My view of the world

This is the new Eastside Cannery casino.

You’ll notice those strange orange fixtures sticking out from the sides of the building. Those are lights, but they’re not just any lights. They’re designed so they change color, fading through the entire spectrum over the course of a few minutes.

These are some sample shots taken from a friend’s backyard.

I hope those rooms have good curtains.

My first HDRi.

- Aperture prefered f/11
- ev .7
- 7 frames
- Jpeg fine
Converted with Photomatix Pro 3

Photomatix will align the frames by matching features or by correcting horizontal and vertical shifts.
You then do tone mapping to create a TIFF file. The software gives you a number of options including white point, black point and gamma with tabs for smoothing and micro contrast.

It was about 11am and the sun was pretty much overhead. In the mornings or evenings the effect is much more dramatic.

I do like the ghost pigeon flying through the top picture. That bird must really have been moving, because the camera was shooting at high speed which is about 7 fps and seems to be about 5 fps bracketed.

— Click on the image for a larger view. —

The back of Sam’s Town about sundown

Samples to show the exposure range.

I read a blog on ZiffDavis with the title eBay has Amazon envy: Cuts fees to get more fixed pricing. It made me consider how long it’s been since I used eBay and why I stopped.

Once upon a time I used eBay with a great deal of regularity. Now I can’t find the auctions for all the buy-it-now crap.

If I wanted to pay retail for a camera, new or used, I’d go to B&H, KEH or Amazon. I certainly wouldn’t go to what is supposed to be an auction site.

I think when you consider the amount of fraud that buyers have to contend with, the seller’s fees, the Paypal fees and the increasing volume of retailers that make finding a real auction item difficult, eBay has created a monster.

Now they’re forcing the little guy out in the name of retail, simply because there aren’t enough dollars in single sales to make eBay the kind of money their corporate greed requires.

eBay is an auction not a retail outlet, and if they can’t make it with the thing that made them rich how do they expect to compete with an established giant like Amazon?

Sigma has come a long way in the last few years. I now own three of their lenses.

====================================================

APO 120-400mm F4.5-5.6 DG OS HSM

21 Elements in 15 Groups
Angle of View 20.4 - 6.2 degrees
Number of Diaphragm Blades 9 Blades
Minimum Aperture F22
Minimum Focusing Distance 150cm / 59.1 in.
Maximum Magnification 1:4.2
Filter Size Diameter 77mm
Filter Size Bayonet-type Hood
Dimensions Diameter 92.5mm X Length 203.5mm
3.6 in. X 8 in.
Weight 1750g/61.7 oz.
Corresponding AF Mounts SIGMA, CANON, NIKON, PENTAX (1*, 2*), SONY (1*)
====================================================

I’ve had my 120-400mm Sigma for a couple of weeks now and have decided that I like it.

The HSM works great and in the park on a sunny day, stopped down to f/11 the autofocus is fast and sharp.
However:

–The problem with trying to quantify a thing like bokeh is that, except in extreme cases, it’s a matter of personal preference.

As a general rule glossy magazines expect the background to be effectively invisible, while newspapers are not nearly that fussy and your Aunt Jane, while looking at a portrait of her favorite niece, probably wouldn’t notice a slightly out of focus Mime.

The limitations of this lens are pretty much what you would expect from any lens with similar specs. And keeping in mind that I don’t shoot for poster size prints, I find the picture quality to be excellent.

Basically this turned out to be a great all around lens.

I wouldn’t hesitate to take it to a daylight auto race, although my old Tamron SP 200-500mm f/5.6 manual focus would be my first choice, but soccer under the lights in a park is pretty much a wasted trip.

I received 2 emails asking for a more detailed explanation of Bokeh:
I recommend you read Ken Rockwell for a far better explanation.

I discovered an interesting feature of the Nikon 18-200mm lens that I use as a general purpose “walk-around” lens.

If you have it extended beyond about 20mm and point it down the lens doesn’t “creep” so much as race to 200mm.

I was pointing in straight down to get an aerial view of a small object when I took my hand off the zoom ring. the next thing I know the lens is extended all the way out. –That’ll mess with your composition and for a split second, your mind.– I’ve experienced this on heavier lenses but was surprised to have it happen with this plastic lens.

This is hardly the end of the world, but it’s a little disconcerting. If you’re trying to shoot something that requires a small amount of tilt or steadying you need to find a way to do it without using your “free hand.”

As I look at my new toy and wonder why I hadn’t noticed this before I remember a zoom I used to love. It was a Nikkor 35-105mm that I used as a general purpose lens on my Nikon FE, it was worn, rattly and had enough creep that I almost instinctively compensated, but took good pictures, in fact I still have it.

Beyond the creep, which is nothing more than a minor annoyance in a world full of minor annoyances, it’s a beautiful general purpose lens.

I use it for what i refer to as drive-by shootings. I roll down my windows and point the camera at anything that looks vaguely interesting. When I get home and throw it into Photoshop I know that I’ll delete at least 80% and of the remaining 20% I know 90% will be mediocre at best, but once in a while I find a gem.

Back in the film days I composed nearly every shot because I not only had to develop the film, I had to change rolls every 24-36 frames.
– God I love digital.

While I wouldn’t suggest this lens for high end work, for websites or family albums it’s great.

CNET, LAS VEGAS–A federal judge on Saturday granted the Massachusetts transit authority’s request for an injunction preventing three MIT students from giving a presentation about hacking smartcards used in the Boston subway system.

The Electronic Frontier Foundation, which is representing the students, anticipates appealing the ruling, said EFF senior staff attorney Kurt Opsahl.

The undergraduate students had been scheduled to give a presentation Sunday afternoon at the Defcon hacker conference here that they had said would describe “several attacks to completely break the CharlieCard,” an RFID card that the Massachusetts Bay Transportation Authority uses on the Boston T subway line. They also planned to release card-hacking software they had created, but canceled both the presentation and the release of the software.

U.S. District Judge Douglas Woodlock on Saturday ordered the students not to provide “program, information, software code, or command that would assist another in any material way to circumvent or otherwise attack the security of the Fare Media System.” Woodlock granted the MBTA’s request after a hastily convened hearing in Massachusetts that took place at 8 a.m. PDT on Saturday.

Also released as part of the public record was a document marked “confidential” and written by the researchers that explains exactly how the Charlie cards can be cloned and forged. “Our research shows that one can write software that will generate cards of any value up to $655.36,” the document says.

The document also discusses the lack of physical security at the MBTA. “Doors were left unlocked allowing free entry in many subways,” the document says. “The turnstile control boxes were unlocked at most stations. Most shocking, however, were the FVM control rooms that were occasionally left open.”

One portion of the MBTA’s legal complaint that drew jeers from the Defcon crowd came in its odd claim that “A CharlieTicket standing alone constitutes a ‘computer’” under federal antihacking law.

This is an interesting court order in that it redefines the word “computer”. If this order stands the usb drive in your pocket will become a computer. Your debit card will become a computer and so will your drivers license.

What to do if you are a government or quasi government agency and have a broken system:

• Step one is to pretend there’s nothing wrong.
• Step two is to wait until the problem becomes public knowledge and then loudly deny that the problem exists.
• Step three is to “look into the problem” while continuing to deny that a problem exists.
• Step four is to try and muzzle whoever pointed out the problem by insisting that they broke the law by exposing the problem, and are in fact criminals.
• And the one thing you never do is fix the problem, voluntarily or otherwise.

The basic problem with the CharlieTicket and its’ ilk lies in the RFID approach.
A man in GB proved that he could capture data and clone a passport with little difficulty.

Anything that can be read without physical contact is a security liability. These devices are not in service to protect the consumer as various federal agencies have claimed, but rather to make it easier to track individuals.

The latest RFID technology can be read from 2 or three feet away, making it easier for retailers to track sales vs visits. And for groups like DHS to track where we go and when we go there.

This is from the Black Hat convention and translates as: We’re pretty much screwed.

(NYT)… On Friday, a Russian physicist demonstrated that the emergency fix to the basic Internet address system, known as the Domain Name System, is vulnerable and will almost certainly be exploited by criminals.

The flaw could allow Internet traffic to be secretly redirected so thieves could, for example, hijack a bank’s Web address and collect customer passwords.

In a posting on his blog, the physicist, Evgeniy Polyakov, wrote that he had fooled the software that serves as the Internet’s telephone book into returning an incorrect address in just 10 hours, using two standard desktop computers and a high-speed network link. Internet experts who reviewed the posting said the approach appeared to be effective.

The basic vulnerability of the network has become a heated controversy since Dan Kaminsky, a Seattle-based researcher at the security firm IOActive, quietly notified a number of companies that distribute Internet addressing software earlier this year.

The root of the problem lies in the fact that the address system, which was invented in 1983, was not meant for services like electronic banking that require strict verification of identity.

“They are relying on infrastructure that was not intended to do what people assume it does,” said Clifford Neuman, director of the Center for Computer Systems Security at the University of Southern California. “What makes this so frustrating is that no one has been listening to what we have been saying for the past 17 years.”

And my favorite paragraph:
“Others remain skeptical that the more secure approach is practical for the wider commercial Internet, because it requires more computing power and because it would be hard to get the whole world to adopt it.”
In other words: It’s too much trouble to fix it so why bother?

Microsoft is blocking the word Tibet from their Hotmail addresses.

An Australian author of a book on Tibet with the title of Our Tibet received the error msg:

An M$ spokesperson had a different explanation:
The company blocks usernames that include the names of various financial institutions. This is meant to make life harder for those seeking to impersonate a bank using an official-looking e-mail address in order to steal customers’ passwords. In this case Microsoft is blocking usernames containing “tib,” apparently to protect customers of TIB Bank in Florida.

I checked and now the error msg has been changed to say that the name -any name containing the three letter combination of “tib”- is unavailable.
–OK guys. This is already all over the net, so isn’t it a little late to try and fool people?

Microsoft’s list of financial institutions is not very comprehensive or foolproof — “etrade” and “wells-fargo” both work.

About 10 or 15 years ago I tried to help a company set up their first website. Their domain name contained the word jewelry. The software at the isp wouldn’t let them use their domain name as their site name because it contained the letters “jew.”

This is expected from a small company running low cost software, but M$ with their effectively unlimited budget could at least write a more effective set of filters.
…..Nah, that would require that they think things through instead of taking the simplest least efficient approach.

I maintain a domain that is blacklisted by the Hotmail servers. –Almost 5 years ago our email server was hijacked and used to send spam. The problem has long since been dealt with and we don’t show up on anybody else’s blacklist but I have given up on trying to get M$ to remove us from their system. Evidently that would mean that a real live person would have make a decision and I doubt that their automatic software will allow that.
–Dave? Dave? ♫ Daisy, Daisy….♪

This sort of stupidity is what happens when you rely exclusively on an automated a system with no simple way to deal with exceptions.

All they have to do is set it up so a person can submit a name to a live person for an exception.
–Never mind. That means they would have to provide “customer service” instead of mindless automation.

Dan Kaminsky discovered a way for malicious hackers to hijack DNS and re-direct people to fake pages even if they typed in the correct address for a website.
After publicly announcing a flaw in the DNS system and suggesting patches, Mr. Kaminsky, speaking at the Black Hat conference in here in Las Vegas, said fixes for the flaw in the net’s Domain Name System (DNS) had focused on web browsers but it could be abused by hackers in many other ways.

In his lecture Mr Kaminsky detailed 15 other ways for the flaw to be exploited.

Kaminsky also said that 75% of Fortune 500 companies have fixed the problem while around 15% have done nothing.
—I wonder what happened to the other 10%?—

Taking a different tack, VeriSign which issues many of the security certificates used in SSL, said the whole thing was nothing but hype. They maintain 2 of the 13 master DNS servers and say they’ve long since engineered around the problem.
–That’s only 2 out of 13. And why do the “I’m invincible” statements worry me?–

Mr Silva at VeriSign went on to say that even though patches have been put in place, this doesn’t mean users can sit back and relax.

“The biggest gap in security rests between the keyboard and the back of the chair,” he said.
–Amen brother–

“Social engineering -because there’s no patch for stupid.”

From the Washinton Post:

Federal agents may take a traveler’s laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.

In April, the U.S. Court of Appeals for the 9th Circuit in San Francisco upheld the government’s power to conduct searches of an international traveler’s laptop without suspicion of wrongdoing. The Customs policy can be viewed at: http://www.cbp.gov/linkhandler/cgov/travel/admissability/search_authority.ctt/search_authority.pdf.

For the basis of the court’s ruling consider the Supreme Court decision in US v Flores-Montana, 541 US 149, which held that complete disassembly and reassembly of a car’s gas tank didn’t require reasonable suspicion.

Having traveled in and out of this country for years I had always assumed that everything you brought across the border was subject to search. I see no difference between a laptop and your suitcase.

What bothers me is the jack-boot mentality that exists and is encouraged by those people at the top.

The TSA once tried to confiscate a MacBook Air because they didn’t know what it was.

Are these people any better trained? And how much legitimate data will be lost and how many laptops will they lose or ruin?

I see nothing wrong with a reasonable search, but giving some technologically impaired knuckle dragger that kind of power is wrong.

Pretty soon business travelers will be taking lessons from the smugglers just to find ways to get their data home safe.