Why is there no consistent single signon API flow?
Jun. 23rd, 2025 10:36 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mjg59Single signon is a pretty vital part of modern enterprise security. You have users who need access to a bewildering array of services, and you want to be able to avoid the fallout of one of those services being compromised and your users having to change their passwords everywhere (because they're clearly going to be using the same password everywhere), or you want to be able to enforce some reasonable MFA policy without needing to configure it in 300 different places, or you want to be able to disable all user access in one place when someone leaves the company, or, well, all of the above. There's any number of providers for this, ranging from it being integrated with a more general app service platform (eg, Microsoft or Google) or a third party vendor (Okta, Ping, any number of bizarre companies). And, in general, they'll offer a straightforward mechanism to either issue OIDC tokens or manage SAML login flows, requiring users present whatever set of authentication mechanisms you've configured.
This is largely optimised for web authentication, which doesn't seem like a huge deal - if I'm logging into Workday then being bounced to another site for auth seems entirely reasonable. The problem is when you're trying to gate access to a non-web app, at which point consistency in login flow is usually achieved by spawning a browser and somehow managing submitting the result back to the remote server. And this makes some degree of sense - browsers are where webauthn token support tends to live, and it also ensures the user always has the same experience.
But it works poorly for CLI-based setups. There's basically two options - you can use the device code authorisation flow, where you perform authentication on what is nominally a separate machine to the one requesting it (but in this case is actually the same) and as a result end up with a straightforward mechanism to have your users socially engineered into giving Johnny Badman a valid auth token despite webauthn nominally being unphisable (as described years ago), or you reduce that risk somewhat by spawning a local server and POSTing the token back to it - which works locally but doesn't work well if you're dealing with trying to auth on a remote device. The user experience for both scenarios sucks, and it reduces a bunch of the worthwhile security properties that modern MFA supposedly gives us.
There's a third approach, which is in some ways the obviously good approach and in other ways is obviously a screaming nightmare. All the browser is doing is sending a bunch of requests to a remote service and handling the response locally. Why don't we just do the same? Okta, for instance, has an API for auth. We just need to submit the username and password to that and see what answer comes back. This is great until you enable any kind of MFA, at which point the additional authz step is something that's only supported via the browser. And basically everyone else is the same.
Of course, when we say "That's only supported via the browser", the browser is still just running some code of some form and we can figure out what it's doing and do the same. Which is how you end up scraping constants out of Javascript embedded in the API response in order to submit that data back in the appropriate way. This is all possible but it's incredibly annoying and fragile - the contract with the identity provider is that a browser is pointed at a URL, not that any of the internal implementation remains consistent.
I've done this. I've implemented code to scrape an identity provider's auth responses to extract the webauthn challenges and feed those to a local security token without using a browser. I've also written support for forwarding those challenges over the SSH agent protocol to make this work with remote systems that aren't running a GUI. This week I'm working on doing the same again, because every identity provider does all of this differently.
There's no fundamental reason all of this needs to be custom. It could be a straightforward "POST username and password, receive list of UUIDs describing MFA mechanisms, define how those MFA mechanisms work". That even gives space for custom auth factors (I'm looking at you, Okta Fastpass). But instead I'm left scraping JSON blobs out of Javascript and hoping nobody renames a field, even though I only care about extremely standard MFA mechanisms that shouldn't differ across different identity providers.
Someone, please, write a spec for this. Please don't make it be me.
This is largely optimised for web authentication, which doesn't seem like a huge deal - if I'm logging into Workday then being bounced to another site for auth seems entirely reasonable. The problem is when you're trying to gate access to a non-web app, at which point consistency in login flow is usually achieved by spawning a browser and somehow managing submitting the result back to the remote server. And this makes some degree of sense - browsers are where webauthn token support tends to live, and it also ensures the user always has the same experience.
But it works poorly for CLI-based setups. There's basically two options - you can use the device code authorisation flow, where you perform authentication on what is nominally a separate machine to the one requesting it (but in this case is actually the same) and as a result end up with a straightforward mechanism to have your users socially engineered into giving Johnny Badman a valid auth token despite webauthn nominally being unphisable (as described years ago), or you reduce that risk somewhat by spawning a local server and POSTing the token back to it - which works locally but doesn't work well if you're dealing with trying to auth on a remote device. The user experience for both scenarios sucks, and it reduces a bunch of the worthwhile security properties that modern MFA supposedly gives us.
There's a third approach, which is in some ways the obviously good approach and in other ways is obviously a screaming nightmare. All the browser is doing is sending a bunch of requests to a remote service and handling the response locally. Why don't we just do the same? Okta, for instance, has an API for auth. We just need to submit the username and password to that and see what answer comes back. This is great until you enable any kind of MFA, at which point the additional authz step is something that's only supported via the browser. And basically everyone else is the same.
Of course, when we say "That's only supported via the browser", the browser is still just running some code of some form and we can figure out what it's doing and do the same. Which is how you end up scraping constants out of Javascript embedded in the API response in order to submit that data back in the appropriate way. This is all possible but it's incredibly annoying and fragile - the contract with the identity provider is that a browser is pointed at a URL, not that any of the internal implementation remains consistent.
I've done this. I've implemented code to scrape an identity provider's auth responses to extract the webauthn challenges and feed those to a local security token without using a browser. I've also written support for forwarding those challenges over the SSH agent protocol to make this work with remote systems that aren't running a GUI. This week I'm working on doing the same again, because every identity provider does all of this differently.
There's no fundamental reason all of this needs to be custom. It could be a straightforward "POST username and password, receive list of UUIDs describing MFA mechanisms, define how those MFA mechanisms work". That even gives space for custom auth factors (I'm looking at you, Okta Fastpass). But instead I'm left scraping JSON blobs out of Javascript and hoping nobody renames a field, even though I only care about extremely standard MFA mechanisms that shouldn't differ across different identity providers.
Someone, please, write a spec for this. Please don't make it be me.
Feathering the Nest
Jun. 24th, 2025 12:57 amysabetwordsmithdialecticdreamer is hosting Feathering the Nest, which always has a theme of fluff and comfort. Leave prompts, get ficlets!
Communication
Jun. 23rd, 2025 05:11 pmysabetwordsmithAmericans share their hopes for the country on 'wish walls' nationwide. The responses are surprisingly unifying
On July 4, 2026, the United States of America will celebrate its 250th birthday. To prepare for the big celebration, museums across the country are inviting the public to answer the question: “What’s your wish for America’s future?”
In a project designed by 26-year-old artist Katie Costa and developed by Made By Us, a nonprofit that promotes civic engagement among Gen-Z, thousands are responding.
( Read more... )
On July 4, 2026, the United States of America will celebrate its 250th birthday. To prepare for the big celebration, museums across the country are inviting the public to answer the question: “What’s your wish for America’s future?”
In a project designed by 26-year-old artist Katie Costa and developed by Made By Us, a nonprofit that promotes civic engagement among Gen-Z, thousands are responding.
( Read more... )
Solutions
Jun. 23rd, 2025 05:09 pmysabetwordsmithNew cheese packaging decomposes in 300 days, not 1,000 years: 'The solution was in the cheese itself'
As an alternative to single-use plastic wrapping, Ogilvy Colombia and Nestlé Central America have created “Self-Packing Cheese.”
The new biodegradable film is designed to decompose within 300 days of disposal — in stark contrast to the estimated 1,000 years it takes for standard plastic to break down.
And it’s entirely made from cheese waste and whey.
Now that's brilliant! Admittedly, we tend to buy block cheese or shredded cheese rather than slices, but lots of people prefer slices.
As an alternative to single-use plastic wrapping, Ogilvy Colombia and Nestlé Central America have created “Self-Packing Cheese.”
The new biodegradable film is designed to decompose within 300 days of disposal — in stark contrast to the estimated 1,000 years it takes for standard plastic to break down.
And it’s entirely made from cheese waste and whey.
Now that's brilliant! Admittedly, we tend to buy block cheese or shredded cheese rather than slices, but lots of people prefer slices.
Monday Update 6-23-25
Jun. 23rd, 2025 02:21 pmysabetwordsmithThese are some posts from the later part of last week in case you missed them:
Photos: Barnyard Picture
Birdfeeding
Book Bans
Philosophical Questions: Harm
Today's Adventures
Books
Birdfeeding
Photos: Charleston Food Forest
Photos: Coles County Community Garden
Recipe: "Pretzel Bread Savory Bread Pudding with Ham"
Birdfeeding
Heat
Photos: Charleston Library Butterfly Gardens
Follow Friday 6-20-25: Highlander
Today's Adventures
Recipe: "Chicken Stir-Fry with Mushrooms and Swiss Chard"
Birdfeeding
Wildlife
Birdfeeding
Cuddle Party
"Philosophical Questions: Looks" has 36 comments. "Not a Destination, But a Process" has 141 comments. "The Democratic Armada of the Caribbean" has 91 comments.
![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png)
summerofthe69 is now open! You can see the calendar here and the current theme is "Theme for June 16th throuth 30th: Forced 69."
"In the Heart of the Hidden Garden" belongs to the Antimatter and Stalwart Stan thread of the Polychrome Heroics series. It needs $66 to be fully funded. Lawrence shows Stan the Iron Courtyard garden.
The weather has been sweltering here and is predicted to remain so for the rest of the week. The weekend currently predicts rain, though. Seen at the birdfeeders this week: a mixed flock of sparrows and house finches, several mourning doves, a male cardinal, a catbird, a skunk, a fox squirrel, and at least 1 probably 2 bats. Zucchini has flower buds. Currently blooming: dandelions, pansies, violas, marigolds, petunias, red salvia, wild strawberries, verbena, lantana, sweet alyssum, zinnias, snapdragons, blue lobelia, perennial pinks, impatiens, oxalis, moss rose, yarrow, red coreopsis, anise hyssop, firecracker plant, tomatoes, tomatillos, Asiatic lilies, cucumber, astilbe, daylilies, snowball bush, yellow squash, zucchini, morning glory. The first 'Chocolate Sprinkles' tomato ripened. Blackberries and tomatoes have fruit showing color. Wild strawberries, mulberries, and black raspberries are ripe.
Photos: Barnyard Picture
Birdfeeding
Book Bans
Philosophical Questions: Harm
Today's Adventures
Books
Birdfeeding
Photos: Charleston Food Forest
Photos: Coles County Community Garden
Recipe: "Pretzel Bread Savory Bread Pudding with Ham"
Birdfeeding
Heat
Photos: Charleston Library Butterfly Gardens
Follow Friday 6-20-25: Highlander
Today's Adventures
Recipe: "Chicken Stir-Fry with Mushrooms and Swiss Chard"
Birdfeeding
Wildlife
Birdfeeding
Cuddle Party
"Philosophical Questions: Looks" has 36 comments. "Not a Destination, But a Process" has 141 comments. "The Democratic Armada of the Caribbean" has 91 comments.
summerofthe69 is now open! You can see the calendar here and the current theme is "Theme for June 16th throuth 30th: Forced 69.""In the Heart of the Hidden Garden" belongs to the Antimatter and Stalwart Stan thread of the Polychrome Heroics series. It needs $66 to be fully funded. Lawrence shows Stan the Iron Courtyard garden.
The weather has been sweltering here and is predicted to remain so for the rest of the week. The weekend currently predicts rain, though. Seen at the birdfeeders this week: a mixed flock of sparrows and house finches, several mourning doves, a male cardinal, a catbird, a skunk, a fox squirrel, and at least 1 probably 2 bats. Zucchini has flower buds. Currently blooming: dandelions, pansies, violas, marigolds, petunias, red salvia, wild strawberries, verbena, lantana, sweet alyssum, zinnias, snapdragons, blue lobelia, perennial pinks, impatiens, oxalis, moss rose, yarrow, red coreopsis, anise hyssop, firecracker plant, tomatoes, tomatillos, Asiatic lilies, cucumber, astilbe, daylilies, snowball bush, yellow squash, zucchini, morning glory. The first 'Chocolate Sprinkles' tomato ripened. Blackberries and tomatoes have fruit showing color. Wild strawberries, mulberries, and black raspberries are ripe.
I fat-accepted myself so hard, I became a jock – part 1: walking.
Jun. 23rd, 2025 07:27 pm![[syndicated profile]](https://www.dreamwidth.org/img/silk/identity/feed.png){kind=small}
thefatnutritionist_feedAs I write this, I’ve just come back from a nice little bike ride around my neighbourhood. I got sweaty, went fast, climbed a few little hills, descended a few little hills, waited my turn at traffic lights and 4-way stops (you’re welcome), and nearly got hit by two different drivers who were each doing something illegal.
Ah, exercise in North America. So glamorous, so safe, so encouraged.
Anyway, cycling is the second sport I have picked up since I accidentally discovered that I enjoy INTENSITY and GOING FAST. It is the second sport I have picked up since I accidentally discovered that I don’t care if I’m the only fat person at the group ride, I’M HERE TO RIDE. It is the second sport I have picked up since I accidentally discovered that exercise, when you remove all the crusty old baggage about it being a Moral Obligation and a Means to Weight Loss (it usually isn’t, and focusing on that ruins the fun), is something I not only need in some abstract sense, but something I crave in a very visceral, very obvious way.
It makes me feel better physically, it both excites me and calms me down, it cheers me up, it puts a bright spot of play into my day, and it emotionally regulates me in a way that not even therapy could. It’s also just pure joy, pure pleasure, pure fun. I think that gets lost when we live in a culture that alienates us from movement and from our own bodies.
As a kid, I never thought of myself as “athletic” because I did not participate in any formal sports, but looking back, there were signs. I loved tumbling in the yard, playing on the playground, throwing a ball around, bouncing on a trampoline, riding a bike or skateboard, and all kinds of games. I did not enjoy things I found boring: lap swimming, ballet, baseball, football, running a mile or whatever we were assigned to do in gym class, but I still found ways to run around and exhaust myself by having fun, at least until my mid-teens.
By then, so many pressures around body image had developed that made me too self-conscious to use my body for any physical activity, especially in public, and I became not only hopelessly neurotic about my weight and appearance, but also dolefully depressed. No wonder.
As a young adult, I only engaged in exercise for the purpose of trying to lose weight, and frankly, it sucked. There were moments of joy, which surprised me, and moments of discovering some hidden strength or natural ability, which also surprised me, but all of these were overshadowed by The Agenda to burn calories and lose weight. Which meant that, even for activities that I enjoyed, like karate or riding a bike, I applied myself to them with a rigidity and drivenness that precluded all flexibility, all self-compassion, and all joy. And when the diet fell apart, as it inevitably would, so did my relationship with exercise.
I spent the next decade or so only engaging in incidental movement, essentially giving myself permission to not do any intentional exercise. (I once mentioned that on here, and a few commenters were SO MAD about that.) I was lucky to live in a city with decent public transit, and I don’t drive, which meant that I got a fair bit of walking in, which kept me strong and mobile even when I had no desire to do it. This was uncomfortable at times, but because it had nothing to do with trying to lose weight, it was psychologically neutral. I didn’t exactly enjoy it, but I didn’t always hate it either. The most I could muster was a mild resentment.
About seven years in, I started not just taking transit and walking partway to work, but walking all the way to work, a mile each way. For the first time, I noticed that I enjoyed the physical sensations of getting my heart revved up, feeling a bit warm and even sweaty, and the exhilaration of breathing hard. I was only able to start enjoying these sensations once I’d practiced, repeatedly, taking away the reflexive judgment I’d learned to attach to them, like believing that breathing hard meant I was “unfit” and something was wrong with me, or that showing any kind of exertion in public must be a mortifying event because I was fat and everyone would notice. Some people did notice, and did comment that I was sweating, and I was able to calmly explain that I’d been walking briskly. On purpose. For exercise. This was very effective at both silencing them and making them look a bit silly, which I admit, I enjoyed.
Instead of feeling bad, I reminded myself (over and over) that of course your heart rate goes up when you exercise, and that’s what it’s supposed to do, and of course you feel warmer as you move faster, and of course you sweat to cool yourself down, and of course you breathe harder to get oxygen into your bloodstream and to your cells, because that’s what exercise is supposed to do. No matter how much or little exertion it takes to get these sensations, getting to them is basically the point. You can also choose to go slow and not push it, and just enjoy fresh air and stretching your legs, of course, but on days when you want to push a little harder or faster to challenge yourself, your body showing signs of exertion is exactly what should happen. Feeling challenged is literally the only way to increase your fitness. It does not mean something is “wrong” with you.
A few years after that, I started working from home and no longer had to walk much at all. I went through a phase of grief and sat down a lot, and I lost some mobility (and also gained some weight.) The urge to panic was strong, but I held fast to my values, and asked myself what I was truly worried about. Was it really the weight gain, or something else?
In thinking it over, it was mostly fear about the loss of strength and mobility, since I knew my life would get harder. I thought about it some more, and realized the best way for me* to improve my mobility was to…use it. To practice walking. To practice walking in sand, or up hills, or even up my arch-nemesis, stairs. Maybe I’d lose the weight I’d gained and maybe I wouldn’t, but either way, I would be more mobile and less afraid. So I bought some comfy walking clothes, and for the first time since childhood, I attempted to go for walks purely for recreation. I had to remind myself over and over not to monitor my heart rate, not to shoot for any “fat burning zone,” and not to count the minutes or create elaborate fitness routines in my head, but to focus instead on my internal sensations, on doing whatever felt good that day, on the trees, the sky, the dogs, the fresh air and the scenery around me. I did that enough that I started to get faster and feel better, even before my weight did anything. Eventually, over the next five years, it gradually settled back into my old (fat) baseline, without me forcing it to do anything at all.
*this is not true for everyone; see: CFS/ME, certain chronic pain or autoimmune conditions that you can’t exercise your way out of, and which require medical treatment first
I continued walking, for fun, for mental health (because at some point, my therapist pointed out how great it feels to walk when angry, to get all those stompy feelings out, which was an amazing revelation to me), and to enjoy the scenery, and even to enjoy the warm, sweaty exertion of it. I had a solid walking habit between 2011-2018, and I took a walk around lunchtime basically every day.
I always offered myself the chance to go, without forcing myself to go, usually by putting on my shoes and coat and stepping outside for some reason, to take out the recycling or just to check the weather. Then I got to decide whether I felt like going for a walk that day or not. I had full permission to turn around and come back inside if I wasn’t feeling it, but usually I was feeling it.
I started to anticipate my lunch break like a wiggly dog looks forward to the park. Each day, I had permission to walk briefly, for maybe five minutes around the block, to walk slow or fast, or not at all, or to walk farther, for a bigger neighbourhood loop that took 45-60 minutes, if I wanted to. Sometimes I did. Sometimes I walked for five minutes. Each time, I felt good afterward. If I took a rest day and went back inside, I felt good about that, too. I practiced making the right choice for that day. I was flexible.
Every Kind of Craft now open!
Jun. 23rd, 2025 03:02 pmyourlibrarian posting in knitting
Do you make crafts? Do you like to look at crafts? Would you like to get (or give) advice about crafts? All crafts are welcome. Share photos, stories about projects in progress, and connect with other crafty folks.
You are welcome to make your own posts, and this community will also do a monthly call for people to share what they are working on, or what they've seen which may be inspiring them. Images of projects old or new, completed or in progress are welcome, as are questions, tutorials and advice.
If you have any questions, ask them here!
Gimme a quilt!
Jun. 23rd, 2025 12:45 pmysobel posting in agonyauntDear Eric: My sister-in-law made quilts for two of her nieces. They unwrapped them to oohs, aahs and applause on Christmas Eve at my house. My daughter did not receive a gift. I sent a polite email to sister-in-law explaining that my daughter was disappointed. I received a snail mail reply that included a gift certificate and a note. Sister-in-law wrote that I was a bully and stated that she would never set foot in my house again. She hasn’t for several years. What should I do?
— Stitchy Situation
Situation: Your sister-in-law’s reaction was a bit extreme, all things considered (or at least all things detailed in your letter). This suggests to me that maybe there’s something else under it for her, whether it’s other issues she has with your relationship or a sensitivity around the particular gift. Or maybe her feelings were hurt by your email, even though it was polite.
The best way to sort it all out is by asking. It’s been years and she hasn’t come back, so I’m curious what your relationship is like outside of visits. Has this escalated to grudge territory? Does she speak to you at all? If she doesn’t, you may have to make a bigger gesture in order to reset things. Telling her, “I don’t like what happened between us” and “I’m sorry for my part” could help lay a foundation for reconciliation.
Try, if you can, not to let the conversation get too caught up in what happened years ago, though. The gift card, the email, et cetera. All the details can become places where you both get stuck relitigating and rehashing. Instead, focus on the objective of the conversation — you want to re-establish contact. It will also help to have a concrete goal, as well as an emotional one. Perhaps something like extending an invitation for her to come for lunch.
If she’s not receptive to a phone call or face-to-face conversation, an email or letter will work, but a spoken conversation is vastly more effective.
— Stitchy Situation
Situation: Your sister-in-law’s reaction was a bit extreme, all things considered (or at least all things detailed in your letter). This suggests to me that maybe there’s something else under it for her, whether it’s other issues she has with your relationship or a sensitivity around the particular gift. Or maybe her feelings were hurt by your email, even though it was polite.
The best way to sort it all out is by asking. It’s been years and she hasn’t come back, so I’m curious what your relationship is like outside of visits. Has this escalated to grudge territory? Does she speak to you at all? If she doesn’t, you may have to make a bigger gesture in order to reset things. Telling her, “I don’t like what happened between us” and “I’m sorry for my part” could help lay a foundation for reconciliation.
Try, if you can, not to let the conversation get too caught up in what happened years ago, though. The gift card, the email, et cetera. All the details can become places where you both get stuck relitigating and rehashing. Instead, focus on the objective of the conversation — you want to re-establish contact. It will also help to have a concrete goal, as well as an emotional one. Perhaps something like extending an invitation for her to come for lunch.
If she’s not receptive to a phone call or face-to-face conversation, an email or letter will work, but a spoken conversation is vastly more effective.
Birdfeeding
Jun. 23rd, 2025 02:17 pmysabetwordsmithToday is partly sunny and sweltering.
I fed the birds, including a refill of the thistle feeder. I've seen a few sparrows and house finches.
I put out water for the birds.
EDIT 6/23/25 -- I watered the telephone pole garden.
I've seen a gray catbird.
EDIT 6/23/25 -- I did a bit of work around the patio.
Fireflies are coming out.
EDIT 6/23/25 -- I watered the new picnic table plants and the septic garden.
As it is getting dark, I am done for the night.
I fed the birds, including a refill of the thistle feeder. I've seen a few sparrows and house finches.
I put out water for the birds.
EDIT 6/23/25 -- I watered the telephone pole garden.
I've seen a gray catbird.
EDIT 6/23/25 -- I did a bit of work around the patio.
Fireflies are coming out.
EDIT 6/23/25 -- I watered the new picnic table plants and the septic garden.
As it is getting dark, I am done for the night.
Mingled yarn
Jun. 23rd, 2025 07:28 pmoursinOn the possible academic library etc access thing, somebody has kindly pointed me at the Institute of Historical Research Non-Stipendiary Fellowships, which look fairly much the thing -
- except that the window for application closes on Friday, and besides getting an application together I need a letter of support testifying to my 'interest in research, good faith and behaviour' (at least, unlike the Bodleian, there is no cavil about naked flames).
So there's that.
In other, is this good or bad, had an email from person on committee of Society with which I have had associations in the past and published in their organ (hurhhurh) saying a) they have come across a piece I published in that organ and might I like to give a paper at their upcoming conference?
Well, I could possibly throw something together -
And b) the archives of this Society and a precursor organisation in which I am particularly interested have been deaccessioned by the Academic Institution where they were held (which has, I remark, form in this matter), and returned them to the Society.
I have, in what I hope was a reasonable tone, exhorted them to put them in another repository pronto, I recommend X, where they will be with archives of related org, also the vast and important collection previously unhomed by the Institution in question.
(*MUTED ARCHIVIST SCREAMING*)
In which there are Dosso Dossi and the allegorical paintings of doom
Jun. 23rd, 2025 04:23 pmspiralsheepI feel as if I haven't been inflicting enough questionable moments from history on y'all recently so... to the art mobile!
One of my favourite aspects of art is that even if one broadly shares many cultural influences with an artist it remains possible to be completely mystified by wth they were thinking when they painted THAT... ?! Anyway, meet Dosso (nickname for Giovanni di Niccolò de Luteri) whose patrons, male and female, liked him to paint cryptic allegories, i.e. even if you know the stories that inspired them you won't necessarily be able to decipher the message... if there is a message and the artist wasn't just messing with viewers... or drunk... or whatevz. All links to wikimedia, obv.
An allegory of Fortune, 1530-ish, in which a naked woman with only one sandal blows a giant bubble and a gravity defying gold cloth out of her... self, apparently, while staring at a handful of scratch-cards being waved by a man with slightly more dignified drapery.
An allegory of Music, 1522-ish, in which a partially naked woman (two sandals tho) stares at another naked woman's breasts, while a guy with the worst mankini in recorded history is distracted from retuning stringed instruments WITH A HAMMER by an angry arsonist toddler.
1535-ish, Hercules playing with a desk toy while a woman with her naked breasts in a fruit bowl stares at a goat... or possibly the head of the woman next to her who is sporting a marginally more fancy hat. IDK. Post your own explanation in comments plz. P.S. Beware of the baby magpie cos its got a knife... and some... I want to guess cheese? Cute dog tho.
( Don't go yet... I have four more.... )
Seven seems like enough bogglement for one day, or one bogglement for every day of the next week and then if you're good I might share a few portraits from my collection of unlikely nuns.
One of my favourite aspects of art is that even if one broadly shares many cultural influences with an artist it remains possible to be completely mystified by wth they were thinking when they painted THAT... ?! Anyway, meet Dosso (nickname for Giovanni di Niccolò de Luteri) whose patrons, male and female, liked him to paint cryptic allegories, i.e. even if you know the stories that inspired them you won't necessarily be able to decipher the message... if there is a message and the artist wasn't just messing with viewers... or drunk... or whatevz. All links to wikimedia, obv.
An allegory of Fortune, 1530-ish, in which a naked woman with only one sandal blows a giant bubble and a gravity defying gold cloth out of her... self, apparently, while staring at a handful of scratch-cards being waved by a man with slightly more dignified drapery.
An allegory of Music, 1522-ish, in which a partially naked woman (two sandals tho) stares at another naked woman's breasts, while a guy with the worst mankini in recorded history is distracted from retuning stringed instruments WITH A HAMMER by an angry arsonist toddler.
1535-ish, Hercules playing with a desk toy while a woman with her naked breasts in a fruit bowl stares at a goat... or possibly the head of the woman next to her who is sporting a marginally more fancy hat. IDK. Post your own explanation in comments plz. P.S. Beware of the baby magpie cos its got a knife... and some... I want to guess cheese? Cute dog tho.
( Don't go yet... I have four more.... )
Seven seems like enough bogglement for one day, or one bogglement for every day of the next week and then if you're good I might share a few portraits from my collection of unlikely nuns.
Audience Becomes Choir
Jun. 23rd, 2025 12:37 amysabetwordsmithThis performance from AGT snagged my attention, in which the contestant turns the audience into a choir.
1) Some people with Bardic gift can share theirs with other people; it's rare but I've known people who could do it. That's likely part of this.
2) Some people have a gift for conveying abstract ideas visually, which is rare enough, but doing it intuitively like that is really rare and impressive. Musical scores are precise but take a lot of training to read, especially sight-read without practice. Creating a visual representation of a song in three voices (high, middle, low) with indications of pitch and duration -- which works well as demonstrated -- is epic.
Business world: "Dammit, I wish we had someone that good with visuals to do whiteboard notes for our meetings."
Music world: "We saw her first."
1) Some people with Bardic gift can share theirs with other people; it's rare but I've known people who could do it. That's likely part of this.
2) Some people have a gift for conveying abstract ideas visually, which is rare enough, but doing it intuitively like that is really rare and impressive. Musical scores are precise but take a lot of training to read, especially sight-read without practice. Creating a visual representation of a song in three voices (high, middle, low) with indications of pitch and duration -- which works well as demonstrated -- is epic.
Business world: "Dammit, I wish we had someone that good with visuals to do whiteboard notes for our meetings."
Music world: "We saw her first."
Photos: Barnyard Picture
Jun. 22nd, 2025 11:54 pmysabetwordsmithHanging this picture of a barnyard was one of my goals for the year. \o/ It took us a lot of fuss and bother, but we got it up there eventually!
( Read more... )
( Read more... )
_(Italian_(Ferrarese)_-_Allegory_of_Fortune_-_Google_Art_Project.jpg){kind=link}
New verses in "In the Heart of the Hidden Garden"
Jun. 22nd, 2025 09:53 pmysabetwordsmithThanks to a donation from lone_cat, there are 24 new verses of "In the Heart of the Hidden Garden." Lawrence shows Stan the Iron Courtyard.
lone_cat, there are 24 new verses of "In the Heart of the Hidden Garden." Lawrence shows Stan the Iron Courtyard.vital functions
Jun. 22nd, 2025 07:22 pmkaberett... is a placeholder because I am doing so badly at routines in general and bedtime routines in particular, still, augh.
Reading. Adventures in Stationery, James Ward. Not entirely sold on the way anecdotes were strung together, and definitely dubious about the broader social history, but a pleasantly undemanding diversion in a week where I really needed that and for bonus points it finally explained The Thing About Blackwing Pencils to me.
Watching. One more episode of Farscape (S02E02 Vitas Mortis), while bleaching A.
Cooking. Mostly Pasta With Things. (Things have included "kohlrabi and misc other greens from the allotment" and "psuedo puttanesca".)
Eating. STRAWBERRIES. Have also nibbled, from the allotment: peas! broad beans! aforementioned kohlrabi! cherries! the first raspberries! redcurrants! jostaberries!
Exploring. ... bits of a field? OH and I bimbled down to the post office and, en route, checked how the local quince tree is doing. (FRUITING.)
Creating. Painted A colours!
Growing. Iiii just about made it to the allotment to water things on, like, Tuesday, but I have otherwise been... struggling.
... the ginger at home continues to go zoom, though! And I really really need to pot it on, eesh.
Observing. BAT.
Events of note this week (mostly hockey)
Jun. 22nd, 2025 10:33 pmrmc28You may have noticed it's been hot in England. So a lot of this week has just been the extra routines to cope with that (airing out the house at night / early morning, extra hydration, more naps).
It was a three-day week at work for me, with Monday my travel day back from Prague, and Wednesday a multi-errand day. Tuesday was a hectic day at work, but a rare evening with very few plans, so I actually rested. Wednesday had EHCP review for one child; a lunchtime skating lesson for me; a school bowling trip, hospital appointment and shopping all with the other child; and then Kodiaks practice in the evening.
This week and next are 4-day weeks at work for me; I am having a long weekend away in Portsmouth with one of my oldest friends from university. Probably my only trip away this year that isn't directly about ice hockey. (But there is a rink in Gosport and both of us skate.) We plan to visit the Mary Rose, and I at least want to visit both the Submarine Museum and the Explosion Museum. I have been intrigued by the latter since I saw a road sign for it on the way to Gosport rink last month, but haven't yet found anything else about it apart from name and location. No spoilers!
Birdfeeding
Jun. 22nd, 2025 02:19 pmysabetwordsmithToday is partly sunny and sweltering. It's 87°F and the heat index is 95°F. :P A beautiful day to stay indoors and write!
I fed the birds. I've seen a small flock of sparrows and house finches, several mourning doves, and a fox squirrel.
I put out water for the birds.
EDIT 6/22/25 -- I did a bit of work around the patio.
EDIT 6/22/25 -- I watered the plants on the new picnic table.
EDIT 6/22/25 -- I watered the old picnic table and house yard, and the septic garden.
I've seen at least one, possibly two bats. Lots of fireflies are out.
As it is getting dark, I am done for the night.
I fed the birds. I've seen a small flock of sparrows and house finches, several mourning doves, and a fox squirrel.
I put out water for the birds.
EDIT 6/22/25 -- I did a bit of work around the patio.
EDIT 6/22/25 -- I watered the plants on the new picnic table.
EDIT 6/22/25 -- I watered the old picnic table and house yard, and the septic garden.
I've seen at least one, possibly two bats. Lots of fireflies are out.
As it is getting dark, I am done for the night.
Culinary
Jun. 22nd, 2025 06:46 pmoursinThis week's bread: a rather basic wheatgerm loaf, something like 70/30 wholemeal/strong white flour + wheatgerm, [ETA: small amount of Rayner's Malt Extract], splosh of oil, turned out quite well considering it was the last scrapings of the recent batch of yeast.
Friday night supper: sorta-nasi-goreng with chorizo.
Saturday breakfast rolls: adaptable soft rolls, approx 4:1 strong brown/Marriage's Golden Wholegrain Bread Flour (end of bag), maple syrup, dried cherries. Tasty but a bit stodgy.
Today's lunch: bozbash, with red bell pepper, baby orange and yellow peppers, aubergine, okra, and baby courgettes, dried cherries, 5-pepper blend, dried basil, fresh green coriander (cilantro), and to finish, raspberry vinegar, served with couscous with toasted (slightly burnt) pinenuts.