« Previous Entries

The Archives

GPF, Internet, Security, Technology
Firesheep, GPF, and Neural Core Dump
November 3rd, 2010 (1 year, 3 months ago) by Jeff | Permalink | Dump Core
By now, the tech savvy among you have probably heard of Firesheep, the infamous unofficial Firefox plugin that lets you swipe other people’s session cookies and impersonate them on various popular, less-than-secure websites if you and they share the same unencrypted WiFi access point. The less tech savvy ones probably could care less, or are so terrified and spooked that you’ve turned off and unplugged your computers, buried them in a 20-foot-deep hole in the backyard, and layered on top of them concrete, asbestos, Kevlar, lard, and ten thousand old AOL CDs you’ve been hoarding in the closet since 1990.

OK, I was only kidding about the lard.

Last week I tweeted that “Firesheep makes me want to weep for the Internet and laugh maniacally, both simultaneously”. That’s no exaggeration. On one hand, it’s performing wonders by raising awareness of just how insecure many of our favorite sites really are. The problem Firesheep exposes has been around for ages; hard-core hackers could perform all the tasks that this plugin does through readily available tools and a lot of dedicated logging and log scanning. What Firesheep does is take a complicated, hard-core hacker task and make it bone-headedly simple: install, scan, infiltrate. It provides a wake-up call to Web 2.0 developers that they need to look seriously at security rather than just pay it lip service. And at this task it seems to be doing quite well; already Google has made moves to force SSL for all GMail access and Facebook is mumbling under its breath that they’re “looking into it”.

What scares me about Firesheep is the bone-headedly simple aspect. I won’t get into the ethics of responsible disclosure of security flaws, but releasing a tool like this that makes such a questionable task as simple as clicking a button is bound to have repercussions. Putting this tool in the hands of everyone means putting it in the hands of everyone, no matter what color hat they wear. Yes, we’ll hopefully see lots of increase in security at many of the websites we use every day, but how many innocent and ignorant users will be maliciously attacked before those changes occur? The gun was a very useful tool for early pioneers to hunt and protect one’s family, but it’s also useful for criminals to steal, coerce, and murder their victims. Technology is inherently amoral; it is people that are moral or immoral.

I won’t go into the details of how Firesheep works or the many ways it can be easily thwarted. A quick spin by your favorite search engine will likely provide all the information you may need. However, I did want to take a few minutes to publicly analyze the various aspects of this site and the GPF site and reassure all my readers that your information should be reasonably safe. Right now, it looks like the person most likely to be impacted would be me, directly or indirectly, and the risks are actually pretty darn low.

First up, this site: Firesheep does indeed include information on how to “hack” WordPress. Well, how to hack WordPress.com. Since Neural Core Dump is self-hosted, the built-in attack against WordPress.com hosted blogs won’t affect us here. However, Firesheep is open source, so it is trivial to modify the code to attack specific domains, so the WordPress.com attack can be tweaked to attack an individual self-hosted WordPress blog. My original assumptions here proved to be incorrect; in looking back over the the Firesheep code, it doesn’t look specifically for WordPress.com domains, but for common cookie names used by all instances of WordPress, whether it’s self hosted or not. Thus, any logged-in user here could potentially be exposed. In this case However, this blog’s small size becomes its advantage; the likelihood that anyone will directly attack it is pretty low, and even then I keep extensive backups and can easily back out malicious comments or posts. (Mind you, being too small should not be used as an excuse not to be concerned, just that the threat can be downplayed for the time being.) I rarely use public, open WiFi hot spots (to be honest, there aren’t that many of them around where I live), and on the rare case that I do, it’s easy enough for me to create an SSH tunnel to my home Linux box and proxy all my HTTP traffic through it.

As for GPF, all logins occur over SSL, so no passwords are ever sent in the clear. Of course, Firesheep does not sniff passwords but rather session cookies, so this isn’t really the problem. I thought of a few scenarios where Firesheep could be used against GPF to varying degrees of success:
- Perhaps the most susceptible part of the site is the forum. phpBB uses session cookies like many of the sites targeted by Firesheep, and is thus theoretically vulnerable. However, phpBB forums reside on the domain of the server they are installed upon and the session cookie names are easily configurable. Thus, attacks would have to be directly targeted against a specific site in order to work. Like the blog here, GPF’s relatively low profile makes it unlikely to be targeted, although the possibility exists. Also like the blog, I’m the only one with full admin access, so correcting problems shouldn’t be too difficult. All admin sessions occur entirely over SSL, and even if I check the box to have the browser remember my login, phpBB forces me to authenticate before granting access to the admin interface.
- The wiki is currently configured (quite accidentally but fortuitously) to always use SSL during and after login. Thus, any session cookies the wiki may set are only sent over SSL and thus can never be sniffed. This is also moot for now since I’m the only one with write access to the wiki, but I’ve been considering giving access to a handful of volunteers to help me maintain it.
- The GPF Store is configured (quite intentionally) to always use SSL, whether you’re logged in or not. No vulnerability there.
- GPF Premium presents two problems: account creation/management and the day-to-day “branding” cookie that enables Premium features.
  - The Account Creator and Account Manager always use SSL and do not use session cookies in any way. Their session data is currently stored in an encrypted, hidden form field on the page. Since these pages never leave SSL, no information is ever sent in the clear. The weakest point of these systems are the user name and password you set. (You did pick a nice, strong password, didn’t you?)
  - It is theoretically possible for someone to sniff the Premium “branding” and options cookies and thus gain access to Premium features. However, that’s about all they can do: steal Premium access. These cookies do not let them gain access to your account in any way, and making any form of modification to your account requires login via the encrypted Account Manager. No features in Premium currently use these cookies to provide identity information to the system. (I did consider adding a few features that did, but those are all currently scrapped post-Firesheep.) Furthermore, the branding cookie is tied very closely to your individual browser and operating system, and there are safeguards to prevent tampering with the data and modifying it (like pretending to be an Eternal subscriber when the original cookie is really for a Bronze subscriber). The options cookie is useless without the branding cookie. Thus, the only person standing to lose anything from a sniffed Premium banding cookie is me, and that will only last as long as the cookie validates; even if the cookie thief modifies the cookie’s expiration date in the browser, embedded data in the cookie will invalidate it when the expiration date in the cookie data itself is reached.
Again, GPF’s probably far too small a target for anyone to really bother with, but the fact is that so little attack surface is visible that the only person likely to be hurt by it is me.

There, I hope I laid all your GPF/Firesheep fears to rest. What was that? The only person really concerned about this was me? Oh… well, in that case… um… never mind, I guess.

UPDATED November 4, 2010: Updated the paragraph about this blog to correct an incorrect assumption about only WordPress.com blogs being affected.
Gadgets, GPF, Technology, Webcomics
Why there isn’t (and likely never will be) a GPF iPhone app
November 30th, 2009 (2 years, 2 months ago) by Jeff | Permalink | 3 Core Dumps

There’s an interesting trend in webcomics for a push onto mobile devices. I think it started with Clickwheel.com (which apparently no longer exists, hence no link), which tried to bring comics to the iPod by encoding them as short video files syndicated like a podcast. I thought this was an interesting idea, and I was even offered an opportunity to get into it on the ground flood, right when it started. However, I had a number of technical and rights management questions about the service and dragged my feet, eventually losing out on the deal and never following up on it. Given that the domain is now owned by a Norwegian ISP that apparently serves up malware, I’d say apathy may have been the right choice.

Nowadays the hot new distribution medium is to put an app on the (seemingly) ubiquitous iPhone (or its GSM-crippled sibling, the iPod Touch). Keenspot was the first place I remember seeing webcomic iPhone apps showing up, although I can’t say for certain that they started the trend. Since then, I’ve seen iPhone apps for various comics popping up here and there. The one I’ve been watching the closest has been Howard Tayler’s Schlock Mercenary (since Howard and I follow each other on Twitter and Facebook). It’s a curious trend to be certain, and it certainly has an element of “hipness” to it. After all, the iPhone is the “it” mobile device these days. And one thing every webcartoonist wants is more eyeballs reading their comics. Certainly it makes sense to go where those eyeballs are, to reach as many potential readers as possible.

Then a thought occurred to me: No one has really asked me why there’s no GPF iPhone app. Certainly it’s a valid question, and I’m even more surprised it hasn’t been brought up yet. I know a number of you out there use iPhones, as I’ve read your comments and seen your screen shots of the GPF site in the past. So I thought about this for a while and came up with a list of reasons why we don’t have an app, then decided to document those reasons here so I can point folks to one place so I won’t have to repeat myself. I thought about putting this in the GPF News, but since it’s more of an opinion piece than a news item, it probably belongs here instead. (There will probably be links from the FAQ eventually, if nothing else.)

The primary reason there is no dedicated GPF app for the iPhone will surely come as a shock to those out there who can’t get enough of their favorite beloved Apple device. I’ve never been one for great diplomacy or delicacy, so I’m afraid I can only be my blunt, bullish, blundering self. I really hate to say this, but it has to be said:

The iPhone isn’t the last word in mobile computing.

Now, before the fan boys start picking up your torches and pitchforks, let me elaborate. I have nothing against the iPhone. In fact, at one point, I seriously considered getting one. The GPF Year Nine story “iDilemma” is actually semi-autobiographical. (GPF Premium subscribers should check out the Author’s Notes for that story to see how it diverges from real life.) In the end, it all boiled down to economics, just as it did for Nick and Ki; it was less expensive for me to buy my current Treo 700p without subsidy than for me to break my contract with my current carrier, switch to AT&T, buy the iPhone plus another phone for my wife, and so on. While I passed on the device itself, several of my coworkers at my day job have iPhones, so I can pretty much get access to one to play with any time I wish. Thus I’m familiar enough with how it works and all the whiz-bang spiffiness it purports to have. I know a thing or two about what it does right, what it does wrong, and how it’s revolutionized the mobile computing or “smartphone” industry.

That said, the iPhone’s 30+ million units pales in comparison to the number of BlackBerry devices in circulation. The iPhone represents one device, one platform, on one network. BlackBerries are available in many form factors from almost every wireless carrier. On top of that, Android is a rapidly-growing platform; while it hasn’t yet matched the numbers of the iPhone, like the BlackBerry it comes in many flavors from many manufacturers and can be found on almost every network. It won’t be long before Android phones overtake iPhones in number by mere aggregation of disparate devices. And while some folks dismiss Palm as a has-been in the market, the Pre and the Pixi are selling modestly and may represent a comeback for the company. (Don’t forget the many of us who, ahem, still use good ol’ Palm OS, myself included, despite its age.) No matter how much we’d all wish it just went away, Windows Mobile still exists and people are still suckered into buying phones with it installed. And all of this ignores the biggest player of all in the field: Symbian, which runs about half of all mobile phones in the world.

Right there, I’ve listed off seven mobile platforms, including the iPhone. To pick one would severely limit the potential to reach new customers. To pick one with such a small market share (~14% as of Q2 2009) would be even more limiting. If my goal were to reach as many eyeballs as possible, why would I focus on one tiny segment of the market, simply because it’s the one everyone is talking about at the moment? After all, everyone might be talking about something else in a couple months.

Of course, this plethora of platforms opens up another can of worms. My goal with GPF has always been to be as accessible as possible to as many people as possible. Although the comic is (currently) confined to the English speaking world, it is available to just about anyone with a Web browser. I carefully designed the site to be as cross-browser compatible as possible, sometimes even sticking with older technologies longer than I should so the site will keep working in older browsers. If nothing else, it degrades gracefully and is still functional if you don’t have something top of the line. For that matter, thanks t0 our Oh No Robot transcriptions, you can even read 95+% of the archives with a text browser! That also means screen readers for the visually impaired can be used to enjoy the strip. It’s not ideal, of course, but it’s functional, and it’s helped us garner fans in ways you might not expect.

So if I’m not going limit myself by building a specialized app for one mobile platform, does that mean I’m going to end up making applications for all mobile platforms? No, that too is an exercise in futility. Every mobile platform has its own SDK with its own quirks. The iPhone and webOS use HTML/CSS/JavaScript, Android uses its own version of Java, and BlackBerry, Palm OS, Symbian, and everything else requires specialized cross-compilers and development environments. No, developing for individual platforms isn’t the answer. It just turns everything into a development and maintenance nightmare, one that is ridiculously expensive from a financial, time, and resource perspective. What I need is something that works everywhere, regardless of platform, using resources common to all devices out there.

And the answer, my friend, is the same as it is the desktop: the Web browser.

What piece of software do all the nifty little gadgets listed above have in common? A Web browser, of course. Some make it the core of everything the device does, like in webOS and to some extent the iPhone. To others, it’s just another app available among many. But even the most rudimentary phones have simple browsers these days, enough to grab small snippets of HTML and display it competently. Even my Treo, which most iPhone users would likely scoff at, allows me to do the odd bit of online banking, news reading, and forum checking. While no single mobile platform is ubiquitous, the Web browser itself comes alarmingly close.

So I’m happy to announce the creation of GPF Mobile, the official mobile-optimized version of the GPF site. There’s nothing special to learn or type in; just visit the main GPF site at the usual URL and it will detect your mobile device and bounce it to the mobile site seamlessly. With the exception of one or two multimedia-rich updates, you can read the entire comic archive, browse the News archive, read the forum, or search the wiki. If you are a Premium subscriber, you can do all of this ad free, as well as get mobile access to the Jeff’s Sketchbook and Rumor Mill archives. The entire mobile site is specially optimized to minimize clutter and trim bandwidth, so it loads fast and doesn’t break your data plan. But if you have a smartphone with a bit more horsepower and a fatter pipe, switching to the “full” site is as simple as a few extra clicks. Just use our site to set a cookie (and you choose its duration) and have access to the full size for as long as you choose. I’ve been using the mobile site myself for months now, especially to keep track of the forum while I’m on the road, and it’s been beta-tested by a number of hand-picked Faulties. It’s not necessarily pretty (in fact, it’s downright Spartan), but it does let you get your GPF fix on the go.

Best of all, it works with BlackBerries, Android, webOS, Palm OS, Symbian, Windows Mobile, and… yes, folks, wait for it… the iPhone. I guarantee that bookmark will take up less valuable storage space than some bloated, unnecessary “app”.
GPF, Recycle Bin, Short Stories, Webcomics, Writing
No Writing post this week
August 24th, 2009 (2 years, 5 months ago) by Jeff | Permalink | Dump Core

What, no new Recycle Bin or short story this week? Well, truth be told all my varied multitasking has caught up with me and I haven’t had time to devote to writing up a new post or reformatting old content. So no new creative writing content this week. For lack of anything better to do, you can always check out my appearance on FLOSS Weekly, where you can download the audio podcast or watch the captured live video stream. Lots of fun webcomics-meta stuff, as well as video footage of me making an idiot of myself in front of Leo Laporte.

That said, I’m not sure how motivated I am to continue posting these items. The original idea was to renew interest in this blog by providing regular new content. To that end, the idea has been largely unsuccessful. The blog hasn’t seen any significant new traffic and nobody’s posting any comments, positive or negative. With no apparently feedback, either numerically or verbally, I don’t feel a whole lot of motivation to add anything else new. The only other catalyst for adding this content was to give me an outlet for non-GPF creative works, which is an itch that’s been scratched sufficiently enough that it’s no longer strong motivation.

If you’ve been enjoying the short stories and Recycle Bin entries—or even if you haven’t—please drop me a line, either here in the comments or via the other usual channels (e-mail, Twitter, the GPF Forum, etc.). If I hear enough positive reinforcement, I’ll probably be motivated to continue them. If I get mostly negative feedback (or none at all), I’ll probably end it here and not bother with anything else.
GPF, Miscellaneous
Blog Server Upgraded
June 13th, 2009 (2 years, 7 months ago) by Jeff | Permalink | Dump Core

It case you missed yesterday’s tweets, the jeffdarlington.com server has been successfully upgraded both to Fedora 11 and WordPress 2.8. The GPF server is next, although I haven’t started that effort and it’s bound to take longer. I’ll make a bigger deal about the downtime for GPF when that upgrade draws closer.

Let me know if you encounter any problems with the new site.
GPF, Miscellaneous
Upcoming Server Maintenance
June 10th, 2009 (2 years, 8 months ago) by Jeff | Permalink | Dump Core

Just a quick heads-up to anyone who cares, but I’m in the process of upgrading the blog server’s operating system from the creaking and decrepit Fedora 6 to the shiny new Fedora 11. I’m doing most of this work on a totally different virtual server, which I’ll then backup and overwrite this virtual server with the new image once its ready to go live. In theory, there should be only a minimum of downtime when the actual overwrite occurs. However, I’ll probably end up closing comments and such temporarily right before the flash to make sure the database stays in sync. I don’t have a time frame for when the actual flash will occur, but it should be in the next few days.

As an even more advanced warning, GPF will be getting the same upgrade (only from Fedora 8 ) once the blog server is stable. The blog comes first because (1) it’s running on the older OS and thus theoretically more vulnerable due to its venerable age and (2) it will serve as a test bed to make sure the upgrade process moves relatively smoothly. I tend to be much riskier with the blog server because it’s less important to my livelihood, so it gets to be the guinea pig for these sorts of experiments.
Internet, Technology
set_bugs = 0;
February 10th, 2009 (2 years, 12 months ago) by Jeff | Permalink | Dump Core

This week an couple errors were reported in the custom CMS application I built at work a couple years ago. I haven’t touched this code in at least a year, so it took me bit to swap some mental virtual memory and recall how everything worked. I’m not sure if these “bugs” were something new that had manifested themselves after a recent platform upgrade or design flaws that had been there since the beginning only to be recently noticed. None of that really matters for the sake of this post, however. Suffice it to say there were two problems, one of which was likely to be entirely my fault but relatively easy to fix with a little bit of C# hacking.

The other problem was a bit obscure. The application is built in ASP.NET 2.0 and written entirely in C#. It also makes use of Microsoft‘s AJAX Toolkit for ASP.NET to “pretty up” some of the interface interactions. Unfortunately, one particular user began to experience problems with the system recently. Since she’s the project manager, needless to say the problem was escalated to top priority with little to no delay. To make things more difficult, the problem was especially cryptic. In true Microsoft fashion, the pop-up JavaScript error dialog offered little to no useful information:

Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 500

Google, of course, is my friend and found no shortage of pages where this turned up. The odd thing was that none of the purported causes for the error were anything that I was using.

After much searching, I finally happened upon this site. It seems Ted Jardine hit the same problem I did. He had narrowed it down to something to do with the .NET session, which he wasn’t really using but I was using extensively. What I found most interesting was his solution:

So, based on one of the comments in one of the above posts, even though I’m not touching session on one of the problem pages, I tried a hack in one of the problem page’s Page_Load:

Session["FixAJAXSysBug"] = true;

And lo and behold, we’re good to go!

I followed the various links he provided—as well as Googling for “FixAJAXSysBug” itself—and found lots more anecdotal evidence to support its usefulness. I applied this “fix” to the common header of the application to make sure it took affect everywhere and, so far, all reports seem to indicate its success.

Needless to say, I was instantly reminded of this GPF strip from the crossover with Help Desk. I can’t remember now if that joke was my idea or Chris Wright’s. It doesn’t matter now, really… it audacity is as brilliant now as it was eight years ago. The idea of setting a simple Boolean flag to “turn off bugs” is something I will always find hilarious.

Now if only all Microsoft bugs were so easy to fix….
GPF
So, my characters are now getting real world mail…
February 4th, 2009 (3 years ago) by Jeff | Permalink | 1 Core Dump

It’s not uncommon for me to occasionally receive… interesting mail in the GPF snail-mailbox. Most of what I receive tends to be business credit card offers. (GPF currently has no form of debt, and personally I’d like to keep it that way.) During the December holidays, I usually receive a handful of Christmas cards from fans. And on rare occasions, I receive pamphlets and flies for various technical conferences, such as the one you see below, which arrived this past weekend:

What makes this one noteworthy is who it’s addressed to:

As soon as I read the address label, I couldn’t help but laugh out loud. This is the first instance that I can remember where one of my characters actually received physical mail. I hate to break it to them, but I doubt Nick will be able to make it. He’s also not the president of GPF Software; Dwayne might have a thing or two to say about that.
GPF, Hardware, Internet, Personal, Technology
When it rains, it pours…
January 20th, 2009 (3 years ago) by Jeff | Permalink | Dump Core

Here’s a clarification of my recent Tweet about Diana. Sometime over the weekend Diana, our primary Linux box that serves as the backbone of our home network (DNS, file server, internal Web server, SSH gateway, SVN repository server, etc.), gave up the ghost. I only discovered this yesterday evening, so I haven’t had much time to diagnose the problem. It’s almost certainly a hardware issue. I’m thinking it’s the power supply or the motherboard, as when I try to power her up, nothing happens. The power light comes on, I can watch the CPU fan twitch like it wants to start spinning, but otherwise nothing else visible occurs. No output makes its way to the monitor so there are no error messages to follow.

At this point, I’m not sure of the status of the hard drives. My hope is that they’re fine; the obvious problem appears to be occurring before they even start to spin, as if they’re not getting any power (and that’s why I suspect it’s a power supply issue). The good news is that Demeter, her predecessor, has been sitting idle and collecting dust and has since been rapidly pressed back into service. I should be able to slip Diana’s disks into Demeter, check their integrity, and hopefully recover the data. That’s the core thing right now, getting the data off; hardware is replaceable, data is not. The only hitch is that Demeter is old enough that I’m not sure her BIOS will read Diana’s larger disks. Demeter’s current HD is already larger than her BIOS supports, though, and Linux seems to work fine in this situation, so I’m hoping that won’t be a problem. A worst-case scenario might be to throw a live Linux distro into Athena, our current “alpha” Windows XP desktop, and try to grab the data that way. (Diana’s disks are in ext3, which obviously Windows can’t read.) Both Demeter and Diana have EIDE drives while Athena uses SATA, but I’m almost certain Athena also has legacy EIDE on the motherboard somewhere; if not, I’m hosed there.

Why might this be a concern to you? Well, for one thing, Diana was one of several redundant backup locations for storing my my high-resolution original strips. Fortunately, everything from Year Nine and back has already been backed up to multiple DVDs stored in multiple physical locations, while Year Ten’s files are stored across three redundant drives (two in separate physical machines and one external USB drive). More importantly, Diana was my SVN repository server, housing all the source code for the GPF site. I have working copies of that repository in multiple locations so I’m not hurting there, but with the repository down I’m stuck manually keeping those working copies in sync. The biggest problem that may affect you guys is the humongous time sink this will be for me to repair/replace Diana and get all our internal mechanisms working again. With my day job, two hours of commute, and toddler patrol vying for my time, my comic production schedule is severely squeezed as it is. This is probably going to impact that buffer I was forced to take a hiatus in December to reclaim as I wasn’t able to increase my production, just maintain the status quo.

For those of you who might care, I’ll post updates here when I can. More frequent cries of frustration will likely come through the Twitter feed. If the comic will be severely impacted, you’ll get something in the GPF News. So keep watching those RSS feeds.
Gadgets, Personal, Technology
Geeky Christmas Loot, Part Two
December 30th, 2008 (3 years, 1 month ago) by Jeff | Permalink | 1 Core Dump
Sorry again for the long dry spell. As hinted at in the latest GPF News post, things have been hectic in the Darlington household these past few months, with tons of minute issues slowly chipping away at the overall allotment of free time. The good news for GPF fans, though, is that I should have a good month’s worth of comics in the buffer when the comic restarts on January 5th, and with the holidays behind us I should be able to concentrate more on getting things done and on time.

In the tradition of last year’s “Christmas loot” post, I thought I’d post some of the awesome things I received as gifts this year. I know some people might look at this as a bit of bragging—and I can see how it can be read that way—but it’s really not. It’s an honest, geeky desire to share some of the exciting things my friends and family blessed me with out of love and happiness. If you want to read bragging into this, well, that’s your choice and you’re free to ignore this post. Otherwise, let me squeal with geeky glee as I delineate some of the cool things I was blessed to receive from people I love.

I’ll start off with a note to the folks: I know some of my family reads this blog, so don’t be offended if I didn’t mention something in particular that you got me. It’s not that it wasn’t memorable or that I didn’t like it; it’s because you know I have the memory of a sieve and I didn’t take copious notes after each present was opened. Since I’m composing this away from where the presents are stashed, I’m doing everything from memory. I also spent most of my time during the present opening ceremonies assembling and subsequently helping Ben play with his new toys, so there were lots of interruptions. So here’s my apologies in advance and don’t forget that blog posts can thankfully be edited.

My favorite gift, by far, is the one given to me by my wife. (Well, she signed Ben’s name on the tag, but I know he has neither the budget nor expertise to have picked it out himself. Just remember that if you read this years later, my son.) She got me a Nikon D60 digital SLR camera. As I previously Tweeted, “It’s like giving a 16-year-old with a beat-up ’85 Civic the keys to a sports car.” 10.2 megapixels, “real” lenses, tons of preset and manual options… it may technically be a “prosumer” or low-end professional camera, but it’s definitely the best I’ve ever had.

I’ve always wanted to learn more about photography, but have had neither the time nor capital to really invest in more than casual picture taking. We’ve had a succession of digital cameras over the years, all of which have served us very well (the Shows & Cons subsite is loaded with the results). However, they’ve all been relatively cheap, low-end models geared for amateur consumers. Our previous family camera was a nice little Olympus that only topped out at three megapixels and still used SmartMedia cards. Do you have any idea how hard those things are to find these days? While still functional, it was definitely showing its age. However, like many consumer cameras, it did all the automagic focus and lighting settings, making it a simple point-and-shoot device. This new Nikon can do point-and-shoot well, but it has enough manual options to make it a good learning platform for a curious amateur to graduate to a serious hobbyist. Now my biggest problem is finding time to actually play with it….

As an ironic side note, as I mentioned in the previous “Christmas loot” post, my wife’s birthday is also in December, and guess what I got her? That’s right, a new camera. Her’s is admittedly not as nice, but it is exactly what she wanted: a small little point-and-shooter that she can tuck away in her purse for those spur-of-the-moment photo ops where lugging the old Olympus around (and, for that matter, my new Nikon) would be inconvenient. As she so succinctly put it, “Who knew we were going to have such a photogenic holiday?”

Other items of note:
- My sister made me a wonderful GPF quilt/wall-hanging with members of the cast. It’s technically incomplete because I’m supposed to sign my name to the old GPF logo in the center with a white paint pen, and I haven’t gotten around to doing that yet. Here’s a picture:
My sister's GPF quilt/wall-hanging
- A nice commemorative Star Trek watch from my parents.
- Several classic Tom Baker Doctor Who episodes on DVD. Surprisingly, nobody got me the fourth series of the Russell T. Davies/David Tennant series. That’s nothing that a quick trip to Amazon can’t fix, of course.
- Several other movies on DVD. (I knew I should have kept notes.)
- A pair of new Wii remotes and Wii Wheels from my parents and in-laws, respectively. Now we no longer have to borrow my nephew’s “Wiimotes” whenever friends come over to visit. (Not to self: Make new friends. Appendium to previous note: That means “befriend more geographically convenient humans” rather than “construct new ‘friends’ from random inanimate objects”.)
- Several new Wii games. (Again… must… take… notes….)
- The DC Vault: A Museum in a Box and a hardcover copy of The Watchmen from my sister-in-law and her husband.
- The prerequisite jeans, sweaters, after shave, etc. They may not be as exciting, of course, but they’re always appreciated.
So, what did Santa leave in your stocking this year?
GPF
A decade of GPF
November 3rd, 2008 (3 years, 3 months ago) by Jeff | Permalink | 1 Core Dump

On the off-chance you haven’t read today’s GPF, you might want to. In it, Nick discovers that he has absent-mindedly forgotten that it’s his ten year service anniversary. The topic, if you hadn’t guessed, isn’t coincidental.

Yesterday, November 2nd, was the tenth anniversary of GPF. I would have posted something about it, but yesterday was a pretty busy day that kept me away from the computer most of the day. I also meant to have a GPF News item up for today but, well… you get the idea.

I… don’t know what to say about it. If you had asked me ten years ago if I expected to be doing GPF a decade later, I honestly don’t know what I would have said. I probably would have been so heavily distracted by work, a fledgling marriage, and similar things that I wouldn’t have guessed that my little comic had that much staying power. I did know it had the potential to last; I’ve long told the tale that I had over a year’s worth of material written up before the comic went online, and that after expansion and further development that initial year was stretched out to two and a half years. I had honestly thought—although I definitely hoped it wouldn’t be so and never publicly admitted this—that I would completely run out of material by the end of Surreptitious Machinations. That obviously wasn’t the case. I thought the same thing about To Thine Own Self… and the comic just kept on going. Whether it’s because GPF is so flexible and well written that it endures change, or I’m so stubborn and hard-headed that inherently refuse to give up, I’ll let you decide.

I suppose that if I sat and gazed into my navel long enough, I could come up with all sorts of philosophical musings and misty-eyed nostalgia. I’m, um, a little too busy for that, I’m afraid. So for now there’s just a slightly fancier title graphic on the main page, and that’s about it. If I can come up with anything more celebratory, I’ll make sure to post about it, either here or in the News. If you’d like to post something celebratory or nostalgic, there’s already an anniversary thread on the GPF forum and, of course, comments attached to this post.

« Previous Entries

The Archives

GPF, Internet, Security, Technology

Firesheep, GPF, and Neural Core Dump

Gadgets, GPF, Technology, Webcomics

Why there isn’t (and likely never will be) a GPF iPhone app

GPF, Recycle Bin, Short Stories, Webcomics, Writing

No Writing post this week

GPF, Miscellaneous

Blog Server Upgraded

GPF, Miscellaneous

Upcoming Server Maintenance

Internet, Technology

set_bugs = 0;

GPF

So, my characters are now getting real world mail…

GPF, Hardware, Internet, Personal, Technology

When it rains, it pours…

Gadgets, Personal, Technology

Geeky Christmas Loot, Part Two

GPF

A decade of GPF

About

Search

Capitalism

Recent

Tag Cloud

Pages

Linked List

Meta

Feed Me

Archives

Categories

License