Trying out some video courses

Since a few e-learning craft sites were offering free stuff to help amuse people during quarantine, I decided to try a couple of courses on Bluprint and Knit Stars. This is mostly notes for myself in case I decide to subscribe to either of these later.

What did I take?

  • Bluprint: Spinning Dyed Fibers with Felicia Lo
  • Bluprint: Drafting from Woolen to Worsted
  • Knit Stars: Meghan Fernandes’ Finishing Workshop
  • Knit Stars: Beata Jezek of Hedgehog Fibres on Colour
  • Knit Stars: Meet the Alpacas

I had the run of all possible courses on Bluprint so I focused on spinning, where I think I have a lot to learn, and I’ve been practicing a few times a week so I’m not too out of shape to apply the knowledge. Knit Stars it was just whatever they’d chosen to run on a week when I had a bit of time.

Content

All of the videos I watched were a real step up in video quality from my usual free youtube stuff. Good focus, editing, colour, lighting, sets. The production quality was really lovely.

The courses were well designed. There were obvious spaces for practice, and especially in the spinning the instructors explained things in multiple ways with different visual aids. Lots of best practices in evidence.

Obviously the courses that I selected myself were more relevant to what I actually wanted to learn. And while that’s definitely true right now because of the way Bluprint offered everything free at once while Knit Stars offered specific courses per week, it’s also true generally because Bluprint you choose each course or subscribe for access to all of them (streamed only?) while Knit Stars has them bundled into seasons.

I learned something new from every single one I took, though! And it was pretty cool to have something more like an instructor led experience even in the middle of social distancing. I’d *rather* take a class when I can, but… I could do this at random hours without taking away time from my toddler. And that’s pretty neat even if I wasn’t in the middle of a global pandemic.

Platform technology

Bluprint was, I think, severely overloaded by the free trial. I had to load videos multiple times before they’d play, the interface was so slow that I resorted to editing the url to go to the next video. It was frustrating. Plus, their video player only had a tiny play/pause button in one corner, which is particularly annoying when you’re watching and spinning at the same time and may have fiber in one hand! I don’t know if the downrezed videos were a load issue or settings or what, but they definitely were bad enough to be noticeable and make it hard to see what the spinning instructors were talking about.

Bluprint also constantly touts their “platform” which I guess is kind of comments/forum with the instructor expecting to participate regularly for a live experience. I’d mostly known about this because they screwed up a bunch of notifications and upset a lot of instructors (back when they were Craftsy, I think?), which made the constant exhortations that one should share photos on the platform seem kind of sad. (Especially since these courses were likely recorded before the technical snafu.) I didn’t use it because I didn’t have enough time for that, but I guess it’s a neat idea?

Knit Stars has nice big next/previous buttons that actually work, fewer loading problems, and didn’t tend to downgrade the resolution as badly, but it was a bit hard to tell because I wasn’t looking for the same tiny details in those courses.

I think Knit Stars also does live stuff when the courses are on, but again, I didn’t have time for that so I didn’t investigate if any of that was a thing for the older recordings.

Conclusions

I liked all the courses I took and learned a few new things from each one! I’m particularly excited about practicing the spinning techniques and had to go out and buy more fiber.

I disliked the Bluprint technical blips a lot, enough that if all else were equal I’d check Knit Stars first for any courses. But the Bluprint selection and lower pricing really does makes it appealing despite the tech problems. And honestly, next time wouldn’t be in the free trial period so it’s possible that a lot of the site’s sluggishness wouldn’t be an issue any more.

But will there be a next time? Probably not any time soon. Honestly, finding time for videos in my day was kind of a pain right now: I’ve got full time childcare for an active toddler, a full time job, and a pretty busy volunteer job (that will quiet down in a few weeks, at least). It worked out well on days where I’d set aside time to do something like dye my hair and had to sit still for 20 minutes or so. It worked less well when I was feeling cooped up and instead used my every-other-evening toddler-free hour for a walk. And even learning spinning while doing my complicated lace mkal wasn’t great. But it was cool to do courses without having to travel or coordinate schedules with my husband, so “not soon” is not a polite “never” in this case. I’m not sure when life might change to make this work, but I can definitely see that it could eventually. If I loved video learning it might be a sweeter deal, but it’s not my preferred learning method even with better production quality.

Overall, I’m really glad I tried it out but I think maybe this isn’t the best pandemic activity for me!

Video of my Python Security Tools talk at PyCon 2019

I’m hoping to put together a post with all the text of my talk and slides in a non-video format (because I like having my talks in non-talk format!), but in the meantime, enjoy the video of the talk I gave at PyCon this year!

The talk is on Python Security Tools, because I found at work that we didn’t have good training on how to secure Python, and when I went to fix that, I found out that even Google searches for “how do I secure python?” weren’t telling people the things I think they should know about securing their python code.  So clearly there’s a need!

Abstract:

While high-level security concepts may transcend languages, each language has its own sets of tools and edge cases that are worth knowing. Python is one of many popular languages that is rarely the focus in security training, but that doesn’t mean python code is automatically secure (no matter what the internet tells you). Learn why people who say “pylint will help you with security” aren’t doing you any favours, how to use Bandit for security-focused linting and talk about other options for static analysis. Take a deeper look at why scanning for publicly known vulnerabilities is complicated, and how to use Pyup Safety to make it easier. We’ll also explore some language myths and best practices

On a personal note, speaking at PyCon is something I’ve wanted to do since my first PyCon back in Santa Clara in 2012, so I was super excited to get accepted this year!

Is Open Source Software Really More Secure? (Pycon Pune 2017 Keynote)

Back in February, I keynoted at Pycon Pune in India. I decided to start with one of the questions that comes up frequently when I tell people that my day job is in open source security: “Is open source software really more secure?” Here’s the video!

Hopefully one of these days I’ll get the slides and a written transcript up, but for today, please just enjoy the video. Note that there’s some silence at the start of the video while we’re setting up. I start talking at the 1m50s mark, and the embedded video should start there.

Pycon Pune Group Photo

Open source security is something I’m very passionate about, and I was really glad that the fine folk at PyCon Pune gave me the chance to tell their attendees more about what it means to be secure and what it will take to make open source security even better. I believe there were over 500 people in the room for my talk, even though I was the the final keynote for the conference, and it was one of the greatest audiences I’ve ever had the privilege to talk to — very responsive, lots of great questions, and lots of great follow-ups after the talk was done. If you ever get a chance to speak at Pycon Pune, I highly recommend it. Keep an eye out for next year’s call for speakers!

This also ticked off a few bucket list items for me:

  1. Visting India! I work with a number of people from India and meet new students from there nearly ever year, so I’ve always been curious, but it’s a long an expensive trip. Thankfully it turns out it was also on J’s bucket list so we found a way to make it happen. It’s a super beautiful country and very different from my own. We were fortunate enough to spend some time being tourists before the conference, as well as lots of time socializing with the conference attendees and volunteers.
  2. Keynoting a conference! I’ve wanted to do this for years but opportunities don’t come up very often and I wasn’t able to accept the last offer I got.

PS – Interested in inviting me to keynote? I’d love to do another one! Send an email to terri (at) toybox.ca to let me know. I have a list of my speaking experience on my website. I talk a lot about security, but I’m happy to talk about open source mentorship, community, artificial intelligence, and quite a few other things, just ask!

OSB 2015 – Internet of Things Militia: Paramilitary Training for your IoT devices (Video & Slides)

As previously mentioned, I gave two talks at Open Source Bridge this year, and they’ve recently put the videos online. Here’s the more frivolous and silly of the two:

Internet of Things Militia: Paramilitary Training for your IoT devices

Abstract: Security folk generally talk about how the Internet of Things is bad for security, but it also brings new sensors and connected devices that could co-operate in new and interesting ways. Could we use internet things to enhance security?

Video embedded below:

[Confreaks.tv video link] [Youtube video link]

I was honestly pretty surprised that open source bridge accepted two talks (especially when I found many colleagues who are pretty decent speakers didn’t get in!). This was a bit of a joke talk, meant to poke fun at how security people talk doom and gloom about internet of things, but also a way to talk sideways about how internet things are both terrible and terrific if you think like a hacker. I’m not sure I would have pitched this talk if I’d known that OSB audiences are notoriously quiet and not big on participation, but I was lucky enough to get a crowd who was willing to get into it and come up with some fun suggestions on how to “better” use internet things.

Remember, don’t try this at home!

[Internet of Things Militia: Paramilitary Training for your IoT devices (Slides)] To be honest, there’s not much in these other than pictures to get people talking, but you can see my notes underneath each slide to see what I was planning on saying. The slides are also in the video.

Again, one day I hope to transcribe this and put up a nice blog post with the slides for those who don’t love video, but I the perfect is the enemy of the good and all, so I’m sharing what I have instead of pining for what I don’t have done yet.

OSB 2015 – Bringing Security to Your Open Source Project (Video & Slides)

I gave two talks at Open Source Bridge this year, and they’ve recently put the videos online. Here’s the more serious and informative of the two:

Bringing Security to Your Open Source Project

Abstract: With high profile breaches in open source projects, the issue of security has become one of great import to many people. But many projects, especially smaller ones, are intimidated by the idea of a security audit. This talk will discuss ways for smaller projects to experiment, learn, and even have fun improving their security. No PhDs in security required!

Video embedded below:

[Confreaks.tv video Link] [youtube link]

I’m a bit sad that they cut out the introduction I got; it was pretty hilarious.

The motivation behind this talk is that when I tell people in open source communities that I do security for open source projects, I get a lot of interest but people always say they don’t know where to start and quite a lot of them buy into the idea that somehow just being open source makes you secure. That can be a big push towards security for some projects, but it’s not a panacea, so this talk is an intro to how to do a security hackathon and be welcoming to folk who want to help with your security.

[Bringing Security to Your Open Source Project (Slides)] The slides are in the video as well, but sometimes this is easier! If you look at the slides, you can also see a rough version of what I’d planned to say in the notes section.

One of these days I’ll transcribe the talk and set up a blog post with slides as images for folk who don’t aren’t into videos for whatever reason (I know I don’t watch very many myself unless I’m multitasking), but I thought I’d share the video first rather than wait. Hope you like it!

Winking Microview

With my travel and work schedules, I haven’t had time to hack my original MicroView, but the replacement ones arrived while I was out at ABQ Mini Maker Faire! So of course, I had to try *something* now that I can actually flash things to it.

Here’s my current very simple program: a smile with a wink!

microview_wink

Although it’s probably better with video

And of course, it’s more fun if you can also check out the code so I dumped it into my git repository. Here it is in case you’re not feeling like clicking through:

/* 
 * microview_wink: a simple winking face animation for the MicroView
 * 
 * Created by: Terri Oda 
 * Sept 16, 2014
 */

#include 

void setup() {
  uView.begin();		// start MicroView
  uView.clear(PAGE);		// clear page
  uView.print("Hi Terri!");	// say hi
  uView.display();
  delay(1000);
}

void loop () {
  //drawFace();
  winkFaceAnimation();
}

void drawFace() { 
  uView.clear(PAGE);
  
  drawEyes();
  drawNose();
  drawMouth();    

  uView.display();        // display current page buffer
}

void drawEyes() {
  uView.circle(20, 15, 5);
  uView.circle(45, 15, 5);
}

void drawNose() {
  uView.line(30, 22, 35, 32);
  uView.line(35, 32, 31, 32);
}

void drawMouth() {
  uView.line(20, 40, 25, 45);
  uView.line(25, 45, 40, 45);
  uView.line(40, 45, 45, 40);
}

void winkFaceAnimation() {
  for (int i = 0; i < 7; i++) {
    uView.clear(PAGE);
    
    // animate one eye for the wink
    switch (i) {
      case 0: 
      case 6:
        uView.circle(45, 15, 5);
        break;
      case 1:
      case 5: 
        uView.rect(40, 12, 10, 5);
        break;
      case 2:
      case 4:
        uView.rect(40, 14, 10, 2);
        break;
      case 3: 
        uView.line(40, 15, 50, 15);
        break;
    }

    // draw the static parts of the face
    uView.circle(20, 15, 5);    
    drawNose();
    drawMouth();
    
    // display and wait for the next frame to start
    uView.display();
    delay(500);
  }  
}

The MicroView was pretty easy to get up and running since this machine was already set up for arduino programming, I just had to remember to switch from the Adafruit Flora (what I'd been coding for last) to the Microview ( / the Arduino Uno). I'm pretty pleased with my first run, and even though I am reminded that animation frame drawing is not my favourite activity, I'm happy to have written some code for it, even if it's absurdly simple.

I'm still planning on continuing with the necklace plan for the first of these, so I'm going to work on a few more animations while I decide how I'm going to handle power, shaping, and whether I'm going to want any sensors in the final pendant. My current plan is that I'll create a backpiece that I can embed a battery into (probably 3d printed?), and I think I'd like to stick an accelerometer in there so it can be more interactive. But my plans may change as I fiddle with it!

My Little Robot

A number of weeks back, it occurred to me that as an adult with disposable income, I could buy a robot anytime I wanted to. So I did. Or rather, I bought a kit to build my own robot. I haven’t had as much time to play with as I’d like (the downside to being an adult with a job), but I’m hoping to take it out to Albuquerque Mini Maker Faire this weekend, so I’ve been experimenting with programs to show it off.

Here’s a video:

Cute, eh? That was just me making sure that the sensor “whiskers” work, but it’s kind of a convenient program because I don’t have to worry about it falling off the table. Right now, I know how to make it flash lights, move the wheels, and make noise with the little speaker on top, so either I should make a box for it to play in and teach it to do basic collision avoidance, or maybe work on a program where people can touch it and have it react, much like the one it’s running now. I’ve only got a couple of days to finish: Maker Faire is the 24th and 25th!