Monday, 4 March 2002

# 11 PM

I just got back from seeing Peter Neumann give a talk about computer security and critical infrastructure. Overall it was a good talk, leaving me with plenty of things to think about, but I have a couple of issues. His basic thesis is that existing computer systems are insecure at all levels, from hardware on up, despite the existence of well-understood methods for secure system design in the research community. This is true. However, at least in the talk, he didn't offer much of an alternative. When pressed (during Q&A) to suggest ways to improve the situation, he would say only that design from the beginning is necessary. Again, this is true. And I can see why he didn't want to get pinned down to offering specific proposals, which might be taken for panacaeas. Still, I would have liked to hear some specific instances where existing software or hardware is intrinsically flawed, and not in the ways that everyone already knows (i.e. buffer overflows).

In particular, the existence of EROS strongly implies that at the hardware level, the only problems are with reliability, not security. Perhaps there are security flaws in EROS which I cannot see, but I doubt it. There are certainly ways to layer insecure code on top of EROS, but that says nothing about EROS itself (unless it turns out that its interfaces make insecure coding easier than secure, but it's too early to say that).

I'm also disappointed that he blew off someone's question about the failure of Multics. Yeah, fear of non-IBM solutions probably had something to do with it. However, I think it's unlikely that Ken Thompson and Dennis Ritchie's criticisms were completely unfounded. In that context, I'm wondering what he thinks of Peter Gabriel's Worse is Better (or is it?) papers. Gabriel himself is not sure.

# 4 PM

In the peculiar dreams department, I found myself wandering around Yerba Buena Island (that's the one in the middle of the Bay Bridge). Everything was polygonal and textured, like in a first-person-shooter game. Also, somehow it was possible to enter the hill that the bridge has to tunnel through, and get right up to the outer framework of the tunnel. Which was not a concrete arch, but a wooden rack carrying dozens and dozens of mailing tubes full of art. Behind the rack there was a nuclear reactor.

Walking home, I encountered Gav and his girlfriend. Except he'd re-dyed his hair yellow and gotten a buzz cut (it's normally blue and shoulder length) and was behaving like "that most terrifying symbol of Order, an attorney", not his usual cheerful artist/engineer self. His girlfriend (whose name I really should remember, but don't) was understandably upset.

# 5:45 AM

There is the most amazing range of junk being sold at the Livermore swap meet. A lot of it is what Todd (one of my co-workers) refers to as "dot-com detritus," i.e. surplus hardware from failed companies. But there's also stall upon stall selling functional vacuum tubes, oscilloscopes, IBM mainframe diagnostic equipment, radio antennas, radio transceivers, stereo equipment, ...

I picked up a car radio for $20; normally goes for about $100. (I'm fairly sure the one in my car right now has lost an amp stage. If it turns out it's the speakers that are busted, I'll feel silly.)

# 3:30 AM

i need a bigger dishrack

Observation: I don't wash dishes until the sink fills up.
Observation: When it does, I wash all the dirty dishes at once.
Observation: More stuff fits in the sink than the drying rack.

The inescapable consequence: dishes wind up precariously stacked on top of each other, or in odd places. Right now, there are four pots upside down on top of the stove, and a cutting board balanced across the horizontal pipes between the faucet and the wall.

Clearly, I need a bigger dishrack. Or maybe I just need to do the damn dishes more often.

(Can anyone think of a single word which means "all the movable stuff that gets dirty in the course of preparing and eating food"? "Dishes" isn't right, but it seems less specialized than "dinnerware" or "pots and pans" or any of the other alternatives that come to mind.)

# 1:30 AM

I am now a member of the Cal Sailing Club, and I got to sail around for about two hours in the San Francisco Bay. This makes me happy. I also bought groceries. This indirectly makes me happy, as now I will have something to eat tomorrow morning.

On the downside, I forgot to buy hot chocolate powder, and I'm so utterly exhausted that I've been unable to do anything but stare at a silly mindless game since. Just now got it together enough to make some tea, which— once the kettle boils—should put me in decent enough shape to wash the dishes and then go to bed. Very early. Like 10 PM.