September 9th, 2009

While looking at a calendar I realized that I’ve already been up here for more than one week and the thought crossed my mind that maybe I should write something new here ;)

As it turns out my room isnt that bad to reach after all because I also found a train running nearby. Also I wont have to go to uni all that often for the first half. The semester is divided in 2 sections here and in the first one I will only have classes Tuesday and Thursday :D These classes include python (programming), information theoretic modelling (computer science theory) and a beginners course in finnish (the language still seems crazy).

Together with other excahnge students we already made a short trip to the Island of Suomenlinna just south of Helsinki. There we walked through the remains of a huge castle built in the 18th century and had a pick-nick. Also we went to a few parties already, but sadly thats one of the things really expensive here. One pint of beer usually sets u back 5€ at least. Nevertheless i think there will be more than enough cheaper private parties with the other exchange students ;)

Another expensive thing (there are many of those) is buying groceries. The market that is closest to my student housing complex has quite a few items that cost twice as much as in Munich. But yesterday I have found a Lidl only one train stop away that has more reasonable prices (still expensive but acceptable)

One of the few things that are actually cheaper here is public transport. As long as you don’t have to go to Vantaa (north/northeast) or Espoo (west) you get one month for some 40€ or so. There is also a student discount but it only applies if you stay for more than one semester.

What is really silly is something about the Lyyra card. That card is something like a student card and it gets you many advantages… if u have one. The problem is that it takes almost a month to get it and you need to pay the card fee with bank transfer… very convenient for exchange students that have only just arrived…. Let’s hope that it arrives at the end of September….

One thing that happens to many Erasmus students is that you mostly get to meet other exchange students. To avoid that I went for a programme called ALICE where u get to meet Finnish students who want to improve their German. My partner will be a Maikki, a finnish student of international relations. As most Finnish students she seems to be in heaps of student organizations, clubs and other stuff, so It seems im going to get to know quite a few Finns.

As I dont have a working camera charger (working on that) right now, I dont have many pictures to show you, but if you know me on facebook you can always check out the “linked photos”, there are quite a few there.


September 1st, 2009

Yesterday I arrived here in Helsinki and I like it already (perhaps because uni hasn’t started yet *g*)

I’ll be living in a student housing complex in the north-east of the city not too far from the uni campus. I took a few pictures of this place for you to have a look:


August 29th, 2009
* Finnish for “Do you speak english?”

The time has come again, after 2 years in munich I became a little bored and decided to see something new. As some of you might know I’m going to spend the next winter term at Helsink University in Finland. Although my trip is starting next Monday, I cant exactly say that I’m fully packed, but who cares, still more than 24hrs to go!

I’ve already learned a tiny piece of that crazy language, but for anyone who thinks of that French is a very hard language…. think again. Finnish has cases in its grammar for counting or to describe relations to surfaces or volumes. Also there seems to be no limit for the length of a word as you can pick from a heap of suffixes to spice it up. The only easy part is pronunciation. Coming from Germany it seems you can say most words just the way it’s written.

There’ll be more to read here about my 4 month study trip soon (well if i can spare some time ;)  )

stay tuned…


July 20th, 2009

For a while now I’ve been knee deep in the SOAP and XML swamps.

These cool swaps feature

  • changing case sensitivity “Request” and “request” u need both…
  • great fun with datatypes that exist in the language the server is written in but are absent in the clients environment
  • undocumented behaviour that you only stumble across trying things that don’t really make any sense…

and to make things even more fun, the documentation page just went out of service yesterday… horraay!

Practical experience with SOAP is far less straightforward as some uni lecturer suggested…

And as if page after page of XML-junk weren’t enough, at the same time uni exams are looming: 2000+ powerpoint slides ahead, collision course set…


June 11th, 2009

Just received official approval for my Erasmus exchange semester at Helsinki University for the next autumn-winter term: Finland I’m coming :D

Only thing I’m still waiting for is some info on the ELIC Finnish course, so that i can go for my plane ticket ;)


June 10th, 2009

Today it was my turn to hold a talk at a uni seminar called “How to make a PIXAR movie“. The seminary was about the basics in various subjects of computer graphics. For the talk I have prepared a little particle engine written in Java and OpenGL to demonstrate the influence of some common factors. I don’t have time to clear up the sourcecode right now, but I’ll upload it here soon. For now, my slides will have to do:

slides (.pdf, 895KB, german)


April 19th, 2009

As a first real post in here, I’ve got something that has had me thinking for a while.

With most operating systems if you talk security you generally mean the possibility of malicious code breaching either the barrier from external to user space or the next step from user space to system.

While these two barriers are perfectly all right for server systems where only once in a while a real user is doing work in an interactive session, the picture is completely different in the desktop area.

If you are setting up a server properly you make decisions about which program is allowed to do what and you have code in place to enforce such limitations. You will hardly ever run any code that you don’t fully trust.

On a desktop in contrast you generally have a very limited set of users (<2 on average) per machine who want to see as little as possible about any security stuff. Therefore most desktop software (considering anything from windows, kde, gnome, …) only makes sure that no code in the userspace is run by accident or against the users will, and that if such code is run, it has no way to modify essential parts of the system. But what any user space code (be it malicious or not) can do is to interfere with the users personal files. In the linux/unix environment this applies to the entire home folder with settings for many applications but most importantly private files such as photos, documents, …

Although Windows doesn’t store these settings directly in something like the home folder (which is already a lot more intelligent than the linux way of mixing settings and personal files) it also doesn’t really limit what an application run by user X can do with files belonging to user X.

This basically means any application that is launched by the user can delete all his personal files without the operating system ever complaining!

I think additionally to the current approach of keeping “bad” code from being executed, it is also necessary to limit any damage that could result in running the code.

This leads me to my idea of

Fractional user space rights management

  • Each user has one folder for personal files and working data and one for settings these should be distinct!
    Foreign settings are considered personal files for any other application.
  • Per default only the filemanager (Explorer, Nautilus, …) should have access to all of the files in the home folder
  • each application has its own folder in the settings, there could also be folders for groups of applications that share settings
    In this folder only the application has rights to read and write. (with exception of user authorized actions or the filemanager)
  • If an application wants to access personal files it needs to have the rights to access them. This right doesn’t come per default.
    To acquire such rights, an application has several choices:

    • show an open dialog provided by the operating system, choosing a file or directory there automatically grants the rights
      the same would happen if an application is launched through the filemanager
    • ask the user to define exceptions for this program or check for such (e.g. an image viewer should have read access to all personal files)
    • for convenience I would add a command that can grant rights for console applications. This would be a bit similar to “sudo” e.g.:
      homedo¹ rw * command

      would launch ‘command’ with read/write access for all files in the current working directory after asking for authorization
      similar to gksudo there could of course also be an interactive version of this.

  • For convenience, there could be a “relaxed” mode to limit the number of authorizations needed this mode would only limit write access but allow any read access to happen

Of course I know that this idea is rather revolutionary and that there are quite a few spots where it is rather vague (especially backend implementation and restriction enforcement). The biggest obstacle is probably not on the technical side but rather communication the need for such a system to the user and making it as transparent as possible. I think there are quite a few people who have already disabled windows vistas security system called “UAC” (I even know one computer science student who has done it, but I’m not gonna put down that name here *g*)

Ok I guess I should leave it at that, quite a lot of text for a first post ;)

¹ give credit where credit is due, Maxi ( came up with that command

April 18th, 2009

Nothing much Nothing at all has happened here since I left for my trip to Australia in summer 2006. I finally came round to start building a new site which I intend to maintain a little more. This is the second attempt to revive this project of mine, let’s see how it goes ….

Stay tuned.. or maybe dont