Check out my first novel, midnight's simulacra!
Hackery: Difference between revisions
From dankwiki
No edit summary |
|||
Line 7: | Line 7: | ||
* "taking [[OpenSSL|OpenSSL's]] <tt>RAND_bytes()</tt> (which uses <tt>/dev/urandom</tt>, EGD, or a pregenerated seed file) function and stirring that into a target buffer of arbitrary length, such that use of actual high-quality entropy bits is constant (probably a read of several words each time a thread calls into (threadsafe from the start, no *_r() crap!) <tt>FAUXRAND_bytes()</tt> for the first time) has been on my plate since...well, since just now." (mail to Dr. Richard Vuduc, 2009-09-19) | * "taking [[OpenSSL|OpenSSL's]] <tt>RAND_bytes()</tt> (which uses <tt>/dev/urandom</tt>, EGD, or a pregenerated seed file) function and stirring that into a target buffer of arbitrary length, such that use of actual high-quality entropy bits is constant (probably a read of several words each time a thread calls into (threadsafe from the start, no *_r() crap!) <tt>FAUXRAND_bytes()</tt> for the first time) has been on my plate since...well, since just now." (mail to Dr. Richard Vuduc, 2009-09-19) | ||
* [[mpd]] ought use filesystem change notification events to trigger database changes, not periodic or manual rescans | * [[mpd]] ought use filesystem change notification events to trigger database changes, not periodic or manual rescans | ||
==Various open source contributions (very incomplete)== | |||
* [http://www.wireshark.org/about.html Wireshark]: | |||
** [http://www.ethereal.com/lists/ethereal-users/200402/msg00153.html Fixed handling] of IPv4 fragmentation bits. | |||
* [[Linux APIs|Linux kernel]]: | |||
** [http://lkml.org/lkml/2010/5/4/6 Added support] for Model-30 [[Nehalem]] processors in [[Oprofile]] ([http://marc.info/?l=linux-kernel&m=127294830417492&w=2 more discussion] on oprofile-users) | |||
** [http://lkml.indiana.edu/hypermail/linux/kernel/0906.3/02414.html Addressed issues] in [[pages|HugeTLBFS]]'s API. | |||
** [http://lkml.indiana.edu/hypermail/linux/net/0301.1/0037.html Addressed] an issue in IPv4 address/route removal. | |||
** Worked out some kinks in Matrox G400 framebuffer and SiS-5591 IDE drivers. | |||
* [http://sourceforge.net/projects/strace/ strace]: | |||
** [http://www.mail-archive.com/strace-devel@lists.sourceforge.net/msg00614.html Addressed issues] in various architectures' [[Linux APIs|sendfile(2)]] support. | |||
* [http://www.codemonkey.org.uk/projects/x86info/ x86info]: | |||
** [http://git.choralone.org/?p=x86info.git;a=commit;h=17d9bf43f775f5a780bcccbca52e2ce37c3ca1f1 fixed] feature-specific TLB and cache detection | |||
** [http://git.choralone.org/?p=x86info.git;a=commit;h=a8af3758826f545b289a40ecefa627de1e5e9e90 added] support for several Intel caches | |||
==Projects with their own pages== | ==Projects with their own pages== | ||
Line 84: | Line 98: | ||
* ploom -- pthreads debugging from process (tracing framework, object lookup + pthread knowledge, contention measures, etc) | * ploom -- pthreads debugging from process (tracing framework, object lookup + pthread knowledge, contention measures, etc) | ||
==Aborted projects (very incomplete)== | ==Aborted/abandoned projects (very incomplete)== | ||
* Investigate [[suffer]] and see whether it's feasible (update: [http://www.cs.ubc.ca/~davet/fbcmd/ fbcmd] hendels its dendels [[User:Dank|Dank]] 23:05, 8 December 2008 (UTC)) | * Investigate [[suffer]] and see whether it's feasible (update: [http://www.cs.ubc.ca/~davet/fbcmd/ fbcmd] hendels its dendels [[User:Dank|Dank]] 23:05, 8 December 2008 (UTC)) | ||
* [[Gyre]], a programming language. | * [[Gyre]], a programming language. | ||
[[Category: Projects]] | [[Category: Projects]] |
Revision as of 23:37, 4 May 2010
Open source detritus
- fix up ext3grep to work on ext4 filesystems
- Implement handling of C99 variadic macros in splint (see this, this and of course this)
- Review cryptographic implementations in pidgin -- last time I looked (back in the bad ol' gaim days), its usage of OpenSSL was all FUBAR
- Subversion's --xml and --ignore-externals options couldn't be used together properly in svn status, at some point. Investigate, rectify.
- Various Debian-related things
- "taking OpenSSL's RAND_bytes() (which uses /dev/urandom, EGD, or a pregenerated seed file) function and stirring that into a target buffer of arbitrary length, such that use of actual high-quality entropy bits is constant (probably a read of several words each time a thread calls into (threadsafe from the start, no *_r() crap!) FAUXRAND_bytes() for the first time) has been on my plate since...well, since just now." (mail to Dr. Richard Vuduc, 2009-09-19)
- mpd ought use filesystem change notification events to trigger database changes, not periodic or manual rescans
Various open source contributions (very incomplete)
- Wireshark:
- Fixed handling of IPv4 fragmentation bits.
- Linux kernel:
- Added support for Model-30 Nehalem processors in Oprofile (more discussion on oprofile-users)
- Addressed issues in HugeTLBFS's API.
- Addressed an issue in IPv4 address/route removal.
- Worked out some kinks in Matrox G400 framebuffer and SiS-5591 IDE drivers.
- strace:
- Addressed issues in various architectures' sendfile(2) support.
- x86info:
Projects with their own pages
- libdank: Long-term personal collection of routines / application frameworks with a low-level feel
- TANGE: Terminal Application (Next-Generation Emulation)
- ctxdiff: Context-sensitive fractal fuzzy diffing (not at all like shingleprinting)
- xsh: Exactly what it sounds like!
- makelint, which immediately suggests? lintmake
- libtorque: Multithreaded event handler for UNIX on manycore NUMA
- daytripper: Binary translation to take advantage of Intel's Loop Stream Detector
- CUBAR, a collection of tools for testing CUDA's security model
- libcudest, an open-source implementation of the CUDA userspace
Core stuff
Parvenu
- One string-matching automaton to Rule them All! It must handle:
- Thousands (millions?) of patterns concurrently
- Initially targeting GigE wire speeds
- UTF-8 (at a minimum) and various transcodings
- Small-memory (embedded) environments
- Most elements of regular expressions (definitely all the syntactic sugar)
- Uses libblaze as a memory management helper
libblaze
- Use cpuid to select and dlopen(2) a processor-specific set of low-level routines
- Observe the details within Ulrich Drepper's fine document!
- Expose cpuid and SMP details
- Expose algorithms for memory management / layout tuned to cache/DRAM parameters (detected with SPD)
- Material largely inspired by Warren's Hacker's Delight.
- And to a lesser, far less rigorous extent, Kaspersky's Effective Memory Usage.
- Might have already been superseded by liboil. That damn open source community moves fast!
Networking
Zetetic
- Network traffic analysis (ala Wireshark or tcpdump) with strong covert channel detection
- Passive network modeling (protocols, services, hosts, versions) initially
- To be paired with vulnerability correlation, active probing, histories (ala SourceFire RNA?)
- Higher layers do not restrict the inductive analysis of lower layers, but influence the deduction
- Automata-based analysis of content builds up possibility space of what it CAN be
- Probability multipliers (products of series) paired with non-deterministic automata
- Expert knowledge-based reduction of possibility space adds input as to what it OUGHT be
- Neural net-based learning with state determines what it IS
- Over time, confidence in matching both recurring and new traffic increases
- Uses Parvenu as a pattern-matching helper
liburine
- The inverse of Zetetic. Take a leak (alternatively: "You're in")!
- Use arbitrary combinations of protocols (and fuzzing/embedding thereof) to find channels
- Goals: if even a bit of controllable information can be used as a channel
- Goals: Zetetic should be able to find us, but nothing of lesser power!
- The ultimate assistant for: whistleblowers, samizdat publishers, hax0rs stuck in airports, Iranians
drbenway
- Checks sysctls, netstat, /proc, etc for network settings. Makes extensive sensible recommendations.
- Is device polling / NAPI in use? Do firewall rules disallow PMTU discovery?
- Is TCP FRTO being used in the presence of wireless links? etc
- Analyzes pcaps or raw sockets in situ, with filters, performing detailed diagnostics ie
- "TCP 1323 high-performance extensions are being used in 24% of the connections"
- "Fragmentation is resulting from port 7000's large UDP emissions, can we tune it this way..."
Compilation/binaries
gcc stuff
- Work on RABLET
- It'd be interesting to take GIMPLE and apply it to malware analysis
- Work on finishing out ISO C99 support
- Work on Coding Rule Checking (GGCC)
debugging / reverse engineering tools
- getgetopt -- discover a program's command line parameters via object analysis
- maybe something to test combinations of command line parameters, as well?
- getgccopt -- discover the compiler options used to build an object. difficult!
- arrlimiter -- run object code with various rlimit restrictions to test failure paths
- ploom -- pthreads debugging from process (tracing framework, object lookup + pthread knowledge, contention measures, etc)