10 things that I liked in 2018

Written on 31 December 2018, 12:50pm

Tagged with: , , , , , , ,

In the last day of the year, it’s time to look back at the year and highlight the things that enjoyed in 2018. For reference, here is the list from the last year.

1. Two books: Daemon and Freedom, by Daniel Suarez. Absolutely brilliant, I don’t know how I missed them for so many years. Here’s an excerpt:

The Code book from Simon Singh was probably the runner-up – a few months ago I ordered the printed version and read it again after 5 years.

2. My new notebook: Huawei Matebook x Pro. Say what you want about Huawei, but they came up with a brilliant device. Miles ahead of the premium-priced Macbooks, it fundamentally changed my workflow. Never been a tablet guy and probably never be, so the combination of an iPhone + an ultrabook like the Matebook works best for me.

3. WorkFlowy: an exponent of the makers (*) culture, WorkFlowy is a dead-simple, cross-platform note-taking app. The hierarchical structure of the notes makes it compatible with mind-mapping and I found myself using it in a variety of ways. For instance, I drafted the outline of this post in WorkFlowy. Others wrote books with it:

(*) the makers culture: Peter Levels https://levels.io/ https://makebook.io/
https://twitter.com/ajlkn https://carrd.co/

4. A place: the Austrian Alps in the summer time. I had the chance to spend about a week in the mountains. The combination of mountains, clean air, outdoor activities and clear blue sky is amazing. Just have a look:

5. Security. 2018 was the year I learned a lot about security. Went to a few classroom training sessions (CISM, CISSP, TLS), passed some challenging certification exams, and realized that (IT) security is a fascinating domain with a lot of brilliant people.

The IT industry rocks (as one of the security guys that I follow said today), and on top of that, the security aspects make things much more interesting to watch.

6. Simona Halep: not only for finally winning her Grand Slam, but also for having the capacity to remain competitive for a long time: never dropped out of the top 10 for over 5 years and currently number 1 for more than a year (with a brief 4-weeks interruption). Well deserved and very inspirational.

Simona Halep, Roland Garros 2018, Simple Dames, Finale, Photo : Nicolas Gouhier / FFT

7. Two series: Breaking Bad and Better Call Saul. I enjoyed watching Breaking Bad when it was released on Netflix, and found the Better Call Saul a very good continuation of the series. Now that Better Call Saul is over, I went back to re-watch Breaking Bad – it’s amazing how a few years and another prequel change the perspective.

https://breakingbad.fandom.com/wiki/Mike_Ehrmantraut

8. Jurgen Klopp. He joined Liverpool 3 years ago and built an amazing team around him. One can learn a lot about leadership just by listening to his interviews. Humble and determined, he’s a perfect fit for Liverpool and you can sense how everybody around the club loves him.

https://twitter.com/stuffIfc/status/1079432962062671873/photo/1

9. The iPhone X – because the dimensions are finally right, and, more importantly, because its camera allowed me to take some amazing photos throughout the year: https://www.flickr.com/photos/dorin_moise

10. Tesla Model S. Finally, I left this at the end because it offered me some very mixed feelings. As I said in a recent post, the car is really amazing and it offers an experience that you will not find anywhere else. But the quality of the support services is disappointing here in Belgium. I hope that things will improve, even though I’m not holding my breath.

Here’s for a brilliant 2019 and remember, in the end it’s all about getting better.

Security exam tips

Written on 21 December 2018, 05:07pm

Tagged with: , , , , ,

After successfully passing 3 IT security exams this year, here are some high level tips:

  • schedule your exam well in advance to avoid procrastination
  • study from at least two sources
  • use quizzes: they make a huge difference in memorizing things
  • use the learning channels compatible to your brain (ex. I always prefer text or classroom training instead of audio or video)
  • Right before the exam: get a good night sleep the night before
  • schedule your exam in the morning when your brain is fresh
  • try to clear your mind in the hours before the exam
  • resist the temptation to go one more time through your materials before the exam
  • During the exam: keep an eye on the watch
  • don’t go back to a question: make the best effort to answer and then forget it (some exams will not even allow you to revise a question)
  • don’t change your answer (exception: when you realize that you misread the question)

And some basic, but interesting things about security:

  • people are the most important asset
  • but humans are also the weakest link in every security program
  • security is always about protecting the CIA triad
  • security controls can bring the risk to an acceptable level, but there is no such thing as risk zero
  • a company exists for the sole reason of making profit. This means that they will always look at the return of investment as primary metric in evaluating any security control
  • security is not a one-time project to fix things, but rather an ongoing program that needs to be planned and revised periodically
  • complexity is the enemy of security
  • as a security professional, you must learn to tailor your language to your audience
  • you are just an adviser, but not a decision-maker
  • you should act as a prudent man. Like this guy would:
https://breakingbad.fandom.com/wiki/Mike_Ehrmantraut

UEFA CL draw probabilities – 2018 edition

Written on 19 December 2018, 06:44pm

Tagged with: , , , ,

This is a follow up to https://colorblindprogramming.com/round-probabilities-before. Last year I stopped after discovering that the only correct way to calculate the odds is to look at the probability trees. This year I took this one step forward and created a script that would calculate the correct probabilities. I intend to reuse this script for the future draws, and a year it’s a long time for my memory so I am adding some notes here.

The incorrect approach: the big-bowl

The first approach last year was to calculate all the possible pairs, eliminate the invalid ones and then calculate the associated percentages for each pair. In hindsight, this approach was obviously wrong, because it doesn’t replicate the actual draw. This approach would only be accurate if the draw consisted of a single draw – from a very big bowl of all the valid options. This is obviously not how the actual draw works, so even if the final numbers were pretty close to the correct ones, it was not the correct approach.  

The correct approach, using conditional probabilities

The correct way to look at this is by understanding that we are talking about dependent events. Each draw depends on the actual result of the previous draw. It’s identical to this process, beautifully explained on MathIsFun.com:

So how do we actually do it?

There are two approaches:
The first one is a bit more complicated and implies creating the tree above for the 16 teams and 16 steps (each team pick is a step). It has the advantage of producing accurate results, but it’s a bit more difficult to implement.
The second one consists of simulating the draw process and repeating it a lot of times. I found this approach easier, here is the pseudo-code of the draw process:

  1. for each unseeded team
  2. if there is a mandatory draw (starting from the 5th unseeded team)
    1. then automatically create the pair and add it to the draw
  3. otherwise, pick a random unseeded team
    1. get the list of available seeded teams
    2. randomly pick a seeded team from the list above
    3. add pair to the draw
  4. end

Repeating this process a few millions of times would lead to millions of possible draws, and based on that we can calculate the percentages.

But there are 2 catches:
1. Checking both sides of the draw. Have a look at the step 2 above, checking if there is a mandatory draw: let’s say you are left with 4 unseeded teams and 4 seeded teams. It’s not enough to look at the unseeded teams options, you also need to look the other way around. Example:
Unseeded teams: Liverpool, United, Shalke, Lyon
Seeded teams: PSG, City, Real, Barcelona
Liverpool has 2 options, United 3, Shalke 4 and Lyon 2. But if you randomly pick Shalke and you pair it with any of PSG, Real or Barcelona, then you leave an impossible draw for City (which cannot be drawn against any of the 3 English teams left). So the solution is to count the number of options for both unseeded and seeded teams. If there is a single option, pick it.

2. Go back if needed. Even with the above safety mechanism in place things can still go wrong. Example:
Unseeded teams: Roma, Liverpool, Shalke, Lyon
Seeded teams: Porto, Barcelona, PSG, City
Options for the unseeded teams: Rome -4, Liverpool -2, Shalke -4, Lyon -2.
Options for the seeded teams: Porto -3, Barcelona -4, PSG -2, City -2. 
The safety mechanism above (counting the number of options for both seeded and unseeded teams) tells us that everything is fine. So we go ahead and pair Rome with Porto. We are now left with:
Unseeded: Liverpool -1, Shalke -3, Lyon -1
Seeded: Barcelona -3, PSG -1, City -1.
The problem is that both PSG and City have an option, and that option is Shalke. So this leads to an impossible draw, so the solution in this case is to go back one step and pick another draw instead of Roma v Porto.
According to my calculations this could happen in about 0.4% of cases, and I am really curious how UEFA would handle it if it happened on stage. In the scenario above, if Roma was selected as unseeded team, I expect that the computer will only allow PSG and City to be one of the seeded teams, but I am really curious to hear the hosts explanation about this constraint (since both Porto and Barcelona are, at first sight, also valid options for Roma) 🙂

Using the algorithm above, I ran the simulation 2 million times. These are the results:

Checking the results

The nice thing about being both a geek and a football lover is that you get to know smart persons at the intersection of science and football. Two of them are Julien Guyon and Emmanuel Syrmoudis. They also spent time thinking about this topic. Julien came up with a great explanation of the draw process and probabilities, while Emmanuel went one step forward and actually created an interactive draw simulator.  

My results come pretty close to theirs, so I’m quite confident that my method is decent enough. I plan to reuse it again next year and, perhaps, also try to create the actual probability tree to get the exact percentages.