Will they find the black box?

Posted in Tung Chung on 05/27/2010 10:29 pm by Richard

If you haven’t already read Flying Low and Flying Low II: Ground Proximity Alert, you should start there.

The Aviator has crashed and burnt! It’s been deserted, darkened, with a bike lock through the door handles for some weeks now. The varnish outside is flaking away. The whole place dragged out of the sky in a stall induced by epic fail.

But how could this happen in a busy, highly-populated area like Tung Chung, where there are so few other bars to choose from? Could it be:

  • that they never, ever changed their tedious and bland menu?
  • that their food and drink were recklessly overpriced, especially given the quality?
  • that their beer selection was minimal and consisted of the same brews sold everywhere else (if I wanted Carlsberg I’d get it from 7-Eleven; sell me something interesting!)?
  • that their buffet was covered in flies?
  • that their staff had been taught a special facial expression of greeting (best described as “oh crap, here’s another one”)?
  • that the place had the atmosphere of a food court, and did not encourage lingering (more like The Autopilot, quite often)?
  • that the service was incredibly slow, and you’d often spend as long waiting for your pint as you would spend drinking it?

Or perhaps it was just bad luck. Who can say.

Moving on, fingers crossed that something actually good replaces it. Not just another chain restaurant/bar. Something with the pizzas of Wildfire, the beer selection of the East End Brewery, and prices from the Mainland. Not a chance, obviously.

 

We’ve replaced this hooker’s regular herpes with the Win32/Wisp.A BackDoor-EMN virus. Let’s see if anyone notices…

Posted in Geekery, Opinionated rants, Security on 05/27/2010 10:49 am by Richard

The headline: “First human ‘infected with computer virus‘”.

The truth: oh lordy, it’s Captain Cyborg’s protege.

Captain Cyborg is Kevin Warwick, loopy professor of cybernetics at Reading University, who has been inserting bits of electronics under his skin for some years and making extravagant claims about the implications. He is most famous for taking advantage of the Soham murders by offering to implant an electronic tracking device into an eleven year old girl, (an offer that I think should earn him a place on some register or other).

Gasson is Warwick’s sidekick, although it seems the major lesson he’s learnt from the Cap’n is how to be a media whore.

So what about these claims he’s infected himself with a computer virus? I had a few concerned friends forward me the URL, seeking comment. Well, if I put a pregnant rabbit inside my PC case and then issued a press-release: “Computer Gives Birth To Bunnies!” – that would be about the equivalent to Gasson’s little achievement. (Full disclosure: that analogy is not mine, but it is far too superb not to share.)

Gasson, in short, has repeated a fairly dull RFID experiment. But before doing so, he wedged the RFID under his skin. He could equally have poked it into a sausage, or up his arse, and the results of the experiment would have been just as meaningful, but he’d not have got the press exposure because people would have been laughing at him instead, which would be the right response.

Of course, underneath the trashy sensationalist journalism and craven publicity-seeking there is a serious implication to this experiment: implants (pacemakers and such) that are integrated into the human body may become vulnerable to attack using technologies not dissimilar to RFID, and it is incumbent on the manufacturers to bear this in mind.

But the key word there is “integrated”. You achieve the status of cyborg when the technology has been actually integrated with your body, not merely inserted into it. You do not become a cyborg by placing electronics under your skin, even if you then scurry off outside looking for Sarah Connor. Although the whole concept of humans being infected by computer viruses is specious at best, you’d assume that this kind of integration would be a prerequisite.

So, in response to the concerned e-mails I received: you do not need to install Norton Anti-Virus on yourself. Not just yet.

 

Not even…

Posted in Opinionated rants, Security on 05/24/2010 04:05 pm by Richard

Earlier in the month I gave a talk at the Info-Security Conference in Wanchai, defending the PCI DSS against claims that compliance is worthless and does not improve security. At around the same time, I had an article published that contained essentially the same argument (read the PDF here; original article here).

Every day, dishearteningly, I see more and more examples of the kind of businesses to which my presentation and article were referring. Specifically, the ones that are culpably negligent in terms of information security.

Check out, for example, this news story. Nothing particularly unusual about it, but I thought the merchant’s statement was especially illustrative of the kind of attitude of which I see so much. They portray themselves as utterly innocent victims of a “senseless” attack. Bullshit! A senseless attack is when someone randomly punches you in the face while you’re walking home from the pub. Heisting a load of cardholder data makes huge amounts of sense: it’s valuable. And they’re hardly innocent. Wearing a short skirt does not mean you are asking to be raped, but leaving your payment card database hanging out most certainly does mean you’re begging for someone to come along and make a copy or two.

But it’s okay: “authorities” say the attack wasn’t the result of any “wrongdoings” by staff or management. Bullshit again! Management are responsible for securing their data. They neglected to do so. That’s a good, solid piece of wrongdoing right there.

Now, I really don’t mean to single out this one small restaurant, but I see attempts to substitute investment in security with affronted and unconvincing protestations of innocence like this all too often, and that was what sparked my pro-compliance presentation and article.

I sometimes consult for businesses that have got sub-par security. The fact that they’re addressing their poor security absolves them of negligence. Businesses like the aforementioned restaurant are in a whole different league of shame. And so I’m proposing a new terminology for them. Based on Wolfgang Pauli’s dry observation that something can be “not even wrong“, I am choosing to label the security negligent as “not even incompetent”. After all, you can only be incompetent at something if you’ve tried it.

 

Sadly, this does not surprise me

Posted in Geekery, Opinionated rants, Security on 04/06/2010 01:37 pm by Richard

Wikileaks recently released a video showing incriminating footage of an attack by an American helicopter gunship in Baghdad. Many were killed, including two Reuters journalists, and children were seriously wounded. The Americans claimed this was all within the rules of engagement, but the video footage tells a very different story.

But that’s not what this posting is about. It’s about Facebook’s censorship of this very important subject matter.

The web site Collateral Murder was set up to ensure that the video could reach a wide audience. But interestingly, if you try to post a link to Collateral Murder on Facebook, you get:

“Blocked Content”? Now how did that happen?

 

The chef? He’s from Barcelona

Posted in Food and drink on 12/09/2009 12:06 pm by Richard

Incredible. Simply months since the last update. I bet you thought I’d given up blogging. In fact, I’ve been torn between masses of mundane stuff (not worth blogging about) and some interesting stuff that I’m damn well not going to blog about (mind your own business!)

So here, just to kick things off again, is a restaurant review. La Comida, Staunton Street, the Spanish restaurant and Tapas bar. I was there last night and was confounded by the gap between their good dishes (amazing) and their bad (a practically inedible travesty of cooking).

In summary, if you go to La Comida stick to the tapas which were, without exception, bloody marvellous. The calamari with aoli were perfectly cooked and not at all chewy, enclosed in a firmly textured crust of tasty crumbs, and the aoli itself was an ideal match. The asparagus with parmesan was the ultimate vegetarian comfort-food. The sardines were crispy-skinned, full of flavour and enhanced by a dash of olive oil (always available on the tables).

Then comes the tactical error: instead of ordering more tapas, my companion and I tried for some of their main meals. She had salmon with dill sauce and french fries and it was not too bad. A generously-sized portion, but unfortunately with only the most stingy splashing of sauce; certainly not enough to actually allow it to be tasted.

I chose the rack of lamb with mashed potato and green salad and it was universally awful. The lamb itself was properly cooked (I like mine rare and they complied with that reliably) but the cut of meat was cheap, clotted with fat and sinew, and much harder to eat than lamb rack ought to be. The mash must have been instant as it had no taste at all, and was dry and had a suspiciously uniform texture. The salad had been dressed apparently with pure brine and was far too salty to eat. Nothing on that expensive plate gave me any pleasure at all. Luckily my companion had filled herself up with tapas so I ate her salmon and found it quite agreeable.

They also serve the roughest rioja in the world as their house red. Avoid at all costs.

Would I return? Yes, for the tapas, without any hesitation. I’ll never be ordering off the main course menu again.

 

What’s in a name?

Posted in Hong Kong life on 09/11/2009 10:14 am by Richard

Sino Land are working on a new residential development near my office. It’ll be six tightly-packed blocks of 40+ storeys each, with lots of tiny concrete-box apartments per floor. It’s on the edge of Mong Kok and Tai Kok Tsui, which is widely held to be one of the most densely-populated places on the face of the Earth.

And what have they decided to name this habitat? Human-hive? The Sardinecan? Pod City? No, they’ve opted for The Hermitage.

Perhaps it’s not standard apartments at all. Perhaps it’s over 40 floors of bijou columnettes, for the urban Stylite-about-town.

 

I felt like Chicken Tonight

Posted in Recipes on 08/14/2009 10:19 pm by Richard

Bored after a week of unimaginative dinners, I just invented the ultimate chicken burger. In case you’re interested, here’s how it goes. You need (quantities for one person; multiply as necessary):

  • 200g of minced chicken breast (that’s two nice-sized patties)
  • 1 clove of garlic, chopped finely
  • 1 spring onion, chopped finely
  • One teaspoon paprika
  • One teaspoon ground cumin
  • A few finely torn-up coriander leaves
  • Pinch of salt
  • An egg-white (or the whole egg, if you’re not a health-freak)

Mix it all up by hand and have fun making a mess. It’ll be worryingly dark but don’t fret, when you cook it the colour will improve. Mould into two patties and splot them into a frying pan of hot olive oil. Flip ‘em until cooked through.

Serve on a bap with mayo, rocket leaves and sweet chilli sauce. Flail around trying to stop the cats from stealing one burger while you’re eating the other.

 

Barbed comments

Posted in Made me laugh on 08/13/2009 01:12 pm by Richard

Why would an ordinary school in an ordinary, peaceful street in Hong Kong need to be protected by a barbed-wire fence? The Sharon Lutheran school that I walk past on my way to the office every day looks like a fortress and I can’t think why. I’d assume it was some kind of young offenders’ institution if I couldn’t see the signage on it.

Perhaps the barbed wire really is there to keep the young Lutherans in. Otherwise, one day, maddened by years of people shouting “I have a dream!” over their walls, they’ll burst out en masse, snatch up an innocent passer-by and nail him to their door.

 

A wibbling too far?

Posted in Opinionated rants, Tedious journalising on 08/09/2009 09:04 pm by Richard

An interesting question from Dave over at Dave’s Wibblings:

Here’s my thought for tonight: if someone is blogging pseudonymously, but their true identity is trivially googleable, does anyone have a requirement to keep that identity quiet?

[...] why should I be required to preserve the anonymity of people who are only anonymous to preserve their lifestyle which depends on human trafficking for sex?

[...] why should I preserve the anonymity of some overpaid expat who is using his blog to boast about how much sex he pays to have? While he supports the triad gangs who traffick in women? Or some wanker banker bragging about his conquests. Especially now that these banker types are profiting at everyone else’s expense.

Here’s my take, Dave, as one non-pseudonymous blogger to another. Why don’t you mind your own business?

Has anybody actually asked you to unmask somebody in this manner? No, didn’t think so. Why should they? What you’re actually saying here is, “Ooh, I’ve just done some slick detective work on Google and found out who $blogger is… I really want to spread the word so people can see how clever I am! But I don’t want to look like a playground sneak. I know, I’ll get rhetorical and hope somebody asks me, then I’ll have an excuse to spill the beans!”

Good man. You disapprove of prostitution and fatcat bankers. Me too. But you’re behaving right now like one of those tedious fundamentalist Americans who photograph men coming out of porn shops and post the photos on the web. And I had you tagged as a decent, sensible atheist fellow too.

Dave, if you know the identity of someone who is doing something illegal then take it straight to the police. I’ll applaud you for that, in public if you want; but this snide “I know what you’ve been doing…” business is beneath you. Get a grip.

Edit: Dave deleted his blog posting. Good stuff.

 

More supermarket shenanigans

Posted in Hong Kong life, Opinionated rants, Tung Chung on 08/06/2009 10:25 am by Richard

Apropos of the previous blog post, something else I’ve noticed that they do in Taste/Park’n'shop is to leave the “This product is out of stock” label covering the shelf prices of products that are clearly in stock and piled up right there in front of you.

Why else would they do this, except to prevent you seeing the unreasonably high prices they charge? The individual items are not marked with prices, so the shopper relies on the shelf price. I have started confiscating “out of stock” tags that are untrue, so the prices are visible once again. I have quite a few already.

Truly, I wish there was somewhere else I could shop. There is a Wellcome in Tung Chung, but it’s woefully local and sells very little of any use.

 
Older Entries