|
|
| Line 1: |
Line 1: |
| ==Open source detritus== | | ===Various open source contributions (very incomplete)=== |
| * Implement handling of [[C99]] [http://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html variadic macros] in [http://www.splint.org/ splint] (see [http://www.advogato.org/person/muks/diary.html/start=0 this], [http://www.buzztard.org/index.php/Splint this] and [http://www.splint.org/faq.html#quest18b of course this]) | | * [[Valgrind]]: |
| * Review cryptographic implementations in [http://www.pidgin.im pidgin] -- last time I looked (back in the bad ol' gaim days), its usage of [[OpenSSL]] was all FUBAR | | ** Added support for [https://bugs.kde.org/show_bug.cgi?id=302827 CDROM_GET_CAPABILITY] <tt>ioctl</tt> |
| * [[Subversion|Subversion's]] --xml and --ignore-externals options couldn't be used together properly in <tt>svn status</tt>, at some point. Investigate, rectify. | | * libblkid (util-linux) |
| * Various [[Debian]]-related things
| | ** [https://github.com/karelzak/util-linux/commit/ffab21e12846dd9b9403c881721e415493805bd1 Fix #1] |
| | | ** [https://github.com/karelzak/util-linux/commit/330ff7edc480b4e897f946c30a2afa38c916b9d0 Fix #2] |
| ==Projects with their own pages==
| | ** [https://github.com/karelzak/util-linux/commit/d8a5b55012c2e01bff78a9c1237f4f2a93bd9c3a Fix #3] |
| * [[libdank]]: Long-term personal collection of routines / application frameworks with a low-level feel
| | ** [https://github.com/karelzak/util-linux/commit/28a47f13d9c33c97279742d83687bff4d79922f4 Fix #4] |
| * [[TANGE]]: Terminal Application (Next-Generation Emulation)
| | * [http://www.wireshark.org/about.html Wireshark]: |
| * [[ctxdiff]]: Context-sensitive fractal fuzzy diffing | | ** [http://www.ethereal.com/lists/ethereal-users/200402/msg00153.html Fixed handling] of IPv4 fragmentation bits. |
| * [[xsh]]: Exactly what it sounds like! | | * [http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 iproute2] |
| * [[makelint]], which immediately suggests? [[lintmake]]
| | ** Many [http://git.kernel.org/?p=linux/kernel/git/shemminger/iproute2.git;a=blobdiff;f=man/man8/ip.8;h=0f9f454737c5a5977026752321d620d7bee79158;hp=68887bacff00e6e03f4e035a5935f557aa79bd83;hb=db4a7f198b6193a1e584c3b6647d92bb6c66fb52;hpb=14a1c164d12e32415acc44ef566fcf52ff4dd113 man page] fixes |
| | | * [[Linux APIs|Linux kernel]]: |
| ==Core stuff== | | ** [http://lkml.org/lkml/2010/5/4/6 Added support] for Model-30 [[Nehalem]] processors in [[Oprofile]] ([http://marc.info/?l=linux-kernel&m=127294830417492&w=2 more discussion] on oprofile-users) |
| | | ** [http://lkml.indiana.edu/hypermail/linux/kernel/0906.3/02414.html Addressed issues] in [[pages|HugeTLBFS]]'s API. |
| ===Parvenu=== | | ** [http://lkml.indiana.edu/hypermail/linux/net/0301.1/0037.html Addressed] an issue in IPv4 address/route removal. |
| * One string-matching automaton to Rule them All! It must handle:
| | ** Worked out some kinks in Matrox G400 framebuffer and SiS-5591 IDE drivers. |
| ** Thousands (millions?) of patterns concurrently
| | ** [http://fossies.org/unix/privat/ngpt-2.2.1.tar.gz:a/ngpt-2.2.1/THANKS Next Generation Posix Threading] maintenance |
| ** Initially targeting GigE wire speeds
| | * [http://sourceforge.net/projects/strace/ strace]: |
| ** [[Using Unicode|UTF-8]] (at a minimum) and various transcodings
| | ** [http://www.mail-archive.com/strace-devel@lists.sourceforge.net/msg00614.html Addressed issues] in various architectures' [[Linux APIs|sendfile(2)]] support. |
| ** Small-memory (embedded) environments | | * [http://www.codemonkey.org.uk/projects/x86info/ x86info]: |
| ** Most elements of regular expressions (definitely all the syntactic sugar)
| | ** [http://git.choralone.org/?p=x86info.git;a=commit;h=17d9bf43f775f5a780bcccbca52e2ce37c3ca1f1 fixed] feature-specific TLB and cache detection |
| * Uses [[Research ideas#libblaze|libblaze]] as a memory management helper
| | ** [http://git.choralone.org/?p=x86info.git;a=commit;h=a8af3758826f545b289a40ecefa627de1e5e9e90 added] support for several Intel caches |
| | | * [http://dynamorio.org/ DynamoRIO]: |
| ===libblaze===
| | ** [http://groups.google.com/group/dynamorio-users/browse_thread/thread/72dd27ca8f5ead66/5064e2e1d98b8fcf?lnk=gst&q=nick#5064e2e1d98b8fcf added] [[Nehalem]] support |
| * Use [[cpuid]] to select and dlopen(2) a processor-specific set of low-level routines
| | * avant-wireless |
| ** Observe the details within [http://people.redhat.com/drepper/dsohowto.pdf Ulrich Drepper's] fine document! | | ** An [http://wiki.awn-project.org/Applet_Gallery AWN applet] which tracks wireless connection properties, and spawns wpa_gui |
| * Expose [[cpuid]] and [[SMP on x86|SMP]] details
| | * iw |
| * Expose algorithms for memory management / layout tuned to cache/DRAM parameters (detected with [[SPD]]) | | ** [http://thread.gmane.org/gmane.linux.kernel.wireless.general/82070 Correct unsigned] ints used to hold signed data |
| * Material largely inspired by Warren's ''[http://www.hackersdelight.org/ Hacker's Delight]''. | | * Snort |
| ** And to a lesser, far less rigorous extent, Kaspersky's ''[http://www.amazon.com/Code-Optimization-Effective-Memory-Usage/dp/1931769249/ref=sr_1_1?ie=UTF8&s=books&qid=1205173465&sr=1-1 Effective Memory Usage]''. | | ** Various [http://copilotco.com/mail-archives/snort-users.2003/msg06337.html signature documentation] |
| * Might have already been superseded by [http://liboil.freedesktop.org/wiki/ liboil]. That damn open source community moves fast! | |
| | |
| ==Networking==
| |
| | |
| ===Zetetic===
| |
| * Network traffic analysis (ala Wireshark or tcpdump) with strong covert channel detection | |
| * Passive network modeling (protocols, services, hosts, versions) initially | |
| ** To be paired with vulnerability correlation, active probing, histories (ala SourceFire RNA?)
| |
| * Higher layers do not restrict the inductive analysis of lower layers, but influence the deduction
| |
| * Automata-based analysis of content builds up possibility space of what it CAN be
| |
| ** Probability multipliers (products of series) paired with non-deterministic automata
| |
| * Expert knowledge-based reduction of possibility space adds input as to what it OUGHT be
| |
| * Neural net-based learning with state determines what it IS
| |
| ** Over time, confidence in matching both recurring and new traffic increases
| |
| * Uses [[Research ideas#Parvenu|Parvenu]] as a pattern-matching helper
| |
| | |
| ===liburine===
| |
| * The inverse of [[Research ideas#Zetetic|Zetetic]]. Take a leak (alternatively: "You're in")!
| |
| * Use arbitrary combinations of protocols (and fuzzing/embedding thereof) to find channels
| |
| * Goals: if even a bit of controllable information can be used as a channel
| |
| ** Tunnel [http://openvpn.net/ openvpn](?) (and thus [http://www.torproject.org/ TOR](?)) under it | |
| * Goals: [[Research ideas#Zetetic|Zetetic]] should be able to find us, but nothing of lesser power!
| |
| * The ultimate assistant for: whistleblowers, samizdat publishers, hax0rs stuck in airports
| |
| | |
| ===drbenway===
| |
| * Checks sysctls, <tt>netstat</tt>, <tt>/proc</tt>, etc for network settings. Makes extensive sensible recommendations. | |
| ** Is device polling / NAPI in use? Do firewall rules disallow PMTU discovery?
| |
| ** Is TCP FRTO being used in the presence of wireless links? etc
| |
| * Analyzes pcaps or raw sockets ''in situ'', with filters, performing detailed diagnostics ie
| |
| ** "TCP 1323 high-performance extensions are being used in 24% of the connections"
| |
| ** "Fragmentation is resulting from port 7000's large UDP emissions, can we tune it this way..."
| |
| | |
| ==Compilation/binaries== | |
| | |
| ===[[gcc]] stuff===
| |
| * Work on [http://gcc.gnu.org/ml/gcc/2006-06/msg00736.html RABLET] | |
| * It'd be interesting to take [[http://gcc.gnu.org/onlinedocs/gccint/GIMPLE.html GIMPLE]] and apply it to [[malware analysis]] | |
| * Work on finishing out [[ISO C99]] support | |
| * Work on [http://www.ggcc.info/?q=codingrules Coding Rule Checking] (GGCC) | |
| | |
| ===debugging / reverse engineering tools===
| |
| * getgetopt -- discover a program's command line parameters via object analysis | |
| ** maybe something to test combinations of command line parameters, as well? | |
| * getgccopt -- discover the compiler options used to build an object. difficult!
| |
| * arrlimiter -- run object code with various rlimit restrictions to test failure paths | |
| * ploom -- pthreads debugging from process (tracing framework, object lookup + pthread knowledge, contention measures, etc) | |
| | |
| ==Aborted projects (very incomplete)==
| |
| * Investigate [[suffer]] and see whether it's feasible (update: [http://www.cs.ubc.ca/~davet/fbcmd/ fbcmd] hendels its dendels [[User:Dank|Dank]] 23:05, 8 December 2008 (UTC)) | |
