I just wrapped up the followup work I mentioned on making sure existing notifications in the system go away when someone gains or loses access to a lock, or the lock is removed, or the locks of a post are updated.

I need to be realistic about this: I'm one guy, alas, and there will be issues. These were minor in terms of people affected and likelihood of impacting someone. I think I've designed well to avoid more serious problems. I could be mistaken.

So the best I can do is try to be proactive, be responsive when things are pointed out, and oh yeah, be straight with y'all that I'm one guy.

So yeah: I'm not the entire Internet security department of Amazon. Consider yourself reminded. (:

If OPW were to grow, making sure there is a second engineer involved regularly and a code review process in place would be a priority for me. It's not intended as a high-wire act.

(Edited to add: Sean made many large contributions to OPW, including tons of code. Grateful for that! I'm thinking more of what would happen if we had a real budget in terms of best practices for review.)

So how big is OPW anyway, and will it grow? Well: it's tiny. There are about 25 posts per week.

And: it's constant. There have been about 25 posts a week since things settled down in 2015.

But everybody who's here really likes it here. So!

We'll see if little changes like the new Network posts indicator help bring the occasional newcomer more successfully into the fold. But if not... hey. It works for us.

I made two security fixes just now:

1. Previously, if you knew the id of a post and were a mutual follower of the poster, you could comment on it, even if you did not have the keys to the post. Note that this did not mean you could see the post. However, see below.

2. If you had commented on a post, you would continue to receive notifications of later comments on that post, even if your own access to it had been revoked. Notifications contain roughly 100 characters or so of each comment.

Both issues have been fixed. I apologize for these mistakes in my code.

At no point was it possible to read an actual post you should not have been able to read. But, security issues are never good.

Many thanks to the user who brought issue #2 to my attention, which led me to discover issue #1.

Edited to add: notifications already in the system are still there. I will be working to purge those, and also to purge notifications as needed whenever the privacy settings of a post change. Of course an email sent is an email sent, but I should do what I can do.

On OPW, it's tough to get in the game. Newcomers make public posts, hoping to connect; the rest of us might see them if we're already connected to that person, but otherwise not. There's a "Network" button, which shows public posts from second-degree connections... but nothing calls attention to new posts there. Or did, anyway.

So I've taken a stab at improving on this: there is now a separate new-posts counter for the "Network" page. You probably see it right now, singing its siren song.

Since we didn't keep track of the "last read" post in the "network" feed until just now, that counter is probably showing you a big number at the moment. And hey, that might be right, if like me you weren't in the habit of checking it out.

In the future, though, it'll know when you last read the "network" page, and limit itself accordingly. So I think this will be much more useful as a way of discovering new folks.

While I was at it, I also changed the other "Network" button to "People." Hopefully emphasizing its separate role as a place to edit your connections. Because yeah, confusing. Little things matter.

And speaking of little things: kitten!

iPhones have a new feature: as of iOS 11, they don't save photos in the familiar JPEG format. They save them in a new format called HEIC. It's very nice. Web browsers can't handle it. Until today, OPW couldn't handle it either.

However, Rabbit was kind enough to point this out with some useful pointers in the right direction, and I found tools to convert HEIC to JPEG.

So, please enjoy the ability to once again attach photos to your OPW posts from your iOS devices.

For those who haven't tried it before, look in the lower right corner of the editor, where you see the words "Add Media." To the right of that, click the little picture icon, then the browse button that follows.

Enjoy!

In fulfillment of Shelle's longstanding feature request!

You can now export your One Post Wonder posts. Just:

1. Click "Me" (top bar, third from right).

2. Look at the little buttons above your tags: Account, Edit portrait, Edit bio... Export!

3. Click "Export." Big shocker there.

4. Wait a few seconds and KAFLOOP: big HTML page downloads to your computer.

5. Save that puppy!

6. Open it up, just by double-clicking it, for most of you anyway. Admire your fine words.

7. Want to print just one tag? Click on that tag first, then click "Export." KAZOOM: an export of just that one tag.

OK, now some catches:

1. It's not phantasmagorically beautiful. I haven't had time to fuss with the print styles much. You do get page breaks between articles. You don't get a table of contents because that requires a Considerably Different Approach.

2. The images you see in your export are being loaded from the website. So if you were to delete your account, they would be gone. The easiest workaround is to hit "Print" and then "Save as PDF"; this will take a while, but you wind up with a PDF file that permanently includes copies of your images. Heck, you could even print it. Hope you've got plenty of paper and ink.

My near-term intention is to change this feature so you get a zipfile that includes your images without the need to make a PDF or use any mirroring tools.

Hope you enjoy! I'm pleased to have finally delivered this feature. In addition to how nice it is to be able to export your stuff as a "book" sometimes, it also fulfills a more fundamental promise: the freedom to leave without strings attached. Speaking of which, the markup is semantic and fairly easily parsed if you want to Do Things With Code; article elements are exactly what you'd expect them to be.

In deployments today and yesterday I also updated some security matters and made sure OPW is running on reasonably up-to-date and maintained Node.js modules. That took a lot of moaning and groaning, and introduced a few minor bugs (like momentarily invisible comments) that have since been fixed. Mutter, mutter.

But it's worth it; I care about this little blog on the prairie. It's where I keep my stuff.

I wanted a cheap, super-portable, lightweight Linux computer good enough for occasionally working at home. Something that would also be small enough to open easily in the most cramped of airline seats.

Many people have found that adding some extra storage to a Chromebook and installing a full Linux distribution it is a good way to get that cheap Linux "light development" machine. And GalliumOS is the flavor of Linux tailor-made for that.

So I tried installing GalliumOS Linux on the Samsung Chromebook 3.

TL;DR: this was not a good idea. There is a major issue that wasn't mentioned on the wiki page. It wasn't very well known or consistently diagnosed until I started beating the drum and other users came out of the woodwork. Unfortunately, still not fixed.

I'm not angry about this. GalliumOS is a volunteer project, the issue is tricky, and nobody owes me an open source rose garden. If I wanted a sure thing, I should not have bought a new model. Linux tends to run best on slightly older computers people have simply had more time with.

So this time around, I posted to the GalliumOS Reddit and asked for personal accounts of 100% happy GalliumOS experiences. And lo, there were many. But the machine that really sounded spiffy was the Dell Chromebook 7310. It is strongly recommended by "Mr. Chromebook," the guy who writes custom firmware to let you boot these machines directly to Linux, without weird startup prompts and a risk of a family member quite inadvertently reverting the whole thing to ChromeOS... arhgh!

Only thing is: it's not available new anymore. And because it's as nice as it is - for instance, you can upgrade the SSD, and it contains a proper SSD, not soldered-in eMMC storage - and is available with several different processors and an excellent screen, it costs a little more.

I decided to leverage the first to address the second. In other words, I bought a used unit on eBay, with an i3 processor. And I am super-very happy with it.

So far everything just works. And it's fast - the experience so far feels zippier than my i7 Mac at work, because GalliumOS deliberately goes light on flashy stuff that slows computers down... but also because an i3 is still a whole lot better than a Celeron. Don't get a Celeron. Just don't.

At 13" it's a little bigger than I initially wanted. But I work from home far more often than I fly. 

Here, I hope, endeth the saga. Except for the bit where I'll be flipping the two (!) Samsung Chromebooks I bought, in my zeal to prove it was a real issue and not just the hack job I did removing the write-protect screw from the first one. Sigh. I think I might donate them to a school. On the whole, I'd prefer getting back 100% of the karma over getting back 30% of the money.

Have finally given up on waiting/helping to fix Linux on the Samsung Chromebook 3 (which, to be fair, was never sold as a machine for Linux, so no blame). Plus it's very underpowered with that Celeron. I just can't get behind waiting to see what I'm typing in Facebook and Google Docs. I'm going to flip them on eBay... yes, I had two. I had initially accepted blame for somehow messing up the first. Uh-uh. It's a compatibility issue.

So I splurged just a little on a used Dell Chromebook 7310 with an i3 processor (specifically). Oh man, is this an improvement. And the screen is IPS, which is nerdese for "really nice."

I've been using it for like 15 minutes, but so far I'd recommend finding a Dell 7310 on eBay rather than buying an underpowered new Chromebook.

Plus, it'll take a replacement SSD drive (m.2, 44mm size). So I have a much phatter one on the way. I'll be waiting until that arrives to rebuild it on GalliumOS, the Linux distribution for Chromebooks.

How did I choose this machine? The custom firmware to run Linux tidily on a Chromebook is made by a guy called mrchromebox. He has this machine, and he likes it. 😂

Still... it's bigger. 13" screen, not 11". The joke will be on me if the next time I fly out to visit my son in Vancouver, I can't open my laptop in Basic Economy.

Guess what my original motivation was to get a separate home machine...

Google did recently acknowledge there will be official support for Linux apps on Chromebooks, which is cool. But it doesn't sound like something every Chromebook will support, just as the "Android apps on your Chromebook convertible tablet" thing isn't for every Chromebook model. My goal has always been Real Linux On A Good Cheap Laptop.

Found one of these in the outgoing thrift pile and said whoa there, that's an optical zoom. Sure it's not a great camera, but nobody in the house has anything with an optical zoom, much less 27X. This thing's a keeper.

And it has a cute little USB cable tucked into its wrist strap. Score!

Except, when you plug it into your Linux box, Mac or Chromebook, it displays a message inviting you to install Windows-only software. Uh, thanks.

So what to do? I did some spelunking. Here's how to make it work.

It will show up like a thumbdrive would (it took a minute to show up on mine). Then you want to browse into it and go to:

PRIVATE -> AVCHD -> BDMV -> STREAM

There you will see filenames like 00000.mts. I'd never heard of an mts file either, but it's the same format used for Blu-Ray.

On a Chromebook you probably can't play it directly, but you can upload it to google photos via the website, and google photos knows what to do. Victory!

This works on Linux too, but a Linux machine can also play them with VLC Player or convert them to MP4 format with ffmpeg:

ffmpeg whatever.mts whatever.mp4

Or something to that effect. For me, playable video on Google Photos was sufficient proof of concept.

Speaking of Chromebooks, I have at last given up on the Samsung Chromebook 3 as a workable Linux machine. Nothing wrong with them running the OS they are made to run, I just haven't been able to beg, buy, borrow or absorb the skills to figure out why the keyboard starts duplicating keystrokes and the trackpad freezes after a while on Linux. So instead I've purchased a Dell Chromebook 7310... the model recommended by "mrchromebox," who writes the custom firmware for booting directly to Linux without a fuss on these. And I bought it with an i3 processor, not a Celeron, because come on, sometimes I have to get work done. Looks like I can also upgrade the SSD on that model.

I'll be flipping the two Samsungs on eBay. Yes, I had bought a second to see if I was responsible for the problems with the first. Since I have to disclose that the cases were opened, I might do better to donate them to a school. That way I get both karma and a tax writeoff. But it sounds like those writeoffs will be less important under the Trump tax code. I hate that this might influence my life choices in any way.

By request (!), everybody here now has a metric crapton of invites.

Ursula Le Guin passed away a few weeks ago. She was my favorite author.

To Mark her passing  I read The Daughter of Odren. Set in the same world of Earthsea as her early fantasy novels.

In her later career Le Guin wrote two additional novels extending the Earthsea Trilogy that you may be familiar with. Both of these, to a greater or lesser degree, attempt to fix the world she created in her early books back when she was writing as - in her own words - "an imitation man. A pretty good imitation man."

A novel to fix the afterlife, a novel to fix the patriarchy. Well... the second one wasn't quite that tidy. And it was the better for being complicated.

The Daughter of Odren is a short story, rounded up to a novella for Amazon. But I like it much better than either of the late novels. It concerns the daughter of Lord Odren, a landholder in Earthsea who is forced to go to sea to fight Pirates who are destroying the economic life of the island. During his absence, his wife takes up with a sorcerer... or is bewitched by him. The sorcerer engineers the father's demise on his return.

A traumatized son and daughter flee to the house of a nearby farmer. The son leaves to master Wizardry and seek revenge. The daughter becomes the wife of the farmer and plots revenge on the sorcerer as well.

But when her brother returns, the wizards of Roke have convinced him that his mother was the real source of the evil, controlling the sorcerer and killing their father. It is easier for them to blame a witch than imagine that one of their own has gone bad. Of course, it is patronizing to assume she was not a willing co conspirator. Or even, perhaps, a witch...

What begins as a simple family story turns into a clever commentary on the patriarchy, and the daughter's choices are real choices: limited and personal, but meaningful. I could say more, but I hate reviewers who ruin the story.

I will miss her new words. I look forward to reading more of the old ones.