mostly useless crap from me

We took Mackenzie to the pediatricians today. She did real well – even the vaccinations she only screamed for a few minutes. 

Here’s a few very recent photos for you!

• The first image is her sitting. By herself. At 3 and 3/4 months.
• The second image is her out on the porch wearing her snazzy new sunnies from Rebecca.
• The third image is her holding her own full bottle and drinking away without that much help. She’s been able to do this for a while, but we’ve not always had the camera to prove it

I’m currently in Colorado Springs doing some training for a customer.

The flight in was long – nearly 12 hours all up from the east coast, all told including delays and running to make my little rubber band plane connection. It takes only another 15 hours to make it to Australia. The puddle jumper was funny – as soon as we had finished climbing out of Denver, the hostie announced we had commenced our descent into Colorado Springs.

It was surprisingly cold. I suppose the wind and snow should have alerted me, but the last time I was here in late August / early September, it was over 30C every day.

I love coming here. Not only do we have a family friend (Hi Michelle! Hi Justine!) who lives here, the scenery includes Pike’s Peak dusted in snow outside my bedroom window every morning. You just can’t beat that.

I don’t think I could live here, though. I’m used to fast paced life, and things move at a leisurely pace, commensurate with Colorado Springs’ diminutive size.

In 2007, I realized I am not particularly good at prioritizing what time I have available. In true geek style, over the Christmas break I looked at all the recent time management fads to ensure I picked the laziest/easiest/geekiest (pick two), and found 43 Folders, which is based upon a slightly older – and dead tree form fad – Getting Things Done (GTD). The only downside to this particular fad is the fan boys are positively frothing at the mouth, which is what scared me off Python and Ruby on Rails. Rabid adherence is never a good sign. However, the things they want you to do are pretty simple, which is what attracts me to it.

43 Folders is a bit structured for this unstructured procrastinator. With procrastination, it’s not about “doing X now, but sometime in the future”. As any true procrastinator knows, there is an infinite range of substitute activities instead of “doing X now”. So don’t think I’m lazy, for I’m not. I just don’t achieve as much of the things I actually care about as I want. And with married life and a new daughter in a new country, the time I have available is dramatically reduced to when I was a bachelor cat slave back in Melbourne.

So far, I’ve:

• Cancel Something I’m no longer on the OWASP Board. I have totally given up the idea of writing another book for a while. I’m seriously thinking about giving up updating the next edition of the OWASP Guide as it’s just as much work (if not more) than writing a 300+ page book from scratch
• Replace a Project. I’ve picked a few things I love doing, and I’m going to find ways to do these first instead of things which interest me less. Obviously, family time comes first, but in what time I have remaining, my life should be fun and enjoyable. There’s no point in busting a gut to do something I don’t really enjoy. I’ve still yet to really do the maths to work out what makes me happiest, but once I do it, there will be a few more departures
• Time to declare DMZ E-mail Day (again)

So today, it’s DMZ E-mail Day on my renewed quest for Inbox Zero. I’ve archived all my work and personal e-mail for 2007. If you haven’t got a response from me for something, it’s time to re-send. 

It’s that time of the year again. In my previous list, it turned out I did some of the things I said I would, and a lot more besides.

In 2008, my desires are:

• Be a good dad to Mackenzie my gorgeous daughter, and a wonderful (hopefully less chubby) hubby to Tanya, my beautiful wife
• Lose some weight and mean it this time. What New Year’s Resolution is complete without this one?
• Finish at least one piece of first class research in the web app sec field

Although my time will now necessarily be limited out of hours, I think it’s better to complete one or two really good ground breaking ideas than to spurt the same old, same old things over and over again. I think many of you know what I’m currently researching, and I hope to finish that by the end of the year.

Enjoy!

After the emergency caesarian, Tanya needed me quite a bit, so I ended up staying in the hospital with her until Friday. The rooms in the MCU are nice, but the fold out arm chairs which become a bed for the odd stay here and there are not so good for my back. Things were a bit strange as we didn’t have Mackenzie in the room with us, but down at the NICU where she was being closely monitored.Mackenzie was a little irritable in the first few days, but in the end, she didn’t need any medicine to help her over the meds that Tanya had to take to make it through the pregnancy.I had my diabetic nurse appointment at 9 am, so the commute two floors down was pretty easy. It turns out I have type 2 diabetes, which is not so good, but the prognosis is good if I can lose the weight, which should also help the high blood pressure and the sleep apnea. We talked about a bunch of stuff, but the main thing is behavior modification, along with diet and exercise changes. I have way more to learn about living with diabetes, including learning to live with pricking my finger four times a day.However, during the diabetic appointment I started having the sniffles, and soon enough it’s turned into quite the rotten cold. I’ve been unwell now for a number of days, which is no good when all I really want to do is hold Mackenzie. I still feel a bit disconnected from it all as we didn’t have her in the room, and because of the cold, I really haven’t had a lot of opportunities to bond with her beyond a feed here or there.

What a week!

Today, we came in for a nice ultrasound with the in-laws so they can see, and maybe beg our obgyn for an earlier inducement. We sort of got what we wanted, and then some! We never made it to the obgyn appointment as things had moved on!

In a whirlwind, it turned from being low on amniotic fluid to immediate inducement followed by lots of pain then to much earlier than expected epidural to … well, let’s just say a lot of folks rushed in and thirty minutes later we are the proud parents ofMackenzie Lynne van der Stock!

Awesome! She might have come a little early (38 weeks), but that’s not a day too soon for Tanya, who has had a very difficult pregnancy.

Mackenzie weighed 2.75 kg (about 6 lbs 1 oz after conversion – even the US folks measure in metric for babies now!) and is 50 cms long today.It’s been very exhausting and I’m using a tiny connection to the Internet via my mobile phone, so things will have to wait until tomorrow. We have photos and movies.

UPDATE: Photos here:

http://picasaweb.google.com/vanderaj/Mackenzie/

Well, I’ve been extraordinarily busy this year. Far too busy to do much beyond scratch myself. I feel bad as I:

• Didn’t end up writing a book, much to my wife’s relief
• Failed to blog as much as I wanted to, particularly on the layer 7, 8 and 9 issues such as business logic flaws that I love so much
• Left the OWASP Board without achieving anything major organizationally in the last twelve months. I never intended to stay on the board forever, but I achieved far less than I could have in the time I had, such as adopting a proper Foundation / Core / Leaders
• Failed to release any new releases of UltimaBB through complete inactivity
• Failed to lose any weight. In fact, I put on 15 kg since arriving in the USA, the single largest one year bump ever
• Failed to work on the OWASP Guide (much)
• Failed to improve my (weak) Japanese or learn Spanish even though that would be handy as you hear it so much here. My iPod is bursting at the seams with hundreds of Japanese and Spanish lessons, and I’ve listened to like five episodes all up

Listing it out like this, it’s like 2007 was a big fat failure. But that’s not entirely true:

• Moved to the USA and settled down. This doesn’t sound like much, but only if you’ve never moved country.
• Made a baby with my lovely wife. Our daughter is coming real soon now – we’ve had several close calls and she can’t wait to get out by the looks of things
• Saw about 25 of the 58 possible states*. The USA is awesome. I’ve been from Miami to Boston, from NYC to LA, and it’s so totally different and yet familiar. I can’t wait to see more.
• Got the job of a lifetime. The guys at Aspect are everything I thought they’d be and more. It’s a wonderful work environment with great people at the top, funny co-workers, and the work is challenging and varied, which is just up my alley.
• Lead Author and Editor of the Top 10 2007. That was a huge undertaking – incorporating all the other folks efforts. I’m glad it’s out there
• With my OWASP and Aspect hats on, worked on the SANS GSSP for Java with a bunch of other folks. We need certifications to get rid of the unqualified cowboys from our field. I am reasonably certain that multiple choice exams are NOT the way to do this, but it’s not likely my way (a master’s like dissertation or practical project) would fly
• Worked on the SANS Top 20 again (and got Jeremiah in on the act – he updated the first draft this year – much kudos to him!)
• Got the XMB folks back up on their feet with a dynamic set of programmers… which sort of took the wind out of UltimaBB, but that’s okay. XMB deserves all the success in the world after so many years of being effectively mismanaged
• Worked on researching mainframe security for web apps, which seems a total blank slate, yet vital to the world’s financial industry.

So next year, I plan to revisit some of my favorite themes, but I will only blog once in a blue moon by design. The blog entries will be farther apart, but I plan to make them content rich. Many of them will be previews for new OWASP research. In the meantime, I’m sure my life is about to completely change by a small 3 to 4 kg baby girl. We’ll see what happens next year!

* I say 58 not because I’m geographically challenged, just that Australia is the 51st through 58th (puppet) states. We’ll see if the new PM is a bit more independent or whether we trade one colonial master we ignore for another

The old guard has been thrown out. In true Australian style, if you stick it to the battler, attacking and destroying the very fundament of Australian society – “a fair go”, you’re out. And the Australian people have spoken, and it looks like soon to be ex-PM John Howard may even lose his seat. It couldn’t happen to a nicer person so out of touch with the modern day reality. The 1950’s were a long time ago, and we needed a modern government for these last twelve years, not someone who denied climate change despite a 9 year drought right in front of our very eyes. We needed someone who does not think that economic growth is more important than society itself. The Montgomery Burns world view simply does not work.

Good luck to Kevin Rudd. It’ll be awesome to have a Prime Minister who can speak two languages for once. As an ex-diplomat, I wonder if he has the cojones necessary to stand up to the Unions so it doesn’t go too far the other way. Whitlam lost that battle, and that was a worse disaster than even Howard, even though his heart was in the right place and most of his policies (free tertiary education for all, free health care for all) made him one of Australia’s best Prime Ministers, and a legacy that to this day is unsurpassed in Australian history.

I only wish I wasn’t disenfranchised at the moment by being in the USA. I missed out voting entirely as we’re now off the electoral roll. In the future, I can’t say to my daughter that I had a hand in getting rid of one of Australia’s worst ever governments, one which let power go to its head and conduct ideology experiments on an unwilling public. Oh well.

Let’s hope that if Rudd gets power in both houses, or at least Greens as the balance of power, the same thing that happened to Howard’s government doesn’t happen to the Labor party.

I’m home for the foreseeable future, so it’s time to stop blaming being on the road for getting the right food down my neck, and not exercising.

It is difficult to get high quality, low sugar, low GI foods in the USA. There is a myth that everything is high fat here, but it’s a myth. Sure, there are heart attacks on a plate, but you have to go find them or make them yourself. I think the bigger problem is serving sizes and high sugar content, rather than the fat content.

A good example is butter. Butter is the devil here – it’s practically impossible to get real butter at a sandwich bar. You can get butter at the supermarket if you look hard, but the stuff put out at restaurants is rarely butter. A customer I visit regularly has a cafeteria at which it’s hard to eat badly at … except it is easy to get lots of mayo, ranch dressing and other tasty condiments slathered on your sandwich which are far, far worse than butter. Tuna salad is not precisely “salad”, but full fat mayo and tuna. Most sandwich stuffings have a creamy, high fat texture.

We were at the supermarket earlier tonight, doing the first weekly shop for my new food choices. It took a long time, and cost a lot of money. I was a bit shocked at the check out. Sure we bought a LOT of things you don’t need if you buy pizza every night. I now have the hugest collection of spices and seasonings I’ve ever owned at any time in my adult life. Our shop came to $320. That’s close enough to $AUD 350. I hope that future weeks will not be so expensive as we will not be buying 20 or so spices.

Shopping took nearly as twice as long as our normal shop. A typical example is searching the nutrition panels on about 20 different margarines, I found the lightest, least sodium enriched margarine with no sugar (hard!). You have to be careful to avoid buying things with unnatural sugar additives content – “normal” US butter is churned with sugar (to create “whipped” butter), and pretty much all the bread is sickly sweet with sugar. That row in the supermarket literally stinks to my Australian nose, even after nearly a year of being exposed to funny tasting bread. Tanya threw up there tonight – the first time she’s puked in the supermarket.

The margarine folks don’t use “margarine” – they use “spread”, but it’s margarine. I found a “lite” version of ICBINB, which had 85 mg sodium and 50 calories per tbsp. I then compared that to the full strength butter we normally use, and it has 85 calories and 85 mg sodium per serve. That actually puts our full fat butter in the lower end of the various margarines, and only a bit worse than the probably less than pleasing “lite” spread I nearly bought. For the amount of butter I use in a week (about 2 tbsp), it’s just not worth it to take the hit in taste. I took the same view with milk (4% fat is “light” for most foods) until I started having breakfast every day. Now, I am on 2%, and there’s only a minor taste difference.

I think cost and serving size is the reason why US folks are a bit chubbier overall than most countries. It costs a lot more to eat healthy here than it does to buy a “Man sized” frozen dinner, or to go out and buy a massive serve at the local diner or chain restaurant. Despite this, most US folks are not that fat, despite the constant bleating in the media and the impression we get back in Australia. I think there is one other person in my company of a comparable size to me. The rest are skinny and lead active lifestyles.

Serving sizes are killer here. You can easily buy a meal, cut it in half and take half home with you. Most restaurants have an ample supply of boxes to do exactly that. Considering how litigious the US is, I’m surprised the lawyers don’t step in and stop places from doggy bagging stuff so as to prevent lawsuits from customers who take food home in a white foam box with no reheating instructions and subsequently get sick.

My problem has always been serving sizes. I don’t have an “off” switch. I will eat until I am physically incapable of eating any more – I feel awful for hours afterwards. I ordered a 12 oz steak tonight. I have no idea how big that is in real measuring sizes. So I’ve bought a set of precision Salter scales, good for +/- 0.1 g to 3 kg. That will help immeasurably as I work in metric and all the stuff I buy are in legacy units and my recipe books (and my brain) are in metric.

Talking about scales, I nearly bought a set of Weight Watchers digital scales at Bed Bath and Beyond. I’m still thinking about it. This scale is a lot more accurate (+/- 0.1 kg calibrated to 180 kg) than my current scales, which only go to 150 kg and +/- 0.5 kg after 100 kg. I think I’m heavier than 150 kg as my barometer pants no longer fit. But my scales read 150-152 kg all the time. There are scales at the gym, but I don’t know if they reach my current weight (probably) or if they are calibrated (probably). Worst of all, I’d have to convert back from the legacy “customary” units they use here to metric. The last is the most likely reason to buy scales. But whilst I am so heavy, I think weighing myself is a moot point unless I start eating well and exercising.

Last week, we bought more shorts and t-shirts for me, so I can go to the gym the entire week without having an excuse not to go. I walked 25 minutes yesterday, and we were doing shopping for nearly three hours today. It’s my plan to go to the gym initially three times a week for an hour (which equates to about 40-45 minutes on the equipment), and walk 20-30 minutes two more days. I’ll bump it up when I feel I’m no longer feeling out of breath.

So, there you go. I have a week’s worth of expensive, healthy food. Two days of exercise down, and two days of following the eating plan with only one minor blow out (too much meat tonight). Let’s see how I go next week. As weight loss is not the current focus of this blog, if you want to follow my travails, use the “Weight loss” page tab above.