by acls us

CUSEC 2010. 21-24 January 2010. Montreal, Canada


It was really a bit of a fluke that I ended up going to CUSEC. I had planned to go to one conference in January and I messed up on arranging to go to CES in Las Vegas. So I was looking for another conference and found CUSEC by accident on an unrelated search. As CUSEC is really an event for Software Engineering students from Canada it’s not something that would have come up when looking for industry events, which is understandable. But that’s a pity as the major subjects for presentations could be summarised as; how to create/build a business utilising Software Engineering principles, and how to use those principles to produce innovative, stable and secure applications. Areas for discussion in the business world too. But the essential difference between attending a conference targeted at business, to CUSEC’s more academic hit list was the clarity and quality of the content. True, there were certain words used for the specific audience, as there would be for a business event, but these were the words “Cool” and “Awesome”. They got a bit over used but I think I prefer them to “Empowerment”, “Leverage” and other such meaningless tripe. The quality of the content was the striking difference. There were a number of presentations that gave a very detailed analysis and a level of insight into their subject areas that is missing in business presentations. It is a great pity we don’t get this in the business world (as a rule that is, there will doubtless be some exception, as there is to everything).

I got a feeling of being immersed in a sea of Geeks. It was a little difficult to become involved as I was of a different generation from the majority of the attendees and I was not in a group. All of which is my problem and not CUSEC’s by the way.

Although Microsoft was involved in the event, as a whole it seems to be almost a Microsoft free zone. Looking around the vast majority of laptops (attendees and presenters) were non-Microsoft, predominantly Apple. There was also a strong feeling of dislike for Microsoft and its products. I wonder what will happen as the current generation move on up into industry with these views.

From one thread of presentations I discovered that humanity seems predisposed to failing to specify what we want from computer systems, failing to implement these failed specifications in code and then going on to make insecure bug filled applications. The hope being that if we are aware of our failings, we can spot them before they destroy our new born creations.

Another thread that I picked up on was on how to build a tech business. Putting aside all the good practical steps required, it seems that the culture should be one of play and freedom, to encourage the creative mind. If you hire the right people they will grow in this environment and not take you for a ride just playing games all day.

Overall this was an excellent event, 5 out of 5. One which I hope to attend next year.

I was going to attempt to summarise all the sessions I attended but due to the excellent and detailed content, this may not work well. Apologies to anyone involved that accidentally stumbles over this and thinks I should have given more detail (More information can be found on the CUSEC archive site at

Thursday, January 21

Opening remarks – Late start but apparently that’s traditional

Mark Knox – An interesting insight into the world of Adware and how to work for the Mafia, good presentation

Peter Forde (Unspace) – Not safe for work – How to restructure your career at 5 year intervals. An excellent presentation.

Larry Gadea – How Twitter are using Capistrano and a customised BitTorrent system to rapidly deploy binary updates to.

Reg Braithwaite – Beautiful Failure – Explaining why thing go wrong in computer systems as a result of programming languages not being capable of understanding all the things we do outside of writing the code needed to make systems work. An Excellent presentation.

Friday, January 22

Rob Tyrie (NexJ) – A good presentation on the experiences of working in a number of start-ups with was rather poorly attended.

Doug Down – Cloud Computing Academic Issues – A good presentation on the limitations and tradeoffs for using Cloud Computing to handle data analysis tasks in the Academic world where the amounts of data to handle become the key issue.

Greg Wilson – A look at how the world has changed but how little process of creating applications has and how formal studies are required to see what methods actually help. An excellent presentation with a plea for us all to take a more evidenced approach to decision making.

Mark Pavlidis – A good presentation on how to pull together all the components required to create iPhone Apps.

Douglas Crockford – Quality – A excellent presentation on the forgotten crisis in Software Engineering that has been on the go since the 1960’s that prevents us from even being able to estimate how long an application will take to develop.

Saturday, January 23

Leigh Honeywell – A good presentation on security considerations for developers and how security needs to considered from the point of design onwards through the lifecycle of an application.

Tom Ptacek (Matasano) – An excellent and fast moving honest presentation on why cryptography goes wrong or isn’t understood and how to do it for real.

Dan Berry – A good presentation on ambiguity in natural languages which gives rise to mis-interpretation of specifications when translated to code.

Jacqui Maher – Using Technology to effect changes. A good presentation on how technology can be used to make a real difference in the lives of the people of underdeveloped countries by improving the infrastructure.