarebit was delicious if a bit heavy, but a nice reminder of Welsh rarebit Mom used to make when I was a child.
After lunch we went to the Yorkshire Museum, which is affiliated with the Castle Museum and emphasizes earlier history, from Roman times to about the time of Richard III. The museum is built on Roman ruins that are incorporated into the exhibits. There is also a small natural history section.
It was a little too early for dinner, but there wasn’t really enough time to return to the hotel, so we walked over to the train station and then returned via another section of the old city wall, giving us a different view of the city. We then walked over to the Royal Oak, a pub we passed earlier advertising a Sunday roast beef dinner with Yorkshire pudding, and we had an enjoyable meal there before returning to the hotel.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
Saturday, June 6, 2015
Today was spent on foot exploring the old city of York. After another hearty breakfast, we walked on much of the old city wall, which gave us an overview of the northeast side of York. We then walked into the old city and went to a museum to learn about the Viking period of Jorvik, between 866 and 1066.
Bicycle ambulance and paramedic
There is a tremendous amount of history a few meters below York. What impressed us was the amount of information they got from everything the archaeologists found. For example, they were able to tell from a skeleton how muscular a particular person was and what types of parasites they hosted. We were all glad to be living in the present.
When we emerged from the museum we were struck with how crowded York had become during the morning. Part of this was attributable to a food festival that was taking place. I spotted a bicycle ambulance whose paramedic was happy to pose for a picture.
Jim and Celeste at the Railway Museum
After a coffee break, we bought tickets for another hop on hop off tour like we took in Stratford-upon-Avon. This one had an excellent live tour guide who gave us more background on York. We got off at the rail station and made our way to the National Railway Museum, where we had lunch and explored the many train cars and locomotives on display.
We then got back on the tour bus and rode back to York Minster, the church that is the most prominent symbol of York. Getting there late in the day, we had limited time to explore before the Choral Evensong service that we wanted to attend. As expected, the service was very formal and with little participation by the congregation other than to stand and sit at the appropriate places. We did recite the Nicene Creed and sang one (unfamiliar) hymn. But the music was excellent, including the singing of two Psalms by the male choir.
Being Saturday night, we had to hunt for a bit to find a place to eat that wasn’t too crowded. We eventually found a good fish and chips place that was quiet enough that we were able to have a good conversation to review the day.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
York Minster, as seen from old York
Friday, June 5, 2015
After a little more modest (but still delicious) breakfast at the hotel, we set out for our next destination, York. We first took a short drive to Coventry, site of a cathedral that had been heavily damaged in World War II. Cathedrals are easy to find: the steeples point the way.
The theme of Coventry Cathedral, destroyed in World War II, is (very appropriately) forgiveness. Many sculptures and other writings made the visit a very moving experience. After visiting the cathedral ruins, we were able to climb a surviving steeple for a good view of the city.
We got a little lost on our way out of Coventry, but eventually found our way through the plethora of roundabouts to the motorway. Our plan had been to go next to Sheffield where my research showed some Fenton ancestors may have lived, but I decided to skip that because I was tired of driving. We stopped for lunch and then headed for Hunslet, a suburb of Leeds, where a number of Fentons had lived and a prominent Fenton was said to be buried in the chapel. We went to the oldest church we could find and it was still too new. They referred us to a Methodist chapel which was newer yet, so we gave up and proceeded onward.
The Fenton Flyer, a pub in Church Fenton
On our way into York, we went to the village of Church Fenton, because, you know, the name. It’s also the site of a Royal Air Force base by that name. It was a cute town, and we took some pictures next to the sign, before proceeding on to York.
Kenna and I had visited York once before in the ’90s. We found a hotel just north of the city wall, close to where we stayed on the previous visit. The hotel is quite nice, but like many British hotels in which we have stayed, it was a climb up to our room on the top floor: 56 steps. Good thing we only have to carry our bags up once.
Dinner was at a very pleasant restaurant, Café Concerto, close to York Minster. After dinner we explored a little on foot before turning in.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
Thursday, June 4, 2015
My jet lag woke me very early this morning, about 3:30 am local time. Kenna did considerably better, and Celeste won the sleeping prize. We had a delicious traditional English breakfast in the hotel restaurant; it was wonderful but I mustn’t get used to eating breakfasts this big!
Jester statue in Stratford-upon-Avon
After breakfast we headed for Shakespeare’s home town, Stratford-upon-Avon. While not especially crowded, the town was very touristy and prepared for many more people than today, a Thursday in early June. We didn’t feel we wanted to invest in the pricey ticket that allows one to visit many of the Shakespeare-related buildings, so we walked around and got a feel for the town. After a while, we decided to catch a “hop on, hop off” tour that takes about an hour to complete (without hops off, of course). The tour was excellent; we got a birds-eye view from the top of a double-decker bus and the recorded tour taught us a great deal.
We had noticed the rooftop restaurant at the Royal Shakespeare Theatre, but found the meals there to be more than we wanted. So instead we stopped at a pub downtown and had an enjoyable lunch.
Warwick Castle courtyard
After lunch we returned to Warwick, parked the car at the hotel, and set out for Warwick Castle. Kenna and I had been to the Castle in 1998, but Kenna remembered more of it than did I. We still enjoyed Warwick Castle, but it seemed to be quite touristy: almost more of a theme park than a historic site. While not the Downton Abbey estate, many of the rooms reminded us of the lifestyle of the people from the series. We took one 40-minute tour of some of the rooms, and self-guided the rest.
After returning to the hotel for a little downtime, we walked back to the centre of Warwick for dinner, again at a pub. It was a warm evening, so we ate outside, which was pleasant except for the cigarette and e-cigarette users who contributed to the atmosphere, so to speak.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
Wednesday, June 3, 2015
Our first day in Europe was a short one, owing to the time change. We arrived at Heathrow about noon, endured the line (ahem: queue) at immigration, and grabbed sandwiches from Marks & Spencer for a quick lunch. Surprise: pint bottles of milk were considerably less expensive than soft drinks.
One of the many courtyards at Oxford
We got our rental car from Hertz, and it turned out to be a brand-new Ibiza, made by Seat, a Spanish company. Our suitcases just barely fit in the boot (trunk). It was still early afternoon, so Kenna suggested a side trip to Oxford. We had stopped there in 1998 and remember having a very pleasant picnic lunch in a field, but I have no idea where that had been. We followed the signs and eventually found ourselves in downtown Oxford. We parked and walked around for an hour, enjoying the town but not really knowing where we were. We did find a Vodaphone store where we were able to buy a local SIM for one of our old phones and grabbed a quick snack at Pret a Manger before heading on to Warwick, our base for the next two nights.
Driving in to Warwick, we quickly realized that we didn’t know our way to the hotel. One of the challenges was that the major streets don’t have their names marked very often – just the side street names were visible. But after a few wrong turns, the hotel turned up. The Castle Limes Hotel was conveniently located and our two-room suite was very comfortable.
We checked out some online restaurant reviews and settled on a small Italian restaurant up the street for dinner. After dinner, jet-lagged, we got to sleep right away.
This article is part of a series about our recent vacation in Europe. To see the introductory article in the series, click here.
June 2, 2015
Once again (this is the sixth year), I wrote a journal on our summer vacation for publication on this blog following our return. This year the publication of the journal is delayed by 5 weeks from real time, and I intend to post one installment every day or so over the next 3 weeks or so. This year’s trip was to portions of Europe: England, France, and a bit of Germany, with lunch in Luxembourg thrown in. The recurring characters in our story are myself (Jim), my wife Kenna, and our daughter Celeste. We hope you enjoy it!
We decided to leave on our vacation earlier in the summer than usual, to get away from the construction noise from the house being built next door. That decision was affirmed this morning when a jackhammer started tearing up the previous house’s driveway. A positive sign, in a way.
It has been several years since we went to Europe, especially if you don’t count our 2013 trip to Iceland. Celeste, now almost 16, was there when she was 6 and 9 years old, and the earlier trip in particular is a dim memory. We will be revisiting some places she has been before, introducing quite a few places that Kenna and I have been that we want to show her, and going to a few places that are new to all of us. As usual for our Europe trips, this one is not completely planned: we have found that some of our best memories come from serendipity.
As has become a tradition with our travel blog entries, we will post them after our return, a month or so after the actual dates. I’m hoping I can maintain the discipline of writing a blog entry a day on our trip.
After a flurry of activity making sure we have everything we need, cleaning house, and using up the perishables in the refrigerator, the car to the airport picked us up at 2 pm. The limo service surprised us with a Tesla, which they normally charge extra for. It was a pleasant drive, and we made it to the airport with plenty of time to spare. We used some of that time browsing through the SFMOMA (San Francisco Museum of Modern Art) store, which had many beautifully designed gift items, but nothing we wanted to take to Europe and back with us.
While we stopped for a snack, I noticed a sign about a museum and library. We had used most of our excess time, but made a quick stop by the aviation museum in the International Terminal. Once inside, you feel like you’re in a beautiful classic museum rather than in an airport. We will have to remember that for a future trip or maybe just stop by sometime.
As expected, the service on Virgin Atlantic was excellent, even though we were in the “cheap” seats. Dinner was pleasant enough and then we settled in for in-flight movies and sleep for the night.
I just corrected a problem that was causing mail to back up on one of my home Linux machines that was trying to send mail to my mail server. I’m concerned that it may have a wider impact on email soon.
Starting June 25, my home Linux machine started reporting errors and queuing mail to my mail server. The error log on my home machine reported:
Jun 25 07:35:11 kernel sm-mta[5232]: STARTTLS=client: 5232:error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3339:
I did a little searching, and found this page that proposed a possible solution, then updated itself to report that it didn’t work. On my mail server, I created a new dhparams file and configured sendmail to refer to it (as described in the article, except I already had defined cipher suites so I didn’t do that part). I rebuilt the config and restarted sendmail, and it looks like everything is working. For me.
My bigger concern is this: I was lucky; the system encountering the error was sending to a server under my own control. But email servers typically talk across domains, and if the error happens sending to someone else’s email server, the options aren’t very pretty. One option is to turn off STARTTLS, but that is the opposite of the intent of the openssl change. Another might be to revert the openssl update.
Apparently a 512-bit DH key is a pretty common default. The change requires a 768 bit minimum key size, so the question is what to do when the key is too small. Perhaps changing the default and then giving more time before making it a requirement would minimize the breakage.
Since I’m using my blog more actively to publish information about Nōtifs lately, I thought it would be a good time to upgrade my blog to WordPress Premium. For $99/year, I get a number of benefits including removal of ads from my blog. One of those benefits is the use of a custom domain name, and since I registered altmode.org several years ago, I thought it might be good to go from altmode.wordpress.com to altmode.org.
Everything went quite smoothly. Then a friend called. “Jim, since you’re a security guy, I’m surprised that I get a warning when using HTTPS to read your blog.” Sure enough, accessing https://altmode.org/ resulted in a warning, because the site presented a certificate that is valid for *.wordpress.com, not for altmode.org. I hadn’t seen this error because I generally browse my own blog through the administrative interface via altmode.wordpress.com. I should have anticipated this because I never got a request to provide or approve a certificate for altmode.org.
I contacted WordPress support about this. Their response:
WordPress.com currently doesn’t support SSL for custom domains, so you can avoid that error message by giving out the http:// version of your site’s address:
Modern browsers will usually give a warning if you try to visit a site starting with https:// when SSL isn’t supported there, so the best way to avoid that is to make sure that links to your domain begin with http:// instead. We also have a page about HTTPS with more details and other options for turning off those browser warnings.
So the answer is, basically, don’t use TLS (SSL). It did before my upgrade to premium, but doesn’t now. Not something you want to tell a “security guy”.
There are a number of reasons this is a problem:
- More and more people default to using TLS if they can.
- Presenting a certificate for the wrong site just trains users to ignore these warnings, making them less secure.
- A premium feature should be an upgrade.
How would I like it to work? WordPress should tell me they’re going to obtain a certificate for my domain, and to approve the request for it that their Certificate Authority will send me. Or even send me a Key Signing Request and let me buy the certificate.
What are some alternatives? One is to operate an HTTPS reverse proxy, and map https://altmode.org/ into https://altmode.wordpress.com/ myself. Another is to move my blog to a self-hosted WordPress site, but I’m not sure I want to deal with the frequent security issues I have been hearing of. A third is just to turn off the domain mapping, and decide whether the cost of WordPress Premium is still worth it (mostly for ad removal).
I’ll decide which way to go soon, and apologize for the warning messages in the meanwhile. Please don’t just click “accept” when you see one of these, OK?
Altmode 