• LOL, ROTFL and WTF: My Winter Vacation

    Tomorrow night I shall be on a train back to Jaipur. The wait has been long, and somehow, it has made the fruit taste better. My dedication to my work has made me anything other than a social animal, and unlike everyone else I know, I've spent this vacation going through research papers and publications (71 in total!) and I think I've finally found my unique idea which I'll be presenting for the HP Innovate awards (will give you the prelude to it shortly). I've got to say I've learnt a lot but heck, I guess I missed out on a lot of other things. I still had my share of fun to say. I had a great time with my cousins who were here in Palakkad for the holidays, especially during the engagement function of one of them. I also met some of my friends from school, and during our class reunion which was held on Christmas, I met many more of them. I had rabbit meat for the first time during the marathon of a lunch that we had. :)

    I've also submitted two project proposals for Sun's Code For Freedom (CFF) contest. I'll be developing high availability agents for Zabbix and Cron, so that they may work off the box on the Open High Availability Cluster suite. I'll be coding over the GDS (Generic Data Service) template, that allows you to code without having to deal with the cluster framework. So all you have to do, is focus on starting, stopping, probing and validating the application you're developing the agent for. Sounds easy? I'll only know for myself once I start work. So you'll be seeing a lot of technical posts throughout my coming semester. (There go my readers I guess)

    Apart from CFF, the other thing that's going to keep me busy through the coming months is the research paper I'm working on for the HP Innovate awards. We all know the kind of havoc that crackers wreck on networks across the world. Commercial Banks have reported losses in the order of billions of dollars due to cyber attacks on their servers. To detect such attacks, we have things called Intrusion Detection Systems (IDSs). But then again, conventional IDSs are based on signatures. A signature is a string developed out of some particular parameters, that distinguish one attack from others. The problem here is, if the IDS doesn't have the signature for an attack, it's not going to detect the intrusion itself, and this is where signature based systems completely fail. If this is going over your heads, let me take a more common example. All of you know what an Anti Virus suite is right? You do know that without 'updating your virus definitions' your system is vulnerable right? So that's what I'm talking about. Anti virus software are based on signatures.

    It's not very difficult for the attacker to make minor modifications to an attack so as to get it's signature changed. As far as viruses are concerned, it's real easy to add useless code that will get the virus' signature altered. Consider a virus' code, being executed as assembly language instructions (this isn't proper code ok?):

    00 Original Code...

    01 Original Code...

    .

    .

    .

    N Original Code...

    Now the above piece of code will give you a signature we'll call ABC. Now if your anti virus has this signature ABC, it will be able to detect the above virus. Now look at the modification I'm making here.

    00 Original Code...

    01 Original Code...

    .

    .

    K MOV <Some register>, <some value>

    L MOV <Some register>, <some other register>

    .

    .

    N+2 Original Code...

    Now the above piece of code has two new instructions in between it that needn't serve any purpose whatsoever (known as 'dummy code'). All I have to do is insert this kind of code in between different parts of my program, without worrying about changing the program's functionality. But this virus will now have a different signature, and the anti virus won't be able to detect it inspite of having the signature ABC of a virus which does the same thing.

    The same kind of little tricks go toward bamboozling IDSs as well. So hence, we need to move away from signature based systems, towards an era of intelligent, anomaly based IDSs. So I'm basically working on the application of AI to such IDSs for the HP Innovate awards.

    I’ll be writing about all these as and when I’m working on them. Right now, I feel like playing Tekken 5. So adios…

  • You know you're bored when...

    So it's been nearly two weeks since I got home and the endurance test conducted by a seemingly dead dial-up connection, lack of good channels on cable TV and the inability to work properly seems to be setting in. So here's a thesis straight from the guinea pig himself...

    You know you're bored when:

    -> you spend a lot of time going through research papers and the only question that your efforts seem to bear is, "WTF?"

    -> you wonder if gravity will prevent you from falling off the earth, if it were flat.

    -> you're trying to set high scores in 'Raging Blades' on your PS2.

    (Haven't heard of it? That's exactly what I'm talking about.)

    -> you actually 'tune into' a show on Animal Planet.

    -> you consider helping the investigators working on the Pakistani hand in the Mumbai Terror attacks because --> you think that Pakistan is being framed because --> highly trained terrorists don't use entirely Pakistani made Kalashnikovs and don't leave evidence like Pakistani branded toothpaste, shaving cream and other stuff on a hijacked ship and give away their roots that easily and the only reason they'd do this is because --> they want an Indo-Pak war so as to get Pakistani troops off the north-west frontier because --> that's where the Taliban remnants in Pakistan are based.

    (The frequency of occurrence of the word 'because' here is directly and exponentially proportional to the amount of time spent thinking on this issue)

    -> you write an article on the Mumbai seige and then decide not to put it up because it's even more boring than your own life now.

    -> you're actually chatting with maggots because no one else is online on GTalk.

    -> you finally get tired of chatting with maggots and log in to Orkut after 8 months so as to check your scraps.

    -> you then revert back to research papers because you think artificial intelligence and network intrusion detection systems go well together; this inspite of the fact that you don't know shit about either.

    -> you actually watch shows where an assortment of losers from around the country dedicated to loserness fight it out for the ultimate award in loserdom (MTV Roadies).

    -> you start wishing you'd auditioned for the above mentioned adventure show, even though you can't go beyond 10 push-ups and the closest you ever get to physical activity in your day to day life is typing on a keyboard and blinking.

    -> you realise you're too lazy to go for the auditions and wonder if they'd conduct telephonic interviews.

    -> you think of the possibility of you being a loser because you actually thought of auditioning for the above.

    -> you then switch to the Discovery Channel and watch 'Amazing Baby Videos' for a solid 5 minutes.

    -> you then realise how badly you loathe noisy babies and try to connect them to global warming and crop circles, fail miserably at the attempt and hence proceed to hate babies even more.

    -> you've renamed every song file in your laptop in a 'Artist: Song' format and sorted them into directories on the basis of 'Artist'.

    -> you're anxious to know your grades. (This is serious)

    -> you're solving Sudoku puzzles.

    -> you decide to visit all your grand uncles and aunts, even though you're sure you don't know them and you're not sure if their EXIST property is 1.

    -> you suddenly start using programming languages in your vocab like the end of the above sentence.

    -> you actually blog about ways to tell if you're bored.

    Zzzzz....

  • The September Rush

    Ok, so it's been a long time since I blogged, but this month has without any doubt been one of the most hectic times of my life. The first mid term examinations had just been done with and everyone had let out sighs of relief. But with a lot more evangelizing left to be done and SFD looming around the corner, I had to spring into action. Me and Saurabh, the CA from BITS-Pilani had agreed during our induction training programme in Bangalore, that we'd collaborate for all major events and pretty soon, we had our plans set and it was decided that BITS-Pilani would host the Rajasthan Wide Software Freedom Day Celebrations, 2008. I quickly called for a meeting with my group and informed them about my plans for SFD and what it's all about. We formed a group of coordinators and a group of volunteers. We decided to conduct Software Freedom Week, with a series of sessions for 5 days and quizzes after each session based on it. We decided to give away prizes (headphones) to the daily winners from each year and USB sticks to grand winners. Furthermore, all that'll be taught during the sessions will be taught by means of a lab session so that students get a hands on feel of things. We also agreed to hire a bus to take 50 students to BITS-Pilani for the Rajasthan Wide SFD Celebrations on the 21st of September. This was our first objective.

    I'll give you all a little background before I write about our second objective for SFW. The main problem with Rajasthan is that students focus so much on clearing the engineering entrance examinations like the IIT-JEE and AIEEE, that they forget to think beyond that and they choose an engineering stream bubbling with misconceptions, the most common and disturbing one of which, is that of Computer Engineering and Electronics being the 'best branches' and branches like Civil Engineering being 'lower branches'. It can't any more wrong than this. There is nothing as a better branch or a worse branch when it comes to the field of engineering and the only thing that matters is interest. If one lacks that, it's pretty certain that he or she will not end up being a good engineer because this is a profession into which thousands of students graduate every year. Considering the limited number of jobs in the industry, only those who stand out end up being successful out there and to stand out, one needs to have a level of enthusiasm when it comes to excelling in his field. My institute is plagued with students who've picked certain branches without genuine interest and this is mostly prevalent in the Computer Engineering and Electronics Department. Most of them just want to get through with their four years and walk away with their degree. Our country produces only a two digit number of PhDs in the field of Computer Science compared to a 4 digit number of the same from China. Why is this? I guess I've already shown you all where the roots of the problem lie.

    So my aim during Software Freedom Week was to visit as many schools as possible and clear the said misconceptions after talking about FOSS. I talked in Subodh Higher Secondary school about the world of open source for about 45 minutes. When I was done with answering questions, I went on to my next objective and asked the crowd of 250 assembled before me, “How many of you are going to pursue engineering?” Nearly 70% of the crowd raised their hands. My next question was, “How many of you consider Computer Engineering and Electronics as the best branches?” and I was shocked to see the same hands being raised. I asked them one by one why they thought so and they gave me very unsatisfying answers like there being more opportunities in the field of computers and that one can do anything they want with computers but not with other disciplines. I silenced each student with one argument each and told them about how important every branch is and what kind of students should pursue computer engineering and the doors of opportunities that it provides to. After four students, I repeated my last question again. This time, not a single hand was raised. )

    Subodh school also readily agreed to join hands with MOSUM in our FOSS Learning Connection where we'll visit students from their school occasionally and teach them how to work with open source technologies so that they may be inspired enough to excel in the field of computer science. I hope we can tap into some unseen potential by means of our endeavour. And I'm being told by my other coordinators that some other schools have also agreed to this initiative of ours.

    The sessions within our institution began yesterday with a turnout of 70 students for my first talk. I believe I've succeeded in convincing them about the plethora of benefits that these technologies offer young students like ourselves and the edge it offers us when it comes to working in the industry one day. Let's hope the rest of the week is as blissful as it has been till date. With these thoughts, I get back to reading the OHAC documentation so I'm well prepared for the talk I'll be giving at BITS this weekend.

  • Week 1 as CA: Two sessions, a deal and bucketfuls of hope

    It's been ages since I put up a post so I guess it's time I come over and clear the cobwebs. It's been a pretty hectic week and a half since I got back from my CA induction training programme in Bangalore and I think I did quite a bit during the first week.

    One thing I always intended on doing as CA of my institute is to nuke everyone's misconceptions on the open source ideology and the technologies that are associated with it. Contrary to what a lot of people think, open source is not a toy which is meant only for the lifeless geeks living in their basements with their computers. I don't think an end user needs to wonder how a technology is made as long as he can use it without any worries right? When's the last time you asked yourself how your bathing soap was manufactured and what chemicals go into it's making?

    Open source has enough for everyone. If you're a developer, there's a whole lot of knowledge (which by extrapolation is source code) out their waiting to be hacked by you. If you're an end user, there's a lot of amazing software that can get your productivity up and running. Quality products and a healthy ecosystem where the developers interact more or less directly with the users is precisely what open source offers us. No middle layers, no sweet blondes from customer care centers, no nothing. People should embrace open source and experience the sheer awesomeness that comes bundled with it. And the best part of it is that it's all free! So what're you waiting for? Like Abhishek says, it's the age of participation, let's all participate!

    Said and done, the aim of my first session was to enlighten people about what the world of open source offers them and why it's just plain better than their proprietary counterparts. I'd scheduled it for the 5th of August, a Tuesday and I'd gone through the routine of booking my department's seminar hall. But as luck would have it, the intended target of my audience, which was essentially 2nd years and 1st years, had their darned library card issuing on that very date. I've always hated the institute librarian ever since the day he kicked me and my ex out of the library for having a chat in the reading section. What a turd. I thought I forgot how much I hated him until this. He never put up a notice up in our department regarding the card issuing and hence, I didn't come to know. Even the juniors themselves were informed like 5 hours before my session started. But I decided to move ahead with the plan.

    Surprisingly, I still got an attendance of around 35 students which included a fair mix of 1st, 2nd and 3rd yearites who decided NOT to get their cards issued because it's a well known fact that our library could be turned into a historical museum, considering how outdated our books are. Most third years didn't turn up because for some strange reason, they all felt they've already been enlightened. I wonder why they all still use Windows and TurboC then. Last I remember, Windows was proprietary wasn't it? Maybe it's changed. They'd know better I guess.

    But I'm proud to say that every single student who were present that day told me how they just got a whole new insight on what open source actually was! It's better to know nothing than to know half of it, I've always told myself and that was the case with them all. They all insisted I get on with teaching them about these technologies ASAP and I'm convinced that the technology itself, and the ideology will partner well in driving these guys and gals forward.

    Meanwhile, I came to know that some our students are organising a purely technical fest during the 3rd week of October, here in our institute. Before I knew it, they came running asking me to organise a programming contest. I wasn't really interested, but I saw this a golden opportunity and hence, I agreed do it for them IF and only IF they gave me at least two hours to conduct a workshop on Sun's technologies during the fest and hence, we had a deal. :)

    My next session was held on the morning of Sunday the 10th. This time, I made sure that the librarian wouldn't interfere because that wretched fortress of his, stays closed on holidays :). I'd decided to divide my session into two, first with a talk on the Sun Academic Initiative and second with an introduction to the Unix environment. Booking the seminar hall for a weekend, especially after going through the hassle of being permitted to keep the keys wasn't easy and this clearly meant that I couldn't postpone this session if something was to go wrong. And heck, all the first years decided to go home for a week long mass bunk! My rotten luck just wasn't going to have enough of me.

    The third years, yet again, decided they were good enough with Linux and whatever, so they didn't need an 'introduction' to the Unix environment. And just for the record, one of my batchies came to my room while I was typing this blog entry asking me for some help with an assignment and he then had this to say before he left, “Hey yaar, please tell me how I can learn Linux and all that. I think I need to do so badly.”

    Strange, and in spite of all the notices I'd put up and the 'word of mouth' publicity I'd given my sessions, this dude didn't turn up. Sad.

    But the best part of it was that forty second years attended my talk! There were five third years apart from this and a first year as well. At the end of my talk, I was taken aback by the enthusiasm my juniors showed. All of them wanted to get started with working on Linux and Solaris. They even asked me to conduct an install fest ASAP!

    While I showed everyone my Debian GNU/Linux for the Unix commands, I kept giving people hints of what to expect in Open Solaris. Every now and then, when I have a conversation with a junior about Linux, I tell him something like 'so and so is better in solaris' and stuff like that. Everyone was particularly amazed by pre-emptive self healing :). I intend on building up this curiosity till the end of this month and then unleashing Open Solaris on them in September itself, after I myself, am comfortable with it. :)

    The response I received from my juniors has given me a sense of hope, that one day, my institute can boast a large number of Linux and Open Solaris users and that we will have enough students in the developer communities out there. I see it as my responsibility to bring M-OSUM (MNIT Open Source User Mesh) to a height such that my successor doesn't have to do much work!

    I guess I see the light at the end of the tunnel now, hope the road ahead proves to be smooth enough.

    Cheers!

  • The longest twenty days of my life comes to an end...

    In two days from now, I'll be on a train to Jaipur after long last. While anyone else would be sad that they could spend only twenty days at home, I beg to differ. I for one, am a person who doesn't like to remain 'idle'. I was advised time and again to just sit back and relax through whatever little is left of my vacation. Time not only flies when you're having fun, it also soars when you're busy with something or the other. In all other cases, it's just as fast as a cheetah who's been run over by an 18 wheeler and then eaten up by a pack of vultures. Anyway, the point is, I've never experienced boredom of this order before. Barring a day or two, my friends were never around and neither were my cousins. My mom insisted I go visit all those old people (her uncles and aunts) who live in remote corners of the planet. But visiting old people ain't exactly my idea of a fun filled rollercoaster ride of a vacation you know? Yeah, call me a brat. See if I care...

    To add enriched nuclear fuel to the fire, I couldn't work on my laptop. Why? Because of all the things I'd forgotten to do back from college, I forgot to configure my Debian for using the dial-up connection I have at home. And since I didn't have a pen drive to transfer content between my PC and my laptop, I was pretty much stuck. And if you didn't know, trying to work/hack on Windows is as good as trying to dance without feet. When the Google Code Jam happened yesterday, I couldn't submit my code because of this. I'd successfully solved one of the problems which was enough for me to qualify but darn.

    On the bright side, I learnt python through that problem. I ain't that good a programmer and I'm still learning. As of now, I'm pretty much in love with python and this could be the one language I've been looking for since quite a while. An elegant combination of simplicity (near english like syntax) and power (very good built in datatypes and methods) is exactly what the doctor ordered in my case because I'm someone who wants to easily implement an algorithm without having to work out low level details. Haskell is the God of languages in this case which I'll come to shortly. And yes, I'm a lazy sloth.

    During these three weeks, I tried my hand out in a lot of other things as well such as Perl, linux socket programming, linux driver coding, trivial kernel hacking and lastly, Haskell. Haskell is one thing that's impressed me a lot. Thanks Vivi for introducing me to it. Haskell is a purely functional programming language. To learn Haskell, you basically have to unlearn whatever programming you already know, and then learn it again from scratch. But learning Haskell makes you re-think and improve your programming methodology it seems. I didn't read too much on it because I couldn't download the Hugs compiler till I get back to college. No point learning if you can't try out code yourself, is there? Some ten/nine pointers I know would disagree :D . Anyways, Haskell works at a very high level compared to languages like C. Hence, you can do a quicksort in just one line! Yes, one line and thats it. Brilliant eh? Here's how it looks like...

    qsort [] = []

    qsort (x:xs) = qsort (filter (< x) xs) ++ [x] ++ qsort (filter (>= x) xs)

    The first line means, "qsort on an empty list returns an empty list". The second line is read as follows, "qsort is a function operated on a list where the first element is x and the rest is tagged xs, such that the element x lies between two elements such that the ones on the right are greater than or equal to it and the ones on the left are less than or equal to it". ++ is the concatenation symbol. And yes, Haskell thrives on recursions.

    I can't wait to get back to college and get into the hustle and bustle of life all over again. I'm also looking forward to attending the induction training programme for the Sun Campus Ambassadors in Bangalore between the 27th and 29th of this month. My CA work officially starts from the 1st of August. Anyways, I've laid down a set of goals for myself for the coming semester which according to Suvha, might lead to me ending up in an asylum. Maybe, I am overloading myself again. Maybe I'm not. Whatever the case, I guess I'm all for it now. I think I'm rejuvenated and wiser (laugh you morons...laugh) after a couple of lessons life thought me in the past few months. Let's see how things change now...

    Cheers!