Category: Tech

Some on computers

WetCrag (beta)

WetCrag (beta)

During the fall of 2016 there was something on my mind. First, I was thinking about my trips to Fontainebleau and to the TNF Mountain Festival, and what I did remember about these two events was the rain. In 2016, every time I went on a climbing trip, it did rain. Even in Basilicata we got rain and were forced to shorten our trip by one day!
Second, I was about to change job, and thought about getting more familiar with Python. And what better to get more familiar with a programming language than a pet project?

This is how WetCrag was born. I wanted a website to give me the status of the rocks in the crags where I climb, or where I plan to go (sooner or later). And I also wanted a short term forecast, to see if rain (or snow) was coming or not.
And this is exactly what WetCrag does. It is really as simple as that. It contains a map with crags (or bouldering areas), and it tells you (and me!) temperature and wind speed at the crag, plus the status of the rocks (if they are dry or wet), and the outlook for the next five days (if rain and snow are forecasted or not).

 

 

Does it work? Yes. We tested it in the past few months, and it predicted conditions at our local crags pretty decently.
Is it 100% accurate? Of course not! We use weather data from the Internet, and cannot be 100% accurate. But it’s better than nothing. Check it for yourself 🙂

At the moment, we have just a bunch of crags and bouldering areas in the map. If you want your local crag to be added just sent me a message with the name of the Crag, and the GPS coordinates. Or even better, send me a link on Google Maps and I’ll get the coordinates from there. My email is me(at)isazi.net 😉

Getting married

Getting married

Just today I found on Reddit a link to a post called “Optimizing your wife“. That reminded me that marriage is an example that sometimes arises in scientific papers (I always loved “College admissions and the stability of marriage” for some weird reasons that I never fully understood) and that on January I read another paper, that got also quite famous on the Internet. It was titled “Why I don’t have a girlfriend: an application of the Drake Equation to love in the UK“. You cannot believe it, but Backus’ paper reminded me another thing, completely unscientific, that is an episode of the famous TV-show “How I met your mother” called “Matchmaker“.

Why ?
Because in his paper, Backus talks about some properties of his ideal girlfriend, like attractiveness and education. If you watch the HIMYM episode that I just cited (other than listening to a dialog stating again how low are the probabilities to find a soul mate in New York) you will see the main character, Ted, listing some of the properties of his ideal girlfriend too. It is really funny that a scientific paper made me think about a show, isn’t it ?

As every good computer scientist, or enthusiast, out there I started thinking about an algorithm like the one described, and I thought that we could just see the whole problem as a big optimization one. I mean, if we could have a database plenty of data about different people, then we could just compute some score and pick up the girl with the best one. All our problems solved!
I should say now that I’m not really into things like that, that is, I don’t believe that an algorithm will ever pick up girlfriends for us, but anyway I really like to think about stupid problems and this one just haunted my brain. Anyway I decided to not think about the algorithm itself, or its possible complexity.

My interest, indeed, was just focused on how to list all those complex properties related to the description of humankind. I suppose that the typical human approach would be to list, like in the show, some desired properties of the partner, and our properties too (it should be bidirectional anyway). However I always feel weird when I have to fulfill some description of myself, it’s always difficult to say “I like this and that” or “I do that and that”, there are always omissions, mostly unwanted, and I’m never able to be complete. So at the end I never like any of the description of myself I wrote. But if I’m not able to list at least mine properties (as we can assume, simplifying, that if I would be able just to describe myself and you can do the same, then we can still try to achieve some conclusions about how good is our matching just using those data), how can I even think that a dating service could work in practice! So I should suppose that all the current dating website and whatsoever are just connecting people that match some trivial properties, and the rest is just luck (or love?). The point is that, before thinking about rankings and how to describe human properties so ethereal like “attractiveness“, we should gather all those information together, and just that step is not trivial at all.

Or is it ?
Then I thought something like that: if I’m not able to accurately describe myself, why someone else don’t do that for me? What I mean is that having to directly provide information of this kind is extremely difficult and inaccurate, and it should just be a plus, something more, something to add at an automatically produced base. I need an auto-generated description of myself, that I may or may not want to improve or modify, to use as an input for the soul mate matching algorithm.

But who can I ask for providing an almost complete description of me ?
Not being really smart I will just think about two big guys: Google and Facebook. And the reason is simple: they can store and analyze information about how we behave (of course just on the Internet, but hey, this is just a reflection of mine, not a scientific paper) and they can easily find properties about us that we don’t even know about. What we search, the websites that we often visit, the pictures that we like to watch, our friends, what we read, the music that we listen to and the one that we hate, etc.. I mean, if you could really access all that information about yourself, don’t you think it could be a good description of who you are, to give in input to our super-duper algorithm and find your ideal girlfriend ?

That’s it. I don’t want to go anywhere else farther than that. My goal was just to share a short reflection with the rest of the Internet and that I just did.
And who knows, maybe I will get married tomorrow just because of this post 😉

The art of commenting code

The art of commenting code

It’s simple, I’m reading some old C code right now (but it’s a general thought really) and it lacks comments so I’m trying to understand what it does for using it proficiently, I know that I’m not a “comment guy” cause I only now and then put comments in my source code, but managing a medium C++ project in the last few months (my bachelor thesis) I’ve finally understood what to comment and what not.

First of all I don’t like commenting every line of code, it’s stupid and it’s wrong, good code must be readable also without comments, comments are for helping readers to understand the “whole thing”, so they must refer to widen pieces of code, pieces that you can understand also without the comments but that with them become more easily to be understood by you.

So I’ve started to comment the critical point of my code, the decisions taken and the rationale beside them and I’ve found, finally, what I absolutely need to comment: data structures.

The rationale it’s simple, if algorithms have a behavior that you can follow to understand them, data structures haven’t, you can’t understand them if they want, or better, you can but you have to spent lot of time trying to find every use of them and it’s not cool, absolutely isn’t 😉

So, I started to comment my data structures, their fields, how they must be used and the meaning of them, why don’t you ?

(This is all because the code I’m reading right now has no comments and some strange graph data structures with fields not understandable if you are not the author, and I’m not)

Linux CryptoAPI

Linux CryptoAPI

Semplice guida all’utilizzo di filesystem cifrati.

Prima di tutto ammetto le mie colpe, questo semplice testo non ha nessuna ambizione teorica, e’ composto semplicemente da una serie di appunti su cose apprese in rete compilata perche’ potesse risultare d’aiuto a chi avesse voluto realizzare una partizione cifrata con GNU/Linux senza doversi sbattere troppo.

Non era infatti un pilastro dell’etica hacker fare in modo che non si dovesse ogni volta reinventare la ruota ? 🙂

[ Perche’ ? ]

Perche’ utilizzare una partizione cifrata ?
Perche’ farsi questa domanda ?
Sono cose a cui non sono io a dover rispondere.
Quando ho scelto di avere una partizione cifrata avevo semplicemente intenzione di custodire i dati degli utenti dentro la “home” in maniera piu’ sicura.
Ognuno degli interessati avra’ sicuramente il suo buon motivo.

[ Kernel ]

Cominciamo col dire che in base ad alcuni accordi internazionali la crittografia pesante e’ considerata una pericolosa arma, uno strumento
prettamente militare, e quindi ci sono stati che ne proibiscono l’esportazione.
Per questi motivi il supporto crittografico non e’ integrato nel kernel ma bisogna installare una patch non ufficiale, rintracciabile attraverso
il sito www.kerneli.org.
Inizialmente questa era denominata patch di internazionalizzazione del kernel, ma adesso, anche se il nome del file e’ ancora lo stesso, il
progetto ha preso il nome di “GNU/Linux CryptoAPI Project”.
Sul mio computer e con il kernel 2.4.20 senza modifiche, ho dovuto applicare in sequenza queste 2 patch:

[tritticho][/usr/src/linux]# patch -p1 < patch-int-2.4.20.1
[tritticho][/usr/src/linux]# patch -p1 < loop-jari-2.4.20.0.patch

La prima e’ per il supporto delle cryptoapi e dei cifrari, la seconda una patch per i loopback device che permette di non dover attivare degli hack non troppo stabili per far funzionare il tutto.
Patchato il kernel si deve far partire il tool di configurazione dello stesso, che sia a linea di comando o con interfaccie varie non cambia molto, e abilitare alcune cose:

Block devices —>
< *> Loopback device support

Cryptography support (CryptoAPI) —>
< *> CryptoAPI support
[*] Cipher Algorithms
< *> AES (aka Rijndael) cipher
[*] Crypto Devices
< *> Loop Crypto support

Naturalmente questa e’ la scelta che io ho adottato, gli algoritmi di cifratura supportati sono molti e sta’ a voi scegliere quello che preferite.
Da notare l’assenza di moduli (sempre una scelta personale) fatta per avere la crittografia subito al boot e il supporto per i loop device che poi spieghero’ meglio.
Diamo una bella ricompilata al kernel e torniamo alla luce con la nostra nuova creatura.

[ E adesso ? ]

Spiego un attimo perche’ abbiamo inserito il supporto per i loop device…
Astrazione!
Si’, e’ come se applicassimo un filtro tra il device fisico e la rappresentazione che ne abbiamo dentro la struttura del filesystem.
Sarebbe risultato sicuramente piu’ complesso modificare i driver di tutti i device e dei filesystem per inserire le funzionalita’ di cifratura e
decifratura, e dove non piu’ complesso sicuramente noioso 🙂
Semplicemente quello che facciamo e’ questo: montiamo la partizione che ci interessa su un loop device e questo in una directory del filesystem in modo che tutti i comandi del kernel passino attraverso il nostro loop device che avra’ il supporto crittografico e si occupera’ di cifrare e decifrare le informazioni in transito.
Oltre ai nostri dati saranno infatti cifrate anche le informazioni relative al filesystem stesso; inoltre grazie ai loop device abbiamo la possibilita’ di creare dei filesystem cifrati “virtuali” dove immagazzinare informazioni o creare immagini cifrate per da scrivere su cd, floppy, penne usb et similia.

Cominciamo creando un piccolo file pieno di “immondizia” 🙂

[tritticho][~]#dd if=/dev/urandom of=prova bs=1M count=20
20+0 records in
20+0 records out
[tritticho][~]#

Abbiamo utilizzato /dev/urandom come consigliato anche sulla documentazione ufficiale solo per avere un margine maggiore di PARANOIA 😉
Adesso associamo uno dei nostri loop device (scegliamo loop0) al file che abbiamo appena creato:

[tritticho][~]# losetup /dev/loop0 prova -e aes
Available keysizes (bits): 128 192 256
Keysize: 128
Password :
[tritticho][~]#

Diamo una formattata al tutto…

[tritticho][~]# mke2fs /dev/loop0
mke2fs 1.27 (8-Mar-2002)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
5136 inodes, 20480 blocks
1024 blocks (5.00%) reserved for the super user
First data block=1
3 block groups
8192 blocks per group, 8192 fragments per group
1712 inodes per group
Superblock backups stored on blocks:
8193

Writing inode tables: done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 21 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
[tritticho][~]#

Fatto, montiamo il file “prova” che abbiamo creato e siamo a cavallo 🙂

[tritticho][~]# mount -o loop /dev/loop0 /mnt/ -t ext2
[tritticho][~]# cd /mnt/
[tritticho][/mnt]# ls
. .. lost+found
[tritticho][~]#

Possiamo utilizzare il file come un qualsiasi device, una volta smontato il contenuto non sara’ accessibile a chi non conosce la passphrase che abbiamo fornito al primo losetup.
Per rimontare il file una volta smontato:

[tritticho][~]# mount -o loop,encryption=aes prova /mnt/ -t ext2

[ Device fisici ]

E se invece di un device immaginario come un file volessimo cifrare un’intera partizione, ad esempio /home ?
Il procedimento e’ lo stesso, basta sostituire una partizione, ad esempio /dev/hda4, dove prima scrivevamo “prova”.
Se poi vogliamo che la partizione venga montata all’avvio dovremo fornire la passphrase, altrimenti il boot andra’ lo stesso a buon fine ma gli utenti non avranno una casa 🙂
Aggiungiamo dentro /etc/fstab una riga:

/dev/hda4 /home ext3 defaults,loop,encryption=aes 0 2

Naturalmente una volta smontata la /home solo root potra’ rimontarla.
E se volessimo scrivere una traccia cifrata su un cd ?
Il procedimento e’ semplice, creiamo il nostro file con riempiendolo con /dev/urandom (naturalmente senza andare oltre la capacita’ di un cd), usiamo losetup come precedentemente indicato, al momento della formattazione passiamo un’opzione ulteriore, cioe’:

mke2fs /dev/loopX -b 2048

La X e’ il numero del loop device associato naturalmente 🙂

[ Conclusioni ]

Bhe, che dire ?
Naturalmente niente.
E’ questo il momento di sperimentare, non di parlare 🙂