The Importance of Forgiveness

As I write this, I must take a moment to acknowledge the rather monumental elephant in the room that is ever-present in all of our lives: Hypocrisy. I’m no different than you, dear reader; I have my own flaws (too many!), and for the topic of this post I’m no different. Indeed, I’m probably far worse than you. I’ve contemplated forgiveness for many people I’ve known over the years, repeatedly falling short and never truly forgiving them in my heart.

In this post, I’ll explore a little bit about the underpinning reasons for this (my ex-girlfriend) and what it means. I’m writing this only for the sake of completeness for the handful of friends who’ve read the rather painful post that predated this and served to provide some context.

I apologize that the post inspiring this one is no longer available. I’ve since set it to private viewership since it expressed a great deal of frustration and anger that I don’t think is appropriate to retain here.

What Forgiveness Isn’t

Forgiveness isn’t about reconciliation–that’s a myth. Far too often, I’ve heard many of my friends and acquaintances lament forgiveness as a binary thing: Forgive someone and reconcile with them or remain angry with them and never forgive. Except that this isn’t true. Forgiveness certainly can coincide with reconciliation. Oftentimes it doesn’t.

Forgiveness also doesn’t mean that you accept what ills someone inflicted on you. You accept the outcome, but you need not accept that their behavioral pattern is justifiable or should be encouraged. If someone flings arrows at you, forgiveness means that you accept the new-found knowledge that this individual isn’t who you thought they were. You move on, taking this lesson to heart, and accept that your own response and understanding of their particular situation must adapt. Sometimes this means adjusting your relationship with that person. Sometimes this means leaving the relationship entirely.

In my particular situation, the latter was the only option: Our relationship had soured to such an extent and the final coup de grĂ¢ce levied against me so toxic and unconscionable that it was better to cut all ties. “Friends,” as an option, was out of the picture. At the very least, I knew that it would make future relationships easier with her out of my life since whomever I eventually meet would undoubtedly know–or learn–what transpired.

But, I mean not to dwell on past misfortunes. I’d rather discuss what this means, and the positive ray of sunshine in all of this that is perhaps the most difficult pill to swallow: Forgiveness isn’t about the third party in your life who has wronged you. It’s about you.

Where the Lesson Started

My mother had been not-so-subtly encouraging me to attend church with her in the weeks following the demise of my then-long-term relationship. I resisted, but after many long evenings of prayer and thoughtful contemplation, I relented.

Before I continue, I wish to point this out: I know some of my readers aren’t especially religious–if at all–so this isn’t intended to be a near-Pharisaic display of my faith. This is provided for completeness and to explain some of my reasoning behind this post.

The first sermon I attended after a long hiatus from church services was, perhaps ironically, on anger (and forgiveness). This didn’t surprise me; I felt that I was being drawn to church for a reason, and I knew God had a message for me if I were only to obey His call. Specifically, the sermon was part of the pastor’s series on Jesus’ Sermon on the Mount, and more topically, it was a discussion of Matthew 5:21-26.

Under God’s law, anger and murder are treated the same. Except that anger has a few special conditions: If you’re angry with someone, you must forgive them. If you know someone is angry with you, you must ask them for forgiveness; if they don’t accept, then the responsibility is upon them and your involvement is washed clean.

Matthew 5 isn’t particularly clear on this point, and it requires reading associated texts (some from the Old Testament) to gain a complete understanding of Jesus’ message that may otherwise be somewhat cryptic to modern audiences (Jewish audiences of the day had arguably clearer understanding). With sufficient due diligence, an understanding can be made that in Christendom, forgiveness is a particularly important concept. Indeed, it’s one that appears throughout the New Testament, up to and including Jesus’ sacrifice.

The crux of this didn’t impact me until the very end of the sermon when the pastor ended with his closing prayer. While it’s been many weeks since, and I’m paraphrasing his words; he said something to the effect of: Lord, if there is anyone here who is angry with another, possibly because that person was done wrong by someone else or they were hurt by that person, help them forgive the wrongdoer so they can be right with you.

It struck me at that point that the message I was called to hear was one I’d already anticipated–but sometimes knowing the answer and hearing the answer from someone else are opposite sides of the same actionable outcome. Oftentimes I’ll know what I need to do, but it may not seem like the correct outcome until I hear someone else verbally repeat the knowledge I thought I had internalized.

Further Coincidences

As I struggled with finding my own path toward forgiveness, I ran across an article on NPR (not my first choice) titled “Why Forgiving Someone Else is Really About You.” Curious timing aside, the article makes a strong case toward painting forgiveness as resolving internal conflict and finding freedom from one’s own emotions.

It was a particularly well-timed read since I’d felt myself occasionally vacillating between mild anger or resentment whenever I’d think about my ex-girlfriend. Sometimes I’d see or hear something that would bring back a couple of memories, and I’d relapse into thinking nonsense thoughts like “Why did you do this to me?” Then I’d snap back to reality and recognize that the path forward, thus far, has been incredibly positive compared to the path I was on with her.

But the chains of resentment are difficult to rid yourself of, and I think forgiveness truly is the first step toward freedom.

What Forgiveness Is

By forgiving someone, particularly a person who inflicted great pain or misery, you rob them of whatever power they might hold over your life. Forgiveness is the first step toward accepting past events and finding a way forward. By forgiving someone, you begin a healing process that will help mitigate how often you find your thoughts consumed by their actions toward you.

It’s incredible how freeing that feeling truly is. By forgiving someone, you can accept the way things are and deal with them accordingly. You reduce the influence of negative emotions toward someone else and (eventually!) find a resolution where positive emotions take priority.

Again, forgiveness isn’t about reconciliation. Of course, this is situational: Sometimes reconciliation is a valid outcome as part of a forgiveness strategy, but it shouldn’t be seen as the only outcome. In some cases, as with my failed relationship, reconciliation simply isn’t possible or desirable. Shifting toward a friendship after many years of romance rarely works. Perhaps this is a tremendous understatement if the romance ended in a substantial breach of trust or as a consequence of underlying trust issues or repeated dishonesty (each of which I had to endure). If the person in question simply isn’t trustworthy, or if continuing any relationship with them would result in worse outcomes, it’s apropos to cut your losses instead and walk away than it is to endure more of the same.

It took me years to recognize these truths, and I’m sure there will be many more examples where my decision-making process falls short of any semblance of “did you learn something from this?” But I fully expect that the long term benefits of finally understanding the importance of forgiveness will be everlasting.

I would encourage you to consider forgiveness if you’re in a situation where someone’s actions are eating at your soul. It doesn’t mean you have to reconcile with that person–or go out of your way to be friendly!–but by forgiving them, you deprive them of the power they hold over your life; power they may not even be aware of! You start the important process of ridding them from your conscious mind, and only then can you begin to heal. Suffice to say: Sometimes healing the wounds inflicted by another and finding your own path toward happiness is the best form of retribution.

Misery loves company, but it loathes happiness.

Comments Off on The Importance of Forgiveness
***

nginx v1.4.5 and IPv6

I recently updated the VPS this blog is sitting on. Coincidentally, this also updated nginx to the latest version and broke everything. I didn’t think much of it at the time, but when I linked a friend to this post over on my fun blog, he was delivered to the default nginx page. Puzzled, I poked around for a while, mostly examining DNS records and server configurations. I couldn’t find anything wrong.

Then I had a eureka moment.

I’m on IPv6 at home. I have this site (and others) configured to use IPv6. It hadn’t occurred to me until then that it might be protocol related. Using curl (curl -4 and curl -6), I confirmed my suspicions. Although the server was listening on TCP and TCP6, it was only serving up the vhosts on IPv6 and not IPv4. IPv4 was receiving the standard welcome page.

I knew that I had configured the server appropriately for both stacks. I’ve read through the docs. I combed through dozens of blog posts documenting the process. I was convinced the server was correctly configured. I must’ve fiddled with it for a good hour or so, reviewing documentation and the likes to no avail.

Infuriating.

Since nginx 1.2 or 1.3 (I can’t remember precisely), it’s been necessary to add ipv6only=off to the listen directives in order to support a dual stack environment. It’s my understanding this trick doesn’t work on some BSDs, but I know for a fact it worked fine under Linux. Or so I thought. I tried it successfully under Arch and Ubuntu with identical results with the exception that I neglected to recall one minor detail: My Arch install updated to nginx 1.4-something well after I had configured my desktop for developing on a dual IPv4/IPv6 stack. I suspect it’s probably broken in the same manner. But, I use it strictly for development, so I’m not particularly concerned whether or not it works on IPv4. I don’t use the protocol much within my network, so why worry, right?

To continue: I decided to take another stab at it and discovered something curious. Previously, all that was required to enable dual-stack support in nginx was to add the following to whatever was configured as the default host

    listen [::]:80 ipv6only=off default_server

And then all subsequent vhosts simply required

    listen[::]:80;

That’s all. It used to work–like magic. But, sadly, magic eventually runs out. This is why electronics stop working once you let all the “magic smoke” escape. Sorry, it’s an old electrical engineering joke my father has oft repeated. I guess it’s brushed off onto me.

Anyway, here’s the solution. You might find it contrary to some of the antiquated information out there lurking on various blogs dating back from 2011 through the middle of 2013. It works for nginx 1.4.5 (and possibly earlier versions), but the trick is to add this to the default vhost configuration

    listen[::]:80 ipv6only=on default_server;
    listen 80 default_server;

And for all subsequent vhosts

    listen[::]:80;
    listen 80;

I should note it works fine without adding the ipv6only=on directive, just like the generic vhost config (above). I believe I’ve read that this is because the default behavior enables ipv6only automatically. However, if you’re running a slightly older version, you might need to keep it. Hence why I’m not going to remove it from my examples. Better safe than sorry, right?

default_server is (hopefully) obvious, but only required if you want to provide a default site (or page) for users hitting your web server’s IP. Or for ancient browsers that haven’t been taught how to use the Host header. Are there any of those left?

So, the trick is that you need two listen directives. Period. Yes, even for TLS/SSL. If you skip these directives on any vhost, the missing protocol binding will be skipped for that vhost. I suspect this is probably documented somewhere. The problem though is that there are literally dozens of blogs pointing the old instructions that used to work. These are now deprecated. Following them will only lead to sadness.

Initial frustration aside, I find meshes well with my preferences. It’s more explicit and there’s no question which protocols nginx will use when binding to the configure port or ports. However, it will cause headaches for IPv6-enabled sites migrating from nginx 1.2. So, if you’re running Ubuntu and have decided to update in order to gain access to newer features (websocket support, SPDY, et al), expect breakage. More importantly, be absolutely certain you’ve independently tested all of your deployed sites using IPv4 and IPv6. Make liberal use of the -4 and -6 switches for curl. It’ll save you from unpleasant surprises.

1 comment.
***

A Lesson from Twitter

Today, I got a curious e-mail from Twitter:

Hi, zancarius

Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.

You’ll need to create a new password for your Twitter account. You can select a new password at this link: [redacted]

As always, you can also request a new password from our password-resend page: https://twitter.com/account/resend_password

Please don’t reuse your old password and be sure to choose a strong password (such as one with a combination of letters, numbers, and symbols).

In general, be sure to:

Always check that your browser’s address bar is on a https://twitter.com website before entering your password. Phishing sites often look just like Twitter, so check the URL before entering your login information!
Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.
Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don’t recognize, click the Revoke Access button.

For more information, visit our help page for hacked or compromised accounts.

(Before you ask, yes this did come from Twitter.)

It turns out that my Twitter account had been compromised. I hadn’t posted anything since 2011, and I seriously doubt I logged into Twitter any time recently on my browser (though I probably have it active on a mobile device–I just never check it). This was puzzling to me, as I thought I had used a random password on the account as per my usual habit.

Except that I hadn’t. Instead, I had used a simple throw away that could’ve been relatively easy to brute force given sufficient time. This was entirely my fault, and while there’s no excuse for it, I admit that I hadn’t ever thought enough of using Twitter to protect the account. Furthermore, the account was created circa 2009 when I used to use fairly simple passwords for throwaways and strong passwords for accounts I wanted to protect (my personal e-mail accounts use > 40-70 character pass-phrases, for example). So, this was entirely my mistake, and while it’s plausible that I may have given access to a 3rd party to tweet on my behalf, I suspect this isn’t the case; there were no apps listed in the authorized application list, and the Twitter e-mail strongly hints that they will remain there until manually removed.

So, lesson learned I suppose.

However, this did present a unique opportunity to learn from one of the top social networking sites in the world. Rather than closing accounts or granting spammers free reign, Twitter resets the account password and sends a polite notice to the e-mail address registered for the account indicating what the problem is and how to rectify it. It’s a brilliant idea, I think, and I’d love if more sites followed suite. After all, spammers are using similar tactics elsewhere (including Youtube) to exploit accounts that might otherwise hold good standing with the community to continue their nefarious activities. Plus, is it really fair to terminate someone’s account that’s been compromised, just because it was used to spam? I don’t think so–not anymore.

The other lesson in all of this is to use strong passwords even for accounts you don’t think you’ll use again. It can affect your reputation, it can cause embarrassment, and it feels unnaturally violating to see spammy comments from an account with your picture on it. While my account was only used for two spam tweets before Twitter shut it down, the sensation of such violation wrought deep into my core.

For a couple of years, I’ve been using the excellent KeePass password storage application (more specifically, the KeePassX v2 port) to generate and store random passwords. The tactic of generating random passwords is increasingly more and more viable as forum software (like vBulletin) exhibits such strong weaknesses that MD5-hashed passwords are no longer strong enough to protect against attackers with even modest resources. By using randomly generated passwords, even if one is compromised, you don’t have to worry about an attacker gaining access to other accounts–or to the mental algorithm you use to generate passwords you can remember.

That said, for my most important accounts, I do use fairly lengthy pass-phrases. By mixing KeePass with pass-phrases, I can save my mental energies for remembering those passwords that are the most important, and offload the remainder of the work to the computer. So far, it’s worked fairly well. Twitter being the only account I’ve had compromised due to forgetting to change the password to something random and having used an older throw-away password, being somewhat “cutesy” (or so I thought) in the process, serves as a good testament to this. It doesn’t mean I won’t have another account compromised, but it does dramatically reduce the probability. The fact that an account I seldom used was compromised helped push me into action to reset some of my more important passwords and to verify the ones that I have collected to ensure they meet my criteria of strong and random.

So, even if you have an account you never think you’ll use again, be absolutely certain you use a strong (preferably random) password or pass-phrase. After all of this nonsense, I think I might have to go back to using my Twitter account. At least I didn’t lose it; all I lost was some face (but I have hardly any followers whom I don’t personally know in real life… so does it really matter?).

The other moral in all of this is that such compromises can hit anyone. Even you.

No comments.
***