Activity Not Available

News

  Analyzed about 1 month ago based on code collected about 1 month ago.
 
Posted 6 months ago
Why we don’t use a CDN: A story about SPDY and SSL

All of our assets loaded via the CDN [to our client in Australia] in just under 5 seconds. It only took ~2.7s to get those same assets to our friends down under with SPDY. The performance ... [More] with no CDN blew the CDN performance out of the water. It is just no comparison. In our case, it really seems that the advantages of SPDY greatly outweigh that of a CDN when it comes to speed.

(tags: cdn spdy nginx performance web ssl tls optimization multiplexing tcp ops) [Less]
Posted 6 months ago
A World Transfixed by Screens – The Atlantic

Excellent “In Focus” this week — ‘The continued massive growth of connected mobile devices is shaping not only how we communicate with each other, but how we look, behave, and experience the world ... [More] around us. Smartphones and other handheld devices have become indispensable tools, appendages held at arm’s length to record a scene or to snap a selfie. Recent news photos show refugees fleeing war-torn regions holding up their phones as prized possessions to be saved, and relatives of victims lost to a disaster holding up their smartphones to show images of their loved ones to the press. Celebrity selfies, people alone in a crowd with their phones, events obscured by the very devices used to record that event, the brightly lit faces of those bent over their small screens, these are some of the scenes depicted below.’

(tags: mobile photography in-focus alan-taylor the-atlantic phones selfies pictures)

“Incremental Stream Processing using Computational Conflict-free Replicated Data Types” [paper]

‘Unlike existing alternatives, such as stream processing, that favor the execution of arbitrary application code, we want to capture much of the processing logic as a set of known operations over specialized Computational CRDTs, with particular semantics and invariants, such as min/max/average/median registers, accumulators, top-N sets, sorted sets/maps, and so on. Keeping state also allows the system to decrease the amount of propagated information. Preliminary results obtained in a single example show that Titan has an higher throughput when compared with state of the art stream processing systems.’

(tags: crdt distributed stream-processing replication titan papers) [Less]
Posted 6 months ago
You disgusting hypocrite

It should go without saying, but let’s say it anyway: I join the rest of the world in condemning the terrorist attack on the French magazine Charlie Hebdo.

I’m not familiar with the publication, and all I ... [More] know is what’s been reported in the media coverage of the attack.  I’m sure they’ve published offensive things, no doubt often for very good reasons.  Maybe sometimes also gratuitously so, which would be indefensible unless with an apology for poor judgement.  But even if they were completely wrong, nothing justifies gunning them down!

Here in Blighty we were treated to a clip of our beloved Prime Minister expressing sentiments with which we can all agree.  Alas, some of his fine words sit uneasily with his government’s less-than-fine actions.  What I found utterly jarring and what prompts me to comment were his words: “… and we stand squarely for free speech …“.

Ahem …

No you don’t: you have demonstrated that you stand squarely against free speech.  On your government’s watch, people have been imprisoned for having the wrong book, or for being an arse on twitter (the latter looks like a close analogy to the very Free Speech you claim to defend).  Your government shows no signs of rolling back Blair’s police state, but rather looks to extend it, and our culture has moved so far into totalitarianism that a supposedly-serious documentary programme this week on the BBC can be outraged by free speech where it exists elsewhere in the world!

OK, dragging some poor sod through our courts isn’t the same as gunning them down.  That more genteel and sophisticated option isn’t available to private individuals, so while the difference is real, it isn’t a simple case of civilisation vs barbarity.

What a hypocrite!

p.s. There’s another case been in the news recently.  Some footballer who’s been to prison, and whose attempts to return to work have been thwarted by a successful campaign of terror.  That is, real terror: it seems prospective employers have been scared off by credible threats of extreme violence.  Now that situation (of credible threats) is precisely where the State should have a legitimate interest in taking action against the culprit(s).  Will they?

[Less]
Posted 6 months ago
Next door to my office, a redevelopment project has been underway for years.

I wrote about this a little more than a year ago: Up comes the Respect.

Since then, things have (on the surface) been quiet.

But it turns out ... [More] , behind the scenes, things move along!

This month, an organization called the San Francisco Bay Conservation and Development Commission has been reviewing the proposed Alameda Boatworks development project.

Why?

Well, the project is on the waterfront, and the SFBDC cares about the waterfront:

When BCDC was established, only four miles of the Bay shoreline were open to public access. By drawing attention to the Bay, the Commission has played a major role in making the Bay and its shoreline a national recreational treasure. The Golden Gate National Recreational Area and numerous local, regional, and state parks and recreation areas have been established around the Bay since the Commission was established. The Commission has also approved thousands of new boat berths and has required that public access be provided along 65 miles of the shoreline as part of new waterfront projects. Now over 200 miles of the Bay shoreline are open to the public. So, what did they review?

Well, they reviewed the Alameda Boatworks project plan, and they reviewed the explanatory exhibits.

The project plan is interesting, in particular the section where they talk about the challenges of planning a brand-new waterfront project in the face of climate change and expected sea level rises.

But the exhibits are particularly enjoyable to read, beautiful artwork, design drawings, artist's projections of what the site will look like.

If you could see it now: bare dirt, chain link fences, rocks and dust.

I think I will much prefer the waterfront trails, benches and playgrounds, parks and trees.

Hopefully it won't be too many more years. [Less]
Posted 6 months ago
Security has always piqued my interest, ever since I first developed AppFuse and figured out how to make J2EE
security work back in 2004.
I hacked AppFuse to have Remember Me functionality,
then moved onto Acegi/Spring ... [More] Security. Spring Security
had the features I needed, even if it did require almost 100 lines of XML to configure it. These days, it's much
better and its JavaConfig - combined with Spring Boot - is pretty slick.

That was the first part of my security life. The second phase began the night I met Trish, and learned she sold
security products. She knew of OWASP and their top 10 rules. It was Trish that inspired me to write my Java Web Application
Security presentation. I really enjoyed writing that presentation, comparing Apache Shiro, Spring Security
and Java EE's security frameworks. I followed up the first time I presented it with a
number of blog posts and
screencasts. Hmmmm, maybe I should update the presentation/screencasts to use Java configuration only
(#NoXML) and submit it to a couple conferences this year? I digress.

I had to do a security-related spike over the last couple weeks. I was trying to get SAML authentication working with
Okta and my client's Active Directory server. Luckily, someone setup the AD
integration so all I had to do was try a few different languages/frameworks. I searched and found ThoughtWorks' okta-samples, which includes examples using Node.js
and Sinatra (Ruby + JRuby). I also found a Spring
SAML example that includes one of my favorite things in JavaLand: Java-based configuration.

I'm happy to report I was able to get all of these applications working with my client's Okta setup. This article
will tell you how I did it. For each application, I created a new application on Okta using its "Template SAML
2.0 Application" and added myself in the application's "People" tab. Each section below contains the configuration
I used for Okta. The instructions below assume you're similar to me, a developer that has Java 8, Node and Ruby
installed, but none of the specific frameworks. As I write this, I have everything working on my Mac with Yosemite,
but I wrote the instructions below using one of my old laptops, fresh after a Yosemite upgrade.

The first thing I did was checkout ThoughtWorks samples.

git clone https://github.com/ThoughtWorksInc/okta-samples.git
Node.js
I started by getting the Node.js sample working. For Okta's configuration, I used:

Setting
Value

Application label
Okta Node.js Example

Force Authentication
false

Post Back URL
http://localhost:3000/login/callback

Name ID Format
EmailAddress

Recipient
http://localhost:3000/

Audience Restriction
http://localhost:3000/

authnContextClassRef
PasswordProtectedTransport

Response
Signed

Assertion
Signed

Request
Compressed

Destination
http://localhost:3000/login/callback

Attribute Statements
email|${user.email},firstName|${user.firstName}

The Node.js sample uses express, as well as passport and
passport-saml. The passport packages are used to
handle the SAML authentication and connect is used to
compress the requests from your local server.

The only thing I needed to do to make the Node.js app work was to paste the X509 cert string and target URL into its
config.json from the Okta app. In Okta's Admin interface, I clicked on the "Sign On" tab and clicked
its
"View Setup Instructions" button. I copied the "Redirect Login URL" value and copied it into config.json's
entryPoint value. I then downloaded the certificate and opened it in vi. I ran the following
two commands to remove ^M and line endings (more
details
here).

:%s/<Ctrl-V><Ctrl-M>//g
:%s/\n//g

Next, I copied everything between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
and
pasted it into the cert value of config.json. I had to remove the comments from config.json for
everything to work.

After making these changes, I was able to run "npm install" and "npm start" and successfully login at
http://localhost:3000.

Ruby
The Ruby sample uses Sinatra, omniauth and omniauth-saml. To run the okta-ruby-sinatra application, I had to start by installing Bundler.

sudo gem install bundler
Then I installed all the required gems for this project using the following command.

bundle install
This resulted in the following error:

An error occurred while installing nokogiri (1.6.1), and Bundler cannot continue.
Make sure that `gem install nokogiri -v '1.6.1'` succeeds before bundling

I tried Bundler's suggestion, but it failed:

Gem::Installer::ExtensionBuildError: ERROR: Failed to build gem native extension.

/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby extconf.rb
mkmf.rb can't find header files for ruby at /System/Library/Frameworks/Ruby.
framework/Versions/2.0/usr/lib/ruby/include/ruby.h

I then tried upgrading to Xcode 6.1.1. I received the same error and running "bundle update sinatra" and "sudo gem
update --system" didn't help anything. I found an old Stack Overflow answer
that suggested running "xcode-select --install" to install Xcode's Command Line Developer Tools. After doing so, I
ran "sudo gcc" to accept to all Apple's licensing agreements. I ran "bundle install" again and this time it failed
with the following error:

-----
libxml2 is missing. please visit http://nokogiri.org/tutorials/installing_nokogiri.html for help with installing dependencies.
-----
...
An error occurred while installing nokogiri (1.6.1), and Bundler cannot continue.
Make sure that `gem install nokogiri -v '1.6.1'` succeeds before bundling.

I tried Bundler's suggested again: "sudo gem install nokogiri -v '1.6.1'". This didn't work, so I tried "bundle
update" and it finally worked.
I ran "bundle install" for the final time, followed by "ruby app.rb". WEBrick started and I created a "Okta Ruby
Example" application on Okta with the following settings.

Setting
Value

Application label
Okta Ruby Example

Force Authentication
false

Post Back URL
http://localhost:4567/auth/saml/callback

Name ID Format
EmailAddress

Recipient
http://localhost:4567

Audience Restriction
http://localhost:4567

authnContextClassRef
PasswordProtectedTransport

Response
Signed

Assertion
Signed

Request
Compressed

Destination
http://localhost:4567/auth/saml/callback

Attribute Statements
email|${user.email},firstName|${user.firstName}

To configure Sinatra with Otka's settings, I started by renaming the config.yml.sample file:

mv config.yml.sample config.yml
In Otka's Admin UI for the application, I clicked on the "Sign On" tab and clicked its
"View Setup Instructions" button. I copied the "Redirect Login URL" value and copied it into config.yml's
target_url value. I then downloaded the certificate and ran the the following command in the directory I downloaded it to.

openssl x509 -noout -fingerprint -in "okta.cert"
I copied the fingerprint into config.yml's fingerprint value and restarted the app. I opened
http://localhost:4567 in my browser and was able to successfully login.

JRuby
To start with JRuby, I first read the project's README. It mentioned issues with "nokogiri" and explains the project
contains a patched release of nokogiri 1.6.0. Since I knew there was a later release, I modified
Gemfile and removed the version and path information from the last line. I copied the
config.yml from the Ruby project and ran the following commands to install Bundler, the project's
dependencies and start the app.

jruby -S gem install bundler
jruby -S bundle install
Running the second command resulted in the following error:

Your jruby version is 1.7.18, but your Gemfile specified jruby 1.7.4
I modified Gemfile to specify "1.7.18" and tried again. This time it worked. I started the application
using the following command:

jruby app.rb

NOTE: If you see the the following in your browser window, it means you forgot to copy config.yml from the Ruby
project.
undefined method `auth' for Sinatra::Application:Class

When I tried to login at http://localhost:4567, I saw an infinite redirect and
the following error in my console.

W, [2015-01-08T08:53:22.514000 #56144] WARN -- : attack prevented by Rack::Protection::SessionHijacking
0:0:0:0:0:0:0:1 - - [08/Jan/2015 08:53:22] "GET / HTTP/1.1" 302 - 0.0190
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:53:22 MST] "GET / HTTP/1.1" 302 0

Stack
Overflow indicated this is a problem caused by an old version of rack-protection. Running "jruby -S bundle update rack-protection"
updated the project to use rack-protection 1.5.3 (was 1.5.1). After restarting and trying again, I received the
following error:

I, [2015-01-08T08:59:32.679000 #56176] INFO -- omniauth: (saml) Callback phase initiated.
E, [2015-01-08T08:59:34.747000 #56176] ERROR -- omniauth: (saml) Authentication failure! invalid_ticket: Onelogin::Saml::ValidationError, Digest mismatch
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:34 -0700] "POST /auth/saml/callback HTTP/1.1" 302 9 2.0760
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:34 -0700] "GET /auth/failure?message=invalid_ticket&strategy=saml HTTP/1.1" 404 449 0.0080
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:34 MST] "GET /auth/failure?message=invalid_ticket&strategy=saml HTTP/1.1" 404 449
- -> /auth/failure?message=invalid_ticket&strategy=saml
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:34 -0700] "GET /__sinatra__/404.png HTTP/1.1" 200 18893 0.0200
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:32 MST] "POST /auth/saml/callback HTTP/1.1" 302 9
- -> /auth/saml/callback
0:0:0:0:0:0:0:1 - - [08/Jan/2015:08:59:34 MST] "GET /__sinatra__/404.png HTTP/1.1" 200 18893
http://localhost:4567/auth/failure?message=invalid_ticket&strategy=saml -> /__sinatra__/404.png

At this point, the only thing different from my working version and my old laptop was the version of Java. My old
laptop had "build 1.8.0_05-b13", so I upgraded to the latest version of Java 8 (update 25). This didn't help, so I
tried updating all bundles with "jruby -S bundle update".
This failed too, so I figured I'd try to use the version of JRuby that was on my working laptop (version 1.7.16.1).
I installed Homebrew, ran "brew install jruby", removed the newer version from my path
and downgraded the version in Gemfile. I had to re-install Bundler and the projects dependencies with
the following commands.

jruby -S gem install bundler
jruby -S bundle install
Same error again. I reverted Gemfile.lock and ran the only bundle update command I'd run on my working
laptop:

$ jruby -S bundle update sinatra
Unfortunately, this still didn't fix the issue. I copied the project from my working laptop and tried running that
project. It failed, proving that it was an environment issue, not a project/code issue. I tried rebooting and when
that didn't work, I gave up. It's pretty strange this didn't work on a fresh Yosemite install - it took me less than
10 minutes to get it working originally.

Spring
The Spring sample I got working with Okta was Vincenzo De Notaris' spring-boot-security-saml-sample. This
project uses Spring Boot and Spring Security SAML. I created a "Okta Spring Example" application on Okta with the following settings.

Setting
Value

Application label
Okta Spring Example

Force Authentication
false

Post Back URL
http://localhost:8080/saml/SSO

Name ID Format
EmailAddress

Recipient
http://localhost:8080/saml/SSO

Audience Restriction
com:vdenotaris:spring:sp

authnContextClassRef
PasswordProtectedTransport

Response
Signed

Assertion
Signed

Request
Uncompressed

Destination
http://localhost:8080/saml/SSO

Attribute Statements
email|${user.email},firstName|${user.firstName}

The biggest thing I learned while trying to get these values correct was that Request
needs to be set to Uncompressed.

After cloning the GitHub project to my hard drive, I added a new SSO provider by adding a new bean to WebSecurityConfig.java.
The URL I got from Okta's Admin UI: Sign On > View Setup Instructions > Public Link (near the bottom of the page).

@Bean(name = "idp-okta")
public ExtendedMetadataDelegate ssoOktaExtendedMetadataProvider()
throws MetadataProviderException {
@SuppressWarnings({ "deprecation"})
HTTPMetadataProvider httpMetadataProvider
= new HTTPMetadataProvider("https://client.okta.com/app/random-key-here/sso/saml/metadata", 5000);
httpMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate =
new ExtendedMetadataDelegate(httpMetadataProvider, extendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(false);
extendedMetadataDelegate.setMetadataRequireSignature(false);
return extendedMetadataDelegate;
}

For the SSL connection to work, I had to download the certificate and import it into the application's keystore. To
do this in Chrome, I went to https://client.okta.com, clicked on the lock icon in the address bar, then
dragged/dropped the certificate image to my desktop. This resulted in a *.okta.com.cer file on my
desktop. I added it to the keystore using the following commands (thanks Stack
Overflow).

keytool -importcert -file ~/Desktop/\*.okta.com.cer -keystore src/main/resources/saml/samlKeystore.jks

When prompted for the password, I entered "nalle123". This value is specified in WebSecurityConfig.java's keyManager
bean. I then added this provider to the list of providers in the metadata bean.

@Bean
@Qualifier("metadata")
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
providers.add(ssoOktaExtendedMetadataProvider());
providers.add(ssoCircleExtendedMetadataProvider());
return new CachingMetadataManager(providers);
}

After making these changes, I started the application using "mvn spring-boot:run". I navigated to
http://localhost:8080, chose Okta as my Idp and logged in successfully!

Summary
This article shows you how I got Node.js, Ruby and Spring applications working with Okta's SAML support.
My experience with this when I first tried it: Node was super-easy, Ruby was a bit more difficult, JRuby was
a cinch and Spring took several days. As you can tell from this article, Ruby/JRuby were the most difficult to
make work on a clean machine.

All in all, working with Okta has been a pleasant experience so far. Hopefully this article helps make it a good experience for you as well. [Less]
Posted 6 months ago
Well? Have you read The Martian yet?

If not, and you're still on the fence, there's a very nice interview with author Andy Weir over on the Nautilus site: The Hit Book That Came From Mars.

It's a great interview: Weir is very ... [More] relaxed and revealing about how The Martian's success surprised him as much as anyone:

You know, I spend a lot of time trying to figure out why people like the book, because I’d like to write another book that they like that much. It's a great book; he's a great writer; he sounds like a good human being, too.

I hope all this attention encourages him to continue writing great books. [Less]
Posted 6 months ago
This is just a blog post that has more commercial nature, but you can't have one without the other. In fact this is what keeps Apache Camel alive and doing so well, due also to its commercial success.

This report may be of interest to people ... [More] who are looking for hard evidence of the value add of using Apache Camel commercially, from products such as JBoss Fuse.
IDC interviewed 6 organizations that report achieving significant business value by using Red Hat® JBoss® Fuse, in particular, and making their application integration and development efforts more efficient and productive. These 6 organizations are achieving a 3 year average return on investment (ROI) of 488% and earning back their investments in JBoss Fuse in 8.2 months.The report is downloadable as-is (no registration) from Red Hat website at: http://www.redhat.com/en/resources/value-red-hat-integration-products

Some of the highlights I see in relationship to Apache Camel are:

JBoss Fuse allows developers to program in Java, which becomes more of an extension to the application rather than a separate development experience. This resulted in making JBoss Fuse easier to adopt. As one customer explained, "One of the biggest advantages that we see with this product is that the integration tool is provided as a domain language. So it's like a natural extension of the Java language. You write integrations as if you're writing Java code. That means that all of the skills you need to debug in Java are the same skills required when you write integrations in this language. You don't have to go to another IDE or another toolset to understand how to write it. It's just Java code."Another customer cited the team's desire to actually know and understand what the code is as a reason for adoption: "Before, we had a problem with the software, and actually being able to prove to the vendor that there was a problem before they would get around to fixing it is a lot harder if you can't actually see any of the code. And this is not a small issue … In order to lodge a request, we would often have to prove to them by writing a sample program and prove that they are the cause of the issue — in a way that it's reproducible in their environment."A shipment and logistics company's application integration and development efforts benefit from the flexibility of JBoss Fuse's use of Apache Camel: "JBoss gives us the opportunity to help the developers in ways that wouldn't necessarily be possible with a graphical user interface tool."Customers also said that they benefit from Red Hat's support and the ability to have access to and understand the code used for their applications. One customer praised Red Hat's support: "The customer service support from Red Hat has been exceptional. They gave us access directly to the developers who are writing the code, whereas it can be hard to actually get access to developers with other solutions."
Just a note to the last bullet. Our support program allowed the customer direct access to myself and other Camel core committers, so we were able to help them quickly, and also fix and improve Apache Camel based on their issues and findings.

The report has more details, and hard numbers stating the "before" vs "after" and their gains (development time, performance, and many others) and cost benefits, such as pretty graphs as shown below: [Less]
Posted 6 months ago
Kimono

‘Turn websites into structured APIs from your browser in seconds’ — next-generation web scraping, recommended by conoro

(tags: via:conoro scraping web http kimono rss json csv data)

Following Fire Phone Flop, Big ... [More] Changes At Amazon’s Lab126 | Fast Company | Business + Innovation

as one insider told me, it feels like “Lab126 is in the doghouse” and that “Jeff is taking out his frustration with the failure of the Fire Phone” on upper management.

(tags: lab126 amazon fire-phone phones hardware tech)

UncertML

a conceptual model, with accompanying XML schema, that may be used to quantify and exchange complex uncertainties in data. The interoperable model can be used to describe uncertainty in a variety of ways including: Samples Statistics including mean, variance, standard deviation and quantile Probability distributions including marginal and joint distributions and mixture models

(tags: via:conor uncertainty statistics xml formats)

Secure Secure Shell

How to secure SSH, disabling insecure ciphers etc. (via Padraig)

(tags: via:pixelbeat crypto security ssh ops)

How to fix paste in OSX

Make “Paste and Match Style” the default, as it should be

(tags: paste osx ui ux cut-and-paste)

Introducing practical and robust anomaly detection in a time series

Twitter open-sources an anomaly-spotting R package:

Early detection of anomalies plays a key role in ensuring high-fidelity data is available to our own product teams and those of our data partners. This package helps us monitor spikes in user engagement on the platform surrounding holidays, major sporting events or during breaking news. Beyond surges in social engagement, exogenic factors – such as bots or spammers – may cause an anomaly in number of favorites or followers. The package can be used to find such bots or spam, as well as detect anomalies in system metrics after a new software release. We’re open-sourcing AnomalyDetection because we’d like the public community to evolve the package and learn from it as we have.

(tags: statistics twitter r anomaly-detection outliers metrics time-series spikes holt-winters) [Less]
Posted 6 months ago
In the last quarter of 2014, I made considerable progress with my recovery from the spinal cord injury. The physical therapy has made a big difference in the last three months to fight back against the muscle atrophy.
Physical TherapyRecently I ... [More] purchased a Total Gym which has helped the muscles in my hips and butt tremendously. It's really crazy how difficult walking can be when the muscles in your hips and butt (the gluteal muscles) have atrophied so badly. The thing that the Total Gym helps with is doing one legged leg presses without lifting the entire weight of my body every time. Because the Total Gym is at an incline, I can do many more leg presses with each individual leg and focus more on my form on each side. This has made a big difference in a short amount of time. And because the stationary bike and the Total Gym are both in the basement, I'm also doing stairs much more to get down there and back up which also helps.

Every day I'm doing a variety of physical therapy including walking on a treadmill, riding a stationary bike and now I'm also doing leg presses. Some of the main workouts I'm doing involve walking on the treadmill for 60 minutes at a time, riding the stationary bike for 30 minutes at a time and doing four sets of 25 leg presses on each leg. When I'm not doing this work I have many other exercises I do that include much smaller movements that are focused on a specific task. Slow, steady progress is the name of the game.
Ditching the WheelchairI have not been using the wheelchair much lately and just this week I stopped taking it to work at all. I'm only using the arm crutches and my leg braces. There are some difficulties with the crutches, however, like carrying things. Although I can carry small things when I'm just waddling around without the crutches, bigger and/or heavier items are still a problem when I'm using the crutches. I have been using a backpack when I'm using the crutches and, although it's kinda awkward, it works for many things.

I'm certainly not ready to run a marathon, but the recent progress has allowed me to walk around the house now even without using the crutches. I rely heavily on the braces that I wear on my lower legs because my feet are still paralyzed and that's fine for now. I definitely waddle like a penguin without the crutches, but that will change over time as I continue to rebuild muscle. I can now go up and down the stairs several times a day without the crutches.
Continued Positive ThinkingI've been keeping in touch with many friends since the accident who have all given me tremendous encouragement. My friend Simone advised me from his experience how important it is to do anything necessary to keep my morale high. He suggested remembering good times, watching movies you enjoy, spending time with friends and indulging in anything you can enjoy -- basically whatever it takes to stay positive. I have found this to be very true in my situation as well. In fact, I'm reading a book about this very topic right now.

You Are The Placebo is a book about what causes the placebo affect in the human body. It's essentially a publication about the author's research and experience using the power of deliberate meditation to willfully bring about change to the genes and therefore healing to the body. The author used this himself many years ago to heal his own spinal cord injury by tapping into the forces that create the placebo affect inside the human body. This the second book I've read on the topic of epigenetics and it is extremely fascinating because this area of research has demonstrated that human genes are not as static as we have been lead to believe. I'm still working through this book, but I'm learning a lot about the topic.
Traveling to Celebrate the HolidaysI have not traveled on a plane since August which was quite difficult for me at the time. Sitting on the plane just for that two hour flight from Denver to Chicago was very difficult because my body was in a very different state back then. The muscles in my butt were so atrophied that sitting on anything but the cushion on my wheelchair was very difficult. In fact, sitting on that same cushion while in the plane was OK but it made me realize how much I moved around during the day even in the wheelchair. Sitting in the same seat with minimal movement for two hours was very difficult.

Contrast my experience four months ago with my experience traveling to Illinois and back last week to visit family for the holidays. Not only was sitting on the plane for the two hour flight not a problem, but I also was able to use a thinner cushion this time. This was definitely a test of the progress I have made in rebuilding my body from the ruinous side effects of the spinal cord injury. I'm happy to say that a two hour flight is not a problem at this point. However, I don't believe that I could do a 9-10 hour flight to Europe yet. (Prior to the accident, I traveled for business via a direct flight from Denver to Frankfurt, Germany and then on to Munich, Germany to my company's headquarters. Needless to say, I have not been able to make any trips to Europe since the accident. I am hopeful that by the one year mark in the second quarter I will be able to start this travel again.)

Although the two hour flight was much more manageable this time around, the four hours of delays in the airport due to weather were no fun. It meant that we didn't land in Illinois until almost 2am. Originally we were scheduled to land about 10:30pm. Enduring the delays was worth it to see family. I had not seen my brother or my parents since July when they left Colorado to return home. It was wonderful to see them all and they were very impressed by the progress I have made since they last saw me.

Janene and I are lucky that both our families live about 20 minutes apart. So when we travel to Illinois to visit we get to see them both. This is because we began dating way back in high school some 26 years ago. We have been in Colorado for 20 years this year and not once have we missed traveling to Illinois to visit our families for the holidays. But even with the short distance between our families, the schedule we adhere to when we are there doesn't leave much room for relaxation because just about every day we go back and forth between both houses. Still, we have a wonderful time visiting family and celebrating the holidays.
ThankfulnessThe resiliency of the human body continues to amaze me. Comparing the state of my body today with the state of it back in the spring of 2013 just after the accident is quite remarkable. But I will say again that I am very lucky to not have sustained worse injuries. As I was told by many doctors, most people who get run over by a car. I know people who were at Craig Hospital for spinal cord injuries when I was who are not as fortunate as me and who have had numerous other complications after leaving the hospital. My heart goes out to the them because my situation was bad enough the way it was, it's so difficult to think about everything being worse. I'm just very thankful for all the compassion and support I have received from friends, family and otherwise.  [Less]
Posted 6 months ago
OK, today the macbook lost my mail.

That is to say, instead of Mac’s mail client launching normally, showing me my folders and connecting to my servers, it gives me the setup wizard.  It won’t even let me bypass the wretched wizard and ... [More] launch the mailer.

OK, I haven’t lost anything irretrievable (except perhaps some long-forgotten drafts), but I’d really rather not do battle with that wizard again: so much frustrating guesswork to find the settings that’ll talk to imap and imaps servers.  Are my settings somewhere I can retrieve them?

It’s at this point I realise how hopelessly irrelevant my Unix knowledge is when it comes to a Mac.  There’s no lost+found directory.  “ls -la ~ |grep -i mail” (and variants) turn up nothing.  Neither does a look in Mac’s /Applications/Mail.app turn up anything that looks remotely promising.

More frustratingly, neither does Google.  My attempts to google this question just turn up screenfuls of how to do things using the Mail GUI.  The same mail client that refuses to launch without the ritual incantation of the setup wizard.  Grrrr …

Dear lazyweb, Anyone know where in the mac filesystem I might look?  MacOS announces itself as 10.7.5.

[Less]