Planet HantsLUG

Syndicate content
Planet HantsLUG - http://hantslug.org.uk/planet/
Updated: 35 min 25 sec ago

Andy Smith: Yearly (Linux) photo management quandary

Wed, 01/01/2014 - 14:19

Here we are again, another year, another dissatisfying look at what options I have for local photo management.

Here’s what I do now:

  • Photos from our cameras and my phone are imported using F-Spot on my desktop computer in the office, to a directory tree that resides over NFS on a fileserver, where they will be backed up.
  • Tagging etc. happens on the desktop computer.
  • For quick viewing of a few images, if I know the date they were taken on, I can find them in the directory structure because it goes like Photos/2014/01/01/blah.jpg. The NFS mount is available on every computer in the house that can do NFS (e.g. laptops).
  • For more involved viewing that will require searching by tag or other metadata, i.e. that has to be done in F-Spot, I have to do it on the desktop computer in the office, because that is the only place that has the F-Spot database. So I either do it there, or I have to run F-Spot over X11 forwarding on another machine (slow and clunky!).

The question is how to improve that experience?

I can’t run F-Spot on multiple computers because it stores its SQLite database locally and even if the database file were synced between hosts or kept on the fileserver it would still need the exact same version of F-Spot on every machine, which is not feasible — my laptop and desktop already run different releases of Ubuntu and I want to continue being able to do that.

It would be nice to be able to import photos from any machine but I can cope with it having to be done from the desktop alone. What isn’t acceptable is only being able to view them from the desktop as well. And when I say view I mean be able to search by tags and metadata, not just navigate a directory tree.

It sounds like a web application is needed, to enforce the single point of truth for tags and metadata. Are there actually any good ones that you can install yourself though? I’ve used Gallery before and was never really satisfied with ease of use or presentation.

Your-Photos-As-A-Service providers like Flickr and even to some extent Google+ and Facebook have quite nice interfaces, but I worry about spending many hours adding tags and metadata, not bothering to back it all up, and then one day the service shuts down or changes in ways I don’t like.

I’m normally quite good about backing things up but the key to backups is to make them easy and automatic. From what I can see these service providers either don’t provide a backup facility or else it’s quite inconvenient, e.g. click a bunch of times, get a zip file of everything. Ain’t nobody got time for that, as a great philosopher once wrote.

So.. yeah.. What do you do about it?

Categories: LUG Community Blogs

Tony Whitmore: Another year over, a new one just begun

Mon, 30/12/2013 - 20:30

That’s right, it’s my end of year round up! I am running the risk that nothing significant or amazing will happen to me in the next 24 hours, I know. I’ve trawled through tweets and blogs and reminded myself of the fantastic, crazy things that have happened this year. Here are just some of them, in no particular order.

  • An amazing year of wedding photography. Lots of lovely clients, so many different styles of wedding. Thank you to each and every one of you for asking me to be your wedding photographer.
  • Started my Malawi Mission to help improve healthcare in the UK and Africa. Thank you so much to everyone who has supported me so far. You can still donate to it here: http://uk.virginmoneygiving.com/tonywhitmore
  • A year of celebratory screenings of Doctor Who stories at the BFI in London. As well as the screenings and the panels, it was great to hang out with fellow fans who have now become friends.
  • Helped make an awesome OggCamp happen. This year’s was the biggest and I think the best. So many cool people doing cool things, it was a pleasure to be part of it.
  • The Project Motormouth convention. I had my photo taken with four Doctors!
  • Another glorious season of the Ubuntu Podcast. The live shows continue to be good fun to do and the weekly episodes seem to have gone down well. I can’t believe Alan and I have been doing it for six years.
  • The Sam Shaw Appeal. So many people helped raise an enormous amount of money to get Sam treatment in the US that gives him an increased chance of beating his neuroblastoma. Thank you so much to every one who has contributed.
  • Interviewing lots of lovely people for The Doctor Who Podcast at Big Finish Day 3, and being a guest presenter on two episodes.
  • Being inducted into the legendary Photography Farm, and meeting a great group of fellow photographers. And I got to second shoot for Shell de Mar and Neil Thomas Douglas as a result.
  • Seeing lots of live theatre performances including the Reduced Shakespeare Company, Richard Herring, Mark Thomas, the 39 Steps, I’m Sorry I Haven’t a Clue, and Toby Hadoke.
  • Having some of my photographs included on an official BBC DVD documentary about David Burton, the Doctor Who Never Was. And having more photographs published in Doctor Who Magazine.
  • Visiting the the magical island of Spetses for Stuart and Zoe’s wedding.
  • Celebrating my birthday. I know it happens every year, but this year I actually celebrated it. With other people. It was fun.
  • Having an entire month full of Doctor Who anniversary celebrations: “An Adventure in Space and Time“, “The Day of the Doctor” in 3D with the people who made it, and the official Celebration. (And saw 9 new episodes of Doctor Who from the 1960s!)

There are some things I’ve done this year that have been really, really special. But I just can’t tell you about them. Sorry! They really were among the highlights of my year though.

I’ve got a feeling that 2014 will be very special too. Have a great new year….

Pin It
Categories: LUG Community Blogs

Laura Cowen: MOHOP sandals: A Kickstarter project I’ve backed

Mon, 30/12/2013 - 19:40

Every Summer, I wish for a pair of sandals that are comfortable but have some style so that they can feel a bit smart as well as casual. And I’m rubbish at finding them – I don’t really like shoe-shopping at all, which doesn’t help. Enter MOHOP sandals.

I was browsing Kickstarter projects over Christmas and came across the MOHOP sandals project. Basically, you get a pair of sandal bases, some ribbon, and some design cards. You then thread the ribbons on the bases according to the design cards (or your imagination). The bases are flexible with wooden heels and are suitable for vegans and people with a range of other ethical shopping goals (inc, if you’re from the US, made in the US).

(Although the bases shown have high heels, they’re also available as flats or different heights of heel.)

They’ve apparently been going for some time (at mohop.com and on Etsy) but were struggling to meet demand. They’re taking the Kickstarter route to fund expanding their production capabilities (inc creating local jobs).

I think the sandals are a great idea. They’re fun to look at, comfy to wear (according to the reviews), and infinitely re-designable, which appeals to my crafty side. You can thread decorations on to the ribbon or replace the ribbons completely with strips of sari, shoelaces, or anything else that occurs to you.

At the moment, the cheapest pair is $45 for a pair of flats (though there are lower-cost ‘perks’ available if you just want to contribute without buying any shoes). I’ve gone for the $100 ones that have low heels. They’re looking for $50,000 of funding by the 25th January so that they can open their new production place. They’ve got some way to go yet so if you like the look of them, consider supporting this cool idea!

Here’s their video about manufacturing their shoes:

The post MOHOP sandals: A Kickstarter project I’ve backed appeared first on LauraCowen.co.uk.

Categories: LUG Community Blogs

Steve Kemp: A good week?

Sun, 29/12/2013 - 15:59

This week my small collection of sysadmin tools received a lot of attention; I've no idea what triggered it, but it ended up on the front-page of github as a "trending repository".

Otherwise I've recently spent some time "playing about" with some security stuff. My first recent report wasn't deemed worthy of a security update, but it was still a fun one. From the package description rush is described as:

GNU Rush is a restricted shell designed for sites providing only limited access to resources for remote users. The main binary executable is configurable as a user login shell, intended for users that only are allowed remote login to the system at hand.

As the description says this is primarily intended for use by remote users, but if it is installed locally you can read "any file" on the local system.

How? Well the program is setuid(root) and allows you to specify an arbitrary configuration file as input. The very very first thing I tried to do with this program was feed it an invalid and unreadable-to-me configuration file.

Helpfully there is a debugging option you can add --lint to help you setup the software. Using it is as simple as:

shelob ~ $ rush --lint /etc/shadow rush: Info: /etc/shadow:1: unknown statement: root:$6$zwJQWKVo$ofoV2xwfsff...Mxo/:15884:0:99999:7::: rush: Info: /etc/shadow:2: unknown statement: daemon:*:15884:0:99999:7::: rush: Info: /etc/shadow:3: unknown statement: bin:*:15884:0:99999:7::: rush: Info: /etc/shadow:4: unknown statement: sys:*:15884:0:99999:7::: ..

How nice?

The only mitigating factor here is that only the first token on the line is reported - In this case we've exposed /etc/shadow which doesn't contain whitespace for the interesting users, so it's enough to start cracking those password hashes.

If you maintain a setuid binary you must be trying things like this.

If you maintain a setuid binary you must be confident in the codebase.

People will be happy to stress-test, audit, examine, and help you - just ask.

Simple security issues like this are frankly embarassing.

Anyway that's enough: #733505 / CVE-2013-6889.

Categories: LUG Community Blogs