About Me

I ramble about a number of things - but travel experiences, movies and music feature prominently. See my label cloud for a better idea. All comnments and opinions on this blog are my own, and do not in any way reflect the opinions/position of my employer (past/current/future).

09 November 2006

Movie: Kekxili - Mountain Patrol

First and formost - this movie is set in Tibet, so the landscapes are amazing; but that does not really distract from an amazing story; about a couple of people, risking everything to hunt down poachers of the endangered Tibetan Antelope. It is based on a true story, and is told in a documentary style; which makes the movie an even more harrowing tale, focussing on various angles of the situation - the poor vilagers who are almost "forced" into poaching, how patrolmen's lives are affected by their actions; and even how they have to make really, really dificult moral judgement calls. It is not a hollywood movie - so do not expect a fairytale ending; but it is one of the most impressive movies I have seen, and one of the most moving.

Movie: The Devil Wears Prada

It was billed as a darkish comedy, something different from the ordinary. Unfortunately, it was nothing special ... just a twist of an usual storyline ... girl (aspiring journalist) applies for job as a PA to a fashion editor, gets the boss from hell, refuses to quit and adapts, thus becoming a "different" person ... you get the idea. It was funny - only because of the number of outrageous tasks set by the boss .. like finding the new Harry Potter. A few laughs, but nothing special really.

Movie: Cars

Yet more reviews courtesy of the Virgin in-flight entertainment system.

Not much can be said in addition to what has already been written about the Disney-Pixar movie. It is a simple, predictible story, with the traditional Disney moral for the kids; but it is so much fun, and so well animated - it is weel worth watching. And if you like cars, you will appreciate the differences in the characters as represented by the different cars.

08 November 2006

The Scottish Highlands (a phlog)

Yesterday, Eric had to go to work (yes some people do work), and I decided that a trip to the Highlands would be a nice idea. It was quite expensive (30 Pounds!), but the weather was good (i.e. no rain) and in the end, a great trip really. On the whole, I learnt two main things about Scotland: 1) It is a beautiful part of the world, and it would be great to do a similar trip on a slower pace. 2) There have been a number of rather violent people who have wanted this beauty, and have killed mercilessly towards this purpose. In fact, the major "people" highlights of the tour centred around wars and battles.

In my past trips (for the last 3 years anyway), I have never done city tours or paid guided tours (mainly because of the expense). These have one real advantage - you get to hear a lot more about the history and stories that come with the place. Stories and facts that are well arranged and well told ... a very nice complete package. Anyway, enough mindless mumbo jumbo ... and onto the pics
A highlands cow ... damn these things are big

The first loch we stopped at
Same loch, higher up
Route through the mountains
The highlands reminded me of almost every story I had read by British authors, with a number of rivers, small forests - just no wildlife
Urquhart Castle
Searching for Nessie at Loch Ness
Urquhart Castle (from Loch Ness)
Nessie Explained?

07 November 2006

Reflections: ACM CCS 2006 and ACM STC 2006

I had been meaning to do a review earlier, but I have been busy exploring Scotland instead (and proof reading Honours Project reports) :p

To be honest, the program for the main ACM CCS 2006 was not very exciting; mainly because there was too much focus on cryptography, and less on security of systems in general. Also, I ended up at times choosing the wrong sessions - I went to a tutorial on Digital Forensics, where I learnt nothing new; and was a horrible presentation; and I later heard that the alternate, intrusion detection research papers, was quite good. Similarly, the paper sessions on Thursday turned out to be quite dreary; while I heard great reviews on the tutorials ... oh well.

The keynote talk, by Peter Neumann, while interesting at parts, was largely inconsequential - as he was effectively talking to the converted. His talk centred around software design that does not take account of the full scenario - and thus leads to security pitfalls. This has to do with a lot of things, including bad design principles and off course the lack of software liability.

The most interesting paper on Day 1, was "Hot or Not: Revealing Hidden Services by their Clock Skew", which investigated the potential of revealing a person's geographical location by studying his/her clock skew due to temperature fluctuations. It was a fun discussion; although maybe not very applicable.

Day 2 had a couple of interesting papers, mainly dealing with privacy. "Doppelganger: Better Browser Privacy Without the Bother", discussed a new cookie management system using Firefox extension. Not recommended for UCT though - requires quite a bit of bandwidth to work :p The very next paper, "Fourth-Factor Authentication: Somebody You Know", was also an interesting idea, discussing how to manage password retrievals in a more secure manner.

The paper in the session after lunch, "How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication", featured a brilliant presentation, and the content was interesting, but I don't think it will be easy to implement such a system in real life. The last session featured various attacks, and these were, as always, very interesting; including a discussion on botnets created through browser exploits, a discussion of 1-time pad problems in current software and a paper on short attacks through keyboard emanations - not as effective as last year's paper, but more useful for short attacks. Day 3 featured interesting papers but I wasn't really bowled over by any of them.

The Scalable Trusted Computing Workshop, on Friday was quite interesting - although the papers focussed more on "scalable" aspect. I learnt a lot more about the Trusted Computing Group, and even made some interesting contacts, so it was good from that point of view.

The highlight of the conference though, was probably, meeting Michael Schroeder (of Needham-Schroeder fame), who was being honoured by SIGSAC for his contributions to computer security. When we were talking, he mentioned reading about mobile banking in South Africa in the Economist, and he was very interested in the results of the honours mobile banking project. So, if we reference his paper, I am sure it is already one step to publishing (and the honours guys haven't even officially finished)!