During the last few days, I found several references to a beautiful just-published paper, which I hope everybody reads: The Moral Character of Cryptographic Work, by Phillip Rogaway; Cryptology ePrint Report 2015/1162, published on December 1st this year. It is more an academic essay than most crypto-related papers, and a long one at that (46 pages, packed with references and anecdotal notes).
But it is surprisingly easy to read. I am sitting in front of my computer while my students work on their final exam, and I have got over half way through the text; earlier today I looked at the quick presentation (as this work was presented by Rogaway at the Asiacrypt 2015 as an invited talk), and just loved it.
Now, I know most of the people reading my blog have a moral stand on their work (after all, I expect most of you to be committed to Free Software just as I am, and that is a tremendous political statement). We are also more a practice community than an academic/scientific one. But many of us dwell on several projects and hold more than one hats in life through which we are defined.
This paper/essay is really clicking with me, and it deeply resonates with the justification I presented when I joined the Masters on Security Engineering and Information Technologies program which I'm halfway through. Computer security does not exist in a void, and does not exist just for itself. As professionals, we have a mission to fulfill in society, and that will then shape how society evolves.
So, I invite everybody to at least take a casual look at this paper. I hope you enjoy it as much as I did, and I hope it changes people's hearts and career decisions.
Last week, Senator Omar Fayad presented one of the prime examples of a poorly redacted law that, if enacted, will make basically any way of computer use illegal. And yes, even if he states this is merely a draft, it has so many factual and conceptual errors that there is no way to trust sanity can be regained at any point. Oh, and before I continue with this rant: If the topic interests you, I suggest you to read the 10 key points about Ley Fayad, the worst Internet initiative in history, published by r3d.mx.
[update] An English equivalent of the work at r3d, at revolution-news.com: #LeyFayad: The Worst Bill in Internet History
The full text (in Spanish, of course) for the law initiative is available at the Senate webpage; the law will be called Ley Federal para Prevenir y Sancionar los Delitos Informáticos (Federal law to prevent and punish informatic felonies<) — A bad name to start with, as there are many laws already in that contested area. I started reading with the preamble (Exposición de motivos), which already shows bad signs of imprecise redaction and is plagued with factual errors (i.e. asserting that the real danger stems from the Web migrating to the Web 2.0, from which stems that this migration and not any previous one. Or by stating that (quoting+translating a full paragraph):
Activities such as electronic commerce, digital periodism, publicity and the opinions, messages or elements written in social networks can lead to patrimonial, reputation, honor or professional activity losses for people.
He continues by stating that only 16% of the countries have some kind of cybersecurity strategy (and, of course, Mexico doesn't). That... Well, is very hard to believe, as Mexico has two separate policial groups devoted to cybersecurity, and laws regulating from electronic signatures, commerce, identity, privacy, use and abuse, and a long list.
Of course, as most law proposals go, it quickly decays into a dry, boring document... And I must admit I didn't fully read it, but picked here and there. I won't copy in full the note I mentioned at the beginning at r3d.mx, but will continue with some strange points, such as:
- Article 16
- Every person that, without the corresponding authorization or exceeding the authorization confered, accesses, intercepts, interfers or uses an information system, will be punished by one to eight years of prision and fined by 800 to 1000 days of minimum wage
So, yes, borrowing your computer without getting explicit permission, or playing around with the options in kiosks, or tons of whatever we curious people do with systems we encounter are basis for jail. (And yes, fines in this country are expressed in "days of minimum wage", which goes at ~MX$70 per day, which is ~US$4). But it gets funkier quickly:
- Article 17
- Whoever fraudulently destroys, disables, damages or in any way alters the working of an informatic system or any of its components, will be punished by fice to fifteen years of jail and fined by up to a thousand minimum wage days
The same punishment will be given to whoever, without authorization, destroys, damages, modifies, divulges, transfers or disables information contained in any Informatic System or any of its components.
The punishment will be ten to twenty years in prision and a fine of up to a thousand days of minimum wage if the effects here mentioned are done by the creation, introduction or fraudulent transmission, by any means, of an informatic weapon or malicious code
This law is meant to protect against cyberfelonies, if such a thing exists. However, here we are putting at risk people even for accidental equipment destructions. I dropped your portable hard disk with my elbow off the table? Accuse me of acting fraudulently, and I'm up for a serious jail time. And yes, laws are meant to be interpreted... And I don't want to be at the receiving end of this one!
In this last article, Fayad mentions informatic weapons, which are defined in the preamble as any informatic program, informatic system, or in general, any device or material created or designed with the purpose of committing an informatic crime. So the very next article makes me, as it should make all of my fellow students and researchers, very uneasy:
- Article 18
- Whoever uses informatic weapons or malicious code will be imprisioned by two to six years, and fined with 200 to 500 days of minimum wage.
- Article 19
- Whoever builds, distributes, commerces with informatic weapons or malicious codes will be punished by three to seven years of prision and 200 to 500 days of minimum wage.
If we need to analyze malware for our classes (or for paid work, or as a hobby), we clearly fall in article 18. If we write something that can be classified as malware (without even releasing it, as an academic excercise only!), we are covered by article 19. If I give my students code that's known to be malicious (which could be as inofensive as linking to a well-known Web comic), I'm also covered by article 19.
I'll jump all the way to article 31 (reproduced only partially):
- Article 31
- Whoever, by any means, creates, captures, records, copies, alters, duplicates, clones or deletes the information contained in a credit or debit card (...) will be punished by 8 to 14 years of prision and 300 to 500 days of minimum wage. (...)
This clearly disincentivates any way of e-commerce. When I try to buy anything online, I have to capture+copy my (rightfully owned) credit card data. The services provider has to copy, process and then delete said information. Any e-transaction is punished by jail!
Well... But thinking about this again, maybe I shouldn't be so worried about the malware distribution issue at my classes. There are clearer and more contundent articles. Say...
- Article 35
- Whoever convenes, organizes, is part of, or executes a cibernetic attack, will be punished by 20 to 30 years of prision and fined with 100 to 1000 days of minimum wage
Of course we have convened, organized, been part of and executed cibernetic attacks at the computer security lab at ESIME. Why would there be such a lab otherwise?
Then, there are clear indications that the Senator didn't understand the topic his team was working on:
- Article 37
- Who manipulates the digital seals used by command of the public authority will be punished with 240 days of community work
Now... What is a digital seal? It's not a phisical one that does not allow opening the doors to a business found at fault, but something that just proves a document is legitimate and pristine. How can I manipulate them? Of course, if the seals are MD5-based, I can easily forge them (and SHA1-based, it seems they will be broken enough soon to be considered no longer trustable)... But that's about it!
And there is more, lots more. I'm swamped with work, and have to get back to it. But chapters the following chapters have a lot of potential for finding holes.
PS - And yes, the only use I do of Twitter is via the headlines in my blog ;-)
[update] Ley Fayad is dead, yay! \o/ The senator withdrew the proposal.
I am very glad and very proud that the community I am most involved in, the Debian project, has kept its core identity over the years, at least for the slightly-over-a-decade I have been involved in it. And I am very glad and very proud that being less aggressive, more welcoming and in general more respectful to each other does not counter this.
When I joined Debian, part of the mantra chants we had is that in order to join a Free Software project you had to grow a thick skin, as sooner or later we'd all be exposed to flamefests. But, yes, the median age of the DD was way lower back then — I don't have the data at hand, but IIRC I have always been close to our median. Which means we are all growing old and grumpy. But old and wiser.
A very successful, important and dear subproject to many of us is the Debian Women Project. Its original aim was, as the name shows, to try to reduce the imbalance between men and women participants in Debian — IIRC back in 2004 we had 3 female DDs, and >950 male DDs. Soon, the project started morphing into pushing all of Debian to be less hostile, more open to contributions from any- and everyone (as today our diversity statement reads).
And yes, we are still a long, long, long way from reaching equality. But we have done great steps. And not just WRT women, but all of the different minorities, as well as to diverging opinions within our community. Many people don't enjoy us abiding by a code of conduct; I also find it irritating sometimes to have to abide by certain codes if we mostly know each other and know we won't be offended by a given comment... Or will we?
So, being more open and more welcoming also means being more civil. I cannot get myself to agree with Linus' quote, when he says that respect is not just given to everybody but must be earned. We should always start, and I enjoy feeling that in Debian this is becoming the norm, by granting respect to everybody — And not losing it, even if things get out of hand. Thick skins are not good for communication.
OK, I already bragged that our book on Operating Systems is finally printed and has, thus, been formally published.
What I had not yet mentioned is how we planned its physical distribution. Yes, it is available for sale at some UNAM libraries... But coming to UNAM is sadly an option only for people who are in Mexico City.
I have been quite busy, and was unable to come up with anything earlier, but I have finally finished setting up a decent although minimal web page for the book. In it, I mention the possible ways you can get your own printed copy of Fundamentos de sistemas operativos:
- If you are in Mexico, the advised way is to call or mail the library at Instituto de Investigaciones Económicas — (+52-55)5623-0080 or firstname.lastname@example.org.
They will ship the book (they would ship it overseas, but it'd be too expensive!) and are able to process electronic payment opetions.
The book printed at UNAM has substantive part of its pages printed in color, and let me tell you... It's worth it.
- If you are not in Mexico or you prefer not to deal with a human, you can buy the book from the on-demand printing service lulu.com.
For cost reasons, it is printed in black and white, but it is the same content (minus two typos ;-) ). Lulu.com is an international company, so they will get it shipped to you cheaper and faster — And I have requested the book to be made available to libraries such as Amazon and Barnes and Noble (and was told it should take a couple of weeks to have it ready there).
(and please report me any bugs you see!)
Today I was refered to the publication of an "agreement" signed by my university's Rector: The Agreement that establishes the General Guidelines for the Open Access Policy of Universidad Nacional Autónoma de México.
This is a document we have been waiting and pushing for throughout several years; I got involved in the Network of Digital Collections (Red de Acervos Digitales), RAD-UNAM back in 2011, and am honored to be its current coordinator, but this group has roots back in 2005. And, of course, by then several other people had been working on the topic without formal coordination.
Not only we are happy because the agreement explicitly mentions our group as one of The Venues for Open Access publishing and dissemination in UNAM. In its seventh point, it mentions:
In the matters of Open Access, academic entities and university dependencies have the following obligations:
VII. Promote and support the creation and maintenance of institutional repositories, as well as the deposit of the digital resources produced by its academic community, which should be incorporated into Red de Acervos Digitales de la UNAM
So... We have done a good job. And there will be surely more to follow!
I'm including here a copy of the agreement by itself (without the whole number of the Gaceta UNAM) because I will surely have to refer to it in the future.
180 degrees — people say their life has changed by 180° whenever something alters their priorities, their viewpoints, their targets in life.
In our case, it's been 180 days. 183 by today, really. The six most amazing months in my life.
We are still the same people, with similar viewpoints and targets. Our priorities have clearly shifted.
But our understanding of the world, and our sources of enjoyment, and our outlook for the future... Are worlds apart. Not 180°, think more of a quantic transposition.
For the second time since I joined Debian, I missed DebConf. This time, mostly for two completely happy reasons (which have, of course, grown up quite significatively):
But adding to that very important factor, early-to-mid August is possibly the worst date for me to attend DebConf — As that's when we start classes at UNAM, and I really don't want to delegate introducing my class to somebody else (besides it being or not possible).
Life has been quite busy here. Besides starting my seventh semester as a teacher (finally being able to present my book on operating systems to the students!), I also took on teaching two modules for a diploma-course on embedded Linux. I'm co- teaching the "User-space Linux" module together with Gabriel Saldaña, and will teach the "Boot process" module with Sandino Araico. There are many things that should be improved about the covered program, but we are having good fun working our way on it; Gabriel and I have given two (out of six) 6hr sessions each, and have reached the point where it is actually becoming fun :)
As for Debian... I have been doing minimal maintenance work. Answering to some keyring tickets, or taking care of only high-profile important issues. I do not have time to do much. I have been wanting to do some interesting analysis on the evolution of our keyring for several months, but have not had the time to follow it up. Will do at some point, /mehopes.
Anyway... This post is probably just because I need to somehow be there at our community's highest social, technical exchange period in the year. That is, there's not much to report, it's only me waving from home!
Basically everybody who knows me is aware that, basically for the last two years, I have been writing a book on Operating Systems for use in my class — and, of course, in any similar class. Well, long story short, as of today:
What's that in my car trunk? Lets have a closer look.
Finally, Facultad de Ingeniería finished printing the book!
So... Well, some minor data points:
- The book is (and has been for some time already!) available online as a free download.
- If you want to derive from it or enhance future editions in any way, just clone it!.
- Want to get a physical copy? Great! It will soon (a week or so) be ready at both the Faculty's and the Institute's bookstores.
- But coming to UNAM is hard for you? Stay tuned. I have uploaded it to an on-demand printing service (Bubok), but its service is so dismally slow that I'll try it somewhere else. I'll keep you posted!
Anyway... Very happy here :D
A couple of months ago, I was invited to give the starting course for the Masters degree in Free Software in the Universidad Andina Simón Bolívar university. UASB is a multinational university, with campuses in (at least) Ecuador, Chile, Bolivia and Colombia; I was doubtful at first regarding the seriousness of this proposal and the viability of the program, but time made my doubts disappear.
Bolivia is going through an interesting process, as they have one of the strongest worded government mandates for migration to free software for the public administration in the next couple of years; this migration has prompted the interest of many professionals in the country. In particular, we have over 40 registered people for this Masters degree. Studying a Masters degree is a long-term commitment which signifies a big time investment, and although many of the student are quite new to the idea of free software, they are willing to spend this time (and money, as the university is privately owned and charges for its enrollment).
I gave this class together with Alejandro Miranda (a.k.a. @pooka), as we have a very good pair-teaching dynamics; we had already given many conferences together, but this is the first time we had the opportunity to share a whole course — and the experience was very good. We have read the students' logs, and many of them clearly agree with this.
I had to skip two of the (ten) lessons, as I travelled from Mexico to Argentina halfway through it (of course, we brought the babies to meet my wife's family and friends!), so we had also the honor of having Esteban Lima fill in for those sessions.
I am very happy and grateful that the University took care to record our presentations and intend to record and put online all of the classes; as we were the first in the program, there were some understandable hiccups and some sessions were lost, but most are available. Here they are, in case you are interested in refering to them:
|Topic||Video (my server)||Video (Youtube)|
|Introduction to free software||Watch||Watch|
|The effects of free software||Watch||Watch|
|Free software and open standards related to technologic soverignity||Watch (low)
|The free software ecosystem||Watch||Watch|
|Free software implementation in Bolivia||Watch||Watch|
|Introduction to intelectual property: Copyright, patents, trademarks, etc.||Watch||Watch|
|Who is "the community" and why do we speak about it?||Watch (low)
|Current status and challenges for the movement||Watch||Watch|
All in all: This was a great opportunity and a joy to do. I think the material we used and developed fit well what was expected from us, and we had fun giving somewhat heterodox readings on our movement.
[Update]: UASB uploaded some extra videos, with a much better quality! I added them to the table above, specifying (Low) or High whenever needed. Also, all classes are now available. Enjoy!
«Almost free» — Some experiences with the Raspberry Pi, CI20, BananaPi, CuBox-i... And whatever will follow
I know very little about hardware.
I think I have a good understanding on many aspects of what happens inside a computer, but my knowledge is clearly firmer on what happens once an operating system is already running. And even then, my understanding of the lower parts of reality is shaky at most — At least according to my self-evaluation, of course, comparing to people I'm honored to call "my peers".
During the last ~18 months, my knowledge of this part of reality, while still far from complete, has increased quite a bit — Maybe mostly showing that I'm basically very cheap: As I have come across very cheap (or even free for me!) hardware, I have tried to understand and shape what happens in levels below those where I dwell.
I have been meaning to do a writeup on the MIPS Creator CI20, which was shipped to me for free (thanks++!) by Imagination Technologies; I still want to get more familiar with the board and have better knowledge before reporting on it. Just as a small advance, as this has been keeping me somewhat busy: I got this board after their offer to Debian Developers, and prompted because I'll be teaching some modules on the Embedded Linux diploma course dictated by Facultad de Ingeniería, UNAM — Again, I'll blog about that later.
My post today follows Riku's, titled Dystopia of things, where he very clearly finds holes in the Internet of Things offering of one specific product and one specific company, but allows for generalizations on what we will surely see as the model. Riku says:
Today, the GPL sources for hub are available - at least the kernel and a patch for busybox. The proper GPL release is still only through written offer. The sources appeared online April this year while Hub has been sold for two years already. Even if I ordered the GPL CD, it's unlikely I could build a modified system with it - too many proprietary bits. The whole GPL was invented by someone who couldn't make a printer do what he wanted. The dystopian today where I have to rewrite the whole stack running on a Linux-based system if I'm not happy what's running there as provided by OEM.
This is not exactly the situation on the boards/products (it's a disservice to call the cute CuBox-i just a board!) I mention I'm using, but it's neither too far. Being used to the easy x86 world, I am used to bitching on specific hardware that does not get promptly recognized by the Linux kernel — But even with the extra work UEFI+SecureBoot introduces, getting the kernel to boot is something we just take for granted. In the MIPS and ARM worlds, this is not so much of a given; I'm still treating the whole SPL and DeviceTree world as a black box, but that's where a lot of the work happens.
The boards I am working on try to make a point they are Open Hardware. The CI20 is quite impressive in this regard, as not only it has a much more complete set of on-board peripherials than any other, but a wealth of schematics, datasheets and specifications for the different parts of its components. And, of course, the mere availability of the MIPSfpga program to universities worldwide is noteworthy — Completely outside of my skillset, but looks most interesting.
However... Despite being so much almost-Free-with-a-capital-F, all those boards fail our definitions of freedom in several ways. And yes, they lead us to a situation similar to what Riku describes, to what Stallman feared... To a situation not really better to where we stand on openly closed-source, commodity x86 hardware: Relying on binary blobs and on non-free portions of code to just use our hardware, or at least to use many of the features that would be available to us otherwise.
As an example, both the CI20 and the CuBox-i vendors provide system images able to boot what they describe as a Debian 7 system, based on a 3.0 Linux kernel (which Debian never used; IIRC the CuBox-i site said it was derived from a known-good Android kernel)... Only that it's an image resulting of somebody else installing and configuring it. Why should we trust their image to be sane? Yes, the resulting installation is quite impressive (i.e. the CI20's 3D demos are quite impressive for a system that feels otherwise sluggish, and out of my ARM experience, I'd wager it feels sluggish mostly because of a slow SSD)...
I have managed to do clean Debian installs on most of my ARM machines (the CuBox-i as described in my previous blog post; this post from Elena ``of Valhalla'' prompted me into trying the already well documented way of running the official Debian Installer, which worked like a charm and gave me a very nice and responsive Debian 8 install — Modulo yes, the Banana's non-free video interface, which AFAICT uses the non-free Mail binary driver... And which I haven't had the time to play with yet. Of course, my CuBox is in a similar situation, where it works like a charm as a personal server, but is completely worthless as a set-top box.
So, with those beautiful, small, cheap SoC systems, we are close to where we stood twenty years ago with x86 Linux: Good support for a small set of peripherials, but a far cry from having a functional system with exclusively free software. ,
Still... Playing with these boards has taught me a lot, and has clearly taught me I'm still standing on the first steps of the n00b level. I have a lot to learn to be able to responsibly teach my part of the diploma course, and I'm very thankful for the differences in hardware (and, of course, for the hardware manufacturers, specially for the MIPS Creator CI20 and the Lemaker Banana Pi for giving me boards to work on!)
I shall keep posting on this topic.
Today I feel more special than I have ever felt.
Or... Well, or something like that.
Thing is, there is no clear adjective for this — But I successfully finished my Specialization degree! Yes, believe it or not, today I can formally say I am Specialist in Informatic Security and Information Technologies (Especialista en Seguridad Informática y Tecnologías de la Información), as awarded by the Higher School of Electric and Mechanic Engineering (Escuela Superior de Ingeniería Mecánica y Eléctrica) of the National Polytechnical Institute (Instituto Politécnico Nacional).
In Mexico and most Latin American countries, degrees are usually incorporated to your name as if they were a nobiliary title. Thus, when graduating from Engineering studies (pre-graduate universitary level), I became "Ingeniero Gunnar Wolf". People graduating from further postgraduate programs get to introduce themselves as "Maestro Foobar Baz" or "Doctor Quux Noox". And yes, a Specialization is a small posgraduate program (I often say, the smallest possible posgraduate). And as a Specialist... What can I brag about? Can say I am Specially Gunnar Wolf? Or Special Gunnar Wolf? Nope. The honorific title for a Specialization is a pointer to null, and when casted into a char* it might corrupt your honor-recognizing function. So I'm still Ingeniero Gunnar Wolf, for information security reasons.
So that's the reason I am now enrolled in the Masters program. I hope to write an addenda to this message soonish (where soonish ≥ 18 months) saying I'm finally a Maestro.
As a sidenote, many people asked me: Why did I take on the specialization, which is a degree too small for most kinds of real work recognition? Because it's been around twenty years since I last attended a long-term scholar program as a student. And my dish is quite full with activities and responsabilities. I decided to take a short program, designed for 12 months (I graduated in 16, minus two months that the university was on strike... Quite good, I'd say ;-) ) to see how I fared on it, and only later jumping on the full version.
Because, yes, to advance my career at the university, I finally recognized and understood that I do need postgraduate studies.
Oh, and what kind of work did I do for this? Besides the classes I took, I wrote a thesis on a model for evaluating covert channels for establishing secure communications.
The discussion regarding the legality and convenience of Uber, Cabify and similar taxi-by-app services has come to Mexico City — Over the last few days, I've seen newspapers talk about taxi drivers demonstrating against said companies, early attempts at regulating their service, and so on.
I hold the view that every member of a society should live by its accepted rules (i.e. laws) — and if they hold the laws as incorrect, unfair or wrong, they should strive to get the laws to change. Yes, it's a hard thing to do, most often filled with resistence, but it's the only socially responsible way to go.
Private driver hiring applications have several flaws, but maybe the biggest one is that they are... How to put it? I cannot find a word better than illegal. Taxi drivers in our city (and in most cities, as far as I have read) undergo a long process to ensure they are fit for the task. Is the process incomplete? Absolutely. But the answer is not to abolish it in the name of the free market. The process must be, if anything, tightened. The process for granting a public driver license to an individual is way stricter than to issue me a driving license (believe it or not, Mexico City abolished taking driving tests several years ago). Taxis do get physical and mechanical review — Is their status mint and perfect? No way. But compare them to taxis in other Mexican states, and you will see they are in general in a much better shape.
Now... One of the things that angered me most about the comments to articles such as the ones I'm quoting is the middle class mentality they are written from. I have seen comments ranging from stupidly racist humor attempts (Mr. Mayor, the Guild of Kidnappers and Robbers of Iztapalapa demand the IMMEDIATE prohibition on UBER as we are running low on clients or the often repeated comment that taxi drivers are (...) dirty, armpit-smelly that listen to whatever music they want) to economic culture-based discrimination Uber is just for credit card users as if it were enough of an argument... Much to the opposite, it's just discrimination, as many people in this city are not credit subjects and do not exist in the banking system, or cannot have an always-connected smartphone — Should they be excluded from the benefits of modernity just because of their economic difference?
And yes, I'm by far not saying Mexico City's taxi drivers are optimal. I am an urban cyclist, and my biggest concern/fear are usually taxi drivers (more so than microbus drivers, which are a class of their own). Again , as I said at the beginning of the post, I am of the idea that if current laws and their enforcement are not enough for a society, it has to change due to that society's pressure — It cannot just be ignored because nobody follows the rules anyway. There is quite a bit that can be learnt from Uber's ways, and there are steps that can be taken by the company to become formal and legal, in our country and in others where they are accused of the same lacking issues.
We all deserve better services. Not just those of us that can pay for a smartphone and are entitled to credit cards. And all passenger-bearing services require strict regulations.
Guests in the Classroom: Felipe Esquivel (@felipeer) on the applications on parallelism, focusing on 3D animation
I love having guests give my classes :)
This time, we had Felipe Esquivel, a good friend who had been once before invited by me to the Faculty, about two years ago. And it was due time to invite him again!
Felipe knows his way around the different aspects of animation. For this class (2015-04-15), he explained how traditional ray-tracing techniques work, and showed clear evidences on the promises and limits of parallelism — Relating back to my subject and to academic rigor, he clearly shows the speed with which we face Amdahl's Law, which limits the efficiency of parallelization at a certain degree perprogram construct, counterpointed against Gustafson's law, where our problem will be able to be solved in better detail given more processing abilities (and will thus not hit Amdahl's hard ceiling).
That's all I need to enjoy the best best party ever.
Oh! Shall I mention that we got a beautiful present for the kids from our very dear DebConf official Laminatrix! Photos not yet available, but will provide soon.
(No, I'm not talking about a future Ubuntu release... After all, what kind of weird animal would a weekend be?)
This weekend we took the kids outside for the first time (not counting, of course, visits to the pediatrician). We were quite anxious... Of course, they were born somewhat under weight and at 7½ months of gestation. But this Saturday we feelt adventurous, and took the kids out for a day among people!
It might not sound like a big deal, but... Well, we took a not such beautiful or scenic route: We took them to the supermarket, and had a small lunch out. For the first time in the already two months they have been with us.
Dinner with friends at home, having a very good time, and –as expected– a... Very hard night for us. All that excitement had the babies very nervous.
Today –again, for the first time– we took the children out to visit some friends of ours. Again, it was great, they behaved very nicely, and were lovely all around.
Lets see what this night holds in place for us.
Anyway, with them growing slowly but steadily... We are very happy, thankful parents. For the first time since Regina is with me in Mexico, this time we decided we would not have a birthday party (yes, I'm 30 minutes away from being 39 year old). I cannot imagine a fuller, better celebration than what we are having. This two babies are the real event in our lives.
Oh... And by the way, this weekend also saw the release of a great new Debian release: Debian 8, codenamed Jessie. Thanks, folks, for such a great birthday present ;-) For reasons that should by now be obvious, I wasn't able to go to either of the release parties I knew of in Mexico City (even one of them was ~500m from home!)