The MoCo All-Hands was tons of fun. I'm a bit annoyed that bits of our project planning ended up on Slashdot within a few days --- the perils of being open! Why doesn't this happen to other projects? Anyway, I felt the time was quite productive beyond just feeding Slashdot. With a couple of exceptions, meetings were goal-oriented and we were able to reach decisions. Of course it was also great to meet a number of new MoCo developers and other staff.
I also took the chance to meet up with friends, as I often do. So many of my friends have gravitated to the Bay Area, I can only visit a subset of them on every trip, which is a bit awkward! Still it's great that I get to seem them.
I drove up to Berkeley a couple of times. On Saturday I met up with my friend and we visited the Asian Art Museum in San Francisco, but spent most of the time sitting in the museum cafe talking about browser security! On Tuesday I met with a number of faculty, students and post-docs to talk about their research. One thing I kept emphasizing was that too much security research is really research in *insecurity* --- finding all kinds of new attacks! We already know there are lots of problems and at this point, we need more emphasis on defense. Unfortunately defense is harder and less amenable to crisp results. But we talked about how bug-finding technology could be used to speed up the bug fix cycle, by applying the technology to improve debugging and to search for regressions that would be caused by a patch. I'm hopeful we'll see progress in those areas.
I really enjoyed the trip, although I'm finding that every time away I miss my family a little bit more. The flights were good. Movie picoreviews:
- Yes Man: OK
- Quantum of Solace: pretty good
- Valkyrie: OK (I wanted to like it more for the history and the compelling situation, but there seemed to be some unexplained important jumps)
- Taken: mediocre
- Defiance: OK
- In Bruges: brilliant!