About Me

I ramble about a number of things - but travel experiences, movies and music feature prominently. See my label cloud for a better idea. All comnments and opinions on this blog are my own, and do not in any way reflect the opinions/position of my employer (past/current/future).

09 June 2012

iOS Security

iOS's sandbox approach, and the tight control over the access to the sandbox has meant that iOS has experienced lower number of exploits when compared to other mobile operating systems. But the security design of iOS is far more interesting than just the sandbox and the AppStore. A detailed document on iOS security provides interesting reading on how different data types are handled, including some nifty key management techniques. This is not to say that there are no vulnerabilities in the design; or that the security solution adopted is perfect - but it is good to see how much thought has been put in the design. 
 Another interesting byproduct of the Apple approach of managing the entire ecosystem, is how well the security design covers the end-to-end system - from the hardware, to the OS, to the application sandboxing to the app-store. One can achieve the same with Android, but I believe that it will take a lot more customisation of Android to achieve that - similar to what Amazon has done with the Kindle Fire.

03 June 2012

Stuxnet and Cyberwar

The NYTimes has an incredibly detailed analysis of the development of Stuxnet and the cyberwar by the US and Israel against Iran. From the very early analysis of Stuxnet, it was always suspected that a nation-state was behind Stuxnet - but other analysis did not propose such a full scale operation. With the recent revelation of "Flame", it seems that the cyberwar has been escalated a few notches.

It is interesting that cyberwar, (the ones that are known at least) so far has been largely deployed by larger countries against smaller rivals - rivals that would most likely loose a physical war. There was the Russian attacks against Estonia and Georgia and now this. Stuxnet and Flame however are far more impressive technically - while the other two were mostly DDOS attacks. 

Magnificent Beethoven - JPO's 2nd 2012 Season 4th Concert

I haven't been to the JPO for a number of months, mostly due to time constraints. There are a few Sunday concerts every season at the intimate ZK Matthews Hall at the UNISA campus in Pretoria, which are never full, so it was great for a last minute decision. South African Gerard Korsten was the conductor, with two JPO members, Phillip Coetzee and Vladamir Ivanov (clarinet and viola respectively) the soloists.

The first piece of the afternoon was Schubert's Overture to Rosamunde. The music, part of a series for a play (described in the program as a dismal failure), starts of in a dramatic style remnant of a thriller movie. Halfway through it changes to a more jolly and happy piece, a change which is rather abrupt and a lot less interesting.

Bruch's Concerto for the Viola, Clarinet and Orchestra was unique for a number of years (Google search shows a 2008 composition). The viola and clarinet sound very different, but the piece is very interesting. I particularly liked the 1st and 3rd movements, both of which had strong solo parts that linked to each other - the 2nd movement was rather dull in my opinion.

The highlight of the afternoon, was definitely Beethoven's 7th Symphony. The performance was magnificent, thoroughly deserving the standing applause at the end of the performance. It is a very enjoyable piece, and very apt for a Sunday afternoon.