Hello friends! Barcamp Chennai 2 was superb! It was 2 days of fun. What was surprising this time is the sheer number of new faces in the crowd and the number of non-tech sessions. The non-tech sessions were high this time, though the tech sessions were pretty basic ones. Lots of networking happened this time and I came across a really cool bunch of people with whom I will be in touch.

Day 1

Yesterday morning, I attended a session on Git, by Sreeni from ThoughtWorks. Its a source control system which was developed by Linus Torvalds. I recently signed up at GitHub to host the SMS Web Service program & this session was really very helpful in getting me started. Next session was intro to Ruby on Rails by Prakash from ThoughtWorks (this was in a different track). Most of the hall roared with laughter when one of the campers asked what the difference between Rails and Javascript. Hmm! With this question I came out of the hall and met Kausik, Bharadwaj, Moyeen, KAPP, Shyam and a few more guys. We were discussing about programming languages, mainly about python and various IDEs. I also struck a deal with Shyam to collaborate on an open source mobile project. More details about it will be available soon.

By the time we finished our discussion on the hallways, it was lunch time and we headed to Tiffanys. We ragged Moyeen 😀 about his GF and stuff. Moyeen is a good sport you see 🙂 so we had a nice time. Post lunch, there was a session on linux kernel basics and then came the best session of the day.

It was on Open Street Maps by a final year engineering student named Arun Ganesh. Open Street Maps is a community effort to map out the whole world. A wikipedia of sort for mapping. Arun had done some seriously good tasks of mapping out Teynampet & sharing it with the post offices in his area to get it validated. He also pointed out that, where Google or Yahoo maps take a few years to map changes in locality, those changes are reflected relatively immediately on OSM. That’s mainly because of the volunteers who edit the maps on a day-to-day basis. Unlike Google or Yahoo maps, OSM allows you to change the underlying mapping data itself, which is pretty cool. When Arun showed the OSM website on his browser, someone asked what the software was 🙂 The audience brought the ceiling down by laughing. I was pondering about building a mobile software for displaying OSM on Symbian mobiles. Interested anyone? I may start this in a couple of month’s time.

My session on the recent “Assign Categories” wordpress plugin was next. Response was good 🙂 and I’m happy. After this, there was a session on web 2.0 (old stuff?) but then, myself and a few others used the law of two feet and discussed various other topics between cups of coffee. I also answered a few questions on my wordpress plugin during this time. Day 1 came to an end with this.

Day 2

Today was superb I should say. The first session was from Viru [viru {at} physicssociety {dot} com] about “Indian Education System Sucks”. The word ‘s**ks’ provoked the audience very much and what followed was very hot debate with a few solutions to the current problems. Solutions being that students should be allowed to ask questions and teachers should encourage that. Also, more amount of practicals should be introduced in the curriculum for understanding the subjects better rather than mugging up. I believe CBSE has solved part of the problem here. By making the syllabus huge, they have effectively discouraged students from mugging up & vomiting. So, to answer questions in the exams, they have to understand the subject well; else they flunk. There are lots of side effects to this. But we will discuss it some other time.

Second session was on “Global Financial Meltdown” by Syed, Sukumar and Ganesh (of Rupya). It was superb. Though I did follow the news on the financial meltdown, I learnt a lot from the discussion. One specific portion that still stays fresh is the news that India Inc. is spending Rupees 1 Lakh Crore to help the failing banks. They are buying stock at a discounted rate and imagine the returns when the meltdown ends! 🙂 . There was also a small discussion on how it affects the IT industry. Software service companies have to be on watch was a view that was shared by everyone.

Post lunch, the talk was on “Disaster Management”. Since Mr. Mani, DSP of Police couldn’t turn up, it turned into a fun group discussion. The hall applauded when Sukumar advised the campers to take “good care” of our lives. Point well taken.

After this it was time for our discussion using the law of 2 feet & then it was time for Thomas’ session on “How to become an innovator”. Crux of the talk is that, you have to condition your mind in to thinking out of the box and he recommends the books written by Edward De Bono. Siddhi‘s session on creating a really good office space was enlightening as well. On the whole, Day 2 rocked and I learnt plenty of things today.

Wifi

Wifi sucked 🙁 Most of the time, it didn’t connect. Wifi Gurus are most welcome to share gyan on how to setup a reliable wifi for (un)conferences. May be this would have been a great session at Barcamp.

Photos

Please search for BCC2 or BarcampChennai on Flickr and other places.

Crowd size was optimum this time, which made the sessions all the more interactive. Were you there and I missed talking to you? If so, please drop a comment and I will get back in touch with you. Thanks!

Barcamp Chennai Logo

Yay! barcamp chennai second edition is happening today and tomorrow at IIT Madras in the IC & SR auditorium. The previous barcamp was truly awesome and I sincerely hope, this one will also meet the expectations. There are lots of interesting talks lined up and whats even more interesting is that, there are lots of new faces this time :D 

We are also planning for an all-night code camp for tonight. If its happening, I will post more details about it here. If you are attending, do let me know. I will be around. For more details about barcamp, check out http://barcampchennai.org/.

If you are taking pics/videos/tweeting about the event, use the tag “BCC2”. That would make it easier to search and find the relevant pics, blog posts and videos.

See you there!

 

Here’s a cool new wordpress plugin that allows you to assign one or more categories to multiple posts in a single shot, with or without preserving existing categories.

This plugin will be very useful when you are migrating to your own wordpress blog, hosted on your domain. The default wordpress functionality is that, you can assign new categories to posts only by editing each post and changing the category assigned to it. So, if you have a large number of posts, then it will be a nightmare.

Enter this plugin.

With this plugin, assigning multiple categories to one or more posts is a breeze. Pop the plugin’s PHP file to your wordpress plugin directory, activate it and click on “Assign Categories” under the Manage menu. The page will show the list of available categories, followed by the available blog posts. You can select the categories, select the required posts and then click on “Assign Categories” at the bottom of the page. Now, all your posts will be assigned the new categories.

The plugin is licensed under GPL v2 (the same as wordpress).

Download the plugin, take it for a test drive and let me know.

Kids and Kittens

October 13th, 2008

About 4 weeks ago, a cat had given birth to 2 kittens. Since then, those kittens are playing around with everybody they seem to cross. They look very cute. A big face when compared to their overall body size, especially their eyes! LOL.

Anyhoo… it was a sleepy saturday afternoon when I went to the bike stand to go out somewhere. Two guys were playing. One was aged 7 and the other was aged 12. They were moving very quickly between the bikes on the stand. I got curious when the older kid held a bike tightly with this hand, while the other one climbed on top to try and reach the asbestos roof. Perched atop the roof was one of the kittens.

Fearing that he may slip, I wanted him to come down & the following discussion ensued.

Me: Dai, keezha vizhundhuda pora. Erangu da. (Translates to, “Dude, you may fall down and get hurt. Climb down”).
Him: Illa anna. Naa andha poonaya pidikanum. (Translates to, “No brother. I want to catch the kitten”).
Me: Dai, adha yen da nondra? (Translates to, “Why mess with the kitten unnecessarily?”).

Saying this, he deftly placed his hand on one of the cracks on the asbestos roof and tried to pull the kitten down by its tail. But it got a bit wild and puts in head down to push him off. But that didn’t deter him. I was a bit afraid now. Here was a small guy who was standing on the edge of a bike & he may slip & break his jaws. But at any cost, he wanted the kitten down and be with him.

Me: Edhukku da unakku andha poonai ippo venum? (Translates to, “Why do you want that kitten now?”)
Him: Anna, na adhukku rendu naala saapadu pottu valathukuttu varen. Adhu konjam kooda nandri illama, mela yeri okandhirukku. Adhan erakka poren (Translates to, “Brother, I have fed it food for the last 2 days. But without showing any gratitude, it has climbed up beyond reach and sitting there. That’s why I’m going to bring it down now.”) ….

THAT ZAPPED ME! seriously! What the 7 year old spoke just now weren’t small words 🙂 Kids are powerful.

Visit to Kone Falls

October 5th, 2008

It’s been quite a long time since I visited a good place and had fun for a full day. I hadn’t even gone for a long ride on my bike until now. So, it was five of us. Arvindh, Karthik, Paramesh, Siva and myself. Arvindh is my friend from the Kalari class, a cool talkative guy. Karthik doesn’t talk much but likes adventures. Paramesh was the very practical guy among us and Siva was the paranoid. You know about yours truly. Hence, no “about me” here.

Kone falls is also called “konai falls” or “kona falls” or the “kailashnatha kona”.

The Drive

Kone Falls comes 10 kms before Puthur (Andhra Pradesh). Its a couple of 100 Kms from Chennai and takes about 2 hours if you drive at 60 kmph. The first one hour journey through the national highways was simply awesome! Roads are superb and there were no potholes at all. Driving speed was consistently between 80 kmph and 100 kmph. I was even able to touch the magical 100 kmph a couple of times. Once we reached the toll plaza, we took a left turn to reach Periyapalayam and then the road straight to Uthukottai. From Uthukottai, it was a 34 km ride on a perfect road. The weather was awesome! It was drizzling slightly for a few minutes in the morning. But apart from that, there was nothing much.

Paramesh, being the crazy biker among us, tried to do a few dangerous bends on his pulsar 180cc. But the turns on the road weren’t turning deep enough. I was even caught meditating on the middle on the road during the last 34kmph stretch 😀 The roads were free with an occassional lorry or two to disturb the silence.

The Falls

The entrance to the falls looks like this.

Kone Falls entrance

This entrance is tucked away from the main road. You need to watch for the milestone (on the right side of the road) that reads “Puthur 10”.  This entrance comes immediately after that milestone on the left side of the road. From here its a 2km drive along the single road. Be careful when you drive along this road. There are a few really sharp bends & cars come dashing through without any warning.

The Temple

The end of the road takes us to the base of a small hill, on which there’s a temple of Lord Shiva. To the left of the temple, there is the actual “waterfall”. The flow is not huge. But its sufficient for a few people to bath. We, being the more adventurous, didn’t want to bath here. There was a way up the hill which led to us small pools on top of the hill. We decided to trek to that place.

The Trek

This was the part of the trip that I loved the most. Armed with a couple of water bottles and a few cameras, we set out to explore the hillock from where the waterfalls’ started its downward journey. A quarter way up the hill, we were confronted by a gang of rowdy monkeys. They threatened to rip our bags apart from us to check its mysterious contents. Earlier, I would have just thrown my hands up and surrendered. But hey, what for am I learning Kalari if I can’t even handle a bunch of silly monkeys?

This culprit monkey was responsible for surrounding us with his friends.

Just as I was about to get into position, they all jumped in fear and ran away. As I turned around to see what happened, our beloved Karthik, remembering that our forefathers were monkeys, bent down and made mock faces at them. He also tried to pounce on them. Seeing this in action, we broke into peals of laughter. To celebrate the victory, with the monkeys out of the way, we stood on the edge of the rock and took a couple of daring photos.

On the Edge

That’s me and Arvindh standing on the edge. Its a steep fall from this place 🙂 We continued our trek. We found a few interesting grasses along the way. One such grass was that, if you crush its leaves, it gives a nice lemony smell. Local folks said that, this smell keeps them away from suffocation if they keep climbing too far.

After an hour of trekking, we reached the place 😀

The Waterfall and The Pool

We all beamed when we heard the sound of water rushing. It was like salvation. A goal that you had reached after some hardwork. But we were yet to see the place from where the water was falling through. Making our way through the trees, we found that the waterfall had formed a small pool which was overflowing and filling another pool about 15 feet below. We climbed down the waterfall and reached the pool in a couple of minutes. The water was amazingly clear and cool !

The pool with myself, Arvindh and Siva (L to R)

We bathed here for about an hour and a half. This pool overflowed and filled another pool about 15 feet below, which is where the adventure began.

The Adventure

I got out of the pool and was sitting on the rocks through which the water was flowing to fill the pool below. I was sitting with my legs folded and suddenly I slipped. The slope was steep and slippery and I couldn’t hold on anywhere. In the same sitting position, I fell through 15 feet with my a** bumping the rocks along the way and whooosh! … I just plunged into the pool below. With the force with which I fell, I touched the base of the pool and came up again. Thank Goodness, the pool deep enough.

I swam back to the rocks, held to a tree root, climbed it up, stepped on yet another rock and then made my way to the place where we were sitting. Phew! it was nothing like I had encountered before. This experience threw out a lot of imaginary fears from me. I escaped without a scratch.

I was almost like a caveman. Dressed only in an underwear, with a few leaves stuck around my hips, and climbing the rocks to our place, the sight was quite hilarious. Only Karthik saw me fall through very clearly. Others just heard the splash.

The Trek Down

We bathed for some more time and then made our way down. No rowdy monkeys this time. We were able to make out the route now and reached the base of the hill in under 30 minutes.  We visited the Lord Shiva temple, ate some prasadam and then made our way back to home sweet home.

Driving back!

It was a superb trip/trek, that I enjoyed thoroughly 😀 after a long time.

 

Microsoft TechVista

October 2nd, 2008

Microsoft Research (MSR) India conducted TechVista yesterday, a symposium by MSR to showcase some of the hottest research that’s been happening. The talks were interesting and so were the posters presented by various students from top notch colleges, some of whose research is sponsored by Microsoft.

After the usual keynote, the real talk began by 10.45 AM. The talk was about the “Future of Computing” by Dr. John Hopcroft. It was a very insightful talk with details about ‘the cloud’ that I could relate to; and also about information storing and retrieval in digital form. The next talk was by Dr. Richard Szeliski about “Weaving the World’s Photos”. This talk was more about Photosynth and the technology and algorithms that go behind it. The talk was simply awesome; especially the place when they mentioned about the SIFT and RANSAC algorithms. SIFT determines similar points in 2 photos taken from different angles while RANSAC is able to stitch those points together and form a 3D model of the image. Considering the fact there are 1000s of photos online for a popular place (E.g. Taj Mahal), with photos taken from different angles, the SIFT and RANSAC algorithms brings about the 3D model of the place. Then these points are optimized and the resulting images are stitched together. When pictures are more detailed and where users have tagged those details, these pictures are used when users zoom in and zoom out of the 3D model. It also removes all the “noise” from the photographs and gives an almost seamless 3D experience.

The next talk I attended was by Dr. Shafi Goldwasser about program obfuscation and one-time programs. I could related to this talk because of my very recent experiment 😀 and paid full attention to this talk. I was smiling when one of her slides contained the last paragraph of this blog post from YUI blog. Many points in her slide were eye-opening such as ROKs and the slides that said where obfuscation fails.

It was lunch now. Somehow, most of these conferences mangle up lunch so badly that we want to give out a blood curdling yell. As soon as the morning session talks were over, myself and a few guys walked over to the Professors and were asking them a few doubts. By the time we went for lunch, most of the good dishes were over. So were the desserts 🙁

The talk immediately after lunch was some marketing blah blah about MSR that was putting me to sound sleep. I woke up and went to the poster presentations to check out what the Ph.D students had done. Some of the posters were really cool! I liked the ones on “Understanding the dynamics behind evolution of stable peer-to-peer networks” by Bivas Mitra from IIT-KGP, “Secure Distributed Computation and Communication” by Arpita and Ashish from IITM and PULRP by Deepthi and Kannan from IITB. It was about an hour by the time I finished looking through the posters. With my sleep vanished, I headed to main hall again to check out the next talk.

This talk was about “Computational Camers” by Dr. Shree K Nayar. It was just awesome! When I was college, I did a paper on Digital Image Processing and almost cried because of the complex equations 🙂 All of those were coming back in my head when this talk was going on. May be if I had known earlier, I would have applied for MSR as soon as I had passed out.

With this talk getting over, one of my friends who was a finalist of my batch’s MSAPP had come to the venue. Just as myself, Dhaval and Subhamoy were getting intro’d to him, we delved deep into quantum and relative physics, with a bit of astronomy thrown in. That twisted my brain in some crazy ways. Our discussion happened for more than 2 hours and I learnt a lot more from this discussion than from the ones that were happening inside at this time.

Oh! while I was talking to Subhamoy, he casually mentioned this story. His mobile had fallen in water & when he switched it on, it got short circuited. So, he removed the panels, took the mobile circuit to this lab, found the short circuits and resoldered everything again in their proper places. He is still using that same phone. THAT WAS AWESOME!

All-in-all, it was a day spent very well 😀 I enjoyed every moment to the core.

ICICI Bank’s iMobile website has some of the worst server side validations ever, which is what prompted me to download the mobile app’s JAR file, study it in detail and write this post. According to the website, until the Reserve Bank of India comes out with mobile banking guidelines and approves it, mobile banking is supposed to be halted. Technically, it means that, all existing users shouldn’t be able to use the service what-so-ever and new user signups should be prevented & a notification stating that they should retry later should be shown.

Therefore, in this scenario, I shouldn’t have been able to download the app to my mobile device. The website of ICICI fails in not enforcing this by providing the following ways:

  1. Existing users who have already installed the app are given an option to ‘Upgrade’ from within the mobile app itself. This opens up a webpage in the phone’s native browser, whose URL is http://mobile.icicibank.com/upgrade?version=null.
  2. The actual iMobile website has some stupid javascript validation, which is very easy to bypass using modern browsers. Heck, just by browsing the HTML source code of the page, you will be able to easily find the URL for the application JAR files. Put 2 and 2 together and you will be able to download the app.

Which brings me to explain Step 2 in detail:

On any browser, go to View->Source. This will display the source code of the rendered HTML page. Notice the first <script> tag. It contains many functions & the most important functions to us are “submitForm” and “displayOption”. The line of interest in submitForm method is document.jump1.action="https://infinity.icicibank.co.in/web/apps/"+fileName;. That line pretty much gives away everything. All you have to do is, navigate to the above mentioned URL and append a filename to it for download.

What filename do you have to give and How?

That’s where our displayOption function is very useful. That function contains a set of simple If-Else conditional statements, which have the respective filenames. For e.g. if you want to download “M20P1520ALL1.jar”, then just append it to the URL & access it using the address bar. Therefore, the URL becomes https://infinity.icicibank.co.in/web/apps/M20P1520ALL1.jar 🙂 Being a JAR file, most browsers will display a “Save As” dialog box. Now, just download the file and transfer it to your mobile. The application is fairly straight forward.

Where ICICI Bank failed?

  1. They should have disabled the link mentioned in #1 above and replaced it with some text that says, “RBI mobile banking guidelines blah blah…”. But some clever users will bookmark the link to the JAR file and try to access the JAR file by bypassing the link itself. When they do that, the web server should return a “404 – Resource Not Found” error. Got it? Implementing this is pretty simple.
  2. There shouldn’t have been such a lot of useless javascript on the page. Firstly, they should have removed the device selection drop down box. Secondly, they should have replaced this page with an alternative. Thirdly, this mobile banking link should have been removed in the home page itself. Fourthly, they should have validated on the server for JAR file downloads and should have displayed the “404 – Resource Not Found” error page.
  3. Ok. Leave aside #1 and #2. At least the mobile app should have thrown soft errors when users try to access mobile banking from the JavaME app. Any bank would store all activity data for a certain period of time. So when you access the bank’s service from a mobile device, the server software surely knows about it, which means, the server software should have returned errors to the user instead of allowing the user to do transactions.
  4. There’s one more bug in the app itself. When you launch the app, it will prompt you to sync the data on the device to its servers for faster access the next time. When you click “OK” to synchronize, it will wait for a few minutes and show a message as, “There is no data to synchronize”. When you proceed further and try to access your info, it will again prompt you to sync the data. That’s frustrating. Either you should sync the data properly or you should access the server every time over a secure channel. As simple as that. That’s not followed too.
For me, all these things imply only thing. ICICI wants the existing users to continue using the app, thereby disobeying RBI’s orders or they are having some really bad programmers who don’t know the stuff they are doing. At a time when people fear about Google tracking their internet usage, this is MY/YOUR FINANCIAL INFORMATION, which is at risk Right?

That was a long post already 🙂 We still have some more to go. Lets take a break.

Tea Break Image Credits

Back? Ok 😀 Now, lets dissect the actual JAR file and look into the technical details of its implementation.

The Manifest File:

Rename the .JAR extension to .ZIP extension and extract it to your favourite folder. Open the “META-INF” folder and open the “MANIFEST.MF” file in a text editor. As you will note, it contains lots of very valuable information, especially the socket URLs of various mobile service providers. User agent is also very interesting. When sending HTTP requests through the application, it uses that property for setting the “user-agent” HTTP header. They also have debug strings enabled, which means by snoping around using a good file manager for your mobile, you will be able to get technical errors! thereby, letting us know how the app works itself, what requests it sends, its behaviour etc.

Another important item is, “MIDlet-Name” property in the manifest. This property determines what name the user sees after he installs the app on his mobile. Using the same name, when future upgrades are made available, the app is just replaced in place of the old one, which means, if you modify the “MIDlet-Name” property and install the app again, you will have 2 copies of the same app. THIS SHOULD NEVER BE ALLOWED FOR A HIGHLY CRITICAL FINANCIAL APPLICATION. Isn’t it? As an example, try changing the MIDlet-Name of the Yahoo! Go JAR file and try to install the app again on your mobile. My E51 shows an “Invalid JAR” error message because of MD5 sum checks etc.

Some more Holes:

Now, move back to the folder where the JAR file has been extracted. It contains a bunch of .class files. Pass it through a decompiler. You will get “perfect” java source code files. The code looks obfuscated. But its not obfuscated enough. Anybody will be able to make good sense from the source code. All the URLs, all the used strings and everything else will be clearly visible. By using the app on your mobile side-by-side, you will be easily able to go through the source code. All in all, I wouldn’t use this app anymore until the security measures are tighter.

What should the bank do here?

  1. Shouldn’t allow the installation of 2 apps of the same JAR with different names. Take this example of the Yahoo! Go JAR file.
  2. I guess these mobile providers’ socket URLs are used for a one time basis to send verification SMS. If that be the case, they shouldn’t be present in the manifest file for a variety of reasons that I won’t discuss here.
  3. There’s an interesting property named “WSCDomainName” in the manifest file. I guess it expands to “Web Service Client Domain Name”, though I’m not sure about it. Suggestion: Encrypt the name value pairs.
  4. Most importantly, sign the application using the Java Signed program. C’mon, users are doing financial transactions and a signed app will increase their confidence of using this application.

Suggestion for Users:

Users should install these kinds of apps on their mobile’s inbuilt memory, instead of the memory card. That is, when you connect your phone to the PC in thumb drive mode, all the RMS file stores for the mobile app are clearly visible. There are many decoders available on the internet that can read content from the RMS file stores. When you store this app on your mobile’s inbuilt memory, you can’t read those stores directly and there are a number of checks in place, that prevent reading it.

Thats about it !

Of course, this blog post can’t be termed as a full fledged security analysis. But most of what has been ignored by the bank are mere basics. They must have more secure systems in place.

If you liked this article, kindly do me a favour by digging it. Thanks for your time.

Conversation

September 25th, 2008

Few days ago, I was chatting with a guy in my office. It goes without saying that the guy is far more experienced than me. Myself and my team mate were showing a prototype UI & this conversation happened. Here’s how it went:

Me: Please check this functionality & let us know if you have questions.

Guy: Keeps his left hand on his chin, turns his head slightly, squints at the monitor, pointing his right hand at the webpage & without checking an ounce of functionality, says … The UI doesn’t look good. Make changes to it.

Me: Okay… We are working on it.

Guy: Suddenly stares at me with a blank expression & says … Hey don’t use “div” tag.

Me: (I’m obviously confused) … Why not?

Guy: Stares again and says … Major browsers don’t support it well !!

That hit me – like a brick – on the head and I was dazed for a second. Team mate and myself burst out laughing and walked out of the room 😀

Oh! did I mention that it was supposed to be a “technical” discussion?

Kalari – Oh! yes

September 21st, 2008

Its been about 2 and a half months since I started going to the Kalari classes and I’m still going. Stamina has improved by a good extent and I’m able to note the difference between now and then. I have also started losing fear of sharp weapons such as daggers and vett aruvals. Overall, its been a very nice time every alternate morning for two hours at YMCA Nandanam.

So, what’s been the main driving factor to get me to join Kalari apart from other fitness activities such as gym, yoga etc.?

  1. Yoga and gym are a few days activities at the teacher’s place, which means I have to practice it on my own afterwards. That requires tremendous mental toughness & moreover, altering your schedule to fit in yoga or gym in place of sleep is a tough. Hence, I needed something which would take a long time to master but at the same time I needed to learn the techniques fast enough. Kalari fit this bill easily. For full-time Kalari practitioners, it takes about 13 years to master it. For me, it will take even more, considering that fact that I practice it for just 6-10 hours a week. So, I can learn it for a decade slowly and surely. You also need a master at most times to correct you always. Many programmes disconnect you after the 10 day ritual. For e.g. in Kalari, you need to do a combination of punches, kicks and jumps. First you have to learn to do it. Then, you have to learn to do it well. Then, you have to improve your speed of doing it & fourthly, you have to perfect it & you need the master’s help in all these phases. Otherwise, it cannot be done.
  2. I have this tendency to ask lot of questions during the early days of learning something & I needed a master who will answer those patiently 🙂 Fortunately for me, the master under whom I’m learning now, is very patient and answers in detail about whatever questions I ask, even though they are stupid/silly for most of the time.
  3. I needed a flexible schedule. 10 day programmes are useless here. For a programme to be flexible, it has to happen over a period of time, so that you can always catch up. Here, we have flexible timings ;-). So, if I miss a class or two because of office or anything else, I can catch up during Saturday or Sunday.
  4. I needed a team. Jogging alone or doing yoga alone will seem awesome for a few days. But not for long. You will get bored soon. With Kalari, it doesn’t happen. Three of us (myself and 2 of my school friends) joined & every class is exciting. A fourth person joined & soon, we started practicing in groups of two. During weekends, we have a few experienced guys coming in, who have learned & practiced Kalari for 5-6 years. With them around, it will be awesome!
There are actually lot more reasons for joining Kalari. But I won’t bore you with all that 🙂 so, if you wish to join, contact my master Kumar at +91-98418-97119. He will be able to help you.
Usually people will have too much enthu in the initial days & then they will completely drop off. If you start Kalari and enjoy it, take it slowly. Try to reduce the enthu and ease it into your schedule. Then, it will stay with you for long. I will also try and post a few videos of myself and my friend fighting with bare hands and using a lathi.
Have a great day!

P.S. I have honoured Google Chrome by using writing this post on Chrome 😉 hehehe…

Kalari

July 18th, 2008

Kalari a.k.a Kalaripayattu is a form of traditional martial art that is believed to have originated in Kerala and then spread slowly across the world. Legend says it that, when Saint Parasurama (an incarnation of Lord Vishnu) threw the axe into the Arabian sea, the water receeded until the point of the axe and Kerala was born. To protect this land, Parasurama taught Kalari to 21 saints across the state who have been spreading their knowledge through dedicated disciples since then.

I have been learning Kalari since the last 2 weeks. I have attended five classes so far & I must say that its absolutely great. The best part of learning Kalari is that its fun. And the most basic lesson you get to learn is how to control your mind and get it to a meditative state, where you don’t have to “do” anything and everything happens automatically. Well, you have to be there to understand what I mean 🙂

There are essentially tons of other ways to keep yourself fit and this is one of those amazing pieces that very little people get to learn, very very few get to expertise level and even fewer become true masters. I found an interesting website when I was searching for Kalari videos. The website is http://www.kalari.in/. Go visit it and definitely check out their videos section. Its truly amazing!

Â