Open source detritus==
Implement handling of [[ C99]] [ http:// gcc. gnu.org/ onlinedocs/ gcc/ Variadic- Macros.html variadic macros] in [ http:// www. splint.org/ splint] (see [ http:// www. advogato.org/ person/ muks/ diary.html/ start=0 this] , [ http:// www. buzztard.org/ index.php/ Splint this] and [http://www. splint.org/ faq.html #quest18b of course this] )
Review cryptographic implementations in [http://www. pidgin. im pidgin] -- last time I looked (back in the bad ol' gaim days), its usage of [[OpenSSL]] was all FUBAR
[Subversion|Subversion's]] --xml and --ignore-externals options couldn't be used together properly in <tt>svn status</ tt>, at some point. Investigate, rectify.
* Various [[Debian]]-related things
==Projects with their own pages==
* [[libdank]]: Long-term personal collection of routines / application frameworks with a low-level feel
* [[TANGE]] : Terminal Application (Next-Generation Emulation)
[[ctxdiff]]: Context-sensitive fractal fuzzy diffing
[xsh]]: Exactly what it sounds like!
* [[makelint]], which immediately suggests? [[lintmake]]
** -[] [] (2 )
** [http://..//.] [[|]]
* One string-matching automaton to Rule them All! It must handle:
** Thousands (millions?) of patterns concurrently
** Initially targeting GigE wire speeds
* [http://.// ]
** [[ Using Unicode| UTF-8]] (at a minimum) and various transcodings
** --netin [[|]] .
Small- memory (embedded) environments
* [http://./ ]
** Most elements of regular expressions (definitely all the syntactic sugar)
* Uses [[ Research ideas#libblaze|libblaze]] as a memory management helper
* [http://.org/ ]
* Use [[ cpuid]] to select and dlopen(2) a processor-specific set of low-level routines
Observe the details within [http:// people. redhat. com/ drepper/ dsohowto. pdf Ulrich Drepper's] fine document!
* Expose [[ cpuid]] and [[SMP on x86| SMP]] details
Expose algorithms for memory management / layout tuned to cache/DRAM parameters (detected with [[SPD]])
** used to
Material largely inspired by Warren's ''[http:// www. hackersdelight. org/ Hacker's Delight] ''.
And to a lesser, far less rigorous extent, Kaspersky's ''[http:// www. amazon.com/ Code-Optimization-Effective-Memory-Usage/ dp/ 1931769249/ ref=sr_1_1?ie=UTF8&s=books&qid=1205173465&sr=1-1 Effective Memory Usage] ''.
Might have already been superseded by [http:// liboil. freedesktop.org/ wiki/ liboil] . That damn open source community moves fast!
Network traffic analysis (ala Wireshark or tcpdump) with strong covert channel detection
Passive network modeling (protocols, services, hosts, versions) initially
** To be paired with vulnerability correlation, active probing, histories (ala SourceFire RNA?)
* Higher layers do not restrict the inductive analysis of lower layers, but influence the deduction
* Automata- based analysis of content builds up possibility space of what it CAN be
** Probability multipliers (products of series) paired with non- deterministic automata
* Expert knowledge-based reduction of possibility space adds input as to what it OUGHT be
* Neural net -based learning with state determines what it IS
** Over time, confidence in matching both recurring and new traffic increases
* Uses [[ Research ideas#Parvenu| Parvenu]] as a pattern-matching helper
* The inverse of [[Research ideas#Zetetic|Zetetic]]. Take a leak (alternatively: "You're in")!
* Use arbitrary combinations of protocols (and fuzzing/embedding thereof) to find channels
* Goals: if even a bit of controllable information can be used as a channel
* Tunnel [http:// openvpn. net/ openvpn] (?) (and thus [http:// www. torproject.org/ TOR](? )) under it
* Goals: [[Research ideas#Zetetic|Zetetic]] should be able to find us, but nothing of lesser power!
* The ultimate assistant for: whistleblowers, samizdat publishers, hax0rs stuck in airports
Checks sysctls, <tt>netstat</ tt>, <tt>/ proc</tt>, etc for network settings. Makes extensive sensible recommendations.
** Is device polling / NAPI in use? Do firewall rules disallow PMTU discovery?
** Is TCP FRTO being used in the presence of wireless links? etc
* Analyzes pcaps or raw sockets ''in situ'', with filters, performing detailed diagnostics ie
** "TCP 1323 high-performance extensions are being used in 24% of the connections"
** "Fragmentation is resulting from port 7000's large UDP emissions, can we tune it this way. .."
===[[gcc] ] stuff===
Work on [http:// gcc.gnu.org/ ml/gcc/2006-06/msg00736.html RABLET]
It'd be interesting to take [[http:// gcc. gnu. org/ onlinedocs/ gccint/ GIMPLE.html GIMPLE]] and apply it to [[ malware analysis]]
Work on finishing out [[ISO C99]] support
Work on [http:// www. ggcc. info/ ?q=codingrules Coding Rule Checking] (GGCC)
===debugging / reverse engineering tools===
getgetopt -- discover a program's command line parameters via object analysis
maybe something to test combinations of command line parameters, as well?
* getgccopt -- discover the compiler options used to build an object. difficult!
arrlimiter -- run object code with various rlimit restrictions to test failure paths
ploom -- pthreads debugging from process (tracing framework, object lookup + pthread knowledge, contention measures, etc)
==Aborted projects (very incomplete)==
Investigate [[suffer]] and see whether it's feasible (update: [http:// www. cs.ubc.ca/ ~davet/ fbcmd/ fbcmd] hendels its dendels [[User:Dank|Dank]] 23:05, 8 December 2008 (UTC))