• Stumbling away....

    After working on HA-Cron all day, and making pretty good progress, I decided to call it a day and thought I'd stumble for a while. Here are some interesting links I stumbled into :). Enjoy!





    And this one surely takes the cake...


  • Upgrading from Etch to Lenny

    It's the first day of the new year, and amidst the hassle of being one of the admins conducting the online semester registration for the students, I decided to upgrade my ageing Debian Etch to it's testing release, Debian Lenny. Upgrading from one version to another has never been so easy! Just go through the following steps.

    $: sudo vim /etc/apt/sources.list

    Now replace every occurrence of 'etch' with 'lenny'. To be on the safer side, comment out all 3rd party repositories as Lenny is still in testing.


    $: sudo apt-get update

    $: sudo apt-get dist-upgrade

    You might have to do the dist-upgrade step a couple of times till it upgrades no further. I know some people have had problems while trying to do an Etch->Lenny upgrade, but things have been quite OK for me. If you're not using one of the Debian packaged kernels (you built your own kernel from source), make sure apt-get doesn't override your kernel headers. In case it does, and you notice that some of your device drivers are acting up, just go through the following steps:

    $: cd /usr/src/linux

    (if you don't have the symlink, cd into wherever your kernel is!)

    $: sudo make headers_install

    Although I didn't have to do the last step, I believe it should solve your device driver issues after your upgrade, if any. Do correct me otherwise.

    And yes, almost forgot...

    Happy New Year everyone!

  • LOL, ROTFL and WTF: My Winter Vacation

    Tomorrow night I shall be on a train back to Jaipur. The wait has been long, and somehow, it has made the fruit taste better. My dedication to my work has made me anything other than a social animal, and unlike everyone else I know, I've spent this vacation going through research papers and publications (71 in total!) and I think I've finally found my unique idea which I'll be presenting for the HP Innovate awards (will give you the prelude to it shortly). I've got to say I've learnt a lot but heck, I guess I missed out on a lot of other things. I still had my share of fun to say. I had a great time with my cousins who were here in Palakkad for the holidays, especially during the engagement function of one of them. I also met some of my friends from school, and during our class reunion which was held on Christmas, I met many more of them. I had rabbit meat for the first time during the marathon of a lunch that we had. :)

    I've also submitted two project proposals for Sun's Code For Freedom (CFF) contest. I'll be developing high availability agents for Zabbix and Cron, so that they may work off the box on the Open High Availability Cluster suite. I'll be coding over the GDS (Generic Data Service) template, that allows you to code without having to deal with the cluster framework. So all you have to do, is focus on starting, stopping, probing and validating the application you're developing the agent for. Sounds easy? I'll only know for myself once I start work. So you'll be seeing a lot of technical posts throughout my coming semester. (There go my readers I guess)

    Apart from CFF, the other thing that's going to keep me busy through the coming months is the research paper I'm working on for the HP Innovate awards. We all know the kind of havoc that crackers wreck on networks across the world. Commercial Banks have reported losses in the order of billions of dollars due to cyber attacks on their servers. To detect such attacks, we have things called Intrusion Detection Systems (IDSs). But then again, conventional IDSs are based on signatures. A signature is a string developed out of some particular parameters, that distinguish one attack from others. The problem here is, if the IDS doesn't have the signature for an attack, it's not going to detect the intrusion itself, and this is where signature based systems completely fail. If this is going over your heads, let me take a more common example. All of you know what an Anti Virus suite is right? You do know that without 'updating your virus definitions' your system is vulnerable right? So that's what I'm talking about. Anti virus software are based on signatures.

    It's not very difficult for the attacker to make minor modifications to an attack so as to get it's signature changed. As far as viruses are concerned, it's real easy to add useless code that will get the virus' signature altered. Consider a virus' code, being executed as assembly language instructions (this isn't proper code ok?):

    00 Original Code...

    01 Original Code...




    N Original Code...

    Now the above piece of code will give you a signature we'll call ABC. Now if your anti virus has this signature ABC, it will be able to detect the above virus. Now look at the modification I'm making here.

    00 Original Code...

    01 Original Code...



    K MOV <Some register>, <some value>

    L MOV <Some register>, <some other register>



    N+2 Original Code...

    Now the above piece of code has two new instructions in between it that needn't serve any purpose whatsoever (known as 'dummy code'). All I have to do is insert this kind of code in between different parts of my program, without worrying about changing the program's functionality. But this virus will now have a different signature, and the anti virus won't be able to detect it inspite of having the signature ABC of a virus which does the same thing.

    The same kind of little tricks go toward bamboozling IDSs as well. So hence, we need to move away from signature based systems, towards an era of intelligent, anomaly based IDSs. So I'm basically working on the application of AI to such IDSs for the HP Innovate awards.

    I’ll be writing about all these as and when I’m working on them. Right now, I feel like playing Tekken 5. So adios…

  • You know you're bored when...

    So it's been nearly two weeks since I got home and the endurance test conducted by a seemingly dead dial-up connection, lack of good channels on cable TV and the inability to work properly seems to be setting in. So here's a thesis straight from the guinea pig himself...

    You know you're bored when:

    -> you spend a lot of time going through research papers and the only question that your efforts seem to bear is, "WTF?"

    -> you wonder if gravity will prevent you from falling off the earth, if it were flat.

    -> you're trying to set high scores in 'Raging Blades' on your PS2.

    (Haven't heard of it? That's exactly what I'm talking about.)

    -> you actually 'tune into' a show on Animal Planet.

    -> you consider helping the investigators working on the Pakistani hand in the Mumbai Terror attacks because --> you think that Pakistan is being framed because --> highly trained terrorists don't use entirely Pakistani made Kalashnikovs and don't leave evidence like Pakistani branded toothpaste, shaving cream and other stuff on a hijacked ship and give away their roots that easily and the only reason they'd do this is because --> they want an Indo-Pak war so as to get Pakistani troops off the north-west frontier because --> that's where the Taliban remnants in Pakistan are based.

    (The frequency of occurrence of the word 'because' here is directly and exponentially proportional to the amount of time spent thinking on this issue)

    -> you write an article on the Mumbai seige and then decide not to put it up because it's even more boring than your own life now.

    -> you're actually chatting with maggots because no one else is online on GTalk.

    -> you finally get tired of chatting with maggots and log in to Orkut after 8 months so as to check your scraps.

    -> you then revert back to research papers because you think artificial intelligence and network intrusion detection systems go well together; this inspite of the fact that you don't know shit about either.

    -> you actually watch shows where an assortment of losers from around the country dedicated to loserness fight it out for the ultimate award in loserdom (MTV Roadies).

    -> you start wishing you'd auditioned for the above mentioned adventure show, even though you can't go beyond 10 push-ups and the closest you ever get to physical activity in your day to day life is typing on a keyboard and blinking.

    -> you realise you're too lazy to go for the auditions and wonder if they'd conduct telephonic interviews.

    -> you think of the possibility of you being a loser because you actually thought of auditioning for the above.

    -> you then switch to the Discovery Channel and watch 'Amazing Baby Videos' for a solid 5 minutes.

    -> you then realise how badly you loathe noisy babies and try to connect them to global warming and crop circles, fail miserably at the attempt and hence proceed to hate babies even more.

    -> you've renamed every song file in your laptop in a 'Artist: Song' format and sorted them into directories on the basis of 'Artist'.

    -> you're anxious to know your grades. (This is serious)

    -> you're solving Sudoku puzzles.

    -> you decide to visit all your grand uncles and aunts, even though you're sure you don't know them and you're not sure if their EXIST property is 1.

    -> you suddenly start using programming languages in your vocab like the end of the above sentence.

    -> you actually blog about ways to tell if you're bored.


  • The September Rush

    Ok, so it's been a long time since I blogged, but this month has without any doubt been one of the most hectic times of my life. The first mid term examinations had just been done with and everyone had let out sighs of relief. But with a lot more evangelizing left to be done and SFD looming around the corner, I had to spring into action. Me and Saurabh, the CA from BITS-Pilani had agreed during our induction training programme in Bangalore, that we'd collaborate for all major events and pretty soon, we had our plans set and it was decided that BITS-Pilani would host the Rajasthan Wide Software Freedom Day Celebrations, 2008. I quickly called for a meeting with my group and informed them about my plans for SFD and what it's all about. We formed a group of coordinators and a group of volunteers. We decided to conduct Software Freedom Week, with a series of sessions for 5 days and quizzes after each session based on it. We decided to give away prizes (headphones) to the daily winners from each year and USB sticks to grand winners. Furthermore, all that'll be taught during the sessions will be taught by means of a lab session so that students get a hands on feel of things. We also agreed to hire a bus to take 50 students to BITS-Pilani for the Rajasthan Wide SFD Celebrations on the 21st of September. This was our first objective.

    I'll give you all a little background before I write about our second objective for SFW. The main problem with Rajasthan is that students focus so much on clearing the engineering entrance examinations like the IIT-JEE and AIEEE, that they forget to think beyond that and they choose an engineering stream bubbling with misconceptions, the most common and disturbing one of which, is that of Computer Engineering and Electronics being the 'best branches' and branches like Civil Engineering being 'lower branches'. It can't any more wrong than this. There is nothing as a better branch or a worse branch when it comes to the field of engineering and the only thing that matters is interest. If one lacks that, it's pretty certain that he or she will not end up being a good engineer because this is a profession into which thousands of students graduate every year. Considering the limited number of jobs in the industry, only those who stand out end up being successful out there and to stand out, one needs to have a level of enthusiasm when it comes to excelling in his field. My institute is plagued with students who've picked certain branches without genuine interest and this is mostly prevalent in the Computer Engineering and Electronics Department. Most of them just want to get through with their four years and walk away with their degree. Our country produces only a two digit number of PhDs in the field of Computer Science compared to a 4 digit number of the same from China. Why is this? I guess I've already shown you all where the roots of the problem lie.

    So my aim during Software Freedom Week was to visit as many schools as possible and clear the said misconceptions after talking about FOSS. I talked in Subodh Higher Secondary school about the world of open source for about 45 minutes. When I was done with answering questions, I went on to my next objective and asked the crowd of 250 assembled before me, “How many of you are going to pursue engineering?” Nearly 70% of the crowd raised their hands. My next question was, “How many of you consider Computer Engineering and Electronics as the best branches?” and I was shocked to see the same hands being raised. I asked them one by one why they thought so and they gave me very unsatisfying answers like there being more opportunities in the field of computers and that one can do anything they want with computers but not with other disciplines. I silenced each student with one argument each and told them about how important every branch is and what kind of students should pursue computer engineering and the doors of opportunities that it provides to. After four students, I repeated my last question again. This time, not a single hand was raised. )

    Subodh school also readily agreed to join hands with MOSUM in our FOSS Learning Connection where we'll visit students from their school occasionally and teach them how to work with open source technologies so that they may be inspired enough to excel in the field of computer science. I hope we can tap into some unseen potential by means of our endeavour. And I'm being told by my other coordinators that some other schools have also agreed to this initiative of ours.

    The sessions within our institution began yesterday with a turnout of 70 students for my first talk. I believe I've succeeded in convincing them about the plethora of benefits that these technologies offer young students like ourselves and the edge it offers us when it comes to working in the industry one day. Let's hope the rest of the week is as blissful as it has been till date. With these thoughts, I get back to reading the OHAC documentation so I'm well prepared for the talk I'll be giving at BITS this weekend.