• Atheist bus? What's wrong with you people?

    An atheist campaign?

    Absolutely despicable. What else can I say? Even though I'm an atheist and I do agree that religion is doing as much harm as good, I'm totally against the idea of atheists trying to propagate their thoughts by putting up banners everywhere. If you're going to express your atheism in an in-your-face manner, you have no moral right to blame missionaries from the Church (or whatever) for what they're doing (this statement has been made with reference to a comment on one such 'Atheist bus' blog). Talk about hypocrisy! I pride in being an atheist and I like keeping quiet about it. I only react when I'm provoked or when someone tries to stuff their beliefs down my throat. Come to me and tell me something like, "Hey, I wonder how you survive without any faith... Don't you ever feel like visiting a temple?... How do you appear for an exam without asking for God's support?... etc", and I will definitely give you an overdose of what I think and a few more things (a kick in the nuts perhaps) as a token of my appreciation. I don't know what this is about people trying to tell the entire world about their faith in God (or lack thereof). Can't we all keep quiet about this? Isn't it inevitable that no one's ever going to agree on religion, especially in a country like India where everything seems to revolve around it.

    Religion is something that you can't prove right or wrong, but that which you choose to believe is right. If you know you're right, why the heck do you care about those around you? Just get on with your own lives...

  • Sun Tech Days 2009

    Sun Tech Days 2009 is a wonderful opportunity to interact with technology experts from around the world, and a cool place to meet up with developers working on your favourite projects! So what're you waiting for? Sign up already!

    I'll be there for sure, and will be attending as many OpenSolaris and OHAC sessions as possible . See you all at Hyderabad!

  • Stumbling away....

    After working on HA-Cron all day, and making pretty good progress, I decided to call it a day and thought I'd stumble for a while. Here are some interesting links I stumbled into :). Enjoy!





    And this one surely takes the cake...


  • Upgrading from Etch to Lenny

    It's the first day of the new year, and amidst the hassle of being one of the admins conducting the online semester registration for the students, I decided to upgrade my ageing Debian Etch to it's testing release, Debian Lenny. Upgrading from one version to another has never been so easy! Just go through the following steps.

    $: sudo vim /etc/apt/sources.list

    Now replace every occurrence of 'etch' with 'lenny'. To be on the safer side, comment out all 3rd party repositories as Lenny is still in testing.


    $: sudo apt-get update

    $: sudo apt-get dist-upgrade

    You might have to do the dist-upgrade step a couple of times till it upgrades no further. I know some people have had problems while trying to do an Etch->Lenny upgrade, but things have been quite OK for me. If you're not using one of the Debian packaged kernels (you built your own kernel from source), make sure apt-get doesn't override your kernel headers. In case it does, and you notice that some of your device drivers are acting up, just go through the following steps:

    $: cd /usr/src/linux

    (if you don't have the symlink, cd into wherever your kernel is!)

    $: sudo make headers_install

    Although I didn't have to do the last step, I believe it should solve your device driver issues after your upgrade, if any. Do correct me otherwise.

    And yes, almost forgot...

    Happy New Year everyone!

  • LOL, ROTFL and WTF: My Winter Vacation

    Tomorrow night I shall be on a train back to Jaipur. The wait has been long, and somehow, it has made the fruit taste better. My dedication to my work has made me anything other than a social animal, and unlike everyone else I know, I've spent this vacation going through research papers and publications (71 in total!) and I think I've finally found my unique idea which I'll be presenting for the HP Innovate awards (will give you the prelude to it shortly). I've got to say I've learnt a lot but heck, I guess I missed out on a lot of other things. I still had my share of fun to say. I had a great time with my cousins who were here in Palakkad for the holidays, especially during the engagement function of one of them. I also met some of my friends from school, and during our class reunion which was held on Christmas, I met many more of them. I had rabbit meat for the first time during the marathon of a lunch that we had. :)

    I've also submitted two project proposals for Sun's Code For Freedom (CFF) contest. I'll be developing high availability agents for Zabbix and Cron, so that they may work off the box on the Open High Availability Cluster suite. I'll be coding over the GDS (Generic Data Service) template, that allows you to code without having to deal with the cluster framework. So all you have to do, is focus on starting, stopping, probing and validating the application you're developing the agent for. Sounds easy? I'll only know for myself once I start work. So you'll be seeing a lot of technical posts throughout my coming semester. (There go my readers I guess)

    Apart from CFF, the other thing that's going to keep me busy through the coming months is the research paper I'm working on for the HP Innovate awards. We all know the kind of havoc that crackers wreck on networks across the world. Commercial Banks have reported losses in the order of billions of dollars due to cyber attacks on their servers. To detect such attacks, we have things called Intrusion Detection Systems (IDSs). But then again, conventional IDSs are based on signatures. A signature is a string developed out of some particular parameters, that distinguish one attack from others. The problem here is, if the IDS doesn't have the signature for an attack, it's not going to detect the intrusion itself, and this is where signature based systems completely fail. If this is going over your heads, let me take a more common example. All of you know what an Anti Virus suite is right? You do know that without 'updating your virus definitions' your system is vulnerable right? So that's what I'm talking about. Anti virus software are based on signatures.

    It's not very difficult for the attacker to make minor modifications to an attack so as to get it's signature changed. As far as viruses are concerned, it's real easy to add useless code that will get the virus' signature altered. Consider a virus' code, being executed as assembly language instructions (this isn't proper code ok?):

    00 Original Code...

    01 Original Code...




    N Original Code...

    Now the above piece of code will give you a signature we'll call ABC. Now if your anti virus has this signature ABC, it will be able to detect the above virus. Now look at the modification I'm making here.

    00 Original Code...

    01 Original Code...



    K MOV <Some register>, <some value>

    L MOV <Some register>, <some other register>



    N+2 Original Code...

    Now the above piece of code has two new instructions in between it that needn't serve any purpose whatsoever (known as 'dummy code'). All I have to do is insert this kind of code in between different parts of my program, without worrying about changing the program's functionality. But this virus will now have a different signature, and the anti virus won't be able to detect it inspite of having the signature ABC of a virus which does the same thing.

    The same kind of little tricks go toward bamboozling IDSs as well. So hence, we need to move away from signature based systems, towards an era of intelligent, anomaly based IDSs. So I'm basically working on the application of AI to such IDSs for the HP Innovate awards.

    I’ll be writing about all these as and when I’m working on them. Right now, I feel like playing Tekken 5. So adios…