djm's scribble

You know when you have been slack in updating your weblog when your wife starts sending you reminders. The last few months seemed relatively uneventful, but upon reflection they have been quite busy. The last 24 hours have been pretty terrible, with the atrocity in Spain and, closer to home, my uncle in law being hospitalised with serious burns from a farm accident. With typical grim hospital humor, we ran into some of our friends at the reception, needing attention for a seriously bruised foot.

These same friends were married just over one month ago. It was a very flash wedding and we continued the party by occupying the bridal hotel suite until about 6am.

Another two-month weblog hole yawns behind me, offering testament to my ongoing inability to keep this thing regularly updated. Much of this period has seen my wife and I madly preparing for the maul that is Xmas and New Year’s. In addition to the usual crush of family gatherings, with concomitant eating and drinking to excess we decided that we should host a New Year’s Party. This naturally required some massive garden upgrades and a massive cleanup. My wife did most of the cleanup during her week off and we both slaved in the garden during every free moment. My father in-law also donated his time, effort and wisdom to install as spiffy drip-watering system, which will minimise our water use and provide our plants a reasonable chance of living out the summer. After much pain and a fair bit of money spent, our garden looks very nice indeed. For two people who used to refer to the line of dying pot plants near the front door as “death row”, it is very strange to have a living garden.

Our other big domestic news was the purchase of a fine dishwasher. Between this piece of essential technology and our agreed marital issue resolution technique, married life has never been better.

Unfortunately I have had to work through the so-called holiday season, taking only the public holidays off. This is just as well, as I haven’t accrued any annual leave in my new job yet, and I would prefer the money to the time off right now. Still, the weather has been so nice and hot…

Despite being so busy, I have managed to get my syslogd hack into OpenBSD - the change isn’t huge, but fiddling with something as ubiquitous and essential as syslogd shouldn’t be done lightly. The version that ended up being committed was a lot cleaner than my early hacks, thanks the urging of deraadt@. The culture of review that the OpenBSD project has built is very impressive. The output from such a review process is IMO superior (in quality and dependability) to other open-source models and all of the commercial practices that I have been exposed to, because it assures personal accountability, pooling of wisdom and careful inspection of changes. It would be expensive to replicate this in a commercial environment, where the temptation is always going to be to get the new code in the tree and polish it in situ (which probably won’t happen).

I have seen a bunch of movies since I last wrote, so I’ll be brief: John Q - Frustrating film about the apparently terrible state of public health-care in the USA. It was annoying because of its simplistic and one-sided treatment of the issue and its use of the characters as simple marionettes to spout its ideology, with about as much literary subtlety as Ayn Rand. It probably would have been far, far worse if I wasn’t sympathetic to the viewpoint. 6/10.

Russian Ark - Technically amazing film dramatising the last few hundred years of Russian history in a single 180-minute shot. Almost all of the historical references passed me (in my ignorance) by, but based on the fact that I noticed their presence, I suspect that they were really obvious. Demanding, but worth it. 8/10.

Lord of the Rings: Return of the King - an excessively long and morally troubling film. Dropping Christopher Lee was a mistake, he was an excellent villain - which the film lacked (Sauron not being tangible enough). The pacing of the film was poor, with many scenes lasting too long. The ending was exceptionally slow and painful, giving me enough time to realise that I had established no empathy for the characters at all. This was not surprising, as Tolkien never really got inside their heads enough to illuminate their motivations - Jackson did a little better, but not enough. Nowhere was this more apparent than the depiction of the good vs evil forces, who were utterly two dimensional: the evil did evil deeds because they were evil, no motivation or justification required. I suppose this simple, tautological moral clarity fits these times perfectly. The lofty production values were seriously let down by the obviously plastic elf and hobbit ears - more in line with what I’d expect to see at a Star Trek convention than as multi-million dollar blockbuster. On the other hand it was visually gorgeous, further attesting to the increasing maturity of digital cinema. Reflecting on the trilogy, The first film was easily the best, due to its good story-telling. The second film was the worst, with the boring and drawn-out battle scene ruining the narrative. This last film was an acceptable, but not stellar conclusion. 7/10.

Computers
Cool, my little Soekris Net4501 boxes arrived today. With these, I’ll be able to eliminate a few more noisy computers from my home and do some interesting hacking. I have had a chance to do a little more hacking lately - a nice hack to add memory buffer log support to OpenBSD syslogd (like Cisco buffered logging), improving pfflowd ahead of new releases soon, acquainting mysqlf with the kernel side of the BSD network stack and a trickle of OpenSSH work.

Movies - Lantana
Saw Lantana with my wife. Ouch - this movie is fairly depressing, despite the ray-of-hope it presents at the very end. Excellent story and good acting, though the denouement was a little unsatisfying (I suspect this was intentional). 8/10

Movies - Matrix Revolutions
I saw this on the big screen last night. Being prepared by a number of bad reviews, I was pleasantly surprised - it wasn’t _that_ bad, and was certainly better than the second installment. I largely agree with this analysis of why the sequels failed to live up to the promise of the original film. By discarding the centrality of the Matrix from the sequels, the writers denied themselves a very fertile milieu. Some of the Animatrix shorts focussed on this subject and, consequently, were the most interesting (excepting the vastly more imaginative “Matriculated” short). At least Matrix Revolutions didn’t have as many annoying speeches (not quite true, the speeches were more annoying, but *much* shorter). The final fight between Neo and Smith was agonisingly predictable in both execution and resolution. The ending was particularly lame, with the obligatory “in” for further sequels. Some of the fight scenes were reasonably tense, but the interspersed dialog really detracted from the mood. 6.5/10 - mainly for the funny Hellfire club scene.

I am exhausted, both physically and mentally after spending the weekend doing hard labour (ripping up concrete, digging up clay soil) and a fair bit of coding (OpenSSH patches and memory buffer support for syslogd). Fortunately tomorrow is a public holiday. The garden is slowly taking shape - I have pulled up a 1/2 meter strip of concrete up the side of our driveway and excavated to around 30cm for its 6m length. We’ll backfill this with topsoil and manure (which I have just discovered can be delivered premixed) and plant some top-rooted trees and ground cover plants. The back yard is coming along too, all the garden beds are now edged with either bricks or rough-hewn bluestone, manured and mulched with pea-straw. We should get round to planting next weekend (finally).

Life
My madly busy life continues apace. Fortunately my wife has finished school for the year, so at least one of us will be calm. Some friends of ours have bought a house near us, so I’m looking forward to them moving in.

Movies
Re-watched Matrix Reloaded last week. That movie really was saved by the car chase sequence. Much better was Le Cercle Rouge, a very classy 1970 crime movie starring Alain Delon. It touches a number of sub-genres - betrayal, mob, heist, chase without becoming captive to any of them. It includes the best burgulary scene I have seen in a film, a sub-genre which has been done untold violence in recent years. On top of this cool script and crafted mis en scene is a very classy and subtle Jazz score.

Life
The last month has been horrendous. Not one, but two OpenSSH vulnerabilities in the space of a week, resulting in three rapid fire releases and a lot of late nights for me and the other developers. The latter vulnerability was particularly embarrassing, as it was code that I reviewed and imported. The fact that it had a number of bugs, including one absolutely obvious and critical one escaped my attention. This resulted in the first portable OpenSSH-specific security problem. These releases are made even less pleasant by the legion of howling trolls and posers who crawl out from under their respective rocks whenever security problems are found in OpenSSH. At least they thicken the skin.

Added to the late nights and stress from OpenSSH issues was a job that is rapidly becoming much more busy. This is good, as I prefer to be busy than left twiddling my fingers, but it is still an adjustment. Anyway, I am learning much and generally enjoying the experience. As I said to a friend “as a professional software developer, I was responsible for creating problems. Now, as a consultant, I solve them!” While this isn’t true from an objective, it sure felt like it at the time :)

Home
The home renovations are slowly and steadily progressing. I thought that chopping down trees was painful, but that is easy going compared to digging their roots out or breaking up and removing concrete. The satisfaction gained from a day of hard physical labour is pretty ephemeral when one considers that the same amount of work could have been accomplished in five minutes with a backhoe.

Reading
Read Ross Anderson’s book Security Engineering. It was quite a good read - very much more in breadth than in depth, though I am probably more familiar than most with the content. Much of the book is written at a moderately high level of abstraction, which I would regard as appropriate for such a dynamic field. There were enough “war stories” peppered throughout the book to keep some of the more abstract sections interesting (I’d have liked a few more, though). Management and procedural issues were relegated to a fairly short section at the end of the book, which doesn’t give them justice (IMO). All that being said, I’d recommend it to anyone involved with IT Security, it provides an good foundation and an exceptional set of references (I have already ordered one of the books off the reference list).

I have just started reading Skunkworks by Ben Rich and Leo Janos. This is the story (from Lockheed Martin’s perspective) of the development of the first stealth fighter. The tone is very “rah-rah” and macho, very removed from any workplace that I have experienced. I don’t know how much of this to chalk up to cultural differences between Australia and the US and how much has to do with doing a job where your work affects the likelihood of people getting killed. I’m about 1/3 of the way through the book, and there is a strong subtext around masculine rights of passage, as the new leader of the Skunkworks tries to live up to the example set by his predecessor. Pretty good read, so far.

A good friend gave me a copy of Fenyman’s so-called “Red Book” of physics lectures. I have been slowly digesting these, a process not aided by my usual habit of bed-time reading (my mind being too tired for physics). These books are a wonderful, intuitive and lively introduction to physics. I’m only a little way in, but I have learned a few things already and obtained new perspectives on things I already thought I knew. Again, well recommended.

How wrong could I be?

Hacking
I have been a little busy working on the imminent 3.7p1 release of OpenSSH. As always, not everything I’d like to be in there made it in time, but a lot of good things did. Please grab a snapshot and help test it. Some other software of mine (pfflowd) has also been added to OpenBSD’s “ports” collection. As such, it will be on the official OpenBSD 3.4 CD (which everyone remotely involved with Internet Security should purchase IMBO).

Life
Good, except for the passing of my Wife’s uncle - who managed to overfill his funeral church (at age 80).

Politics
I was somewhat moved by a speech by Paul Keating (former Prime Minister of Australia). I thought that Keating was an arrogant man whose manner increased the suffering felt by Australians during some very difficult economic times. I voted (my first in a federal election) accordingly. I also feel that he has been since unfairly villified as a source of the same economic trouble and that the current government has taken great care to appropriate credit for the unpopular reforms that helped introduce (e.g. the floating of the Australian dollar). His speech did resonate with me - our current government has our nation rehashing tired old debates (multiculturalism, immigration, public investment vs private ownership) and doing their best to stop new ones emerging. It would be a genuine addition to the poliical debate in this country if someone from the conservative side of politics could make as eloquent and passionate a criticism in reply. Windshuttle, Henderson, et al are simply not up to the intellectual task. Perhaps Manne could, if he were still on their “side”. Keating’s comments on “baseness” in our culture were interesting (given the shameful Tampa debacle of the last election), reminding me a bit of Cicero’s famous “Traitor” speech.

More generally, I am struggling to develop a personal political philosophy. All the great canned political philosophies (Communism, Capitalism, Libertarianism, Anarchism, etc.) appear to rest on deep assumptions as to the precedence accorded to values and actors in the body politic and no one system seems to quit agree with mine. This may be because my values themselves are inconsistent, but they may merely be different. I aspire to the incisive clarity and consistence displayed by the likes of Orwell (here I go again…), but I struggle to reconcile abstract political philosophy against practical considerations. This is probably a result of my poor education in this area.

Movie - Dersu Uzala
This was a Akira Kurosawa’s retelling of Vladimir Arseniev’s diaries of his exploration and relationship with the indigene Dersu Uzala. Through their travels, Kurosawa reflects on themes of friendship, manhood, academic vs practical knowledge and the relationship between man and the environment. Its pace is slow, even by Kurosawa’s standards, but parts are jarringly beautiful. The “Walpurgis night” scene where Dersu is introduced must have inspired every “scary forest” depiction since (including, I suspect, those in The Simpsons). Kurosawa doesn’t besaint either side on the debates touched on in the film, though he predictably ignores women (fortunately he refrains from actively villifying them, as he often did in his Shakespeare-inspired films). Overall 8.1/10 - not Kurosawa’s best, but well worth it.

Movie - Terminator 3
This was much better than I expected, but still rather frustrating. There were many opportunities in the plot for the film to take on some subtextual strength (e.g. why was Judgement Day inevitable?) or to flesh out the characters (who appear to be two dimensional attempts at emulating the archetypical “Flawed Hero” popularised by comic books). Instead, the film spends its time fetishing the Terminatrix’s exploits (pardon the pun). I’ll probably watch this again on DVD when it comes out (rather than crappy Thai-vision VCD I saw it on), maybe the decent looking action sequences will compensate. 6.5/10 - at least it made fun of itself.

Movie - Finding Nemo
I saw this during daylight hours with no shame, thanks to the assistance of an obliging five year old niece. Finding Nemo was good fun, with a lot of very funny gags along the way - the writers obviously pitched a lot of the writing at the inevitable adult audience, to good effect. Not having seen any previews, I didn’t realise that the film was set in (under?) Australia and was thus unprepared for the consequent overdone accents. Fortunately these did not detract from the film much. The pacing of the story was good, but it lost it a little toward the end where Dory’s character became more annoying. The seagulls looked and acted in a way strangely familiar to lovers of Aardman’s animations (”Wallace and Gromit” and “Chicken Run”). Being oestensibly a kid’s movie, I was pretty pleased with the story’s overall moral framework, which some would invariably label “politically correct” if it was presented in a less subtle form. I was pleasantly suprised that the writers did not make the ending too happy and complete, choosing instead to leave the film’s initial sorrow intact (forgive my vagueness, I don’t want to give anything away). Visually, the graphics did not “wow” me as much as previous Pixar films, but this may be a sign that the medium is becoming mature. I did notice some very cool technical tricks, especially the movement of the anenomies and flocking behaviour of the fish. Someone must have done a fair bit of math on these two details alone. 8.5/10 - well worth it.

Movie - 28 days later
One might expect an Englishman to do a good survival horror movie, as the genre was exemplified in “Day of the Triffids” (which scared the hell out of me as a kid, along with the Daleks). 28 days later bears more than a passing resembelance to this classic. The first third of the film is excellent, especially the deserted London. Unfortunately, the middle 1/4 of the film is a little boring and doesn’t add much to the whole. The climax is good and the Danny Boyle gives the film enough subtext to make it worth a little ongoing consideration. 7.8/10 - but then, I do like Zombie films.

Misc
Strange, distrubing stuff from my Sister’s blog.

Gah. My worst fears about not being able to keep any sort of a diary have been vindicated (note the two month gap between this and the last entry). In my defence I will say that I have been very busy. Around the time of my last entry I started a new job at NetStar Networks in their security consulting team. This has worked out well so far, with the work being interesting and challenging.

I have just returned from doing a series of seminars around Australia on intrusion detection systems (IDS). This was very enjoyable - my coworkers did an hour presentation on the history and theory of IDS and how one should go about evaluating such products in one’s own network. Following this I conducted an hour of demonstration of a number of vendors’ products, throwing real and simulated attacks against them and discussing the results (or lack thereof). Although we didn’t set out to set the products against each other, it was soon clear than none of the products we demonstrated performed perfectly. I was a bit surprised and disappointed that Snort didn’t do better - it missed a few of our attacks. More scary was one vendor’s response to the demo (they shall remain nameless). Unhappy that our very. very limited demo showed that their product missed a three year old denial of service attack and, worse, was vulnerable to a five year old evasion technique, the vendor demanded that we cease demonstration of their product (with a threat of legal action if we didn’t). Perhaps it is some vestigial sense of ethics, but as a one-time developer of commercial security products, I would have thought the appropriate response would have been to ask us to provide our environment so they could replicate and fix the problem themselves.

Another cool thing happened to me during my two months away from this page: I met up with a very old friend, whom I had not heard from since he moved to the USA sixteen years ago (Hi Paul!). He actually found me by reading my web-site (presumably after some Googling). I wish I had as much luck in searching for old friends online. Catching up was great fun and it was extremely interesting to evoke old memories and attempt to put the last sixteen years into some communicable narrative.

Other random things: saw Battle Royale (wow), chopped down trees (ouch), too busy to write free software, friends are expecting first child, another friend has first child (Simone and I are the odd ones out now), tried acupuncture (despite my rationalist scepticism, it definitely has an effect), reading more Orwell.

This week is the 100th anniversary of George Orwell’s birthday. I first read 1984 when I was fourteen years old and it crushed my soul. We are still far from escaping the dark potentials that he so brutally described. Earlier in the week I discovered one of his essays on the net: Politics and the English Language. I was shocked when I started reading it - his criticism could have been aimed straight at me and my insipid writing style. Fortunately, he provides practical ways to avoid these blurred modes of word and thought.