Sybreon Ones Nought

I would like to highlight an initiative by our government for fresh graduates – CODE8. CODE8 is an apprenticeship programme designed for people in the ICT area. Anyone who is interested should apply for it – particularly if you are having trouble finding a job. In fact, I highly recommend that you apply for this if you have yet to successfully find employment anywhere else.

The package is a really good one and since it is an apprenticeship, you will be provided with invaluable training in various areas. There will even be lessons to attend regularly – it will just be like school again! You will need to sign a short term contract but think of it as an extended internship except that you will be highly paid unlike interns.

And please help spread the word around. If you have friends who are fresh graduates, please ask them to apply for it too! This lucrative offer is not to be missed. I guarantee that you will never find anything like this anywhere else in 1Malaysia!

I had just read an interesting write-up today on the possible reasons behind the death of Larrabee – Intel’s next-generation home-grown graphics processor designed to open up the world of CPU-GPU computing and to kill both ATI and NVIDIA in graphics. Needless to say, the article was very juicy but regardless of its factual truth, it did provide me an insight or two into the cut-throat world of graphics processing.

Graphics is hard! That is why there are only two major companies leading the high end graphics chips and two companies at the low end. From a technical perspective, a graphics processor is at the opposite end of the spectrum from a general-purpose microprocessor. It is a different beast entirely. This got me thinking – it might be fun to do a graphics processor project on my own – on a small scale of course. This got my brain churning, which is always a good thing.

If I were to design a graphics processor of my own, I would first start with a half-precision or smaller word-length. This would keep the computational units small. I would further simplify the hardware by synchronising all the computational units to operate in lock-step with each other. Operation scheduling would be controlled in software. As long as the graphics processor is simple enough to push out pixels are a fairly decent rate, I would already be really happy. It might be all that is necessary for running a certain class of software, particularly if paired with my existing processor. At the very least, it would be fun to do and interesting to learn.

Now, if I could only get my hands on some graphics processor architecture books or sample hardware designs or even some publicly available data sheets on some older chips.

Now that I have a LCD television and a PS3 home entertainment machine, all that is lacking in the collection is a proper sound system. Just out of curiousity, I checked out what models our local Carrefour had on promotion. Turns out that it is running a promotion on four home theatre systems that end tomorrow. I am not too worried about Carrefour prices because they tend to keep things low, even after their promotions end.

The model that attracted my eye is the HT554TM package that comes for just under RM1000 with the discount voucher.

It is a regular DVD player with an attached 5.1 surround sound system. It has up to 1080p HDMI output and a optical input. This is exactly the kind of device that I am looking for. It would allow me to watch my regular DVDs in high-definition on my television and it would allow me to experience proper 5.1 surround sound on both DVDs and Bluray movies. Nice! The PS3 comes with an optical audio output for full 5.1 surround sound. In addition, the device is from LG and comes with the SimpLink technology which would allow me to control the DVD player with the same remote that I use for controlling the television, which is a good thing.

Well, this is just a consideration and it is a good system at a reasonable price. I have not decided to get it yet. I will probably wait till early next year to get one. I have sort of busted my budget this month with all the PS3 games that I bought. I was kind of shocked when I received my credit card statement the other day. But it is nice to start looking around for a decent sound system. The next thing that I will have to do is to find a nice way to wire up the living room. There is an electrical shop near my place that sells the right kind of wires.

I sometimes lament the fact that most software people do not have the necessary hardware knowledge to understand how computers actually work. A software person may think that the algorithm is secure simply because he/she had obfuscated and encrypted both the library and the application software using the library. A software person may think that it would take years to break the encryption and obfuscation.

Unfortunately, I have a very bad news for these software people. The hardware guys totally agree that encryption standards today are so strong that there is no point attacking your algorithm at the software level, which is why hardware people always attack these problems at the hardware level. The primary problem, you see, is that there is no microprocessor that executes encrypted code. All code will need to be decrypted at some point, and stored in-memory for the processor to execute. That is where the hardware person will attack the problem. The typical hardware person would just dump the memory and then read and interpret its contents, which is much easier than it actually sounds. It is fairly easy to differentiate random data and proper sequence of instructions in-memory. There are tell-tale signs that any embedded programmer would be able to read.

In fact, even if you do not store your encryption algorithms nor encryption keys in external memory but choose to store it in the on-chip cache, it is still possible to force the processor to evict that cache content into external memory and then steal the code from the memory. All these are fairly standard hardware debugging techniques that need to often be used to verify that hardware works. For example, if a processor isn’t doing what it is supposed to be doing, one of the first things that a hardware person needs to check is that the programme in memory is actually being executed by the processor (and it is not just sitting there in memory).

And with today’s virtualisation technology, it makes the job much easier to do. It is possible to run the secure application in a virtual machine and to dump and inspect the virtual machine’s memory while the application is actually running inside the virtual machine. That is one of the cool advantages for using virtual machines that every software developer needs to learn. The hardware person does not need to actually crack the encryption protecting the software nor does the hardware guy need to debug the code inside the operating system. It only needs to be intercepted at the virtual machine level.

It is something that people should just be aware of, especially people peddling security applications.

PS: In case anyone was wondering why there are no processors that run encrypted software, the reason is again due to software. It would be a nightmare to debug the software written for an encrypted processor.

I have a rat problem at home. It has been eating my bread and most recently, it has eaten its way through a door. I hate rats. I wish that hunting rats was as easy as hunting hackers. I was brought in on an incident at work today. Seems like one of our servers had recently been compromised. Any organisation with a sufficiently large server infrastructure needs to be ever vigilant of attacks.

So, I got my grubby hands on the KVM terminal of the server and started nosing around. Very quickly, I found that it was making two network connections, one to an IRC server and another attack on a remote web server. This is interesting because it is a classic bot-net scenario where the bot sits in the background and connects to an IRC server in order to receive commands from its masters.

Then, I had to hunt down the offending background bot programme. That took a little snooping around the proc filesystem of the server to track down the application. I loved the filenames that the hacker used for its scripts. Some of those names were really creative to say the least. The final step was to track down how the hack was initiated. This was definitely something planted ages ago before being turned-on recently.

At one point, I commented to a colleague that it felt fun playing CSI on the server. As usual, the ultimate flaw in the security lay in the system admin. While nosing around in the system, I got a feel for the competency of that particular server’s sysadmin. There were several things done, that should not be done. So, let’s just hope that they take our advice to heart and fix the flaws.

As for the rat at home. I think that I’ll need to try to track down its entry point into the house. Then, I can plug it and kiss it goodbye.

I’m not sure if it is fortune or misfortune that has resulted in me not having to attend any BTN camp before. However, I have some friends who have attended such courses. Of course, there are also many anecdotal recollections of what has happened inside these camps. There is rarely any hard evidence in any of these cases because of the strict restrictions on bringing information devices into these courses.

However, after reading the article in TheStar, it seems that the government acknowledges that there are problems and steps are being taken to fix them. According to the article, “the co-curriculum [sic] will be brought in line with the Prime Minister’s 1Malaysia, which means it will be more inclusive and will not divide Malaysians. If we have a course for only one racial group, then that is not 1Malaysia,” said our Minister in the Prime Minister’s Department Datuk Seri Nazri Aziz.

To me, this seems like an admission on the part of the government, that something is terribly wrong with these BTN camps. If the courses taught during these camps are designed to instill disunity and spew a whole load of bigoted nonsense, it will ultimately do more harm than good. So, while I will not hold my breath waiting for the thing to be fixed, I will at least accept that the government is aware of the problems and that something needs to be done to fix it (at some point in the future).

At the very least, I now know that my friends were telling the truth of the matter and that they were not deranged attention seeking sociopaths. The present crop of BTN courses has to go. Let us do what my former Malaysian Studies professor did – tear up the pages of our distorted SPM history and re-tell our country’s history from scratch, with the necessary logic, rational and evidence to back things up. I loved his lectures, which at least made sense.

It instilled in me a love for our country, it made me proud of our rich history and made me aware of the beautiful cultural diversity that we have inherited. You don’t have to be a right-wing extremist to be a nationalist. I wish that our government would get his help in drafting the new BTN syllabus. He truly knows how to put the right spin on the truth.

Some people have all the luck. They do not suffer from jet-lag. Unfortunately, I am not one of those people. I can still remember the first time I returned from the UK at the end of my first year. I was only home for a month and it took me a whole week to get over my jet-lag. I was just sleeping and eating all the time. This time around, it has taken me about a week as well. I have spent most of last week as a day-time zombie while trying to sleep at night was a chore.

I got a really good night’s sleep last night and I hope that is enough to overcome jet-lag. Tomorrow is the start of a new day, the start of a new week, and almost the start of a new month.