New Year Eve concert 除夕音樂會

近年來，我在大除夕的節目都是港樂的音樂會。可能年紀大了，狂歡倒數的場合已經受不了。大除夕傳統的音樂會一定是輕鬆熱鬧，多是演奏華爾滋和波爾卡舞曲，小約翰史特勞斯的音樂是首選；再請來一個漂亮的花腔女高音，就是一個歡欣的晚上。今晚〈30號〉提早慶祝，在文化中心聽港樂。

今晚港樂請來奧拉魯特納 Ola Rudner 指揮，又邀請女高音弗蒂高娃 Elvira Fatykhova 贈興。曲目有小約翰史特勞斯 Johanne Strauss Junior 的吉卜賽男爵序曲 Gypsy Baron overture，常動曲 Perpetuum mobile ，維也納森林的故事 Tales from the Vienna Woods 和藍色多瑙河 The Blue Danube，又有莫扎特 Mozart 的費加洛的婚禮序曲 The Marriage of Figaro overture ，白遼士 Belioz 的浮士德的天譴拉高基進行曲 La Damnation de Faust: Rakoczy March，蘇佩 Suppe 的輕騎兵序曲 Light Cavalry Overture 和德伏扎克 Dvorak 的第一號斯拉夫舞曲 Slavonic Dance No.1。

指揮十分鬼馬，正好配合除夕音樂會的氣氛，而所有的樂曲都耳熟能詳，整場音樂會聽來輕鬆愉快，毫無壓力。演奏中又加插團員新年祝賀語，盡攪氣氛。



女高音弗蒂高娃的演出給音樂會畫龍點睛，添加了高潮。她的高音域晶瑩剔透，足可以震裂玻璃。她的演唱功力精湛，快速的裝飾音和琵音都十分流暢。她連 encore 一共唱了五首歌，每一首都技巧艱深。其中選自蝙蝠 Die Fledermaus 的我的好侯爵 Mein Herr Marquis，更是歌劇迷必聽之選。

除夕音樂會又怎可少得 Radetsky March 呢？這首曲就等於在時代廣場齊唱 Auld Lang Syne 慶祝新年。這個習俗由維也納管弦樂團帶起。現時差不多所有除夕管弦樂音樂會都徇眾要求在觀眾拍掌助慶下 encore 此曲。

Attention deficit trait

A colleague showed me an article on attention deficit trait, or ADT, which gave an explanation on the behaviour of the stressed executives. ADT isn't defined as an illness; it's purely a response to the hyperkinetic environment in which we live. People with ADT have difficulty staying organized, setting priorities, and managing time, and they feel a constant low level of panic and guilt. It is possible to control ADT by engineering one's environment and one's emotional and physical health, by getting enough sleep, switching to a good diet, and getting adequate exercise.

The explanation of ADT offers a reason of the craze, or is it popular madness of the day? In this modern and fast-paced world, we are all overloaded with knowledge and information. Because one's brain is unable to digest all the stuff, our brain's frontal lobes lose their sophistication, according to the experts. I do not understand what it means, but the symptoms are very common. The cures proposed are quite sensible. Just note that all these aim to keep you work more effectively and efficiently, instead of staying away from work.

I would like to add a few tips to keep one away from the madness of the modern pace. 1. Do not press the lift button in the lift lobby more than once. We all know that the lift will come with one press. The rest are madness. 2. Do not press the close door button in the lift; the door is programmed to close in a short time. 3. Do not walk on the escalator. The escalator is designed to walk for you, thus the steps are designed in such a way that they are hazardous to walk on. They are too high and the height changes at the beginning and end. You will also disturb others who stay put. But there are many mad people who walk on and keep pushing others aside. 4. Do not click the Internet link more than once. Doing so will not make the webpage load faster, but actually slower because the page have to be reloaded again. 5. Do not click the inbox button of the mailer more than once. One click will load all the mail. New mail will not normally come within a few seconds. These are all my bad habits which I try very hard to beat. Now I know it is not my fault, but the normal ADT that almost all modern men and women have. Old habits are hard to overcome, but special effort made on them are paying off. I now feel a lot better just standing on the escalator.

This reminds me of the Sixty Minutes Plus I saw some time ago. It mentioned a successor to the Generation X: the baby boomer population. Someone called it Generation Y for the population born in the 80s and 90s. It is the spoiled generation and most of them are too much cared for by their parents, schools and the TV. They work and play with computers, surf the Internet, and enjoy very fast communication and entertainment. This generation is brought up in group activities starting from kindergarten, evaluated as members of groups and the team concept is well within them. The observation is that the Generation Y is not as rebellious as those before them. They conform to their ideals and go with the mainstream. The problems with them are that they are unable to think long term. Anything that cannot give instant gratification are boring to them, which is the results of the modern trend of "Instant" everything. They believe that life is good and they will success in their career, but the reality is not the case. I think they will be the victims of ADT.

Institutions did the research on Generation Y with another motive. They worked for big companies and were trying to find out the market environment of the future. The Generation Y is now in the high schools and universities. But companies are preparing marketing strategies for them in the next two decades. Predictions: long term products such as mortgages will be replaced by products with instant results. Advertising for long term penetration will not be successful, rather messages on the Internet, SMS and on-site demo at Generation Y hang-outs are more effective.

I am already feeling a bit old.

GPS: friend or foe

IT technicians pay high regard to the technical aspect of the technology, while IT managers have a wider vision by taking the management aspect into account. The recent development of the global positioning system is a fine example.

GPS is hailed as the engineering project of the century. The basic principle is simple. Just find three objects of known location. Then, using a simple mathematical principle called trilateration, the location of the observer can be deduced. The challenge of a global system is to let anyone anywhere on earth have information of such three objects. The system is a matrix of 27 earth-orbiting satellites, evenly distributed in fine-tuned orbits that anywhere on earth can have sight of at least three anytime. Another challenge is to find the distance and direction of the three satellites. This is done by receiving digital radio signals sent by the satellites and cleverly doing the maths.

Now that the technicians have done their marvellous job, the managers have to figure out how to use it. The result is: for those with a GPS device, I know where I am, and I know where you are. This location based information has far reaching implications.

The motivation for GPS was military applications. Satellite navigation allows for precision in the delivery of weapons to targets. It also allows military forces to be deployed more easily. The system is now available to the public and has triggered a wide variety of civilian uses, including navigation ranging from personal hand-held devices for trekking, to devices fitted to cars, trucks, ships and aircraft, synchronization of logistics and large operations, location-based services such as enhanced emergency services through cell phones, surveying, search and rescue, geophysical sciences, tracking devices used in wildlife management, and many others.

The gadget became headline when a company launched an advertising campaign. A GPS device was hidden in a cola can in random manner and sold through the normal retail channel. The device was activated when the can was opened. A search team of the company would then follow the location information and reach the owner of the can as fast as they could, and gave him a big prize, plus flashing cameras and microphones. The campaign backfired. The lucky guy who caught by surprise suddenly realized that his whereabout was shown to the world without his consent. Personal privacy has vanished from the world, in that you could buy a GPS device or someone could plant one on you without your knowing.

Another example is the GPS device installed on vehicles for navigation purposes. I saw in movies that such devices are planted by spies on the vehicles of the victims for tailing. The location-based information from cell phones is considered a great help in case of emergency, and people are supposed to be allowed to opt to use this service or otherwise. However, the fact is that the cell phone emits such signal as long as it is turned on. Again, there are common scenes in movies that people are being tracked down this way by the good guys, and sometime by the bad guys.

A few weeks ago, I read an article in Wired News about GPS and privacy. The articles reported on industrial actions against the GPS devices installed in the news trucks of WABC-TV for the deployment of the TV crew. It also reported on the proposal by the Taxi and Limousine Commission to fit cabs with GPS devices. Such devices are also used by UPS, waste disposals companies and logistics companies. We may think that the mobile workforce is best suited to be assisted by such technology, but the protest of employees demonstrated that GPS could be a foe in intruding on personal privacy. The article also reported on remedial measures taken, including raising the awareness of employees by being transparent and providing the necessary training on the capability of the devices. This is a management issue and managers are called upon to walk the fine line of balance. If you are interested, you may wish to click and take a look at the article.

Where is my electronic token?

In this complex world, valuable information and financial data are flowing around in the Internet. Financial institutions, which are known to be the most conservative, cautious and security-conscious beings, have all converted to online money transactions. You may think that security in the public network must have reached a mature and reliable state to enable large sum of money and secret information changing hands. We learned about high level encryption, virtual private network, ultra high temperature firewall, secure sockets layer, transport layer security. However, the cat and mouse game of guarding and hacking is far from over. Cases of Internet fraud and information leaking continue to surface. Major websites, including the high security sites of governments and banks, are being frequently attacked.

To some sociologists, this is a normal phenomenon of social rule making and rule breaking. With all the laws and enforcement agencies, crimes are still being committed. One theory is that we can only keep irregularities under control to a certain extent. A cruel point is that we have to live with, hopefully, a small percentage of disorder.

Still the war wages on. Despite the sophisticated IT security measures developed, some institutions are going back to basics and employed the human factor. The US Securities and Exchange Commission advised financial institutions to introduce two-factor authentication for online transactions. One factor is the security information of an account which includes the user name and the password for you to remember. The other factor is something in possession, like a smart card or an electronic token. The second factor requires a person to carry something actual for the purpose of authentication in order to perform online transaction.

Some banks in Hong Kong have introduced electronic token as the second factor authentication. I have more than one bank account so I have more than one token. Some lucky persons may also have smart cards for authentication; and more tokens for secured access to office systems. It starts off as a novelty and a status symbol. People carry it around their neck and flash it to others as a sign of power, security and confidence.

However, the situation is getting worse. The token emerged as a piece of pendant and gradually developed to a chain of necklace. I hate wearing such ornament and they are also too bulky to be carried en masse in my pocket. So I put them in my drawer. Even in the old days, I had the bad habit of keeping my smart card in my drawer when I left the office. Anyway, the only use of the smart card is in the office for access to my LAN account. Bad guys getting hold of the smart card still do not have the first factor. But ladies and gentlemen, please get rid of this bad habit of security loophole and never let the security guys hear about it.

Now comes the problem with the tokens. Where are they? I remember that I put them in my drawer. But my drawer is quite disorganized with all sorts of stuff. It takes some effort to sieve through the pieces and locate a token. But sorry, this is not the right one. I normally check all my bank accounts twice a day; and so I have to go through such ordeals frequently.

Is there any clever person who can think of a better way? Yes, there is. It is the electronic certificate which can be encoded on a smart card. It can serve multiple purposes of authentication. It is administered by a certification authority and can be recognized worldwide. So let's carry only one smart card with the e-cert as the second factor of authentication and roam the Internet. However, the chaotic world is not that simple. The first hurdle is the card reader which very few people have. It has to be thought of as an essential computer peripheral like the mouse before the smart card can get popular. The second hurdle is that banks are not comfortable with the security of the e-cert, and are scary of the thought that the security of their system has to rely on a third party. As a result, we have to carry the many second factors each issued by someone.

More bad news on e-cert. I just read from the news that the poor certification authority, which is the Hong Kong Post, is losing money on this business. Hong Kong e-cert may face the axe and may disappear from the world if no private enterprise wishes to take over. Come to think of it, how could a private enterprise take over money losing business? Shouldn't the government be running such non-profit making territory-wide IT infrastructure? Come to think it again, the entire government is now using e-cert for its IT security. A private enterprise could just milk this cow by raising the price, and be rich.

But there are really very clever persons who do not believe that a second factor authentication device could do the job. An electronic token system is expensive to maintain. Many financial institutions reported that much resources have to be deployed to set up the system, distribute the tokens and, most of all, maintain customer relations in replacing damaged, lost and expired tokens. Many banks are now using another approach. They think that the information they have on a customer should be put into greater use in improving security. Such information includes the unique characteristics of customers in performing online transactions, such as the location, IP address, type of browser, time of day, and any information which reveals habits and personal traits. All these are readily available in the customer database. Should the system observe that a transaction is initiated from a different IP address, or from another country, or odd hours, or a different computer, or for an extra large amount, or anything out of the ordinary, the transaction is considered suspicious. Extra questions will then be asked, for which answers are only known to the customers, for the transaction to be allowed to proceed. It is like the first authentication factor to the power of 2 and above. Many banks consider this a better method which is more secure, flexible and easy to maintain. The artificial intelligence employed can be changed from time to time to avoid spying. Most important, it reduces the effort on the customer side while providing better security and customer service.

There is no such thing as a fool-proof system. But I would appreciate the banks would spare me the trouble of token searching.