Yarn of the Month club review, July 2015

Apparently purple and fuzzy was the theme for July:

Yarn of the Month Club, July 2015

The pattern: Breezy Shawl

This is a cute little shawl with some little criss-cross cable going across the back in an otherwise mesh-like fabric, all see through. I might make it, but probably not with the recommended yarn.

Mongolian Cashmere

Yarn of the Month Club, July 2015

Mongolian Cashmere
“So soft and silky and lux”
6 sts/inch on US 1
100% Cashmere
400 yds color: Iris

This was my first time knitting 100% cashmere and wow. So Very Soft. This is silky soft with a little haze of fuzz and it’s a treat to work with. I’m starting to see why my friend M was so obsessed with finding 100% cashmere on the yarn crawl instead of a blend, now. At $45/2 oz, it’s pricey for a sweater, but oh, what a sweater it would make.

Yarn of the Month Club, July 2015

I’m not as big a fan of the swatch pattern on this one: it’s chunky and seems like a waste for this luxurious yarn. Plus, I had a lot leftover as you can see, so it’s really tempting to frog (unravel) it and try something that will showcase it better. I just haven’t figured out what that might be yet!

Jaggerspun Heather 2/8

Yarn of the Month Club, July 2015

Jaggerspun Heather 2/8
“Strong with an aura of fluff”
7sts/inch on US 2
100% wool
280 yds Color: Columbine

This feels nice in the ball, but I don’t like the scratchiness of it in the swatch. It’s super fluffy as promised, and probably pretty warm, though, and there’s lots of colours in the heather which makes it pretty neat up close.

Yarn of the Month Club, July 2015

This might be nicer in a stockinette or cable pattern, but with so many yarns in the world to choose from “a little scratchy” is enough reason for me not to revisit this one. Still, it was good to try it out and pleasant to work with.


The amazing cashmere yarn is enough to make this YOTM sample selection for me, and the other yarn isn’t bad it’s just hard for it to shine in comparison. I do wish this month’s mailing had come with better swatch suggestions, though!

OSB 2015 – Internet of Things Militia: Paramilitary Training for your IoT devices (Video & Slides)

As previously mentioned, I gave two talks at Open Source Bridge this year, and they’ve recently put the videos online. Here’s the more frivolous and silly of the two:

Internet of Things Militia: Paramilitary Training for your IoT devices

Abstract: Security folk generally talk about how the Internet of Things is bad for security, but it also brings new sensors and connected devices that could co-operate in new and interesting ways. Could we use internet things to enhance security?

Video embedded below:

[Confreaks.tv video link] [Youtube video link]

I was honestly pretty surprised that open source bridge accepted two talks (especially when I found many colleagues who are pretty decent speakers didn’t get in!). This was a bit of a joke talk, meant to poke fun at how security people talk doom and gloom about internet of things, but also a way to talk sideways about how internet things are both terrible and terrific if you think like a hacker. I’m not sure I would have pitched this talk if I’d known that OSB audiences are notoriously quiet and not big on participation, but I was lucky enough to get a crowd who was willing to get into it and come up with some fun suggestions on how to “better” use internet things.

Remember, don’t try this at home!

[Internet of Things Militia: Paramilitary Training for your IoT devices (Slides)] To be honest, there’s not much in these other than pictures to get people talking, but you can see my notes underneath each slide to see what I was planning on saying. The slides are also in the video.

Again, one day I hope to transcribe this and put up a nice blog post with the slides for those who don’t love video, but I the perfect is the enemy of the good and all, so I’m sharing what I have instead of pining for what I don’t have done yet.

Homemade Heartbleed pillow

Perhaps the most well-known of open source bugs this year is heartbleed, notable as much for its marketing as technical merit.

There’s a tradition at work of decorating people’s cubes when they’re on sabbatical, and while I wasn’t the one who came up with the idea to decorate our fearless leader’s cube with things representing the many well-marketed open source bugs, I was the person who brought in the first piece:

Heartbleed Pillow for R

There wasn’t exactly a pattern for this:
Step 1 Draw half a big heart (to make sure it’s symmetrical) and cut out two of them.
Step 2 Cut a long strip with tapered ends to go over the top (to give the pillow some extra width at the top — you can’t see it in the photo but it’s about the width of my palm).
Step 3 Cut various thinner strips to be the bleeding drips.
Step 4 Sew each side of top to tapered strip
Step 5 Carefully sew bottom of two hearts together, placing drips at appropriate intervals.
Step 6 Curse and pull out drips and re-sew so they actually hang correctly. Several times.
Step 7 Leave a hole so you can flip the thing right-side out and stuff, then curse because you have no red thread and spawn another search of the house because it’s much too late to go out and buy thread.

Since my office (and indeed, half of the house) had no floor, there was a lot of frantic searching for the sewing machine. I don’t mind free-handing a pattern, but sewing through 3 layers of polar fleece by hand isn’t my favourite activity! Thankfully, we did find the sewing machine, but in the end, the only red thread I could find came from a promotional sewing kit I got from Raytheon at some Grace Hopper Celebration past. Seems sort of hilariously appropriate.

End result: one very one-of-a-kind throw pillow.

I’m sort of surprised that no one has started marketing open source bug merchandise, to be honest. I’ll bet there’s a market!

OSB 2015 – Bringing Security to Your Open Source Project (Video & Slides)

I gave two talks at Open Source Bridge this year, and they’ve recently put the videos online. Here’s the more serious and informative of the two:

Bringing Security to Your Open Source Project

Abstract: With high profile breaches in open source projects, the issue of security has become one of great import to many people. But many projects, especially smaller ones, are intimidated by the idea of a security audit. This talk will discuss ways for smaller projects to experiment, learn, and even have fun improving their security. No PhDs in security required!

Video embedded below:

[Confreaks.tv video Link] [youtube link]

I’m a bit sad that they cut out the introduction I got; it was pretty hilarious.

The motivation behind this talk is that when I tell people in open source communities that I do security for open source projects, I get a lot of interest but people always say they don’t know where to start and quite a lot of them buy into the idea that somehow just being open source makes you secure. That can be a big push towards security for some projects, but it’s not a panacea, so this talk is an intro to how to do a security hackathon and be welcoming to folk who want to help with your security.

[Bringing Security to Your Open Source Project (Slides)] The slides are in the video as well, but sometimes this is easier! If you look at the slides, you can also see a rough version of what I’d planned to say in the notes section.

One of these days I’ll transcribe the talk and set up a blog post with slides as images for folk who don’t aren’t into videos for whatever reason (I know I don’t watch very many myself unless I’m multitasking), but I thought I’d share the video first rather than wait. Hope you like it!

A simple hat in progress

Most of my energies have gone into the new house lately, but that doesn’t mean I haven’t been making things too, just that I haven’t had as much time for writing up of late. So here’s what’s currently on the needles while I start sorting through the backlog of photos and creations:

A simple hat in progress

This is from a little ball of Misti Alpaca that I picked up on the last day of my tatting class (more on that later!) as a treat. And it *is* a treat. I wish I could justify the cost and time of a sweater made out of this stuff — its light, soft, and seems pretty warm. Maybe someday.

The plan, half-executed, is to make a little tiny soft hat that can be stuffed in a jacket pocket. A thin tuque, I guess. Since it’s dark, it currently reminds me of what my sister and I called “crime hats” on Buffy (due to her penchant for putting on a tuque before doing anything vaguely criminal in a several episodes).

Pattern so far:

Yarn? Misti Tui from Misti Alpaca. Sport weight, chains of thin alpaca.
What’s the gauge? 6 st/inch on US 7 (4.5mm)
What’s my head circumference? Around 21 inches
Since I didn’t want much negative ease (i.e. stretch), that meant 21×6 = cast on 126 stitches

Brim ribbing: {k3, p1, k1, p1} repeat 21 times
(or as many times as you have inches of head circumference)
Repeat brim rows until you reach an inch or so then switch to stockinette

My plan is to continue the stockinette without decreases to make slight kitty ears. We’ll see how it works out!