[syndicated profile] krebsonsecurity_feed

Posted by BrianKrebs

Not long ago, I was working on a speech and found myself trying to come up with a phrase that encapsulates the difference between organizations that really make cybersecurity a part of their culture and those that merely pay it lip service and do the bare minimum (think ‘15 pieces of flair‘). When the phrase “security maturity” came to mind, I thought for sure I’d conceived of an original idea and catchy phrase.

It turns out this is already a thing. And a really notable thing at that. The graphic below, produced last year by the Enterprise Strategy Group, does a nice job of explaining why some companies just don’t get it when it comes to taking effective measures to manage cyber risks and threats.

SecurityMaturity

Very often, experience is the best teacher here: Data breaches have a funny way of forcing organizations — kicking and screaming — from one vertical column to another in the Security Maturity matrix. Much depends on whether the security professionals in the breached organization have a plan (ideally, in advance of the breach) and the clout for capitalizing on the brief post-breach executive attention on security to ask for changes and resources that can assist the organization in learning from its mistakes and growing.

But the Security Maturity matrix doesn’t just show how things are broken: It also provides a basic roadmap for organizations that wish to change that culture. Perhaps unsurprisingly, entities that are able to manage that transition typically have a leadership that is invested in and interested in making security a core priority. The real trick is engineering ways to influence the leadership, with or without the fleeting momentum offered by a breach.

At last week’s RSA Security Conference in San Francisco, I had a chance to meet up with Demetrios “Laz” Lazarikos, the former chief information security officer at Sears. Now founder of the security consultancy blue-lava.net, Laz spends a great deal of time trying to impress upon his clients the need to take the security maturity model seriously. Here’s his sliding scale, which measures maturity in terms of preparedness and expectations.

Source: Blue Lava

Source: Blue Lava

I like Laz’s models because they’re customized to every organization, breaking down each business unit into its own security maturity score. The abbreviations in the graphic below — SDLC and PMO — stand for “security development life cycle” and “project management office,” respectively. Dark red boxes (marked with a “1”) indicate areas where the organization’s business unit needs the most work.

Source: Blue Lava Consulting

Source: Blue Lava Consulting

Laz’s security maturity hierarchy includes five levels:

  • Level 1 – Information Security processes are unorganized, and may be unstructured. Success is likely to depend on individual efforts and is not considered to be repeatable or scalable. This is because processes would not be sufficiently defined and documented to allow them to be replicated.
  • Level 2 – Information Security efforts are at a repeatable level where basic project management techniques are established and successes can be repeated. This is due to processes being established, defined, and documented.
  • Level 3 – Information Security efforts have greater attention to documentation, standardization, and maintenance support.
  • Level 4 – At this level, an organization monitors and controls its own Information Security processes through data collection and analysis.
  • Level 5 – This is an optimizing level where Information Security processes are constantly being improved through monitoring feedback from existing processes and introducing new processes to better serve the organization’s particular needs.

Where does your organization fit in these models? Are they a useful way for getting a handle on security and increasing maturity within your organization? Has your employer recently moved from one security maturity level to another? If so, tell us what you think prompted that shift? Sound off on these or any other thoughts on this subject in the comments below, please.

This Week

Apr. 27th, 2015 12:00 am
[syndicated profile] accidentallyincode_feed

Posted by Cate

IMG_9088

Life

Last week in Bogota, so I took a couple of days to do some final exploring, and then caught a flight to Santiago.

Bit wrung out after the previous week, which was Intense and ended with a breakup. Trying to be kind to myself and just go to the gym when I want to cry… although twisting my ankle – twice – didn’t really help with that plan!

Caught up with friends, one of whom agreed to run away to Rio with me which is exciting. Realised I had mostly made flippant remarks about South America but a big part of why I came was was wanting to escape from tech industry bullshit. So even though it is a little lonely, and arriving alone in a new place is a bit overwhelming I’m trying to remember that. And to stay present rather than worrying about where I’m going to go in June!

Work

Finished up an article which is coming out next week, shipped a new build on iOS and a bunch of client stuff. Need to figure out how to balance that with getting my own stuff done!

Media

Watching more Gossip Girl, reading Professional Android 4 Application Development. Read Confessions of a Public Speaker, The Birthday Party, Just a Family Affair.

All links Amazon.

Published

A new edition of Technically Speaking is out.

On The Internet

Sunday Sweets: Pretty As A Princess

Apr. 26th, 2015 01:00 pm
[syndicated profile] cakewrecks_feed

Posted by Jen

Fun Fact: A Disney princess cake doesn't always have to have the princess on it!

You could just use her color scheme and accessories, like Snow White's apples here:

(By Cacau 2 You)

And look how elegant, with that intricate lace work!

 

Of course, it doesn't get more iconic than Cinderella's glass slipper:

(By Charlie's Cake Shop)

Love that detailing!

 

You see a lot of bakers now dressing up a traditional tiered cake in the Princess' dress and crown -
and I approve:

(By The Cake Store)

Aurora's white collar works perfectly here, and check out the subtle "seam lines" on the top tier, which match her dress' bodice!

 

This Ariel cake? SO FUN:

(By Cakes By Joanne)

I'm completely smitten with those soft pastels - and THAT TAIL! Hee! Am I right?

 

Here's a brilliant collection of props for Belle:

(By Tammy's Frosted Memories)

Most Belle cakes only have the rose, so it's cool to see the stained glass and mirror, too!

 

Would you believe I not only found a Mulan cake, I found a GORGEOUS Mulan cake?

(By Pastry Chik)

So perfect! From the hair comb to the pattern on her folded robe!

 

I've always loved Tiana's dress colors, but the extra purple flowers here really make the bright greens sing:

(By Mama Nena's Cakes)

Ah! SO SWEET.

 

Now, get ready to laugh:

(Found here. Anybody know who made it?)

Ha! Grumpy Pascal is my new favorite thing. :D

(Although Rapunzel's braid border & dress lacing are brilliant design touches.)

 

Another great dress design for Merida:

(Baker unknown. Help?)

And the three bear brothers give it that perfect dose of D'awwwww.

 

Last but not least, the most popular princesses right now:

(By Cuteology Cakes)

Elsa & Anna!

(Though technically I guess only Anna is a princess now, with Elsa being queen.)

I am so, so impressed with Elsa's dress texture, and how the crown ties the two together. Beautiful!

 

Hope you enjoyed! Happy Sunday, everyone!

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

[syndicated profile] epbot_feed

Posted by Jen


Time to share the fruit of my shopping labors from MegaCon 2015's Artists' Alley! And hey, my gain is your gain, since I collected lots of prints for the give-away board!

I don't think I'll be able to fit everything into one post, but let's see how far we get, shall we?


Starting off with a new find for me: Jacob McAlister of You Found Jacob, who does some ridiculously fun pop portraits:




I kept coming back to stare at that fabulous squinty-eyed Stitch, and finally bought a small die-cut sticker of him to frame. You can get one at Jacob's Etsy shop for $4, or all his prints are only $14 each. Lots more to see there, too!


Check out these graphic wood block designs by Brian Demeter:


 Aren't they great? There are a few more - King Kong & Silver Surfer - on his blog, too.

By the time I stopped to chat with Brian on Sunday he'd pretty much sold out of everything, and I don't see any of these in his online store. Lucky for you guys, though, he donated an Enterprise print for the give-away board!


On Sunday John asked Kate Carleton for a last minute commission of Claptrap - and then *I* asked her to throw in Tiny Tina's bunny, too.

In like 20 minutes, BAM! We got this amazingness:

 AND I LOVE HIM SO MUCH.

Kate's been experimenting with a new style lately, so she donated this Baymax print for the board:
 Isn't he sweet?

  I don't see that one on Kate's site yet, but check here for lots more of her prints starting at just $5.


(Btw, I should point out that I NEVER solicit donations from artists. Everyone here volunteered prints on their own - often as a thank-you for a past feature - and then I put 'em on the board to share the love. Just wanted you guys to know that. :))

K, moving on...

John and I went a little crazy at Nick Minor's booth, since he had a special going. I really love these black-and-white's of Booker & Elizabeth:


 And I haven't even played The Last of Us, but I *still* wanted this one:


We ended up with 2 prints of this Toothless: one for John, and one for you guys:



Plus this cute Harley & Batgirl, which you can't get from Nick online anymore:


Head over to Nick's Etsy shop for lots more. All of his prints are 11X17, and cost just $10!


For my fellow steampunk fans, Amy Williams' "Clock Ship":
Although I think I like her Angler Zeppelin even better:

Plus I've had Amy's Raygun set hanging in my office for years now:

Her prints range from just $6 to $15, so go see the rest at her online store!


Remember my friend Christie Cox's "Dogtor Who" print? Well, now she's made one for Star Trek!

"Dog Trek"! I love how she captured the personality of each character - especially Data & Wesley. :)

Christie also donated that one for the board, or you can grab one at her Etsy shop for $10.


I had to buy this big Supergirl poster from Jessica von Braun (formerly Jessica Grundy):
It's no longer in her online store... but this fabulous dino is!
 In fact, her Etsy shop has over five HUNDRED prints to browse, with ACEOs starting at just $3. Shopping heaven!


Omigosh, these turtles by Gladys José, you guys:


I'M IN LOVE.

And this Baymax!

 And Mabel & Dipper from Gravity Falls!


 Best of all, these are all just $10 each at Gladys' Etsy shop. Woot woot!


Uh, I hope you guys aren't tired of Baymax yet, because LOOKIE:

Squeeee!

Kristen Pauline sold out of these during the con - that's what I get for not grabbing one when I had the chance! Arg! See more of her work over on Tumblr, and cross your fingers she'll start selling online soon.


John commissioned a baby Vader from our friend Nathan Szerdy (you know him from his adorable Toothless print), and just like with Toothless, Nathan turned our original drawing into a digital print for you guys:

Death Star Rattle ftw.

Watch for Nathan at your local conventions, since he doesn't sell online. (Grrr.) Or be sure to comment below, since I've got one of these babies to give away!


Whew! I think I'm only about halfway through my MegaCon stash, but I've got to end there. (These posts are surprisingly time-consuming to put together!) You'll just get the rest next month. :)

***

Now, GIVE-AWAY TIME! As always, comment below for your chance to win your choice of art from that Pinterest Give-Away Board I keep talking about. Lots of new stuff going up over there, too, so take a looksie and find some new favorites!

IMPORTANT: be sure to mention in your comment if you'd like any of these 4 pieces below, since I'm picking 5 winners again this month:





In addition to one "wildcard" winner, four of you will get one of those, which are the oldest prizes still on the board. (Some of those are original pieces of art, too, not prints!) Just tell me which one(s) you like in your comment.

(You'll notice a couple are repeats from last month, since two of my five winners never claimed their prizes. GRRR. So please, guys, remember to check back to see if you've won!)

I'll announce my randomly selected winners here on the blog in a few days, and it will be tacked on to the end of a post - not a separate post on its own. And yep, I gladly ship internationally!

Happy commenting!

[syndicated profile] sumana_feed

cover of 'Hackster'

I am glad I read Hackster: The Revolution Begins..., a technothriller by Sankalp Kohli and Paritosh Yadav taking place in modern-day India. It's plotty and passionate and tense, and it's about Indians to whom India is the center of the universe. But it's also got major problems. Here are some quotes:

It was now time to attain answers. And he had found his answers in SNAGROM -- a device conceptualized by his father, but built and made operational by him with a few modifications to avenge the death of his patriotic father who had sacrificed his whole life for the progress of beloved country, India, only to be publicly humiliated and pronounced a terrorist with links to Pakistan's ISI by the ruling party of India, The Democratic Alliance Party. [p. 23]


Mr. Bedi, Vikram's father, was a scientist. He had the unique ability to solve problems by using concepts of one domain, into an altogether different one - something which most academicians couldn't do. His papers and theories on early meta-systems had brought a fresh perspective and direction into the scientific community. In his papers, he reduced the bigger problems into simple ones. He put it very simply, a meta-system is a system based on other systems. [p. 35]


Arjun could feel this guy getting to him.... he was not a person who took even the smaller defeats sportingly. For him defeat was accompanied by a splurge of vengeance. [p. 68]


"It seems like he had conceptualized a system that replicated the modern day concept of Big Data trackers and used it to come out with trends which were closer to reality." Vikram whispered to himself. [p. 78]


But, was it all because of one man? How could a single man cause so much havoc? It must have been 'the system'. [p. 111]


For ten years, he had used his peculiar ability to suppress all sorts of mutiny within the alliance with an ease that always surprised everyone around him. Nobody had ever seen him running across the country to meet the influential people in times of crisis. He would simply make a private phone call and follow up the next day. The matter would be resolved. [p. 152]






So I didn't love the prose or the characterization. And one plot thread in Hackster disproportionately bothered me.

In the scene below, two guys are investigating a break-in by Vikram, a super-elite hacker. Vikram broke into the Srinagar police department's "criminal database" to remove his friend Ashfaq's name from "the list of arms dealer with a pending investigation" (sic). Initially, police investigators had overlooked the incursion: "They termed it a routine hack failure." [p. 17-18] But this new anti-cybercrime unit digs deeper. For context, both authors of Hackster have MBAs, one "in the field of telecom technology," and in the Acknowledgement they thank someone for cybersecurity advice.

"He deleted one entry and then used a jumbler on all the others."

"So?"

"After deleting the entry, he covered his track by jumbling up the names of all the people in the list. I tried running a point to point match between the shuffled copy of this list with an older correct copy, but none of the names matched. In short the whole list is corrupted, and we will not be able to make anything out of it easily. It is a long list. It has too many names. This guy is a genius." [p. 51-52]

But then Aarti, a top-shelf cybersecurity expert, succeeds at extracting the name "Ashfaq Ahmed Karim":

"He didn't know that entire data of servers of police department gets automatically stored in tape drives at the end of each month. These tape drives are detached from the servers and are stored in a secret location. I took out an older version of Illegal Arms Dealer List from the backup tape drives and then wrote a program to match each word of the older list with the newer one and rearranged the new list accordingly."

Sumit and Rao watched her with awe as she continued further, "Even the most advanced computer of ours took two days to complete this activity and give us this one name. This one lead should help us to take a step closer to our target." [p. 82]

My suspension of disbelief at this point broke so hard that it sent shards into nearby brick walls, where they remain, softly vibrating. I'm willing to set aside, for the sake of fiction, how badly guarded this data is, and why does Aarti have to go to the tape drive if there's an older version of the list more readily available, and why are they acting like this is a giant string rather than a set of rows in a table in a relational database and thus amenable to additional forensic techniques. Even so: this kind of puzzle is practically a junior programmer's intro-to-Python exercise. You could do this in bash; you could do it in Excel. And unless the Srinagar police department is tracking pending investigation against literally millions of arms dealers, a bog-standard developer's laptop could run that script in, mmm, 20 minutes.

findmissingname.py is 31 lines including commentsHmmmmmmmm, how long would it actually take? I decided to try to replicate this, without even trying very hard and while listening to a Taylor Swift album on repeat. I took the 417 names from the Nielsen Haydens' old blogroll, put them into a file separated by newlines (bloggers-archive.txt), and then removed one name, and saved the new file as bloggers.txt. Ah but now I want to obfuscate it! So I pulled all the names apart into their component words and shuffled them randomly and then wrote that back to a file (code: obfuscate.py). The new, jumbled list looks suitably forbidding:

Cox
MacLeod
Tami
Laura
Political
Scratchings
David
American
Boing
Farah








My findmissingname.py script does not bother to "rearrange the new list accordingly" because what Aarti really wants is the missing name. findmissingname.py spits out the two words in the missing name, and it takes 0.04 seconds to do so on a ThinkPad. And I'm bone certain I could optimize performance further.

This points to an asymmetry I had not previously noticed regarding what will and will not break my suspension of disbelief. When I'm reading scifi or technothrillers, I am reasonably fine with magic zoom-enhance, encryption, robotics, and other implausible advances. I can deal with it if you have way cooler toys than exist in my world, if you tell me something hard for me is easy for you. But if you try to tell me that something easy for intermediate-skilled me is hard for hella competent world-class experts with best-of-breed gadgets, I laugh, because you're ridiculous.

I am married to a programmer whose code has literally been used to catch an illegal arms dealer. I highly doubt this repository is going to have a similar impact. But hey, I learned something new about my genre reading conventions and I practiced my Python 3.

The Linkspam Agenda (24 April 2015)

Apr. 24th, 2015 08:01 pm
[syndicated profile] geekfeminism_feed

Posted by spam-spam

There are several pieces on the documentary Code: Debugging the Gender Gap today:

  • When Women Code | The Atlantic: “Whatever the case, the film’s director, Robin Hauser Reynolds, traces how American culture has shaped the perception—perpetuated by men and women—that coding is just for men. She offers a history of the technology industry, and conducts interviews with subjects ranging from the White House chief technology officer to teenage girls who are taking after-school coding classes. I spoke to Reynolds earlier this week about how she approached this sensitive—and sprawling—subject, and what she learned along the way.”
  • “Code” and the Quest for Inclusive Software | The New Yorker: “The result of Reynolds’s inquiries was screened at the Tribeca Film Festival on Sunday, with the première of “Code: Debugging the Gender Gap,” a documentary that aims to make sense of the dearth of women in computer science. “Code” has already received disproportionate amount of attention for a documentary by a relatively unknown filmmaker; Reynolds and her film, which was financed partly through a crowdfunding campaign, had been profiled in a number of major publications well before the première, reflecting the broad interest in the tech industry’s diversity problem.”
  • A New Documentary Nails How Terrible It Is for Women in Tech — and How to Fix It | Arts.Mic: “A documentary like Code can only do so much. Its power, however, is in the incredible women who have found success in tech despite overwhelming odds who speak during the film. Seeing them and seeing their work is a clear sign that no matter how difficult it is to effect change, it’s worth it.”

Other links:

  • LGBTQ – Queer Women In Tech Share Experiences: “‘I’m having a lot of second thoughts about the tech industry being progressive in the last five years,’ Joire says. With the tech boom, she’s seeing a lot more opportunists descending on the scene — some of whom are frustratingly narrow-minded.”
  • Now What? How to Create Fair Companies after the Ellen Pao Verdict | Medium: “Innovation in people practices has lagged behind every other dimension of business. Even in Silicon Valley, tech has been leveraged less when applied to people ops than to product development, financial operations, manufacturing, and sales. It makes no sense, in a world where the purpose of a startup is to upend an established business or an entire industry, that every company has the same boilerplate policy. For an industry built on innovation, tech has shown a remarkable lack of creativity when it comes to tackling issues of culture and people.”
  • Who is Sharla P. Boehm? | The Edtech Curmudgeon: “So there it is – Sharla Boehm wrote the code that demonstrated the feasibility of packed-switched networks. You can look up the original paper that she and Baran wrote, and read every line of code that she wrote and see the actual output from her program.” [that is to say, the code that originally demonstrated the feasibility of the Internet was written by a woman]
  • Lindi Emoungu | Women of Silicon Valley: “The exciting thing about tech is that you can use very powerful tools to solve any problem you can imagine. Technology places an immense amount of power in your hands and in your mind. My advice to girls pursuing a future in tech is not to squander that power in exchange for acceptance. The higher you go, the more you will encounter people who will say all of the right things and never advance you. Don’t slow down for those people. Go fast, work hard, be yourself, trust yourself and you will find the people you are supposed to do great things with.”
  • To Promote Diversity, Apple Increases The Number Of WWDC Scholarships | TechCrunch: “To encourage greater diversity amongst its developer community, Apple announced it’s increasing the number of WWDC scholarships this year which provide students and developers the opportunity to attend Apple’s Worldwide Developers Conference taking place this June in San Francisco. Last year, Apple offered 200 scholarships by working with the National Center for Women & IT (NCWIT). But this year, the company says it has expanded its list of partner STEM organizations to more than 20 and will also increase the number of scholarships offers to 350.”
  • How to Fail at Coming Out Stories in Comics | Bisexual Books: “On April 22, 2015, comics retailers far and wide will be selling copies of All-New X-Men #40, which, spoiler, features the coming out of a major character from Marvel Comics’ original five X-Men (sort of): Bobby Drake, AKA Ice Man. On the one hand, I want to be loud and supportive, and to celebrate this wider diversity. But on the other hand, they do a really, really offensive crap job of it.”
  • So You’ve Been Publicly Scapegoated: Why We Must Speak Out on ‘Call-Out Culture’ | Feministing: “The publication of Jon Ronson’s So You’ve Been Publicly Shamed is the culmination of a recent trend: people of means and privilege engaged in well-remunerated shallow handwringing about “public shaming,” particularly through social media.”
  • Women Startup Competition and TeleSummit | Women Who Tech: “We’re excited to announce the first annual Women Startup Challenge, a crowdfunding competition in partnership with Craig Newmark of craigslist and craigconnects and investors Fred and Joanne Wilson.”
  • What Happens When There Are No Boys in the Room: A Report from Robyn’s Tekla Conference | Pitchfork: “For Robyn, making Tekla girls-only was about seeing ‘what happens when there are no boys in the room—maybe a girl decides that she wants to play the drums, and she wouldn’t if there was a boy there. A different dynamic happens, it frees the situation from some restrictive behaviors for girls. We’re rarely in a girl group when we just allow each other to play around and try stuff.’ She didn’t have a gateway to this arena as a kid, but ‘my parents used to have a theater group and they were on stage a lot, so that became something un-dramatic for me. I think that’s what it’s about—when you develop an interest, it usually comes from an environment that de-dramatizes things. Because then you’re able to find your own entrance into it.'”
  • Houston, We Have A Problem. | RUBY-WAN KENOOBIE: “I’m now at the point where ‘diversity in tech’ has become synonymous with white women. And I’m here to raise the red flag.”
  • Quantifying Silicon Valley’s Diversity Issue | WIRED: “At 27, Tracy Chou has become a leading voice for women in the tech industry by using data to call attention to how few of them are employed as engineers. She is an accomplished coder who had already worked at Facebook, Google, and the question-and-answer site Quora before arriving at Pinterest. And nearly two years ago, she took the simple but provocative step of uploading a spreadsheet—to the code-sharing platform Github, naturally—that companies could use to make public the number of female engineers in their ranks. The goal: to identify the scope of the problem as a first step toward making a stronger commitment to address it.”

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

[syndicated profile] epbot_feed

Posted by Jen

Last week I got up, put on some pants, and staggered into my closet to find a shirt to wear.

As I stood there, yawning and scratching and being generally lady-like, something caught my eye. I turned my head slightly, and came nose-to-nose with a giant lizard, clinging to the sheer fabric that serves as my closet door.

Now, I am a strong, modern woman, and as such I let out a strong, modern shriek before backing into a shoe rack. It was then I realized I was stuck, since the lizard was essentially guarding my only exit.

Eventually I managed to shield myself with the fabric's edge and sidle by, escaping almost certain death by lizard ambush.

I was still shirtless, but now VERY awake, so I did the only sensible thing:

I grabbed my phone, screwed up my courage, and stuck an arm back through the curtain to get a picture.

Because pics or it didn't happen, that's why.

 IT HAPPENED.


Here's where it gets really bad:

I was just considering doing something tragically heroic, when the lizard made a sudden, dramatic leap ONTO MY HANGING CLOTHES, skittered down a ways, and disappeared into the t-shirts.

Text to John: "A lizard just jumped into my hanging clothes in the closet. Time to burn down the house."

What actually followed was three tense days of paranoia, with John dutifully searching my closet several times a day, me triple-checking the bathroom before every use, and the cats being utterly useless.

"You want us to do what now?"


 "Verra busy. Come back laterzzzzzz."


Then, on the third day, EUREKA! But here, you have to hear this in John's own words:





This update was a big hit with our FB friends, and my CW co-writer Sharyn even immortalized it in song:


So, to sum up: after a mad dash that destroyed much of my closet, John *did* catch the lizard, and safely released him outside to join all his lizardy kin.

I like to think the lizard is updating his own Facebook right now, with tales of screechy giants, soft clothes caverns, and utterly useless cats.

The End.

Friday Favs 4/24/15

Apr. 24th, 2015 01:00 pm
[syndicated profile] cakewrecks_feed

Posted by Jen

Some of my favorite new submissions this week.

 

What we have here is a failure to grasp the concept:

 

[head desk]

 

And speaking of revealing:

Is that what they're calling it now?

 

At least this wedding wreck came with tissues for the bride to cry into:

Although the chocolate smears may bring to mind a different kind of tissue.
(Ewww.)

 

Had to include at least one more Princess cake for Princess Week!

Isn't it grand?

 

Too bad that's not what they got:

Hmm. I see your points.

 

And finally:

When display signs get snippy:

Cannot. Stop. Laughing.

 

Thanks to Troy D., Jacqueline E., Giancarlo, Shane R., & Jennifer H. for showing even bakery labels can have a bad day.

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

[syndicated profile] accidentallyincode_feed

Posted by Cate

The Eloquent Woman's Guide to Moderating Panels

As a long time reader of The Eloquent Woman blog, of course I bought Denise’s book, The Eloquent Woman’s Guide to Moderating Panels (Amazon) almost as soon as it came out, and only waited a couple of weeks to read it!

I’m not a fan of panels because so often they are bad, so it’s great to have a resource on how to do them better.

The parts I found most useful were:

  • The step by step guide to preparing as a moderator – I read it contemplating my first moderator gig and having no idea what to do! (It fell through, so now I’ll have to look for another opportunity to use what I learned.)
  • The set of exercises and questions to make the panel less generic.
  • Ways to interrupt! Which let’s be honest is useful for women in meetings, too.

The book is targeted at the moderator, but could also be useful for being a good panelist because it’s packed full of tips. I highly recommend reading it if you are involved in any kind of panel.

 

[syndicated profile] epbot_feed

Posted by Jen

When Epbot reader Anna B. spotted some questionable content in her young son's library book, she didn't sit idly by; she grabbed a pencil and got to work.

And since I have screen shots, I'll let you guys learn about it the way I did on Facebook:




Here's the post Aimée linked from Anna:



And here's her son's letter, which I've brightened up a bit to make it more legible:


At first that's all Anna posted, so naturally, I HAD to ask for photos of the actual book in question, ideally with her commentary. 

Later that night, she delivered.

Now, let me preface this by saying that, as a fan-art lover, I think I have a pretty high tolerance for scantily-clad ladies. I enjoy a lot of pin-up art, and have no problem with it in the proper context and setting. That said, I can definitely see some issues here, especially for a grade school library book purporting to teach kids how to draw.

Here's the title page of the book in question: 

You may notice - as I did - that only men were involved in the book's production. Red flag #1?

Now a few page examples, with Anna's remarks added in pencil:

Yikes. I thought Leering Old Guy & his resentful French Maid was bad enough; then I saw the part about her being "his private nurse." Ewwwww.


It's hilarious how the author goes on about how he accidentally left this next woman's hands flesh toned - why, she'd freeze her hands without gloves! Chortle chortle - on this illustration:

Spot-on commentary from Anna here.

And please note that these are under character design, in a book teaching kids how to draw women. Yech.

Then there are gems like this:

Because all proper steampunk ladies like to clean their massive arsenal of weaponry in bonnets and frilly lingerie.

Hey, there's a place for pin-up art. That place just isn't a grade school library.

Besides, I'd argue that these don't even qualify as pin-ups; they're just plain stupid:

 Anna's text reads, "Frilly knickers. Because every deep sea diver needs those."

YEP.


You know, that "private nurse" is starting to look down right prudish by comparison:


 And finally, the one that made me decide to write this post:

 "...because steampunk women keep losing their clothes." 

Bwahaha!

Major props to Anna for handling the situation with humor and grace.


(I looked up the book on Amazon, btw, and don't see a recommended age range listed. So it's possible the book is meant for adults, and the library is simply shelving it in the kids' area on accident. Either way, I think Anna is right to let them know her concerns. And hey, even if it IS for adults, it's still not right.)

[syndicated profile] cakewrecks_feed

Posted by Jen

Ever wonder what you'll really get when you order a princess cake like this?

 

Well, I have good news!

You're almost certain to get the same toys.

 

Or maybe you want to spring for the big castle version:

You totally should!

 

How else will your baker get any airbrush practice?

Mmmm. Spattery.

 

Not a big princess fan? Never fear, I've got something for you, too!

 

Now, clap your hands if you believe in fairy wrecks.

THEY DO EXIST.

 

Thanks to K.B., Maureen S., & Yesenia for the stellar wreckporting.

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

[syndicated profile] epbot_feed

Posted by Jen

Time for a new batch of cosplay awesomeness!

(Click any pic to embiggen.)


A beautiful Tauriel from The Hobbit. Love that detailing on her bow & quiver.


Honey Lemon & Mass Effect ladies:


These two villains were beyond fabulous - and Cruella was posing so well, I didn't even notice she was on the phone!
 
And the Queen's dress! WOWZA.

A couple straight off the set of Doctor Who:


Look at those prosthetics on the lady Silurian. Flawless.

More terrifyingly impressive stuff, this time from a gender-swapped Davy Jones:

It takes a few minutes to really appreciate everything you're seeing here. Check out the Kraken attacking the ship on her hat, and the claw hand, and the starfish on her face!

 
Not to mention that spot-on makeup application. 


A couple classics:

That Spidey is actually an artist in Artists' Alley. Talk about a great way to attract customers!

This Wonderland group made my jaw hit the floor:

LOOK HOW AWESOME. 

The Hatter has a flamingo with copper pipe for legs! And Cheshire's grin is attached to a walking staff, so he can just hold it up like a masquerade mask. Alice's flower has a sculpted face in it, and can we please talk about the White Rabbit's giant fluffy ears?! LOVE.


Here's North from Rise of the Guardians - complete with the little elves on his shoulders!


I threw in a reference from the movie, in case it's been a while.


Gender-swapped Batman Beyond:


And a 'swapped Joffrey & Hound from Game of Thrones:


Plus an Iron Throne dress! 

Here's a huge GoT group - I won't even try to name everyone:

Another jaw-dropper: this little Maleficent brought two of her Tree Warriors. I've never seen these cosplayed before!
WOW. 

Those guys are hard to find a good reference for, but here's a general idea from the movie:



It took me a minute to recognize this broom. Then Sorcerer Mickey showed up, and I was like, "Oooh, NOW I get it."

Plus, wearable DeLorean. AW YISS. 

(He had a flux capacitor graphic on his phone, which he's holding up.)


Gender-swapped Booker from BioShock:Infinite:

 She wore a long striped skirt instead of pants. Here's a game shot, for comparison:

 And remember how I featured a Booker with a crow hand before? Well, this one has the Shock Jockey hand! (pic above) So fun!

Pretty sure you'll all know THIS guy:


I later found out he's the actual Beetlejuice from Universal, which probably explains why he looks this amazing. Heh.
  
Gotta follow him up with Lydia, of course:


This steampunk Mad Hatter had the COOLEST leather teapot purse:



And here's Emily, a young reader & friend of mine, modeling some expandable flying wings she and her dad put together:




On a scale of 1-10, how would you rate this cosplay?

:D

Hard to believe there's a person in that Baymax; I'm still not sure how they could see.

 
An impressive Attack on Titan group:


Another Maleficent - this time the grown-up version - and an oh-so-dapper Supergirl:

 

Harley and a perfectly painted Mystique:

Seriously, Mystique's face paint didn't have a streak or crack on it. Props!

These guys were chasing Pac-Man all over the con, which made for some hilarious lunchtime entertainment:


And this Kuzko was totally grooving:

"Let me guess: you have a great personality."

(We need more Emperor's New Groove love at cons, you guys. Such a great movie.)

Agent Carter & Captain America:


Spotted these two ladies at lunch, and they just about made my whole day. Cutest couple ever, or cutest couple EVER?

FLUFFY FEATHER SKIRTS! Ha! 
 And I like how "Daisy" painted pink high heels on her yellow sneakers.


And finally (for this batch, anyway) I'm going to end with a bunch of shots from Saturday's Borderlands meetup.

First, John/Tiny Tony with an *actual* Tiny Tina (she's so small!):

And also with a gorgeous Moxxi.

Now, group shots!

 More than half looking at your camera at the same time = SUCCESS.

Then a few more arrived:

(Lovin' that gender-swapped Salvatore in blue on the end.)

And now from *this* direction!
That Pre-Sequel Jack is especially impressive:

Here's a comparison shot from the game:


Speaking of Handsome Jack, after a while this one decided to steal the spotlight:



Everyone cracked up, and then immediately pointed their weapons at him. Sadly I was laughing too hard to get THAT shot.

Here he is again with "Claptrap Inception:"


The midsize Claptrap is actually a backpack one of the Mayas made. SO GOOD.

Another shot of Pre-Sequel Jack & Maya:
  
 
Seriously, her (Jack's) cell-shading is amazeballs. Really excellent.

And finally, the two Jacks together:

Ha! Love it.


K, that's it for now! Stay tuned for more, guys!

Oh, and cosplayers, if you spot yourself here, feel free to share a link to your blog/FB page in the comments.

 [If you missed it, click here for part 1!]
[syndicated profile] sumana_feed
Yesterday I spent an hour teaching a woman whose nonprofit wants improvements to their current Drupal setup, especially around content approval workflow and localization. She wanted to understand more about how Drupal works so that she can understand the potential problems and solutions better, and be a better partner to her technical colleagues.

I talked with her a little about those specific questions, but most of what I taught her would be appropriate to any knowledge worker who wants to learn more about an open source web application. I pointed her to some resources and figured they were worth mentioning here as well.

Since she may end up with a test server so she can play with Drupal modules and configuration, I also talked with her a bit about what it means to ssh into a server, the fact that she will probably have to install new software (a console or terminal application) on her Windows computer in order to do that, and the basics of how public key infrastructure and SSH keypairs work, and why they're more secure than just using a username and password. I did this without notes or links, so I don't have any to offer here; perhaps you have a favorite explanation you'll share in the comments?

Overall in these kinds of conversations I refrain from saying "do this" or "do that", but I did share these two bits of wisdom:

  1. When you generate a keypair, the .pub file is the one to give other people, and the other one you keep to yourself.
  2. Make an effort to remember that passphrase. Otherwise you will be unable to use your key, and you have to have a slightly embarrassing conversation where you say "here's the new .pub because I forgot my passphrase for the old one," and it delays whatever you were going to do. But I showed her my ~/.ssh directory with all those old keys I can no longer access, and told her that if she does end up needing to make a new keypair, she is in good company, and basically everyone with an SSH key has gone through this at least once.

We talked about getting her a community of practice so she could have more people to learn from. She now knows of the local Drupal group and of some get-togethers of technologists in her professional community. And she has some starting points so she can ask more productive questions of the technologists within her org.

And this stuff is frustrating, and if you feel that way, that's okay; lots of other people feel that way too, and maybe it just means you need to try a new approach.

Where Dreams Come Through

Apr. 22nd, 2015 01:00 pm
[syndicated profile] cakewrecks_feed

Posted by Jen

Welcome to BisneyLand, the amusement park that's in no way affiliated with Disneyland, but is just as good - and cheaper, too!

Once you enter the gates of our mystical castle-land of joy, you'll be greeted by our lovely royal ladies:

Cinderallie and her clear resin shoes are always the hit of the ball.

 

Princess Yasmine and her flying doormat will show you a "whole 'nother world."

 

And TinklesWell the Winged Wonder is sure to be your day's #1 delight!

 

We also have fabulous entertainment:

Princess Areola and her pals Haddock, Skittle, and Captain Crabby Pants may prefer life "under the ocean," but they still enjoy singing their big musical numbers, "Check Out My Cool Stuff," and "I Can't Talk, So Let's Make Out!"

 

And don't forget Pretty, our good-looking girl:

 

And of course her friend Not-So-Handsome!

Together they invite you to "be our visitor!"

 

Anony M., Allison M., Clau, David I., Mona S., & Kristyn, how crazy would it be if a place like this actually existed? Oh, wait...

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

 

And lest you think we forgot...

Happy Earth Day!!!


Tuning Forks in Human Form

Apr. 22nd, 2015 12:00 pm
[syndicated profile] accidentallyincode_feed

Posted by Cate

Danbo y el Kiwi

Credit: Flickr / https://www.flickr.com/photos/anieto2k/5688981179/

A few months ago three people told me I had been right about something. Obviously this brought me joy – I do love being right – but it was not all joy, because what I had been right about was bad news for them. I personally felt vindicated. But my friends were in a bad place and I worried for them.

I think that anticipating disaster is part of being a good engineer. You look at the system, you consider what will go wrong, you weigh it up and make a decision: prevent, mitigate, or note and ignore.

Obviously not everyone agrees with me. This line of thinking is what drove me to become an expert in unit testing the kind of code that most people do not test at all.

Which is fine. I don’t think there is One True Way of being an engineer, and I’m sure there are benefits to having optimists around (although I’m not sold on delusional megalomaniacs). But it does mean that I have spent a lot of time predicting, and worrying about disaster, with mixed results.

Some people will listen to you, and you’ll fix it together. And some people will listen, but the decision will be to leave it. Later, you can come back and say “hey you were right this wasn’t really a problem” or they might tell you “yeah I guess we never thought that guy would come back and fix that thing we knew was a terrible decision, and I’m sorry you lost 2 weeks of your life to dealing with it. But his poor decisions won’t be your problem for long because that project is moving and by the way you didn’t get promoted and he did.

Of course there are people who won’t listen. And when I think about that, I always think about one of my friends. Who complained about something for months. And eventually she decided she couldn’t take it anymore and walked away. And her manager, and his manager, they said, “we had no idea it was so serious, you should have said something.” But she had. They had just ignored it.

As I have failed to walk this line between “passive” and “aggressive”, between “fine” and “dramatic”, and as I have watched my friends do the same, my observation is,

If someone doesn’t want to listen to what you are saying, they will complain about how you are saying it.

This is why tone policing is harmful. Because it derails the conversation – tone over topic. Because it’s victim blaming.

But what deeply offends me about tone policing is that it is inefficient, and demonstrably pointless.

Sometimes I’m told I should be angrier, or more cynical. Sorry – don’t have the energy. Sometimes that I should be nicer, try and “catch more flies with honey” – since when was catching flies the goal? 

Look at the vast array of media that people consume and it’s clear that people connect with different things. I never watch violent movies, some people love them. People learn in different ways. I prefer to read, others like to listen. The thing that makes one man say “wow what a bitch” causes another to realise “oh, she’s serious”.

The book The Male Factor is pretty depressing but worth a read on how men perceive things when women communicate. Two key takeaways on this topic are 1) men write off anything they don’t understand as a woman being emotional. 2) around 20% of men are predisposed to react badly to women.

For me, that book was the last thing that liberated me from any need to “be nice”. Since it’s clear that 20% of men will probably never find me nice, then I’m free from the need to try and appease them.

Now I try and approach this stuff in a way that is authentic to me, and I encourage other women to do the same. If someone thinks their strategy is more effective, run with that and prove it. Genuinely, I wish all success.

One of my friends is really feminist now, but as part of his journey to actually understanding he was blocked by multiple feminists, and now he owns that he was being a jerk and deserved it. He didn’t need every woman to be holding his hand and soft-soaping things to eventually get it, because he’s a decent human being and in time he learned.

So yeah… I just can’t find it in me to worry about my tone or any other woman’s tone “alienating men”. Because if they are that easy to alienate, then if not that then something else. And if they are actually – like my friend – learning as they figure it out, then they’ll get there, in time. They don’t need me to hold their hand. And frankly, I have better things to do.

ENOLINKSPAM (21 April 2015)

Apr. 21st, 2015 11:55 pm
[syndicated profile] geekfeminism_feed

Posted by spam-spam

  • The Conversation No One Wants To Have: Gender Stereotyping | Forbes (April 16): “Two of the four panelists showed a lack of understanding of the subject; the moderator was unaware of the dictionary definition of feminism; and, some left feeling short-changed of the productive discussion they were promised. No statement seemed malicious; most simply seemed to circle the point of understanding without touching it.”
  • Hewlett-Packard’s Meg Whitman tech sector’s wealthiest woman: Wealth-X | The Financial Express (April 15): “The net worth of women on the Wealth-X list lags far behind their male peers in the technology sector”
  • Why Job Titles Matter If You Care About Diversity | MVSEVMSTORE (April 16): “But after working at a handful of different companies that de-emphasize titles, I’ve realized that there are drawbacks to titleless-ness, and that those drawbacks disproportionately impact people who conform the least to the stereotypes of their role.”
  • tim | Last Exit to Loyalty (On Holding On Past The) (April 14): “I wrote the rest of this essay to wrestle with the question: “Given the many advantages of having a comfortable, high-paying, flexible desk job, are the frustrations I feel really bad enough to justify taking the risky path of searching for something more grounding? In the absence of pure intellectual pleasure and in the absence of the feeling of social benefit, will continuing to work in the software industry help me more than it hurts?” The short answers are “yes” and “no”. Here’s the long answer.”
  • tim | Laying Down the Banhammer (April 17): “My feminism is for me. But Geek Feminism isn’t for me, anymore. It does, and should continue to center, feminism that’s for women. Those of us who are men need to make our own feminist spaces, not ones that exclude women but ones that can occupy a space that doesn’t suck attention and resources away from the more pressing needs…”

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

Rejected Princess Movies

Apr. 21st, 2015 01:00 pm
[syndicated profile] cakewrecks_feed

Posted by Jen

New, in honor of Princess Week!

Rejected Princess Movies... in cake.

 

Snow White And The Swamps of Sadness

"Arrrrrtaaaaaax!!"

 

Sleeping With The Fishes

A terrible curse.
A fishy tail.
And a super long nap.

("Is she still pink?" "No, BLUE!")

 

Fairy Apocalypse

Tinkerbell finds a new friend!
And this one's still alive!

 

Rapunzel And The Haunted Guitar Pick Path Of Doom

"Rapunzel! Let down your haiAAAAAUGGGGH!!"

(Yes, that's really supposed to be a Tangled cake for poor little "Chole"/Chloe. And I am so confused.)

 

Frozen 2: Elsa Gets Grumpy

"Alright, who let one go?"

 

Thanks to Vicky G., Andrew D., Brian W., Michal S., & Emma R. for the fractured farty tales.

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

[syndicated profile] valerie_fenwick_blog_feed

Posted by Valerie Fenwick

I am excited to announce that our new PKCS#11 specifications are *official* OASIS standards!

The PKCS11 technical committee worked hard over the last 2 years to update the last standard draft from 2009 and run it through the OASIS process.  I am very proud of the committee and OASIS
community for reviews, discussion and guidance.

If you'd like  to learn more, please come by the OASIS booth (South Hall, #1921) at the RSA conference this week - myself, other Oracle Solaris security folks and other TC members will be there to answer your questions!


[syndicated profile] cakewrecks_feed

Posted by Jen

So this is love

Mmm hmm mm mmm

 

So this... is love?

 

So this is what makes life

 

"divine"

 

I'm all aglow

Mmm hmm mm mmm

 

And now I know...

 

The key to all heaven

 

is mine!

 

So this is the miracle

That I've been dreaming of!

Mmm hmm mm mmm
Mmm hmm mm mmm

So this... is... love!

 

Thanks to Jesse R., Laura G., Kim J., Casey J., Margaret S., Vickie S., & Anony M. for the wrecky ever after.

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

Creative Solitude

Apr. 20th, 2015 12:00 pm
[syndicated profile] accidentallyincode_feed

Posted by Cate

Danbo Phelps

Credit: Flickr / Andrés Nieto Porras

Before I  left for South America I kept being asked “aren’t you going to be lonely” like loneliness is some terrible thing to be avoided at all costs.

Since I’ve been here, people have been commenting “you seem to be very productive” and it’s true. I have been.

I say, “I’m embracing a kind of creative solitude.”

And yeah, definitely at times it’s been lonely. And overwhelming. I’ve gone and eaten pizza (I almost never eat pizza) because it’s easy. I’ve cried, once. I’ve taken out the Xanax… but managed not to swallow it.

I see loneliness as a normal part of being human, and I think sometimes it’s healthy to embrace it. Fearing it keeps us in bad relationships (friends, roommates, lovers).

So yeah it’s been a little lonely. But quite creative. And very productive. And actually… I’m pretty content.

[syndicated profile] krebsonsecurity_feed

Posted by BrianKrebs

I’ve been doing quite a bit of public speaking lately — usually about cybercrime and underground activity — and there’s one question that nearly always comes from the audience: “Why are these fraud Web sites allowed to operate, and not simply taken down?” This post is intended to serve as the go-to spot for answering that question.

Q: Why not take down the hundreds of sites now selling stolen credit cards and identity data?

Screen Shot 2015-04-19 at 11.53.35 PMA: For starters, it’s not always so easy to take these sites offline. Many of them rely on domain name registrars that routinely ignore abuse requests. The same goes for the organizations hosting a number of these unsavory markets. What’s more, most crime shops have a slew of new domain variations at a variety of hosting providers and registrars that they can turn to if they do get shut down.

More importantly, fraud shops don’t often get shut down because they are quite useful to law enforcement, banks and researchers alike. Stolen data that has value among computer crooks will always find a way onto illicit markets; it benefits the aforementioned parties if those markets aren’t so exclusive that the crooks can no longer easily view or buy the data for sale.

As I’ve discussed in several articles, banks and law enforcement often use these services to figure out which merchant has been hacked; to help stanch the flow of new stolen data; and, effectively, stop the breach.

Q: Why are there so many of these card shops hosted in the clear Web, instead of via Tor, I2P or some other anonymization technology that allows the shop to hide its true Internet address? 

A: Most card shops sell only a tiny fraction (think single-digit percentages) of the cards they have for sale at any one time. As I noted in the second half of this piece, the thieves in charge of the shop primarily responsible for selling cards stolen from Target and Home Depot only sold a very small percentage of the more than 100 million credit and debit cards they stole from those two companies. Russian computer forensics firm Group-IB found similar single-digit sales figures at swipe[dot]su, a long running card shop that they hacked last year.

In short, stolen cards are not like fine wines: They don’t age well. The minute they are put up for sale, their value starts to decline. And there are many times more stolen cards available than there are crooks to absorb anywhere near double-digit percentages of cards stolen from a given merchant. Hence, it behooves the card vendors to make their shops as accessible and easy-to-use as possible.

Q: How come law enforcement officials can’t just put these guys and others out of business or behind bars for this activity?

A: Occasionally, the proprietors of these card shops do get arrested and jailed. But a great many of the sites are run by individuals living in Russia and Ukraine. Neither nation has shown itself particularly anxious to arrest cyber crooks within its borders, so long as those crooks are mainly picking on targets outside of their home country. Also, cybercrooks based in Russia and Ukraine who don’t steal from their own generally have little to fear from foreign law enforcement and governments provided they don’t travel to Western-friendly nations.

Q: Okay, but can’t we all achieve a certain catharsis from taking these sites offline?

A: Sure, but those fraud sites will be back online before you can say “where’s my debit card.” Most experienced card shops list on their home pages several — if not dozens — of alternate domains that customers can use in the event that the current one gets shut down. While this certainly presents a ripe target list for anyone wishing to take these sites offline, see the answer to the first question above for why this generally gets harder with every successive takedown.

Q: So is there nothing we can do to disrupt these crime shops that isn’t also disruptive to security folk looking to gain intelligence about who’s hacked?

A: Most of the top card fraud shops have redesigned their business models around creating a smoother customer experience. Gone are the days when a serious card shop could ignore customer complaints and still do a brisk and loyal business. It’s all about reputation. Creating a positive customer experience is the key to the way these guys establish legitimacy and loyalty among customers. But interfere with that customer experience — and seller reputation — enough, and that business may very well die on the vine.

[syndicated profile] geekfeminism_feed

Posted by spam-spam

  • Researchers quit science Hall of Fame panel over lack of women nominees | CBCNews (April 11): “Judy Illes and Catherine Anderson resigned from the selection committee of the Canadian Science and Engineering Hall of Fame this month after realizing that no women had been nominated for induction two years in a row.”
  • To fight income inequality, tell your friends how much you make | Quartz (April 14): “As Congress meets to debate the merits of government intervention in the issue of equal pay, women and minorities need to realize they aren’t alone. And the best way to do that is to start talking about their paychecks. By breaking the outdated workplace taboo that expects silence around salary, we can create a community of honesty and empowerment.”
  • Meet ‘digital nun': the Sister funding her monastery through her apps | The Telegraph (April 5): “running a monastery requires income and – while nuns elsewhere bring in money by making soaps or jams – Sister Catherine has established a professional web design and maintenance service, offering everything from hosting to content management to social media integration, which goes by the name of “Veilnet”.”
  • The worst question you could ask women in a job interview | The Washington Post (April 14): “If companies relied less on what people made in their past jobs, and more on the actual market value of the job being filled, they’d be less likely to perpetuate the gap between men’s and women’s salaries. After all, when employers base someone’s new salary off of their former salary elsewhere, they just compound any past biases or negotiation disadvantages.”
  • No Country for All Women | The Gilliad (April 15): “People make ill-advised statements online all the time; some people seem to make, if not a career of it, then at least an avocation. The appropriate response, I’m inclined to think, is a private shrug, sigh, or roll of the eyes before moving on. At maximum, I’ll say something sarcastic or deeply cynical within earshot of a small audience of disinterested cats. Which is how it should be, probably.* *For the most part; there are always exceptions, e.g. if it’s hate speech or bullying, SHUT IT DOWN (if possible). If it’s more like, “Here’s a wrongly attributed motivational quote I just HAD to share with everyone I’ve ever met,” then idk, I’d let it go.”
  • The girl game archival project that’s rewriting geek history | The Verge (April 17): “More generally, Rhizome is chipping away at the overgeneralized view that technology is a “historically male” field, where women are just now struggling to get a foothold. “It is not like this is the first time that women were into games,” says Espenscheid. “It’s not the first time that women are active on the internet. If you look, there have been all kinds of people making web pages when there were no graphical editors, when you had to type in HTML code, actually. When you say, ‘Oh god, nobody can do that, we need some white boys in hoodies to do this for us!’ — [every] kind of person has been doing that, in the ’90s for example. But this is very easily forgotten.””
  • Season 2 of Black Feminist Blogger is Coming! | Black Girl Nerds (April 15): “Season 2 of Black Feminist Blogger is set to officially premiere on April 20th. Black Feminist Blogger is a new web-series centering on the protagonist Latoya, a queer black feminist blogger who is attempting to negotiate her identity as a feminist and a writer within the competitive terrain of the online feminist marketplace. She writes for a feminist magazine called Sapphire Mouth run by a white woman named Marie who continuously employs unethical tricks to make it to the top. Marie’s goal is to have Sapphire Mouth be the “next Jezebel.””
    Gaming, Entrepreneurship and Pioneering: A Young Woman’s Nontraditional Path From Gamer to Game Designer | HuffPost Icon Next (April 15): “I attended that same Career Day that got me my job at JumpStart three years ago as a speaker and had the opportunity to talk to high school students about my story and my career. I am returning this year as well as attending a conference for young girls where I am going to talk about my experiences and being a female in a primarily male industry. I think it’s great to motivate and inspire students to pursue their passions. When I was in high school, I thought my grades were going to stop me from achieving any success in life, and I want others in that situation to know that that is not true.”
  • My first #WCW Aisha Bowe Founder of STEM Board and Former NASA engineer | STEM Girl Social Network (April 15): “At only 29 years old, Aisha who is an aerospace engineer, manages STEMBoard’s multi-million defense-contracts and private sector clients. STEMBoard is composed of aerospace and defense engineers who are leading innovative and disruptive change within the defense and intelligence community.”
  • Reham Fagiri: From Goldman Sachs to Start-up CEO | Lady Clever (April 15): “Her journey started when, at 16, she left her family in Sudan to attend university in America. After getting her degree(s), Fagiri landed at Goldman Sachs as an engineer and analyst, holding other positions in the company during her tenure there, and participating in Goldman Sachs’ 10,000 Women Initiative in order to share her knowledge with and empower other women. Now, she is the CEO of AptDeco, a company that makes it safer for women in New York City to buy and sell furniture without having strangers showing up to their homes.”

 

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

This Week

Apr. 19th, 2015 02:08 pm
[syndicated profile] accidentallyincode_feed

Posted by Cate

Danbo @ Work

Credit: Flickr / Andrés Nieto Porras

Life

One of those weeks where I think about the phrase “you can have it all… just not at the same time.” Maybe you can’t even have it all that close together.

I’m finding this time in South America really useful – I feel far away from tech industry bullshit, but I’m in a convenient timezone to work with people in the US. It’s definitely a bit lonely at times but in a way that I think is – mostly – good for me. Although this weekend I really wish I was in the same place as a girlfriend!

Work

Feel like a lot of things came together this week. I launched my iOS unit testing workshop, and sent out an alpha version of Show and Hide on Android. Also did some planning of other long-term projects, and some other stuff I can’t talk about yet.

One project I’m working on involves trying to get this large messy codebase under control. It’s a bit overwhelming but I feel like I am making some progress. I have been meaning to read Working Effectively with Legacy Code (Amazon) for a while so maybe this will finally get me to do that! Starting with simple things like file structure because OMG not everything should live in the home directory, and easy-to-fix warnings.

We did our biggest ever Technically Speaking webinar yet! And were plagued by technical problems.

Media

Watching Gossip Girl – got way back into it, possibly too much so. Reading Professional Android 4 Application Development. Finished Pillow Talk, read The Woman Who Fell in Love for a Week (funny), reading Secrets.

Product links Amazon.

Published

A new edition of Technically Speaking is out.

On The Internet

[syndicated profile] sumana_feed
screen capture of 'Another Sunday'When Leonard and I lived in the Bay Area and drove south to Bakersfield to see his mom every few months, he got a satellite radio subscription. I'd navigate the music channels and look at the device to see the name of the artist and ask him to guess. When he couldn't tell, he often guessed "REM" (for loud stuff) or "Belle & Sebastian" (for quiet stuff).

Right now I'm working on an ambitious fanvidding project and am thus watching a bunch of other ambitious fanvids (e.g., chaila's "Watershed", danegen's "Around the Bend", counteragent's "Coin Operated Boy") to take notes on technique (e.g., exactly how many 100%-dark frames serve as a good stutter in frightening montages, versus how many blank frames help reset the eye and prepare it for a new sequence). Just now I was watching "Another Sunday" by Jescaflowne, set to "We Built This City" by Jefferson Starship. I checked the timecode scrubber. "Hey Leonard," I said facetiously. "Did you know that rock songs used to be four and a half minutes long?"

He looked at my screen as we made up Freakonomics-worthy nonsensical explanations of why this used to be the case. "What show is that?"

"Stargate Atlantis."

At this, Leonard developed a hypothesis that Stargate Atlantis and Supernatural are like REM and Belle & Sebastian, viz., if he can't tell what fandom a vid is, and there are spaceships and lots of guns, it's SGA, and if there are no spaceships and nearly no guns, it's Supernatural.

As a data point, I've watched zero SGA and one ep of SPN ("Fan Fiction"), but have spent happy hours enjoying fic and vids about both, particularly the critical readings -- if you're waiting for Ann Leckie's next Ancillaryverse installment, you could do worse than reading "Second Verse (Same as the First)" by Friendshipper/Sholio. I wonder whether the same thing will happen to me with Teen Wolf.

[syndicated profile] cakewrecks_feed

Posted by Jen

Cakes were pretty simple back when we thirty-somethings were kids - which is why my inner 6-year-old is so jealous right now:

(By Patisserie Jaja)

Smurfette!

 

And check out this gorgeous hand painted Strawberry Shortcake:

(By The Painted Box)

I love that they used the original Strawberry Shortcake, not the new rebooted style.

 

Anyone remember this guy?

(By Studio Cake)

Careful; if not, you could make him very angry.

 

All together, now:

(By Tortystka)

Piiiigs innnn Spaaaaaaace!

It makes me so happy that this exists.

 

Depending on how old you are, these next ones will either make you squeal in delight or look completely baffled:

(By Sugar Rush Custom Cookies)

Hollie Hobbie! She was a little before my time, but I remember the wooden plaques with her picture on it still hanging in some of my friends' rooms.

Those are handpainted cookies, by the way, and if you look close you can see they're bas relief - aka slightly 3D!

 

Thanks to Toy Story this classic has made quite the comeback:

(By Karolina Cake Designer)

Mr. Potato Head! Such a fun design with the number for his nose, too.

 

Scooby Doo! WHERE ARE... oh. There you are:

(By Mladman Cakes)

Look at the flying bats! And the fun spooky trees and haunted house! SO GOOD.

 

Now, are you ready for some glamour and glitter, fashion and fame?

(By Faithfully Cakes)

'Cuz this Jem cake is truly outrageous.

 

Now, when I say "Whoa," I mean "WHOA!"

(By Ennas' Cake Design)

This Yosemite Sam has the root'nest, toot'nest cake in the West!

 

But it's these sweet little Care Bears that really made me melt:

(By Sweet Little Treat)

More perfect hand painting! Ah! SO SWEET.

I tell ya, this post is going to drive me to hunting down all my old toys on Ebay, just you watch.
(Remember the little pose-able PVC bears? Loved those.)

 

And now, everyone's favorite two comic strip characters:

(By The Caking Girl)

Anyone tearing up just a little? No? Just me?

That combination of hand painting and 3D sculpting is brilliant, by the way. Brilliant.

 

And finally, the Mouse who defined so many of our childhoods:

(By Svetlana Petrova)

Mickey!

Really digging this design, with the little paint cans and splatters, and I'm head over heels for the color palette, too!

 

Hope this brought a smile to your Sunday, guys! Now if you'll excuse me, I'm off to browse the vintage toy section on ebay...

*****

Thank you for using our Amazon links to shop! USA, UK, Canada.

Wide Angles At Wizarding World

Apr. 19th, 2015 08:30 am
[syndicated profile] epbot_feed

Posted by Jen

Here's a first for me: I have two "internet friends" visiting right now from two different states. Both are very dear to me, and I'm glad they could see through my introverted, work-obsessed, hermitage-loving social awkwardness enough to say, "Hey, we want to visit. Cool? Cool."

We all went to Universal on Friday, and I brought along a new 2.8 11-16 wide-angle lens to experiment with. I thought you guys might like to see some of my favorite shots!

Because you have to take a picture of the dragon. HAVE TO.

 The stage shows in Diagon Alley are just phenomenal, and I can't recommend them enough. Especially the puppets!

I keep trying to get some decent shots of my favorite shop, Wiseacres, but even the wide angle can't  seem to capture the magic:

 
 I guess I'll just have to keep trying. :)
 
 (My lens is about two inches from that Slytherin plaque here.)

 
I'd love to fill my house with all the steampunky telescopes and astrolabes ringing the room:


Another pic I've never had much luck with is this owlery tower:

I'm looking almost straight up the tower here. So far, this is the best I've managed of that owl, since he's usually lost in deep shadow.

 The wide-angle also let me capture this whole suit of troll armor; usually you can only see the feet from the window:

 I managed by leaning waaaay in and craning up.

 
 This dress in Madam Malkin's has a subtle projected pattern of cascading flowers on the skirt:


A colorful street scape:

 

 And possibly my favorite of the day:

  I like how off-kilter and monochromatic it feels. 
(I didn't edit the color at all; that's straight off the camera.)

 In Diagon Alley you'll also find Knockturn Alley, which is so dark you tend to stumble around until your eyes adjust, and even then, you can't see most of the buildings around you:

 Off to the side of one of the paths is a small iron gate, with a barely illuminated alleyway leading away from it.

On a whim, I stuck my lens between the iron bars of the gate and fired off several shots, no flash. 

Amazingly, one turned out pretty well!

Very little of this can be seen with the naked eye. Cool, right? (The sign reads "The White Wyvern.")

And finally, not the best shot, but LOOKIE:

I was chosen at Ollivander's! Woot woot!

This is right at the big dramatic moment, with the angelic music playing and the rushing wind blowing my shirt around. Hee. And while all of Ollivander's wizards are great, this guy was particularly awesome. His inflections and mannerisms were so, so good.

Well, guess I better get back to MegaCon photos now, huh?

Happy weekend, everyone!

***

Note: My camera is a Canon 7D, and all of these photos were edited in either iPhoto or Perfect Photo Suite 7.

La Con De Python

Apr. 19th, 2015 12:54 am
[syndicated profile] sumana_feed
I spent a good chunk of this month at PyCon in Montréal, watching talks, seeing people I rarely get to see, and working on Mailman. My stay in Montréal felt homey thanks to Jo Walton and Emmet O'Brien, who put me up in their place for the duration. Much thanks, Emmet and Jo!

It was wonderful getting to sprint with the rest of the Mailman team, some of whom I'd never met before. I'm grateful to the Python Software Foundation and the PyCon sponsors for arranging the venue and food; one can attend the sprints at no registration cost, and I thoroughly appreciate that. I wrote a few patches, told other attendees about the upcoming release and got them to come test the install, and did a great deal of testing and bug-reporting myself, and generally a bunch of release management. I had the privilege of discovering a funny bug, although I wish the bug didn't exist since it prevented us from meeting our goal and shipping 3.0 by Thursday. (A 3.0rc1 release is imminent!)

On the last day of the sprints, I started a keysigning. I think every keysigning I've ever participated in has included philosophical and engineering questions about the usefulness of keysigning parties, why we bootstrap an anarchistic web of trust using government-issued documentation to authenticate people, the difference between "I control this key" and "I am the person whose passport this is," and the anti-mnemonic powers of gpg command-line flags. I feel as though there ought to be, and perhaps is, a haggadah for this ritual that incorporates these questions. I can't exactly remember this exemplary exchange from Thursday, but it went something like:

Me: I wonder what I would learn if I tried setting up my own keyserver.

Debian guy: You would learn that the system is utterly ripe for abuse and that we're just lucky no one has seriously tried it yet. It's an append-only distributed database, after all.

Me: (Pause.) I think I had already learned that particular social lesson and I was thinking more of the technical lessons.

Debian guy: Ah! Yes, there are some interesting backend protocols involved....

This was the longest stretch I've ever spent someplace Francophone, and I felt my high school French coming back to me day by day; towards the end I was able to put together "J'ai perdu un chapeau bleu" or "Je voudrais acheter cette chose" with tolerable facility. (I did indeed lose a blue hat that I bought in Washington, DC in 2001 just before I left for my trip to Russia; we had a good run together and I hope it ends up with someone else who likes it.) I have never played Flappy Bird, but I understand that a single error ends the round; similarly, bad French in Montréal is a sudden death game for me, in which a single mistake or even a tilted head while parsing a response can cause the interlocutor to switch to English. Like many people with one dominant language fluency and a lot of language smatterings, I find the wrong language's vocabulary springs to mind at inopportune moments. A caterer was serving me food; I couldn't remember the polite French for "that's enough" and my mouth wanted to say "ಸಾಕು" instead. Similarly, "mais" and "et" no longer come as naturally to me as do "но" and "и". But I have it easy -- evidently this is even less convenient when one of the languages is ASL!

The next PyCon North America will be May 28 - June 5 2016 in Portland, Oregon; this overlaps with the Memorial Day weekend in the US (May 28-30) which means it will probably conflict with WisCon's 40th anniversary, and I already have plans to hit WisCon 40. I hope to finagle schedules so as to attend WisCon in Madison and then fly to Portland to participate in post-PyCon sprints. But that might be too much spring travel, because what if Leonard and I want to do something special in April to celebrate our tenth wedding anniversary? What I am saying is that adulthood sure does have a lot of logistics involving calendars.

Profile

terriko: (Default)
terriko

April 2015

S M T W T F S
   1234
5 6 7891011
1213 1415161718
19202122232425
2627282930  

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Apr. 27th, 2015 01:36 pm
Powered by Dreamwidth Studios