SitesLinksOttawaLifePhotosTravelToolsJournalBlog
See More Stuff
Next
Sunday, June 9, 2019

CBC Radio Archive (Part5)

CBC Radio, Ideas, 2018

CBC Radio, Ideas, 2018

CBC Radio, Ideas, 2018

CBC Radio, Ideas, 2018

Steven Pinker and Ken Dryden: 'Where there's a way, there's a will' (important)

CBC Radio, Ideas, March 2018

When NHL legend Ken Dryden was about to publish his book, Game Change, he got in touch with Harvard psychologist and linguist, Steven Pinker, who was about to publish Enlightenment Now. Their common ground: what does it actually take to change someone's mind? Pinker also happens to have grown up in Montreal, and idolized the former Canadiens goaltender. The two talk to Paul Kennedy about the relationship of rhetoric and reason.

Hall of Fame goaltender Ken Dryden wants to change not just the rules of hockey, but the entire culture of the sport. There are simply too many serious head injuries, and the thinking behind the rules governing the game has lagged behind the realities of how it's actually played. Pulitzer Prize winning psychologist Steven Pinker believes that Enlightenment values have had their stock lowered on both the right and left, and he would like to see them resurrected — values like reason, science, humanism and progress. Too often, truth gets personalized. And we lose sight of the fact that life for most people has improved compared to any other epoch in history. And we owe that improvement, he argues, to the Enlightenment.

Progress in particular almost appears antiquated as an ideal. But both are firm believers in the notion that it is still viable, perhaps more than ever. Whether it's a sport in particular, or a society in general, changes for the better not only can be made; they have been made.

Into the Gray Zone with neuroscientist Adrian Owen (important)

CBC Radio, Ideas, March 2018

Dr. Adrian Owen's ground-breaking research demonstrates that some patients who were once considered to be in a vegetative state have some level of awareness and are able to respond to simple commands.

Imagining playing tennis lights up specific parts of the brain. Imagining walking through the patient's home lights up other distinct parts of the brain. Using these for simple yes or no questions, neuroscientists can communicate with some patients, learning how aware they are of their surroundings, or even simply asking them whether they are in pain.

Censorship and Identity: Free speech for me but not for you (important)

CBC Radio, Ideas, March 2018

Anti-racist black lesbian, Linda Bellos, was disinvited from giving a talk at Cambridge University because of her views on "trans politics". Whether it's redressing historical wrongs, new hate speech legislation, or safe spaces as a human right: when does the desire to accommodate aggrieved groups become censorship? - A debate among public intellectuals at London's Battle of Ideas.

The politics of outrage is especially intense on university campuses. Dalhousie University student activist Masuma Khan angered many when she posted on Facebook that people should boycott Canada Day because of its 400 year history of genocide. She said: "white fragility can kiss my ass". A fellow student then filed a complaint that her post was blatant discrimination against white people. At the University of Berkeley, free counselling was offered to students who felt they might be adversely affected by the words of Ben Shapiro, a right-wing commentator who was invited to speak on campus. In the larger world, free speech is sometimes shut down by ultra-conservatives. At Poland's annual nationalist rally, some participants said that Muslims living in the country should be placed under surveillance and made to wear arm-bands. In France, many nationalists want to limit or rid the country of new immigrants. The populist Sweden Democrats has targeted journalists because it believes they are endangering traditional Swedish values.

- Nick Gillespie is a libertarian journalist and editor-in-chief of Reason.com.
- Toby Young is co-founder of the West London Free School and associate editor at The Spectator.
- Jodie Ginsberg is the chief executive of Index on Censorship.
- Trevor Phillips is the founding chair of the Equality and Human Rights Commission. He is also co-founder of the diversity analytics research company.
- Frank Furedi is a public intellectual, author and professor emeritus of sociology at the University Of Kent.

- The Populist Explosion: How the Great Recession Transformed American and European Politics by John B. Judis, Columbia Global Reports, 2016.
- Free Speech: Ten Principles for a Connected World by Timothy Garton Ash, Yale University Press, 2017.
- Free Speech on Campus by Howard Gillman, Erwin Chemerinsky, Yale University Press, 2017.
- On Censorship by Salmon Rushdie, The New Yorker, May 11, 2012.
- A Nation of Snowflakes by Adam Swerer, The Atlantic, September 26, 2017.
- The Two Clashing Meanings of 'Free Speech' by Teresa M. Bejan, The Atlantic, December 2, 2017.
- 11 Canadian Books That Have Been Challenged, CBC Books, February 28, 2018.
- The Age of Offence by Ira Wells, Literary Review of Canada, April 2017.

Enright Files: Your brain on digital technology (important)

CBC Radio, Ideas, March 2018

Nicholas Carr is a prominent American journalist and author who sees our minds as being hopelessly susceptible to the endless distractions and rapid-fire barrage of information the Internet serves up to us. He further argues that rather than being a transformative tool for democratic participation change, the Internet has made our participation in civil society more fleeting. Nicholas Carr wrote The Shallows: What The Internet is Doing to our Minds.

Google, Apple, Facebook and Amazon came to dominate their markets by creating better products that people wanted. But to Franklin Foer, their hegemony poses grave dangers for democracy, let alone the principle of competition. He sees a handful of huge corporations monopolizing our attention and shaping our consciousness itself, not to mention our economies. Imagine if governments in Western democracies did as much to monopolize our attention and influence our minds and our way of life as big tech companies do today. Franklin Foer is a former editor of The New Republic Magazine, and he's the author of World Without Mind: The Existential Threat of Big Tech.

Last November Michael Enright spoke with Jean Twenge — a professor of psychology at San Diego State University — about her research into the effects of smartphones and social media on kids. Also taking part in that discussion was Clive Thompson, a widely-read Canadian technology journalist and the author of Smarter Than You Think: How Technology Is Changing Our Minds For The Better.

Is there a culture war against populism? (important)

CBC Radio, Ideas, March 2018

Is it a positive wave or a troubling pattern? In this age of anxiety over joblessness and immigration, populist leaders in Hungary, Poland, Turkey, Sweden and the Philippines are tapping in. Is populism, as the 1960's American historian Richard Hofstadter called it, "a paranoid style of politics"? Or is it what others describe as "the essence of democratic politics"? A debate among public intellectuals at London's Battle of Ideas.

Marine Le Pen will call herself a democrat. But that doesn't mean she is a democrat. You know Trump uses the phrase 'very fine people' to describe people who go to Charlottesville with supremacist ideas. That doesn't mean they're very fine people. – Elif Shafak

I think there's a silent cultural war against populism, it basically symbolizes the fact that for the first time since the end of the Cold War, the traditional establishment feels their basic values are being sort of challenged. – Frank Furedi

Globalization has given the political elites a sense of greater control and it's given non-elites a sense of economic loss, and a sense of loss of sovereignty. – David Goodhart

Good Cheer is a Great Idea!

CBC Radio, Ideas, February 2018

Almost twenty years ago, Paul Kennedy produced an IDEAS documentary about Samuel de Champlain's "L'Ordre de Bon Temps", which basically kept early French colonists at Port Royal, Nova Scotia alive through the brutal winter of 1606. Paul Kennedy recently learned that a group of foodie friends in Ottawa has turned Champlain's historic meal into an annual celebration. They gather together in the middle of every winter, to prepare a feast for family and friends, basically inspired by the menu and the recipes provided during that original broadcast.

The resistance of Black Canada: State surveillance and suppression (important)

CBC Radio, Ideas, February 2018

Canada's history of suppressing Black activism is coming to light like never before, thanks to researchers like PhD student Wendell Adjetey. Wendell's historical research uncovers evidence of clandestine government surveillance in the 20th century, while also bringing to life overlooked parts of this history. His work highlights the struggles and setbacks of Black activists in the 20th century, helping us understand the ripple effect of those legacies today.

I think the attempted suppression is rooted in a white supremacy that creates this idea that all things that are not white are dangerous and bad and scary and in need of watching. – Syrus Marcus Ware, visual artist and core team member of Black Lives Matter Toronto.

We as Canadians have contributed handsomely to a myth that makes us feel morally, politically, legally superior to the US at least on the question of race. It's a myth that allows us to think that we don't profit from those structures. – Saje Mathieu, historian, University of Minnesota.

Sheldon Taylor is a historian who completed his PhD at the University of Toronto, where he developed courses on African-Canadian history and the African diasporic experience. His PhD dissertation is called Darkening the complexion of Canadian society: black activism, policy-making and black immigration from the Caribbean to Canada, 1940s–1960s.

Simone Browne is an associate professor in the Department of African and African Diaspora Studies at the University of Texas, Austin. She is the author ofDark Matters: On the Surveillance of Blackness.

Robyn Maynard is an activist, writer and author of Policing Black Lives: State Violence in Canada from Slavery to the Present.

On Tyranny: 20 lessons from the 20th century (important)

CBC Radio, Ideas, February 2018

Authoritarianism is on the rise around the world. And Timothy Snyder wants to push back against this tide. A history professor at Yale University who's written widely on Europe and the Holocaust, takes an unusual approach in his little book, On Tyranny: Twenty Lessons from the Twentieth Century. It's not a sweeping historical analysis, but a collection of observations and suggestions on what forms resisting authoritarianism can take.

"What is patriotism? Let us begin with what patriotism is not. It is not patriotic to dodge the draft and to mock war heroes and their families. It is not patriotic to discriminate against active-duty members of the armed forces in one's companies, or to campaign to keep disabled veterans away from one's property… The president is a nationalist, which is not at all the same thing as a patriot. A nationalist encourages us to be our worst, and then tells us that we are the best… A patriot, by contrast, wants the nation to live up to its ideals, which means asking us to be our best selves."

"Before you deride the 'mainstream media', note that it is no longer mainstream and easy, and actual journalism that is edgy and difficult. So try for yourself to write a proper article, involving work in the real world: traveling, interviewing, maintaining relationships with sources, researching in written records, verifying everything… Journalists are not perfect, any more than people in other vocations are perfect. But the work of people who adhere to journalistic ethics is of a different quality than the work of those who do not."

"Fascists despised the small truths of daily existence, loved slogans that resonated like a new religion, and preferred creative myths to history or journalism. They used new media, which at the time was radio, to create a drumbeat of propaganda that aroused feelings before people had time to ascertain facts. And now, as then, may people confused faith in a hugely flawed leader with the truth about the world we all share. Post-truth is pre-fascism."

A book lover, his library and the Scottish Enlightenment

CBC Radio, Ideas, February 2018

Two hundred and fifty years ago, a relatively remote and economically-challenged country called Scotland became the surprising host to one of the most exciting intellectual developments in the world. Magically, the best and the brightest minds were being promoted and distributed by enterprising and adventurous publishers, in places like Edinburgh, Glasgow and Aberdeen. Not surprisingly, a select group of printers with rare genius rose to meet an obvious need.

Edinburgh bibliophile Dr. William Zachs takes Paul Kennedy through his library of amazing books that were published in Scotland during the heyday of the Scottish Enlightenment. At the time, Adam Smith, David Hume, James Boswell and The Encyclopaedia Britannica were runaway best sellers. But obscure titles from a wide range of intellectual disciplines reveal the astounding diversity of Caledonian cogitation.

Gabrielle Scrimshaw on liberating the past and embracing the future (important)

CBC Radio, Ideas, February 2018

Gabrielle Scrimshaw is a vibrant voice among a younger generation of First Nations leaders. She holds an MBA from Stanford University, and is completing her Masters in Public Administration at Harvard.

Gabrielle Scrimshaw grew up in Hatchet Lake First Nation, Saskatchewan. She left home at age 17 to study at the University of Saskatchewan, and then the University of Toronto. Along the way she co-founded the Aboriginal Professional Association of Canada.

Gabrielle Scrimshaw delivered the third annual Vancouver Island University Indigenous Speaker Series in November 2017.

Whose Lives Matter? (important)

CBC Radio, Ideas, February 2018

The Black Lives Matter movement demands serious answers from our society to questions about race, culture and prejudice. This episode features Janaya Khan, d'bi. young and Sandra Hudson in a panel discussion from the Stratford Festival Forum.

"You know, when I think of 'whose lives matter?' I think of — what are our lives worth? Is my life worth a noise complaint, is that enough to end it? When I call the police for help, because maybe I'm having an episode...and that need for help is seen as something threatening?" – Janaya Khan

"Allowing ourselves to believe that we can really change an entire system, just like our ancestors did — I think that's what it's going to take to really, truly shift this system — for everyone." – Sandra Hudson

"I want us to ask ourselves: what does it take for me to care about something beyond my own lived experience. What does it take for me to invest in a set of principles that are going to guide my performance in this game (of life)?" – d'bi. young

Imagining the singularity: What happens when computers transcend us? (important)

CBC Radio, Ideas, February 2018

"It could literally be the best thing that ever happened in all of human history if we get this right. And my main concern with this transition to the machine intelligence era is that we get that superintelligence done right, so it's aligned with human values. A failure to properly align this kind of artificial superintelligence could lead to human extinction or other radically un-desirable outcomes." – Nick Bostrom, Professor of Professor of Philosophy and Director of the Future of Humanity Institute at the University of Oxford.

We don't really know how to instill human values in a machine. Doina Precup, a computer scientist from McGill University suggests that one strategy might be simply having them learn by watching us — like children do.

Another challenge might be that a computer superintelligence could be superhuman without being very human-like — making it challenging for us to relate to. Chris Eliasmith, Director of the Centre for Neuroscience at the University of Waterloo, says we should be able to create machines which duplicate the functions of a brain — he's working on creating machine intelligence modelled on the organization and function of the human brain.

Science fiction writer and futurist Madeline Ashby points out that this is part of a long history of humanity thinking about creation — whether it's in ancient religious stories, or the more modern stories of creation that perhaps started with Frankenstein and continue through modern science fiction.

As Theologian James McGrath points out, we have a long history of imagining our relationship with beings that are superior to us, and many of these are cautionary tales.

Robin Hanson, an economist and futurist has explored this scenario in his book The Age of Em, and comes to a surprising conclusion. An uploaded life would not be a fantasy world of virtual-reality paradises. It would be a working world in which uploaded minds labour to earn their electricity and server space.

Why is there so much poverty in a rich country like Canada? (important)

CBC Radio, Ideas, February 2018

A discussion from the Stratford Festival.

"Poverty exists in our society because we've chosen for it to exist. Poverty is the entirely predictable outcome of policy choices and the legal infrastructure that we've created for building our economy and redistributing wealth in our society." – Fay Faraday – Social justice lawyer.

"Our employers should have the responsibility for our health and safety when we go to work, and for our working conditions. And — I don't think it's too much to ask for, that we should be able to pay our bills?" – Deena Ladd – Toronto-based Workers Action Centre.

"So demand leadership from our political leaders because they have a huge say in the poverty that happens in our society, and a way for us to eliminate poverty in our society." – Debora De Angelis – United Food and Commercial Workers Union of Canada.


Writer Heather O'Neill finds wisdom in an eccentric father's advice (important)

CBC Radio, Ideas, February 2018

Heather O'Neill is one of Canada's top fiction writers — winning awards, accolades, and readers for her vivid novels. But it was an unpredictable path to success: she comes from humble Montreal roots. She was raised by her single father — a janitor who wryly listed his real occupation as professor of philosophy. He offered his book-obsessed daughter a set of rules for life. In conversation, and in her Henry Kreisel Lecture at the Canadian Literature Centre in Edmonton, Heather O'Neill describes her dad's colourful advice to her, as well as the surprising people who made her into a passionate writer and reader, and helped her bridge the class divide that restricted her father's own life.

Andrew Feinstein exposes "the shadow world" of global arms (important)

CBC Radio, Ideas, January 2018

Buying and selling weapons is a huge, and highly secretive, business — for governments, aerospace and defence companies, and black market profiteers alike. In this UBC Wall Exchange talk from Vancouver, former South African politician and current U.K. corruption researcher Andrew Feinstein argues that the arms trade does not make us more secure. In fact, he contends that it fuels conflict, undermines economic progress and democracy, and — with its unintended consequences — endangers citizens everywhere.

Western-made weapons used against civilians in the war in Yemen. Guns meant to arm American-allied soldiers in Syria, used against those same soldiers. Armoured vehicles from Canada, used by Saudi security forces against their own citizens. It seems the ultimate route of weapons is never predictable, and that is just one of the troubling issues that author Andrew Feinstein raises in his exploration of the shadow world of global arms.

The Scottish Enlightenment: The invention of modern mind and culture (important)

CBC Radio, Ideas, January 2018

Sheila Szatkowski — author of Enlightenment Edinburgh: A Guide — provides a walking tour of intellectual hotspots. Arthur Herman — author of How the Scots Invented the Modern World — adds historical and cultural context. On Burns' Night, it seems appropriate for everybody to feel just a little bit Scottish.

Wade Davis: Light at the edge of the world (important)

CBC Radio, Ideas, January 2018

In our age, many societies look like they're hurtling towards disorder and disunity. For all of our technological sophistication, the centre isn't holding, great civilisations seem less united than ever. Wade Davis thinks we need to pay more attention to the values, the voices, and the concerns of Indigenous peoples. We have a lot to learn by listening more carefully. Wade Davis in a discussion with Paul Kennedy, with excerpts from a lecture at the Ontario Heritage Trust.

Travels through Trump's America one year later (important)

CBC Radio, Ideas, January 2018

It’s been one year since Donald Trump’s inauguration. His official swearing-in compelled many Americans reflect on what America actually is now, politically, socially and culturally. Contributor David Zane Mairowitz is originally from America, and has been living in Europe for over fifty years. He returned to the U.S. in the spring of 2017 to travel through six southern states, where he recorded his encounters with everyday people at restaurants, churches -- and gun shows. His aim: to gain insight into an America he’s now struggling to comprehend.

Making art that matters: The 2017 Sobey Art Award

CBC Radio, Ideas, June 2018, Part 1, Part 2

Part 1 profiles the four finalists: Raymond Boisjoly, Divya Mehra, Bridget Moser and Jacynthe Carrier. Part 2 profiles the 2017 Sobey Art Award winner, Ursula Johnson.


First Nation, Second Nation: A discussion about the state of Indigenous people in Canada today

CBC Radio, Ideas, January 2018

In a country where just about all of us are immigrants, Indigenous people are creating new structures and rediscovering old values. A discussion from the Stratford Festival featuring Leanne Betasamosake Simpson, Jarrett Martineau and Alexandria Wilson.

Decoding prehistoric art with Jean Clottes

CBC Radio, Ideas, January 2018

The songs and stories of prehistoric humans are gone. All that remains of their culture is their art. It's the one thing that can bridge the vast, silent chasm of time between then and now. IDEAS contributor Neil Sandell introduces us to the French archaeologist Jean Clottes, a man who's devoted his lifetime trying to decipher the rich, enigmatic world of cave art.

Ken Dryden on changing the idea of hockey (important)

CBC Radio, Ideas, January 2018

Game Change, the book written by NHL legend, Ken Dryden, is on one level about the increasing number of concussions hockey players have. But it's also about changing the way decision-makers make decisions. As he tells host Paul Kennedy, being right isn't enough. That's why Dryden has turned the old adage "where there's a will, there's a way" on its head. He argues passionately that if there's a way, there's a will.

First Nations in the first person: Telling stories & changing lives

CBC Radio, Ideas, January 2018

The stories of three Indigenous people told in their own words. Sandra Henry of Winnipeg is a former social worker. Brielle Beardy-Linklater is an Indigenous transgender activist from the Nisichawayasihk Cree Nation. Theodore Fontaine is an author and a former chief of the Sagkeeng First Nation in Manitoba.

The Enright Files on suffering, sorrow and the search for meaning (important)

CBC Radio, Ideas, January 2018

This month's edition of The Enright Files explores how the works of Viktor Frankl, Anton Chekhov and Joan Didion wrestle meaning and solace from tragedy, horror and suffering


Sailing Alone Around the World

CBC Radio, Ideas, April 2013

In 1895 a retired Canadian sea captain set off to sail alone around the world. It had never been done, and it took Joshua Slocum three years, but the book of his adventures made him famous. Since then, fewer than 200 people have sailed in his wake and two of them are also Canadian. IDEAS contributor Philip Coulter explores this greatest challenge sailors set for themselves — possibly the greatest of all human challenges.

Have insomnia? Blame the Romantic poets

CBC Radio, Ideas, December 2017

In Hunt's studies of English poets of the Romantic period she zeros in on references to sleep, or lack thereof. By tying references like "anguish and agony" of the "unfathomable hell within," with her readings of medical texts and historical accounts from that period she reveals how the poems reflect a major shift in how insomnia was understood.

"There were any number of threats to peaceful repose," says Roger Ekirch, a historian at Virginia Tech University. "Illness kept many people awake at night — the cold, the heat, the unholy trinity of early modern entomology: lice, fleas and bedbugs, and that's just the beginning. Most homes rattled in a breeze and never were people more vulnerable to [fears of] Satanic demons."

Revisiting Glenn Gould's revolutionary radio documentary, 'The Idea of North'

CBC Radio, Ideas, December 2017

Glenn Gould's landmark documentary, The Idea of North, first aired on CBC Radio on December 28, 1967.

In his boldly experimental program about the Canadian north, the pianist used a technique he called "contrapuntal radio," layering speaking voices on top of each other to create a unique sonic environment situated in the space between conversation and music.

In Return to North: The Soundscapes of Glenn Gould, CBC contributor Mark Laurie talks to four people who knew Gould intimately, and reinterprets Gould's contrapuntal technique to explore the landscape of Gould's life — and his ideas about music and radio.

Shakespeare in the Funny Pages

CBC Radio, Ideas, December 2017

What if Shakespeare's characters escaped from the play that they're in, and went off on a grand adventure of their own, freed from the chains of their creators imagination? What if they lived in the modern era and communicated with cellphones and autocorrect? Well, all things are possible through the magic of the human mind. In this episode, a panel discussion from the Stratford Festival featuring Mya Gosling and Conor McCreery in conversation. The discussion is moderated by the Stratford Festival's literary and editorial director, David Prosser.

Playdoh's Republic: Children as natural philosophers (important)

CBC Radio, Ideas, December 2017

Why were we born? Is life just a dream? What makes something wrong or right? Children often ask questions like these — sometimes to the exasperation of their parents. But children really want to know why the world is the way it is. And they want to know how we know. Maybe that's because they're open, curious and inquisitive — they're natural philosophers.

Journalism in the age of fake news (important)

CBC Radio, Ideas, December 2017

Established news media no longer have the monopoly on how we consume our news, and "fake" news is proliferating. Now purveyors of false news are saturating social media, emboldened by a U.S. president who regularly derides mainstream journalists as creators of fake news. In panel discussions at the Banff Centre, part of The Democracy Project, journalists ponder reporting in an age where political leaders attack them to discredit their work.

Facebook, Google, Apple and Amazon are manipulating our lives and threatening our democracy (important)

CBC Radio, Ideas, December 2017

The internet began with great hope that it would strengthen democracy. Initially, social media movements seemed to be disrupting corrupt institutions. But the web no longer feels free and open, and the disenfranchised are feeling increasingly pessimistic. The unfulfilled promise of the internet has been a long-term concern of Digital Media and Global Affairs expert Dr. Taylor Owen, who delivers the 2017 Dalton Camp Lecture in Journalism. He argues the reality of the internet is now largely one of control, by four platform companies — Google, Facebook, Amazon and Apple — worth a combined $2.7 trillion — and their impact on democracy is deeply troubling.

How filmmakers and fishers saved Fogo Island (important)

CBC Radio, Ideas, December 2017

A little over fifty years ago, while the rest of the country was celebrating Canada's Centennial, the friendly folks on Fogo Island — most of whom were fishers — were ordered to abandon their homes and resettle in larger communities on the larger island of Newfoundland. Memorial University's Extension Department invited the National Film Board of Canada to visit Fogo, and interview people about their future. At the end of what is now called The Fogo Process, they voted to stay put, form a cooperative, and take over the fish plant. It became a model for alternative democracy around the world.

Conservative with age: Why your political stripes change over time (important)

CBC Radio, Ideas, December 2017

No one really knows who first coined the saying, "If you're not a socialist at twenty, you have no heart, and if you're not a conservative at forty, you have no brain." It wasn't British Prime Minister Winston Churchill or Oscar Wilde, though it's often attributed to them. The smart money seems to be on a rather obscure French jurist from the 19th century, Anselme Batbie.

Whatever the source, it's been repeated for well over a century because it seems to ring true. Youthful ideals give way to the pragmatism as the years go by. But why do so many of us seem to follow in the footsteps of that old adage? Why do others resist it? And what does the adage reveal about the way we come to hold our political beliefs?

The enduring power of Albert Camus' L'Étranger (important)

CBC Radio, Ideas, December 2017

It's been 75 years since Albert Camus published L'Étranger — usually translated as The Stranger or The Outsider. And it continues to be the most translated book from French into English. Given how intense questions about "the other" are across the globe — who really belongs where and who doesn't — Camus' book is even more relevant than ever. Radio Canada producer Danny Braun speaks with a novelist, a rapper, some academics and a former death row inmate to delve into the enduring appeal of L'Étranger — both to the intellect and to the heart.

Award-winning authors on balancing chaos and control

CBC Radio, Ideas, December 2017

A parent's fear. A child coping. The final stops of life. These are the ways that some top Canadian writers — all winners of 2017 Governor General's Literary Awards — addressed our challenge to create an original piece of writing on the theme of chaos and control. They reveal where their imaginations travelled, from the most intimate moments of family life, to the largest of cultural questions. Featuring talk and readings from: Hiro Kanagawa, Cherie Dimaline, Richard Harrison, and Oana Avasilichioaei.

Borges' Buenos Aires: The Imaginary City

CBC Radio, Ideas, December 2017 Part1, Part2

The Argentinian writer Jorge Luis Borges had a profound influence on the shape of modern literature. And he himself was profoundly shaped by the city he grew up in — Buenos Aires – a city that plays a major role in many of his stories. One of the great experimental writers of the 20th century, Borges believed that a story is a doorway to a world larger than itself, and that the act of reading is an essential part of both the making and the meaning of the story: the writer and the reader are in a great river, together.

Philip Coulter goes on a walking tour of Borges' Buenos Aires, in the company of the celebrated writer, Alberto Manguel, who used to read to the blind Borges as a teenager, and who, like Borges before him, is now director of the National Library in Buenos Aires.

Precarious Work: David Weil on the disappearing company job (important)

CBC Radio, Ideas, December 2017

For most of the 20th century, everyone — from the janitor to the CEO — was employed by "the company". But increasingly, large corporations are outsourcing work to small companies, often abroad. For workers, this change means lower wages, fewer benefits and an intensified widening of income inequality, with huge financial gains going to the top one percent. In a lecture and subsequent interview with Paul Kennedy, scholar and Barack Obama appointee, David Weil, talks about precarious work and the disappearing company job.

A fissured workplace is becoming our new norm, and having a radical impact on widening income inequality, according to scholar and Obama-appointee, the former Labor Standards Regulator, David Weil. Professor Weil coined the term to explain how many large companies — Apple, The Marriott Hotel, Amazon — are no longer direct employers of the people behind their products and services.

The Enright Files on changing the way we think about the natural world (important)

CBC Radio, Ideas, December 2017

Our relationship with the natural world may be our most important, aside from our relationship with each other, yet it has become seriously out of balance. Humans have wrought enormous destruction to the environment, to other species and to the global climate in the name of progress and improving our quality of life. In this month's edition of The Enright Files, Michael speaks to three people who are changing the way we think about our relationship with the natural world, from one-on-one relationships with animals to the massive, unwieldy issue of our impact on a geological scale.

- Brian Brett: Growing up as a "parrot among crows," androgyny and human-animal relationships
- Peter Wohlleben on The Hidden Life of Trees
- Katharine Hayhoe on changing minds about climate change

Making a better world with a culture of 'citizen eaters' (important)

CBC Radio, Ideas, December 2017

Michael S. Carolan is the author of No One Eats Alone: Food as a Social Enterprise. He gave a public talk in Toronto in the autumn of 2017, and made the following provocative argument: we can change our relationship to food — how's it's made, distributed and even consumed — by changing our relationships with each other, and maybe open up the possibility of creating a better world.

CBC Radio, Ideas, 2017

How Martin Luther invented the modern world (important)

CBC Radio, Ideas, November 2017

It has been 500 years since Martin Luther supposedly nailed his 95 theses to the door of the Castle Church in Wittenberg, Germany. There's no proof he ever did that — and it may not matter. We're still living in the aftershocks of the religious, political and social revolution that he began. This program looks at Martin Luther's legacy, and why he still evokes impassioned debate today.

Why democracy depends on how we talk to each other (important!!)

CBC Radio, Ideas, November 2017

Does democracy have a future? It's a question is being asked in democracies everywhere. People are frustrated with politics and politicians. And politicians appear weary of democracy. Now populist uprisings to protect the status quo are threatening the foundations of democracy itself. Michael Sandel is a world-renowned political philosopher at Harvard University — and the 2017 LaFontaine-Baldwin lecturer. But he doesn't "lecture" in the usual sense of the term: he interacts with his audience, not only answering their questions but asking them questions to make them think and reflect

Roaming Imagination: What the stories we tell about bears say about us

CBC Radio, Ideas, November 2017

Bears hold a powerful place in the human psyche. From early cave drawings and myths as old as language itself, to modern scientific research, the family Ursidae has captivated the imaginations of humans around the world. At the heart of our obsession are contradictions: a magnetism that draws us in and fear that pushes us away. Contributing producer Molly Segal explores the stories we share about bears, what they say about us and our future.

Friesen Prize winner Dr. Alan Bernstein: Team science will save the world! (important)

CBC Radio, Ideas, November 2017

As an individual, he may be one of Canada's top scientists, respected the world over. But Dr. Alan Bernstein believes collaboration is what takes science to the next level. The 2017 Friesen Prize winner is enthused about the richness and diversity of scientific research today, as he details in his public talk. He also speaks one-on-one with Paul Kennedy about his trajectory in medical and health science, working on stem cells, blood cell formation, and cancer. He's also explains why — despite those personal accomplishments — he's devoted to bringing great minds together.

Confronting the 'perfect storm': How to feed the future (important)

CBC Radio, Ideas, November 2017, Part1, Part2

We're facing what could be a devastating crisis—how to feed ourselves without destroying the ecosystems we depend on. We already produce enough food to feed everyone on the planet. Yet 800 million people are undernourished, while another 2 billion are overweight or obese. And at the same time, almost one third of the food we produce goes to waste. In partnership with the Arrell Food Institute at the University of Guelph we seek out creative solutions to a looming disaster. In this episode we hear from waste expert Tammara Soma and international food security expert Tim Benton

In Canada we waste about a third of the food we produce. And yet four million Canadians experience food insecurity. In partnership with the Arrell Food Institute at the University of Guelph, we hear from Dawn Morrison whose work focuses on Indigenous food sovereignty and Bryan Gilvesy, a long-horn cattle rancher who puts sustainability first.

Naked in the Mirror: Stephen Greenblatt on our obsession with Adam & Eve

CBC Radio, Ideas, November 2017

Professor Greenblatt, author of The Rise and Fall of Adam and Eve, believes this compelling and contradictory tale of the first man and woman is masterly storytelling that goes straight to the core of some of our most vital human questions.

The 2016 U.S. Election: We had no idea it would be like this (important)

CBC Radio, Ideas, November 2017

When Hillary Clinton announced that she would run for President, everyone knew the 2016 United States election could be a historic one. We had no idea how historic or unprecedented this election would become. On this month's edition of The Enright Files, we revisit The Sunday Edition's coverage of the candidates and the turmoil within their parties in the months leading up to the election — and the growing unease around what the election would mean for the U.S. and the rest of the world.

- Joan Walsh, National Correspondent for The Nation magazine and political analyst for MSNBC.
- Thomas Frank, columnist with Harper's Magazine, and author of What's Wrong with Kansas: How Conservatives Won the Heart of America and Listen, Liberal: or Whatever Happened to the Party of the People.
- David Frum, former speechwriter for President George W. Bush, conservative commentator and senior editor at the Atlantic Magazine.
- Arlie Hochschild, Professor Emerita in the department of sociology at the University of California at Berkeley and author of Strangers in Their Own Land: Anger and Mourning on the American Right.
- Moustafa Bayoumi, Canadian-American associate professor of English at Brooklyn College and author of How Does It Feel to Be a Problem: Being Young and Arab in America.
- Patricia J. Williams, James L. Dohr Professor of Law at Columbia University and author of The Alchemy of Race and Rights and Seeing a ColorBlind Future: The Paradox of Race.

The 2017 CBC Massey Lectures - In Search of a Better World (important)

CBC Radio, Ideas, November 2017

A call to action for our times, Payam Akhavan's 2017 CBC Massey Lectures, In Search of a Better World: A Human Rights Odyssey, is a powerful survey of some of the major human rights struggles of our times — and what we can do about it.

Renowned UN prosecutor and human rights scholar Payam Akhavan has encountered the grim realities of contemporary genocide throughout his life and career. Deceptive utopias, political cynicism, and public apathy, he says, have given rise to major human rights abuses: from the religious persecution of Iranian Bahá'ís that shaped his personal life, to the horrors of ethnic cleansing in Yugoslavia, the genocide in Rwanda, and the rise of the Islamic State.

But he also reflects on the inspiring resilience of the human spirit, and the reality that we need each other, to set us free from ideology and go about building that better world.

Democracy Undermined? Debating the impact of Donald Trump's presidency on democracy (important)

CBC Radio, Ideas, November 2017

The Munk Debates put it starkly: Be It Resolved, American democracy is in its worst crisis in a generation, and Donald J. Trump is to blame. Andrew Sullivan and E. J. Dionne argue in favour of the resolution, Kimberley Strassel and Newt Gingrich against.

Creating a city for all: The future of cities in the 21st century (important)

CBC Radio, Ideas, October 2017

Athens, Rome, Venice. History offers many examples of cities that were their own world, independent mini-states that offered freedom of ideas and a model for social cohesion — alternative societies that have often been in conflict with the larger surrounding state. Cities still drive social progress, but many factors are changing our modern world, and cities are again being forced to retool and rethink how they work.

- Sevaun Palvezian isChief Executive Officer of the Toronto non-profit CivicAction.
- Gil Penalosa is founder and chair of 8 80 Cities.
- Lorna Day is Director of Urban Design for the City of Toronto

Meat on the table: Can we justify consuming animals? (important)

CBC Radio, Ideas, October 2017

If you typically eat three meals a day, then it's a choice you make more than one thousand times a year. And if you're like most people, that choice probably involves meat or dairy, or both. On top of that, many of the clothes we wear are made from animals. But can something that nearly everybody on the planet is doing ━ and has been doing for millions of years ━ be immoral?

For Gary Francione, the answer is a resounding "yes". But Nicolette Hahn Niman sees Francione's abolitionist view as unnecessarily extreme ━ even harmful. She is a California beef rancher, lawyer, and the author of Righteous Porkchop and Defending Beef: The Case for Sustainable Meat Production.

Sex, Truth and Audio Tape: Shifting identities on a changing sexual landscape (important)

CBC Radio, Ideas, October 2017, Part1, Part2

It's often been said that everything in the world is about sex, except sex itself — sex is about power. So what are we to make of today's sexual landscape, where we see the most diverse range of orientations and expressions of sexuality in history? Lesbian, gay, queer, cis, pansexual, leather daddies, stone butch, asexual... the list keeps growing. And there is entrenched push-back against that expansion. So who gets to say what about whom? And as the sexuality landscape broadens, what will it mean?

The Harvey Weinstein story has unleashed a veritable tsunami of sexual assault and harassment claims. And there's a huge gender gap at work: overwhelmingly, men are the accused perpetrators; women, the victims. IDEAS producer Mary O'Connell explores the motivations, conscious and unconscious, behind this disturbing dynamic.

El Sistema: How the power of music helped change Venezuelan lives

CBC Radio, Ideas, October 2017

In 1975 the Venezuelan economist and musician Jose Antonio Abreu started an after-school music programme for street kids in Caracas. It was primarily a social action project- how to solve a problem of lawlessness and aimlessness among youth — but it was also about encouraging a love of music for its own sake. El Sistema became a revolutionary movement that has transformed the lives of hundreds of thousands of children — and also helped create a few generations of musicians and a nation of music lovers. Jose Antonio Abreu died last month, and we're re-broadcasting this documentary about El Sistema as a tribute to a great visionary.

Dark tower of dreams: Inside the Walled City of Kowloon

CBC Radio, Ideas, October 2017

The infamous "Walled City of Kowloon" was once the most populous spot on the planet. With 1.2 million people per square kilometre, it was a gigantic squatter's village. Nobody planned it, but somehow it worked, until it was demolished, just before the British handed Hong Kong back to China. Paul Kennedy speaks with photographer Greg Girard, and urban designer Suenn Ho, about what the Walled City meant to them, and him

The Enright Files on Vladimir Putin's Russia (important)

CBC Radio, Ideas, October 2017

Since 2000, Russia has been Vladimir Putin's state. Putin has served as president for 13 years since 2000, in addition to four years as prime minister from 2008 to 2012.

In that time, Putin has been credited with bringing relative prosperity and stability to Russia, restoring to Russia the geopolitical heft it enjoyed in the Soviet days, and outmaneuvering the West in global trouble spots like Syria and Ukraine.

Russia may no longer be seen as an existential threat to the world, but Putin is regarded as a brazen provocateur and troublemaker, a supporter of rogue regimes and an underminer of the electoral process in Western democracies. Most notoriously, he's been accused of meddling in the 2016 U.S. election, perhaps even colluding with the Donald Trump campaign to defeat Hillary Clinton.

And there are many in Russia who think of him more as a czarist or Stalinist than as a democratic leader. Putin's regime has a reputation for being thuggishly, even murderously repressive toward opposition leaders, anti-corruption crusaders and journalists. Ask a lot of people what's the best way to get rich in Russia, and they'll tell you—be a friend of Vladimir Putin's.

The edge of musical thinking: Capturing the spirit of tango and vibrato

CBC Radio, Ideas, October 2017

In this episode of Ideas from the Trenches, we feature two musicians from the Schulich School of Music at McGill University who are deeply immersed in investigating the evolution of their art forms and the conflicts within. Flutist and PhD student Hannah Darroch takes us into a controversy known as 'the Vibrato Wars', centring on an all-important 'wobble' in the note that either expresses the human spirit or is "worse than cholera," depending on whom you ask. And cellist Juan Sebastian Delgado is a recent PhD graduate who searches out the essence of tango in today's challenging 'nuevo tango' music.

Master of his own design: Conversations with Frank Gehry

CBC Radio, Ideas, 2017, Part1, Part2

Canadian-born Frank Gehry has been called the greatest architect of our time. And yet he's still a rebel in his field. His sensual, sculptural buildings reject the cold minimalism and glass boxes of Modernism, and the ornate flourishes of post-modernism. Gehry, now 88, became famous in his late 60s, when his extraordinary design for the Guggenheim Museum became a reality twenty years ago in Bilbao, Spain. A complex and engaging man, who's been open about his disdain for the media, gave IDEAS producer Mary Lynk a rare chance to talk with him in California.

Therefore Choose Life: The Lost Massey Lecture by George Wald (important)

CBC Radio, Ideas, October 2017

In 1970, outspoken Harvard biologist George Wald became the first natural scientist to give the CBC Massey Lectures. The Nobel Prize winner championed diversity—biological and philosophical, as well as the value of both life and death. He also spoke out about long-term negative consequences of social inequality, and environmental pollution; and he took a public stand against the war in Vietnam. Wald's Massey broadcasts were a huge success. But he never got around to publishing them as a book. Now Lewis Auerbach, who produced the 1970 Wald lectures, has recovered the typescripts and tells the remarkable backstory of Wald and his Massey talks, which have only now been published.

Decolonization: The Next 150 on Indigenous Lands

CBC Radio, Ideas, September 2017

Every year thousands of academics from across the country gather for the Congress of the Humanities and Social Sciences. It's the largest annual gathering of scholars in Canada.

This year Congress was hosted by Ryerson University with the theme "The Next 150 on Indigenous Lands."

The future of work (important)

CBC Radio, Ideas, September 2017 Part1, Part2, Part3

AI and robots seem to be everywhere, handling more and more work, freeing humans up — to do what? In this 3-part serie, contributor Jill Eisen explores the digital revolution happening in our working lives. Artificial intelligence is on the verge of replacing our own intelligence. It took decades to adjust to machines out-performing human and animal labour. What will happen when robots and algorithms surpass what our brains can do? Some say digital sweatshops—repetitive, dull, poorly paid and insecure jobs—are our destiny. Others believe that technology could lead to more fulfilling lives.

The biggest innovation in the world of work in the last decade has been the rise of online platforms which connect workers and customers. Uber and Airbnb are the most well known, but there are dozens of others. Upwork connects businesses with independent professional, TaskRabbit, handy and jiffy are platforms for various home services, Amazon Mechanical Turk is on-line marketplace for small computer tasks called micro-tasks, and the list goes on.

The future of work has become one huge, nerve-wracking question mark. Technology was once believed to be our deliverance. We'd be working shorter hours, and about the only stress we'd have would be to figure out what to do with all our leisure time. But technology hasn't quite delivered on that promise. We're working longer hours, there are fewer jobs and and a lot less job security. In Part 3 of her series on the future of work, Jill Eisen looks at the promise of technology — and how it can lead to a better world.

Autonomy: The unexpected implications of self-driving vehicles

CBC Radio, Ideas, September 2017

We're racing down the highway to autonomous cars, whether it takes 10, 20 or 30 years. But what happens to our economy, the shape of our cities, and even our century-old car-centric culture once the vehicles arrive? Contributing producer Sean Prpick steers through the excitement, opportunities, roadblocks, and unmarked curves as we are driven into the future by a technology that may understand us better than we understand it.

The Politics of the Professoriat: Political diversity on campus (important)

CBC Radio, Ideas, September 2017

Universities are supposed to be dedicated to the exchange of ideas. But according to social psychologist Jonathan Haidt, campuses now skew so far to the left that they've become what he calls "political monocultures" in which voices that stray too far from liberal orthodoxy are shouted down. Paul Kennedy speaks with Professor Haidt – and with other scholars who have been thinking about the complex question of diversity on campus.
- Igor Grossmann is director of the Wisdom and Research Lab, based at Waterloo University, in Ontario.
- ​Jonathan Haidt is Professor of Ethical Leadership in the Stern School of Business at New York University.
- Heather Mac Donald, a lawyer by training, is a Thomas W. Smith fellow of the Manhattan Institute.

Tuesday, May 14, 2019

PHP MySQL (MariaDB) in AWS Micro with Amazon Linux 2

Introduction

This shows how to migrate your webserver from Amazon Linux to Amazon Linux 2. The initial Amazon Linux setup guides are here and here, but they're very old and I've included the necessary bits for first-timers below.

If you don't already have an AWS account

You can start with a free account. To sign up, you just provide: email, password, billing info, enter a capcha, and they auto-dial your home phone and get you to enter a pin.

After you receive your confirmation email, you need to sign in to the AWS Management Console

But what if someone keylogs your AWS password? You're exposed to billing-by-usage liability. Get multi factor authentication at aws.amazon.com/mfa. You can purchase a device from onlinenoram.gemalto.com.

Instance & Region

The initial free offering was a t1.micro, and there was only one eastern america region (Nothern Virginia). When you launch an EC2 instance you have to choose an availability zone within a region.

The current free offering is a t2.micro. But you have to consider the unlimited option and the t3 alternatives. For reference, I ran a LAMP stack with peaks of 200 users per day with the t1.micro with no noticeable lag. For this application, the on-demand total cost is USD $14.40/mo for the t1.micro instance and $1.22 for the EBS.

The key difference between t1.micro and t2.micro is the way the CPU bursting happens. It is not possible to predict or control the performance of t1.micro. With the T2 instance types, you can accumulate points that can be redeemed within 24 hours to get predictable performance. During a burst, when you run out of credits it falls back to the Baseline CPU Performance. (cloudacademy.com)
T2 standard was misunderstood due to its CPU throttling over baseline. Amazon introduced T2 unlimited as a way to overcome the CPU throttling with a pay for credit mechanism. The new introduction – T3, is a T2 unlimited with some subtle variations. (cloudsqueeze.ai)
t1.micro:  0.6 GiB, 1 vCPUs,                    poor network,     $0.0200/hour 
t2.micro:  1.0 GiB, 1 vCPUs (for 2h 24m burst), moderate network, $0.0116/hour 
t3.micro:  1.0 GiB, 2 vCPUs (for 2h 24m burst), moderate network, $0.0104/hour 
t3a.micro: 1.0 GiB, 2 vCPUs (for 2h 24m burst), moderate network, $0.0094/hour
(ec2instances.info)

t2.micro: 1 vCPUs, Baseline per vCPU = 10%
t3.micro: 2 vCPUs, Baseline per vCPU = 10%
(amazon.com)

Note that "1 vCPUs for a 2h 24m burst" is the same as "10% of 1 vCPU in a 24 hour period", and that t3.micro is effectively 20% of a vCPU. There is a good explanation at roberttisdale.com. On a t2.micro, you're constantly earning enough credits to drive the CPU at 10%. If your server load is a constant 10%, then you never earn any extra and never burst. If your customer demand is a constant 11% then your server is capped at 10% and your users have to wait.

The micro instance provides different levels of CPU resources at different times (up to 2 ECUs). By comparison, the m1.small instance type provides 1 ECU at all times. The following figure illustrates the difference. (archive.org)

They don't explicitly say, but the figure suggests that the t1.micro background level should be ~20% of an ECU in order to not have peaks throttled. So it's not clear if a t2 is weaker than a t1, but a t3 is certainly stronger than t1.

CPU credits on a running instance do not expire. For T3 and T3a, the CPU credit balance persists for seven days after an instance stops. For T2, the CPU credit balance does not persist between instance stops and starts. (amazon.com)
In standard mode, if the instance is running low on accrued credits, performance is gradually lowered to the baseline performance level. In unlimited mode, the instance can run at higher CPU utilization for a flat additional rate per vCPU-hour. T3 and T3a instances are launched as unlimited by default. T2 instances are launched as standard by default. (amazon.com)
T3 uses Intel Xeon processors and provides 30% price performance over T2. T3a uses AMD EPYC processors and provides 10% price performance over T3. (amazon.com)

concurrencylabs.com has a very extensive article explaining the price, latency and service difference between different regions.

May 3rd, 2019

On-Demand Linux:

US East (Ohio)       t3a.micro $0.0094/hr = $82/yr
                      t3.micro $0.0104/hr = $91/yr
US East (N.Virginia) t3a.micro $0.0094/hr = $82/yr
                      t3.micro $0.0104/hr = $91/yr
Canada (Central)     t3a.micro (not available)
                      t3.micro $0.0116/hr = $102/yr
(amazon.com)

Reserved Linux, standard 3-year term, partial upfront:

US East (Ohio)       t3a.micro $49.00 + $1.39/mo = $33/yr
                      t3.micro $55.00 + $1.53/mo = $37/yr
US East (N.Virginia) t3a.micro $49.00 + $1.39/mo = $33/yr 
                      t3.micro $55.00 + $1.53/mo = $37/yr
Canada (Central)     t3a.micro (not available)
                      t3.micro $61.00 + $1.68/mo = $40/yr
                      
(amazon.com)

Note that I don't consider the EBS region difference cost because as described above it is only 8% of my total cost. Also, T3a is the better deal but I'm willing to pay the extra $3/yr to be hosted in Canada.

Therefore for a personal LAMP stack in eastern Canada that doesn't generate income you should use T3 in standard mode in Canada (Central) aka Montreal.

Concepts

If you're new to AWS, you'll also need to get familiar with these concepts.

Amazon EBS volumes are off-instance storage that persists independently from the life of an instance. ... can be attached to a running Amazon EC2 instance and exposed as a device within the instance. (aws.amazon.com/ebs)
An Elastic IP address is associated with your account not a particular instance, and you control that address until you choose to explicitly release it. Unlike traditional static IP addresses, however, Elastic IP addresses allow you to mask instance or Availability Zone failures by pro grammatically remapping your public IP addresses to any instance in your account. (aws.amazon.com/ec2)

This means that you don't want to "terminate" because that kills your EBS. Instead you start/stop your EC2. But each time it gets a new IP, so you need to assign it an elastic IP which you can then point to from DNS.

New t3.micro Instance

At first I tried "64-bit (Arm)", but that was only available in a1.medium and larger. Also, you have to select the region in the top-bar before using the "Launch Instance" wizard.

AWS Management Console
In the top-bar, select "Canada (Central)" in the Region drop-down.
In the top-bar, select "Services" > "EC2"
In the side-bar, select "EC2 Dashboard"
Click the "Launch Instance" button

Amazon Linux 2 AMI (HVM), SSD Volume Type
64-bit (x86)
Select
t3.micro

Next: Configure Instance Details

 Number of instances: (default) 1
 Purchasing option: (default) [unchecked] Request Spot instances
 Network: (default) VPC
 Subnet: (default) No preference
 Auto-assign Public IP: (default) Use subnet setting (Enable)
 Placement group: (default) [unchecked] Add instance to placement group
 Capacity Reservaton: (default) Open
 IAM role: (default) None
 CPU options: (default) [unchecked] Specify CPU options
 Shutdown behavior: (default) Stop  
 Enable termination protection: [checked] Protect against accidental termination
 Monitoring: (default) [unchecked] Enable CloudWatch detailed monitoring
 EBS-optimized instance: (mandatory) [checked] Launch as EBS-optimized instance
 Tenancy: (default) Shared  
 T2/T3 Unlimited: [unchecked] Enable

 Note that termination protection just prevents you from accidentally trashing 
 your instance when you just meant to power it off. And that by not allowing
 unlimited, you are not exposed to increased costs due to increased CPU.

Next: Add Storage

 Size (GiB): (default) 8
 Volume Type: (default) General Purpose SSD (gp2)
 Delete on Termination: (default) [checked]

Next: Add Tags

 (none)

Next: Configure Security Group

 Name: VPC-WebServerSecurityGroup
 Description: VPC-WebServerSecurityGroup

 SSH   TCP  22 1.2.3.4/32
 HTTP  TCP  80 0.0.0.0/0, ::/0
 HTTPS TCP 443 0.0.0.0/0, ::/0

 Note: we need 22 since that's in the default SSHD config,
 but we'll restrict to IP and later will change the port.

Review and Launch
Launch
Choose an existing key pair // if you don't have one, see below
WebServerKey 
Acknowledge
Launch Instances

If you've never created an EC2 instance before, you'll need to create a keypair like this:

 # continue
 - create a new key pair
 - name: WebServerKey
 # create and download your key pair 
 // this is WebServerKey.pem that you will use later with putty

After that, navigate to the EC2 dashboard where you can see the instance starting up.

Left-click the blank instance name and give it something meaningful.

In the Description tab below your new instance, take note of its Public IP.

Basic SSH

Clone your existing putty config but use the new IP and port 22. Connect to your instance with putty.

If you've never connected to an EC2 instance before and you just created WebServerKey.pem above, then you'll need to do the following.

If you're on windows, download putty.

The WebServer.pem key won't work with putty, you have to convert it. Download puttygen.

puttygen
 conversions > import key > WebServerKey.pem
 key passphrase: INVENT_A_STRONG_PASSWORD
 confirm passphrase: STRONG_PASSWORD_AGAIN
 save private key > WebServerKey.ppk
 exit

You now have an encrypted .ppk version of your plaintext .pem key. I'd suggest deleting, encrypting, or storing the .pem on a thumb drive.

Use putty to connect:

session.saved_sessions: amazon
session.host: YOUR_PUBLIC_DNS_FROM_ABOVE
session.port: 22
session.type: SSH
window.lines_of_scrollback: 2000
window.colours.use_system_colours: checked
connection.data.auto-login_username: ec2-user
connection.ssh.auth.private_key_file_for_authentication: WebServerKey.ppk

Session > Save
then double-click: amazon
- accept unknown thumbrint (only happens once)
- enter your .ppk passhprase

You're in! Now let's make it bullet proof.

Harden SSH

sudo yum -y update

That will probably pickup a bunch of updates.

Next make a copy of the config we're about to copy. We'll download it as a local backup later.

mkdir /tmp/org
sudo cp /etc/ssh/sshd_config /tmp/org
sudo chmod 644 /tmp/org/sshd_config

Now we'll harden the SSHD config.

sudo vi /etc/ssh/sshd_config

Ensure the following are in place.

# change the port to the custom SSH port from your security group
# this makes it a little bit harder for people to attack you as they
# now have to scan all ports to discover which is your SSH port
Port 12345

# Explicitly require strong protocol 2 (which is the default)
Protocol 2

# change this to no, we never want root access over SSH
PermitRootLogin no

# explicitly disable weak authentication systems
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreUserKnownHosts yes
IgnoreRhosts yes

# EC2 uses keys for remote access
PasswordAuthentication no
PermitEmptyPasswords no

# Explicitly disable Kerberos Authentication
KerberosAuthentication no

# Explicitly disable GSSAPI Authentication
GSSAPIAuthentication no

# explicitly disable x11 forwarding, we will never connect with a gui
X11Forwarding no

Reboot. This will pickup the SSHD changes and anything from the yum update.

sudo shutdown -r now

In the AWS Console remove the temporary port 22 entry from your security group so that you just have something like this.

VPC-WebServerSecurityGroup
 HTTP             TCP    80 0.0.0.0/0
 HTTP             TCP    80 ::/0
 HTTPS            TCP   443 0.0.0.0/0
 HTTPS            TCP   443 ::/0
 Custom TCP Rule  TCP 12345 1.2.3.4/32

Re-connect with putty now using the custom port. Note that the instance will have a new public IP.

No Lighttpd

Note that in the previous posts I used the Lighttpd webserver but packages from Amazon Linux 1 aren't available on Amazon Linux 2.

Here's what happens if you try the old packages.

Don't do this:

$ sudo yum -y install lighttpd lighttpd-fastcgi
No package lighttpd available.
No package lighttpd-fastcgi available.

$ sudo yum -y install mysql mysql-server
No package mysql-server available.
Package mariadb.x86_64 1:5.5.60-1.amzn2 will be installed

$ sudo yum -y install php-cli php-mysql php-mbstring php-xml
Package php-mysql is obsoleted by php-mysqlnd, trying to install php-mysqlnd-5.4.16-45.amzn2.0.6.x86_64 instead

Install LAMP

First, have a look at the default users and groups on your system.

sudo cat /etc/passwd
sudo cat /etc/group

I make a local backup of these for my records.

Tutorial: Install a LAMP Web Server on Amazon Linux 2

Apache web server
PHP 7.2
MariaDB (a community-developed fork of MySQL)
Amazon Linux 2 

The above doesn't include SSL (Tutorial: Configure Apache Web Server on Amazon Linux 2 to Use SSL/TLS) or the [php-mbstring php-xml] extensions that I require.

Here's the whole package that I use:

sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2
sudo yum install -y httpd mariadb-server
sudo yum install -y mod_ssl
sudo yum install -y php-mbstring php-xml

Result:

Installing php-pdo, php-mysqlnd, php-fpm, php-cli, php-json, mariadb
      
===============================================================================
 Package                         Arch                    Version               
===============================================================================
Installing:
 mariadb                         x86_64                  3:10.2.10-2.amzn2.0.3 
 php-cli                         x86_64                  7.2.16-1.amzn2.0.1    
 php-fpm                         x86_64                  7.2.16-1.amzn2.0.1    
 php-json                        x86_64                  7.2.16-1.amzn2.0.1    
 php-mysqlnd                     x86_64                  7.2.16-1.amzn2.0.1    
 php-pdo                         x86_64                  7.2.16-1.amzn2.0.1    
Installing for dependencies:
 mariadb-common                  x86_64                  3:10.2.10-2.amzn2.0.3 
 mariadb-config                  x86_64                  3:10.2.10-2.amzn2.0.3 
 php-common                      x86_64                  7.2.16-1.amzn2.0.1    
Updating for dependencies:
 mariadb-libs                    x86_64                  3:10.2.10-2.amzn2.0.3 

  Installing : php-json-7.2.16-1.amzn2.0.1.x86_64          
  Installing : php-common-7.2.16-1.amzn2.0.1.x86_64        
  Installing : php-pdo-7.2.16-1.amzn2.0.1.x86_64           
  Installing : 3:mariadb-config-10.2.10-2.amzn2.0.3.x86_64 
  Installing : 3:mariadb-common-10.2.10-2.amzn2.0.3.x86_64 
  Updating   : 3:mariadb-libs-10.2.10-2.amzn2.0.3.x86_64   
  Installing : 3:mariadb-10.2.10-2.amzn2.0.3.x86_64        
  Installing : php-mysqlnd-7.2.16-1.amzn2.0.1.x86_64       
  Installing : php-cli-7.2.16-1.amzn2.0.1.x86_64           
  Installing : php-fpm-7.2.16-1.amzn2.0.1.x86_64           

Installed:
  mariadb.x86_64 3:10.2.10-2.amzn2.0.3     
  php-cli.x86_64 0:7.2.16-1.amzn2.0.1  
  php-fpm.x86_64 0:7.2.16-1.amzn2.0.1  
  php-json.x86_64 0:7.2.16-1.amzn2.0.1
  php-mysqlnd.x86_64 0:7.2.16-1.amzn2.0.1  
  php-pdo.x86_64 0:7.2.16-1.amzn2.0.1

Dependency Installed:
  mariadb-common.x86_64 3:10.2.10-2.amzn2.0.3          
  mariadb-config.x86_64 3:10.2.10-2.amzn2.0.3          
  php-common.x86_64 0:7.2.16-1.amzn2.0.1

Dependency Updated:
  mariadb-libs.x86_64 3:10.2.10-2.amzn2.0.3

========================================================================================
 Package                                      Arch                Version               
========================================================================================
Installing:
 httpd                                        x86_64              2.4.39-1.amzn2.0.1    
 mariadb-server                               x86_64              3:10.2.10-2.amzn2.0.3 
Installing for dependencies:
 apr                                          x86_64              1.6.3-5.amzn2.0.2     
 apr-util                                     x86_64              1.6.1-5.amzn2.0.2     
 apr-util-bdb                                 x86_64              1.6.1-5.amzn2.0.2     
 bison                                        x86_64              3.0.4-6.amzn2.0.2     
 generic-logos-httpd                          noarch              18.0.0-4.amzn2        
 httpd-filesystem                             noarch              2.4.39-1.amzn2.0.1    
 httpd-tools                                  x86_64              2.4.39-1.amzn2.0.1    
 jemalloc                                     x86_64              3.6.0-1.amzn2.0.1     
 m4                                           x86_64              1.4.16-10.amzn2.0.2   
 mailcap                                      noarch              2.1.41-2.amzn2        
 mariadb-backup                               x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-cracklib-password-check              x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-errmsg                               x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-gssapi-server                        x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-rocksdb-engine                       x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-server-utils                         x86_64              3:10.2.10-2.amzn2.0.3 
 mariadb-tokudb-engine                        x86_64              3:10.2.10-2.amzn2.0.3 
 mod_http2                                    x86_64              1.14.1-1.amzn2        
 perl-Compress-Raw-Bzip2                      x86_64              2.061-3.amzn2.0.2     
 perl-Compress-Raw-Zlib                       x86_64              1:2.061-4.amzn2.0.2   
 perl-DBD-MySQL                               x86_64              4.023-6.amzn2         
 perl-DBI                                     x86_64              1.627-4.amzn2.0.2     
 perl-Data-Dumper                             x86_64              2.145-3.amzn2.0.2     
 perl-IO-Compress                             noarch              2.061-2.amzn2         
 perl-Net-Daemon                              noarch              0.48-5.amzn2          
 perl-PlRPC                                   noarch              0.2020-14.amzn2       

  Installing : apr-1.6.3-5.amzn2.0.2.x86_64                                
  Installing : apr-util-bdb-1.6.1-5.amzn2.0.2.x86_64                       
  Installing : apr-util-1.6.1-5.amzn2.0.2.x86_64                           
  Installing : perl-Data-Dumper-2.145-3.amzn2.0.2.x86_64                   
  Installing : httpd-tools-2.4.39-1.amzn2.0.1.x86_64                       
  Installing : jemalloc-3.6.0-1.amzn2.0.1.x86_64                           
  Installing : m4-1.4.16-10.amzn2.0.2.x86_64                               
  Installing : bison-3.0.4-6.amzn2.0.2.x86_64                              
  Installing : perl-Net-Daemon-0.48-5.amzn2.noarch                         
  Installing : 3:mariadb-errmsg-10.2.10-2.amzn2.0.3.x86_64                 
  Installing : httpd-filesystem-2.4.39-1.amzn2.0.1.noarch                  
  Installing : perl-Compress-Raw-Bzip2-2.061-3.amzn2.0.2.x86_64            
  Installing : generic-logos-httpd-18.0.0-4.amzn2.noarch                   
  Installing : mailcap-2.1.41-2.amzn2.noarch                               
  Installing : mod_http2-1.14.1-1.amzn2.x86_64                             
  Installing : httpd-2.4.39-1.amzn2.0.1.x86_64                             
  Installing : 1:perl-Compress-Raw-Zlib-2.061-4.amzn2.0.2.x86_64           
  Installing : perl-IO-Compress-2.061-2.amzn2.noarch                       
  Installing : perl-PlRPC-0.2020-14.amzn2.noarch                           
  Installing : perl-DBI-1.627-4.amzn2.0.2.x86_64                           
  Installing : perl-DBD-MySQL-4.023-6.amzn2.x86_64                         
  Installing : 3:mariadb-backup-10.2.10-2.amzn2.0.3.x86_64                 
  Installing : 3:mariadb-tokudb-engine-10.2.10-2.amzn2.0.3.x86_64          
  Installing : 3:mariadb-rocksdb-engine-10.2.10-2.amzn2.0.3.x86_64         
  Installing : 3:mariadb-cracklib-password-check-10.2.10-2.amzn2.0.3.x86_64
  Installing : 3:mariadb-gssapi-server-10.2.10-2.amzn2.0.3.x86_64          
  Installing : 3:mariadb-server-10.2.10-2.amzn2.0.3.x86_64                 
  Installing : 3:mariadb-server-utils-10.2.10-2.amzn2.0.3.x86_64           

Installed:
  httpd.x86_64 0:2.4.39-1.amzn2.0.1                                       
  mariadb-server.x86_64 3:10.2.10-2.amzn2.0.3

Dependency Installed:
  apr.x86_64 0:1.6.3-5.amzn2.0.2                                          
  apr-util.x86_64 0:1.6.1-5.amzn2.0.2
  apr-util-bdb.x86_64 0:1.6.1-5.amzn2.0.2                                  
  bison.x86_64 0:3.0.4-6.amzn2.0.2
  generic-logos-httpd.noarch 0:18.0.0-4.amzn2                             
  httpd-filesystem.noarch 0:2.4.39-1.amzn2.0.1
  httpd-tools.x86_64 0:2.4.39-1.amzn2.0.1                                 
  jemalloc.x86_64 0:3.6.0-1.amzn2.0.1
  m4.x86_64 0:1.4.16-10.amzn2.0.2                                         
  mailcap.noarch 0:2.1.41-2.amzn2
  mariadb-backup.x86_64 3:10.2.10-2.amzn2.0.3                             
  mariadb-cracklib-password-check.x86_64 3:10.2.10-2.amzn2.0.3
  mariadb-errmsg.x86_64 3:10.2.10-2.amzn2.0.3                             
  mariadb-gssapi-server.x86_64 3:10.2.10-2.amzn2.0.3
  mariadb-rocksdb-engine.x86_64 3:10.2.10-2.amzn2.0.3                     
  mariadb-server-utils.x86_64 3:10.2.10-2.amzn2.0.3
  mariadb-tokudb-engine.x86_64 3:10.2.10-2.amzn2.0.3                      
  mod_http2.x86_64 0:1.14.1-1.amzn2
  perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.amzn2.0.2                      
  perl-Compress-Raw-Zlib.x86_64 1:2.061-4.amzn2.0.2
  perl-DBD-MySQL.x86_64 0:4.023-6.amzn2                                   
  perl-DBI.x86_64 0:1.627-4.amzn2.0.2
  perl-Data-Dumper.x86_64 0:2.145-3.amzn2.0.2                             
  perl-IO-Compress.noarch 0:2.061-2.amzn2
  perl-Net-Daemon.noarch 0:0.48-5.amzn2                                   
  perl-PlRPC.noarch 0:0.2020-14.amzn2

========================================================================================
 Package                           Arch                           Version               
========================================================================================
Installing:
 mod_ssl                           x86_64                         1:2.4.39-1.amzn2.0.1  
Installing for dependencies:
 libtalloc                         x86_64                         2.1.13-1.amzn2        
 sscg                              x86_64                         2.3.3-2.amzn2.0.1     

  Installing : libtalloc-2.1.13-1.amzn2.x86_64     
  Installing : sscg-2.3.3-2.amzn2.0.1.x86_64       
  Installing : 1:mod_ssl-2.4.39-1.amzn2.0.1.x86_64 

Installed:
  mod_ssl.x86_64 1:2.4.39-1.amzn2.0.1

Dependency Installed:
  libtalloc.x86_64 0:2.1.13-1.amzn2                                             
  sscg.x86_64 0:2.3.3-2.amzn2.0.1

============================================================================
 Package                        Arch                     Version            
============================================================================
Installing:
 php-mbstring                   x86_64                   7.2.16-1.amzn2.0.1 
 php-xml                        x86_64                   7.2.16-1.amzn2.0.1 
Installing for dependencies:
 libxslt                        x86_64                   1.1.28-5.amzn2.0.2 
 oniguruma                      x86_64                   5.9.6-1.amzn2      

  Installing : oniguruma-5.9.6-1.amzn2.x86_64           
  Installing : libxslt-1.1.28-5.amzn2.0.2.x86_64        
  Installing : php-xml-7.2.16-1.amzn2.0.1.x86_64        
  Installing : php-mbstring-7.2.16-1.amzn2.0.1.x86_64   

Installed:
  php-mbstring.x86_64 0:7.2.16-1.amzn2.0.1                                       
  php-xml.x86_64 0:7.2.16-1.amzn2.0.1

Dependency Installed:
  libxslt.x86_64 0:1.1.28-5.amzn2.0.2                                           
  oniguruma.x86_64 0:5.9.6-1.amzn2

Now look again to see what new users and groups have been added.

sudo cat /etc/passwd
sudo cat /etc/group

New entires:

apache
nginx
mysql

Also, get a local backup of all the config files we're about to modify.

sudo cp /etc/httpd/conf/httpd.conf /tmp/org
sudo cp /etc/httpd/conf.d/ssl.conf /tmp/org
sudo cp /etc/httpd/conf.modules.d/00-mpm.conf /tmp/org
sudo cp /etc/my.cnf /tmp/org
sudo cp /etc/php.ini /tmp/org

Then use something like WinSCP to copy these to local.

WinSCP 4.3.5
Installation package
winscp435setup.exe > agree with defaults

Host: 1.2.3.4
Port: 12345
User: ec2-user
Password: [blank]
Private key file: WebServerKey.ppk
File protocol: SFTP (don't allow scp fallback)
> save > login > [enter password when prompted]

After the copy delete the temp files.

sudo rm -rf /tmp/org

Setup and harden Apache

Start the Apache web server.

sudo systemctl start httpd

Note, in the following, apache may fail to start because of bad config. In that case you will get an error like "Job for httpd.service failed because the control process exited with error code." To see the actual error code, you issues the status command.

systemctl status httpd.service

Configure the Apache web server to start at each system boot.

sudo systemctl enable httpd

Add ec2-user to the apache group.

sudo usermod -a -G apache ec2-user

Close your terminal and log back in to pickup the change then issues these commands so that ec2-user and future members of the apache group can modify apache files.

sudo chown -R ec2-user:apache /var/www
sudo chmod 2775 /var/www && find /var/www -type d -exec sudo chmod 2775 {} \;
find /var/www -type f -exec sudo chmod 0664 {} \;

In a browser go to the IP of your EC2 instance, i.e. http://1.2.3.4/ to view the Apache test page. Use the browser to inspect the response and see that etag and version info are exposed.

Response Headers:
 Accept-Ranges: bytes
 Connection: Upgrade, Keep-Alive
 Content-Length: 3630
 Content-Type: text/html; charset=UTF-8
 Date: Sun, 05 May 2019 16:50:47 GMT
 ETag: "e2e-585b840220000"
 Keep-Alive: timeout=5, max=100
 Last-Modified: Thu, 04 Apr 2019 18:08:00 GMT
 Server: Apache/2.4.39 () OpenSSL/1.0.2k-fips
 Upgrade: h2,h2c

We don't want that. Also note the HTTP/2 error in your logs:

sudo cat /var/log/httpd/error_log
[http2:warn] [pid 3358] AH10034: The mpm module (prefork.c) is not supported by 
mod_http2. The mpm determines how things are processed in your server. HTTP/2 has 
more demands in this regard and the currently selected mpm will just not do. This is an 
advisory warning. Your server will continue to work, but the HTTP/2 protocol will be 
inactive.

You can additionally verify that your test page doesn't support HTTP/2 by entering your public IP at http2.pro.

Also observe that your current Server MPM is prefork:

httpd -V
Server version: Apache/2.4.39 ()
...
Server MPM:     prefork
  threaded:     no

We'll harden apache and resolve these issues as follows.

For reasoning see geekflare, vaulted.io, stackoverflow.com.

Note that I've added AllowOverrideList to completely disable htaccess.

Note that since the remaining Options command doesn't include Indexes, that means directory listing is forbidden.

Note that ProxyErrorOverride was added to resolve what appears to be a bug in the default config of apache/php. See howtoforge.com and stackoverflow.com for details. Here is what happens in the default config:

example.com/fake.php ->
 Browser output: "File not found."
 Error.log: [proxy_fcgi:error] [client] AH01071: Got error 'Primary script unknown\n'
example.com/fake.html -> default 404 page
example.com/fake/fake.php -> default 404 page

The problem here is that if you specify a custom error document it won't be processed for 404 of *.php in the root folder. And this resolved via ProxyErrorOverride.

sudo vi /etc/httpd/conf/httpd.conf

Delete the existing <Directory "/var/www/html"> node.
Delete the existing <Directory "/var/www/cgi-bin"> node.
And make the following edits:

<Directory />
    AllowOverride none
    AllowOverrideList none
    Require all denied

    Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-XSS-Protection "1; mode=block"

    Header unset Etag
    FileETag None
    
    RewriteEngine On
    RewriteCond %{SERVER_PROTOCOL} ^HTTP/0\.9$
    RewriteRule ^ - [F]
    RewriteCond %{SERVER_PROTOCOL} ^HTTP/1\.0$
    RewriteRule ^ - [F]
</Directory>
...
<Directory "/var/www">
    Options FollowSymLinks
    Require all granted
    ProxyErrorOverride on
</Directory>
...
<Location "/">
  <LimitExcept OPTIONS GET HEAD POST>
    Deny from all
  </LimitExcept>
</Location>
...
ServerTokens Prod
ServerSignature Off
TraceEnable off
Timeout 60
rmdir /var/www/cgi-bin
sudo vi /etc/httpd/conf.modules.d/00-mpm.conf

Change this:

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_event_module modules/mod_mpm_event.so

To this:

#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule mpm_event_module modules/mod_mpm_event.so

Restart apache.

sudo systemctl restart httpd

Observe that your Server MPM is now event/threaded:

httpd -V
Server version: Apache/2.4.39 ()
...
Server MPM:     event
  threaded:     yes (fixed thread count)

Observe that your error log now shows a successful mpm notice

sudo cat /var/log/httpd/error_log
[mpm_event:notice] [pid 30266:tid 139623658481856] AH00489: 
 Apache/2.4.39 () OpenSSL/1.0.2k-fips configured 
 -- resuming normal operations

Observe that your public IP at http2.pro now indicates HTTP/2 is supported.

Reload your public IP in the browser, and observe that the etag and version are removed. And that X-Frame and X-XSS are added. You may need to CTRL+F5.

Response Headers:
 Accept-Ranges: bytes
 Connection: Upgrade, Keep-Alive
 Content-Length: 3630
 Content-Type: text/html; charset=UTF-8
 Date: Sun, 05 May 2019 16:59:46 GMT
 Keep-Alive: timeout=5, max=100
 Last-Modified: Thu, 04 Apr 2019 18:08:00 GMT
 Server: Apache
 Upgrade: h2,h2c
 X-Frame-Options: SAMEORIGIN
 X-XSS-Protection: 1; mode=block

To convince yourself that HTTP/0.9 and HTTP/1.0 are blocked, you can add a HTTP/1.1 line and save and restart apache and refresh your test page. You'll get the forbidden response instead.

To convince yourself that only OPTIONS GET HEAD POST are permitted, remove GET from LimitExcept and save and restart apache and refresh your test page. You'll get the forbidden response instead.

To convince yourself that directory listing is disabled, add a folder and file and attempt to visit the folder. You'll get the forbidden response instead.

Confirm that apache doesn't run as root. The ps command should display one process running as root (which allows apache to listen on port 80) and the rest as the apache user.

ps -ef |grep http

Confirm that everything except the web content files are owned by root.

sudo ls -la /etc/httpd
sudo ls -la /var/log/httpd
sudo ls -la /usr/lib64/httpd

We must define domain mappings via virtualhosts.conf. But the first one defined will also act as the default/primary server for unspecified server names, so lets adapt the default html to explicitly indicate those as invalid.

mv /var/www/html /var/www/_invalid
vi /var/www/_invalid/index.html
i
invalid
[esc]:wq

For this to work you must change:

sudo vi /etc/httpd/conf/httpd.conf
DocumentRoot "/var/www/html"

To:

DocumentRoot "/var/www/_invalid"

Note that all *.conf in the /conf.d/ are picked up at the end of the /etc/httpd/conf/httpd.conf via:

IncludeOptional conf.d/*.conf

So, create the following:

sudo vi /etc/httpd/conf.d/virtualhost.conf
<VirtualHost *:80>
  ServerName invalid
  DocumentRoot /var/www/_invalid
</VirtualHost>
<VirtualHost *:80>
  ServerName example.com
  DocumentRoot /var/www/example.com
</VirtualHost>
<VirtualHost *:80>
  ServerName another.com
  DocumentRoot /var/www/another.com
</VirtualHost>

For this to work the DocumentRoot paths must exist.

mkdir /var/www/example.com
vi /var/www/example.com/index.html
i
example
[esc]:wq

mkdir /var/www/another.com
vi /var/www/another.com/index.html
i
another
[esc]:wq

If your local box is Windows, you can edit your hosts so that a test domain maps to the IP of your AWS box.

C:\Windows\System32\drivers\etc\hosts

1.2.3.4 example.com
1.2.3.4 www.example.com
1.2.3.4 another.com
1.2.3.4 www.another.com
1.2.3.4 fake.com
sudo systemctl restart httpd

You should get the following results in your browser:

1.2.3.4          contents of /var/www/_invalid/index.html
fake.com         contents of /var/www/_invalid/index.html
example.com      contents of /var/www/example.com/index.html
www.example.com  error 404
another.com      contents of /var/www/another.com/index.html 
www.another.com  error 404

I want to always strip away the www, but we'll do that after we've setup SSL.

SSL

In this setup I'm using one cert from LetsEncrypt with SubjectAltNames for each domain.

I think that the install of mod_ssl created a key and self-signed cert at the default paths from /etc/httpd/conf.d/ssl.conf

sudo ls -la /etc/pki/tls/certs/localhost.crt
-rw-r--r-- root root /etc/pki/tls/certs/localhost.crt

sudo ls -la /etc/pki/tls/private/localhost.key
-rw------- root root /etc/pki/tls/private/localhost.key

Migrate the cert and key from the existing server. Replace the contents of the existing .crt and .key file on your new server.

sudo vi /etc/pki/tls/certs/localhost.crt
 -----BEGIN CERTIFICATE-----
 ...
 -----END CERTIFICATE-----

sudo vi /etc/pki/tls/private/localhost.key
 -----BEGIN PRIVATE KEY-----
 ...
 -----END PRIVATE KEY-----

The default config allows a wide range of crypto. There is no reason to support anything but the modern algorithms that work with your certificate.

Note that the OpenSSL terms don't match the TLS specification. You can find a map at openssl.org. And the definition of the SSLCipherSuite directive is at apache.org.

sudo vi /etc/httpd/conf.d/ssl.conf
<VirtualHost _default_:443>
  SSLEngine on
  SSLProtocol -ALL +TLSv1.2
  SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>

Now append to your virtual hosts file. I would like to just add the ServerName and DocumentRoot. In fact this works because it gets the SSL settings from the _default_ entry in ssl.conf, but your phpinfo $_SERVER['SERVER_PORT'] will report 80 and $_SERVER['HTTPS'] will be undefined because the SSL directives weren't explicitly in your VirtualHost. See a similar issue on serverfault.com. For this reason, I've duplicated the full SSL config in each VirtualHost.

sudo vi /etc/httpd/conf.d/virtualhost.conf
<VirtualHost *:443>
  ServerName example.com
  DocumentRoot /var/www/example.com
  SSLEngine on
  SSLProtocol -ALL +TLSv1.2
  SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>
sudo systemctl restart httpd

Now you should be able to access both of the following urls. We'll set this up with LetsEncrypt auto-renewal later.

http://example.com/index.html
https://example.com/index.html

Rewrites

For SSL sites, I only want urls of the form https://example.com/index.html, which means redirecting www and http. For non-SSL sites, I only need to redirect the www. I liked the suggestion of simonecarletti.com but to use that outside a virtualhost, you need all your destinations to be SSL.

Here's a scenario where you have example.com as SSL and another.com without SSL. Also, I've added custom 404 handlers for both.

sudo vi /etc/httpd/conf.d/virtualhost.conf
<VirtualHost *:80>
  ServerName invalid
  DocumentRoot /var/www/_invalid
  ErrorDocument 404 /index.html
</VirtualHost>

<VirtualHost *:80>
  ServerName another.com
  ServerAlias www.another.com
  DocumentRoot /var/www/another.com
  ErrorDocument 404 /index.html

  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www\. [NC]
  RewriteRule ^/(.*) http://another.com/$1 [R=301,L,NE]
</VirtualHost>

<VirtualHost *:80>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /var/www/example.com

  RewriteEngine On
  RewriteRule ^/(.*) https://example.com/$1 [R=301,L,NE]
</VirtualHost>

<VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /var/www/example.com
  ErrorDocument 404 /index.html

  SSLEngine on
  SSLProtocol -ALL +TLSv1.2
  SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www\. [NC]
  RewriteRule ^/(.*) https://example.com/$1 [R=301,L,NE]
</VirtualHost>
sudo systemctl restart httpd

Now you should have the following behaviour:

1.2.3.4 -> index.html
1.2.3.4/blah -> error page
fake.com -> index.html
fake.com/blah -> error page

another.com -> index.html
www.another.com -> another.com -> index.html
another.com/blah -> error page

http://example.com -> https://example.com
https://www.example.com -> https://example.com
http://www.example.com/index.html?one=two#three -> https://example.com/index.html?one=two#three

PHP Config

sudo vi /etc/php.ini
# It looks like this is the default now, so this may be unnecessary.
cgi.fix_pathinfo = 1

# I use short tags
short_open_tag = On

# Simpler logs
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT

# decrease max post size so you don't waste time on bogus payloads
# this also limits the size of attack packets and reduces the risk of overflow
post_max_size = 1M

# http://tympanus.net/codrops/2009/08/31/solving-php-mysql-utf-8-issues/
# UTF8
[mbstring]
mbstring.language = Neutral
mbstring.internal_encoding = UTF-8
mbstring.encoding_translation = Off
mbstring.http_input = auto
mbstring.http_output = UTF-8
mbstring.detect_order = auto
mbstring.substitute_character = none
default_charset = UTF-8

Restart php.

sudo systemctl restart php-fpm

Create a test php page.

vi /var/www/example.com/test.php
hello <? echo "world"; ?> <?php echo " again"; ?>

You should be able to see this at http://example.com/test.php
It should say: hello world again

Create a phpinfo page, view it, and save it to pdf for future reference.

vi /var/www/example.com/phpinfo.php
<? phpinfo(); ?>

Afterwards delete it because it contains sensitive information.

rm /var/www/example.com/phpinfo.php

Setup and harden DB

Configure the db server to start at each system boot.

sudo systemctl enable mariadb

Secure the database server. It's default config is for development and test.

sudo systemctl start mariadb
sudo mysql_secure_installation
[enter]   # existing root mysql password is blank
Y         # yes set a root mysql password
password  # choose a password
password  # enter it again
Y         # remove anonymous users
Y         # disallow root login remotely
Y         # remove the test db
Y         # reload privilege tables now

The default config listens to the network.

# this shows that it is listening
sudo netstat -tap | grep mysql
sudo vi /etc/my.cnf
# ensure you already have this line
symbolic-links=0

# append this line to the [mysqld] block to disable TCP/IP listening
skip-networking

# append these to the [mysqld] block to set utf8 as your default
character-set-server=utf8
collation-server=utf8_general_ci

# I forget why I append this line to the [mysqld] block
skip-external-locking

Restart MySQL for the settings to take effect and look at netstat again to see that it's no longer listening.

sudo systemctl restart mariadb
sudo netstat -tap | grep mysql

Here is the full list of port uses. Note that nothing is on port 22 (the standard SSH port).

sudo lsof -i -P

Note that even with all that utf8 config, you still need to explicitly select utf8 in your php mysqli constructor like this $db->set_charset('utf8'); if you want $db->character_set_name() to return utf8 instead of latin1.

We will now create all the databases that we wish to migrate. If you don't remember which databases you created, you can use show databases; in mysql on your live box.

mysql -u root -p 
password

SELECT User, Host, Password FROM mysql.user;
--- no passwords in the returned list should be blank

SELECT * FROM mysql.db;
--- empty result means the anonymous access to test tables has been deleted

CREATE DATABASE db1name CHARACTER SET utf8;
CREATE USER 'db1user'@'localhost' IDENTIFIED BY 'db1password';
GRANT ALL PRIVILEGES ON db1name.* TO 'db1user'@'localhost';

CREATE DATABASE db2name CHARACTER SET utf8;
CREATE USER 'db2user'@'localhost' IDENTIFIED BY 'db2password';
GRANT ALL PRIVILEGES ON db2name.* TO 'db2user'@'localhost';

exit

Next you must migrate all your database contents with commands like the following.

Old box:

mysqldump --user=db1user --password=db1password --skip-lock-tables --databases db1name > /tmp/db1name.sql

New box:

mysql -D db1name -u db1user -p
db1password
source /tmp/db1name.sql
exit

Be sure to delete the SQL from the /tmp folder once you're done.

Migrate Content

Next you must migrate all your webserver files.

Old box:

/var/www/lighttpd/example.com/
/var/www/lighttpd/another.com/

New box:

/var/www/example.com/
/var/www/another.com/

Once your files are uploaded, you'll need to create any symlinks that exist on your source server.

Old box:

sudo find /var/www/lighttpd -type f | sort > /tmp/files1.txt
sudo find /var/www/lighttpd -type l | sort > /tmp/links1.txt

Create necessary symlinks on the new box.

New box:

sudo find /var/www -type f | sort > /tmp/files2.txt
sudo find /var/www -type l | sort > /tmp/links2.txt

Diff the outputs to confirm the migration was identical.

Backup Initial Config

Get a local backup of the modified files.

mkdir /tmp/org
sudo cp /etc/ssh/sshd_config /tmp/org
sudo chmod 644 /tmp/org/sshd_config
sudo cp /etc/httpd/conf/httpd.conf /tmp/org
sudo cp /etc/httpd/conf.d/ssl.conf /tmp/org
sudo cp /etc/httpd/conf.modules.d/00-mpm.conf /tmp/org
sudo cp /etc/my.cnf /tmp/org
sudo cp /etc/php.ini /tmp/org

Then use WinSCP to copy these to local and delete the temp files.

sudo rm -rf /tmp/org

Go Live

Restart you new box to ensure all the settings take effect. Edit your hosts file to test the new server before swapping your elastic IP. You can move an elastic IP across regions, so I created a new one in the new region, assigned it, then updated my dns records at my domain registrar to point to the new IP.

Once the DNS has fully propagated you are now live and can shutdown and archive the old box.

Local Backup

You really should setup AMI backups, but it's not unreasonable to want a local copy of the data as well. I always have a local copy of the source code, but I want a way to fetch nightly backups of the database. You can achieve that by hosting an encrypted dump of the db at a randomly named folder and get your local machine to fetch it each night.

Choose a web location for the backup.

mkdir /var/www/example.com/randomFolderName/

Create the backup script.

sudo mkdir /backup
sudo chown ec2-user:ec2-user /backup
vi /backup/go.sh
#!/bin/sh

# call this script with no arguments to create an encrypted dump of all your databases
# call this script with a file name as the only argument to decrypt that file
#
# here's how to setup a cron job to call this script nightly
# this example runs on the 5th minute fo the 4th hour each day, i.e. 4:05am
# watch-out, that's the time of the server, which may not be your local time
# the output of the cronjob will be appended to /backup/chron.log
#
# crontab -e
# 5 4 * * * /backup/go.sh 2>&1 >> /backup/chron.log

if [ "$1" = "" ]; then

  today=`date +%Y_%m_%d`
  if [ -e $today -o -e $today.dat ]; then
    echo "$today already exists"
    exit
  fi
  echo `date`
  mkdir $today

  mysqldump --user=user1 --password=password1 --skip-lock-tables --databases database1 > ./$today/database1_$today.sql
  mysqldump --user=user2 --password=password2 --skip-lock-tables --databases database2 > ./$today/database2_$today.sql

  tar czf - $today | openssl des3 -salt -k password | dd of=$today.dat
  rm -rf $today
  rm -f /var/www/example.com/randomFolderName/*
  mv $today.dat /var/www/example.com/randomFolderName/
  echo "finished"

elif [ -f "$1" ]; then

  dd if="$1" | openssl des3 -d -k password | tar xzf -

else

  echo "$1 doesn't exist"

fi
chmod 700 /backup/go.sh

Create the cronjob.

crontab -e
5 4 * * * /backup/go.sh 2>&1 >> /backup/chron.log

Windows Scheduler

To get a windows box to automatically wake up each night and download your backup, you can use the windows scheduler and the background intelligent transfer service (bits).

First create a local bat file that will fetch your backup from the web.

bitsadmin /TRANSFER jobname /DOWNLOAD http://site1.com/randomFolderName/%DATE:~6,4%_%DATE:~3,2%_%DATE:~0,2%.dat C:\Backups\%DATE:~6,4%_%DATE:~3,2%_%DATE:~0,2%.dat

Next, schedule a task to wake the computer and run the script. I'm assuming that your computer is configured to automatically go back to sleep after an idle period.

Start > Control Panel > Administrative Tools > Task Scheduler

[right sidebar] > Create Task

General
 Name: Fetch Database
 [checked] Run with highest privileges

Triggers
 New
  Daily
  Start: 2am (some time shortly after your web backup becomes available)
 Ok

Actions
 New
  Action: Start a program
  Program/script: C:\Backups\fetch.bat (or whatever you named the above script) 
 Ok

Conditions
 [checked] Wake the computer to run this task
 
Ok

Your task now appears in the "Active Tasks" list in the Task Scheduler.

Alarms

It's a good idea to setup some AWS alarms to let you know when your systems are operating outside their expected range. Basic Monitoring metrics (at five-minute frequency) for Amazon EC2 instances and EBS volumes are free of charge.

In the AWS Console, on your new instance:

[right-click] EC2 Instance > CloudWatch Monitoring > Add/Edit Alarms > Create Alarm

[checked] send a notification to: your contact info
Whenever: Average of CPU Utilization
Is: >= 40 Percent
For at least 1 consecutive period of 5 minutes

Create Alarm > Close

I've only exceeded that CPU range when there was a bug in my code and php was stuck in a loop.

[right-click] EC2 Instance > CloudWatch Monitoring > Add/Edit Alarms > Create Alarm

[checked] send a notification to: your contact info
Whenever: Average of Network Out
Is: >= 150000 Bytes
For at least 1 consecutive period of 6 hours

Create Alarm > Close

I've only exceeded that Network range when re-imaging a box or when I was under attack.

It's fairly easy to adjust the alarms to your system after it's been running for a few days as the alarms console shows you a graph of each and the red line after which the alarm would fire.

You probably also want a billing alarm.

[top-bar] Services > Billing > Billing preferences 
 > [check] Receive Billing Alerts > Save preferences
 > Manage billing alerts
 (note that billing alerts appear in the N.Virginia region, 
 regardless of where you have your instances)
[side-bar] Billing > Create Alarm > EstimatedCharges > ...

AMI Backups

The AMI is your best backup option. This is a snapshot of your disk and your instance details (micro, etc). From the AMI you can launch a new box and move over your IP in a few minutes. Ideally you'll create an AMI from your instance and take snapshots of your instance every 24 hours and keep the last week and perhaps a few older copies. We'll want to configure the creation of these snapshots to happen automatically.

We'll setup nightly Amazon EBS Snapshots of our instance. They can later be used as the basis for an AMI.

Something has to issue the nightly command, and that something must contain an unprotected copy of the credential that allows the snapshot to occur. First we'll create a constrained credential to reduce the risk of its exposure, then we'll piggyback on our existing local database backup script to kickoff the amazon snapshot. Your server is probably more likely to be attacked then your devbox.

IAM Credential

In the AWS Console, select IAM. If you haven't used this yet, you'll have zero groups, users and roles. First we'll create a group that can create snapshots and then we'll create a user and assign them that group. The backup script will connect as this user.

Groups
Create New Group
 Group Name: snapshot
 Continue
 Policy Generator
 Select
   Effect: Allow
   AWS Service: Amazon EC2
   Actions: Create Snapshot
            Delete Snapshot
            Describe Snapshots
   ARN: *
   Add Statement
  Continue
 Continue
Create Group

Users
Create New Users  
 User Name 1: snapshot
 [checked] generate and access key for each user 
 Create
 Download Credentials
 Close Window

Users
 snapshot
  Groups > Add User to Groups > snapshot > Add to Groups

Snapshot

We'll use the following command from the AWS API Reference.

ec2-create-snapshot volume_id -d "Nightly Backup"

To find your volume_id, go the the AWS Console, select EC2, select Volumes from the sidebar, scroll right to the Attachment Information column which will show your WebServer instance, then scroll left and record the Volume ID.

First we have to setup the tools.

Download and unzip the latest tools. I used these. The latest link will be posted here. No install is required.

You have to have Java installed.

Run the following commands for a dos console to create your first snapshot.

SET JAVA_HOME=C:\Program Files (x86)\Java\jre1.8.0_191
SET PATH=%PATH%;%JAVA_HOME%\bin

SET EC2_HOME=C:\Amazon\ec2-api-tools-1.7.5.1
SET PATH=%PATH%;%EC2_HOME%\bin

SET AWS_ACCESS_KEY=AAAAAAAAAAAAAAAAAAAA
SET AWS_SECRET_KEY=BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
SET EC2_URL=https://ec2.ca-central-1.amazonaws.com

ec2-create-snapshot vol-11111111 -d "Nightly Backup"

Run the following command to show existing snapshots.

ec2-describe-snapshots

You can filter that to only show the snapshots of a particular volume.

ec2-describe-snapshots --filter "volume-id=vol-11111111"

You can further restrict that to only show the snapshots of a particular volume that are tagged as "Nightly Backup", thus avoiding any ones you created manually.

ec2-describe-snapshots --filter "volume-id=vol-11111111" --filter "description=Nightly Backup"

Here's a windows script to create a snapshot and delete old nightly backup snapshots from a particular volume. You can call this from the script that you already setup to run nightly.

@echo off

SET JAVA_HOME=C:\Program Files (x86)\Java\jre1.8.0_191
SET PATH=%PATH%;%JAVA_HOME%\bin

SET EC2_HOME=C:\Amazon\ec2-api-tools-1.7.5.1
SET PATH=%PATH%;%EC2_HOME%\bin

SET AWS_ACCESS_KEY=AAAAAAAAAAAAAAAAAAAA
SET AWS_SECRET_KEY=BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
SET EC2_URL=https://ec2.ca-central-1.amazonaws.com

SET EC2_VOLUME=vol-22222222

REM  This command lists all snapshots:
REM
REM  ec2-describe-snapshots
REM  
REM  SNAPSHOT        snap-11111111   vol-22222222    completed       2014-04-12T20:29:58+0000        100%    333333333333    8       Nightly Backup
REM  SNAPSHOT        snap-11111111   vol-22222222    completed       2014-04-12T20:29:58+0000        100%    333333333333    8       Nightly Backup
REM  SNAPSHOT        snap-11111111   vol-22222222    completed       2014-04-12T20:29:58+0000        100%    333333333333    8       Created by CreateImage(i-44444444) for ami-55555555 from vol-22222222
REM  SNAPSHOT        snap-11111111   vol-33333333    completed       2014-04-12T20:29:58+0000        100%    333333333333    8       Nightly Backup
REM
REM  This command lists only snapshots:
REM  - from the given volume
REM  - with the nightly backup tag
REM  - sorted from oldest to newest, http://ss64.com/nt/sort.html
REM  - note that whitespace above is actually a tab character so it counts as one space
REM 
REM  ec2-describe-snapshots --filter "volume-id=vol-22222222" --filter "description=Nightly Backup" | sort /R /+49

echo List interesting snapshots:
call ec2-describe-snapshots --filter "volume-id=%EC2_VOLUME%" --filter "description=Nightly Backup" | sort /R /+49

REM  This loop finds the selected snapshots that are older than 7 days:
REM  usebackq - use `` to delimit the command to be executed so that it can contain ""
REM  skip=7   - skip the first 7 rows, so we keep a week's worth of backups
REM  tokens=2 - select the 2nd column, delimited by spaces
REM  note: that the | must be escaped as ^|

echo Delete old snapshots:
FOR /F "usebackq skip=7 tokens=2" %%G IN (`ec2-describe-snapshots --filter "volume-id=%EC2_VOLUME%" --filter "description=Nightly Backup" ^| sort /R /+49`) DO (
  echo Delete %%G
  call ec2-delete-snapshot %%G
)

REM  Create the snapshot after we delete old snapshots so that our list won't contain any 
REM  pending entries that would mess up our assumptions about the poistion of the date at /+49

echo Create a snapshot:
call ec2-create-snapshot %EC2_VOLUME% -d "Nightly Backup"

Let's Encrypt

My original setup with lighttpd is here, and I've just done the minimum to get that working on Amazon Linux2 with Apache. There is probably an easier official way at this point, but I didn't experiment.

On the source box:

cd /tmp
sudo tar -zcvf letsencrypt.tar.gz /etc/letsencrypt
sudo tar -zcvf certbot.tar.gz /etc/lighttpd/ssl

On the destination box:

cd /tmp

sudo tar -xvzf letsencrypt.tar.gz
rm letsencrypt.tar.gz
sudo mv /tmp/etc/letsencrypt /etc

sudo tar -xvzf certbot.tar.gz
rm certbot.tar.gz
sudo mv /tmp/etc/lighttpd/ssl /etc/httpd/certbot
sudo rm -f /etc/httpd/certbot/intermediate.pem
sudo rm -f /etc/httpd/certbot/ssl.pem

On the source box:

rm -f /tmp/letsencrypt.tar.gz
rm -f /tmp/certbot.tar.gz 

On the destination box:

sudo vi /etc/httpd/certbot/certbot-renew
#!/bin/sh

echo certbot-renew $(date)
/etc/httpd/certbot/certbot-auto renew --debug --quiet --post-hook "/etc/httpd/certbot/certbot-deploy"
sudo vi /etc/httpd/certbot/certbot-deploy
#!/bin/sh

echo certbot-deploy $(date)

cp /etc/letsencrypt/live/holtstrom.com/cert.pem /etc/pki/tls/certs/localhost.crt
cp /etc/letsencrypt/live/holtstrom.com/privkey.pem /etc/pki/tls/private/localhost.key
cp /etc/letsencrypt/live/holtstrom.com/chain.pem /etc/pki/tls/certs/server-chain.crt

systemctl restart httpd
sudo vi /etc/httpd/conf.d/ssl.conf
# uncomment this line
SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
sudo vi /etc/httpd/conf.d/virtualhost.conf
# add this line to each ssl block
SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
# test the deploy
sudo /etc/httpd/certbot/certbot-deploy
# observe good permission and ownership
sudo ls -la /etc/pki/tls/certs/localhost.crt
-rw-r--r-- 1 root root

sudo ls -la /etc/pki/tls/private/localhost.key
-rw------- 1 root root 

sudo ls -la /etc/pki/tls/certs/server-chain.crt
-rw-r--r-- 1 root root 
# test the renew
sudo /etc/httpd/certbot/certbot-renew

# it failed, so try to replace with updated script
sudo rm -f /etc/httpd/certbot/certbot-auto
cd /etc/httpd/certbot
sudo wget https://dl.eff.org/certbot-auto
sudo chmod a+x certbot-auto

# try again
sudo /etc/httpd/certbot/certbot-renew

# still failure
# found advice here

# hack it
sudo vi /etc/httpd/certbot/certbot-auto

# replace this
elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then

# with this
elif grep -i "Amazon Linux" /etc/issue > /dev/null 2>&1 || \
    grep 'cpe:.*:amazon_linux:2' /etc/os-release > /dev/null 2>&1; then

# try again
sudo /etc/httpd/certbot/certbot-renew

# successful output doesn't look like much, you can remove the --quiet
# to see that it doesn't attempt renewal because the certs aren't due yet
certbot-renew Wed May 15 03:14:58 UTC 2019
yum is /bin/yum
yum is hashed (/bin/yum)
Package 1:openssl-1.0.2k-16.amzn2.1.1.x86_64 already installed and latest version
Package ca-certificates-2018.2.22-70.0.amzn2.noarch already installed and latest version
Package python-devel-2.7.14-58.amzn2.0.4.x86_64 already installed and latest version
Package 1:mod_ssl-2.4.39-1.amzn2.0.1.x86_64 already installed and latest version

# Later, when there was work to do, I see it failed
# I have this in the log:
Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: [Errno 2] No such file or directory: '/var/www/lighttpd/example.com'.

# needed to fix the paths in this file
sudo vi /etc/letsencrypt/renewal/example.com.conf
# setup the chronjob
sudo crontab -e

38 3 * * * /etc/httpd/certbot/certbot-renew >> /etc/httpd/certbot/chron.log 2>&1

Reminders

# restart apache
sudo systemctl restart httpd

# find out why apache failed to start
systemctl status httpd.service

# restart php
sudo systemctl restart php-fpm

# php error logs
sudo cat /var/log/php-fpm/www-error.log

# see your full list of servers
sudo netstat -plnt

# watch the db log
sudo tail -n 200 -f /var/log/mariadb/mariadb.log

# see what's actually going over the wire
sudo tcpdump port 80 -A | strings
aws
Sunday, February 10, 2019

Global Warming

After a conversation with a friend, I intend to investigate the following three topics:

    Is it true that in 10k years we had a global temp delta of ~3.5 deg C?
    Do we know why global temp change has happened in the past?
    What (if anything) makes it different this time?

And as a meta-investigation:

    Discover if what I consider to be "reasonable convincing answers" others consider to be "unreasonable unconvincing claims", and if possible why.
    Discover if the answers are easy to find to test my belief that many people are intentionally uninformed.

Therefore rather than constructing an argument in a direction, I'll list sources in the order I find them and my interpretations of them.


ice core chart goes here


XKCD - Earth Temperature Timeline - Sep 12, 2016


Phys.ORG - Cooling or warming climate? - Aug 11, 2014


Phys.ORG - 30 years of above-average temperatures - Feb 26, 2015

Tuesday, January 1, 2019

Beer in Ottawa

Ordered By Preference:

Daniel O'Connell's Irish Pub
Bar Laurel
Tooth and Nail Brewing Company
Pubwells Restaurant
The Wood On Wellington
The Hintonburg Public House
Vimy Brewing Company
Bar Robo
Elmdale Oryster House & Tavern
Mill St. Brew Pub
The Carleton
Orange Monkey Bar & Billiards

Not Pub-Crawled Yet:

The Third
10Fourteen
Royal Oak
Bar Lupulus
Foolish Chicken
The Soca Kitchen
Beyond the Pale Brewing Company
Happy Goat Coffee Co.
Pub Italia
Heart & Crown
The Wellington Gastropub
Clocktower Brew Pub
Westboro Barley Mow
Churchills
Whispers Pub & Eatery
Bowman's Bar & Grill
Quinn's
House of TARG
The Belmont
Friday, December 28, 2018

CBC Radio Archive (Part4)

Decoding the resistance to climate change (important)

CBC Radio, Ideas, September 2017, Part1, Part2

"No one wanted to pay attention to the implications of a world four degrees warmer… It's too horrendous to think about. And no one talked about it. Then a few scientists said let's have a conference and actually talk about it. They held this conference in Oxford and I went along. As the conference started, there was a kind of suppressed emotional intensity, except in the coffee breaks. It was then that I would buttonhole a couple of scientists and say: 'Well, you know we're speculating about this. But what do you really think is the situation?' And one of them just looked at me and said: 'We're f--ked.'" – Clive Hamilton

The art of crime fiction & what it says about human nature

CBC Radio, Ideas, September 2017

To begin a new season of The Enright Files, we take a look the art of crime fiction and what it says about the ills of society, life on the margins and the stormy heart of human nature.
- Henning Mankell, the late Swedish author of the Kurt Wallander detective series.
- Howard Engel, the Canadian author of the Benny Cooperman detective series.
- P. D. James, the late English author of the Adam Dalgleish detective series.
- Louise Penny, the Canadian author of the Armand Gamache detective series.

Canada's original promise: Still waiting to be realized

CBC Radio, Ideas, June 2017

Roberta Jamieson believes Canada is at a make-or-break moment where it has a chance to recast its historically troubled relationship with First Nations for the next 150 years. She sees the hope for that renewal in the very moment of contact between settler Europeans and her ancestors.

​Fighting at the table: Conflict as successful integration (important)

CBC Radio, Ideas, June 2017

Sociologist Aladin El-Mafaalani​ sees anti-immigrant cries to build walls, and hate-fuelled politics counter-intuitively: a sign that integration is working. Conflict, he argues in his talk delivered in Berlin, is the necessary consequence of new arrivals at a metaphoric dinner table. The more people taking their place at the table, the more jostling and arguments there inevitably will be. While conflict can of course lead to violence, or even war, conflict in and of itself is neutral. It's simply a necessary stage of maturing societies. And those which have no conflict tend to be top-down authoritarian states which coerce their populations into obedience.

What happens when we stop asking questions: Why India must be secular (important)

CBC Radio, Ideas, June 2017

Political scientist Neera Chandhoke makes a heartfelt argument for a secular India at a talk delivered in Mumbai. Against the growing tide of Hindu nationalism and India's history of inter-religious strife, she draws on Western and Indian thinkers to make the case for diversity — not simply a social nicety, but as a condition for civilization itself. According to Neera, diversity means that a society is continually questioning itself. Those that don't embrace diversity cease to grow and eventually ossify. Yet Neera isn't against religious worldviews. In her vision of a secular state, all religions have a legitimate place. Because all religions seek the truth, none can fully lay claim to having all of it, and therefore there is space left for all: "The opposite of secularism is not communalism. It is theocracy".

The new tribe of Israel: The immigrant underclass (important)

CBC Radio, Ideas, June 2017

Anthropologist Galia Sabar has devoted her professional life to what she calls the "new tribe" of Israel: Jewish-African and non-Jewish labour migrants, asylum seekers, and refugees. Galia believes that Israel must be vigilant about its security. But it also has a moral duty, as a state established for Jews persecuted as the ultimate "other", to be humane and welcoming to the disadvantaged.

Eyes on the back of our heads: Recovering a multicultural South Africa (important)

CBC Radio, Ideas, June 2017

Journalist and activist Sisonke Msimang speaks at a former prison complex in Johannesburg which once held Mahatma Gandhi and Nelson Mandela. The setting is apt: Sisonke believes that post-apartheid South Africa has become imprisoned by its own past — a past which whites cannot recall and which blacks cannot forget. With both a mischievous sense of humour and sharp historical analyses, she pulls down the old binarism of black versus white to make way for a truly multicultural South Africa, one that welcomes other African migrants as it embraces its own racially diverse past.

Go with the flow: Using nature to help fight climate change

CBC Radio, Ideas, June 2017

Since the 1990s, the Netherlands has been looking at softer approaches to help fight climate change, mainly by using the forces of nature. The Room for the River project involves 30 different interventions along the major rivers flowing through the Netherlands, and is essentially a flood control project that allows rivers to flood, instead of forcing the water to go where it wouldn't naturally go.

Building Tension

CBC Radio, Ideas, June 2017

When to tear down and when to preserve buildings in our city cores was the topic of a discussion held in Halifax at the recent annual meeting of the International Council on Monuments and Sites.

Policing (important)

CBC Radio, Ideas, June 2017, Part1, Part2

CBC Radio One in partnership with the Munk School of Global Affairs at the University of Toronto, considers what it means to police and be policed in these complex and anxious times.

Counter-terrorism, fighting cybercrime, policing highly diverse societies: Can the police do it all? Should the police do it all? Do the police want to do it all?

Interesting perspective from inspector Shawna Coxon, Toronto Police Service, and member of the TPS Transformational Task Force


Distant Future Warnings: The challenges of communicating with eternity

CBC Radio, Ideas, June 2017

Radioactive waste and toxic mining byproducts will remain deadly for thousands of years – maybe forever. Generations in the distant future will need to know about about the places this stuff is buried, and to stay away. Deep in the arsenic-contaminated underground at Giant Mine near Yellowknife, contributor Garth Mullins wonders how we can warn the distant future. Is it even possible to send messages that can outlast governments, languages, cultures, nations – maybe even humans?

Newfoundland Jam: Shakespeare's "As You Like It"

CBC Radio, Ideas, June 2017

The way Shakespeare's plays sounded in his own time, on his own stage, wasn't quite the way it sounds today — the accent, the way words were pronounced, was different then. Today we're used to a kind of standard "British" pronunciation, and veerings into Canadian and American accents work too: Shakespeare, and what he's trying to share with us about human nature, generally gets through.

Ben Crystal: artistic director, Passion in Practice theatre company, Original Pronunciation specialist.

Lady and Lord Macbeth on trial: guilty or bewitched?

CBC Radio, Ideas, June 2017

What in fact might happen in a modern Canadian courtroom if the Macbeths were put on trial? Let's assume there's already been a trial, and they've been found guilty. Now of course, in the great legal tradition, there has to be an appeal. On the bench, three Supreme Court justices — Russell Brown, Andromache Karakatsanis, and the chief justice- Beverley McLachlin. And the star witness, former leader of the Liberal Party of Canada Bob Rae.

Orchids: A Love Story

CBC Radio, Ideas, June 2017

Wily, deceptive, manipulating: get ready to travel between history and science, how we humans think about orchids and who they really are in nature among themselves. A celebration of all things orchid with contributing producer Marilyn Powell.

The 2017 Killam Prize (important)

CBC Radio, Ideas, June 2017

John Borrows (Social Sciences) — John Borrows holds the Canada Research Chair in Indigenous law at the University of Victoria where he teaches constitutional, Indigenous, and environmental law. He is Anishinaabe and a member of the Chippewas of the Nawash First Nation in Ontario, where he grew up on the family farm east of the reserve. Over the decades, his work had a major influence on the broader recognition of Indigenous legal systems and legal rights within Canada.

Molly Shoichet (Engineering) — Molly Shoichet holds the Canada Research Chair in Tissue Engineering and is Professor of Chemical Engineering & Applied Chemistry, Chemistry and Biomaterials & Biomedical Engineering at the University of Toronto. Her innovations in designing hydrogels promise to have a major impact on cancer research, spinal cord rehabilitation, and restoring lost vision.

Thomas Hurka (Humanities) — Thomas Hurka is the distinguished chair in philosophical studies at the University of Toronto. His main area research is moral and political philosophy, zeroing in on normative ethical theory. He is interested in understanding what makes a 'good life.' Knowledge, achievement and friendship play strong roles in that understanding.

W. Ford Doolittle (Natural Sciences) — W. Ford Doolittle is professor emeritus in the department of biochemistry and molecular biology at Dalhousie University. He's also been awarded the Herzberg Gold Medal for science and engineering, which is Canada's highest honour. His work in molecular genetics includes the study of lateral gene transfer, a key driver of microbial evolution and the proposition of an alternative "web of life" theory. He jokes that his revived enthusiasm for philosophy means that he's now 'practicing philosophy without a license.'

Dr. Julio Montaner (Health Sciences) — Dr. Julio Montaner is the Director of the British Columbia Centre for Excellence in HIV/AIDS. Originally from Argentina, he immigrated to Canada more than 30 years ago and his innovations in HIV/AIDS treatment helped save millions of lives. He is a strong advocate of 'treatment as prevention' as well as safe injection sites and needle exchange programs.

Fail Better: What baseball can teach us about failure and community

CBC Radio, Ideas, June 2017

Baseball may have inspired more books than any other sport -- but none quite like philosopher Mark Kingwell's recently published, Fail Better: Why Baseball Matters. It's the first book-length philosophical meditation on what has been called America's national pastime. Paul Kennedy takes him out to a ballgame, and discusses everything from RBIs, to the metaphysics of failure, and how Kingwell borrowed the title for his baseball book from a work by Samuel Beckett.

The Challenge of Words: What is the future of literary writing in the digital age?

CBC Radio, Ideas, June 2017

In our hyperfast, overcaffeinated, 140-character, social-media-blasted, Facebook-overloaded age, there are still people writing serious books. The novel -- an art form that's centuries old -- still has the capacity to hold our attention from subway commute to library chair. But we tell ourselves we're in a different era now. What's to become of serious writing in the digital age? From the 2016 Stratford Festival, a discussion featuring writers Shani Mootoo, Charles Foran and Monia Mazigh.

Subversive thoughts for an infantile age (important)

CBC Radio, Ideas, October 2015

In her new book Why Grow Up? Subversive Thoughts for an Infantile Age, Paul Kennedy talks with philosopher Susan Neiman, who believes that "Having failed to create societies that our young want to grow up into, we idealize the stages of youth."

Nine minutes that changed the world

CBC Radio, Ideas, May 2017

In 1876, the poet Stéphane Mallarmé published a poem entitled The Afternoon of a Faun. He doubted anyone could set it to music successfully. But composer Claude Debussy did exactly that. The resulting music -- Prelude to the Afternoon of a Faun -- runs only about nine minutes long, but it helped give birth to the modern era as we know it. It's more than just a famous piece of music. It stands at the beginning of the world we still live in. It's a guide, in sound, to the political, social, moral and geopolitical changes that ended the nineteenth and created the twentieth century. And it remains an existential and culturally shape-shifting work of art that offers us clues into who we are today. Contributor Robert Harris and Tafelmusik's Ivars Taurins bring us inside the spellbinding magic of Debussy's imagining.

Bringing up furbaby: The evolution from family pet to pet family (important)

CBC Radio, Ideas, May 2017

There are now more pets than children in North American homes, and lavish dog beds and catnip mice are taking the place of bassinets and rattles. Is this turn from traditional to furry families simply a passing fad, or a response to the stresses of modern life?

History Derailed: Understanding the messy Middle East (important)

CBC Radio, Ideas, May 2017

The Arab Spring was supposed to be a turning point for the Arab Middle East. And it was. But history appears to have taken a wrong turn. Again. American journalist Robert F. Worth joins Paul Kennedy in conversation about his book, A Rage for Order: The Middle East in Turmoil, from Tahrir Square to ISIS.

Robert F. Worth is a former correspondent for The New York Times. The travels he underwent in Egypt, Libya, Syria -- and elsewhere -- make up a journey into an idea of the Arab world itself. Not into the revolutionary promises of the 2010 Arab Spring. But into the sobering, and tragic narrative that took shape just a year later.

Does public broadcasting have a future?

CBC Radio, Ideas, May 2017

It seems the idea of public service journalism is under fire everywhere. So three major public broadcasters came together to talk about their collective future at a forum held in Toronto by the Canadian Journalism Foundation: Jennifer McGuire, General Manager and Editor-in-Chief of CBC News, James Harding, Director of News and Current Affairs of the BBC, and Michael Oreskes, Senior Vice-President of News and Editorial Director of NPR. The discussion was moderated by Simon Houpt of The Globe and Mail.

Ideas from the Trenches - The problem of bad referendums (important)

CBC Radio, Ideas, May 2017

From Brexit to Turkey, the use of referendums is on the rise around the world. They're seen as a way of getting politicians and experts out of the way to let 'the people' decide on major policy decisions, and making democracy work more directly. Leah Trueblood is a PhD student at Oxford University. She warns that ill-conceived referendums are actually dangerous for democracies.

Jason Brennan — professor of Strategy, Economics, Ethics, and Public Policy at Georgetown University and author of Against Democracy and The Ethics of Voting.

The Myth of Victory (important)

CBC Radio, Ideas, May 2017

Some people argue that World War One was just the opening act for the Second World War, and perhaps World War Three is just around the corner. And what about wars of ideology? The Soviet Union doesn't seem to be dead yet, and nor is Communism. Even if we defeat ISIS, does that mean the idea of an Islamic state is finished? Stephen Toope, Janice Stein and Hugh Segal in conversation from the Stratford Festival.

How art shapes history

CBC Radio, Ideas, May 2017

Toronto CBC Radio host Matt Galloway talks with architect Sir David Adjaye, visual artist Christi Belcourt, author Junot Díaz and filmmaker Paul Gross. The group met onstage at Toronto's Massey Hall as part of the Creative Minds series, produced in partnership with CBC, the Art Gallery of Ontario, the Banff Centre and Massey Hall. Their focus: current global politics and how art shapes our understanding of place, history and progress.

Why "Buffyworld" still matters

CBC Radio, Ideas, May 2017

It's been 20 years since a midriff-baring California cheerleader leapt onto our television screens and became a riveting woman warrior — slaying vampires, demons and monsters. Her fantastical enemies were subversive metaphors for a corrupt and authoritarian culture. Today, Buffy the Vampire Slayer remains the most-studied show in television history. IDEAS producer Mary O'Connell revisits the legacy of "Buffyworld".

The program's prevailing messages: life can be hell, so expect it. In a society that medicates sadness and quirks of temperament, Buffy the Vampire Slayer asks us to consider emotional pain as a part of being human. And to be alive to the dangers, and joys, around us — and inside us. It invites us to be engaged, to strive towards good. It does not leave apathy as an option. In the words of British theatre critic Ian Shuttleworth, it's a "program more relevant today than ever".

How a 900-year-old Arabic tale inspired the Enlightenment (important)

CBC Radio, Ideas, May 2017

Our contemporary values and ideals are generally seen as the product of the Enlightenment. Individual rights, independent thinking, empiricism and rationalism are traced to the debates and discussions held by the great European thinkers of the 17th and 18th century: Locke, Rousseau, Voltaire, and Kant among others. But these thinkers owe a debt to a figure from 12th century Spain: a philosopher-physician named Ibn Tufayl who wrote a story called Hayy ibn Yaqzan -- which may be the most important story you've never heard.

The Munk Debates on the decline and fall of the liberal international order (important)

CBC Radio, Ideas, May 2017

For decades, global affairs have been moulded by ideas about the mutual benefits of an interdependent world. But the pillars of liberal internationalism are cracking under the rise of nationalist politics and other challenges. Is this the beginning of the end of the liberal international order? In a head-to-head Munk Debate, historian Niall Ferguson says Yes, the old order is collapsing, while commentator Fareed Zakaria argues No, there's life yet in liberal ideals.

The Enright Files: fifty years after the Six-Day War (important)

CBC Radio, Ideas, May 2017

That pivotal 1967 conflict that shaped so much of Israel's subsequent history has become known as the Six-Day War, but the outcome was effectively decided in the first 45 minutes. On the morning of June 5th, two Israeli squadrons of jet fighters destroyed hundreds of Egyptian aircraft as they sat on the ground. Less than a week later, the war was over.

According to historian Tom Segev, it was a Pyrrhic victory. In the decades that followed Israel faced more wars, two Intifadas and countless missile attacks and suicide bombings. What has not happened has been a resolution to the plight of hundreds of thousands of Palestinians living in the occupied territories. A two-state solution seems as distant as ever.

- Tom Segev, Israeli historian.
- Michael Oren, Israeli historian and politician.
- Margaret MacMillan, Canadian historian.
- David Shulman, Israeli academic and peace activist
- David Grossman, acclaimed Israeli novelist.

Don't shoot the messenger: The value of whistleblowing (important)

CBC Radio, Ideas, April 2017

Recorded at Ryerson University's Centre for Free Expression, Paul Kennedy hosts a panel on why whistleblowers are vital to the public interest...and how their exposure of wrongdoing can ultimately be helpful, even to their workplace. Investigator Sandy Boucher, international expert Anna Myers, and Canadian advocate David Hutton join forces to explain why they believe whistleblowers should be heard and protected.

Chernobyl Remembered

CBC Radio, Ideas, Part1, Part2, April 2007

The accident at Chernobyl remains the worst nuclear accident in history, worse even than what happened in Fukushima. Thirty-one people died as an immediate consequence, and a great many more were treated for radiation poisoning, but what is less-well understood are the long-term consequences: who is sick today, more than 30 years later, as a result of Chernobyl? Around Chernobyl itself there's a 30 km zone, where no one is supposed to live, and nothing should be harvested. But many have returned to the zone, and many others are marked forever by their time there 31 years ago.

The Motorcycle is Yourself

CBC Radio, Ideas, December 2014

Robert Pirsig's Zen and the Art of Motorcycle Maintenance has been called the most widely read book of philosophy ever written. Forty years after its publication, contributor Tim Wilson revisits an extraordinary interview he did with its author, for still vital advice on how to live.

The rise of the extreme right in France (important)

CBC Radio, Ideas, Part1, Part2, Part3, April 2017

The French go to the polls April 23 to begin the selection of their next president. In the volatile world of French politics, the stakes seem higher than ever, as National Front leader Marine Le Pen is poised to make history. After decades in the political wilderness, the extreme right just might pull off an upset. She's promised to take France out of Europe and to end immigration, as per her motto: "One community, one culture, one language".

Francois Picard, host of Debate and The World This Week on the Paris-based TV network France 24.

Nonna Mayer is research director at the Centre for European Studies at Sciences Po in Paris. She's written extensively about the roots of right-wing politics in France.

Jeremy Ghez -- professor of economics and international affairs at the Hautes Etudes de Commerce in Paris, Director of the HEC Centre for Geopolitics.

Jean-Yves Camus -- political analyst at the French Institute for International and Strategic Affairs (IRIS) and director of the Observatory for Radical Politics, author of Far-Right Politics in Europe.

Pierre Larti, from the extreme right youth political action group Génération Identitaire.

Lucile Schmid, president of the non-profit Foundation for Political Ecology, former diplomat and politician.


The Rise of the Anti-Establishment: Where do we go from here? (important)

CBC Radio, Ideas, April 2017

"It is a deep tragedy, bordering on calamity, that we have come to this point," says Robert Reich of the Trump presidency. In a lecture at the University of British Columbia, followed by an interview with Paul Kennedy, the former U.S. Secretary of Labor and Professor of Public Policy at University of California at Berkeley details how understanding the circumstances that led to the election of Donald Trump can help shape a new democratic political sensibility.

Globalized Anger: The Enlightenment's Unwanted Child (important)

CBC Radio, Ideas, April 2017

Trumpism. Hindu nationalism. ISIS. Chinese expansionism. People everywhere seem fed up with the status quo, and their anger and intolerance are finding political expression. But why? Pankaj Mishra believes that the current unrest isn't about any so-called "clash of civilizations" between the enlightened and unenlightened. He thinks the globalized anger is the legitimate offspring of the Enlightenment itself. He speaks with Paul Kennedy about his provocative book, The Age of Anger: A History of the Present.

Islamist Persistence: The rise and reality of political Islam (important)

CBC Radio, Ideas, Part 1, Part 2, April 2017

It's a provocative argument among Islamic Scholars: was Islam founded on political principles? Is the rise of Islamism, after the Arab Spring, a natural evolution in Muslim-dominated countries? Many would say no. But author Shadi Hamid, an American Muslim and self-described liberal, says the rise of Islamist parties is inevitable. He also argues that mainstream Islamist parties that gain power through democratic, free elections should not be de-legitimized by secular liberals in the West and the Middle East.

Ireland 1916: how 800 years of British rule led to violent rebellion

CBC Radio, Ideas, April 2017

On Easter Monday, April 24, 1916, the streets of Dublin were transformed into a war zone. About 1,200 Irish rebels rose up against 20,000 British troops in a doomed attempt to throw off centuries of British colonial rule. The Easter Rising may have failed in that moment, but the brutality of the British response so disgusted and angered the people of Ireland that Irish independence became inevitable. On this edition of The Enright Files, we revisit some highlights of a two-hour special commemorating the 100th anniversary of the Easter Rising last year.

The Return of History: Your Questions

CBC Radio, Ideas, April 2017

Jennifer Welsh's 2016 CBC Massey Lectures: The Return of History is a stunning tour-de-force survey of the world we live in. Francis Fukuyama made his ill-fated proposal that history had ended in 1989. As communism was collapsing it looked like Western liberal democracy was here to stay. Fukyama argued that no new or better political system could possibly emerge, and that peace and international stability were definitely here to stay. Well, we know how that worked out. Jennifer Welsh's elegant essays explored what went wrong with those expectations, and why.

Saving Syria: Keeping war-torn culture alive

CBC Radio, Ideas, March 2017

Destruction and displacement -- that's the story of Syria today. Paul Kennedy talks with three Syrians who believe in other Syrias, with stories about love, and laughter, and the smells of jasmine and tarragon. Maamoun Abdulkarim risks his life rescuing stolen ancient artefacts. Ghada Alatrash translates the work of poets still coping with life in Syria. And journalist Alia Malek writes about the history of Syria through the story of her family. Each talks about the responsibility they feel toward saving the Syria they know, and their fears that those stories might soon disappear.

Return of the Michif Boy: Confronting Métis trauma (important)

CBC Radio, Ideas, March 2017

PhD student Jesse Thistle was once a high school drop-out who spent more than a decade in and out of homeless shelters, consumed by drug and alcohol addiction. By reconnecting with his birth mother and spending time with his Métis elders he came to understand the effects of intergenerational trauma. His award-winning historical research shines a light on the struggles and the resilience of Métis 'road-side allowance' communities in northern Saskatchewan.

Expletive Repeated: Why swearing matters

CBC Radio, Ideas, March 2017

Profanity was once considered rude and crude — a linguistic last resort. Not so these days. Younger generations use swearing as everyday slang, and academics study it as an ever-evolving form of creative and cultural expression. Cognitive scientist, linguist, and author Benjamin K. Bergen (What the F: What Swearing Reveals About Our Language, Our Brains, and Ourselves) explains why cursing is so %$#* fascinating. Also featured: writer Roxana Robinson, who traces the subversive path of a sexist slur against women, and performer/activist Jess Thom explains what it's like to live with coprolalia — involuntarily swearing out loud.

The Rise of the Extreme Right in The Netherlands (important)

CBC Radio, Ideas, Part 1 (The Night Watch), Part 2 (The Immigrants), March 2017

In 1642, Rembrandt painted a masterpiece featuring Dutch men preparing for military duty at the height of the war of independence from Spain. Its an icon of democracy in The Netherlands, the reminder of a founding moment in history, of the values of tolerance and nationhood. But now, approaching this year's national elections, the Netherlands -- like many countries -- is experiencing an explosion of right-wing populism, fueled by the anti-immigrant rhetoric of Geert Wilders. And the nation is torn.

Rabin Baldewsingh came to The Netherlands as a 13-year-old, a Hindu from the Dutch colony of Surinam in South America. Today he's Deputy Mayor of The Hague, responsible for Social Affairs and Integration. It's an immigrant story with a happy ending, but it's not a track most new immigrants might be able to follow -- the Dutch are struggling with a rise of right-wing, anti-immigrant sentiment on the eve of national elections.

How Existentialist and Conservative Philosophers Think About Freedom (important)

CBC Radio, Ideas, March 2017

While the study of philosophy may seem more peripheral to everyday culture than ever in the 21st Century, the past hundred years saw a proliferation of schools of philosophical thought. None had the popular reach of existentialism, and few had greater impact on politics and debates on social issues than the various branches of conservatism - in many ways, the opposite of existentialism. On this month's edition of The Enright Files, conversations about, and with, existentialist and conservative philosophers.

- Sarah Bakewell, author of At the Existentialist Café; Freedom, Being and Apricot Cocktail.
- Claire Messud, acclaimed novelist and author of New York Review of Books article on Albert Camus.
- Roger Scruton, English conservative philosopher and author of more than 30 books.

Beyond the Huddled Masses (important)

CBC Radio, Ideas, February 2017

From the 2016 Stratford Festival, a discussion with three fighters for human rights, three people whose families arrived on the shores of North America with next to no thing. Today, all three are deeply involved in fighting for human rights around the world.

Flora Terah works for women's rights in Canada and elsewhere- she was a political activist in Kenya before her son was murdered in retribution.

Harold Hongju Koh is professor of law at Yale and has worked as an advisor to the State Department -- his parents were refugees from North Korea.

Payam Akhavan and his family were refugees from Iran. He's worked extensively with the United Nations and as a UN prosecutor at The Hague; now he teaches law at McGill. He's also this year's CBC Massey lecturer.

Downloading Decision: Could machines make better decisions for us? (important)

CBC Radio, Ideas, February 2017

Humans like to let others make decisions for them. But what happens when those decisions are made by machines or artificial intelligence? Can we trust them to make the right choices? Contributor Scott Lilwall explores how we might program robots to make ethical choices. Assuming, of course, we can ever figure out just how humans make those same choices.

Sir Peter Gluckman on the proper role of science (important)

CBC Radio, Ideas, February 2017

The Harper government muzzled scientists. Donald Trump's administration is now doing the same. But a better relationship between science and government is possible. Sir Peter Gluckman is the Chief Science Advisor to the Prime Minister of New Zealand. This episode draws on a conversation he had with host Paul Kennedy and a talk he gave organized by Canadian Science Policy Centre, and hosted by the Institute for Science Society and Policy at the University of Ottawa. His point: science's proper role is to help decision-makers make scientifically-informed decisions.

From Tolerance to Tyranny (important)

CBC Radio, Ideas, January 2015

Christians, Muslims and Jews lived together in relative harmony in medieval Spain. Then the Spanish Inquisition came along with its use of terror and racism, turning a pluralistic society into a police state. Writer Erna Paris first explored this history for IDEAS in 1995. In a new take, she calls what happened in Spain "a cautionary tale for today."

Wachtel On The Arts - Phyllis Lambert (important)

CBC Radio, Ideas, February 2017

Eleanor Wachtel speaks to Canadian architectural activist, Phyllis Lambert, in celebration of her exceptional career on her 90th birthday. Phyllis Lambert's deep commitment to architecture and the city has won her international renown. In 2014, she received the Golden Lion for Lifetime Achievement at the Venice Architectural Biennale.

Back in the 1950s, Lambert became deeply involved in the construction of New York's landmark Seagram Building designed by Mies van der Rohe. It's often called a turning-point for modern architecture, a moment when social responsibility, beauty and truth counted for more than egotism or commercial interests.

The Marriage of True Minds

CBC Radio, Ideas, Part 1, Part 2, February 2017

More than thirty years ago, Paul Kennedy prepared a series that celebrated famous intellectual marriages. These relationships were consummated at various times, from the early Middle Ages to the late-twentieth century. We revisit that classic series from a more contemporary perspective, and wonder what might be learned, and what could be lost from looking for lessons from relationships in the past.

Surviving Post-Capitalism: Coping, hoping, doping & shopping (important)

CBC Radio, Ideas, February 2017

The signs are troubling: the ever-widening chasm between the ultra-rich and everyone else. Mass protests. Political upheaval and social division. It looks as though the rocky marriage between capitalism and democracy is doomed, at least according to Wolfgang Streeck, who directs the Max Planck Institute for the Study of Societies in Cologne, Germany, where he is also a professor of sociology. In conversation with Paul Kennedy about his book How Will Capitalism End?, he makes the unnerving case that capitalism is now at a point where it cannot survive itself.

The Challenge of Peace (important)

CBC Radio, Ideas, February 2017

We have the best communications in history, except for the kind that matters — nations and states understanding each other. What values might we agree on? What ideas about society do we have in common? Has there been progress of any sort? Jennifer Welsh, Paul Heinbecker, Peter Boehm, Arne Kislenko and Daniel Eayrs in conversation from the Stratford Festival.

"Peace" is a tricky concept — everyone agrees that war is a bad idea, but when someone lays siege to you, it's hard not to resort to conflict. We'd all like to have peace, but in an unequal world, where resources are finite and unequally distributed, its hard to see how conflict can be avoided, and how peace can be maintained.

The Enright Files on humanizing Canada's penal system (important)

CBC Radio, Ideas, February 2017

Politicians and governments call it getting tough on crime, part of a law and order agenda. A government focus on victim rights, longer sentences and stripping away services and programs meant to improve the lives -- and life chances -- of inmates, has left Canada's penal system much more equipped to punish than to rehabilitate offenders.

The result is overcrowded, violent jails and penitentiaries. Mentally ill prisoners are often placed in solitary confinement instead of receiving the treatment they need. Minorities are vastly over-represented, particularly Indigenous and black people.

Howard Sapers, Reverend Carol Finlay, Kate Johnson, Sister Elaine MacInnes, and Marianne Vollan, the Director General of Correctional Services of Norway.

Ecology of Sound: Hildegard Westerkamp

CBC Radio, Ideas, February 2017

Paul Kennedy joins sound ecologist Hildegard Westerkamp on a sound-walk through Vancouver's downtown eastside, and explores how opening our ears to our surroundings can open our minds.

After Guantanamo: Dennis Edney on defending Omar Khadr (important)

CBC Radio, Ideas, February 2017

In 2002, a 15-year-old boy was caught by American forces in Afghanistan after a firefight, and imprisoned in Guantanamo for the next 13 years. The boy was Omar Khadr, and his then little-known lawyer was Dennis Edney from Edmonton. From the Stratford Festival, Dennis Edney talks with Paul Kennedy about a life-changing experience that contains a challenge for us all

"In all the years I went to Guantanamo, he was always chained to the floor. And so I saw my job as trying to keep him alive, and I talked to him about hope. And I used to keep pointing to the steel door and I said 'behind that door is light.'"

Media in the Age of Terrorism: Mohamed Fahmy (important)

CBC Radio, Ideas, January 2017

For 438 days, Mohamed Fahmy was locked away in an Egyptian jail, including solitary confinement in the brutal Scorpion wing of Cairo's Tora Prison, living side-by-side with members of the Muslim Brotherhood, al-Qaeda and ISIS. He was accused of being a terrorist, when in fact, he was simply being a journalist. The Egyptian-Canadian's arrest, trials and eventual release in 2015, garnered international attention.

The importance of being ethical with Dr. Janet Rossant (important)

CBC Radio, Ideas, January 2017

Dr. Janet Rossant argues that recent revolutions in genetic medicine demand comparable advances in our understanding of the underlying morality and ethics. "How do we draw the line between fixing a terrible disease and enhancing the human condition?"

After spending years studying the genetic development of mouse and human embryos, Dr. Rossant paved the way for important new possibilities in medical science -- particularly in the area of stem cell therapy. Much of this research was conducted at the Hospital for Sick Children, in Toronto. She is now President and Chief Scientist for the Gairdner Foundation. We hear highlights from her 2016 Henry G. Friesen Lecture, in Ottawa, as well as an interview with Paul Kennedy.

The Causes and Consequences of Brexit: Timothy Garton Ash (important)

CBC Radio, Ideas, January 2017

The election of Donald Trump. Brexit. The turn towards the hard right across Europe. We're in a new era, according to celebrated historian and political writer, Timothy Garton Ash. One in which populist, anger-fueled movements are gathering increasing momentum, not only in the West but throughout the world.

"Let me immediately put my cards on the table, and tell you where I stand on this question of Brexit. I said the day after the referendum that the best day of my political life was the 9th of November 1989 with the fall of the Berlin Wall. And the worst day of my political life was the 23rd of June 2016 [Brexit vote]."

Reconciliation Before Reconciliation with Dr. Tracey Lindberg

CBC Radio, Ideas, January 2017

Dr. Tracey Lindberg explores the importance of reconciliation with self, with community, and with Indigenous peoples in advance of reconciliation with Canada.

The truth about "post-truth" (important)

CBC Radio, Ideas, January 2017

The election of Donald Trump has ignited talk that we're now living in a "post-truth" era. But are we? Where does the idea that the truth no longer exists come from? Or the notion that the truth doesn't matter anymore? Host Paul Kennedy talks to thinkers who argue that the story began years earlier, with a kind of collective identity crisis: authoritarianism can become attractive when you no longer remember who you are.

"'Post-truth' is often understood as involving people's emotions rather than their critical abilities to make distinctions. And I think that might be true but i think it's important to keep in mind that emotion and truth are not two different things. Emotion has to do with what we care about and truths have to do with things that are the case. The two have to work together." -- Kathleen Higgins

Wachtel On The Arts - John Neumeier

CBC Radio, Ideas, January 2017

John Neumeier has been at the cutting edge of dance for more than fifty years. When he was studying English Literature and Theatre at university in Milwaukee, the head of the drama department recognized his talent and connected him with modern dance pioneer Sybil Shearer in Chicago. Before long, John Neumeier was studying at the Royal Ballet Company in London, England. There, another chance encounter landed him a contract at the Stuttgart Ballet, led by the influential John Cranko. At the age of 27, and very much to his surprise, John Neumeier was invited to become the artistic director of the Frankfurt Ballet. Then, in 1973, scarcely 30 years old, he became Artistic Director of the Hamburg Ballet. And he's been there ever since.

Screened Off: The dangers of an insular web

CBC Radio, Ideas, January 2017

Corporate control, and the "tyranny of the popular." Fake news, filter bubbles, and apps as "walled gardens." Have we lost a free and democratic internet? And did we do this to ourselves? Sue Gardner, ex-of the Wikimedia Foundation, writer Hossein Derakhan, and Brodie Fenlon of CBC Digital News join Paul Kennedy onstage at Ryerson University's Centre for Free Expression, in Toronto.

The Enright Files - Ideas to make a better world (important)

CBC Radio, Ideas, January 2017

Many of the things we take for granted in Canada -- universal health care, public pensions, a five-day work week -- were once considered utopian pipe dreams. The same is true of a lot of current ideas to make a better world and improve our quality of life: they endure ridicule and pushback until some brave souls flout conventional wisdom and try them out. This month on The Enright Files, ideas to improve our communities, our countries and our quality of life.

Rutger Bregman, the author of Utopia for Realists: The Case for a Universal Basic Income, Open Borders, and a 15-Hour Workweek.

Janette Sadik-Khan, the former Transportation Commissioner for New York City and the co-author of Street Fight: Handbook for an Urban Revolution.

Pasi Sahlberg, the Director General of the Centre for International Mobility and Cooperation in Helsink and the author of Finnish Lessons: What Can the World Learn from Educational Change in Finland?

Karyn McCluskey, the Director of the Violence Reduction Unit of the Glasgow police.

The 2016 Sobey Art Award

CBC Radio, Ideas, Part 1, Part 2, December 2016

Over two shows, IDEAS profiles the five regional finalists: from the West Coast & Yukon: Jeremy Shaw; Prairies and the North: Brenda Draney; Ontario: Charles Stankievech; Quebec: Hajra Waheed; The Atlantic: William Robinson.

Reflections on Global Affairs: Is the world really falling apart? (important)

CBC Radio, Ideas, December 2016

The news has been bleak: Brexit, populism, terrorism and, an America divided. The war in Syria continues to rage and the number of refugees and other migrants world-wide is soaring. Then, there's economic inequality and a host of other big concerns. It's tempting to think that everything is falling apart. But is that really true? IDEAS in partnership with the Munk School of Global Affairs at the University of Toronto reflects upon the state of the world, along with a razor sharp panel.

Michael Blake, Professor of Philosophy, Public Policy, and Governance at the University of Washington; Randall Hansen, Director of the Centre of European, Russian & Eurasian Studies at the Munk School of Global Affairs and Professor of Political Science; Janice Stein, the Founding Director of the Munk School of Global Affairs and an internationally renowned expert on international conflict and global governance; and moderator Stephen Toope, Director of the Munk School of Global Affairs, take the global view in a time of disruption and change.

Seed Banks: Re-sowing paradise

CBC Radio, Ideas, December 2016

For their potential to be awakened hundreds -- if not thousands -- of years later, seeds have captured our imagination. Seeds that have been entombed with Egyptian mummies, seeds that have sat dormant in mud banks for a generation, seeds that have been tucked into 18th century letters -- all sit expectantly for humans to rediscover them and bring them back to life.

While individuals have always saved seeds, with global warming and with so many plant species now threatened, seed banks have become a strategy to preserve biodiversity. Seed banks might be low-tech operations run out of an individual's home, or high-tech facilities dug into the Norwegian permafrost. The orientation of these collections might vary (a seed "bank" or a seed "sanctuary") but the impulse is the same -- to guard these potentially vibrant objects against extinction.

The Sea Women

CBC Radio, Ideas, October 2007

South Korea's "sea women" have been harvesting commercial treasures from the ocean floor since the 4th century. With only a few tools and fishing baskets slung over their shoulders, these sunburnt and wrinkled grandmothers can dive up to 20 metres on a single breath. Their dives mix dexterity, desire and death. Vancouver writer and broadcaster Gloria Chang returns to the country of her birth for an intimate portrayal of these cultural icons and to unravel a matriarchal mystery: Why do only women take to the waters?

Writing in worried times: GG Award winners share their anxieties

CBC Radio, Ideas, December 2016

They may be successful writers, but that doesn't mean the 2016 Governor General's Literary Award winners are immune from worry about the world around us. Five authors share some brand new work on that theme, and explain how they grapple with the cultural issues that make them most anxious.

Steven Heighton is a novelist and poet based in Kingston, Ontario. Martine Leavitt is an Alberta-born fiction writer living in Vermont. Bill Waiser is a historian in Saskatoon. Madeleine Thien is a Montreal fiction writer. Colleen Murphy is a playwright based in Toronto.

Cracking our moral code: How we decide what's right and wrong

CBC Radio, Ideas, December 2016

We all have a moral code -- a clear sense of what is right and what is wrong. But the reasons why we make certain decisions can quickly get fuzzy. Producer John Chipman explores why some people stick to their moral codes more stringently than others, and delves into the latest neuroimaging research to find out what it can tell us about what guides our moral decisions.

Decoding Death: The science and significance of near death experiences (debunk)

CBC Radio, Ideas, December 2016

People have reported "near death experiences", or NDE's, over centuries and across cultures. The nature of them has historically been the territory of religion and philosophy. But now science has staked its claim in the discussion. And the questions are profound: where is consciousness produced, in the brain, or somewhere else? Can consciousness continue to exist even after the heart and brain have stopped working? Contributor Ashley Walters explores the science and the meaning of near death experiences.

The Enright Files on William Shakespeare & James Joyce

CBC Radio, Ideas, December 2016

On the 400th anniversary of Shakespeare's death, Stratford Festival veterans Colm Feore and Seana McKenna talked to Michael Enright to describe what Shakespeare demands of his actors; how his characters embody the essential qualities of humanity, and why despite the barrier of Elizabethan language, Shakespeare in the 21st century is more relevant than ever.

One hundred years ago -- on December 29, 1916 -- James Joyce published his first novel, A Portrait of the Artist as a Young Man. Michael Enright talks to Irish politician and Joyce scholar Senator David Norris, Irish cultural historian and Joyce scholar Declan Kiberd, and Canadian professor of literature and Joyce scholar Jennifer Levine.

Rear View Mirror: Has the future ever looked like the past?

CBC Radio, Ideas, December 2016

Why does history matter? The conventional reason we're given is that in order to comprehend the future, we need to know the past, that there are lessons in history -- that the mistakes of the past can teach us what to avoid in the future, that unbridled political power leads to dictatorship, that war is a bad way to settle things. But does the past really have anything to teach us -- has the future ever looked like the past?

Bob Rae, Margaret MacMillan, Karin Wells.

The dangerous game: Gamergate and the "alt-right" (important)

CBC Radio, Ideas, November 2016

Emma Vossen's love of gaming started when she was a kid growing up in small-town Ontario. Now as a PhD candidate at the University of Waterloo Games Institute, she looks to gamer culture as a microcosm of how sexism is seeded and replicated within broader society, and she draws connections between gamer culture and the rise of the political extreme right.

Kishonna Gray -- visiting scholar and associate professor at MIT and founder of the Critical Gaming Lab at Eastern Kentucky University. She's also the author of Race, Gender, and Deviance in Xbox Live.

"All of a sudden it became completely normalized that the king of all Internet trolls [Donald Trump] became the president." — Anita Sarkeesian, director of Feminist Frequency, a non-profit organization exploring the representations of women in pop culture.

Jennifer Jensen -- York University professor of pedagogy and technology, and director of the Institute for Research on Digital Learning. She is also the president of the Canadian Games Studies Association.

Is That All There Is? Exploring the meaning & future of science (important)

CBC Radio, Ideas, November 2016

Science helps us understand ourselves and our own place in the cosmos. But how far does the math take us? And what do science and the humanities tell us when we look at the same questions from different points of view? From the Stratford Festival, a discussion between physicist Neil Turok, science writer Margaret Wertheim and philosopher Mark Kingwell.

"We've seen these incredible advances in our basic knowledge of the universe, at the same time the discipline itself is in a crisis. So what's the crisis? Essentially nothing new has been predicted in fundamental physics for three decades" -- Neil Turok, Perimeter Institute for Theoretical Physics in Waterloo.

The Matter of Meat: A history of pros and cons

CBC Radio, Ideas, November 2016

Eating meat: some say we've evolved to do it. It's in our DNA. It's how we got our big brains. Yet others, as far back as Pythagoras, have argued that eating meat is bad for our bodies, cruel to animals, and toxic to the planet. Now -- perhaps more than ever -- when it comes to the matter of meat, clear-cut answers can be hard to come by. Kevin Ball serves up the arguments.

The Tedium is the Message

CBC Radio, Ideas, November 2016

It's never been easier to banish the feeling of boredom -- at least for a moment. But some fear our weapons of mass distraction could lead to an epidemic of ennui and ADD. Contributor Peter Mitton examines boredom and discovers a little-understood universal state of mind. From its obvious downsides and unexpected upsides, to its evolutionary origins and the way it's shaping our future.

The uncertain future of journalism and why it matters

CBC Radio, Ideas, November 2016

Whether it's radio, television, print or online, anyone who works in journalism can feel the ground shifting under their feet. The business model of news has been radically disrupted by the Internet age, and yet, the mandate of journalism remains the same: to uncover and report the truth and hold power to account. In this month's edition of The Enright Files, Michael Enright explores the mandate of journalism and how to maintain the integrity and craft even while it faces an uncertain future.

Wachtel on the Arts - Ai Weiwei (important)

CBC Radio, Ideas, November 2016

Chinese artist Ai Weiwei has been called "the most powerful artist in the world" and "a contemporary icon of resistance." He's reached an almost unprecedented level of international fame, both for his powerful work and his tough political criticism. He talks to Eleanor Wachtel about his beautiful and subversive art and about his fight for freedom and democracy in China.

Together with volunteers he gathered through the Internet, Ai Weiwei went town to town and door to door in Sichuan, talking to the families of the children who had been killed. Then he published their names, birthdays, and other information on his website. This is what ultimately led to his arrest and detention.

Nominating Leonard Cohen for a Nobel Prize

CBC Radio, Ideas, November 2016

In the fall of 2013, we broadcast several programs celebrating Paul Kennedy's 15 years as host of IDEAS. Nominating Leonard Cohen for a Nobel Prize was one of the episodes we revisited. This lively open forum was recorded at the 2005 Blue Metropolis Literary Festival in Montreal. Panelists include critic, Ed Palumbo; poet, translator and broadcaster, Michel Garneau; jazz singer, Karen Young; and poet George Elliot Clarke.

Next