Category: Uncategorized

Woo! I just read about this new incubator in Cambridge! I wonder if some of my Cantabrigian friends would exploit this great opportunity to run your own start-up! I just think that it would be an excellent source to network and build upon each other. Most successful incubators are more about the networking rather than the financial advantages.

Red Gate Software has launched a startup incubator in Cambridge. Free office space, internet access, room, board, advice, and pocket money. (I’m one of the people giving advice). For a first, it’s really free; Red Gate isn’t taking stock in the companies it helps.

Wonderful people – these Red Gate.

I just read this article on something called, “self-enforcing protocols”. I found this article interesting because it addresses a serious concern with defeating cheats. Basically, a self-enforcing protocol is one where no third party arbitrator is required to ensure fairness. The protocol itself is self-enforcing. An example given in the article is barter trade, where everything is at face value.

The homeowner decides the value of the property and calculates the resultant tax, and the government can either accept the tax or buy the home for that price. Sounds unrealistic, but the Greek government implemented exactly that system for the taxation of antiquities. It was the easiest way to motivate people to accurately report the value of antiquities.

That is one ingenious way of ensuring that the home-owners stay as honest as possible. If they arbitrarily under-value their property, they would ultimately end up losing the property entirely as the government would be able to buy it and sell it off at a higher price almost immediately (and probably back to the original owner).

What appeals to me with regards to this is the use of these protocols in so many areas in government and administration. Brain food!

I have just recently built a GCC cross-compiler for the MIPS architecture. I did this in order to do some comparison against the code generated by the LLVM MIPS compiler, which is marked as an experimental compiler. I picked up the C code for XTEA and compiled it using both compilers with optimisation turned on. The results are as follows:

GCC code size using MIPS1 instructions was 316 bytes long (79 words) while the LLVM one was 428 bytes long (107 words). In fact, the equivalent MIPS16 instruction is only 256 bytes long (128 words). So, the GCC output was far more efficient in terms of code size. However, I looked at the actual code output and found that LLVM had generated 19 no-ops (instructions that tell the processor to do nothing). These no-ops can be effectively removed to bring the code size down to 88 words, very close to the GCC output. Most of these no-ops were generated to avoid pipeline hazards. The number of load and stores generated by both compilers is the same, 8 loads and 4 stores each.

To me, this would seem to indicated that the LLVM compiler is fairly similar to the GCC in terms of code generation and should be useful in most cases.

I read about this on reddit today and I thought that I should just share it. It is just extremely funny and very sad that our main news-wire will carry such utter nonsense. The article claims that, “avoiding masturbation and homosexual activities are among preventive measures one could take against Influenza A (H1N1), according to an eminent practitioner of complimentary therapy.” I mean seriously – WTF?! It goes further:

Dr. V. M. Palaniappan said that such activities caused the body to develop friction heat which in turn, produced acid and made the body hyperacidised.

“Thus, the body becomes an easy target for H1N1 infection,” he told Bernama, emphasising however, that normal sexual union between members of the opposite sex was absolutely safe.

Obviously, everyone is entitled to their personal opinions as long as they keep them personal. However, once they are trying to pass it off as their professional opinions, that is another matter entirely. According to the article, Dr Palaniappan used to be an associate professor at UM in Ecology. Yes, read that. The dear doctor is an expert in the field of ecology trying to pass off medical/health advice. Let us hope that the dear doctor was merely misquoted and the article sensationalised.

There are already plenty of reasons why our country is a laughing stock in this world. Let us not try to add more to them.

I just read about over-the-air (OTA) upgrades for Google Android smartphones from Motorola. Personally, I am divided about this issue as it has serious security ramifications. At present, practically nobody upgrades their phone software, which is only fine as long as we use them as dumb devices. However, with the increasing convergence and intelligence put onto these devices, security becomes a primary issue. You can be sure that the next frontier of virii and malware will be the mobile phones.

Therefore, OTA upgrades seem like a genuinely good idea on the surface. Few users would need to be troubled with manually upgrading their phone software when in fact, few users would ever know how to. Upgrades would be sent through the wireless networks and applied by the service providers. However, this is open to abuse on so many levels. I do hope that the implementation takes several things into account.

Tamper Proofing
The upgrade packages must all be secured from tampering. Merely using a hash function may not be sufficient as already clearly demonstrated by the breaking of several popular hash algorithms. A hijacker is capable of injecting malicious code into an existing upgrade package and still have it correctly verified against the same signature as the original package. I hope that the folks implementing this system do not use signatures as a form of security.

Authentication
All packages need to be authenticated against its source. The best way to achieve this is to use asymmetric ciphers with public keys. However, this would require each phone to have its own unique key generated. What this means is that costs will increase, whether in terms of storage costs and also in terms of transmission costs. Upgrade packages would need to be transmitted to the users one at a time, with different encryption keys.

Randomiser
We want to avoid another Debian debacle. So, phones should come equipped with good entropy engines. Some people may think that a phone is a great way to collect entropy. For example, simply moving from signal tower to signal tower could be used to feed the entropy engine. I honestly hope that they don’t try doing this because people rarely move randomly. We tend to move periodically from one place to another in a pattern.

Personally I don’t see this OTA upgrade technology as justified.

From a security stand-point, this just opens up the mobile phone for remote hijacking. Some enterprising person somewhere will figure out a way to hijack the OTA upgrades and inject malicious code into the phones remotely. This will make bot-nets look decidedly benign. From a personal perspective, I see it as a means to control the user and their phones. Carriers would now have the ability to use a remote ‘kill-switch’ on any mobile phone if this OTA upgrade feature is adopted. From an business perspective, it does not make sense to deploy this either. Consumers these days change their phones so often that these sort of upgrades are moot anyway as the user is going to get a new phone with the new firmware.

Beware the OTA upgrade.

Regardless of what anyone else says, I found the latest Joe film to be fairly entertaining. There was plenty of action throughout with plenty of CGI to help. The film script was set using the altogether familiar formula for almost every other war and action movie made in the last few decades. It was cheesy but it was also a nice reminder of how simple things were when I was a child. I loved the toys that they had featured in the film.

Although I do have to agree with what some Internet critics found out about the show, there really isn’t anything particularly memorable about the film. In fact, I am struggling to actually find something nice or special to mention about the viewing. However, the film still left me with a good feeling at the end. Obviously, this is the first of a bunch of sequels but it is definitely not as anti-climatic as Harry Potter was. At the very least, this film had a proper intro, body and conclusion.

This is just dumb and stoopid to the highest order. While it is understandable that our Information and Communications Minister has little knowledge of the inner workings of the Internet, I cannot fathom the fact that none of the people working in the ministry has any brains either. You just cannot censor the Internet. It is a technical improbability. Countries greater than ours have tried and failed. Technologies made for it have come and gone. I just do not understand how someone in the ministry can even think of applying Internet controls in Malaysia.

The only way someone can censor the Internet is to cut the wires off entirely, which would be far more detrimental than having a bad Internet in place. Actually, they would need to cut off the wireless as well, which would be completely impossible short of stepping back to the stone-age. You can be sure that if our government pushes to have the Internet censored in Malaysia, there will be a complete backlash. Any website that the government tries to shut down will just gain in infamy and become instant hits. Our Malaysian Internet users are far more educated in workarounds than most people can imagine. We have grown up in an environment where ‘work around’ is a daily familiarity.

As other experts have asserted, the government would benefit far more by spending the money on Internet education instead. Have the students in schools learn about the bad stuff on the Internet and how to avoid it. In fact, I would stress that this would benefit everyone, not just the government. Our people could become the most savvy Internet users in the world, with the inert ability to avoid phishing, avoid trojans, avoid Nigerian scams and avoid every other kind of Internet malcontent imaginable.

Now, that would be a plan that everyone could agree upon.

On the other hand, maybe this is a good thing. Any sort of user-level censorship that they choose to implement will most definitely be Windows based. It might just spur the adoption of Linux and open source software. Okay, maybe it is not such a bad thing after all!