It’s been quite a while since I’ve posted here, and to my devout readers I apoligize. As many of you know, this has been my last semester of my undergraduate studies, so I have been very busy over the past few months. This post will hopefully act as a dump of what I’ve been up to and what I will be doing until my next post.

Things I did:

• Developed a method for calling parts of functions to minimize/obfuscate programs
• Worked with Ryan on OSP to get a web based cluster management system integrated into the cluster administration page
• Played with return-to-libc attacks and got them working on the latest version of Ubuntu Linux

Things on the horizon:

• Working full-time for AIS
• Traveling to Iceland for 3 weeks
• Working on a computer security textbook
• Running a marathon in August

It is very weird to me to think that today is the last day of classes for me as a traditional full-time student. I’ve been going to school since I was 5 and it is very weird to think that come August I will not be returning to the classroom as my primary past-time. I am excited to travel and get away from the normal swing of things for a while to reflect on the new changes in my life, and excited to begin working, especially due to the extra leisure time after work.

Peace and chow,

Ranok

Today I finally got around to going through and testing the RC for version 0.3 of Open Server Platform. Everything seemed to work as planned, except for a few known issues that will be fixed in the next release, which should be coming down the pipe soon.

Improvements:

• Added replication nodes to increase fail-safe reliability
• Added commands to the administration console to stop and live migrate applications
• Can use configuration files to assist in the start up of OSP
• Many bug fixes and documentation updates
• The HTTPd servlet example now supports large files and the HEAD command

So, please check it out and let me know what you think!

Peace and chow,

Ranok

After taking off the afternoon due to a migraine, and napping for a few hours until it passed, I was looking over some old projects, and decided to get motivated to work on my various Erlang hackery projects. I checked out a fresh copy of Open Server Platform on my new computer, and decided to hack on it some more. There are a number of loose ends I’d like to tie up before the 0.3 release, but, before I could get down to coding, SVN get my so frustrated that I could no longer deal with it and switched to git, creating a new repository on Github. I will keep the Google Code repository the ‘defacto’ repository, where the safer code gets committed, but use Github for the more bleeding edge development due to it’s simplified branching and merging (among other things).

In the new git setup, I have two branches (aside from master, which follows the SVN repository): otp and no-otp. The no-otp version is currently the stable code that runs just fine, but doesn’t take advantage of Erlang’s OTP framework. The otp branch is the more cutting edge OTP aware version, which I hope to fully migrate to soon. With full support for OTP, I should be able to use an already existing distribution platform, and more battle tested redundancy.

This evening, I fixed a long standing bug in the example HTTPd where the server would crash when opening large files due to a shortcut I took with first implementing the server. Originally, the server would read the entire file into a string and then send that to the client, as you can probably see, there is a problem when the server tries to read in a 3.9 GB file (my test file). Now, my servlet takes a much more sane approach, read in the file 1 kilobyte at time, sending that to the client before reading more. This new approach works perfectly, though I had to add some messiness for handling CGI/PHP files and different MIME types. I also added support for the HTTP HEAD command.

Peace and chow,

Ranok

I admit it, I’ve finally jumped on the Git bandwagon. After toying with SVN and Darcs, I was convinced when I saw a screen-cast about branching and merging and how it makes the kind of random, skitzo programming that I do very easy and very maintainable. I started using it at work to keep track of some files as a test and finally bit the bullet and signed up for a GitHub account. Once I had gotten setup, I made a few repositories to upload some code I had made for my high school senior project, code that I haven’t looked at in years and probably never will again. Then I decided to share something a bit more exciting, Wiki Wide Web’s bleeding edge source code. After some quick review to ensure I cleared the code of any hard coded passwords, I committed the source.

One thing I like about putting your code on a site like GitHub is that it guilts you into cleaning it up. If you hope that people are going to see it, then you feel slightly pushed to make an effort to clean it up. That pressure lead me to add some installation instructions and a make file for the Firefox extension, and clean up some code.

Peace and chow,

Ranok

I just made the discovery the other day that I’ve been on co-op for over a month, and time shows no sign of slowing down! For those of you who haven’t had the delight of hearing me expound on how much I love my co-op, I have really found a place where I fit in, am challenged everyday, and don’t have to do any tedious work, just cutting edge security research!

Anyways, now that I’ve gotten that over with, I was up at Clarkson the other week for the career fair, and I went up the night before for the COSI meeting. That evening a new member introduced a new project to add easy to use AI libraries to the Processing language. I thought that is might be a good idea to take a look at AI stuff before I take the class when I return, so I’m excited to dive in and learn what I can! Also, after learning how little I really know about virtualization, and seeing how popular it is, I thought I’d like to jump on the bandwagon and learn about it. Last night I bought Running Xen and its sister book The Definitive Guide to Xen and I proposed (through Zach) that to learn more about it, I’d like to form a rag tag groups of hackers and write our own, open-source virtualization application, whatever that entails. I hope to post soon as I start learning what I’m in for.

Peace and chow,

Ranok