I'm a bit behind on the ol' blogging again.
Peter Bailis organized a trip to go hiking at Mount Tam, which gathered 8 folks. Dave Moore picked up Greg, Sarah, and me at some unholy hour like 8am and drove over. There were some curvy mountain roads, which were being expertly navigated by the five Ferraris (no joke!) in front of us and the one behind us. Dave was keeping pace in his Subaru, which was a combination of awesome and terrifying. My right arm got a workout gripping the handle on the door.
We passed over a tiny wet patch on the road, to which Dave quipped "I was excited right when I went over that wet spot, because even if it was for just a fraction of a second, I had better acceleration than the Ferraris." We all laughed.
We met up with Peter, Claire, Austin, and Philip when they too arrived in the outskirts of Stinson Beach. From there, we set out on the 7 mile trail, which was lovely. There were a bunch of chalk arrows on the trail pointing in the opposite direction of our path - apparently there was some Team in Training event going on on the trail.
After we finished the hike, we drove to the summit (which would have been a 14 mile hike, which some of us were not up for) and ate lunch at a picnic table.
Peter took lots of pictures with his hipster black-and-white film camera, and he taught me some of the science behind photography. I only had my phone with me, so apologies for the below-average image quality.
Worked on the Berkeley Mystery Hunt website. I'm learning Django!
Excellent day. Moxie Marlinspike, perhaps one of the world's greatest experts on attacks on SSL (secure web browsing), came and gave a lecture (much like his BlackHat 2011 talk) on the problems with the CA system used to provide security on the web. He described the missing piece in today's system as "trust agility" - the ability for users to revoke their trust in a CA (or any trusted third party) at any time without loss of functionality.
Moxie has a project called Convergence that provides such a system. It's based on the concept of network perspective - a man-in-the-middle attack typically makes a site look different (from a computational perspective), and so if you can approach the site the from many places, you can see the discrepancy, and know not to trust the fraudulant cert. It's quite cool, and one of my friends is trying to implement it for Chrome.
I find the whole project inspiring. If anyone can fix the CA problem, it will be Moxie and his collaborators - he is asking the right questions.
We had cooking club as well, which meant that I missed having dinner with Moxie and the other security folk, but Jon Long made Beef Wellington, and it was amazing. There was also fresh bread, a spinach salad, quinoa salad, and cheesecakes. I was so full I had to lie down for a spell.
It was raining all day. I paid my car insurance.
The Campus League of Puzzlers met up for a meeting. Our puzzlehunt is coming together! I'm a little afraid that it will barely be done in time, but our plans are becoming more and more complete as the days go on.
Our meeting ended at 20:00. I managed to catch the 20:08 BART to SF, where I met Patrick Bogen, his friend Renee, Matt Mullins, David Mackey, and Joe Cabrera at the Beast and Hare for dinner. I had rabbit stew, lamb bacon (very tasty!), and a slice of carrot cake. We chatted for a while, and then I went home and slept.
I finished hacking up the website for our user study, which included learning how HTTP file uploads work. Yay research.