Nota Bene

In the end, my round-the-world tour turned out to be reasonably zig-ah-zig-ah:

Moscow – Dublin – Abu Dhabi – Canberra & Sydney – Singapore – Austin (via NYC and Dulles) – Riyadh – Tokyo/Osaka/Tokyo – and now: home!

The trip turned out to be a high-pressure one, with a tight schedule to fit all the work in and little time for chilled sightseeing. To be honest, it took a lot out of me. I’m real tired. Dog tired. Totally beat, burned out, wasted, done for, dead on the feet, whacked, fried, frazzled, KO’d, ruined… Walking to the gate at Narita airport in Tokyo, I nearly fell asleep while standing on the horizontal escalator thingie :).

Notes:

Out of the array of programs and films on offer on the screen in the back of the seat in front of me, I often opt for the flight route map. It’s a bit like cricket. Not much happens, what does happen occurs at a snail’s pace, but if you’re one for taking it real easy all day it’s the one to go for!

Aerial cricket

Read on: some like it hot!…

“A melancholy time, so pleasing to the eye.”

            – Alexander Pushkin, Autumn, 1833

That excerpt of poetry comes to mind every time I look at a multicolored bit of autumnal scenery, which I did quite a bit of just recently over in the Land of the Rising Sun.

I’ve lost count of the number of times I’ve been to Japan. 15-20? 20-25? Something like that. The first time was back in 2004 for the AVAR conference, and the trips have just got more and more frequent ever since – now up to three times a year. Can’t complain of course – Japan is one of my fave countries in the world, if not the fave. However, I’d only ever been to Japan in the spring, summer and winter. Never fall. But the ‘best’ two seasons in Japan are spring (for the cherry trees blossoming) and fall (for the autumn leaves dropping to the ground). So (finally!) I’ve made it to the country in November – to take in the lush Japanese landscapes of shades of yellow, green and brown!

Read on: Odawara, Kamakura, Hakone, Fuji in November shades…

A few days ago I flew Cathay Pacific from Saudi Arabia’s capital Riyadh, via Abu-Dhabi and Hong Kong and towards Japan. In Abu-Dhabi I realized I was last here just three weeks ago for the Formula-1 Grand Prix! So yes, once again I’ve managed to pull off a round trip right round the globe: Dublin – Abu-Dhabi – Canberra (and Sydney) – Singapore – Austin – Riyadh – Abu-Dhabi. 1 full circumnavigation + 2 equator crossings.

What stuck in the mind during this global marathon?

First off, that Saudi Arabia is a fiercely dry country – in more ways than one. If you drink alcohol there it’s multiple lashings with a stick, plus a fine, plus jail time for you. But you’ll have a job boozing there anyway – we found absolutely ZERO liquids on offer stronger than coffee or yoghurt. Even in the Ritz-Carlton.

Curiously, no matter what airline, up above Saudi Arabia in its airspace there’s also no liquor getting poured either! Not even a wee dram! Flying in on Saudi Arabian Airlines – well, we kinda expected that. But flying out on Cathay – we had to wait eons for our glass of shampers until we reached UAE airspace! Not that I was desperate for a drink or anything, of course (cough), but a little sharpener would have been nice.

Here I want to mention one other idiosyncrasy of round-the-world multi-stop plane trips.

They come in two flavors: ‘western’ (following the sun), and ‘eastern’ (towards the sun).

Western round-the-worlds are much simpler and pleasanter than eastern. You fly into the ‘minus time zone’, so accordingly sleep needs to come later (better – a lot later), and so in the morning you wake up also later. So, if flying from Moscow to, say, Boston, then at nine in the evening local Boston time, in Moscow – i.e., as per your biological clock – it’s 6am of the following day – already long past bedtime! So getting off to sleep at the impossibly early hour of 9pm in Boston is a doddle, as really it’s 6am for you. The only slight problem with this is you often find yourself waking up VERY early next morning (local time) – like 4am early. (How many times have I been Stateside and been queuing at the ‘Please wait here to be seated’ sign for breakfast at 6am sharp after strutting the lobby and environs for hours already!)

On the other hand, with eastern round-the-worlds everything is just the opposite. Jetlag is always a lot trickier to deal with. You desperately want to sleep all the time, but actually getting to sleep without a little medicinal assistance is all but impossible. Totally zombified! To conquer this condition there’s just one option – to try get your head down in the daytime and sleep for some 12 hours. Better 14 hours. But, alas, it doesn’t always work out: either your bodyclock simply refuses outright (hint: melatonin), or a packed schedule or large doses of extreme hospitality on the part of super nice hosts gets in the way!

Well, that’s your lot for today folks. I’m off for some much needed kip. Night night, sweet dreams, and sleep well!

But for those who can’t sleep – a brain teaser for you:

100 kilograms of cucumbers are made up of 99% water. After shrinking, there remains 98% water. What’s the mass of the cucumbers after shrinking?

Hi all!

As many of you know, I do quite a lot of traveling. So much so I have to be real careful not to go over the 183 days abroad in a year to forfeit my onshore tax status!

And since it’s quite well known I’m a bit of a Marco Polo by a lot of the people I tend to meet on my extended business trips, often one of the first things they ask me is where I’ve been lately.

So I decided to put together a list of all the really interesting places I’ve been lucky enough to visit around the world.

Once completed however, my first draft list seemed a little… underwhelming somehow, and also totaled some odd number like 57 or 73 – I can’t recall now. So I decided to add more places to it – more essential sights to be seen sooner or later, which handily brought the list total to the nice round number of 100!

So here’s that list – The Top-100 Must-See Places in the World, as compiled by me. I hope you like it, and that you’ll be able to visit as many of the places on it as possible!

Bon voyage folks!

Woo-hoo! One more torpedo released by the cyber-delinquents against Microsoft Office has been thwarted by our cunningly tenacious cyber-protection.

Recently a new but fairly common-or-garden attack was discovered: When opening Word documents malicious code was unnoticeably injected into the computer. This wouldn’t have made it into the headlines but for one circumstance: this was a zero-day attack, i.e., one that used a previously unknown vulnerability in MS Office for which there weren’t any remedying patches, and which most antiviruses let slip through their nets. You guessed it – our AV grabbed it with its tightly thatched net in one fell swoop!

What happened was our Automatic Exploit Prevention (AEP) technology detected anomalous behavior and proactively blocked the corresponding attacks. No updates, no waiting, no messing. Zapped immediately.

Zero-days represent a real serious threat these days.

They need to be tackled head on with full force. However, many AVs are fairly useless against the future risk zero-days pose, as they work based mostly on signatures, with ‘protection from future threats’ only ‘provided’ on paper/the box (albeit very pretty paper/a very glossy box:). But of course! After all, genuine – effective! – protection from future threats requires whopping doses of both brain power and development resources. Not every vendor has the former, while even if a vendor has the latter – that doesn’t always clinch it. And this is sooooo not copyable tech we’re talking here…

Unlike what Buddha and new-agers say is a good idea for individuals, we’ve always believed that in IT security you can’t live for today – in the moment. IT Security needs to constantly look to the future and foresee what will be going on in the minds of the cyber-felons – before events occur. A bit like in Minority Report. That’s why ‘proactive’ was on our agenda as far back as the early 90s – back then we cut a dash from the rest of the IT Sec crowd by, among other things, developing heuristics and our emulator. Forward thinking runs in KL blood!

Since then the tech was reinvented, fine-tuned and souped-up, and then around two and a half years ago all the features for protection from exploitation of known and unknown vulnerabilities were all brought together under the umbrella of AEP. And just in time too. For with its help we’ve been able to proactively uncover a whole hodge-podge of targeted attacks, including Red October, MiniDuke and Icefog.

Then came a sudden surge of unhealthy interest in Oracle’s Java, but AEP was ready once again: it did its stuff in combatting all the unhealthiness. Leading AEP into battle was its Java2SW module – specially designed for detecting attacks via Java.

And it’s this module I’ll be telling you about here in the rest of this post.

The software landscape inside a typical computer is a bit like a very old patchwork quilt: loads of patches and as many holes! Vulnerabilities are regularly found in software (and the more popular the product, the more are found and more frequently) and the companies that make the software need to secure them by releasing patches…

…But No. 1: Software developers don’t release patches straight away; some sit on their hands for months!

But No. 2: Most users forget, or simply don’t care, about installing patches, and continue to work with holey software.

However No. 1: The vast majority of computers in the world have antivirus software installed!

So what’s to be done? Simple: Get Java2SW onto the stage. Why? Because it kills two birds with one stone in the Java domain.

Overall, from the standpoint of security Java architecture is rather advanced. Each program is executed in an isolated environment (JVM – Java Virtual Machine), under the supervision of a Security Manager. However, alas, Java became the victim of its own popularity – no matter how well protected the system was, soon enough (in direct proportion to its popularity) vulnerabilities were found. Vulnerabilities are always found sooner or later, and every software vendor needs to be prepared for that, in particular (i) by timely developing protective technologies, (ii) by being real quick in terms of reaction times, and (iii) by informing users how important updating with patches is.

Thing is, with regard to Java, Oracle didn’t make a great job of the just-mentioned prep. In fact they did such shoddy job of it that users en masse started to delete Java from their browsers – no matter how more cumbersome it made opening certain websites.

Judge for yourself: The number of vulnerabilities found in Java in 2010 – 52; in 2011 – 59; in 2012 – 60; in 2013 – 180 (and the year isn’t over yet)! While the number of attacks via vulnerabilities in Java grew in a similarly worrisome way:

Read on: So what’s so great about Java2SW?…

Formula 1 invaded Austin recently, occupying the territory for a whole two days until it made its retreat on the third. All the roads downtown were closed and turned into huge walkways for the thousands of soldiers F1 fans that came from afar. Not only were the roads closed but all the restaurants were as good as closed too – too full to take any diners who hadn’t booked weeks in advance. We passed the city’s Ugly Coyote bar and it was really getting wild in there – with punters dancing on the bar and other such boozy boogieness.

Alas, the energy and (over)drive downtown in the evenings didn’t quite spread to the racing track during the day – that is, for Ferrari. No changes to who’s leading, and the same non-red drivers up on the podium wasting the champagne. Grumble.

Scuderia have all their hopes pinned on their new mega-super racing car that’ll be used next season, which, combined with the world’s best drivers, is expected to tear up the competition. So we wait for next year. Patiently. Grrr!

A few pix from the event:

Read on: I’m off to Ugly Coyote…

Hurray! One of my long held dreams has come true! To fly Singapore to New York – the longest commercial flight route in the world (almost), and probably the all-time longest in the history of commercial civil aviation. The flight takes from around 18 to more than 20 hours (depending on the wind). No stops, one fuel tank, 16,000 kilometers. Strewth!

JFK EWR – thank goodness

// I wrote ‘(almost)’ above… Actually, the longest flight route in the world is the one that goes in the opposite direction – from New York to Singapore. It’s 15 minutes longer, as the wind tends to be kinder in that direction.

Read on: So what on earth to do during all that time?…

Who are these folks? Maybe the color of (most of) the ties should give you a clue…

And I was trying to blend in…

…For most of you they’ll never have anything to do with you, and you’ll have nothing to do with them. You hope.

But for those who make up the Internet minority who steal money from online banks, clog up e-mail with spam, hack websites, produce credit cards with stolen numbers, etc. – maybe they should take note of this modest crowd. Because these here suits and ties have a particular, burning… obsessive professional interest in that same Internet minority.

Read on: so, who are these people?…

I think Canberra has to be the most unusual capital in the world.

Capitals are normally grand old cities (well, besides Washington, Brasilia, and a few other such exceptions to the rule), with pompous historical centers, town halls, royal residences, mayor’s offices, large central squares, bronze horsemen, pigeons galore, paving stones galore; crowds of locals plus plenty of tourists with their cameras a-clicking. Plus the central railroad station. Plus traffic jams.

In Canberra it’s all just the opposite. It’s a small city of nearly 370,000. Very cozy, very green. In the middle instead of a square there’s a lake. It’s also a very young city – just 100 years old or thereabouts. There are no traffic jams! At all! Ever! From parliament to any ministry it’s just a five or ten minute drive. Parking space-wise there are also no probs at all. There are never that many folks about, civil servants are rarely to be seen on the streets in the center (in the university district it’s a little more lively – pubs and cafes, but not that many). Up above of course there’s the bright, hot Oz sun.

Rush hour

Read on: finally 404!…

How time flies. Though we sponsor Ferrari’s F1 team, I haven’t made it to a single Grand Prix race this year – and it’s November already! 2013? Where did that go?…

Anyway, better late than never – here we are, at the 17^th 2013 Grand Prix in Abu Dhabi, capital of the United Arab Emirates.

Sooo, Abu Dhabi… what can I say? One word – a surname – sums it up best: Vettel. This man is just…irrepressible. An exceptionally skillful driver. A skillfully exceptional car. They must add Red Bull to the gas or something… But no – the real secret weapon car-wise is this unassuming fella. Jeeez, what a fearsome combo… these two on energy drinks. So fearsome of late that the red meat isn’t letting anyone else have a look in. Black horses in yellow fields included.

Alonso for the umpteenth time already started from somewhere in the middle, but then incredibly forced his way through to up near the front. This time he was fifth to pass the checkered flag. His leaving the second pitstop – have a watch on YouTube; clearly more than a little vexed was he…

Qualifying – the view from the garage

Read on: fitting-up, start, fight!…