The Daily Parker

Actually, I'm blegging for information. Has anyone used online photo printing services like ZenFolio, SmugMug, or Shutterfly, either as a photographer selling images or as a customer? Maybe your wedding photographer used a third-party site?

As a corollary, do you or does anyone you know buy stock photos for publication?

No, I'm not quitting my job; but with a backlog of 30,000 photos—some of them already sold as stock, some of them more than once—the wheels in my brain have started to turn. (Maybe it's the MBA.)

Problem: I have multiple websites on a Windows 2008 server (using IIS7), and I need to enable SSL (i.e., https:// connections) on more than one of them.

Generally, secure websites get their security certificates from trusted providers. Most modern browsers verify that the third-party certificate came from the purported vendor and are attached to the purported website, and give you a nice warm feeling when your address bar turns green. (I have used Comodo most of the time, though because of some experiences helping a local small business renew their certificate recently, I might switch.)

The way SSL works, however, you don't actually need third-party verification to keep the conversation secure. Many servers issue their own SSL certificates, which secure the traffic between the browser and the server regardless of which server or who issued the certificate. In other words, a self-signed SSL certificate will keep the conversation private without guaranteeing that you are talking to the person you think you're talking to. If you can confirm the identity of the server through other means, and then trust the certificate, then you're golden.

Because only I or my subcontractors will ever need to visit these administrative sites within Inner Drive Technology's Worldwide Data Center that I want to secure, self-signed certificates are perfectly appropriate. Under previous versions of IIS, not only did this cause enormous headaches, but also IIS would only support one and only one secure site per server instance. That really sucks if you have, as Inner Drive does, about 30 sites on the same server.

IIS 7 makes this so simple I almost cried with joy.

Step one: Issue a self-signed certificate

In IIS7, go to your server node, and open up the Server Certificates feature:

In the Actions list, click on "Create Self-Signed Certificate..." to bring up the dialog box. Enter a starred domain name for the certificate:

Once you click OK, you've got a self-signed certificate that IIS can find.

Step two: Open the right dialog box

Expand the list of sites in the Connections (left) pane, and click on the site you want to assign. In the Actions (right) pane, click on "Bindings..." This brings up the Bindings dialog box. Now click Add, to bring up the Add Binding dialog box:

Step three: Click OK

Drop the Type box down to "https." Enter the specific host name for the site, and choose your starred certificate:

That's it. Seriously. And anyone who's ever dealt with this configuration crap before will understand my teary-eyed joy.

Generally, I prefer to learn new things by reading first, then doing. I mentioned Wednesday that I've grown dissatisfied with my photography skills, so naturally, I'll go first to Amazon. You know: read about a technique, try it out, post the results online, rinse and repeat.

So it seems somewhat odd to me that most of Amazon's top-rated books on photography—like this one on Photoshop—have Kindle editions that cost almost as much. Because nothing will help someone understand how to do advanced photo editing than 10 cm, 18 dpi halftones, right? Even stranger: the example I just cited has a companion DVD, which I assume does not come with the Kindle version. That, to me, puts the F in WTF.

Officially and virtually, I've had this since December 30th. I do like having the hard copy though:

Girlyman played Evanston SPACE last night:

Coyote Grace is touring with Girlyman this year; I'll be looking for them again. Also, surprise musical guest The Shadowboxers, who graduated from college Wednesday, led the show with a 4-song set. Again, another band I need to follow.

I'll have more photos next week. Tomorrow I'm off to Duke for our graduation ceremony. The school awarded our degrees in January (retroactive to December 30th), but I still want to walk—and see my classmates. Only, with work, a 7am flight to RDU, and everything going on this weekend, I don't expect to have time to organize last night's photos for a few days.

I will say this: even with the 7D's amazing low-light abilities, shooting a concert is hard. I experimented with a dozen or so combinations of ISO, aperture, and shutter, and I quickly put away my 18-55mm zoom in favor of a 50mm f/1.8 prime lens. The shot above was ISO-3200, 1/125 at f/1.8. I tried slower shutters with tighter apertures but the band were so energetic that led to lots of subject movement. Lower ISOs gave me less grainy photos, but again, required slower shutter speeds, so they weren't quite up to my standards. And black & white, which ordinarily covers many sins in variable-light environments, didn't look right, because the lighting makes up part of a live performance's appeal.

I also shot about 18 minutes of video (which looks OK, actually), making my total haul for the evening a whopping 12 GB. I don't think I can post any video, though. (Pesky copyright laws.) If I find out from the band it's all right to do so, I'll put some up.

Apparently "gardener" makes more sense than "engineer:"

So why do so many gardens fail, yet so many skyscrapers succeed? With a few exceptions, the technique for building a skyscraper is similar whether you are in Europe or you are in Singapore. Gardens do not work that way. Every garden is different because the environment it is in is different. Even gardens that are within throwing distance of each other can have wildly different soil. That is why the lowest bidder can probably build the same bridge as the highest bidder, but your company can’t grow the calibre of gardens that Google can grow.

Remember that time when someone in your company unsuccessfully used an Agile gardening methodology, and then went around saying that it was horse shit that doesn’t work? Well horse shit does grow gardens, it just wasn’t enough to save your garden. Your garden was probably dead before it started – a victim of the climate of your organisation. Were you trying to grow a rainforest in the desert? You can’t just plant the same plants as Facebook, Flickr or Twitter and expect them to take root regardless of the quality of your gardeners or the climate of your organisation.

(Hat tip MVT.)

Via one of my cow-orkers, a company that can tell you all about yourself at a hitherto-impossible level of detail. All you have to do is spit:

23andMe is a retail DNA testing service providing information and tools for consumers to learn about and explore their DNA. We utilize the Illumina OmniExpress Plus Research Use Only Chip which has been customized for use in all of our products and services by 23andMe. All of the laboratory testing for 23andMe is done in a CLIA-certified laboratory.

How does 23andMe genotype my DNA?

Once the lab receives your sample, DNA is extracted from cheek cells in your saliva. Your DNA is then copied many times so that there is enough DNA to use for the genotyping step. Next, the DNA is cut into smaller, more manageable pieces. These DNA pieces are then applied to a DNA "chip." The DNA chip is a small glass slide with millions of microscopic beads on its surface. Attached to each bead are "probes"—bits of DNA complementary to sites in your genome where SNPs are located. There is a pair of probes for each SNP, corresponding to the two versions of each SNP. Because two complementary pieces of DNA stick together, your DNA sticks to whichever probes match your versions of a SNP.

The service claims to do the following:

• Identify health risks based on genetic propensity (and quantify how much of the risk is genetic);
• Tell you where your family came from, and when they got there, going back several thousand years;
• Find your long-lost cousins; and
• Send you updates as new research comes in.

My colleague paired this suggested site with this TED talk about the future of human evolution.

Remember when Gattaca was just an interesting fiction? Let's hope not all of Andrew Niccol's predictions come true...

Fascinating, and not bad at all. Writer/director Sebastian Gutierrez assembled a top-notch cast (Danny DeVito, Carla Gugino, Zachary Quinto) and put them into a watchable, funny film—only available on YouTube. If your line supports it, watch in HD. Alas, I think it's only available in the U.S. for the time being.

Gulliver this afternoon examines whether we might want to examine them:

A new academic paper [PDF] from John Mueller (of The Ohio State University) and Mark Stewart (of the University of Newcastle in Australia) attempts to determine whether the return on investment justified those huge expenditures. ... [T]he findings in this paper are truly remarkable. By 2008, according to the authors, America's spending on counterterrorism outpaced all anti-crime spending by some $15 billion. Messrs Mueller and Stewart do not even include things like the wars in Iraq and Afghanistan (which they call "certainly terrorism-determined") in their trillion-plus tally.

"[A] most common misjudgment has been to embrace extreme events as harbingers presaging a dire departure from historical patterns. In the months and then years after 9/11, as noted at the outset, it was almost universally assumed that the terrorist event was a harbinger rather than an aberration. There were similar reactions to Timothy McVeigh’s 1995 truck bomb attack in Oklahoma City as concerns about a repetition soared. And in 1996, shortly after the terrorist group Aum Shinrikyo set off deadly gas in a Tokyo subway station, one of terrorism studies' top gurus, Walter Laqueur, assured the world that some terrorist groups 'almost certainly' will use weapons of mass destruction 'in the foreseeable future.' Presumably any future foreseeable in 1996 is now history, and Laqueur’s near 'certainty' has yet to occur."

The paper also found that anti-terror spending has outpaced anti-crime spending by some $15 bn, despite crime costing society significantly more. The paper doesn't go into the politics of why this might be so, but I'll hazard a guess that cutting crime benefits more people a little while spending on anti-terror measures benefits a few people quite a bit. Lowering the likelihood that my car will suffer $300 in damage from a break-in has less immediacy than a $30m contract for a new security gadget would were I in that line of business.

Every day a few minutes past midnight UTC (7pm CDT), I get a report from The Daily Parker about its health, wealth, and wisdom. And every day, someone hits the blog from somewhere through a search I never thought about before. In the last day, for example, people have hit the blog looking for:

• Laguhing too loud;
• The great flood of 1992;
• Chicago parking scandal;
• Neurology of spending (this one from Canada);
• One of my classmates;
• My high-school choir director; and
• The daily sunrise times in Chicago.

I'm glad I could help.