Dissertation Hand-In Déjà Vu

I last handed in a dissertation almost 16 years ago; that one marked the cumulation of my academic work at Aberystwyth University, then the “University of Wales, Aberystwyth”. Since then I’ve studied programming, pentesting and psychology (the P-subject Triathalon?)… before returning to university to undertake a masters degree in information security and forensics.

Today, I handed in that dissertation. Thanks to digital hand-ins, I’m able to “hand it in” and then change my mind, make changes, and hand-in a replacement version right up until the deadline on Wednesday (I’m already on my second version!), so I’ve still got a few evenings left for last-minute proofreads and tweaks. That said, I’m mostly happy with where it is right now.

Project management graph for my dissertation
I found it motivating to maintain a graph of my dissertation’s “outstanding tasks” where I would see it every day. Also, as it started to get hairy, my word limit.

Writing a dissertation was harder this time around. Things that made it harder included:

  • Writing a masters-level dissertation rather than a bachelors-level one, naturally.
  • Opting for a research dissertation rather than an engineering one: I had the choice, and I knew that I’d do better in engineering, but I did research anyway because I thought that the challenge would be good for me.
  • Being older! It’s harder to cram information into a late-thirty-something brain than into a young-twenty-something one.
  • Work: going through the recruitment process for and starting at Automattic ate a lot of my time, especially as I was used to working part-time at the Bodleian and I’d been turning a little of what would otherwise have been my “freelance work time” into “study time” (last time around I was working part-time for SmartData, of course).
  • Life: the kids, our (hopefully) upcoming house move and other commitments are pretty good at getting in the way. Ruth and JTA have been amazing at carving out blocks of time for me to study, especially these last few weekends, which may have made all the difference.
Dan's masters dissertation: "Impact of the use of Language on Adoption of Optional Multifactor Authentication"
Despite this thing being big and heavy and dense, it somehow doesn’t seem to fully represent the weight of blood, sweat and tears that went into it.

It feels like less of a bang than last time around, but still sufficient that I’ll breathe a big sigh of relief. I’ve a huge backlog of things to get on with that I’ve been putting-off until this monster gets finished, but I’m not thinking about them quite yet.

I need a moment to get my bearings again and get used to the fact that once again – and for the first time in several years – I’ll soon be not-a-student. Fun fact, I’ve spent very-slightly-more than half of my adult life as a registered student: apparently I’m a sucker it, for all that I complain… in fact, I’m already wondering what I can study next (suggestions welcome!), although I’ve promised myself that I’ll take a couple of years off before I get into anything serious.

(This is, of course, assuming I pass my masters degree, otherwise I might still be a student for a little longer while I “fix” my dissertation!)

Sankey chart showing participants divided into groups and exposed to different experiments, and the results of those experiments.
A personal highlight was that I got to find a genuine use for Sankey charts and treemaps in my work for perhaps the first time.

If anybody’s curious (and I shan’t blame you if you’re not), here’s my abstract… assuming I don’t go back and change it yet again in the next couple of days (it’s still a little clunky especially in the final sentence):

Multifactor authentication (MFA), such as the use of a mobile phone in addition to a username and password when logging in to a website, is one of the strongest security enhancements an individual can add to their online accounts. Compared to alternative enhancements like refraining from the reuse of passwords it’s been shown to be easy and effective. However: MFA is optional for most consumer-facing Web services supporting MFA, and elective user adoption is well under 10%.

How can user adoption be increased? Delivering security awareness training to users has been shown to help, but the gold standard would be a mechanism to encourage uptake that can be delivered at the point at which the user first creates an account on a system. This would provide strong protection to an account for its entire life.

Using realistic account signup scenarios delivered to participants’ own computers, an experiment was performed into the use of language surrounding the invitation to adopt MFA. During the scenarios, participants were exposed to statements designed to either instil fear of hackers or to praise them for setting up an account and considering MFA. The effect on uptake rates is compared. A follow-up questionnaire asks questions to understand user security behaviours including password and MFA choices and explain their thought processes when considering each.

No significant difference is found between the use of “fear” and “praise” statements. However, secondary information revealed during the experiment and survey provides recommendations for service providers to offer MFA after, rather than at, the point of account signup, and for security educators to focus their energies on dispelling user preconceptions about the convenience, privacy implications, and necessity of MFA.

Geohashing Ressurected

I keep my life pretty busy and don’t get as much “outside” as I’d like, but when I do I like to get out on an occasional geohashing expedition (like these ones). I (somewhat badly) explained geohashing in the vlog attached to my expedition 2018-08-07 51 -1, but the short version is this: an xkcd comic proposed an formula to use a stock market index to generate a pair of random coordinates, impossible to predict in advance, for each date. Those coordinates are (broadly) repeated for each degree of latitude and longitude throughout the planet, and your challenge is to get to them and discover what’s there. So it’s like geocaching, except you don’t get to find anything at the end and there’s no guarantee that the destination is even remotely accessible. I love it.

xkcd #426: Geohashing
My favourite kind of random pointlessness is summarised by this algorithm.

Most geohashers used to use a MediaWiki-powered website to coordinate their efforts and share their stories, until a different application on the server where it resided got hacked and the wiki got taken down as a precaution. That was last September, and the community became somewhat “lost” this winter as a result. It didn’t stop us ‘hashing, of course: the algorithm’s open-source and so are many of its implementations, so I was able to sink into a disgusting hole in November, for example. But we’d lost the digital “village square” of our community.

Graph of Dan's dissertation progress as the deadline creeps closer
My dissertation “burndown” is characterised on my whiteboard by two variables: outstanding issues (blue) and wordcount (red). There are… a few problems.

So I emailed Davean, who does techy things for xkcd, and said that I’d like to take over the Geohashing wiki but that I’d first like (a) his or Randall’s blessing to do so, and ideally (b) a backup of the pages of the site as it last-stood. Apparently I thought that my new job plus finishing my dissertation plus trying to move house plus all of the usual things I fill my time with wasn’t enough and I needed a mini side-project, because when I finally got the go-ahead at the end of last month I (re)launched geohashing.site. Take a look, if you like. If you’ve never been Geohashing before, there’s never been a more-obscure time to start!

geohashing.site homepage
My implementation of the site is mobile-friendly for the benefit of people who might want to use it while out in a muddy ditch. For example. Just hypothetically.

Luckily, it’s not been a significant time-sink for me: members of the geohashing community quickly stepped up to help me modernise content, fix bots, update hyperlinks and the like. I took the opportunity to fix a few things that had always bugged me about the old site, like the mobile-unfriendly interface and the inability to upload GPX files, and laid the groundwork to make bigger changes down the road (like changing the way that inline maps are displayed, a popular community request).

So yeah: Geohashing’s back, not that it ever went away, and I got to be part of the mission to make it so. I feel like I am, as geohashers say… out standing in my field.

How to explain academic publishing to a five year old

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Last week I tweeted a cow-based academic publishing analogy in response to the prompt in the title, and the replies and quote-tweets extended the metaphor so gloriously, so creatively, so bleakly and hilariously at the same time, that I’ve pulled my favourites together below.

Here’s the original tweet:

Speaking as a goat, I approve of open access.

When I took a diversion from my various computer science related qualifications to study psychotherapy for a while, I was amazed to discover how fortunate we computer scientists are that so much of our literature is published open access. It probably comes from the culture of the discipline, whose forefathers were publishing their work as open-source software or on the Internet long before academic journals reached the online space. But even here, there’s journal drama and all the kinds of problems that Ned (and the people who replied to his tweet) joke about.

“One of the best things about working at The Bodleian… Pretending to be a PhD student…”

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

One of the best things about working at The Bodleian Libraries, University of Oxford? Pretending to be a PhD student for a photo shoot! Watch out for me appearing in a website near you…

Natalie pretends to be a PhD student.

My team and I do get up to some unusual stuff, it’s true. I took part in this photoshoot, too:

I’m absolutely not above selling out myself and my family for the benefit of some stock photos for the University, it seems. The sharp-eyed might even have spotted the kids in this video promoting the Ashmolean or a recent tweet by the Bodleian

Letters After My Name

Results day today, and so I finally get to find out whether or not I get a degree in exchange for my last five years at University. And I do. I’m now entitled to put letters after my name, which is nice.

I’ve got a lower second, which is (I know) less than I’m capable of, but considering my resits and other lark last year, it’s exactly what I expected, so that’s great. Was damn pleased to see that my dissertation got a first.

Now I suppose I’d better get on with the rest of my life.

Morning Mysteries 1 – 1 Scatman Dan

I woke up this morning to two mysteries:

1. Why had I set my alarm for 8:30am?

2. Why do I have a nose bleed?

I’ve solved the former: Claire needs to move her car (which is parked on double-yellows outside) or she’ll get ticketed when the morning wardens come by (morning wardens? they’re like traffic wardens, but they put tickets on people who still look half-asleep). The latter? No idea.

Yay; we’re off to the Borth Animalarium today, to look at meerkats! Followed by Troma Night!

My ‘Online Bank’ project isn’t going very well. So far it allows you to add Books to a Cart and get the total cost of them all. Which isn’t terribly useful, because that sounds more like a bookstore to me than an online bank… but I couldn’t find an example online about how to use EJBs to make an online bank, just a bookstore. D’oh.

Dissertation Hand-In

[this post has been partially damaged during a server failure on Sunday 11th July 2004, and it has been possible to recover only a part of it]

I handed in my dissertation yesterday. What a farce. Here’s the approximate order of things.

08:30 – Get up. Compile a postscript (.ps) copy of my dissertation, and upload both this and the .tex source files to central.aber.ac.uk. Start walking up to campus (Bryn offers to give me a lift, but I feel energetic, so I bound on up the hill).

09:00 – Reach campus and pay for £5 of printer credit (100 pages). Find a workstation room, log into central, and lpr -Puserarea diss-final.ps (print) it. Marvellous. Pick up the printout.

09:15 – Drop my (printed) dissertation off at the Library to be hardback bound. Everything’s going splendidly. Trek back down town. The hand-in window is 14:00-16:00, so I’ve got loads of time.

13:30 – Arrive back on campus, this time with two CDs (containing the source code and sample data for the project). I buy sticky things from the Union with which to attach them to the inside cover of my dissertation, and then trek to the Library to pick up the masterpiece.

13:45 – Hmm. The binding office seems to be closed. Guess they’re on lunch. I go to return a library book from the Physical Sciences Library, …

Update, 11 January 2020: As the tail-end of this post appears to be lost forever, I’ll fill in the essence of it from memory: after a leisurely morning/early afternoon of getting my dissertation printed and bound for delivery, well-ahead of the deadline later in the day and thus avoiding the mad rush for the printers and binders later in the day, I arrived at the hand-in point only to be told I was supposed to be handing over two copies, not one, and so I ended up caught up in the mad rush I’d been smugly avoiding after all.

Dissertation Proofreaders Needed

[this post has been partially damaged during a server failure on Sunday 11th July 2004, and it has been possible to recover only a part of it]

I’m looking for help proofreading my dissertation. If you’ve been invited to, or you’d like to help, please go to https://danq.me/diss/, download the latest version, and post any comments here.

You will need a password. To ensure that only invited parties can get hold of the password, you’ll need to prove your identity. The following groups are permitted to log in:

  • Members of Troma Night: go to the Troma Night web site and log in: the password will appear on the front page, underneath the words ‘Upcoming Events’.
  • People listed as LiveJournal friends of Fiona: go to this LiveJournal post by Fiona (you’ll need to be logged in and on her Friends list).
  • People who can guess the password – it’s the second half of the name of the project of my dissertation, in lower case, with the final letter replaced with the first vowel in the word that is the name of the logo of the organisation that benfits from my project.
  • Other …

More Celebrations

[this post has been partially damaged during a server failure on Sunday 11th July 2004, and it has been possible to recover only a part of it]

[chez geek card]

Yay. Now I’m in a fab bouncey mood and ready to crack on with the next 10,000 words of my dissertation.

People have kindly been offering to proof-read it for me on Sunday night – this is most welcome: if anybody else wants to, you can too: just drop me a comment or a message or something, and I’ll e-mail you it. I presume you’ll all prefer Acrobat .PDFs than PostScript .PS files, yeh?

On which note; everybody’s being really considerate of my need to get this thing done – leaving me to do it where they’re likely to be a distraction; not suggesting really cool things we could be doing right now (except for the above card, ahem), etc. Thank you all, guys!

In other news…

Troma Night Website

I’m working (at long last) on updating the Troma Night website. Going OK so far, about a third of the way there. Am contemplating pulling a long, late night and seeing how much of it I can get done at once. Ideally I’ll have it all sorted for next Troma Night, on Saturday – including the new webcam feature! We’ll see…

In other news, Claire’s looking a lot happier now that she’s put the revision to bed for the night.

Claire Seems Distracted

[this post was damaged during a server failure on Sunday 11th July 2004, and it has not been possible to recover it]

[this post was partially recovered on 12 October 2018]

Claims tiredness. Suspect she’s stressed about upcoming exams. Hope that it’s one or the other.

A handful of my friends keep posting entries to their ‘blogs rapidly, in quick succession. Have you heard of putting things in the same entry?. Save your friends from scrolling themselves to death!

My first exam, Monday (Formal Methods In Software Engineering), went better than expected; should have done quite well. Feel confident about The Internet: Architecture And Operation on Saturday morning.

In other news, my new soundcard arrived, giving me an audio system which doesn’t (a) short-circuit and cause my computer to crash from time to time, (b) give me quite painful electric shocks when I connect things to it and (c) gives me stereo sound all the time, without switching to mono for no apparent reason. In addition, I have a ‘front panel’ with heaps of cool-looking connectors, MIDI ports, etc. And a few tweaks later and it works fantastically with the …

The Student Loans Company Are Wankers

[this post was damaged during a server failure on Sunday 11th July 2004, and it has not been possible to recover it]

[this post was partially recovered on 12 October 2018]

Well, they give me money, so I can’t complain too much, but regardless…

My student loan should have been credited to my account on Monday (12th). Paul got his on Sunday! But when mine hadn’t come through by this morning, I got a little concerned. So I phoned them up on the enquires number listed on their web site.

“You have called the Student Loans Company. For enquiries regarding your student loan, press 1. To change your bank account details, press 2. For any other enquires, press 3.”
I press 1.
“If you are calling on behalf of a third party, we must advise you that they must cal personally owing to customer confidentiality. If you have any general enquiries, please visit our web site at www.slc.co.uk. Thank you.” <click>
WTF?

I call again, and this time press 3. Some confusing buttons later, I get through to a nice Scottish woman called Alison. It turns out that they had the incorrect sort code for me (and they had known this for several months [sort code had come up invalid upon entry] – but hadn’t bothered to phone or write to me). How had they gotten the sort code wrong? Well; they’d read one of my …