Author: Shelley Powers

Categories
Photography

A mixed sort of day

Today has been a mixed sort of day, with sparkling diamond bright highs, and lows that fall comfortably into those shadowed areas of disappointment that are, oddly enough, beautiful in their dark, somber way. I think this is my way of saying that today has been a rich day.

I took my car in for overdue work, including tire rotation and wheel alignment, not to mention various fluid and filter changes. Waiting across the street in the cafe of the local bookstore, lovely coffee drink in one hand, extremely readable book in the other, I had a call from the mechanic – was I aware that my two back tires were in very bad shape? Well, no, I wasn’t aware that my tires were shot, but I was aware that something was wrong with my car.

Unfortunately, the nature of my car is such that tires are a rather expensive proposition, two tires for it costing equivalent to four inexpensive ones in cars that don’t have the odd Focus frame (the price you pay for ergonomics and good gas mileage). However, when tires are bald, tires are bald; if it means costing my reserved photography funds to replace the tires, so be it.

My car would be another hour but I lost interest in reading my book so wandered the aisles, reading a page here, looking at a cover there. I also checked the computer book section and couldn’t find “Unix Power Tools” or “Essential Blogging” but I did find “Practical RDF” on the shelves, which surprised me because it was a general book store, and not likely to lure semantic web types in for a quick read and snatch of a relevant book. Not only was the book there, but it was placed prominently – even before I did my usual author tricks. (I’ve discussed these before, pulling the book out, putting into prominent place, making sure it’s gently placed face first to the potential buyer.)

I also had a chance to check out what would be a possible competitor for my new book, and was delighted – oh so delighted! – to see that the book was trite, confused, and basically a piece of shit. Contrary to what we may say, and all our noble sentiments, authors take huge delight when we find that a competitive book is crap. We visualize our own book beside it and think about how well it will compare, picturing in our mind how much more attractive it will be for the buyer. Of course, our competitor is most likely in their bookstore, looking at our book, smugly, gleeful at the piece of dung we’ve managed to squeeze between paper covers. Such is the nature of the book business.

On the way home, I managed to avoid the many pits and holes in the road that literally fill the pavement for 2 blocks not far from my house – all having opened up in the last week with the sudden cold, cold temperatures. Destroyer of Car has been joined by its family and it’s actually rather humorous to see cars move through this gauntlet of bad pavement, as if all the drivers have been suddenly inflicted with madness or inebriation. Every once in a while you hear a crunching metal sound and know that the holes have claimed another victim.

But not me, today, me with my shiny new tires.

On the way home, I thought about how to recover from the sudden damage to my finances, at least until the book advances start arriving. Since I have lost my photography budget for the next couple of months, I decided to post my Paypal button to this page and if anyone wants to see new photographs, they only need drop a dime…or two…into my account, enough to pay for another roll of film and development. In the meantime, I’ll make do with my digital camera and posting photos from my archives.

I thought this arrangement was quite workable, and when I got home, I decided to check my email and then post this note to the weblog and my Paypal button. But then I noticed an email from a magazine editor I had sent photos to a long time ago.

Hi, Shelley. I am the managing editor of ________ magazine. The editor and
I reviewed your submission “Reflections.” We loved your photos and are
interested in using them in our August 2004 issue.

This from a magazine known for its photography.

No, I’m not sure if you do know what these words meant to me. I’m not sure I even know myself. Let’s say that there have been few moments in my life as significant to me as reading these few words.

But then I read the rest:

If you could provide slides of the images and a description of their location, we will negotiate a price for your work.

These were photos from my digital camera that I had sent to several publishers before finding out that my camera does not do images at a resolution publishers need. It’s the reason I am using my film cameras now. The magazine won’t be able to use these images, after all.

There’s that high thing. And there’s that low thing.

I’ll think about how I’ll respond to the email this weekend. Craft it carefully so that the publisher understands and hopefully will consider using some of my new photographs in a future publication. And I’ll keep taking pictures and developing the slides and eventually replace the digital ones with ones that publishers can use. Because now I know they’ll want to use them.

Categories
Environment Political

Bet you can’t eat just one

For decades, government policies have allowed large amounts of underbrush and small trees to collect at the base of our forests. The motivations of this approach were good. But our failure to maintain the forests has had dangerous consequences and devastating consequences. The uncontrolled growth, left by years of neglect, chokes off nutrients from trees and provides a breeding ground for insects and disease.

The new law directs courts to consider the long-term risks that could result if thinning projects are delayed. And that’s an important reform, and I want to thank you all for that. It places reasonable time limits on litigation after the public has had an opportunity to comment and a decision has been made. You see, no longer will essential forest health projects be delayed by lawsuits that drag on year after year after year.

(From President Bush Signs Healthy Forest Restoration Act into Law)

Despite the Bush administration’s disingenuous rhetoric about ‘thinning underbrush,’ the Forest Service really focuses the vast majority of its projects on the removal of economically valuable mature and old-growth trees. The sale of such timber pads the agency’s budget, creating a bureaucratic incentive for mismanagement.

The problem with this is that while the removal of mature trees severely degrades wildlife habitat, such logging also increases the risk of severe fires by reducing the forest canopy, creating hotter, drier conditions on the ground. Also, the increased sunlight reaching the forest floor causes more rapid growth of flammable brush and shrubs.

Essentially, the Forest Service is removing the largest, most fire-resistant structural elements of the forest-the large trees with their thick bark-and leaving behind the smallest, most flammable material.

A century of intense logging in National Forests has not prevented severe fire conditions: it has created them.

(Chad Hanson Director of the John Muir Project, and national director of the Sierra Club.)

forest204.jpg

Report from a Forest Logged by
the Weyerhaeuser Company

Three square miles clear-cut.
Now only the facts matter:
The heaps of gray-splintered rubble,
The churned-up duff, the roots, the bulldozed slash,
The silence,

And beyond the ninth hummock
(All of them pitched sideways like wrecked houses)
A creek still running somewhere, bridged and dammed
By cracked branches.
No birdsong. Not one note.

And this is April, a sunlit morning.
Nothing but facts. Wedges like half-moons
Fallen where saws cut over and under them
Bear ninety or more rings.
A trillium gapes at so much light

Among the living: a bent huckleberry,
A patch of salal, a wasp,
And now, making a mistake about me,
Two brown-and-black butterflies landing
For a moment on my boot.

Among the dead: thousands of fir seedlings
A foot high, planted ten feet apart,
Parched brown for lack of the usual free rain,
Two buckshot beer cans, and overhead,
A vulture big as an eagle.

Selective logging, they say, we’ll take three miles,
It’s good for the bears and deer, they say,
More brush and berries sooner or later,
We’re thinking about the future-if you’re in it
With us, they say. It’s a comfort to say

Like Dividend or Forest Management or Keep Out.

They’ve managed this to a fare-thee-well.

David Wagoner

(Thanks to Loren for poem.)

Categories
Weblogging

Stepping stones to a safer blog

Recovered from the Wayback Machine.

In the last few weeks, I’ve been hit not only by comment spammers but a new player who doesn’t seem to like our party: the crapflooders, people who use automated applications (you may have heard of the program called “MTFlood” or some variation) to literally flood comments or trackbacks. At one point I was hit with over 1000 comments in one of my posts; another time over 500 trackbacks. If you add in rebuilds and email, this can be a stress on the web server, not to mention annoying to clean up.

Several people have looked at this issue but two, Phil Ringnalda and Jacques Distler have provided code as well as technical expertise looking at the problem and deriving solutions for Movable Type users.

(Others also have code solutions, but I’m primarily familiar with Phil and Jacques’ work.)

One solution looked at was the use of a ‘nonce’ with forced Preview on comments, which should help hinder automated posting. The idea for this came from Sam Ruby, though Sam’s software does differ from the rest of us, who are Movable Type Users. A nonce is value, a random number or based on the machine clock, that is submitted in Preview mode, and verified when the form is submitted. It’s a good idea, works for Sam, and Phil took the idea and has been working with it. However, as he found out, this type of solution can be cracked, and means altering the nonce, which means changing the code. We, Phil, Jacques, and I, felt that a solution that would require lots of tweaks of the code on a fairly frequent basis would not be a viable solution to release to the non-tech MT users. So instead, we’re focusing on throttles.

(Note, if you are into tweaking code, check with Phil about his efforts. The code is not published online in order to impede the efforts of our interesting new challenges.)

Six Apart released one throttle with Movable Type 2.661. Unfortunately, though, it focuses on on IP address, and both the comment spammers and the crapflooders have gone beyond single IP addresses now. If you look at the MTFlood code (ironically enough, the code used to create the crapflooder’s application is actually open source) you’ll see that the system uses a series of calls to proxies to get proxy IP addresses and uses these to alter the IP associated with each post. It’s very unlikely that IP-based solutions will be at all viable either now or in the foreseeable future.

Enter Jacques Distler who back in January released a patch for the Comments module in Movable Type that throttles comment flooding. How the throttle works is that if a threshold of comments is exceeded within a single hour, comments are shut down and an error is returned for any additional comment. In addition, there is a broader throttle in effect for a 24 hour period.

(He found that a value of 20 comments per hour, 100 per day seems to work for most folks. That’s the value we have used with the patch files you’ll be able to download later. Unless you’re one of the higher ranked political pundits, these values should be effective. They can also be changed in the code.)

When we were hit with Trackback crapflooding last week, Jacques also wrote a patch for Trackback crapflooding. It operates in the same manner as the comment throttle–only so many per hour, so many per day.

The benefit of this type of throttle is that your site cannot be overwhelmed with getting hit by over a hundreds of comments or trackback pings at a time. Again, when you add in the peripherial processing such as rebuilding and emailing, this can be a strain on the server.

Now, once the throttle is in effect, it is atomatically reset in either an hour or the next day, depending on which threshold you hit. Additionally, if you delete the bad comments or trackbacks, this resets the trap. Unfortunately, throttles act just as they sound–they throttle out of control action, but the don’t stop it completely. You can still get hit with up to 20 comments or trackbacks at a time. Though this is easier to take care of than hundreds it’s still not trivial within Movable Type. Enter the next aspect of this overall solution: Jay Allen’s Mt-Blacklist.

I’ve talked about MT-Blacklist before, and blacklisting in general. I don’t like blacklisting, and I never will. However, Jay also wrote a nice interface for managing removal of both comments and trackbacks, as well as a very nice utility that attaches a link to each email to delete the comment or trackback. In addition, a lot of people have been helped by the blacklisting action of MT-Blacklist, which has stopped our original friend, the comment spammer.

(The problem with blacklisting is passed around lists of blacklisted items, which can include legitimate URLs–such as fda.gov. There’s also concern about scaling some day if the list begins to number into the thousands.)

Note: 

Be aware that MT-Blacklist’s blacklisting functionality would not stop the comment or trackback crapflooder, who alternated real weblogs URLs with fake URLs made up of random word and letters. Blacklisting is based on combating comment spammers, who use real URLs to real sites, but not weblogs.

In addition, Bayesian filtering, which you may have heard about in connection to email spamming, won’t be effective either, because the comments themselves are built from random entries from various publications (or by stringing together unreleated words). Baysesian filtering is based on filters that learn from what is ‘good’ and what is ‘bad’ text, and adjust accordingly. There is little rhyme or reason to weblog commenting anyway, much less comment spam or comment flooding–weblogs by their vary nature generate esoteric conversation.

Another suggested approach with trackbacks is to follow the link associated with the ping to the originating site and see if it exists. However, during one of the trackback attacks initiated against me, another weblogger’s posts were used as the source of the ping. In fact, the attack against me was in actuality an attack against the other weblogger.

You actually don’t have to use the blacklisting component of mt-blacklist–you can just use the management aspect of the tool, which is what I am now doing. And for that, its help is priceless.

Between the two–crapflooder and spammer throttling and MT-Blacklist–you can at the least, keep your site from being overwhelmed by attacks not to mention clean up afterwards. And if you use blacklisting, you can eliminate some of even most comment spammer’s efforts. In fact it is the merge of several different people’s efforts that are now protecting this site, and which I will detail here.

The steps are:

  1. Upgrade to Movable Type 2.661. The reason for this is to add that IP throttling and the redirect if you want to deny Google access to the URLs of commenters. It’s also a good, common synching point for our efforts. If you’re concerned about the redirect operation, later on I’ll describe a plugin written by yet another contributor that will allow you to work around redirects.You can download MT 2.661 at Movable Type’s web site. In addition, find the documentation associated with this upgrade and follow it to upgrade your installation.
  2. Once upgraded to MT 2.661, install or upgrade to Allen’s MT-Blacklist v1.63 beta. I would hesitate to have you upgrade to a beta release, but it’s the only one that works with MT 2.661. If Jay has to change the impacted patched files, which I’ll provide later, I’ll provide updates to these and they’re very easy to install.Now, I did a fresh install of MT-Blacklist 1.63, and have had no problems using it. If you’re upgrading from MT-Blacklist 1.62, you’ll need to use the 1.63 beta upgrade package. Otherwise, use the fresh install. Jay has provided installation instruction for this, which should be trouble free. If you run into problems, check to see if Jay has provided a troubleshooting solution to your particular problem. You can also ask questions here.

    If you can’t run this application, later I provide patched versions of the code directly in 2.661.

  3. Once you’ve installed MT-Blacklist, you’ll need to download two files that have incorporated Jacques Distler’s throttle code. Once downloaded and unzipped, copy the two files–MTBlPing.pm and MTBlPost.pm–to Jay’s extended library location: /MTinstalldirectory/extlib/jayallen.Unless you want to change the throttle values–20 per hour, 100 per day–that’s it to add throttling. If you do want to change these values, open the files, search for the word ‘Throttle’, find the 20 and 100, and modify accordingly.
  4. Now, I don’t like the Movable Type 2.661 redirect, so what I’ve done is download and install David Raynes’ Optional-Redirect plugin. How do you install it? Copy the file, unzip it and drop it into the plugins directory of your MT installation: /MTinstallationdirectory/plugins/.(There is one code change associated with this plugin – commenting out a duplicate line. I created a temporary copy of this for download for those of you who are not comfortable hacking around with Perl code. )

    Also, as noted in comments associated with David’s post, if you use “spam_protect” in your individual comment template code, you’ll need to replace this with “show_email” instead. You could also alter the code, but I think the template change is a better option.

    (Note, though, that you only need to use this plugin if you don’t want redirects; adding it has nothing to do with the throttling code. There is an alternative method to protect your comments from Google and thus ’starve’ the comment spammers, which is detailed in three of Jacques’ posts: herehere, and here . However, using redirects and starving comment URLs won’t stop the crapflooders–they don’t care about Google.)

This seems like a lot of code and I would have liked to pull all this together into one installation package, but this violates both Movable Type’s and Jay Allen’s license restrictions. Still, if you have already installed some or all of these updates, your job should be that much easier.

Hopefully these steps should help you protect your site as well as add improved comment and trackback management. They don’t provide perfect protection, but they do provide control, and right now, comments and trackbacks are out of control.

In addition, unless you get many valid comments on older posts, I still recommend turning comments off on posts 30 days old or older (adjust time to your liking). I detail how to do this with SQL here. You can also use this to turn trackback off by changing the column to entry_allow_pings and set the value to zero (0).

These changes will not be compatible with Movable Type 3.0. When 3.0 releases, your options are: use whatever throttle and protections are included as part of that installation; just continue using the older version of Movable Type; or move to a different weblogging software package.

Until then, though, hopefully this will help. Holler if you have questions.

More discussions at Phil’s:
Throttling Down

How Open

Confidential to my Crapflooder

Comments is Comments

One Stop Hardening

Also, another fix for comment XHTML for 2.66 from Jacques.

Due to the fact that some people can’t run MT-Blacklist, you can also access a copy of Comments.pm and Trackback.pm from MT 2.661 that have had throttling added. Unzip and copy to the MTinstallationdirectory/lib/MT/App/ directory. Unfortunately, though, you won’t have the comment and trackback management that MT-Blacklist provide. However, with less than 20 comment spams at a time, you also won’t have the burden deleting 100’s of comment spams.

Categories
Photography Technology Weblogging

New perspective

With the help of some very good people, I have been able to re-enable both trackbacks and comments here at Burningbird. Not only this, but later today I will have full and detailed instructions how you can also achieve this better protected state, as well as some patch files that will merge code from several sources into a beautifully coordinated whole.

I would have liked to create one installation file with all you need, but this violates licenses, so patch code it is. However, instructions should hopefully make this as pain free as possible. In addition, I’ll also provide links for optional changes, as well as interesting discussions on crapflooders and comment spammers and other states of the Weblogging Disunion.

More later.

scan0304.jpg

Categories
Photography Places

Northwest green

Wouldn’t want the folks in the Northwest to feel left out. First of several Washington State photos to come over time, this of a tree on the road up Mount Rainier.

I read in another weblog recently a comment made by a young man about how President Bush’s environmental policy isn’t too bad – he just wants to ease up on it a bit, I believe he said.

Walk outside and take a deep breath. Fill your lungs to bursting until you hit those pockets at the bottom you never use. Unless all any of us smell and taste in the back of our throats is rain, sea, green, dust, dirt, rose, orange, nutmeg, or absolutely nothing at all, easing up ‘a bit’ is easing up a bit too much for me.

washstate.jpg