Daly back in fashion

The last time I wrote about John Daly he was smashing cameras on the golf course and was later found drunk and unconscious outside a Hooters. I later pleaded to here less and less of this (and thus, I say it again). But now, some good news. He has rehabed like a true celebrity and is playing in the Spanish Open since his PGA card has been suspended. He is slimmer and playing well, 2-under 70.

But! The real news is what he is wearing. Daly found a style. It isn't beautiful, it isn't chic, but a style none the less. Look at that orange, the checker board pants, could it really be Daly? Oh yes it is. I can't say that I like it nor hate it, but I can say that it is better to be in the news about your clothes than your little nap time outside a Hooters. So here's to you Daly. Good luck, and most importantly, enjoy playing golf. The outfit seems to suggest you are, but your still a little hard on the eyes.


So hard on the eyes.

Terence Moore took a buy out calls out Atlanta Sports

In his last column for the AJC (my home town paper), long time sports columnists Terence Moore take a final stab at the Atlanta sports franchises. He calls them good, but not great, and that good is for losers. He recalls all the close calls and the good teams but only one great team, the 95 Braves who won the world series.

Elite NBA teams have an elite player, such as the Heat’s Dwyane Wade, and Joe Johnson is the Hawks’ best player, but he’s only good, just like the Hawks.

The Falcons also are only good. Still, with suddenly enlightenment management and coaching, they have a chance for a breakthrough, but they need back-to-back winning seasons first. They’ve yet to do that in their existence.

Elsewhere, courtesy of decent starting pitching, promising youth and future Hall of Famers Chipper Jones at third base and Bobby Cox in the dugout, the Braves are only good (see a pattern here?). The Thrashers, not so much. Ilya Kovalchuk is the only overwhelming star on a flawed roster, and he could bolt after next season as an unrestricted free agent.

I don't really agree with Moore. Living in philly, this city has 3 championships (in recent times) in just two sports: Hockey and Baseball. A lot of cities have none (New Orleans comes to mind), and some have only one, like Atlanta. You can't expect Atlanta to be like New York or LA or for that matter St. Louise. In baseball, something like 40% of the world series are split among 3 teams. In football, it is just a crap shoot, yet again certain organization dominate others. In basketball it is even worse. If you don't live in Boston, LA, Chicago, or San Antonio your lucky to have a single championship. Can you really expect Atlanta to win every year?

I like good. I love great. But if I had to choose between celler dwellers and playoff teams, I would take the playoff team any day, even if they don't win a championship. It is a shame that Moore is leaving on such a sour note. At least we got one, and people still care about the teams. Even the hawks are selling out. Championships are hard, but at least we are competing. That is more then a lot of places can say.

Charlie lost weight? As a bobble head.

Is it me, or did they do Charlie a favour in this bobble head? His gut is like two sizes too small.

Obama On Science

In a great, somewhat political, speech at the National Academies Press, President Obama shows why he understands the needs of science. Well worth watching and a great speech.

Video

Yelling at the opposition

I was at the 'Natinals' Phillies game last night, and being at a ball game, I participated in my favourite part of the past time: yelling at and heckling the opposition. There was no way they could here me, I was way up in the upper deck in the outfield, but yell anyway I did.

My favourite of the night was yelled at the National's short stop, Alberto Gonzolez. I of course shouted.

"You can't hit, you lied before congress!"

I was corrected by another fan that our former attorney general never actually lied.

"Fine. You can't hit, you forgot before congress!"

Is Graduate Education a Dead End?

Yesterday the NYT ran an editorial about how broken graduate education is in America. Written by the head of the religious department at Columbia (my alma mater), Mark C. Taylor. You can get the gist of the op-ed from the first paragraph

GRADUATE education is the Detroit of higher learning. Most graduate programs in American universities produce a product for which there is no market (candidates for teaching positions that do not exist) and develop skills for which there is diminishing demand (research in subfields within subfields and publication in journals read by no one other than a few like-minded colleagues), all at a rapidly rising cost (sometimes well over $100,000 in student loans).

Well I guess he is right, for every field other then science and engineering. Let's take biology or medical research, you need higher education to work in must industrial labs. It seems that there is a market for that. Or computer science for instance, the market may be tight now, but you can almost always find a job coming out of a Ph. D. program. It may not be the one you want, but there are jobs in industry, government, start-ups, wall street, and academia. For almost any science or engineering field to get the top notch jobs (not just academic ones), you must have a higher degree.

I agree with his point about the humanities. What is a Ph. D. in mid-evil history going to get you if you can't find an academic job? But, a Ph.D. in Bio-engineering will almost always get you a job. I can't blame Prof. Taylor for his opinion, but he is way, way off base. He needs to qualify his opinion for the humanities, and not make sweeping generalizations about graduate education across all fields. The view from the religion department is very different from the view at the computer science department. Perhaps Prof. Taylor should take a walk across the Columbia campus and tour the Mudd building and see what higher education in engineering and science is providing before attacking the system as a whole.


P.S. One of things he wants to get rid of is tenure. Which is odd because he is attacking the very institutions that provide his salary. If he wasn't tenured, do you think he would have the courage to speak this way? It surely would be a conflict of interest. With tenure, no conflict. This whole op-ed is rife with contradiction.

P.P.S And on another point, any worthwhile graduate student, esp. a Ph. D. student, would not have to pay for their education. They will work under a grant that pays their student fees and a stipend, otherwise there is no incentive to go back to school when you can get a job in industry (schools do compete with industry in engineering). Plus, most stipend are sufficient to live on. I for example am not taking on any debt in my pursuit of a graduate degree.

Suck It Trebeck - binary style

Talk about celebrity jeopardy, IBM is preparing its own contestant. Once completed, Watson will be a super-computer with one mission: demolish the competition. IBM's newest foray into the world of AI (I guess it still called AI) is a computer that can compete against humans on the TV game show Jeopardy. Now that is a celebrity jeopardy I would want to see.

The challenge is not the data look up, any computer with Internet has access to all the necessary data. The hard part is understanding the questions, I mean answers. It must play on the same terms as the human contestants. To do that, it must parse the question and find keywords, links, analogies, metaphors, play on words, and handle ambiguity just to determine a reasonable search criteria. And once done with that, there may be more then one answer that fits, so it much choose. Not so easy. Especially once you realize that human contestants answer correctly close to 85% of the time and do so quickly. I would be really surprised if it won on its first go, but there is more going on here then simply Jeopardy.

Once a computer can parse Jeopardy clues and remove any ambiguity, that is a huge leap forward in computer human interaction. The classic test of artificial intelligence is the Turing test. Basically, if an ordinary human can have a conversation with a computer and not realize it is a computer, then true AI has been achieved. This is a huge step in that direction, and if IBM is successful, it would have big implications in the world of user interfaces. It isn't to far fetched to think about IBM holding a monopoly on human conversation user interfaces. Imagine saying, "Computer, compile file X", or saying it any number of ways we could say it to another human, and the computer knows exactly what you are talking about. Kinda cool, and kinda scary.



In the seminar class I am taking this semester, we discussed the concept of the singularity: a point where machines get so complex that humans can no longer understand them. People always say that it is only 20 years away, even 20 years ago. Personally, I have a heard time imagining such an event, but this kind of breakthrough starts to make me believe. This isn't chess where there is a fixed number of possible games, this is language. There is nearly an infinite number of ways to phrase things all of which are littered with play on words and ambiguity. Perhaps this is where the singularity originates, or perhaps not. We still have to see how good Watson really is, but I can't wait to see it take on Ken Jennings, and loose.

NYT article

Simpson Theme in A Cappella: Rad Man!

If you didn't see "The Simpsons" last night, or not make it to the closing credits, then you missed out on one of the coolest a cappella performances I've ever seen. A Washington based ensemble, Canvas, performs a version of "The Simpsons" theme, sound effects and all, using only their voices. It is f*ing awesome. I guess Andy from "The Office" got it right, "Name me a song, and it's better a cappella."

Check out the video. This is the full length version.



And this is how it appeared in the closing credits. It seems the group went into a sound studio because it sounds much better.

My Beer is on the Bar ... with no coaster!!!

I read in Salon this weekend that beer coasters may become an endangered species. The leading producer is filing for bankruptcy. They are essential for bar hygiene, and they also provide advertising and boredom toys while drinking your favourite brew.

The economy is devastating our car manufacturers, but what about a bail out for the coaster. Should we live a life with cup stains everywhere and no toys to play with. No! I declare. Save the coaster because napkins are too old school.

MLB playoff predictions

I made some predictions for the MLB playoffs over at dirtysouthsports.com. I know it's early, but I call it anyway.

Summery:

National League
Division Winners - Cards, Dodgers, Fish
Wild Card - Atlanta Braves (yes I am a homer)

American League
Division Winners - BoSox, ChiSox, Mariners
Wild Card - Yankees (but watch out for the Tigers)


World Series: BoSox vs Cardinals
Champions: Cardinals

That's right, my team to beat is the Cardinals. I reserve the right to be wrong, but that team is good. They hit well and pitch well (with some recent injuries). They have a top notch manager, and the Cards are a kind of team that can sneak into the playoffs and cause a lot of damage.

Check it out.

What a day!

I am sitting outside enjoying the beautiful weather. Google is telling me it is 99 degrees out, but it is most confortable in the shade from my local coffee shop. The city is alive, and the people are out and about. You can't ask for better times.

Just to make you feel jealous, here is a pick of the awesomeness that is today.

Computer Security Hype bad for Computer Security

Who can forget the hysteria over Conficker? It was everywhere, including on 60 minutes (which was the worst reporting I have ever seen about computer security, they even had to issue retractions). It was so pervasive that I even got a call from my mother who was nervous about her computer. In the end, nothing really happened - the best April Fools Day spectacle I have ever seen.

Now, the FBI cyber-crime task force is weighing in on the hype; they think it is bad. It distracts the public from other threats.

For the general public to focus on Conficker -- that's the threat they're worried about -- I think that is actually a bit of a problem for us as a society," said Shawn Henry, assistant director of the FBI’s Cyber Division, speaking at the RSA security conference in San Francisco Thursday. "There are dozens of Conficker-like threats and vulnerabilities out there.... while the media stories helped to raise awareness, I think that focusing people on that particular aspect, perhaps took away their attention from the overall threat, which is just as great or greater than Conficker itself."

Yes Conficker is a threat, but it is not the only threat. To focus so heavily on one worm in particular doesn't provide the whole picture. Threats are constantly mutating, and it is hard enough to keep up without the press freaking out over one botnet.

Perhaps if the public and the press were better informed, these issues can be avoided. It is about time that the press hired a computer expert or two to properly cover these stories. Then maybe 60 minutes wouldn't have had to issue so many contractions.

How does -1 become 42.9 million?

I read an interesting blog post over at Zero in a Bit about a slot machine payout. The storey goes as follows: a woman supposedly won $42.9 million dollars from a penny slot machine whose maximal winnings is $9,025. Of course there is litigation, and the woman probably won't get all that money. But, where did a number like 42.9 million come from?

Chris Eng has a pretty good idea. In the slot machine when things go bad, the routine that calculates the winnings probably returns an error code of -1 , and since winning are always positive, they probably use an unsigned int to store the returned value before displaying it to the customer. Ok, so we have an variable that is declared as an unsigned int and we are assigning an int to it, an int that could be negative.

So if the subroutine that calculates the winnings returns an int value of -1, that is 0xFFFFFFFF in two's compliment, then it will be casted to an unsigned int. But, 0xFFFFFFFF is now interpreted as 4,294,967,295 or 4.2 million when we remove the sign. Likely multiplied by 100 at some point (it is a penny arcade), you now get 42.9 million. Oops.

Someone didn't check their error conditions!

iBotNet, some rotten Apples

One thing that always pisses me off about Apple (one of many really) is that their customers like to claim they like Apple's OSX because it is more secure. Really? More secure. Well that is not true, at all. In fact, Apple's operating system and complimentary software (like safari) continues to be more vulnerable then the alternatives, including IE7/8. Recent capture the flag competitions and PEN testing have continued to show that Apple is quite vulnerable and usually the first to be hacked (the others get hacked too, by the way).

So why aren't more attacks against Apple machines happening? Why aren't there more news stories about huge Bot Nets of Apple machines that threaten to destroy the Internet as we know it? Simple, there aren't enough Apple machines out there for an attacker to justify going after them.

Think of it this way, if you were a drooling Romanian with a tendency for computer hacking and you had this kick ass Bot Net that you want to deploy by infecting computer across the Internet, for what kind of OSes and platforms would you write your virus? If you write your virus for say Windows, then it could infect something like 85% or more of the computers on the Internet. But, if you write it to only infect Apple OSX machines, then you are talking about 8-9% of machines on the Internet. It just isn't worth you drooling time to write a virus to attack Apple machines.

But, that may be changing. Recent news is that an all Apple Bot Net has been detected, so dubbed iBotnet. It is propagating via a pirated copy of iWork '09 and Adobe Photoshop CS4. And, the iBotnet has actually been used in a real DoS attack in the wild.

Perhaps the honeymoon is over for Apple. Perhaps they asked for this. All I know is that the religious Apple users need to stop claiming that they use Apple products because it is more secure and start realizing that they use it because they think it looks cool. Or perhaps, they think it is awesome to spend twice as much for a machine with inferior hardware. Or maybe, they think a one button mouse is actually worth more then a three button mouse. Or maybe, Apple customers should start running anti-virus software just like everyone else and realize that there computer is just as vulnerable as the windows machine you scoff at.

Introducing the 'Natinals'

When I first saw this story, I really thought it was a joke. But NO! The Nationals of the nation's capital really took the field with 'Natinals' on their uniform. Supposedly, there was a problem with

the teams seamstress, like she/he can't spell (like me). It didn't effect all the players, just the only two anyone knows, Adam Dunn and Ryan Zimmerman.

These players are the face of the franchise, and why in the world would you actually let the team on the field with that jersey? Your at home. I am sure there is an alternate uniform somewhere. So the numbers may not match up, but at least it will not look like your team's stars are no better then a 3rd grade spelling bee champion.

Pathetic. This organization is a disgrace, from bad recruiting and bribes in latin america, to the stupid placement of the camera behind home plate (it is like a mile up in the air and you can't see the ball flight at all on the TV).

As far as I am concerned, get rid of the name Nationals, since you can't spell it anyway, and just rename the team the Senators or worse the Generals. Maybe they should have kept the name Expos, at least it is easier to spell.

EuroSec Panel, my thoughts (repost)

(This post originally appeared on the FORWARD blog and reposted below to make my own blog look better)

EuroSec Panel: Thoughts and Anecdotes

My name is Adam Aviv and I am 2nd year Ph.D. student at the University of Pennsyvlania.

One of the highlights of this years EUROSEC workshop was the panel on emerging research directions. The panel was filled out by Angelos Keromytis (Columbia University and Symantec), Herber Bos (Vrije Universiteit Amsterdam), Georg Portokalidis (Vrjie Universiteit Amsterdam), Christian Platzer (Technical University of Vienna), and Edita Djambazova (Bulgarian Academy of Sciences), and the panel was moderated and organized by this blog’s one and own Sotiris Ioannidis.

Although, the topic is a throw away — emerging research what does that really mean? — we had a very engaging conversation about the future of security as computers get even more pervasive. The topic is best exemplified by an anecdote told by Herbert Bos about how one of his graduate students planned to get their Ph. D.

Herbert’s story takes place during an auspicious weekend in the lab where he instructs his “lazy” graduate student to stop putzing around and get some real work done. Being the weekend and all, Herbert intends to relax, so he heads out to a cafe (an Amsterdam cafe). He gets, in his own words, “high as a kite” and somehow meanders into the red light district to soak up some of the entertainment. Thirty minutes later, he heads back to the lab to ask what his graduate student has been up to.
“Hacking smart phones,” he replies, and this intrigues Herbert who asks, “Whose smart phone?”
“Yours.” The student answers, “and I know what you have been up to while I’ve been working. First, you went to a cafe, and then you went to a club. If you don’t write my thesis for me, I will tell your wife.” And, of course, Herbert must now write his thesis.

Even though it is not a *true* story, it demonstrates the pervasiveness of computers. The smart phone is a phone, but it also much more then a phone, it is a computer. The student hacked the phone, turned on the GPS, and was able to track the location of his adviser. Even more devious, he could have turned on the microphone and recorded the illicit conversations and produced more evidence for his Ph. D. in blackmail.

Phones are not the only computers that are everywhere in the modern age. For example, computers are in our road signs. Perhaps you weren’t aware that there were “Zombies Ahead.” They also manage our most important infrastructure: the power grid, communication satellites, air traffic control, etc. All of which must be considered vulnerable. Additionally, the home computer has proliferated, and with so many computers, often sitting idle with their butts exposed to the world, they get compromised and organized into massive Bot-Nets which threaten these critical systems.

So, the panel asked, “What do we do now?” And, perhaps most importantly, how do we communicate about this brave new world to the public? Sensationalism, like the recent 60 Minutes piece, is not the way. Not only is it alarmist, it gave no practical solutions other than to go buy anti-virus software from these companies that were just interviewed. It is not like computer security hasn’t been in the public view before. It’s been reported for at least 20 years (NYT 11/7/1988 “Computer Invasion: ‘Back Door’ Ajar”), and still the public is naive to the real threat of pervasively networked computers.

Like all panels, we thought, discussed, and speculated about the future, but reached no all encompassing conclusions. The problems will persist, and perhaps, it is our fault — we are loosing the war against the bad guys. The only real conclusion the panel can reach is that emerging research must include a clear discussion that the public can understand. People need their iPhones, but they should also understand what carrying an iPhone with them everywhere they go really means to their privacy. It is our responsibility as researchers to drive the discussion and be easily accessible because the world is changing faster and emerging threats are everywhere. If not us, then whom?