# Posts from 2017

Dec 4, 2017

## I'm finding London hard

I haven’t posted here in 5 months. That’s when I moved to London, which has been really hard for me. So much change. Not being in York. Not being a student.

Jul 8, 2017

## Day 9: Welcome to Berlin

Yesterday I left Hannover for Berlin on the second-to-last leg of my rail trip across Europe! I can’t believe this trip is nearly over - I fly home from Prague a little before 9pm on Day 12.

Jun 28, 2017

## Day 8: Hannover–Berlin

Yesterday I got to Hannover, Germany. I’m here on the way to Berlin, visiting a more realistic, non-capital-city and yet thoroughly pleasant city. Last night I wandered through much of the Old Town and down to the large Maschsee lake. Today I’m visiting The Royal Gardens of Herrenhausen and hopping back on a Deutsche Bahn ICE train to Berlin.

Jun 27, 2017

## Day 7: Amsterdam–Hannover

Previous days have been written in retrospective, as there’s been much to do and by some bizarre bad luck I managed to go away without a pen! Today however I’m able to write from trains, and between yesterday evening and today I’ve caught right up!

Jun 26, 2017

## Day 6: Seeing more of Amsterdam

On Day 5 I saw the Tulip Museum and Body Worlds, had pancakes, rode the tram and wandered a bit. For a few hours I’d considered staying an extra day in Amsterdam, spending most of it sunbathing in Vondelpark, and skipping Hannover. But then the 30°C weather broke and that option became relatively less appealing. Thus today is my last day here, and I wanted to round it out by learning a bit more about Amsterdam itself.

Jun 25, 2017

## Day 5: Amsterdam in tulips, pancakes & bodies

Content Warning: dissected human bodies at Body Worlds (not icky.)

Amsterdam really is full of bicycles. It’s remarkably prevalent and cyclists are remarkably confident in their right-of-way. As a cyclist myself it’s really quite stunning to watch. Sadly only watch: I tripped and grazed my hands exactly where you hold handlebars. The segregated red bicycle lanes are sometimes very clear as a pedestrian - and sometimes not.

Jun 24, 2017

## Day 4: Paris–Amsterdam

As I write this it is Day 6 and quite appropriately I’m sitting by 6 fountains in Amsterdam’s Vondelpark.

Jun 21, 2017

## Day 2: Walking Paris

The first city in my big rail trip has been Paris. I’ve been here before with family, but my memories were limited to a hawker at the Eiffel Tower and getting my shoelace stuck in an escalator at the Disneyland Paris train station.

Jun 18, 2017

## Day 1: Wakefield–London–Paris

Today is the first leg of my big rail trip. We’re taking two trains, the first from Wakefield (in Yorkshire) down to London and the second across to Paris.

Jun 17, 2017

## Paris–Amsterdam–Hannover–Berlin–Prague

In New Horizons last month I talked about submitting my dissertation and planning what came next. I’m excited and a little nervous to have settled my next steps (see upcoming posts), and I’m starting with two weeks travelling Europe by train.

May 16, 2017

## New horizons

I handed in my dissertation two weeks ago. There’s a few things to finish up but the major things I’ve wanted to deliver this year - a cryptanalysis report, an evolutionary computing experiment, my video processing dissertation - are all done. So from my perspective I’m pretty much done and awaiting Graduation come July!

The Masters year was exhausting and I’m a little burned out, so I’m hoping not to rush into anything. I’ve wanted to go travelling in Europe for a few years now but kept finding interesting internships instead. Now between University and what-comes-after I have a natural gap.

May 15, 2017

## Simulating miniature cities with Tilewater

Tilewater is a little sandbox game I’ve built in Rust. It’s a sandbox game, where you place roads and buildings and simulated people (sims) live out their lives in the world you’ve built.

Sims arrive by train, move into their houses, visit general stores for their groceries, visit saloons to drink and find work, and then work in factories. Play the video to see it in action:

May 14, 2017

## WannaCrypt and Government IT

WannaCrypt is the malware whose remarkable spread from mass emails to leaping across vulnerable SMB servers has led to major problems for many organisations in the last few days - in particular the NHS. Much has been written about its spread and MalwareTech’s heroic but accidental halting of its spread.

The British prime minister, Theresa May, and NHS Digital said they were not aware of any evidence that patient records had been compromised in the attack. May said: “This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.”

This would seem to be true. WannaCrypt did not exfiltrate data from SMB shares, merely encrypting it. But this is only true because its motivation was extorting BitCoins. A more strategic attacker could have infiltrated at least as deeply, accessing systems that deal with highly-confidential patient data. This could be used for information, influence, or as a weapon.

Apr 5, 2017

## Prototyping an encrypted filesystem with FUSE

Today I’ve been at a mini-hackday in Liverpool, part of the National Conference for Learning and Teaching in Cyber Security. Day 1 has some cybersecurity competitions, and a team of 3 of us participated in the Software Development stream.

I’ve been to a lot of hackdays—between 16 and 20 I won prizes in at least six of them. I picked up a minimal-product/prototyping mindset, but it was hard to keep going afterwards. Over time my enthusiasm waned. The time limits, intensity and limited feedback hindered stretching my boundaries.

This competition seemed quite interesting because writing Cryptography-related software is hard. It’s hard to start off in the right direction, and easy to screw up later on. As such having professional feedback on an interesting day of work sounded great.

So, our task was to build encrypted local partitions. We had to build a system which stored encrypted keys on USB keys. Inserting such a USB key automatically prompted users to authenticate for a particular key. The encrypted volume was then to be used as a virtual drive.

Mar 31, 2017

## Brexit

On Tuesday night I tried to tweet some thoughts about Brexit:

Mar 28, 2017

## Designing a better home for writing, part 1

This blog experienced a lull from 2014-07-07 to 2017-02-27, some 966 days. A lot happened in that timespan - I went through a long period of therapy, spent awhile reverse-engineering Dig data from dead ESRI databases in an Archaeology department, and got into everything from Swing Dancing to Python.

What didn’t change was that the old design, well, sucked. I don’t mean that it was the worst thing ever, but it was underwhelming as a place to write. So I’m going to talk through the redesign process.

Mar 14, 2017

## Resuming writing

In the last month I’ve had two articles printed in the student newspaper, Nouse. Over the last year I've been collecting data on student union election candidates, and it was fantastic to pull the findings together.

Mar 13, 2017

## Security Risk Assessments of Semi-Autonomous Vehicles

I’m in my 4th year at York, the Masters year of my MEng Computer Science degree. This term I’ve taken the Topics in Privacy and Security (PSEC) module, which takes a wide technical swath through privacy and security issues. But the assessment is mostly focused on password cracking and doing a security risk assessment for automated road convoys.

We’re assessing how to bring an EU-funded project, SARTRE, to market. The concept, “Safe Road Trains for the Environment,” allows an equipped car to automatically follow ~6m behind a Lead Vehicle. You could sit back and watch a movie—er, do productive work.

Mar 12, 2017

## Cycle helmet saved my noggin

One of my favourite things about York is how bicyclable it is. I grew up in the countryside but somewhere decidedly not safe to cycle from, so it’s a very welcome change. Aside from a couple of minor things it’s worked fine for the last 5 years. On Friday (2017-03-10) I had a bit of an accident.

Mar 7, 2017

Mar 3, 2017

## Recursive Enum expression trees in Rust

I mused about an implementation of expression trees in Rust two days ago. This is to build a Genetic Programming library in Rust - an biologically-inspired approach to finding robust solutions to difficult problems.

As discussed elsewhere I’ve become a keen fan of Rust. This language’s limited generics pose interesting problems for expressing and generating equations as described above.

There are two common ways to represent a tree datastructure:

Mar 2, 2017

## Introduction to Evolutionary Computing

I took an Evolutionary Computation course last semester, EVCO. This is a family of techniques where you simulate evolution to find good solutions to problems. Let’s watch an evolutionary process evolve vehicles that can get through a course:

I’d like to thank Dr Daniel Franks for a great course, enthusiastic teaching and many of the examples here.

Let’s say you want to learn an equation that approximates a function. This is a simple example - one of my evco examples evolves Snake players. We’ll use an evolutionary approach called Genetic Programming, which evolves trees representing expressions.

Mar 1, 2017

## Why we escape spaces against XSS

I’m in my Masters year at the moment, which means I have a lot fewer classes but a lot higher expectations in assignments. I’m also undertaking an MEng project (I’ll write about this sometime.) So I have a lot more unreserved time but a bit more work to do. I’ve been filling one day a week doing security and maintainance work on old ColdFusion web applications.

ColdFusion is an old web technology that Macromedia put out. It’s like you implementated of PHP in HTML tags. For I have been working with it - trying to secure a large number of small webapps built with it in years gone by.

There’s a bit of a problem with securing these legacy apps. They’re a mess, and ColdFusion is insecure by default. Let’s take some typical Ruby erb markup:

Feb 28, 2017

## Generating expression trees in Rust

I’ve been writing a lot of Rust. Since \@Taneb persuaded me to try it the language has grown phenomenally on me. I’ve always shied away from getting too attached to tools and focused more on systems but for the first time since my early Ruby days I’ve become a language fanboy.

While building my Genetic Programming library I needed a convenient way to represent and generate syntax trees. More than anything I wanted users to write a minimum of code. I used an interesting but problematic Recursive Enum approach that’s worth discussing.

enum Equation {
Add(Box<Equation>, Box<Equation>), // l + r
Sub(Box<Equation>, Box<Equation>), // l - r
Mul(Box<Equation>, Box<Equation>), // l × r
Div(Box<Equation>, Box<Equation>), // l ÷ r
Float(f64), // n
}


This is a very neat representation of a syntax tree for basic mathematics. One can express math quite simply:

Feb 27, 2017

## Engineering as slowly as possible

I’ve become a fan of developing, “as slowly as possible.” It’s proven hard to crystallise what feelings this sums up, but I relate it to slow, logical, conscious System Two thinking.

The way you start a project indicates a lot about how it will progress. Something that gets a testsuite early on will probably keep one going; something that is essentially untested is hard to improve. This hill can be climbed over if one is lazy or very disciplined - but sustained effort to undo unforced mistakes is hard.

So making the right decisions at the right time is important. Ideally we should favour sustained velocity over quickly hacking something together and forgetting about it. We should have good craft in order to still move fast: building things well rather than just building them.