terriko: (Pi)
multiple job offers

People have started to ask me what my plans are after I finish this postdoc, or rather the frequency with with I get asked has reached an arbitrary threshold, so I guess it's time to write about it. The short answer is that I'm not planning to start my job hunt 'till October at the earliest, but here's some more detailed information about my plans in case you, like many others, are curious:

1. I'm currently expecting to be at UNM 'till around Nov 2013, which would be the originally expected 2 years. The date's a bit flexible: the grant I'm on goes a little past that I think, and I can leave earlier if I have another offer that needs to start right away.

2. I'm focused on getting some publications out before I start the job hunt at all. I'm hoping to have results from the router work as early as next week, and I've got a plan for publishing my remaining thesis work, so at minimum I want papers for both of those to be out for review before I start looking.

3. My job hunting mode will probably kick off around the time of the Grace Hopper Celebration in October. That's not the greatest timing, but it's a good enjoy goal date for the papers to be out and the job fair and related resources available at GHC12 is an excellent opportunity that I don't want to miss. I'm happy to consider things that come up before then, but October/November is when I'll polish up my resume and start being active in my search.

4. I'd like to go back to Canada, but I do have a US visiting scholar visa that can be extended and transferred to another qualifying job. (It can be used for up to a total of 5 years, of which 2 are going to be used here at UNM.) There's some fascinating legalese around my current visa that makes Canada the easiest choice for my next job, but I'm not adverse to other countries.

5. I'm not committed to either academia or industry at this point, and I wasn't planning to make a more concrete decision on that 'till I have actual offers. You can expect me to be looking at a combination of academia and industry labs. I have one lab already on my shortlist after the last round of interviews. I turned down their offer of an on-site interview because I had decided on UNM, but if they're still taking on new hires when I'm done here I'd like to continue the process with them.

So I'm not looking yet, but do feel free to pass job leads my way if something comes up that you think would be up my alley.

Speaking of jobs... I *do* have a couple of friends looking for jobs more urgently than I am: One is a very talented programmer who's currently located in Halifax but willing to relocate, and one is an efficient mostly-windows systems administrator who's looking for a job in the Ottawa area. They're both around intermediate level, but given the job market they're willing to work more junior positions if that's what it takes. I'm happy to pass leads along or obtain their latest resumes if I can help make a connection!
terriko: (Default)
I'm re-reading Richard Hamming's talk on You and Your Research because I felt like I needed the kick in the pants to do great work this month after some very busy months of doing necessary but not necessarily great things.

In this reading, I was struck by this anecdote:

John Tukey almost always dressed very casually. He would go into an important office and it would take a long time before the other fellow realized that this is a first-class man and he had better listen. For a long time John has had to overcome this kind of hostility. It's wasted effort! I didn't say you should conform; I said ``The appearance of conforming gets you a long way.'' If you chose to assert your ego in any number of ways, ``I am going to do it my way,'' you pay a small steady price throughout the whole of your professional career. And this, over a whole lifetime, adds up to an enormous amount of needless trouble.


On a surface level, I've long believed this is true. I've been long primed in the art of social hacking, first by my father and more recently as a security researcher/hacker. Anyone can watch the subtle variations on how I dress on teaching days or days when I'm going to the bank and you'll note that I pay attention to fitting in to the environment and manipulating the way in which I'm perceived. But as a child of the Internet, more or less, my experimentation hasn't limited to physical presentation. Especially as a teenager, I spent a lot of time grossly mis-representing my age and gender as well and watching how that changed my interactions with folk.

But what gets me this time is the end of that quote: "[If you don't appear to conform,] you pay a small steady price throughout the whole of your professional career. And this, over a whole lifetime, adds up to an enormous amount of needless trouble." Sometimes it's important to change the system, but sometimes you just want to get stuff done.

I can dress the part, but I don't generally change my gender presentation in real life. Is my female-ness adding up to an enormous amount of needless trouble over my lifetime given that I work in a field where that's going to make me non-conforming? I suspect it is, although I'm fortunate enough that my gender presentation is often canceled out by my racial makeup (Asian girls are totally good at math, don'tcha know?) so I can console myself by saying maybe it's not as enormous as it might have been. But not every person who doesn't fit the norm for their field has that consolation prize. Are we all paying the price of being different?

It's easy to get a little saddened by this. All that time explaining that no, I really am a techie, has added up to a lot of time I'm not having amazing conversations and doing great work. But before you get too saddened about how your hard-to-hide features like race/age/gender are affecting your ability to Do Great Things, you should stop and listen to Duy Loan Le's excellent 2010 Grace Hopper Celebration Keynote. In it, she talks about what she does to fit in to environments where she felt that letting go of her ego made it possible for her to get more good work done. I think it's really worth a listen, especially if fitting in isn't just a choice of what suit to wear for you.

terriko: I am a serious academic (Twlight Sparkle looking confused) (Serious Academic)
This is the first in my series of short notes on the academic papers I'm reading. This is a paper we read for seminar last week, and I chose to review it here not only because the results are interesting but also because it's a highly readable paper in case any of you get curious and want to read along with me.

Malicious Damage |  2008

Detecting malware domains at the upper DNS hierarchy
Antonakakis, M. et al, 2011

This paper is all about detection of malware using DNS. It turns out that while "normal" domains are accessed by machines that have patterns of geographical and network locations, malware domains are accessed by a bunch of zombie machines that could pop up anywhere on any network so the dns requests are a lot more random. So if you look at DNS, you can figure out what domains are being used by malware, and you can do it on the fly as domains change without needing a manually created blacklist.

It's a pretty neat trick. Malware authors could potentially get around it by adding in more clever requests -- doing something more like facebook or google which route you to "close" servers to provide good quality of service -- but until they do, this could be a handy supplement to existing malware detection. Reminds me a lot of greylisting that way.


@INPROCEEDINGS{antonakakis2011dnsmalware,
author = {Antonakakis, M. and Perdisci, R. and Lee, W. and Vasiloglou II, N. and Dagon, D.},
title = {Detecting malware domains at the upper DNS hierarchy},
booktitle = {Proc. of the 20th USENIX Security Symposium, USENIX Security},
year = {2011},
volume = {11},
pages = {27--27}
}
terriko: I am a serious academic (Twlight Sparkle looking confused) (Serious Academic)
One of the big problems of academia is that though we produce some amazing things, they're often not available, accessible, or even noticeable for the general public. That is, articles may cost money to read (unless you have access to academic journal subscriptions), interesting results get buried in dense scientific language, and often few people are talking about the results outside of academia (or sometimes even inside academia).

Last year, I committed myself to writing more book reviews to share what I read with others, and it occurs to me that this year, maybe I should make more of an effort to do the same with the scientific papers I read as well. The usual caveats apply: I've got my own set of biases in research just like I have taste in books, and it's entirely possible that I'll interpret results in ways other than they were intended.

This is something I did occasionally with my web security blog (and hoped to do more), but I'm currently reading papers about complex adaptive systems, biology, security, and more. So for now, these public paper reviews are going here right alongside my book reviews, and they'll be drawn not only from my own research interests but from the overlapping ones of my colleagues. I have a lead on a paper about railway design using slime molds, for example. You've been warned!
terriko: I am a serious academic (Twlight Sparkle looking confused) (Serious Academic)
One of the things I occasionally talk about at work is that my experience in the standards process completely destroyed any illusions I had about standards being made for the good of all[1]. Which is why this quote about the process of deciding on IPv6 amuses me so:

"However, many people felt that this would have been an admission that something in the OSI world was actually done right, a statement considered Politically Incorrect in Internet circles."


- Andrew S. Tanenbaum regarding the IPv6 development process in Computer Networks (4th ed.)

And since I imagine few of you follow my long-quiet web security blog (I didn't really feel like writing more on web security while doing my thesis or shortly thereafter), here's another quote that amused me from the same book:

... "some modicum of security was required to prevent fun-loving students from spoofing routers by sending them false routing information."


- Andrew S. Tanenbaum regarding OSPF in Computer Networks (4th ed.)

In case you're wondering what's up, I'm reading this textbook to brush up on my basic routing terminology with the plan to do some crazy things with routers in the future. It's quite useful for this purpose, but I keep getting distracted by how awesome Tanenbaum's writing is; you can see from his humour and deeper insights why his texts are considered standards in the field of computer science. I think the last time I was this struck by a textbook author was while reading Viega's Building Secure Software.

This sort of carefully crafted understatement is a huge contrast to the other book I'm reading currently, The 4-hour Workweek, which I'll probably review in a later post if I don't give up in disgust. (It's full of useful ideas, but the writing style is driving me nuts.)

[1] Standards are made for the goals of the companies involved in the committee. Sometimes those happen to be good for all, sometimes not, and the political games that happen were very surprising to me as a young idealist.
Page generated Jul. 30th, 2014 05:10 pm
Powered by Dreamwidth Studios