The Terra Galleria Blog – QT Luong

Frequent visitors to terragalleria.com may have noticed unusual, repeated periods of downtime over the past month, as well as a gap in updates. The quick explanation is that the server hosting the site was hacked. Sure, this has happened several times in the past, but each time I had been able to figure out which vulnerability the hackers had used, which (criminal) activities they had planned, and shut them out. Not this time, which opened to door to multiple, escalating attacks which eventually forced me to decommission the server and rebuild a new one. To get a sense of the aggravation I faced, read on the long explanation.

Let’s begin by addressing the most obvious concern. There isn’t much to steal on the server. For safety reasons, we do not store credit card numbers, simply passing them to our gateway. High-resolution digital files are valuable, by only if you can license them, a task which is nowadays quite difficult even for legitimate image creators. To the hacker’s credit, they did not vandalize the site contents. They seemed to be interested in the server only as a platform to try and compromise other systems and get access to them.

It started about a month ago. A reader reported to me that his anti-virus software had flagged the terragalleria.com website. An investigation based on time-stamps (to look at recently modified files) quickly showed that in one of the files containing Javascript utilities, the following code was appended (I’ve included it as an image because as text it is harmful !):

If this sounds like Hebrew to you, rest assured that it was the same for me until someone on G+ pointed me to the following page, which explains everything. The code was obfuscated to make it difficult to understand what it does: it creates a iframe – a special invisible frame around the webpage – which points to a website that tries to infect visitors with malware, which I can only assume (I didn’t download it, and nor should you ever download software with no clear purpose) allows them to take control of the victim’s computer.

Although getting rid of this particular code was easy, finding out how the hackers were able to plant it remained an unsolved challenge, as there are so many different security flaws which can be exploited to gain control over a computer. Even systems from the US Department of Defense are not immune to hacking. Since I didn’t know the extent to which the server was compromised, the safest thing to do was to rebuild the site. However, I was going to travel the following week, so I didn’t have time to do much. I also hoped that the intrusion was limited – as had been the case in the past. I left for Alaska.

In search of the Aurora, we drove north of Fairbanks on the Dalton Highway, passing the Arctic Circle. Although there were absolutely no services of any kind on the 240 mile stretch of road until Coldfoot -making it the most remote in North America – the nearby village of Wiseman (pop 13), has two B&Bs open year-round. Because our rental car was marginally equipped to deal with -30F weather, instead of camping further north, we stayed there. Unexpectedly, they provided for a few hours per day satellite-based internet.

That’s when I learned that my server woes were getting worse. The hackers were trying to use the compromised server to hack into other machines on the network, using what is called a “brute force attack” which consists of automatically trying to log on by trying thousands of different passwords (the reason you shouldn’t use simple passwords). As a result, the hosting company took the server offline after I had failed to respond to their warnings. Back in Fairbanks, we huddled in the public library to benefit from a reliable internet connection. At first we found themselves locked out from the system, but after assistance from the data center technicians, we had the main (root) password reset so we could do administrative tasks. My friend then found one of the backdoors they left and removed it.

All was (almost) quiet for a few days, but the following week they tried again to do brute force attacks against other computers. I was not able to locate the script nor the security hole, but at least I was able to stop the activity by disabling some system utilities.

A few days later, I discovered that they were back to trying to propagate malware using an iframe. But this time, they used more sophisticated methods. They had covered more carefully their tracks, since a time-stamp based search didn’t yield anything interesting. Instead of just modifying a single text file, they managed to get the webserver to append a malicious iframe for all web pages and all the domains hosted on the server. Protecting our visitors is the priority, so upon discovering that the server was trying to spread malware, I immediately shut down all web services.

I looked all day long at various configuration files, yet remained stumped. Because I hold a PhD in Computer Science, it is sometimes assumed that I am a wizard with computers. But in fact, I was mostly a mathematician studying the geometry of visual perception of three-dimensional space. I learned very little about system administration in grad school – there was no world wide web yet. I decided to simply abandon the server. This was the right decision, as in the following week, the situation degrated further. Not content with changing all the server passwords, they reconfigured the server so that even after reseting the root password it was not possible for me nor the data center technicians to log on. In the while, I received complaints from system administrators of large, well-known companies, into which they tried to hack using the server. I eventually put an end to this activity by wiping out all server contents with an OS reload.

Upon returning home from Alaska, I had already begun to plan for a new replacement server – kind of like burning your house to the ground and rebuilding it to get rid of vermin. I was looking at more complex solutions involving virtualization and cloud computing. However the server was now down, and every such day costs us quite a bit in lost business, so I decided to rebuid again a simple and cost-effective dedicated server. I rent a box running Linux on a brand new Quad Core Xeon 1270 – 3.40GHz (Sandy Bridge), 1 x 8MB cache w/HT, 2 GB DDR3 1333 RAM, 2x 750GB SATA II HDD with a 100 Mbps uplink port and a 3TB monthly data transfer allowance.

Besides the hardware upgrade – which greatly accelerate searches and dynamic loads – the main difference is that unlike on my previous servers, decided to forego a control panel (I used Plesk before), mostly for security reasons. The data center technicians had pointed out to specific Plesk-related vulnerabilities. A control panel provides an easy-to-use graphical interface to all services on your server. Without one, you administer your server by editing text files and typing commands.

I found out during installation that while a control panel makes configuration simpler and more foolproof (no messing all your web services because of a single missing directive or a mistyped command), its main benefit is that it provides web-ready software. In my case, all the installation went smoothly until I noticed that PHP (an active component of web pages) would not communicate with MySQL (the database). Since they are such basic and popular building blocks, you’d think that they would work right out of the box in a distribution such as Red Hat Enterprise Linux (RHEL) 5, but this wasn’t the case at all. After trying many things, I re-installed PHP from source, but in the process this happened to break httpd. At this point I got fed up with fiddling around without real understanding. I hired the services of a server administration company.

They fixed the problem promptly, and I was happy to get the site up again, first in an emergency instance without many functions. However, as I began to set-up my backup software, I found out that the hard drives were not configured properly. I had ordered the server with two hard drives, with the intention to use the second one for backup. However, the hosting company set up the drives as an LVM (Logical Volume Manager) volume group, which defeated the purpose. They recommended that I reload the OS and restart from scratch, although there exists a risky procedure to remove a drive from the LVM. As it had taken me more than a day to get to that point, I wasn’t too keen on doing it over again, so I asked my system administrator to try the procedure. Sure enough, it failed, leaving the server in a state where it wouldn’t even boot.

It quickly became clear that I had no choice but to reload the OS. I thought that I might as well upgrade to version 6 of RHEL as older versions sometimes lack critical security updates. It turned out to be even worse than RHEL 5. PHP didn’t even work properly. After trying to fix it without success, the system administrator recommended that instead I reload CentOS 5. I was surprised, since CentOS is the free – and supposedly functionally identical – version of the licensed RHEL, but indeed PHP and MySQL worked out of the box. This doesn’t mean that all my scripts worked, since software upgrades forced me to update my scripts, but at least the basics were there.

Acting as system administrator for two weeks was more than I cared for, but thanks to backups I didn’t loose any data. I just wished hackers would be more considerate in choosing their targets. Many companies who run websites with less traffic than terragalleria.com have full-time system administrators, but this is essentially a one-person operation. I have found that one of the main difficulties – and sometimes source of frustration – in running a small photography business is that one has to wear so many hats. Over the years, terragalleria.com has grown to become, amongst other things, a fully-featured stock photography website and digital wallpaper subscription site. That it needed to run on its own server, which was at the root of last month’s troubles, is something I suppose I should be grateful for, as it had provided me my own path to full-time photography.

Upon arriving in Gyeongju, I headed towards the Hanjin Hostel, conveniently situated a few blocks from the bus station. When traveling overseas solo, I prefer to stay at hostels because the management is usually a useful resource, and speaks English, a big plus in a country with a strange script. I’ve found that hostels often provide services that normal hotel don’t, and that their owners are generally friendly and welcoming to independent travelers.

That was certainly the case of “Master” Kwon Clint. Granted, Mr. Kwon has created a nice map of Gyeongju that he gives free to each guest, together with some tour advice, but his quiet generosity and availability goes beyond that. Since I don’t plan much in advance, I wanted to make sure I had a flight reserved for Jeju Island before heading out to explore Gyeongju. After spending half an hour on my iPad, I couldn’t get the website of Jeju Air – a smaller airline with cheaper fares than the mainstream carriers Koran Air and Asiana Airlines – to work for me: I kept getting an error message in Korean. I asked Mr. Kwon to refer me to a travel agent, but he told me that I wouldn’t be able to book such a flight through them, and instead offered to help me. When he figured out that the error was caused by the Jeju Air website refusing a foreign credit card, he offered to use his own to complete the transaction.

Mr. Kwon’s family also opened their home and life. I happened to be there on the day when Korean people prepare their staple kim-chi for the winter in the yard. Even before stepping out of the hostel, I had a look at one of the most interesting traditions I saw on my trip.

Upon learning of my plans to stay only two days in Gyeongju before flying to Jeju Island, Mr. Kwon mentioned that Gyeongju was the most interesting place in Korea. Based on what I saw during my whirlwind trip, I’d have to agree. Right in the middle of the town, I found an impressive complex of tumuli.

A short bus ride outside of town, Bulguksa temple is a masterpiece of the golden age of Buddhist art in the Silla kingdom, centered in Gyeongju, which lasted for the first millennium and ruled most of the Korean Peninsula between the 7th and 9th centuries

Bulguksa is linked to the sacred Seokguram Grotto by a winding path.

I read that the Seokguram Grotto is a popular place to watch the sun rise over the distant sea. On that rainy day, there was no view, but I enjoyed even more the atmosphere created by the mist.

Fall foliage was past peak in Seoul, but on Nov 18th, it was still brilliant in Gyeongju.

Gyeongju is often referred to as “the museum without walls” because of the exceptionally large number of historical sites spread in and around.

Hundreds of them – ruined temples, stone statues, pagodas, and lanterns – are scattered on Mount Namsan, a mountain that was held sacred by the Silla people, and still continues to draw pilgrims – and hikers.

More images of Gyeongju.

1 | 2 | 3 | 4 | 5 | 6

The rest of the World Heritage sites are scattered around the country. My schedule was made possible by two factors. South Korea is a country of compact size – an hour by plane from north to south. The transportation infrastructure is very efficient and quite inexpensive.

In the morning, I took a high-speed train from Seoul to Deagu (South Korea’s fourth largest city) with free Wi-Fi on board. Upon arriving, I left my backpack at an automated locker – activated by fingerprint recognition.

After obtaining all the travel information at the tourist kiosk (the only place where one is sure to get questions answered in English) in front of the station, I hoped onto the Daegu subway.

Since I had a bit of extra time, I checked out the traditional medicine market which was on the way.

I went to the city terminal to catch a bus to a remote mountain outpost.

After a 2 km hike in the forest, I arrived at the Haeinsa Temple temple, one of the most important and remarkable in the country, around 3pm.

Haeinsa is one of the Three Jewel Temples (three principal Buddhist temples) of Korea and represents Dharma or the Buddha’s teachings (the two others represents the Buddha, and the sangha or Buddhist community). As such, Haeinsa is most noted for holding the Tripitaka Koreana, the whole of the Buddhist Scriptures carved onto 81,350 wooden printing blocks. The 14th century building holding the blocks at Haeinsa was so ingeniously designed that it surpassed modern preservation techniques. When test woodblocks were moved to a modern storage complex, they developed mildew, so the intended move was canceled and the woodblocks remained at Haeinsa.

I stayed until dark. In the solitude of the now deserted temple, the chants of the monks in the main hall were magical, but I had to be sure not to miss the last bus back to Daegu.

Despite the late hour, the main shopping areas of Daegu, where I went to look for dinner, were still busy. I had yet another Bibimbap, a signature Korean dish – and the only one suitable for a vegetarian.

I checked in a motel. Despite their name, those establishments have little in common with the motels in the US, besides maybe an affordable rate. My room had designer interior decor and lights (all remotely controlled), a huge flat screen TV, fridge, microwave, computer – fast connection, but no wifi, so much for Facetime – all for less than $50.

Motels are in fact “love hotels”. The bathroom had a huge bathtub which can easily accommodate two. A light which varied continuously in color illuminated the etching in the glass between the bathroom and the bedroom.

I got up before daybreak and took a long-distance bus to Andong. From there, after another local bus ride, I arrived in Hahoe Folk Village, a authentic traditional village dating back from the Joseon Dynasty in the 16th century.

Hahoe Folk Village is home to old architectural styles that have been lost elsewhere because of the rapid modernization in South Korea, including Aristocratic tile-roofed residences and thatched-roof servants homes.

Back to Andong, I boarded another bus to Gyeongju.

See more images of Haeinsa
See more images of Hahoe Folk Village

1 | 2 | 3 | 4 | 5 | 6

In what is shaping up as a series of posts about image internet sharing practices, I’ve explained why and how to watermark. In this piece, I will explain why I have chosen to share images at a modest resolution.

There are a number of factors to be considered when choosing an image size for displaying and sharing on the internet. The gamut of image sizes varies from large thumbnails to full-resolution files. Smaller images load faster, are more easily displayed and shared. Larger images offer more detail to see and can be used in a variety of ways, such as filling up entire large screens or producing printed materials. The downside of that versatility is an increased number of people using your image for free, possibly in an un-authorized way, instead of licensing the image or buying a print from you.

A popular school of thought advances that one should not worry about that risk, and go all the way to sharing full-resolution files, because the increased exposure that is brought by sharing those larger images will more than make up for the inevitable loss of revenue from people not acquiring those from you.

I personally think that the benefits of sharing at large sizes are largely exaggerated.

When it comes to “sharing”, what do people mostly do with images available on the internet ? They view them on web browser, occasionally upload them to other websites – which results in the same- or email them to others, in which case the image is viewed in a mail reader.

Although there is a larger variety of big screens on the market than ever before, in 2011 desktops accounted for only 27% (source) of US computer sales. Notebook screens are not large. This is confirmed by Google Analytics records of terragalleria.com visits in the past 30 days as seen below:

Not only most computer users use a notebook rather than a desktop, but also many people rely on a mobile device rather than a computer as their primary means to access the internet. Those come with screens that are even smaller than notebooks – although the “New iPad” and its breathen will change that. It will be interesting to see what kind of design is required for a photography site to look the best on the high-res tablets. As far as I can guess, most people who use a desktop 2000+x1600 screen do not open their browser windows full-screen, yet full-screen appears to be the only mode of operation of the iPad. Do you have an idea of how this will work out ?

The dimensions above are for screen sizes, but the browser window – the portion of screen real estate actually available to display your images – is quite a bit smaller, because of the operating system and browser’s tasks bars. To visualize browser window sizes aggregated over all Google visits (not just terragalleria.com visits), use Google Browser Size, an extremely valuable tool recently released by Google. For example, the “90%” contour means that 90% of people visiting Google have their browser window open to at least this size or larger. That’s surprisingly few vertical pixels.

On this screen capture, you can see that in spite of my modest image size (576×416 including the border and watermark) and very economical header, only 70% of users can see the image and caption without scrolling, and only 50% of users can see the “action buttons”.

For vertical images, this gets more tight – even though the height of my vertical images is less than the width of my horizontal images. Now only 70% of users can even see the entire image without scrolling, and only 50% of them can see the image and caption. Try it with your website !

The conclusion of this is that modest image sizes would seem to work better for most viewers. In the past ten years that terragalleria.com has been online, I have received numerous emails of appreciation, some even mentioning an eye-opening or life-changing experience – a few have also written in the guestbook how deeply they were moved. Apparently, the fact that my standard web image size is only 4%-10% of the original didn’t get that much in the way of their experience.

Despite them being a minority, I have large screen users covered as well, with a full screen slideshow which uses images designed to fill a 1680×1050 screen with a bit of navigation space. They will available in a non-slideshow display when I update my 10-year old website design. But that is larger than necessary. The Boston Globe has gained a wide acclaim and following for their Big Picture feature (so much that the Atlantic has poached its creator Alan Taylor to run In Focus). Both sites use 1000 pixel wide images. That’s big on the internet for you. The highly praised Google Plus lightbox (and its Facebook promptly deployed copy) displays images smaller than that.

The only reasons users would want bigger would not be for sharing, but rather personal use. The two primary uses I can see are making prints and displaying on a big screen (computer monitor or TV). In spite of some trying to dance around the subject, my opinion is that if you offer limited edition prints, out of respect for your collectors – not to mention laws – you cannot allow everyone to make their own prints. Some photographers may think that there is no market for computer wallpapers, and instead chose to give them freely, but there are quite a few companies that are in the business of selling screensavers. By just selling wallpaper image downloads, Ryan Bliss has been able to support his family for more than a decade.

I respect photographers who choose to grant free personal use of their high-resolution files, but I have the feeling that most of them do not support themselves primarily through the sale and licensing of their photographs. Despite the “free for all” culture, I think most people understand that it is reasonable for someone who does so to charge for higher-resolution files. Hence it is unnecessarily – and counterproductive if you are trying to make a living at it- to give them away.

What do you think ? What is your standard image size for sharing on the internet ?

1 | 2 | 3 | to be continued

When traveling to a country for the first time, I often select places to visit based on the UNESCO World Heritage list. The international program lists and helps preserve sites of outstanding cultural or natural importance to the common heritage of humanity. What makes it significant is that although listing of a site is approved by UNESCO, the sites are nominated by the countries themselves, so the list represent what each country views as their most valuable assets. I view it as an extension of the National Parks idea.

On this trip, I planned within 10 days to visit all 10 of the UNESCO World Heritage Sites in South Korea. There are 3 of them in Seoul and 2 within day-trip distance from Seoul. On the first day, I checked out Royal Tombs Of The Joseon Dynasty in the morning, and then Changdeokgung Palace Complex in the afternoon.

The next day, I spent some time in Bukchon Hanok, a village-like low-profile area of traditional houses, early in the morning, while waiting for the Jongmyo Shrine to open.

As I had spent lots of time watching the spectacle of change of the Gate Guard at Gyeongbokgung palace afterwards, I arrived at the Hwaseong Fortress only shortly before sunset.

Fortunately the fortress was illuminated at night, the whole path along it well lit. After walking it in freezing temperatures – made colder by the wind, I was glad to warm up in the hour and half train ride to Seoul.

The third day didn’t go so well, as I missed the dolmen sites on Ganghwa-Do island. I tried to find the express bus station as indicated on the Lonely Planet book, but nothing was there. Locals were friendly and tried to help. One shopkeeper went on the internet to get directions. But as most of them didn’t speak English, I kept being sent from one address to another without understanding why. Eventually, tired and frustrated of going in circles, I boarded a taxi, hoping that the driver would be able to get more information than I did after I showed him the words “Ganghwa-Do bus”. He did not speak English, but after more circling around, traffic jams, and many calls, he connected me to a help line where they explained that the express bus service had recently been discontinued and the old terminal demolished. Things change fast ! They suggested alternative – the slower buses the locals have been trying to steer me to – but by then I thought it was too late in the day for such a long trip. For my last evening in Seoul I decided instead to climb the sacred shamanistic Inwangsan mountain, and start early the next day to have plenty of time to visit a remote temple, in mountains hundreds of kilometers away from Seoul.

1 | 2 | 3 | 4 | 5 | 6

Maybe my previous post in which I explain why I use watermarks has confirmed or convinced you of their relevance for you ? In this post, I’ll look at the components of my own watermarks, and their function.

My watermark has four elements:

A valid copyright notice It used to be that to receive copyright protection in the United States, you needed a valid copyright notice. Since joining the Berne convention (1989), this is no longer the case: all photographs are automatically copyrighted at time of creation. In spite of that, displaying a copyright notice still provides you with legal benefits. Not any notice will do. In the US, the valid format of a notice is strictly defined by the US Copyright office. You need all of the following elements:

• The word “Copyright” (abbreviation “Copr.”) or the copyright symbol &#169. Note in particular that (C) (C between parenthesis) is not valid. Many folks are not aware that photographs published on the web are copyrighted works. That’s a useful reminder for them.
• The year of first publication of the copyrighted work, not the year of creation or registration. What is considered “published” for legal purposes is rather ambiguous. In general, putting up the image on the web is publication. If the image is offered for sale – as is always the case on terragalleria.com, it is definitively published.
• Identification of the owner of copyright

Website URL Once you release an image on the web, you loose control over where it will appear. Many sites – search engines, Pinterest, etc.. – display images outside of their initial context. Having the URL of your website provides a measure of branding and allows a potential user to come back to your site for more, and, in the most favorable cases, to purchase the image from you.

Photo ID # People and social media sites often resave images under a different name, or incorporate them in documents. If you have a lot of images, a Photo ID let you reference the image easily, again independently from the context in which it appears.

A border For web images, my preference is to write the watermark in a border frame rather than on the image itself. Fine art prints are usually presented with a matte, and signed either on a reveal or on the matte rather than in the image area. This way, the integrity of the image itself is not compromised and the legibility of the watermark does not depend on the image content. I also feel that the border enhances the image: it can bring the colors and contrasts out, get the eye get drawn further into the image, give more depth. More importantly, the border helps separate the image from the background. It is true that a border watermark is more easily removed than an image watermark. However, most people will not even try, and those who do incriminate themselves in the process.

How to actually create the watermark ? While all the common image editing programs such as Photoshop or Lightroom can be used to good effect, I personally use the free Imagemagick. As it is a command-line program, I can incorporate it into a script which manages all the different versions of the image on my website. This is a very powerful (and therefore complex) piece of software, so I won’t try to explain how to use it. Instead, here is the piece of code which is used to create the web image displayed above:

convert -interlace NONE -comment copyright 2007 Quang-Tuan Luong, all rights reserved. This image from http://www.terragalleria.com/photo/?ref=yose40017 -profile /Library/ColorSync/profiles/sRGB.icc -unsharp 1x2+1+.10 -quality 85 -border 13x13 -bordercolor black -fill grey -font @/Users/luong/Library/Fonts/ttf/TAHOMABD.TTF -pointsize 10 -draw text 13,390 "©" -draw text 51,390 "QT Luong / terragalleria.com" -pointsize 8 -draw text 25,390 "2007" -pointsize 9 -draw text 501,390 #yose40017 /tmp/master_image.ppm /Users/luong/Sites/local/images/np-pacific/yose40017.jpeg

If the above looks like gibberish to you, you can harness the power of ImageMagick to produce the same output entirely within Adobe Lightroom thanks to the LR Mogrify 2 pluggin.

My watermark format has been almost unchanged since the late 90s, except that initially I didn’t have the publication year nor the photo ID. Then I learned that the year was necessary for a valid notice. One day an art consultant sent me a PDF with dozens of my images, that I scrambled to identify. I was glad I had added the information when later a book publisher did the same with more than a hundred files.

Is there any information missing in your watermarks ? Do you use a border or do you watermark in the image ? Why ?

1 | 2 | 3

Last fall, before I traveled to Vietnam for a family visit, I noticed that most flights had connections in Seoul. Thanks to my wife and sister-in-law influences, I’ve watched a few 15-episode Korean TV dramas, but I’d never been in the country, so I was curious to check it out.

While on the Asiana (excellent service, Star Alliance) plane from Ho Chi Minh City, I browsed through the Lonely Planet guidebook and chose the Inn Daewon for its location and character – it is a hanok-style hostel (hanok are traditional houses). After picking up my luggage at the super-efficient Incheon international airport, I called the hostel to reserve a spot using my iPod Touch and free WiFi, then headed towards the help desk to get directions. The lady helpfully wrote down the shuttle number and I was on my way.

After a ride of about an hour – less than $10, individual TV screens – , the shuttle dropped me on the street. I was just a few blocks away from the hostel, but it was difficult to locate. Fortunately, despite the late hour (close to 11pm), the streets were still bustling with activity. I asked a local vendor, by showing him the guidebook, which has Korean script for all destinations, and although he didn’t speak English – like most people in Korea – he was kind enough to walk me half a block towards the right direction. The hostel owner was friendly, like the guidebook mentioned. He showed me with much gesticulations and sign language how to help myself to breakfast. Since there were no private rooms ($27) available that night, I settled for a spot in a dorm ($13). Generally speaking, I was surprised at the low cost of travel in South Korea. It was the lowest I’ve seen in all the developed countries I’ve visited – South Korea is a fully developed country, with an infrastructure often superior to the US.

This was going to be a quick trip of just 10 days with travel along the whole length of the country, so my time between visiting architectural sites – my main objectives – was limited. Along the way, I witnessed some slices of life in the city.

Cheonggyecheon is a stream running through downtown Seoul. Following the Korean War, it became filled with waste and was then covered with concrete and an elevated highway. In 2003, a project was initiated to bring nature back to Seoul and to promote a more eco-friendly urban design. The restoration of the stream was a great success as the Cheonggyecheon quays are filled with strolling people every time of the day.

Pensioners play Go in a public square. Go has been played for more than 2,000 years. Despite its extremely simple elements – a square grid, white and black stones – Go is possibly the most complex of board games. While a computer chess program running on a laptop has defeated the world champion in a match, computer go programs are still far from reaching professional levels of play. That was the first time I saw the game played in the street. When I played a bit of Go in my youth, it wasn’t easy to find partners.

South Korea has been a democracy only for a relatively short period of time. Seoul was the seat of the Joseon dynasty, one of several kingdoms that dominated the peninsula over time. Part of an effort to preserve history and culture, in front of the Gyeongbokgung Palace, the changing of the guard offers a lively pagentry which do not have anything to envy to the ceremony at the Buckingham Palace.

On a busy pedestrian alley lined up with glitzy modern stores and neon signs, shoppers line up at street stalls to buy traditional foods.

On a freezing night, a couple walks down the 1000 feet high stairs of Namsan Mountain, a hot dating place where I’ve seen more young couples together than anywhere else in the world.

On the sacred Inwangsan Mountain, shamanism – the belief that shamans are messengers between the human world and the spirit worlds – continues at the site of Seon-bawi, a Dali-esque outcrop of rocks. Wearing a thick parka, a young woman sits in prayer for a long time.

More pictures of Seoul, South Korea

1 | 2 | 3 | 4 | 5 | 6

Watermarks are often the subject of passionate debates amongst photographers. In this write-up, I am explaining my preferences, from the point of view of a modest photographer who derives almost the totality of his income from licensing and selling of images, in the hopes that it would be useful to those who try to go this path. For me, watermarks are not a philosophical matter. They are simply a good business practice.

Rather than writing from scratch, I though it would be more informative to write this as a reply to Trey Ratcliff’s popular post Why I don’t use watermarks. Let me preface this by saying that although I disagree with his points, I have tremendous respect for Trey’s art as well as his business savvy. I’ve chosen to react on his post (bold) because he is such a high-profile proponent of the “no watermark” approach, and his arguments make a such a well reasoned case for the opposite view – so that you can see both sides.

Why I Don’t use Watermarks

I get this question a lot, and I know it came up in the live hangout last night. I know my opinion is different than many other photographers, and that is okay.

It’s okay for Trey to explain what works for him. However Trey’s position is also different from many other photographers. He is a kind of “celebrity”, who has such recognizable artwork and numerous followers that he doesn’t need watermarks for recognition or protection. Although he doesn’t present his statements as recommendations, because of his influence, some are tempted to read them as such. Witness the number of comments to the tune of “until recently I used watermarks but after listening to Trey I dropped them”.

As you may know, my work is all Creative Commons Non-Commercial. That means people, as long as they give credit and link back to http://www.StuckInCustoms.com , can use my images on their blogs, wallpaper, personal use -anything – as long as it is not used commercially.

There are many misconceptions about “Creative Commons” (CC), including that it is a “new” thing which is an alternative to copyright. It’s not. I’ve encouraged personal use of my images many years before CC was officially created. You don’t need CC to specify how you want your images to be used. CC works well for many intellectual endeavors, but it is a cookie-cutter approach to stating “terms of use” which doesn’t apply very well to photography (that would be a topic worth several posts alone). I share my images in the same spirit as CC, but I prefer to make the decisions on who uses my images on my own terms. There are many more undesirable consequences of CC, but for an easy example, I’d rather not have my images used for free by some non-profit whose cause I disapprove and whose executive director makes a six figure salary. On the other hand, there may be some “branding” advantages with CC that I am investigating.

Every day, I upload a HUGE 6000+ pixel max-resolution image to the Internet. I do not have any fear at all – Believe me, it’s quite liberating living in a world without internet-stealth-fear.

I live in a nice neighborhood of San Jose, CA, the safest of the large US cities, yet when I go to sleep or leave the house, I lock the door. I don’t think it means that I live in fear. Like you all take common sense steps to protect your other possessions, if you are a professional or semi-professional photographer, it is just common sense to take some steps to protect your digital assets in the wild west of the internet.

Since I offer paid subscriptions that let members download higher resolution images as wallpaper, I don’t think it would make sense to offer free higher resolution images to everybody. Similarly, since I sell limited edition prints, I do not think it is appropriate to provide free high resolution files for anyone to make a print. Apparently, despite all the talk about “Creative Commons”, maybe because he sells prints – limited edition, no less – Trey discourages people from making prints made for their private homes by stating “Sample Use Requiring a License to Copyright: License to create an individual print for use in a private home” – although this is quite close to fair use territory ! I actually do not have such issues, and have for years explicitly listed personal print-making as a permitted use, so maybe I have less fear than it seems.

Last but not least, watermarking is not so much about fear and preventing “theft” than it is about advertising your name, and making sure your name remains attached to the image even when you do not have control of the contexts in which your image is used.

People that want to license our images regularly contact our licensing team – we get many of these every day of the week.

Yes, but people who don’t know that an image should be licensed wouldn’t contact you. They’d just use the image. Sure, professional image buyers know better, but it’s been argued (for instance by Dan Heller) that they don’t make up the majority of the market anymore. On the other hand, professional image buyers often seek exclusivity for the most expensive licenses, and it’s difficult to make a case that an un-watermarked, full-res image is exclusive… It’s great that Trey is doing so well that he can ignore the lost business, but that’s not the case for most artists.

So why don’t I use watermarks? It’s a multi-part philosophy – 1) Watermarks look ugly. Whenever I look at a photo with a watermark, often times, ALL I can think about is that watermark! It’s so distracting. Maybe this is just me.

This is purely a matter of personal preference. Some may even find them beautiful. Keep in mind that photographers – who are the ones vocal against watermarks – do not look at images the same way as other people, often concentrating on technical details rather than contents.

Personally, I find watermarks in the image area perfectly acceptable if tastefully executed, which mostly means small, in the periphery of the image, and low contrast. Before the rise of the internet, the primarily means for dissemination of photographs were magazines. Have you seen many images reproduced as double spreads with no text super-imposed ? Most painters sign on the canvas. Do you find that their signatures ruin their paintings ?

What I prefer to do is to put the watermarks in a border surrounding the image – I call that a “signature” rather than a watermark, but let’s lump they together to keep things easy. The image area stays free of text. The frame arguably enhances the image in several ways: it can bring the colors and contrasts out, get the eye get drawn further into the image, give more depth. More importantly, the frame helps separate the image from the background, which in case of an uncontrolled webpage can be messy. For instance, it prevents whites in the image from blending with a white page. There must be a reason whey the traditional way to present a print is with a matte and a frame. There also must be a reason why most fine art prints are signed. If your prints are hung unsigned in a show, there is a pretty good chance that there will be a sign identifying you as the author.

2) Legitimate companies do not steal images to use commercially. So I don’t have any logical fear there. *In case of emergency, break glass and see #4

It is well documented that many large US companies have infringed copyrights. In other countries copyright laws are even much less strict and remedies not readily available (the motivation for a recently discredited law proposal). I have found quite a few US law firms that use my images in an unauthorized way (half a dozen of them used the same image !). Lawyers are the last persons who can claim not to know about copyright law, yet the fact that they’ve infringed copyrights do not make their businesses illegitimate.

Besides, there are many people who don’t know about licensing and copyrights, who assume that everything on the internet is for the taking (“information wants to be free”) or that anything that does not bear a copyright sign is not copyrighted. Some of those people work at legitimate companies. Mistakes happen all the time.

3) There are other services, like Tineye (and Google) that can help my team easily find bottom-feeders.

When a single image is used on hundreds of sites, like some of mine, and even more so Trey’s, it takes a lot time to separate “bottom-feeders” from legitimate users. Trey has stated that he has a team of ten people working for him, but an individual artist might prefer not to spend his time on those kind of pursuits – you’d be surprised at how rude some of the copyright infringers are.

4) We do register our images with the copyright office, so if someone uses an image commercially without a proper license, it is an easy lawsuit.

Registration is useful only in the US. In the US, it may be easy but if the image was properly watermarked, it will be much easier. First, one of the key factors in a copyright infringement lawsuit is to establish that the infringement is willful, as this opens to door to much higher penalties. Not any watermark will do (more on that in a future post), but if your image had a proper copyright mark, the fact that the infringer removes it makes the infringement automatically willful. It is much easier to claim innocent infringement if the image had no copyright mark. Second, removal of the identifying information is a DMCA violation, which in itself is a serious offense.

5) I don’t have to maintain two versions of each image – one with a watermark and one without.

Neither do I. My CMS (content management system) does it for me. On the terragalleria.com site, I already have 9 versions of each image: small thumbnail for search results, large thumbnail for index pages, 550 pix image for normal display, 1000 pix image for enhanced display, plus 4 different sizes of wallpaper images – I plan to add more soon -, full resolution. Trey has 7 sizes. Do you really think it’s a big deal to have one more version ?

6) NOT using watermarks and using creative commons helps more and more people to use your image freely for fun, which increases traffic and builds something I call “internet-trust.”

It would be nice if each time someone uses your image on the web, they credited it and linked to your site next to the image as required by Creative Commons. Unfortunately, that’s not how the real world works. In the real world, many images are used without credit. In the real world, once the image appears uncredited, others copy it without regard for the Creative Commons requirements, since they are not attached to the image. When this happens, if someone stumbles upon your image and likes it, there is no obvious way for them to even contact you (not everybody is aware of reverse image search).

Even if you are not trying to sell your images, wouldn’t it be nice to see your name mentioned each time your image is used ? If it went “viral” ? It’s great to have millions of views, but if your association with the image is lost, what good does it for you ? The only practical way to ensure that association is to have your name on the image. Of course, watermarks can be removed, even more easily when they are in a border. But even though you may omit an attribution notice in good faith (esp. if you found the image with none), you don’t remove a watermark with a copyright sign in good faith. I do trust the vast majority of people to be honest.

What about non-web uses ? I’d submit that for people who gather photos for fun, the watermark is useful as a reminder of where they got it (and can get more).

7) As image search and image recognition get better and better, there will be no need to watermark things. In 1 year+, we’ll be able to r-click an image and choose “Google-find the original creator” — there is a bit trail to first-on-the-internet.

Actually Picscout already offers a similar service – although not for free to the image owners. However, do you think that the average image user – even in good faith – would bother ? You don’t want users to have to look for your brand. It should be obvious. Why do all other brands on the planet put their names prominently on their products ?

8)Yes, last, there will be bottom-feeders that steal your stuff. I call this the cost of doing business on the internet. These are the Tic-Tacs that are stolen from the 7-11. It is impossible to maintain 100% of your digital inventory, so wanting “perfection” in your online strategy is an illusion.

A study by Picscout has shown that 90% of image uses on the web are un-authorized. If the rate of shoplifting was that high at 7-11, I think they’d take some action.

Watermarking is an effective solution. There are quite a few of people who don’t know how to remove the watermark – however easy it may seem to a photographer, so they will contact us to get an unwatermarked version. For those who do, the watermark acts as a useful reminder that the image is copyrighted. Last, for those who go ahead anyways, I do not harbor any ill-feelings or animosity towards them. I do not call them names, nor does my attorney. If I determine that their use of the image is egregiously commercial, I just try to make them pay. For that the watermark helps as explained in #4. There is no need to get emotional about copyright infringement – or watermarks. It’s just business.

The reality is that it is very difficult to have a good business selling digital media if you are not willing to have a strategy to protect your work. I believe that watermarking should be part of that strategy. Do you agree with me ?

1 | 2 | 3

Here’s something a bit different from what I usually post: an advertising photo shoot with models and lights. Although in the past I haven’t actively sought assignments (not even mentioning my availability for them), I was still occasionally contacted to create commissioned images. In this case, what led to the job was my great familiarity with the Stanford University campus.

You probably know me for my landscape images, but as a photographer I enjoy the challenge of being versatile and reasonably proficient in all aspects of the craft. It’s like when you go to graduate school, you end up doing extremely specialized research in a sub-sub-sub area of a discipline, but you still have to demonstrate an understanding of your whole discipline so that you can see the whole picture and benefit from cross-fertilization of ideas. Besides travel and adventure situations, I actually photograph people quite a bit. Often those people are my family, and so far I haven’t released those images to the public (maybe one day…).

Those images were shot for a local bank’s advertising campaign at several locations, including a bank branch and various places on the Stanford campus. On advertising shots, many people (in this case the art director and models) need to be present. This generally leads to strict time constraints. I normally prefer to photograph using natural light, but because the shot had to take place in a single day, I sometimes had to work in difficult lighting rather than picking the conditions. This meant that it would be necessary to use supplementary lights. Because I had to work fast, I relied on small flashes and the Canon wireless TTL system. Although I could have done the job by myself with light stands, having my assistant to hold one of the lights on a pole significantly sped up the sessions. In the end, I delivered a final edit of more than a hundred images (out of about a thousand usable and processed images) encompassing more than twenty different set-ups.

Do you see something in common between this shot and the rest of my work ?

Although they are not as tall as the coastal redwoods, the giant sequoia trees still reach impressively into the sky. I found it difficult to convey the sense of cosmic height in daylight images. The usually blue sky isn’t visually that interesting, there are almost always harsh shadows or dappled light on a part of the trunks, and it is difficult to avoid visual clutter when trying to include the entire tree. I’ve come to prefer night photographs, because they do not suffer from those shortcomings. Do you agree ? Here are some variations on this theme, from two trips to Kings Canyon National Park last year. All images were photographed on Canon EOS 5D mk2 with 24/1.4 II lens, except last one.

Image 1. Shot using only natural light from the moon, this required careful planning to find a well-lit tree, as a balanced exposure. ISO 800, f2.8 4min.

Image 2. Light painted with a flashlight. Thanks to the spot lighting, the tree (General Grant), which is depicted almost entirely, is better separated from the surrounding forest than in a daylight shot. Beyond ISO 1600 noise becomes objectionable to me on the 5Dmk2. Beyond 30s star streaking is more noticeable, so ISO 1600, f1.4 30s.

Image 3. This is a closer angle on the General Grant tree, pointing more upwards. I used less even lighting, shining the light on some areas more than others, and emphasized the leaves. ISO 1600, f1.4 30s.

Image 4. This unnamed tree was lighted more laterally, providing more texture for the trunk. I lighted from the right so that the left side would be shaded in order to add contrast with the bright celestial body. ISO 1600, f1.4 30s.

Image 5. Looking for a more complex subject, I included a group of three sequoia trees. More neutral filtration results here in colors closer to moonlight. ISO 1600, f1.4 30s.

Image 6. I found a tree with an impressive opening (caused by fire) at the base. To make the opening more prominent, as well as including a sliver of sky in the opening, I had to get closer to the tree, therefore using a wider lens (zoom set at 19mm). Because the f1.4 aperture is not available on that lens, the exposure is much longer, resulting in short star streaks instead of point stars. ISO 1600. f4 4min.

(if you don’t see the poll question, please vote here for your favorite)

Do you find the light-painted images artificial, or is using lighting in nature photography fair game, like in most other areas of photography ?

More night photos of Sequoias