Well, I survived until the weekend. And what a week it's been! Since I'm far too tired to write up everything in pretty little paragraphical form, here's a nice bullet-point list of the highlights of the week.

Catsy's Week's Highlights - School stuff

• Handed in three assignments. Yay. Page total: 74 pages.
• Got a bunch of grades back for this term. So far so good. If I can keep this up, I may not have to go to grad school at Joe's University after all.
• Catsy's office is closed for business. The 5th floor lounge that I'd been happily using as a pseudo-office and that had recently been taken over by undergrads, is now grad-only.
• I figured out how to submit grades as one of the TAs for one of my courses. Of course, I ain't goin' near that with a ten foot pole.

Catsy's Week's Highlights - Work Stuff

• CitLab's been investigating DDOS attacks against a Kyrgyz ISP that hosts political party websites, etc. A group calling themselves "Shadow Team" is claiming responsibility for the attacks.
• *smirk* "Shadow Team". *smirk*
• Something is wrong with the coffee machine at work! I can barely drink the stuff that it's producing.

Catsy's Week's Highlights - Who? Lil' ol' me?

• I was invited to a meeting between the police community and the ISP communities in Ontario to "examine technical solutions to child exploitation on the internet" and to look at policy, etc. Unfortunately, I'll be giving a talk at PyCon so won't be able to make it.
• I was invited to give a talk in Texas about interface usability, but they want me to cover my own expenses and ewwwwwww Texas!! Besides, since when am I a usability expert?

Catsy's Week's Highlights - Miscellaneous

• I am now the proud owner of a stuffed sheep named Sheepy ().
• There's a new Google weather service, but it's not available for Canada yet. I love it anyway.
• Someone random jerk stole my gloves right out from my bag and ran. Dammit! Good thing he didn't take the iBook or iPod, also right in the bag.

I'm Catsy. All this and more, tonight on 60 minutes. Tick tick tick tick tick...

Way, way back, many centuries ago, residence decided not to take me back for a second year and I was forced to battle my way through the wilderness in search of an apartment. Fortunately, back in this historical time, there existed a Mud who did all the searching for me whilst I was overseas. And she, miraculously, was able to find a perfect place: bright coloured walls, a huge deck, expansive kitchen, living room with floor-to-ceiling windows, an enormous attic, right next to a grocery store, and flourishing location complete with half a dozen amazing brunch spots.

But that time is no more. As Mud approaches graduation and plans to travel the world, it may be time for me to begin to look elsewhere for living arrangements.

There seem to be five options:

1. Continue to live here. Find roommate. - On the plus side, there are a minimal number of changes for me. And change is bad. On the down side, I don't like people. Especially you. Maybe I could start charging Mota rent, and she could live in Mud's room...
2. Find a single apt somewhere else. - On the plus side, I could maybe even move closer to campus. On the down side, I love this place and hate the idea of giving it up. I lose close brunches to fLufFy and CPwr. I also have to move all my shit for just one year, then move it again to wherever I go for my masters. Then move it again for my PhD. Ugh. Just thinking about all that moving gives me a headache.
3. Move back in with my parents. - Hahahahahahahahahahahaha. No.
4. Don't live anywhere. - I could sleep in Bahen, shower at Hart House, and use the grad kitchen to make food. On the plus side, I'd save a whole lot in rent money, and would always be close to campus. I can't think of a down side...
5. Drop out of school and go live on the west coast doing idle contract work to pay the rent - Degrees are for wusses. Enough delaying of life. Let's get straight to the good stuff!

Stupid "change". And it's stupid....changing.....of things. I hate changing things.

The perfect start to a Monday morning:

Wake up at 3:45 am unable to sleep because your brain is too busy trying to program your Nevow code in your sleep.

Toss and turn for half an hour.

At 4:15 am, roll over and bang on your laptop keyboard for a few hours, giving the illusion of surfing the internet, but not requiring any actual information processing.

At 8 am, turn on the hackers soundtrack and go on to #joiito where the conversation oddly becomes about Catspaw: destroyer of toroids, and other useless topics that are chuckle-worthy.

At 8:30 am, get up, still exhausted, and get ready to go to work and school. Try not to step on the cat.

On the way to campus, I'm gonna buy a bagel and a coffee and this morning had better take a turn for the better.

I got an e-mail this evening from someone who wanted to know if I could arrange a deal with his organization whereby I try to break into their servers and then explain how I did it so that they could learn where their weak points are. He asked for his organization to remain anonymous, but it's certainly not Joe's Corner Store Webpage....think bigger fish. But since people get all twitchy about this sort of thing, I'll respect their request for discretion. It's not relevant to this rant, anyway.

This certainly isn't the first time I've been asked to do something like this, and although I almost always agree to it (because it's usually a fun challenge) I think that I'm going to start a new policy of saying no. There are three reasons for this, and I think that all of them are important.

#3) Being a whitehat hacker is like wearing a 'kick me' sign. It seems like a good idea in theory. It always seems like a good idea in theory. Over the years I've played whitehat to a number of people who have asked for help, and the result has ranged from thankless frowns to threatening a law suit. Just last month I disclosed a vulnerability and got slapped on the wrist for having found it in the first place. It's amazing how much incentive that can be to stop all future disclosures. Getting security right can be a whole lot of work, usually a lot more work than breaking security. And the last thing that most people want is for some arrogant kid to come by and knock it all down. Even when they ask for someone to try.

#2) Preservation of the myth that hacking is magic. Contrary to popular belief, I can't just wave my hand at a computer and have its security disintegrate. There are strategies and limitations and patterns. The best way to secure your system isn't to hire a magician-hacker to conjure up a magic spell and then teach you the counter spell. The best way to secure your system is to learn these strategies and limitations and patterns. Don't hire a hacker to break in, hire a Nart to teach you about breaking in. (Nart gives an awesome presentation on how to break into a server. Those who haven't heard it before should pay him big money to give it to their organization or department.) It's not magic.

#1) My inability does not imply everyone else's inability. I think that this point is especially important when you're asked to try to break into a system which is safety critical. If you succeed, then yay, you found a vulnerability and they can patch it. More likely, however, you won't succeed. What conclusions they draw from your failure is the important part to this point. Just because you couldn't break in doesn't mean that the system is secure! All too often I think that this false conclusion is made despite my warnings against it. I'm good at spotting vulnerabilities. But no one is good at spotting all vulnerabilities. Failing to spot a problem can incorrectly lull them into feeling invulnerable.

The last point I think is the most important one. I don't want to be responsible for making someone feel more confident than they should. Because then I'll feel guilty if anything happens to them in the future. I already have enough shit to worry about, I don't need to add hundreds of servers' safety to that list. And this is why I can't be your hacker for hire.

I finally got a chance to use the Mac Accessibility features for real. I was at the eye doctors for a routine checkup which included those make-you-look-like-you're-possessed eyedrops. Those of you who frequent eye doctors will know the ones that I'm talking about, but for the sake of everyone else, let me briefly explain. They give you eye drops which make your pupils expand to their maximum size, basically overtaking the colour of your eye. This leaves you vision impaired for several hours. You can't read anything because it's impossible to focus on anything smaller than about three or four inches tall, and bright light seriously hurts to look at.

This would normally make it impossible to do much of anything, nevermind type. But guess what I'm doing right now? Typing this entry. That's cuz I'm using Mac's Accessibility features. The zoom feature has made it so that each letter is about four inches tall (I can see about three words on my screen at any given time) and the feature follows my cursor whenever I type. I'm also using the Accessibility feature that inverts the colour on my laptop so that almost everything is black, with the text being white. This is a whole lot easier on my pupil-dilated eyes. With these two features, I'm actually able to get some work done on my laptop, despite being otherwise disabled.

But on the walk from the doctor's office to the subway, I reallllly could have used my 318 group's orientation and mobility device for the visually impaired. The sun was too bright for me to keep my eyes open, and I stumbled around blindly, hoping that I'd notice if I took a step off a curb.

Accessibility aside, my mac may just look cooler with inverted colours. I may try keeping it this way for a bit and see how long it takes before it drives me nuts. I can't wait until the eyedrops wear off enough for me to switch off of the huge zoom, though. It's hard to program when you can only see a handful of words at a time. And the guy behind me on the subway is giving me weird looks. Jerk.

How Many Courses I've Taken Per Dept

Here's a happy little pie chart on the left of how I've academically spent the first four years of my undergrad degree. It's a lot heavier on the computer science than it used to be. Add in the math, physics and stats, and you've got just far too much number crunching and not nearly enough drama class.

Ugh. This chart makes me look so boring that I can barely stand being me!

And, of course, the irony that I made a chart to display this data is not lost on me.

Because I like to make lists, I made a little list of the number one most important fact that I retained from my encounter with each of these departments. Note that the more classes I took in that department, the more courses' worth of information I had to choose from, but I think I've narrowed each department down to its core importance. Here we go!

Computer Science: Data is computation.
Math:: ∀ε>0 ∃δ>0 st 0 < | x - a | < δ => |f(x) - L| < ε. Or something.
Cognitive Science: Is splang an english word? Did you check every word that you know? Then how can you say "no" so quickly?
Near Middle Eastern Civilizations: There are a whole damn lot of trees in Mesopotamia. I think I saw slides of all of them.
Physics: The cat is both alive and dead. The particle is both moving and not. And due to grade curves, you are both passing and failing this course.
Linguistics: Bilabial, Labiodental, Dental, Alveolar, Alveopalatal, Palatal Uvular, Velar...
Political Science: 75% of kids who take polisci need to be whapped upside the head a few times.
English: Juanita and YT are the human face on the same coin upon which Hiro is the computer face.
Statistics: Always switch doors. It doesn't matter what the question is, or if it even has anything to do with choosing a door. Switch doors.
Philosophy: DeMorgan's Law can solve anything. It could probably solve world hunger if you gave it a chance.
Psychology: We are epistemically bound: if the mind were simple enough for us to understand it, we'd be too stupid to understand it.

There now. See? I've learned stuff. Do I really have to stay another year?

One of my new favourite flickr tags is whatsinyourbag: a survey of the contents of various flickr users' bags. It's like girly window shopping for the new generation. "Hmm, what do I want to buy for myself? Let's see what everyone else owns and judge based on that." By the way, flickr is a way to organize and share photos on the web, using keywords to index things like del.icio.us for photos.

Anyway, since I don't have a digital camera (something for which all of you who know me in real life should be extremely grateful, as I have a tendency to document everything) so I'll have to inventory my current bag contents using old fashioned 2004-style text.

• iPod mini (gold)
• iBook
• iBook recharger
• Keys (two from work, two from home and an old bike lock key)
• Photon-3 blue light (from thinkgeek)
• Debit card and student card (all other cards live at home)
• 2 sets of headphones (I dunno why I carry around two)
• large purple coffee mug (a few pennies off Starbucks if you bring your own)
• notebook (I have one for M/W/F classes and one for T/R classes)
• three pens (one green, one blue, one pink, always)

Let's see how I compare with the average flickr bag. Mac laptop: check. iPod: check. Novel/book: nope. I've been too busy recently to carry around one of these. Cellphone: nope. Psh, who needs a cellphone when you have IM? Camera: nope. Swiss army knife: nope. I keep one of these at home. Change: nope. I empty all my change into a big container every evening and then every so often get it converted into dollar bills.

Apparently I'm also not cool because I don't have stickers on my iBook, which, apparently, everyone who is cool seems to have. iBook stickers are such a vital decision though: they define exactly who you are. I'm not sure if I'm ready to make any such sort of commitment to a single entity or cause. Any sticker suggestions?

If you're unable to take a day off when you're sick, your life is unhealthily busy.

Therefore, by conditional elimination, my life is unhealthily busy.

I'm lying in bed, programming and writing documentation between sneeze fits. I can't stay home tomorrow because I have like a gazillion items on my todo list. So instead I'll spend tomorrow counting how many people I can infect with this cold .

It would be nice to, instead, spend the day in bed, with a large bowl of soup and some crackers, dozing off and on while watching TV.

Maybe I'll just pretend that my CSC407 class is my bed, that my coffee mug is a bowl of soup, and that Paul (the instructor) is on TV. Then it could feel like I'm staying at home and getting better and I can be on campus and getting work done. Perfect! It's a plan that can't fail!

Aaaachoo.

Last night Google unveiled Google X. A pretty little rollover OSX-looking dock thing. For some reason I can't figure out, they have now removed that page.

Anyway, it looked cool enough to me that I decided to write some instructions on how to create your own Google X toolbar on your own website. Cuz the world needs more hotness.

How to create your own OSX rollover DHTML toolbar.

There's a sample there that you can try out. Lemme know if anyone does anything interesting with it.

Things that bugged me today:

• I had to implement the Singleton pattern approximately nine thousand times. And only I found that funny.
• Walls. And how I can't walk through them.
• It takes a full hour to roast garlic. You know what I need? A blowtorch.
• When push really comes to shove, I'm still just another undergrad. sigh.
• ints vs Integers. This is like...the worst idea...ever.
• When I'm laughing too hard to stand up straight, chances are good that I'll spill coffee all over myself. I guess this is because chances are good that I'll be carrying a coffee. That part (the carrying of coffee) doesn't bug me. But the spilling part does. I wasted like half a cup of coffee.

I need a holiday. ...and a billion dollars. ...and another cup of coffee.

The days have begun to meld together. I'm not sure how many meals I'm having (maybe five, maybe none) and I'm not sure whether I'm getting a lot of sleep or not enough. When my eyes open in the morning I have no idea what day it is. Wake, work, sleep. Only one or two scattered activities in the day separate one from the next. Is it the weekend or a weekday? I have to keep opening iCal to check.

I've gotta draw this class diagram. Gotta finish that book chapter. Have to write up that interview. Sequence diagrams in two courses. I have to describe my choice for packages. Gotta debug this Python script. Wrestle with ravens and writing desks. Phone the CNIB again and try to get volunteers for our user testing. I know somewhere in here I'm supposed to be writing up a PyCon presentation but I'm having trouble remembering what I wanted to say. Context switch and make more coffee.

The CD in my laptop finishes the last note of the last song and starts to repeat again. Did I start listening to it today or was it yesterday?

It's cold so I crawl into bed to try to get warm and will probably fall asleep. I'm not worried about any of the deadlines ahead, but I can't tell if it's because I'm confident or because worrying takes precious time that I don't have. Either way, I don't notice any pressure. Everything has just become mechanical now.

When I close my eyes I see UML and python parsing scripts and flash code and the outline of a powerpoint presentation. Unexpectedly, somewhere in the back of my head, I'm feeling damn cocky. If I can handle all of this, certainly I'll be able to handle anything.

The cold sets in, my body shuts down, and sleep takes over. This lifestyle can't be healthy.

I'm sitting in the airport lobby. As always, people watching is more entertaining than the rest of the trip.

• There's two young boys who are arguing in french about whether or not everyone gets a parachute if the plane explodes.
• A girl my age, wearing all very bright pink -- including her shoes -- is about halfway through the book The Shining and laughs out loud every few minutes. Strange, I don't remember that book as being funny.
• A woman is talking very, very loudly on the phone and is saying: "My client? He was found 'not guilty' but he's not innocent. His alibi was stupid. But, y'know, the jury was siding with us because of his family situation."
• And a young couple is making out on chairs in front of me with such enthusiasm that I'm beginning to wonder if they're practicing for an nc-17 movie audition later tonight.

As for me? When I'm not narrating my life on a blog entry, I'm putting together the last few slides for my presentation tomorrow morning. PyCon is at Washington DC which I haven't visited since a high school trip waaaaay back in my youth ;). I'm getting really good at the US customs thing, though. Becoming a pro. All sweet smiles and polite "thank you"s and soon the custom guys are smiling back and telling me that my iBook is "cute" and that they hope I have a great time on my trip.

....And suddenly? BAM!

"Excuse me, miss. Could you come with us please?" I almost laughed. Almost laughed right out loud. Because I never, ever go on a plane ride where everything goes smoothly. So why would I think that I could get a smooth ride when visiting paranoid-nation's capital city?

My bags are taken apart, every bundle of socks unbundled, every inch of my bag examined. Note: they didn't find my iPod which is hidden in the strap of my bag. I found that to be cool. And when my whole trip is laid out on a table, I think back to the "What's In Your Bag" flickr meme and snicker. Of course, the snickering happens when I'm spread-eagle against a white wall with two guys with metal detectors trying to figure out why my shoes are triggering beeps. Probably not the best time to grin.

They pour out the contents of my coffee down a drain (wtf?!), and tell me I'm free to repack my bags. But I'm watched while I do it. This bites. Where's my goddamn coffee? I plan to ask for double the amount on the plane to make up for it. I wonder if that's in their manual. "If the searchee is drinking coffee when detained, pour the coffee down the drain. It could contain canadianess."

Back in the lobby, the kids are still arguing about what happens when the plane explodes. I sure hope I get my cup of coffee before then.

Later, on the flight, I discover that the $120US I had is missing, a bunch of papers from my bag are no longer there, and I no longer have the three pens which are always in my bag. Guess how happy I am. Go on. Guess.

I gave my PyCon talk today. I think it went really well. No one tried to egg me, kill me, or kill someone else and blame it on me, so I guess it went pretty well. ;)

I'm certainly enjoying the rest of the conference as well. Many cool people. Conference photos are available on flickr, including a few of me being swarmed, heh.

w00t PyCon!

My alarm goes off. As I blindly slap it off in the darkness, "why don't raccoons just cut the power in the building and then try to take over the elevator once it's stopped?" is the last thought in my head before my memory of some bizarre dream disappears, and the sigh of Monday morning takes over.

My iCal screams of a million events that have to happen today:

• Call the UofT admissions and awards number
  
• Call the zoo
  
• Reply to about half the e-mails sitting in my Inbox
  
• Walk to campus (grab food on the way)
  
• Print out my 407 assignment, go to class
  
• Meet with my 318 team to choreograph our group presentation tomorrow
  
• Head to CitLab for the first time in like, sigh, two weeks
  
• More class
  
• Meet with my 340 team to work on our group assignment
  
• Put together slides for tomorrow's 104 talk on social engineering
  
• Reply to the other half of e-mails sitting in my Inbox
  
• Sleep.
  

Lather, rinse, repeat. Sometimes I feel like a trained monkey could fill in for my life.