Matt McCutchen: meta information
Legal name: Richard Matthew McCutchen. Pronoun: he. Title: Mr. (if you wish to be formal; I'm always OK with being called "Matt").
Information about life and hobbies has moved to the home page.
- Primary email: matt@mattmccutchen.net .
You are always welcome to email me.
Please write at least the subject in English, otherwise I'm liable to assume your message is junk without taking the time to machine-translate it.
I strive to read email within 24 hours (policy TBD if I go on retreat or the like; often I'm much faster) and address issues in a reasonable
timeframe based on their complexity, urgency, and priority to me.
For issues that need attention sooner than 24 hours, please call or SMS me if you have my phone number and don't have reason to believe I'm watching for an email.
If responding by email would be inefficient (common for chat about life),
I'll propose to communicate synchronously instead.
If you think I'm mistakenly ignoring your mail, you can remind me.
I have proudly used matt@mattmccutchen.net since 2007-08-12 and I intend to keep it working if at all possible
for the rest of my life as long as email and the IANA DNS see significant use, though I may designate a better secure communication system as my preferred contact method if one becomes available.
- Also me: hashproduct@gmail.com (current primary email address of my Google account; email will reach me for the foreseeable future but I prefer you use matt@mattmccutchen.net),
hashproduct(at)verizon.net (no longer works).
Before I paid for my own hosting, this web site was located at http://www.kepreon.com/~matt/ (thanks to Kevin McGehee), http://hashproduct.metaesthetics.net/ (thanks to Skyler Leigh), http://mysite.verizon.net/hashproduct/, http://mysite.verizon.net/mccutchen/, and http://www.angelfire.com/electronic/sappasaur/. You may see the old addresses in old materials.
- I currently do not have a general-purpose GPG key. Here is my old key, which is probably too cryptographically weak now to be useful. I hope to significantly improve the security of my computing environment soon, and I'll generate a new key at that time. To reduce confusion, I won't generate another key in the interim unless someone asks me to.
- I'm interested in the functionality and efficiency benefits of online social networking
compared to one-on-one communication, but I have not put in the effort to find a workable solution
that has acceptable privacy properties and does not burden me with unwanted interactions.
I mistrust Facebook and have
a Facebook account
only to participate in groups there that I have no leverage to move to a different platform.
Until Google+ shut down, I had an account there to help people find me
but did not have circles or content of my own.
- Please do not assume that an account on a third-party service not linked from this site is mine unless
the account shows my email address or web site and you know that the service has verified it.
(Most services verify user email addresses, but few verify web sites.)
In any event, please avoid sending me confidential information via
third-party services when doing so has no benefits compared to direct email,
and don't trust integrity-critical information apparently from me on such services either
unless I state otherwise.
Replying to an existing thread on another service,
messaging me via an online conference in which I'm participating, etc. are totally fine.
Yes, I know email is subject to a man-in-the-middle attack between your mail relay and mine
because I have not deployed DANE, while other channels may not be
(assuming they aren't configured to forward the information to me by email!),
but I consider such a MITM attack a lower risk than the use of most third-party services.
If you'd like to send me highly sensitive information, let me know and we'll arrange something.
- I have accounts on Skype, Google Hangouts, and other third-party services that I do not
check regularly. If you send me a message there and I don't respond in a reasonable time frame, please email me.
- My phone number and postal address are not intended to be public. Please email me if you want them.
Web site technicalities
- Much of this web site is public-domain and may be distributed modified or unmodified without any copyright restrictions.
- I'm interested in accessibility but don't have much familiarity with people's needs.
While some content management systems may have accessibility features built in,
I'm hoping that my site's use of relatively simple HTML will still let assistive tools work well.
Please let me know if there are things I could do to improve the accessibility of the site
(or any other aspect of its usability, for that matter) with a modest amount of work.
Unfortunately, for some project materials
(notably the Espalier software),
accessibility is probably infeasible at this time.
- The favicon for this site is the normal cursor from a Windows mouse cursor set named "Blocky" that I drew in 2003.
I didn't end up using it long-term as a mouse cursor, but I liked the aesthetic enough to make it my logo, for now at least.
It now appears in the icon for my version of Escape to help distinguish it from upstream.
- Most of this site is generated by a custom XSLT-based build system that dates back at least to 2005.
Amazingly, I've been able to adapt the system to my needs ever since,
except that I'd like to have a way for visitors to submit comments other than emailing them to me manually.
If you'd like more information, email me
and I'll see what can be cleaned up for public release.
- This site has various files and applications under https://mattmccutchen.net/private/
that are linked from other places for specific audiences.
(No, you can't list that directory.)
There are also a few private items that get enough use to justify omitting the /private/ from the URL for user convenience.
- This site has proudly supported SSL with a publicly recognized certificate since 2008-08-29.
At first I had to pay for a unique IP address and a certificate and install the certificate manually;
then along came Server Name Indication,
StartCom, and finally
Let's Encrypt,
resulting in free turnkey SSL support on major web hosting services and web sites like this one.
The current public CA system has serious problems,
but for now, I support its use to defend against a range of potential attackers.
- In the past, I sought to make this web site an exemplar of server and browser security.
What remains of that effort is that
this site is on the HTTP Strict Transport Security preload list
(it was one of the first sites added,
back when the process was to email Adam Langley!).
That means that any modern browser will forcibly redirect http://mattmccutchen.net to https://mattmccutchen.net,
a godsend when there are links to http://mattmccutchen.net strewn across the web that are difficult or impossible to update.
Another initial motivation for HSTS with subdomains was to prevent cookie forcing,
although cookie prefixes now provide a better solution.
