Zimt Riesenschnecke

I like a lot of those videos by Tasty. Snappy music, nice videography. Makes for a fun viewing. But they are somewhat misleading: every thing you need to know fits into a two-minute video of theirs. The execution is nowhere near as straightforward as it seems in the video, and you are responsible for your own music. But still, this was a success. I got it from this YouTube video, which was inspired by her. I adapted the recipe for use with metric measurements and fresh yeast, which I prefer over instant or active dry yeast. I converted the yeast amount based on this yeast converter website, for which I am grateful. The instructions are mostly a straight lift — just be aware of the baking time notes in the instructions.

I didn’t have a round 9-inch cakepan or skillet, but my squarish 10-inch cast-iron skillet worked out just fine. The rolls of dough happily shapeshifted from circular to a rounded square.

Ingredients

Dough

100 g or ½ cup unsalted butter, melted
500 ml or 2 cups whole milk, warm to the touch
105 g or ½ cup granulated sugar
7 g fresh or 1 pack active dry yeast (0.5 oz)
690 g or 5 cups flour, divided
1 teaspoon baking powder
2 teaspoons salt

Filling

165 g or ¾ cup butter, softened
157 g or ¾ cup light brown sugar
2 tablespoons ground cinnamon

Frosting

113 g or 4 ounces cream cheese, softened
25 g or 2 tablespoons butter, melted
30 ml or 2 tablespoons whole milk
5 ml or 1 teaspoon vanilla extract
148 g or 1 cup powdered sugar

Mathy Thoughts

Area of a circle = πr²
Area of a 9-inch round pan1 = π×(4.5)² = 63.6 in²
Area of a 12-inch round pan = π×(6)² = 113 in²

So…going from a 9-inch pan to a 12-inch pan means doubling the ingredient amounts? Good to know for next time in case we need to make a bigger one.

Instructions

  1. Generously butter a 9-inch cast iron or cake pan.
  2. In a large bowl, whisk together warm milk, melted butter, and granulated sugar. The mixture should be just warm, registering between 100–110°F (40°C). If hotter, allow to cool slightly.
  3. Whisk the yeast evenly into the warm mixture and let sit for 1 minute.
  4. Add 4 cups of all-purpose flour to the milk mixture and mix with a wooden spoon until just combined. 2
  5. Cover the bowl with a towel or plastic wrap and set in a warm place to rise for an hour.3
  6. Preheat oven to 325°F (160°C).
  7. After 1 hour, the dough should have nearly doubled in size. Ours got bigger and gloopier, but I wouldn’t say it doubled. Remove the towel and add more flour — the original instructions suggest an additional ¾ cup of flour — the baking powder, and salt. Stir well, then turn out onto a well-floured surface.
  8. Knead the dough lightly, adding additional flour as necessary (about ½ cup), until the dough just loses its stickiness and does not stick to the surface. You’ve got to go by feel here.
  9. Roll the dough out into a large rectangle, about ½-inch (1 cm) thick. Fix corners to make sure they are sharp and even. Don’t make it too large. A bigger rectangle here means a doughier, breadier cinnamon roll at the end. And that detracts from the cinnamonitity.
  10. In a small bowl combine the filling ingredients and stir to combine. If your butter isn’t soft enough, you’ll need beaters to whip it into form. And it’ll still be difficult to spread onto the dough evenly without tearing it. Moral: get that butter nice and soft before you start.
  11. Spread the filling mixture evenly over the rolled-out dough, spreading right to the edges.
  12. Using a pizza cutter, being careful not to cut into your silicone rubber work surface, make three horizontal cuts to divide the dough into four long, evenly sized strips.
  13. Starting from the bottom, roll the first strip up right to left. Take the first roll and place it back on top of the next strip, starting again on the right side and rolling up right to left, building on the first. Continue with the remaining two strips until you have a giant cinnamon roll. 4
  14. Place the giant cinnamon roll in the prepared cast iron or cake pan and cover with plastic wrap. Place in a warm spot and leave to rise for 30 minutes. The cinnamon roll should expand to the edges of the pan during this time. Mine didn’t. The big expansion came during the baking, thanks to the baking powder. 5
  15. Bake for 45 minutes. Cover the cinnamon roll with foil to prevent the outside from burning, and bake for an additional 35 minutes, per the original instructions, if you like it to get a burnt, crusty bottom. That’s what I got. Next time I’ll try the second baking phase with just 15 or 20 minutes. Your nose is helpful here; when you smell a faint burning smell coming out of the office, take that pan outta there!
  16. While the cinnamon roll is baking, prepare the frosting. In a medium-size mixing bowl, whisk together cream cheese, butter, vanilla, whole milk, and powdered sugar, until smooth. Use an electric mixer here if you can, especially if your cheese or butter isn’t quite room temperature yet.
  17. Remove the cinnamon roll from the oven and let cool in the pan for at least 20 minutes. Once cool, remove from pan and drizzle frosting over the roll before serving.
  18. Slice and enjoy!
rolled
baked, but not frosted

finished


  1. The ingredients above assume a 9-inch round pan. []
  2. Actually, I did steps #2-4 in my Kitchen Aid stand mixer. []
  3. I just put the whole stand mixer bowl in our steam oven at 30°C for an hour. []
  4. Lefties: I strongly suspect it does not matter at all in which direction the rolling starts, as long as you are consistent in your direction for all four strips. []
  5. Learn more about single- vs. double-acting baking powder; perhaps AmiExpat’s conversion ratio will work for you if you didn’t smuggle American baking powder back with you on your most recent trip to the USA. But I suspect it won’t be an exact drop-in substitute. []

One-Pot Spicy Rigatoni

I’m not a full convert, but I do dig this whole one-pot recipe craze. Especially with pastas, I find the noodles are particularly infused with flavor. We were inspired by this recipe, but made a few changes. I imagine it’s great with the chicken, but we’ve only ever had it without and it has never disappointed.

2 T olive oil
2 shallots, finely chopped
5 cloves garlic, smashed and chopped
2 roasted red bell peppers, roughly chopped
2 T tomato paste
1/2 c dry sherry
1 28 oz can stewed tomatoes
2 c water
2 T fresh oregano, finely chopped (or 2 t dried)
2 pinches dried red pepper flakes (3 if you like it spicy)
1/2 t salt
500 g Rigatoni (or other short pasta, tubes would be best)
1 T butter
10-15 basil leaves, torn
1/2 c Grana Padano, grated
3 T cream

In a deep pot, heat oil over medium-high heat. Sauté shallots and garlic until tender, then add peppers and cook for 2 minutes. Stir in tomato paste and cook until it begins to smell caramelized, then deglaze pot with sherry. Add tomatoes and break them up with a spatula. Add the water, oregano, pepper flakes and salt and bring to a boil.

Add the pasta and cook, stirring frequently, for 10-15 minutes or until almost tender. Turn heat down to low, add butter and basil. When butter is completely melted, add cheese and cream, stirring until integrated. Simmer for 5 minutes more, stirring all the time, then remove from heat. Let stand for a couple of minutes, then serve.

Freinsheimer Kulinarische Weinwanderung die Dritte

Third time’s a charm! Actually, the first and second times were also charms.

We liked our stay at Karlbacher Hof in 2015 so much that we reserved there again as early as possible, without having anything more concrete in mind than “we’ll need a place to sleep during the Weinwanderung.”

We got lucky with the drive in on Friday morning and the return trip on Sunday afternoon: no traffic problems, despite the nightmare of construction on the A6.

The WEBMU pals who introduced us to this glorious weekend in September back in 2012 flew in from Old Blighty with their not-quite-three-year-old son — perhaps indoctrinating him with early exposure to Weinfestkultur.

On our way out of town late Sunday morning, We stopped by the Altes Landhaus winery store/hotel/vacation apartment place and bought a couple bottles of a Chardonnay/Weißburgunder blend, and restocked on their 2014 Scheurebe we loved so much with Snooker on our first stay Karlbacher Hof.

For future reference: Bissersheim, Herxheim am Berg and Kirchheim an der Weinstraße look like good alternatives if Freinsheim and Großkarlbach are all booked up. A couple thousand meters on a farm path is about the most you’ll want to do on foot back to your accommodations if you don’t have a DD (we did — thanks Damon!). Don’t count on taxi service; they’re in high demand.

A Late Summer Weekend am Arlberg

This weekend was perhaps the last chance this year for a long weekend. A few years ago some good friends who started out as work peeps recommended Apart Schultes to us for a pretty, affordable, friendly place to stay in the off-season in the Austrian ski region St. Anton. Continue reading A Late Summer Weekend am Arlberg

A Week in Eastern Ireland 2017

After our last vacation in Val d’Aosta back in May, a cumulation of stressy stuff at work since then, and some unexpected health issues complicating everyday life, we were very thankful to have planned a get-away trip to Ireland with our old college pal the Malge well in advance. This trip was definitely necessary to chill the heck out. Continue reading A Week in Eastern Ireland 2017

Secure messaging update: Threema Web vs. Signal Desktop and ProtonMail

Hey, there are neat new toys to play with! In brief: mobile chat apps are progressing and ProtonMail looks nice for secure email. I put a TL;DR down there for you.

I write about this stuff occasionally.

Threema vs. Signal, again some more

Since my last missive, Threema has released Threema Web for the Android platform…but not yet for iOS or Windows Phone.1 Threema Web promises to offer everything I like about Threema on my phone combined with the convenience of using it on a desktop or laptop computer, where I can type with all 10 fingers. At least I hope so. They haven’t rolled it out for iOS devices yet, and I don’t have an Android device, so I’m not sure. But I’m betting Threema Web continues to allow you to be more anonymous on the internet than Signal, which requires registration with a phone number and allows anyone with Signal and knowledge of your phone number to contact you that way. Threema lets you choose whether to be contactable that way, which I highly appreciate.

Nevertheless, I have started seeing more of my contacts showing up on Signal than in the past. Some of them are undoubtedly using it because of my nagging, but apparently not all of them. For example, I see Airport Liner (our favorite shuttle service from Regensburg to Munich Airport) is using Signal now, too. Probably most people don’t care too much or simply trust WhatsApp not to sell them out to its corporate parent (Facebook), now that WhatsApp offers end-to-end encryption2 based on the same technology as Signal. But I still don’t trust them.

Another thing I liked better about Threema vs. Signal from the beginning was the ability to encrypt short audio clips and send them as messages. Threema’s had that for a long time, but Signal must have gotten it in a recent update (to iOS). That feature is extremely useful when your hands are full or you’re at a stoplight and don’t have time to type out what you could say more quickly.

And of course, Signal does secure phone calls — IIRC, the app grew out of the fusion of a secure audio app (RedPhone) and secure text messaging app (TextSecure). I don’t use it for that very much, but it does work.

Still banging on about secure email

Yeah, I still am. It’s not an easy topic to cover. There are

  • competing standards within standards3,
  • somewhat elegant desktop solutions4, but mostly only clumsy apps on mobile devices
  • inherent weaknesses baked in historically5, and of course
  • the raison d’être for the likes of Gmail, Hotmail, Yahoo! Mail: ad revenue. If their machines can’t read your email, they can’t sell you.

I followed the mailpile project for a couple years, even playing with it at home on a Raspberry Pi or my Linux desktop machines, but it appears to progress only haltingly at best, felt clunky to use, and presumes that you (eventually, when they perfect their product) want your mail to be on your local devices only — like a RasPi or a memory stick you keep on your keychain. That’s not really what I want; I want mail on a server somewhere6 that is only readable for the intended recipients.

They’re really playing up the Swissness.

Then internet pal Harvey Morrell called my attention to ProtonMail. This could be a game-changer. You get:

  • public key encryption7
  • a smooth webmail experience in the desktop
  • iOS and Android apps
  • free, paid, and paid-a-lot tiers of service


I was pretty skeptical at first. Webmail can’t be as secure as an offline private key, because the webserver has to have your private key in order to decrypt messages intended only for you, thus defeating the purpose, right?

That’s true…unless there is another layer of encryption on top of that private key preventing its misuse. Wikipedia explains it: yes, the server behind ProtonMail has the private key needed to decrypt messages encrypted for you, but that private key is symmetrically8 encrypted with your login password, and decrypted on the brower-side to display secured message content only in the browser. So: ProtonMail cannot use your private key (even though it lives on their servers) because your login password prevents that. It’s the first web-based email service with public key encrpytion that sounds promising to me, because it actively promotes its inability to decrypt your email upon demand (of anyone — not even you).

Automatic encryption for ProtonMail users, Optional for everyone else

When you send a message from ProtonMail to another ProtonMail user, it’s encrypted for the recipient automatically. Super-duper easy. But what about sending a message securely to someone who is not a ProtonMail user? You can send a conventional plain-text message if you want. But you can also symmetrically encrypt the message for the recipient by providing a password. Then ProtonMail sends the recipient only a link to retrieve the message, and the recipient enters the symmetrical password then. Keeping that symmetrical password secure is up to you! 9

Composing a message for a non-ProtonMail recipient
Pick a password, confirm it, give a hint if you like.
Here is what a non-ProtonMail recipient sees when you send an encrypted message.

Another nice feature, particularly to help wean you off of your current email provider, is that you can ask ProtonMail to send you a daily reminder at your non-ProtonMail address if there are unread messages in your ProtonMail inbox. Slick!

More to come?

ProtonMail still has a way to go. It does not yet support the full functionality of PGP the way GPGMail or Enigmail does: only in-line PGP works for incoming encrypted messages from outside ProtonMail. This means: if you want to send me “ProtonMail sounds promising!” as an encrypted message at my protonmail.com address, you have to encrypt it using my public key (ask me, I’ll give it to you) and send me an email with this text as its body:

Suggest some products to me based on that, Gmail!

That’s in-line PGP, and it’s probably fine for text messages. All the email programs that support PGP do this kind of en- and decryption for you automatically.

Recipient sees the clear text without any extra effort.

But it gets clunky when a message has more than one part to be encrypted. This is common when there is a plain-text version of the email message and a fancy HTML version of the email message wrapped up in one email, or any attachments. PGP/MIME is clearly the right way to go for that use case, but ProtonMail does not support it yet — at least not for in-bound messages.

It also does not yet support storing and using the public keys of non-ProtonMail users. This means you can’t send an encrypted email to someone who is not a ProtonMail user. At most, you can notify them that an encrypted message is waiting to be retrieved (see above). I wonder if that will ever change; it would be convenient for users already comfortable with the likes of PGP, but it could discourage their free customers from ever coughing up for a paid tier of service. I suppose that’s a feature they could include on the paid tier: paying customers are already paying and don’t need further motivation to use the service.

TL;DR

Whether you

  • need secure private messaging for political or journalistic reasons,
  • are merely trying to not to be the product big internet companies sell to their advertisers, or
  • just like the technology,

try Threema and Signal and their desktop app options for chatting, and consider ProtonMail for securing your email messaging. The techiest among us will get by just fine with PGP encryption layered on top of conventional electronic messaging, but maybe these apps are a lower barrier to entry for friends, family, and colleagues who care about the principles but can’t invest in the learning curve associated with old-school public key encryption.

  1. Haha, “who cares, right?” I fear that some day my employer will force one on me. They’re so cheap and apparently work just fine for things like email and calendaring — the things the company wants you to be doing on their devices. []
  2. of content, but not metadata! []
  3. in-line PGP or PGP/MIME? []
  4. kudos to GPGMail for Apple Mail and the venerable Enigmail for Thunderbird extensions []
  5. encrypt the body of the message however you like, but the headers will remain plain as day []
  6. My server or someone else’s? Either option is OK for me. []
  7. à la PGP []
  8. this means one password does both encryption and decryption. Public key encryption is asymmetrical, using the recipient’s public key to “lock” a message for the recipient and the recipient’s private key to “unlock” it. []
  9. Consider sending it through Signal or Threema. []