Macbook AIr

I'm not a Mac fanboy, but the Macbook Air is amazing. Because of a few projects I'm working on, I needed a new Mac and wanted something as light as possible, because I'll often have to lug it along with my daily warrior, a loaded and SSD-ed Thinkpad T400s.

First, the Air is an amazing engineering feat. You've seen the pictures, but until you hold it, it's hard to really imagine how thin this laptop is. I don't have any rigorous performance numbers, but those upset by the use of a Core2 chip instead of one of the newer i5/i7 chips can relax--for virtually anything you'll use this laptop for (barring extreme 3D games, I presume, though I haven't checked out the performance and don't intend to use it for that), it's plenty fast. Lightroom rendered images very quickly, applications open instantly, reboot is blazing, it's very responsive in every situation I've encountered.

It's not perfect, of course. Where (Apple) are the home and end keys? How about pgup and pgdn? I know--Fn-arrow. And del? Yeah, Fn-delete. I want keys. I'm not thrilled with gigabit over USB. I would love a builtin VGA port for presentations so I don't have to lug a dongle, but where would it go? There's not a single spot where the laptop is as thick as a VGA plug. I would have liked 8GB of RAM (I make heavy use of virtualization). But overall, this is one sweet laptop and highly recommended if you need a lightweight Mac solution.

Concert photography

I now have a website dedicated to concert photography. Have a look at http://www.highisomusic.com if you're interested.

John Cage

Somehow, I never paid attention. Now I'm listening to his "prepared piano" music, which is brilliant...and startling. A must listen if you like the tension created by silence in music (i.e., not to draw too close a comparison, but if you hate Thelonious Monk, you might not like it). The CDs are:




I came across the music while watching Shutter Island and at first thought the pieces had been composed for the movie, because they worked beautifully to create tension in some of the "scary" parts. Have a listen.

RECON 2010

I'm back in Montreal for a month (after disappearing from Quebec for 8, after my sabbatical ended) and the highlight so far is RECON 2010. I've tried to attend in the past, but timing never worked out. This year I made it and I offer the following comments:

The talks are outstanding. The schedule is exhausting, particularly since the talks are outstanding and it's difficult to walk away from any of the talks to rest. It's a conference for those with 20 year old stamina (I'm 45, but have 25 year old stamina--almost good enough). The beer was good. The hotel almost caught on fire while I was in the shower. Note: If you hear faint beeping sounds while in a Canadian hotel, that might be the fire alarm. I hardly noticed, and it took a call from my wife to send me rushing down the stairs, barefoot. I always wanted to walk down a main street in Montreal barefooted, so my dream was fulfilled.

Sebastian Porst talked about obfuscating malicious payloads in PDF and zynamics has a new tool that's worth checking out called PDF Dissector.

Danny Quist (founder of offensivecomputing.net) talked about some extensions to Ether (which itself is a set of patches to Xen to support malware analysis via hardware virtualization). Danny also showed off some very nice visualisation techniques for understanding execution flow during malware unpacking. His stuff is set for release in 2011(?). Check out the Ether page here. This was a great talk and will hopefully open up some avenues for collaboration, because my research group at UNO is also working on live forensics/malware detection and mitigation via VM introspection.

Ricky Lawshae (from BreakingPoint in Austin) discussed "picking" electronic locks using sequence number prediction. Yes, channelling Mitnick-style attacks into 2010. Now I'll have to stop telling my students that sequence number attacks are "so yesterday"...

There were also talks on picking (and destroying) physical locks, 8-bit/16-bit hardware hacking, reverse engineering embedded systems, deep looks at the obfuscation schemes of some recent malware (Swizzor and Mebroot), porting Syndicate (one of my favorite games in grad school) to modern architectures, building a router from scratch for SDSL service, and others. Check out everything at RECON.

RECON is moving to an annual schedule, so be sure to check it out in 2011. Attendance is limited, so register early once for 2011 that's possible.