Recently took a trip to Lankester Gardens to take photos of Diana
I really love the photo above. The following photos were taken on film.
-LM
Recently took a trip to Lankester Gardens to take photos of Diana
I really love the photo above. The following photos were taken on film.
-LM
Recently had a session with a couple of friends and we took the trip to the Lankester Gardens in Cartago
Karol has been featured before on this blog and it's always awesome to take photos of her and her interesting clothing designs
First two photos were taken digitally and the following photos were taken on film
Really like the Lankester Gardens as they offer quite a lot of different places where photos can be taken
More photos will be posted later this week.
-LM
Karla is my wife and we've been married for a little more than 2 years as I write this and I've been able to capture a couple of portraits of her...mostly because she isn't the type that will sit for a couple of minutes while I take the photo
Interesting to look back at all of these photos and remember what we've been through. All of the photos in this post were taken with my 3 film cameras throughout various points in our life. Like the one that was taken at our friend's wedding
Or the one where she's sitting at my parent's house's stairs whilst pregnant with our first daughter
Some I can't simply remember when they were taken...
And then there are these two which are the most recent ones and when she told me that I never post the photos I take of her :)
-LM
This talk will provide a quick but intense introduction to the R Language: a free software environment for statistical computing and graphics. It is open-source (mostly GPL-2), available for several platforms, and thrives in Linux. The talk will be largely example-driven, with plenty of takeaway material and code examples. I’ll argue that it’s simply the right language for data exploration and statistical analysis, and is particularly fantastic for graphics and code development. I’ll conclude by introducing the package management system (and the Comprehensive R Archive Network — CRAN) and the C/C++ interface.
More Information:
About Jay Emerson:
Jay Emerson is Associate Professor of Statistics, Yale University. Jay teaches both graduate and undergraduate courses and often includes timely real-world problems and examples in his lectures, an intersection of teaching and research. For example, he collaborated with the Wall Street Journal in uncovering the infamous stock option backdating scandal, and he demonstrated a design flaw in the new scoring system used for international figure skating competitions. He has worked on Bayesian change point analyses and created the “generalized pairs plot” for the R Statistical Programming Environment. He has worked towards a scalable solution for statistical computing with massive data, extending support for the management, analysis, and exploration of massive data sets in R.
After the meeting … Join us around 8:30 PM or so at
House of Brews
After the meeting … You may wish to join up with other NYLUGgers
for drinks and pub food. This month we’ll be over at House of Brews
(302 West 51st St. – 8th Ave), but we are also evaluating other
options for the future and welcome your suggestions.
http://www.houseofbrewsny.com/
Directions from IBM: http://goo.gl/VUdO1
Spaceport America is “the world’s first purpose-built commercial spaceport”. Wonder what it looks like? You can now find it on OpenStreetMap, one of the many things I’ve been mapping in New Mexico’s barren & isolated Jornada del Muerto. I’ve indicated various Spaceport America structures, like the state-of-the-art Terminal Hangar Building and Spaceport Operations Center. I’ve yet to accurately locate Spaceport America’s vertical launch pad, which has been in use since 2007.
No, it’s on Bing Maps, Google Maps, or any of the other Web mapping competitors—just in case you needed a reason why crowd-sourced geodata (or VGI) can’t be beat.
Want an aerial photo of Spaceport America? Over on Flickr I’ve a screencap from the USDA’s public-domain NAIP 2011 release, pretty much the only source for high-resolution imagery of the middle of nowhere.
I will be hosting a meeting of OWASP Long Island on Thursday, February 16th, at Adelphi University. We will continue with the hands-on lab exercises that we started in December.
Seating is limited, so be sure to sign up soon after the announcement goes out on the OWASP-LI site. More information regarding time and place will be made available on that site also.
Chef is a platform for building automated application infrastructure.
This talk examines infrastructure as code, the evolution of a typical
application’s infrastructure over time, and how Chef’s strategy to
configuration management makes it easy to develop, scale and change.
Example code will be examined showing how to achieve emergent
topology, and contrasts Chef with other CM strategies such as golden
image cloning.
More Information:
About Sean OMeara :
Sean OMeara is Technical Evangelist for Opscode, and worked as a
Systems Administrator for over 13 years.
After the meeting … Join us around 8:30 PM or so at
House of Brews
After the meeting … You may wish to join up with other NYLUGgers
for drinks and pub food. This month we’ll be over at House of Brews
(302 West 51st St. – 8th Ave), but we are also evaluating other
options for the future and welcome your suggestions.
http://www.houseofbrewsny.com/
Directions from IBM: http://goo.gl/VUdO1
Not the first session I do where the main subject is a car...or cars as was the case on this session
First we have the Audi which belongs to a coworker. Gotta say that this is one of my favorite photos from this session.
Then we have the BMW which belongs to the friend of the coworker. This was taken on Fuji Superia 400 and then converted to B&W on post-process.
For this session I took out my Mamiya RZ67 camera and used a roll of Kodak Portra 400. And finally a shot of Julio.
-LM
by Robert Menes (noreply@blogger.com) at November 22, 2011 07:10 PM
I hosted the local Long Island chapter of OWASP last night at my place of work for a hands-on evening of playing around in a bring-your-own-laptop lab environment. I had set up an virtual infrastructure that was so vulnerable to attack that it almost looked like a real work place.
For this session, the OWASP guys provided bootable BackTrack 5 RC1 DVDs, and I provided the virtual machines, a switch, power, networking cables, etc. After a brief introduction, we got started right away.
We went through a number of hands-on exercises, ranging from quick exercises with the Metasploit Framework and the w3af to arp poisining and dsniff. After having identified some credentials on the wire, we did some hands-on exploitation of a SQL injection flaw, and we mucked around a bit more with other "features" in this custom-developed web app. All in all, we managed to covered about 6 examples of the OWASP top-10. Around 10:30pm, we called it quits and wrapped up for the night, but not after having agreed to a to-be-continued sessions some time in January.
As a firm believer in hands-on learning (in addition to studying texts), it was very satisfying to see how quickly participants who may have never even used a Linux distribution, took to getting into "breaking stuff". As everything was running on a virtual infrastructure, participants did not have to be afraid to cause accidental damage, and that showed ;)
All-in-all, I think we had a good time. Next time, I'll make a few more tweaks and bring a slightly more powerful server for the VM infrastructure, but that's about all that needs to happen to take this show on the road.
A few weeks ago, I started listening to another podcast: WHY? Philosophical Discussions About Everyday Life, hosted by philosopher Jack Russell Weinstein.
Listening through the backlog, I found an excellent show, Episode 28: “On Liberty and Libertarianism” with guest James Otteson. In it, Jack and James philosophize about so-called “Libertarianism”, talking about how government should relate (or not relate) to both social and moral issues.
One of James’ fantastic talking points was on traffic. In short, all the rules and regulations that both drivers and pedestrians must follow are dehumanizing. Destroying the human connection between driver and pedestrian takes the social issue of road sharing and turns it into… well, something else, where drivers and pedestrians no longer need to think—it becomes a matter of just reading signs, staying within lines, and blindly following the guidance of blinking lights.
In the show, they discuss a Finnish town with a high number of traffic accidents. The town removed traffic lights, stops signs, and other regulatory sundries and traffic accidents went down.
They’re beginning to do the same on London’s Exhibition Road in the UK:
The idea is that when driving zones are heavily delineated, drivers tend to be on autopilot, focusing on other cars rather than pedestrians or cyclists. That’s why London has so many guard rails on either side of pedestrian crossings, preventing pedestrians from straying into the road where they’re not supposed to. But 10 years ago, Kensington and Chelsea experimented with removing the railings from Kensington High Street and found that the number of pedestrian accidents dropped by 60%. It seems that when drivers are forced to be more aware and pedestrians are forced to take more responsibility for themselves, everyone is safer. Rules, it seems, were counterproductive.
Interestingly enough, The Guardian publishes this in the Arts & Design section and describes the movement as liberal. In my opinion, it’s anything but. Leave it to the Europeans to re-pioneer freedom & common sense.
In September, I was asked to deliver a guest lecture on network forensics to a group of undergraduate criminal justice students with very few format computer science of networking training. This one ranked fairly high in my list of interesting challenges, so I decided to pick up the gauntlet.

The class took place last week and went fairly well. The group was relatively small, but I was able to connect with them and get some interaction going. I started out by asking the people there what "the network" looked like; for illustration purposes, I had brought a patch cable and a switch. At this point, students started to realize that it may be a little problematic to acquire a network patch cable ;)
I proceeded by explaining that a typical network infrastructure has very little persistent data, and that the technology must be prepared ahead of time to capture useful data data is forensically sound. We spoke briefly, and at a very high level, about networking, IP addresses and ports, which flowed into the concept of a "Pen Register and Trap & Trace devices for the network" Enter: netflow".
At this point, it was time for an exercise and I provided the students with two Excel files. One file contained an excerpt from an inventory database, and the other contained 15 minutes of (actual) netflow data from a single sensor. The 15 minute window amounted to a spreadsheet with about 650,000 lines. The assignment was to identify which computers in a specific lab were interacting with Gmail at a specific time. My objective was to show the level of detail that we can obtain by just looking at flow data, AND the sheer size of the data set that we have to deal with.
After netflow, we went on to full packet capture. It was evident very quickly that the students would be wholly unable to deal with that by themselves (remember: these were criminal justice students without much computer science and/or networking experience!). Instead, I demonstrated the solution to a scenario for them that revolved around the theft of a company's intellectual property. The file that was leaked was called 'ProductDesign.zip'.
While preparing for class, I had set up a hypothetical workgroup network with one server and three employees. The server was an email hub (webmail, imap, pop), a secure file storage, and a department directory.
The employees were John- a senior engineer, about to retire on a very small pension, Mary, who just married somebody from the Ukraine, and Janice, an intern pursuing a marketing degree.
The first step towards the solution was inspection of the web server logs. They revealed that exact time that John downloaded the file in question. Further scrutiny revealed that the file was downloaded from Mary's PC.
At this point, I asked for hypothesis. We got some very interesting ones!
However, looking more closely, we can see that Janice's PC might have had a remote desktop connection open to Mary's computer. At this point, we have all three employees as possible suspects.
Going back further in time, we identified that Janice phished Mary and John under the pretense of assisting the IT department with collecting preferred usernames/passwords that would be set after weekend maintenance.
Janice is now prime suspect.
Looking at what happened after ProductDesign.zip was downloaded, we see that less than 10 minutes after one of the downloads, Janice sent an email from her work account to an anon23@evil.local that listed "it is done. I have a copy on my USB disk".
From a network forensics perspective, we have now identified a possible suspect, and pointed out two machines for forensics analysis (Mary's PC and Janice's PC).
The session took about 2 hours and included a tour to a networking closet ;)
All in all, I think the students picked up a few things.
I did save the virtual machines and the packet capture, so if you are interesting in doing something like this, feel free to let me know and I'll see what I can do to get the artifacts to you.
Although I admit that I am not entirely sure why, I am one of those people who enjoys obtaining professional certifications. I am brave enough to admit that ego might have something to do with it ;)
At the time of writing the post, I hold CISSP, GCIH, GCFA, CISM, CISA, and OSCP certifications and all of them are in good standing. That means that I have paid the annual dues, maintain my continuing professional education, and live up to audit standards.
However, staying in good standing takes efforts, and the more time I spend thinking about it, the more I am considering dropping the CISM and the CISA. The CISM was helpful when I took responsibility for a complete information security program, but now that I have a few years under my belt, I don't think it adds much value anymore. The same is more or less true for the CISA certification. While studying for the certification has been tremendously helpful to better understand how audit processes work, I don't ever expect to be an auditor.
So, at this point, CISM and CISA do not add much value to me, and I believe that I am at a point in my career that I don't need to distinguish myself by maintaining a laundry list of professional certifications. While ISACA (the certifying body for CISM and CISA) organizes local chapter meetings, I don't really feel drawn to them.
SANS certifications appeal to my inner geek; they demonstrate a level of technical understanding and, in some cases, may demonstrate some hands-on skills. The SANS certs also allow me to teach, which is one of my passions. Keeping them active is pricey, but I guess all hobbies have their cost.
That leaves the CISSP. The one thing that I have benefited from with the CISSP was that it helped me to develop an understanding of the width of the information security field. And, as sad as it is, CISSP certifications are too often a prerequisite to make it past HR filters. As the certifying body, (ISC)2 has never delivered anything of value to me.
Will dropping my CISSP make it harder for me to transition to another job, if I would ever want to do so? I don't know, but I am afraid it might.
Could (ISC)2 be doing a better job? You bet! But, in order to do so, it will need to change. Change is hard, and often needs new blood. Maybe it is time for (ISC)2 to shake things up a bit and appoint a new generation of leadership. Not coincidentally, (ISC)2 is currently in the process of electing their new board, and I believe that one candidate especially would be a very good choice to play an important role in that change.
It is for that reason that I endorse Wim Remes to run as candidate for the (ISC)2 board of directors. Please check out Wim's platorm at http://blog.remes-it.be/petition.html. If you are a CISSP in good standing, and if you also believe that (ISC)2 could do a better job at serving the community, please head over and consider Wim's platform.
As a mentor and a teacher, it is great to see your students grow up and do something useful with their lives.
Well done, Matt! How cool is it to see your name in the BlackHat speaker list? I look forward to seeing Hacking Chrome OS.
Time flies when you are having fun. Before you know it, another year has passed and Black Hat USA and Defcon are here again.
Like previous years, I will (attempt to) fly to Las Vegas to attend all of the Black Hat Briefings and some of Defcon. Ceasar's Palace is probably going to be awesome, and if the Rio improves the Defcon experience enough that I don't feel like I'm in a meat locker, I might try to attend the whole thing again next year.
As always, the programs for both conferences look fantastic. There will be some great speakers, and I'm sure there are going to be some not-so-great ones too. That's ok; that's part of the charm of both cons.
This year, I really don't have a strong agenda of what talks I want to see, and who I really need to meet up with. If you're around and feel like hanging out for a bit, feel free to shoot me an email, or catch me on Twitter. Right now, my plans are to arrive Tuesday morning and leave Friday afternoon.
If you are interested in getting trained in Hacker Techniques, Exploits, and Incident Handling by me, please take a look at this announcement. Once again, I have teamed up with SANS to bring their Security 504 course to Long Island. We will start classes on December 8, and will continue for a good 10 weeks on Thursday night from 7:00 p.m. - 9:00 p.m.
SEC504 is a class that will benefit any experienced system administrator, network administrator, developer, or information security professional who has a responsibility to protect their organization's computers, networks, or intellectual property. I will take you through the process that a cyber criminal follows, we will discuss and use(!) a large number of tools to illustrate cyber attacks, and we are going to learn about the incident handling process.
Let me know if you have any questions or comments.
The United States Defense Information Systems Agency (DISA) puts out quite a bit of reasonable information. Some of it is even entertaining!
In particular, I am referring to an unclassified project called Cyber Protect. Cyber Protect is a flash-based network security simulation game in which you take the seat of a cyber security architect and you have to work within a budget to purchase components to defend your network against evil hackers.
While there is a lot of talk about the fact that perimeters are fading, clouds are great (and secure?), and we need to enable ubiquitous computing, the simulation is based on the more traditional network security concept of defense in-depth.
Players get to chose from a wide range of tools to purchase and implement, ranging from firewalls, intrusion detection, access control, antivirus, and encryption products to end-user training, backup and system redundancy.
The game is amusing to play, and it does a decent job of making the point that "stuff" needs to be maintained after it is purchased.
It took me two tries to make it to a 100% score. If you have 20 minutes to kill, check out the product. You can find it at http://iase.disa.mil/eta/cyber-protect/launchpage.htm
As information security officers, it is our job to walk the thin line of implementing (and operating) controls, and enabling our business to do what they are there for in the first place. Often we do so by implementing technical controls that somehow claim that they make us more secure. I am talking about things like intrusion prevention, log management, etc.
While it sometimes may be necessary to have an IPS, a SIEM, and all kinds of other cool technologies in place, the real value that these tools provide is gained when they are handed to a person who has the skill and time to operate them, and who is able to extract meaning from all the different alerts, warning, notifications, and traffic lights that these devices produce and the mere push of a button.
I am a firm believer two of the most important processes that an ISO should take ownership of is creating a network situational awareness process and a good incident response process. In some (most?) environment, these detective/compensating processes might even be more important than preventative processes.
When looking at the preventative side, we all do things like implementing firewall policies, building antivirus capabilities into the fabric of our desktops (and servers), conducting regular vulnerability scans, building a patch management infrastructure and conducting occasional penetration tests. And, as much as these processes are important, they are expensive, slow and painful initiatives to start.
A few months ago, I have started taking a slightly different approach, which I believe will be very successful in the long run. I have started several working groups and some tasks forces. In my thinking, I generally distinguish three main governance structures:
Committees: involve (too) many people who meet in a formal setting on a not too-frequent regular schedule. Committees have broad mandates, are not time-bound, and provide recommendations. A committee does not make decisions, but they provide recommendations.
Working groups: have a clearly defined mandate and address concrete problems. Working groups are typically focused on a large problem that may require smaller task forces to address parts of the overall problem. Working groups meet somewhat frequently in a semi-formal setting. A working group has the potential to continue for a long time, but don't necessarily have to.
Task forces: are similar to working groups, but are more focused. Being on a task force is real work. You are expected to deliver your part of the work, do it well, and do it fast. A task force will have a single objective and work towards that objective without distraction. Once the objective has been met, the task force is dissolved.
The working group of which I am expecting a lot is the desktop management working group. Desktop management is one area in which we (as security professionals) can make major gains very quickly. The mandate of the of working group spans just about any desktop issue, ranging from changing to gold images to new software requests, software deployment strategies, antivirus selection, group policies, process changes, etc.
In the few weeks that the desktop management group has been in existence, we have identified several parties who are directly affected and who did not have a real voice up to this point. Now that they are part of the working group, we have seen several improvements already.
The turn-around time to our clients has improved, as has the consistency of the response that they are getting. Internal communications have improved.
By making some simple changes, I believe that we have already reduced our exposure. In the long run, my role as information security officer will decrease to that of a participant, and a more logical role will take the lead.
However, the fact that we have this group now is something that I feel has improved our security. And that is what this job is all about.
Today, every OS in the world requires regular reboots in order to be up to date and secure. Since reboots cause downtime and disruption, sysadmins are forced to choose between security and convenience.
Until Ksplice. Ksplice can patch a kernel while the system is running, with no disruption whatsoever. We use this technology to provide Ksplice Uptrack, a service that delivers important security and bugfix updates to your systems. (It’s free for Ubuntu Desktop and Fedora, and is also a free feature of Oracle Linux Premier support.)
In this talk, we’ll provide a detailed look into how the Ksplice technology works and how the Ksplice Uptrack service works, at a technical level primarily targeted at system administrators and developers, but largely accessible to the average user as well.
More Information:
About Waseem Daher:
Waseem Daher is a Senior Director of Software Development at Oracle. He joined Oracle through the acquisition of Ksplice, where he was cofounder and COO. He received both his BS and MEng at MIT, and he lives and works in Cambridge, Mass.
After the meeting … Join us around 8:30 PM or so at
House of Brews
After the meeting … You may wish to join up with other NYLUGgers
for drinks and pub food. This month we’ll be over at House of Brews
(302 West 51st St. – 8th Ave), but we are also evaluating other
options for the future and welcome your suggestions.
http://www.houseofbrewsny.com/
Directions from IBM: http://goo.gl/VUdO1
Do you use Meetup and upload multiple photos regularly, but hate doing it?
Meetup has an multiple-photo feature that uses Adobe Flash, but as you can expect of Flash it’s not particularly reliable or stable. There no reason to put up with Flash’s nonsense—HTML5 includes a multiple-file upload control, well-supported by the latest Web browsers. Unfortunately, despite my posting a wishlist item (please vote!), Meetup has done nothing to support it.
So I did it myself: if you use Chrome or Greasemonkey/Scriptish for Firefox, install this user script: Meetup: HTML5 multiple-file upload for photos.
Once installed:
Enjoy uploading your photos without Flash’s crashing, errors, or mayhem!
A note: if you use Firefox, you won’t be able to know how much you’ve uploaded (unlike Chrome, Firefox has no built-in upload progress meter). Try the Upload Progress add-on to keep tabs on your uploads.
Are you blind (like me), but you still want to use Firefox’s new Web Console? Yeah, maybe you’ve noticed that the Web Console has abnormally small fonts with no obvious way to adjust them.
I’ve created a new user style that makes Firefox use your configured monospace font (I use Inconsolata), and also lets you configure font size.
jQuery UI, a Javascript widget framework built upon jQuery, comes built-in Drupal 7 core. One of jQuery UI’s nicer features is that you can switch themes by changing out a CSS file.
There are some nice jQuery UI themes out there (unfortunately, not enough!), like Tait Brown’s port of Aristo to jQuery UI (see demo).
But since jQuery UI is in Drupal core, which internally keeps track of CSS files, how do you switch the jQuery UI theme in use?
The Seven theme, including with Drupal core, provides inspiration on the “one true Drupal way” of doing this, by providing hook_css_alter(). Place into your theme’s template.php:
function MYTHEME_css_alter(&$css) {
if (isset($css['misc/ui/jquery.ui.theme.css'])) {
$css['misc/ui/jquery.ui.theme.css']['data'] = drupal_get_path('theme', 'MYTHEME') . '/jquery.ui.theme.css';
}
}
Replace “MYTHEME” with the name of your theme, and adjust the path to your jQuery UI theme’s CSS file accordingly (the above assumes you place jquery.ui.theme.css in the root folder of your theme).
With this magic in hand, I now have the Aristo jQuery UI theme running on this blog. Looks quite a bit better!
This post was inspired by an answer I posted on StackExchange.
Besides visiting the Ujarras Ruins a couple of weeks ago we also paid a visit to the Prusia Forest that's part of the Irazu Volcano park. The photo above was taken near the Carlos Duran Sanatorium while we waited for a friend that was also going on the photowalk with us.
A view of the abandoned sanatorium which isn't regularly seen, unlike the rest of the place which has been photographed hundreds of times. Would have liked to have taken the photo from a lower angle but the gate prevented that.
On our way to the forest we stoped to take a couple of landscape photos.
We finally arrived at the forest and decided to ditch the trails that were layed out and instead photograph an area of the forest which seemed more interesting.
Quite excellent example of nature taking back what it belongs to it
And a final frame from the forest
-LM
Recently took a trip to the local amusement park with some co-workers and decided to take my Nikon FM10 along with a roll of Kodak Color Plus 200 film
I wasn't going to simply spend my whole day taking photos of my co-workers but simply snapshots of day mostly because I wanted to have fun and relax
We did make a stop for some coffee since it was somewhat early that we arrived at the park. These two photos were also taken in the color film but were later converted to B&W because the light was too low in this area and they simply looked way better in B&W
We did stop for a couple of portraits along the way
Before going to another ride and for two co-workers to get their face painted, I actually took this chance to document the process of one of my friends getting her face painted
The lady that did the makeup told us that the style that my friend choose was a bit more complex than what my friend wanted, mostly because it involved having her whole face painted orange but my friend decided that it was best not to and simply go with a more basic version
Really love the photo above and I feel that making it B&W really makes it more timeless. And this is the finished product
She of course had to convince another friend to get half her face painted
-LM
Marielos is a friend photographer that I met on a photowalk that I had organized a while back. For this session we decided to visit a street of abandoned buildings which have graffiti all over them and while we were walking around we found an entrance to one of the buildings.
Karol then explained to us that this used to be a bar several years ago that she would visit and told us some stories and where some of the entertainment and other things were. The photo above was taken behind the bar, I was actually stading on the part of the bar where everyone would ask for the drinks.
Really love the above photo and it's mix of nature taking over and the cement of the place.
These photos were a mix of ISO 200 and ISO 3200 only to be reminded that I was shooting Kodak Portra 800 and not Kodak Portra 400 but despite that I really love the results that I got out of that roll. Shooting it at ISO 3200 and developing it at ISO 800 doesn't over saturate the colors but instead gives awesome colors.
-LM
Took a bit of convincing but finally manage to get Marisol to pose infront of the lens of my Kiev 88CM for a couple of photos. While we waited for Karol to arrive we took a stroll through a park in San Jose and captured these two photos.
Marisol is a friend from work that I met a couple of years ago when I started getting into taking photos of activites at the office.
-LM
Late last week, Mozilla’s Identity team made available a Firefox extension for BrowserID, a new browser-oriented single-sign on mechanism. Click a button in your address bar and automagically login into a website.
Along with it they made available a browser session API—that is, the browser can now keep track and show whether you’re logged in, logged out, etc, also displayed in your address bar.
Drupal had a BrowserID module less than 24 hours after BrowserID’s initial announcement (thanks Isaac Sukin!). Likewise, in the weekend after the session API announcement I helped out and wrote a patch adding support for the new API.
If you’re familiar with Drupal development, install the Drupal module, apply the patch, install the Firefox add-on, and get browser-integrated, one-click login to your Drupal-powered website.
The patched module is running live on this site right now, so please play with it (myfavoritebeer.org does get boring).
At the moment, Drupal’s BrowserID module does not create an account on my blog, so you must do that first, separately. Create an account here, or if you’ve an OpenID, logon with your OpenID directly to also create an account (funny how complicated this has gotten already). Make sure to set and use the same e-mail address as the one you use for your BrowserID. After creating an account, logout, and then log back in using your BrowserID. If you’ve problems/find a bug, please leave comments on the Drupal bug or this blog post—thanks!
[UPDATE: 16 Aug 2010]: Drupal’s BrowserID module now includes my patch; you don’t need to download and apply the patch separately.
Planned a day of shooting portraits with a couple of friends and Karol suggested that we pay a visit to this place that she had heard of in Facebook called Casa 927 and how it's all about national artists. Lucky for us they allowed us to spend an hour taking photos anywhere in the house that we wanted which is awesome because this is an old house that has been converted into a cafe and also a place where local artists can display and sell their work.
Pictured above is Marisol in the bathtub of the women's bathroom. Because this used to be a house the bathrooms have a bathtub, no longer used of course, and we found it quite excellent to use it to take photos. Really love the photo above.
Because of the low light situation in the bathroom we decided to break out the flash to continue taking photos. The bathroom also doubled as the dressing room for the girls.
There are some resident artists in the house who sell their art which is made, in some cases, out of recycled materials. Anything from jewelery to knit hats to scarfs to paintings to sculptures can be found there and they also have a cafe and restaurant. Often times they host events at nights such as having local chefs come in and cook for the night or other events relating to local artists.
We then went outside the house to take a couple more portraits. Above is Karol, who suggested the place, posing with one of her designs. She took some courses in clothing design and has been making several pieces of clothing.
The Casa 927, located in San Jose, is open to photographers coming into the house and taking photos, like we did, but it's required to be mindful of other guests that are there to eat at the cafe, or purchase anything from the various stores in the house as well as those just visiting the house to see the paitings on the walls.
The owners of the Casa 927 are warm and welcome all local artists to visit them and have a chat with them. I know we did talk to them about the house and the initiative. Will definitely pay them another visit sometime.
Be sure to visit the Casa 927 Facebook Page for more information about their initiative and activities being held there.
-LM
Recently I went along with a couple of friends to do a photowalk in Cartago visiting key points. First we payed a visit to the Prusia forest, photos of which will be posted when I get the Fuji Velvia 100 roll developed, and then we visited the ruins of Ujarras. The above photo is of the bridge that's located in the site of the ruins and a tree near the river that goes under the bridge.
The ruins are of a church built many years ago, back in 1560, in the city of Ujarras and it was damaged by several earthquakes and floods from a nearby lake. Because of this only the four main walls of the main building exist today and have been reinforced so they will last longer. Because there is no roof water will acumulate in certain parts of the floor in the area.
There isn't much to this place really, it's just the ruins of the church and the green areas around the church so it's more for a picnic or the like.
-LM
I conducted an experiment back when I wrote my HP N36L review: I added affiliate links to both Amazon and Newegg, hopefully to get some revenue without polluting my site with advertisements.
It was successful; I earned enough to pay for a few cups of espresso, at least.
Many authors have PayPal-powered “tip jars” or links to their Amazon wishlist. I’ve now setup the same, but I think it’s unrealistic visitors spend the requisite time or money to use them.
Enter Flattr, a new “social micropayments” platform, a tip jar evolved to work on Web scale. Flattr is a quick and easy way to give back to content creators—including myself. Rather than trying to explain it, watch Flattr’s introductory video. I love the cake analogy.
If you want to get an item from my Amazon wish list, please do! But what if you wanted to contribute less? And why would anyone else want to use Flattr over PayPal?
Well, one, it’s simpler. Users need only click a single button (the Flattr widget) to Flattr me. Also, users don’t need to worry about figuring out how much to give me—Flattr’s “cake cutting” algorithm does it for you. Nothing stops you from donating more, of course.
Second, Flattr’s rates are better. Say you’ve decided to add $10/month to your Flattr account, and you’ve Flattr’ed 10 people, including me. Each of those people will be entitled to $1. With Flattr’s 10% commission, I’d get 90¢; with PayPal’s default fee schedule, I’d get 67.1¢ ($1-($1×2.9%+$0.30)). Big difference. Flattr works well when you’re dealing with small amounts (called micropayments), exactly the niche market they’re trying to fill.
Imagine you’re walking down the street and hear a great musician, to whom you’d like to donate some small change. It’s easy to do in the real world. With conventional payment systems oriented around transactions, this model doesn’t translate. With Flattr, however, the model does—it brings a donation system and ethic present within the real world onto the Web.
PayPal has its own little-known micropayments platform with a better fee schedule, but it requires the receiver to go through a manual approval process to receive a special account. It’s only available in a few countries and has been a “beta” product for years, implying PayPal does not care much about it. Why should they? PayPal, making money on high-value transactions, has little incentive to develop micropayments—not until there’s marketshare and mindshare to steal, something Flattr is building.
Third, with free culture luminaries like Peter Sunde of The Pirate Bay fame behind it, Flattr seems less likely to “censor” recipients, holding funds hostage and even confiscating them, something for which PayPal is notorious. While I’m not worried about anyone censoring my overly-politically correct blog, should I be OK with organizations unfairly censoring others? *cough* WikiLeaks *cough*
Flattr is so nascent, it’s unlikely I earn a significant amount of money. And the meager money I do earn I will probably use to Flattr others. But it’s easy to use, low-risk for myself and visitors, and most importantly I believe in its ethos—so why not?
If you like this post or my blog, please flattr it!
Join us for some fun in the sun at Morningside Park at Noon. We’re having a barbecue.
This is a pot luck event, so bring your favorite drinks, chips and dips or meats/veggies to be grilled. We’re coordinating the goodies at the wiki link below.
More Information:
After the meeting … Join us around 8:30 PM or so at
House of Brews
After the meeting … You may wish to join up with other NYLUGgers
for drinks and pub food. This month we’ll be over at House of Brews
(302 West 51st St. – 8th Ave), but we are also evaluating other
options for the future and welcome your suggestions.
http://www.houseofbrewsny.com/
Directions from IBM: http://goo.gl/VUdO1
Recently went along as a second shooter with a friend of mine who had an engagement session with a really nice couple.
I took the chance to shoot some B&W Ilford film with my Nikon FM10, which I have a love/hate relationship with, and really liked these photos from that one roll I shot. First we stopped by the greenhouse they have near the entrance
And then off to the Japanese garden
We took a trip to the Lankester Botanical Garden in Cartago to take advantage of the beautiful Japanese garden scenes and my friend even got an umbrella that would function as a really nice prop. We expected a nice sunny day, like our last visit, but it wasn't the case instead we have an overcast sky with light rain through out the first part of the session.
Really like that bridge. I think I'm getting a bit better at getting the couple to do a certain pose or action though I still need to explain things a bit better.
Really like her expression on the above photo. I took that photo while my friend was setting up and explaning the scene she wanted to photograph.
There's a small river that goes around the Japanese garden and it had more water than last time mostly due to the rain.
That's Leticia. They met when they worked together a couple of years ago and are getting married this month on the 23rd. And that's Adrian on the photo below
I didn't just bring my film camera along, mostly because I only had one roll of 35mm film left...I know, my bad...so I also brought my digital Nikon D60 along
Really love this next photo which looked best in B&W
Besides the botanical garden we also paid a visit to the ruins of Ujarras
This session was a lot of fun and would definitely love to do this type of sessions again. I won't be accompanying them during their wedding but wish them best of luck on this new part of their lives.
-LM
So, Nokia’s paper-launched their newest flagship phone, the N9.
The N9 is based (well, sort-of, anyway—something many media outlets have gotten wrong) on Nokia’s Linux-based operating system MeeGo, which they’ve been developing in-house for several years. However, in 2010, Nokia decided to switch their flagship mobile phone OS from MeeGo to Windows Phone 7—effectively aborting all long-term plans and products in the pipeline.
This has universally been regarded as a bad move.
The N9 was apparently far enough down the pipeline, and new products based on Windows Phone 7 so far, that Nokia released the device anyway. So far, the N9 is a hit.
The move to the new OS is considered the handiwork of recently-appointed Nokia CEO Stephen Elop. However, an article in the Helsingin Sanomat paraphrases Elop:
In Elop’s words, there is no returning to MeeGo, even if the N9 turns out to be a hit.
So, it doesn’t matter if Nokia’s own products are successful? The business deal made with Microsoft is more important?
I read:
I have taken part in the conversations with the teleoperators and I have been part of the consumer test groups. The feedback has been extremely positive and I am sure that the Windows Phone system will be a great success
And think: teleoperators and consumer test groups are one thing, but what about your own customers and developers?
Lessons learned here: ignore your product, and ignore your customers, and you too can be part of a company as successful as Nokia. Maybe, as CEO, you’ll get your own social media hashtag too.
by Robert O'Connor (noreply@blogger.com) at June 17, 2011 03:55 AM
It is not a big secret (nor a surprise) that I am a big fan of the guys over at Securosis. Not only do I appreciate a lot of the research that they do, I also like their business model very much. They give back to the community much of what they get from it, and that is commendable.
Recently, they have been publishing a series of articles that are very much in my area of interest. The articles have a common theme: incident response. The articles describe in sufficient detail what controls to should be in place to facilitate effective response; examples range from information collection, to escalation processes, and much more.
The ability to respond to incidents, rather than to merely react to them, is something that many organizations lack, but that has the ability to drastically reduce downtime following an incident, and in some cases will prevent intellectual property from being lost and/or damaged.
The articles that they have published to date are:
React Faster and Better: Introduction
React Faster and Better: Incident Response Gaps
React Faster and Better: New Data for New Attacks, Part 1
React Faster and Better: Alerts & Triggers
React Faster and Better: Initial Incident Data
React Faster and Better: Organizing for Response
React Faster and Better: Kicking off a Response
React Faster and Better: Respond, Investigate, and Recover
As time goes on, I hope that Securosis continues its great work and continues to publish relentlessly.
Rockbox is an open source firmware replacement for a growing number of digital audio players. It adds many new features, including playback of many more codecs (including Ogg Vorbis, FLAC, Musepack, and more), plugins, connectivity with any OS thanks to its USB stack (available on most targets), and a great many more features.
Supported targets include devices by Archos, Apple, iriver, Cowon, Philips, Samsung, Toshiba, Packard Bell, MPIO, and SanDisk. Recent development work is bringing Rockbox to Android and Maemo devices in the form of an app.
More Information:
About Robert Menes:
Robert Menes has been around computers since he was a wee lad, starting with a Commodore VIC-20 and LOGO. He has been a Linux user since 1994, and favors anything that runs Unix or Linux. He’s been involved with Rockbox since 2006 writing documentation and some code for plugins. In his spare time, Robert enjoys hardware hacking, movies, photography, good food and beers, urban exploration, and playing the didgeridoo and bass guitar.
I finished a roll of Kodak Ultramax that I had in my Nikon FM10 yesterday while I was in San Jose and decided to drop it off at a local lab that develops 35mm film in half and hour for less than a dollar and saw that they were selling Kodak Ultracolor film so I bought a roll and went to shoot the roll while they developed the other one
Since I finished the roll just minutes after I had purchased it I had it developed in the same lab...wasn't difficult to shoot through the whole 36 exposures in the park where a lot of people were feeding pigeons.
The pigeons here are so used to being fed pretty much anything that they aren't afraid of anyone coming close to them and will even come close to anyone sitting down anywhere in the park so every time I sat down or kneeled to take a photo I had at least one pigeon next to me waiting for me to feed it.
People don't seem to care that these pigeons aren't the most higenic animals around and will sit the children on the ground and throw corn around the kid so they're surrounded by pigeons...many cellphone pictures were taken of this kid.
Some kids even try to catch one...not exactly handled in the best way possible but some kids are seen with one in hand
Or three...I honestly think he was trying to catch a fourth...this next kid was trying to catch another one
Some pigeons will loose their feathers in the process. I think a good series can be made out of this place and kids that interact with the pigeons...
More photos can be seen on the Flickr photostream
-LM

Shortly after Firefox 4’s release, Mozilla announced the move to a channel development model, à la Chrome. On Windows and Mac, builds from these channels update themselves; what about on Linux, where both self-updating software and software outside management of the package manager (i.e. manually installed) is taboo?
If you use Debian, Mike Hommey and the Debian Mozilla Team’s mozilla.debian.net provides packages for the Firefox Stable, Beta, Aurora, and Nightly channels. Be aware that these packages are still labeled Iceweasel, i.e. they lack the official Firefox branding. These packages work on Ubuntu should you want to use them.
What if you want something more Ubuntu-specific? PPAs following each of the channels exist, but they’re not obvious to find.
Nightly builds of Firefox trunk, formerly known as “Minefield” builds, are available in the Ubuntu Mozilla Daily PPA. Remember, Nightly builds receive little testing (e.g. can they build without errors?) and thus may crash frequently. Start using these builds by pasting the following into your terminal:
sudo add-apt-repository ppa:ubuntu-mozilla-daily/ppa sudo apt-get update && sudo apt-get install firefox-trunk
Firefox’s new build channel, Aurora, has builds that have had more testing than those from Nightly. Builds from the Aurora channel are available from the firefox-aurora PPA, which you can use with:
sudo add-apt-repository ppa:ubuntu-mozilla-daily/firefox-aurora sudo apt-get update && sudo apt-get install firefox
The Beta channel, containing builds that received more testing than Aurora and are (mostly) ready to be released, is available in the firefox-next PPA:
sudo add-apt-repository ppa:mozillateam/firefox-next sudo apt-get update && sudo apt-get install firefox
Lastly, if you want to follow the Stable channel, consider sticking with what’s available in Ubuntu’s normal repositories. Ubuntu has a (new) policy to bring stable Firefox updates to Ubuntu releases more quickly. If you really want to be testing the next Firefox release, try the Beta channel above. If you still want the “bleeding edge” of stable, there’s the firefox-stable PPA, which will go away soon, and Ubuntu’s Mozilla Security Team PPA, within which packages only remain until they are moved into the main archive.
Notice that the Aurora, Beta, and Stable channels contain packages of the same name: “firefox”; this means:
Packages in the Nightly channel, however, are named firefox-trunk and can be co-installed alongside builds from another channel.
To switch to another channel, disable the source with Ubuntu’s Software Properties or delete the appropriate file in /etc/apt/sources.list.d/:
sudo rm /etc/apt/sources.list.d/ubuntu-mozilla-team-firefox-aurora*list sudo rm /etc/apt/sources.list.d/mozillateam*list
Then re-add the appropriate repository to switch to a desired channel.
Hopefully, with easy-to-use PPAs available for each of Firefox’s build channels, more people, including you, will test these builds. Go forth and test!
Long time friend that I met several years ago during one of my tech visits to the high school where I studied at. I talked to her recently and asked her if she'd like to model for me and she accepted.
We didn't really go anywhere special for this session as nothing huge was planned so I took the photos around my apartment. I asked her to come over during the afternoon as the light would be much softer.
She liked this photo because she loves watching TV while sitting that way...or so she told me
The above photo took me a while and a lot of work to get it to a point which I liked it. At first I thought it would only work in B&W but took my time to make it work in color as that was the original idea. Lit by ambient light that was coming in through the window in the room and underexposing the film about a stop or two because the meter was reading 1/60th and my Kiev 88CM doesn't close the second curtain at that speed. I like the photo a lot though I believe it would really benifit with the use of fill flash on the right side.
-LM
This is the second part of the session that we had on the bus, which can be seen here, and it involved a quick trip to a nearby entrance which had several trees which looked great.
This was the same place where Karol's session was done. She liked the hat that I had hanging on a wall so we brought it along for the session.
Also a couple of photos from the bus session
And this next one if my favorite from these two, really love the angle on this one
-LM

A couple weeks ago, Mozilla released Firefox 4 Mobile (née Fennec) for both Android and Maemo.
I’ve had an Android phone since 2008 and honestly, I’ve never browsed the web on my phone as much as I have in the past few months when I started using Firefox 4 Mobile. It really is that much better! Here are my thoughts (focused on the Android version) on why.
Firefox 4 Mobile’s number 1 killer feature is Sync, which syncs tabs, logins, browser history, and bookmarks across multiple devices. The most useful of these are logins and browser history.
It’s a complete pain to type user names and passwords on mobile keyboards, exacerbated personally since I practice good security and use a different password for each site on the web. Because Firefox Sync makes available on my phone all the passwords I’ve saved on my desktop, I never need fumble entering or remember anything anymore.
I use the web quite a bit (who doesn’t?), proof of which is my 15 MiB history file. Sync makes available that same browsing history, everywhere. Having your browser history available to do simple things like coloring visited links purple really makes a difference (e.g., think about looking through apartment listings on Craigslist).
Having history available also powers Firefox 4 Mobile’s Awesome Bar. I don’t need to remember exact URLs anymore, or rely on a search engine—I can just start typing a keyword and Firefox’s Awesome Bar automatically searches URLs and page titles of pages I’ve visited, just like it does on the desktop.
As a freedom-loving, free and libre open source software advocate, another bit about Sync I love is that it is an autonomous web service. That is, you can download the server-side component of Sync and run it yourself, should you not trust Mozilla.
Google has a Sync-like feature in Android 3.0 for its built-in web browser and Chrome for your desktop, but so far nothing is available for anyone stuck on older versions of Android. It also isn’t autonomous—you’re locked into trusting Google.
Firefox 4 Mobile has much better HTML5 support, in the sense it supports more New & Exciting Web Technologies (NEWT), such as CSS3, SVG, and new Javascript APIs.
Firefox has dropped vendor-specific prefixes for many CSS3 properties, including border-radius, box-shadow, text-shadow, etc. All in all, it makes your CSS that much more clean.
There’s support for SVG, only recently supported in Android 3.0.
There’s support for notifications via a proprietary API. Recently landed in Chrome 10, it’s still missing (AFAIK?) in Android 3.0, even with 3.0’s rich notifications support.
The iPhone has had multi-touch Javascript events (think pinch-to-zoom, essential for mapping widgets) since its debut, but multi-touch support and support for such events is missing from Android, even though Android was introduced much later. Firefox 4 Mobile has had multi-touch support since last year, though it does not support gestures, like the pinch-to-zoom event (patent concerns?). Even without gestures, nothing stops you from implementing gestures yourself. Firefox Mobile also is leading the way in supporting the (draft) W3C TouchEvents specification.
A good overview of the other HTML5 features Firefox 4 Mobile supports is Mozilla’s HTML5 & Friends demo
Firefox 4 Mobile also supports add-ons. While I haven’t found the need for any, there are some neat ports, like Adblock Plus Mobile. Expect the list of add-ons to grow quickly.
When Firefox 4 Mobile was in beta, Mozilla didn’t do a very good job alerting people to its high system requirements. However, on release, a supported platforms and systems requirements page is first and foremost. A summary: you need a phone with at least 512 MiB RAM. The official builds require an ARMv7-generation processor (or more specifically, one that supports ARM’s Thumb instruction set), but there are unsupported builds for older ARMv6 devices that have enough RAM (e.g. T-Mobile’s MyTouch Slide, aka the HTC Espresso). Not to gloat, but Firefox 4 Mobile for Android works great on my T-Mobile G2.
Firefox 4 Mobile’s previous name was Fennec 2.0, a name I much prefer. But somewhere along the way, Mozilla decided to take a page from Microsoft’s marketing playbook—home of atrocities like Microsoft Windows Live Mesh and Microsoft Windows Server Base Operating Systems Management Pack for Microsoft Operations Manager 2005. What makes it worse is disambiguating Firefox 4 Mobile for Android and Firefox 4 Mobile for Maemo means you’re using 5 words for a product title. For web developers, fortunately, Firefox 4 Mobile still keeps the keyword “fennec” in its user agent screen for easy detection.
In my opinion, the best software keyboard for Android is Swiftkey (proprietary software, unfortunately). SwiftKey crashes when used with Firefox 4 Mobile… SwiftKey hasn’t been very helpful diagnosing the problem (it is SwiftKey doing the crashing!) but Mozilla has fixed the SwiftKey crash on their own, available by Firefox 5 Mobile, if not 4.02.
So, go download Firefox 4 Mobile now from Mozilla’s landing page if you’ve not done so already. You can also get it from the Android Market, or, if you don’t or can’t use the Android Market, get the latest Firefox 4 Mobile release from Mozilla’s FTP site instead. If release versions are not bleeding edge enough for you, consider the Nightly or Aurora build channels instead.
Also, if you’re playing Mozilla’s Spark, please tag me!
UPDATE MAY 20: I forgot one of Firefox 4 Mobile’s most unique features: Electrolysis. One of Google Chrome’s best features (conspicuously missing from Android’s browser) is its multi-process architecture that keeps each tab in a separate process. If a tab crashes, that’s all that crashes — your browser stays running!
These are other photos from the photowalk we had several months back. First the greenhouse they have at the entrance of the park which is mostly dedicated to the orchid flowers and it's mostly maintained by the Universidad de Costa Rica (UCR).
I guess it wasn't the right time as most orchids weren't in bloom. There are other flowers and plants being grown and kept in this greenhouse such as the one pictured above.
A couple of trebols were groing on the ground of the greenhouse, I don't think they were planned
Some plants are hung from the roof
I like these because of the wooden box they are placed in
And some of them are hung from the other tables
-LM
Since I’ve become a photobug and licensed those photos under the Creative Commons, I’ve been getting a lot of requests for reuse. After all, that’s what CC-licensed content is for!
The “BY” bit in CC licenses, which stands for attribution, means authors/creators must be attributed if you decide to use a work. It does not specify how a work should be attributed or cited (though, there are some guidelines in CC’s FAQ), leaving it up to the owner of the work—which is the way it should be, of course.
Flickr does a terrible job letting people know how to attribute works. If you’re reading this, I’ve probably directed you here asking how I’d like you to cite or attribute any of my photos.
If you’re just using a photo, simple add a line like this somewhere near the photo, with the appropriate hyperlinks:
Name of photo, linked to Flickr photo page © Samat Jain, used CC BY-SA 2.0.
If you’re creating a derived work (that is, you modified the photo in some way), please use:
Derived from Name of photo, linked to Flickr photo page © Samat Jain, used CC BY-SA 2.0.
Summarized in an example:
Hyperthyroidism the morning (with zits!) © Samat Jain, used CC BY-SA 2.0.
Now, a rant on why I ask all for all this. There are just two reasons:
Lastly, if you decide to use a photo, please let me know! I like to keep track of these things, and may link back to your use of my photo. Thanks!
The Internet is abuzz with talk about solid state reliability right now (see a recent article by Jeff Atwood). Random, catastrophic failures aside, how can you know how much life you’ve eaten into your SSD?
If you’ve an Intel SSD, it’s pretty easy; they export a S.M.A.R.T. attribute “Media Wearout Indicator”. Starting at 100 (new), the attribute decreases to, well, zero. Forget how to do that on Linux? It’s easy:
$The SSD in my laptop is at 98, and my oldest SSD in another system (from mid-2009) is at 97. Yours?
On to the real news: the OpenStreetMap project has switched their tile rendering server to an SSD (hopefully making tile renders much, much faster). A newer, consumer-grade MLC-based Intel 320 Series 600 GB SSD, in fact. Conveniently, OpenStreetMap monitors their servers with Munin, which by default graphs all S.M.A.R.T. attributes, including Media Wearout Indicator.
Other than the initial import of the tile rendering database, OSM tile rendering does not consume many write cycles. But it definitely hammers the disk to death on reads. Keep a lookout on these graphs to see how their SSD ages over time. Don’t forget to contribute to OpenStreetMap yourself so we can see that number go down a bit quicker (I’m pretty sure OSM doesn’t mind!).
Note: Toby mentioned to me that all the values appear to be pegged at 100. Most of these attributes are dummy values—only “Media Wearout Indicator” and “Available Reserved Space” appear to change with normal use.
After I did the session for Georgeanela I also took the time to do a quick session for Karol, who did the make up for Georgeanela's session, and it was intended to be a look book style session
The dress she's wearing is her own design as she has gotten interested in designing clothing after she started taking a design course...or so I heard
This was a rather quick session. Though we might be having several other sessions later on.
-LM
A while ago I had planned a session which involved a bus and a girl in a long dress, luckily I found a neighbor that drives a bus and talked to him about allowing me to use the bus to take some photos to which he agreed.
Once I had the bus I had to get the girl that would model for the session and after a post on Facebook I got in touch with Georgeanela and she agreed to model for the session and even to get the dress.
Besides the model I spoke with another friend that agreed to do the make up for the session.
We also took the chance of getting some photos outside the bus
All of the above photos were taken with the Kiev 88CM using Kodak Portra 400 film.
Model: Georgeanela
Make-up: Karol
Photos: Luis Murillo
-LM
I finally got several rolls of film developed and scanned. About a month ago I took a trip to the Lankester Gardens in Cartago, Costa Rica for a photowalk with a couple of friends.
One of the main attractions of this place is the Japanese garden, I honestly think that it's the only attraction worth visiting the park for, and they have 3 main buildings in that area which are styled as traditional Japanese structures.
In the above photo we see the main entrance to the Japanese garden and also a glimpse of the first structure in the background.
Besides the traditional structures there is a bamboo forest and I have to add that it's great to listen to the sound they make when there is wind.
Besides the structures and the bamboo forest there are some really nice paths within this area. Such as the one pictured above where a fellow photographer posed for the photo.
The third structure is a tradditional Japanese house, pictured above in the background, and the visitors are asked to remove their shoes before entering the house.
A fellow photographer was taking self portraits inside this house and I also took the chance to get a portrait of him sitting in the middle of the house.
There are some nice bridges as well. I still have more photos from this photowalk that I have to scan so I'll post them when I get them scanned.
-LM
Have you ever wondered what the “BY” in Creative Commons’ licenses (e.g. CC-BY, CC-BY-SA, and CC-BY-SA NC) stands for?
The other bits in the license name are obvious, for the most part:
“BY” is confusing because it’s not an acronym, shortening of a word, or anything otherwise obvious. But buried in the Creative Commons FAQ, it’s mentioned it stands for attribution.
If all Creative Commons require attribution (except CC0), why is it included in the license names (especially the abbreviations) at all?
Have you run out of file descriptors for Transmission? The torrent will be stopped (for no apparent reason), and when you examine it, you’ll see an error similar to:
$ transmission-remote -t 1 -i | grep -i 'open files'
Unable to save resume file. Too many open files.
Time to increase the number of file descriptors available. This article is tailored towards Debian and Ubuntu.
It’s unlikely you’ll need to raise your system’s global limit. Check with:
$ cat /proc/sys/fs/file-max
397460
The OS needs a couple thousand file descriptors for itself. Make sure to make space for them with whatever numbers to choose below. In my case, I’ve more than enough.
If you still need to raise your system’s limit, you can easily; to set it to a million (which will be remembered across reboots):
sudo sh -c "echo fs.file-max=$(dc -e '2 20 ^ p') > /etc/sysctl.d/file-descriptors-max.conf sudo service procps restart
While you may not need to change your system’s global limit, you probably will need to change the limit for your users. Check that limit with:
$ ulimit -Sn 1024 $ ulimit -Hn 1024
If you’re working with hundreds of torrents (each with dozens to hundreds of files) with Transmission, this isn’t enough. To let a user have a few thousand (in the below example, 16,384, with 128 more for the hard limit), create a new file /etc/security/limits.d/debian-transmission.conf:
sudo sh -c "echo debian-transmission soft nofile $(dc -e '2 14 ^ p')" > /etc/security/limits.d/debian-transmission.conf sudo sh -c "echo debian-transmission hard nofile $(dc -e '2 14 ^ 2 7 ^ + p')" >> /etc/security/limits.d/debian-transmission.conf
Replace “debian-transmission” with the user that is running Transmission.
For the changes to go into effect, you need to logout completely (e.g. close multiplexed SSH connections, etc), and log back in again. Or to be sure, just reboot to make sure changes kick in. You’ll see you have many more file descriptors available:
$ ulimit -Sn 16384 $ ulimit -Hn 16512
Now, we need to configure Transmission to use this many. In /etc/transmission-daemon/settings.json, find the open-file-limit option and set to a larger number (e.g. 16000 or so). When done, restart transmission-daemon:
sudo service transmission-daemon restart
If you’re not running Transmission as a system user, edit the right settings.json and restart the daemon appropriately.
That’s it. Have fun!
Well I've actually done a couple planned sessions previously but none like this, the others were more like what came up the day we went to take photos but in this case I was a more planned out session where I actually planned what most of the session was going to look like
I asked all of my Facebook followers if they wanted to pose or knew of someone who would be interested in posing for a shoot in a long dress and a friend of mine told me about one of his friends that might be up for the shoot and luckily she was. These photos were taken using my digital camera and were just meant to be tests to make sure the settings would be right, back in the film only days this was referred to as polaroiding because instead of digital cameras it was Polaroid film and cameras that were used.
The first part of the session, and this was the original idea, was in a bus that a neighbor owns and he was nice enough to let us use the bus for an hour or so so we could take a couple of photos.
The above photo is a bit of the behind the scenes during the shoot in the bus. Another friend signed up for the make up and also assisted in throwing ideas on the table about poses and styling. Not to mention that she also went in front of the camera for the second part of the session.
For the second part we did a bit of brainstorming for locations as it wasn't originally planned and we saw a couple of trees from my house so it was decided that we would make a quick trip to the place pictured above where we would carry out the second part of the session. This was after a quick change of clothes.
Had a lot of fun on this session and already have a couple of ideas for future sessions. I'll post the photos that I took with my Kiev 88CM as soon as I get them scanned.
-LM
I recently gave a photography course at the office so my coworkers could get some nice cameras and know how to use them correctly so they could practice we did a small photowalk to a nearby park
Most of the photos I took were near the ground, I really like this perspective
It works best with trees. Quite difficult to take photos with ISO 400 film and a really sunny day, need to get a ND or polarized filter for the Kiev 88CM
I really love the next photo of the bench
Really love the fact that the shadows beneath the bench still keep their detail
The swing set does make a great place to photograph and specially close ups like the one below
I think I should make a print of that last photo.
-LM
I've visited this place before and have also taken some photos of this place using ISO 3200 film but this time I used a roll of Ilford HP5+ using the settings 1/30th @ f/2.8 and developed the film at ISO 400. According to my light meter I shouldn't be expecting anything to come out from this roll when using those settings...but it was wrong
I really love the resulting images specially since I used the new method that I found when scanning the film, it's not groundbreaking and it probably is what I should be doing from the start but I wasn't and I get much better results, all I'm doing different is not hitting the auto-exposure button...told you it wasn't groundbreaking
The amount of detail I'm able to obtain from each photo is just much better this way.
The market is quite full on Saturdays, the second photo on this post was taken in one of the back hallways where there's nothing much to do, and one will often find tourists visiting the place because of how different it is. I honestly believe that people think I'm a tourist because I'm taking photos in there with not your usual camera.
A lot of people enjoy eating in the different places that sell food in the market. It's not all that bad though I'm not really fond of eating there...though I did once and it was good.
Of course people also come to buy meat and other food as it tends to be cheaper than supermarkets or other specialty places.
Vegetables are also found here though it's often best to get them at the farmer's market that usually happens Saturday mornings, though in some cases it's on Sunday, as fruits and vegetables are more fresh
I'm not really fast at focusing with the Kiev 88CM so I often get caught while I'm focusing...though have not gotten in trouble I usually loose the moment and end up with a photo of people looking at me
And finally another photo of the barber shop
This time with the barber and a customer...so I got caught again and in this case I don't think he was that happy with me taking the photo or maybe he was but was wondering what exactly I was doing.
-LM
These are a couple of photos that I've taken randomly while out on the streets of Heredia using the Kiev 88CM
I usually take the shortcut through the university on my way to the bus stop where I take the bus that takes me to work, I could take another bus that takes me there but I hear that walking is good for you and it's also good to take photos along the way. This tree is inside the campus.
Sadly during the weekends the shortcut is unaccesible due to the fact that the university closes the gate which allows me to take the shortcut so I have to take the long way. The photo of the fire hydrant is near the tree above but on the other side of the gate.
This past weekend I spent the hole day scanning the film I had gotten developed earlier in the week and found that the auto-exposure option is bad and it's best to do the whole work manually, specially since I can take the time, to be able to get as much detail as possible in the resulting photos. I still need to work on it a bit more but I can honestly say that I'm quite happy with the results I'm getting with this method than using the automatic options.
One of the walls of a building from the university is quite interesting and I took the chance to take a portrait of my wife.
This wall is near where I work and I go by it everyday not to mention that I've taken a photo of this wall before. The roll of Ilford HP5 that was used to take that photo was pushed to ISO 1600.
On my way back home, which is after 6pm, I took the chance and got a photo of the fruit and vegetable store that's on the corner where I wait for the bus that takes me to Herdia. This was taken at 1/30th @ f/2.8 which is usually the settings I would use for night photos at ISO 3200 but proves to be a good setting for low light, I'll talk more about this on a future post with photos of the market.
This is a pizzeria that's across from the bus stop where I take the bus that takes me home. Local place which sells good pizza and it's relatively cheap. Also taken with the same settings as the one above.
More photos will be posted later this week.
-LM
As Etsy grew in traffic and engineering resources, fear crept into the
deployment process. At one point, code was only being deployed once
every 2 weeks; with planned outages! As of March 2010, Etsy is
deploying to production up to 40 times a day with almost 70 engineers
- all of whom can “push the button”. How did we get here? How do we
manage it? Are we nuts??
We will be covering:
More Information:
About John Goulah:
John Goulah has been working in New York City over the last several years for a number of web sites in both technical and management roles, as well as the co-founder of several startups. Having spent much of his youth touring in rock bands and hacking from the road, he is no stranger to crowds, be it a smoke filled room or presenting to the company board. He strives for non mundane tasks and has automated himself out of his last few endeavors, which has landed him in his current role as an Engineer at Etsy, the leading marketplace for
handmade goods.
About Erik Kastner:
Erik Kastner has given presentations large and small, from the international Rails conference to informal company brown-bags. He strives to find the laziest way to get things done – even if it ends up being a lot more work. Automation, exploration and the simple joy of building underpin just about everything he does. Other than a couple of strange and dream-filled years in San Francisco, Erik has lived in New Jersey his whole life. He works at Etsy in Brooklyn hand-crafting code, arts and tools.
After the meeting … Join us around 8:30 PM or so at
TGI Friday’s
After the meeting … You may wish to join up with other NYLUGgers
for drinks and pub food. This month we’ll be over at TGI Friday’s
(677 Lexington Avenue & 56th Street, second floor, northeast corner), but we are also evaluating
other options for the future and welcome your suggestions.