Foss

GSoC Proposal: User Profile & File Transfer Support in Tox Qt GUI


Recently, I had applied for Google Summer of Code but I was not able to get through as my mentoring organization did not get enough slots from Google as they applied as an organization for the first time. I applied for User profile & File Transfer support in Tox Qt GUI client.

Short Description:

This project aims at making Tox Qt GUI client more elegant and user friendly by introducing user profile creation, data portability such that users will be able to carry their data in either encrypted or raw format and login from different machines under same profile. Another feature which the project will introduce is the file transfer support  with a nice file transfer manager widget, something similar to Firefox’s download manager.

Project:

The project will be mainly dealing with 2 major tasks. Two of them (user profile support and file transfer support) have something in common: they improve the security & reusability of the client

One of the key goals of the project would be to introduce user profile support in Tox Qt GUI. Currently, Tox Qt GUI does not save the user data, instead it creates a new profile, nothing carries over except the GUI-specific settings. The current proposal aims to introduce the user profile support in the Qt client. Some of the functionalities of the user profile support includes login dialog, import/export dialog, create new profiles,  login using any of already created in Qt GUI profiles, re-log under different profile without restarting the application and export/import profile in raw/encrypted format.

libtoxdata is a new library that provides standardized and secure way to save a user profile on a disc.  Most Tox clients are still saving all user data in raw format, meaning that once a data file is stolen, the user loses accessibility to account, but with this library a user can password-encrypt Tox data file when storing it on a disc. This feature will allow users to carry the data files either in raw or encrypted format and connect to the Tox network from any other machines.

Login dialog

(Mock up UI repo:https://github.com/seshagiriprabhu/gsoc-1)

Consists of two widgets:

1. Existing user widget:

Existing users can enter his/her profile name and password to login. Only users with user data pre-loaded locally would be able advance further to use the messenger. The  “nickname” in the login window is just a profile name, which is always unencrypted, it has nothing to do with the nickname. If password-protected, nickname and other information will be encrypted using that password, but not the profile name, since user would need to differentiate between different encrypted user profiles.

Mockup UI – 1: Login window for existing users

Each user profile would have it’s own folder(lets say: /home/seshagiri/.config/tox/), and each folder would have a user profile file, which is just tox_save() encrypted by libtoxdata, so any client could add support of user profiles just by using that library.

When a user tries to login  using a profile name chosen from the drop down menu of  [Mockup UI – 1], the widget will parse the corresponding .tox file from the profile directory using data_init_load and data_unlock functions

tox_data *profile = data_init_load("/home/seshagiri/.config/tox/whatever.tox");
data_unlock(profile, "password1");

If the data_unlock returns a zero, which means that the login was successful. Next step would be to load the user environment using tox_data function.

uint8_t *buffer;
size_t size = data_read_messenger(profile, &buffer);
tox_load(tox, buffer, size);

2. New user widget:

Mockup UI -2 : Sign up page for new users

A user could create a profile by entering a profile name and password.  A user can create multiple profiles under the same name as the tox core assigns each profiles a hash upon registering. A user will also be able to create “raw profiles” i.e passwordless unencrypted profiles.  When a user creates an account the widget will indeed call data_init_new function of  ProjectTox-libtoxdata.

tox_data* data_init_new(char *path, uint8_t *data_name, uint8_t *password);

The Project will also enable the logout feature that will save/update the tox_data and lock down the profile encrypted using data_write_messenger and data_lock functions.

int data_write_messenger(tox_data *data, uint8_t *buffer, size_t length);
int data_lock(tox_data *data);

Import-Export dialogs

(Import dialog mockup UI repo: https://github.com/seshagiriprabhu/gsoc-2)

(Export dialog mockup UI repo: https://github.com/seshagiriprabhu/gsoc-3)

A simple dialog box with file chooser in it, which will allow to pick any file from the disc. After a user chooses something, the widget would try to parse it as a tox data/profile file and display some informations like profile name, time when the profile was accessed last time etc.
There are currently 3 different tox data files: toxcore raw and libtoxprofile raw and encrypted. These are the two cases which the user profile import/export will encounter:

Profile type Import Export
Case 1:
Only encrypted profile
Allows to import encrypted profiles and raw toxcore data. When user tries to import a raw toxcore data, it will be converted to a tox encrypted profile, i.e. user will be asked to give it profile name and password Allows to export already existing profiles (which are all encrypted tox profiles) as tox encrypted profiles (basically just makes a copy of a selected profile) and raw profiles (just for compatibility with other clients).
Case 2:
Both encrypted and raw profiles
Allows to import encrypted profiles, raw profiles and raw toxcore data. When trying to import raw toxcore data, it can be converted to tox encrypted or raw profiles, i.e. user will have an option to choose. For encrypted the user will be asked for profile name and password, for raw just a profile name. Allows to export already existing profiles (which are all either encrypted tox profiles or raw tox profiles) in all possible formats, i.e.
raw profile → raw profile,
raw profile → encrypted profile,
raw profile → toxcore raw,
encrypted profile → raw profile,
encrypted profile → encrypted profile, encrypted profile → toxcore raw.

Mockup UI – 3: When the import dialog is opened

Mockup UI – 4: The widget displays some of the unencrypted fields of the loaded file

Upon selecting a file the widget will parse the selected file and will display some of the data (profile name, unix timestamp from when the profile was last used, profile type etc)  read from the unencrypted block of the .tox file.

Mockup UI – 5: Import dialog calls an authentication dialog

 Whether its case 1 or 2, the widget will force user to create an encrypted profile when a raw profile is imported. data_init function will be called here to create an encrypted profile.

Mockup UI – 6: When an encrypted profile is imported

 In both case 1 and 2, when a user tries to load an encrypted profile, the widget will prompt user a dialog box to enter the password in-order to unlock his profile. This is done by calling data_unlock function

Mockup UI – 7:, Export dialog box with filters

 After a user logins,  the data is unlocked and hence we could export it to any format we want. The only condition to be checked here is whether a user is logged in or not before exporting. The export widget will indeed call getSaveFileName of QFileDialog which will create a copy of /home/seshagiri/.config/tox/current_user.tox to the directory which user prefers if the current logged in user uses an encrypted profile. This is the code snippet which exports to any of the filter (raw, encrypted or toxcore raw)

QString filename = QFileDialog::getSaveFileName(this,tr("Export Profile"),
                  MySettings.value(DEFAULT_DIR_KEY).toString(),
                  tr(RAW";;"ENC";;"TOX_RAW),&selectedFilter);
if (selectedFilter == RAW) {
      // code for encrypted -> raw or raw -> raw conversion
} elseif (selectedFilter == ENC) {
      // code for enc -> enc or raw -> enc conversion
} else {
      // code for enc -> tox_raw or raw -> tox_raw conversion
}

 File transfer support is the next major task in this project. A new file transfer widget would be introduced as a part of the project. The file transfer widget maintains a list of files transferred between a particular friend and it will be stored in SQLite DB and sorted based on the timestamp of file transfer actions (send, receive, pause, accept and stop).

The file transfer widget is to be located between friend item widget and message display widget. It has two states: opened and close. When a user chats with one of his friends, upon opening the file manager widget, it will display a (file transfer manager) dialog box with a list of files transferred to that particular user using a QListWidget. A global file transfer manager could be accessed from the settings menu which has an embedded filter in-order to facilitate file search based on filename, friend(s), timestamp, send, stopped and received.

Users will be able to upload a file by clicking on the file attachment button at the right corner of the ChatView widget. Upon clicking on file transfer widget, a file transfer manager dialog will pop up.

File Transfer Manager Dialog

(Mockup UI repo: https://github.com/seshagiriprabhu/gsoc-4)

As an effort to bring all the file transfer actions at a single place, the project will introduce a file transfer manager just like the download manager of firefox. All the file transfer history could be accessed from this file transfer manager. The file transfer also consists of a search filter embedded to search based on various filters including: filename, date time of transfer, send, received, to/from a friendID etc.

Mockup UI – 8: File Transfer Manager Mockup UI

The project will enable certain callback functions of the toxcore upon accepting a friend request which includes callback functions like:

  1. File send request
    void tox_callback_file_send_request(Tox *tox, void (*function)(Tox *m, int, uint8_t, uint64_t, uint8_t *, uint16_t, void *), void *userdata);
  2. File control request
    void tox_callback_file_control(Tox *tox, void (*function)(Tox *m, int, uint8_t, uint8_t, uint8_t, uint8_t *, uint16_t, void *), void *userdata);
  3. File data
    void tox_callback_file_data(Tox *tox, void (*function)(Tox *m, int, uint8_t, uint8_t *, uint16_t length, void *), void *userdata);

SQLite database is going to be used as a part of the project for storing the file transfer history of the users. The application will be tweaked to detect an SQLite db file under a specified directory on the disc. If it is not found, the application will create a new database file. This event will happen whenever a user login occurs.

Schema of the file transfer database would look like this:

sqlite> CREATE TABLE transfer_details (
   → ID INTEGER PRIMARY KEY,
   → transfer_role VARCHAR,# transfer_role {send, received, sending, receiving, paused, stopped}
   → timestamp DATETIME,# Will be updated to the current system time when a transfer role changes
   → filename VARCHAR,
   → userID VARCHAR, # Logged in user’s id
   → friendID VARCHAR, # The id of the person at the other end
   → totalFileSize FLOAT, # The actual size of file to be transferred 
   → transferedFileSize FLOAT,# The size of file transferred so far
   → );

SQLite currently does not support data encryption. There is an opensource SQLcipher but it is not available for Qt platform yet. So its upto the user to keep the database file safe on the disc. The project will not use any object relational mapping library rather plain sql queries would be used to access the transfer_details.

If time permits, the project will include an implementation of a spell checker with multilingual support in the input text box widget. Currently, the Tox Qt GUI supports only English language and it doesn’t have spell checker. This proposal aims to integrate a spell checker with the input text box widget which will allow user to fix misspellings by using the spell check. The user would be able to select different language dictionaries from a context menu. Hunspell spell checker will be integrated to the Qt client as it extensively used in most popular open source applications like libreoffice, openoffice, mozilla firefox, thunderbird and chromium. Hunspell has support in  Mac OS X and Windows based operating systems.

Files to be added to the project:

src/logindialog.hpp An interface which is the entry point to the application. The user will be able to use the messenger only after authenticating or signing up. Will be called from starter class before creating mainwindow.
src/importdialog.hpp An dialog box which will import the user profiles. This class also validates the user profile data file and loads the user environment like previous GUI size, friendlist, chat logs etc upon completing the import
src/createuserprofile.hpp A dialog box for creating an encrypted profile. If the imported user profile is raw.
src/validateprofile.hpp A dialog box which asks password of the encrypted user profile which is imported
src/exportdialog.hpp A dialog class which deals with exporting the user profile data to a file. It will allow user to export to these formats: Raw, encrypted and toxcore raw format
src/filetransfermanagerDialog.hpp A dialog box which displays a list of files transferred by the current user. It also has an embedded file filter.
src/filetransferwidget.hpp A widget which maintains a list of files transferred by the current logged in user. This widget will make use of DataBaseManager class for all the database related operations.
src/fileItemDelegate.hpp This class provides display and editing features (pause, resume, stop) for data items of the model used for QTreeView in FileTransferManager dialog.
src/filefilterWidget.hpp A widget for filtering the files based on filename, timestamp, friend, send and received. This widget will also interact with DB.
src/DatabaseManager.hpp An object class for creating, storing, updating, deletion of file transfer data from the SQLite database. This will create a db file on the local disc either if it is destroyed/lost or when the application is opened for the first time.
submodules/ProjectTox-libtoxdata A library for saving and loading encrypted copies of the Tox Messenger using scrypt-jane.
src/spellchecker.hpp A widget which uses the hunspell to check the errors in the words entered in input text widget. The widget will also have a custom menu bar which could be used to get word suggestions if there are any spelling errors and the user could also select other languages using the same.

Profit for Tox Qt GUI

  1. Facilitate the use of Tox Qt GUI by allowing the user to create profile(s) and store the data in encrypted or raw format, thus making the Qt client more intuitive, portable and secure.
  2. A widget for sending and receiving files for the Qt client.
  3. Increasing the reach of Qt client to wide range of people by enabling multilingual support. 

Roadmap

  1. Until mid May: Publish my goals to the Tox Qt GUI community and try to get some feedback and  suggestions on my plans. I will get familiar with the specific Qt GUI internals that I require for my work.
  2. Until June end: Implement the first feature: that means that I will begin with implementing login and user account creation, continue with import/export user profile
  3. Until July end [buffer upto August mid]: Implement the second feature: I will begin designing (hard coded) the UI for transfer widget and continue with implementing the functionalities of the widget i.e send, receive, pause, accept, stop etc.
  4. Until mid August: If the above tasks are completed, integration of the spell checker for input text widget with multi-lingual support and support of notification messages would be implemented.

Detailed timeline

May 12 – May 23 Academical examinations
May 24 – May 27 Discuss implementation details and ideas. Fix some more bugs.
May 28 – June 2 Code the import, export and all the sub dialog boxes
June 3 – June 22 Integrate libtoxdata to Tox Qt GUI code base, validate the login, profile creation, importing raw and encrypted profiles, exporting to raw, encrypted and toxcore raw formats.
June 23 – June 29 Mid review + Testing all the features implemented so far
June 30 – July 6 Code the file transfer manager dialog  + Implementation of FileItemDelegate, FileFilter, FileTransferWidget, DatabaseManger and FileTranferManager
July 7 – July 20 Implement fileSendReceived, fileSendRequestReceived, fileControlReceived, fileDataReceived, fileControlReceived, fileDataReceived, sendFiles, receiveFilesand fileSendCompleted functions.
July 21 – July 27 Implement file drag’n’drop functionality in the message display widget and input text widget and integrate it with file transfer widget
July 28 – Aug 3 Implement search functionality with smart filter (filename, friend(s), timestamp, send and received) in the file transfer manager dialog
Aug 3 – Aug 11 Testing file transfer support
Aug 11 – Aug 22 Final report + if the above tasks are completed a spell checker with multi-lingual support in the input text widget would be implemented
Afterwards Continue testing and bug fixing

Personal Details

  • Full name: Seshagiri Prabhu Narasimha
  • Timezone: UTC +5:30
  • Email Address: seshagiriprabhu@gmail.com
  • IRC username: seshagiri
  • Patches for Tox:  #768, #108and#108
  • Github repo: https://github.com/seshagiriprabhu/
  • Will you treat Google Summer of Code as full time employment?:  Yes
  • How many hours per day will you work?: 7+ hours per day
  • List all obligations (and their dates) that may take time away from GSoC: I have exams starting from May 12th to 23rd. College will re-open in mid July. When the college re-opens, I will be able to work only for 5-6 hours per day.
  • Estimated last day of classes/exams: May 23rd
  • Estimated first day of classes: July 16th

Why Tox Qt GUI

I envy Tox, an open source messaging application that is developed from ground up by putting privacy at the forefront which makes it revolutionary. I have done a few contributions to Tox before.  I have been providing bug reports and patches to Tox from time to time (issues #768, #108). I have also written some other patches that are not yet committed (issues #108).

I have  designed UI for several websites which includes inctf.in, portal.inctf.in etc. In June 2013, I have done a contribution to Sympy,  a python library for symbolic mathematics, in which I replaced the Bareis Fraction free algorithm (with computational complexity of O(n!)) for determining the determinant of matrices with Laplace expansion algorithm which runs on O(n2 ).

Recently, I have won a programming challenge which involved  involved the development of an open source disaster management communication information system for an NGO, Wise Earth Technology. The system consists of mobile communication stations, running on cheap open source hardware (raspberry pi connected to a 5 inch TFT display), supported by a web  application that uses the django web framework. In order to guarantee the peaceful use of this application, while ensuring that the military can use it for rescue operations during disasters, a new Peaceful Open Source License was adopted.

That said, I think that I will succeed in providing clean and fully functional enhancements to the whole project.

Advertisements

We have won a programming challenge


I am extremely happy to inform that we (Avani Lodhaya and me) have won the programming challenge organized by an NGO –  Wise Earth Technologies. Its only due to Amma’s grace and the guidance of Bithin Alangot that we were able to complete the challenge (of course! winning requires a special bragging rights) within time even though we have started working on it just 2 weeks before the deadline. We will receive a cash prize of 1000 Euros for our contribution which I will be handing over to Bithin for his living expenses as he is moving to USA (we worked on the project only for humanitarian purpose and boosting our resume). We have developed Crisis Communicator, an open source disaster management communication information system. The system consists of mobile communication stations, running on cheap open source hardware (Raspberry Pi connected to a 5 inch TFT display), supported by a web application that uses the Django web framework. In order to guarantee the peaceful use of this application, while ensuring that the military can use it for rescue operations during disasters, the system is released under the Peaceful Open Source License. The expected cost of the device will come around $50 – $100 per communication station, enabling its large scale deployment in disaster hit areas. The Crisis Communicator allows the rescue volunteers to connect to other volunteers using APRS (which has no ground infrastructure unlike other communication means like GPRS, 3G, CDMA etc) to obtain live updates about refugees, refugee camps, resource availability, condition of the roads, missing and deceased persons. All the features of the crisis communicator are embedded with the offline OpenStreetMap enabling its use on smart phones or PCs and the response team can add situational awareness and updates by simply tapping on the phone or simple mouse clicks. The application is capable of detecting the positions of the other volunteers using Global Positioning System. A complete user manual of the application can be found here. Here’s the link to the announcement of the winner in the organization’s website.

Below is a screenshot of the application

Below are the news articles published in local news papers (Indian Express and Kerala Kaumadi):

giri120130827155811giri220130827160039

Fast Walsh Transformation


800px-1010_0110_Walsh_spectrum_(fast_WHT).svg
In computational mathematics, the Hadamard ordered fast Walsh–Hadamard transform (FWHTh) is an efficient algorithm to compute the Walsh–Hadamard transform (WHT). A naive implementation of the WHT would have a computational complexity of O(N^2). The FWHTh requires only Nlog N additions or subtractions. It is easy to do a Fast Walsh Transform by hand. (Well, I say “easy,” then always struggle when I actually do it.) Let’s do the FWT of function f: (0 0 1 0 1 1 0 0): First note that f has a binary power length, as required. Next, each pair of elements is modified by an “in-place butterfly”; that is, the values in each pair produce two results which replace the original pair, wherever they were originally located. The left result will be the two values added; the right will be the first less the second. That is,

orginal 	0	0	1	0	1	1	0	0

Third		1 	1	-1	1	-1	-1	1	1
		^-------------------------------^
			^-------------------------------^
				^-------------------------------^
					^-------------------------------^
Second		0	0	0	2	2	2	-2	0
		^---------------^		^----------------^
			^---------------^		^---------------^
Second		0	2	0	-2	0	2	4	2
		^-------^	^-------^	^-------^	^-------^
Zero		2	-2	-2	2	2	-2	6	2

Code
====

/* Written by Giri
 * An implementation of Fast Walsh Algorithm */
#include "header.h"

/* A function to computer the FastWalshTransform */
long * FastWalshTransform ( long *f, ulong m1 ) {
	long  a, m = m1;
	ulong u, v, split, tempSplit, n = 1UL << m;

	for ( u = 0; u = 0; m--  ) {
    	split = 1UL << m ;
        for ( u = 0; u < n; u += 2 * split ) {
        	tempSplit = u + split;
			for ( v=u; v < tempSplit; v++ ) {
				a = f[v] + f[v + split];
				f[v + split] = f[v] - f[v + split];
				f[v] = a;
			}
		}
	} 
	return f;
}

int main ( ) {
	long *f;
	ulong m, i;
	printf ("Enter the number of variables in your boolean function : ");
	scanf ("%lu", &m);
	assert (m <= 30);
	ulong n = 1UL << m;
	f = allocate_long_table (m);
	for ( i = 0; i < n; i++ ) {
		printf ("Enter the value of [%lu] of boolean funciton: ", i);
		scanf  ("%ld", &f[i]);
		if ( f[i] != 0 && f[i] != 1 ) {
			printf ("Program accepts only binary values [0/1]\n");
			i = i - 1;
		}
	}
	f = FastWalshTransform (f, m);
	printf ("\n");
	for ( i = 0; i < n; i++ ) 
		printf ("%ld\t", f[i]);
	printf ("\n");
	return 0;
}

Sample output using the above given test case as an input.

$ ./question11 < testcase                                                                                                                                                       ✭ ✱
Enter the number of variables in your boolean function : Enter the value of [0] of boolean funciton: Enter the value of [1] of boolean funciton: Enter the value of [2] of boolean funciton: Enter the value of [3] of boolean funciton: Enter the value of [4] of boolean funciton: Enter the value of [5] of boolean funciton: Enter the value of [6] of boolean funciton: Enter the value of [7] of boolean funciton: 
2       -2      -2      2       2       -2      6       2

My first contribution to SymPy!


I wonder why more open source users do not actively participate in the open source community and become committers or contributors.

Sympy-160px

After understanding a project’s capabilities and roadmap, anyone is able to start directly hacking the source code and contributing useful extensions. Because open source is a distributed, participatory meritocracy, the upside benefit is high and the barrier to entry is low—you don’t have to move, be employed by a Valley startup, give up your day job, or wait to obtain a 4 years for a degree.

sympy_expr2

I made my first contribution to sympy (a Python library for symbolic mathematics) in which I contributed a simpler and easier technique to calculate the determinant of a 3×3 matrix which I have learned in Dr. Bhadrachalam sir’s Math class.  In SymPy, they were using Bareiss fraction free algorithm which was running on O(n**3) time complexity where as the proposed one runs on O(1). Which is indeed efficient than the Laplace expansion which we have learned in our classroom \latex{ C_{i,j} = (-1)^{i+j} \times M_{i,j}} with time complexity O(n!).

This is how it works.
Lets say we have a matrix A

     [00 01 02]
A =  [10 11 12]
     [20 21 22]

We copy column  1 and column 2 of A to the right side of the augmented matrix A. Such that it turns into a 3×5 matrix.

         |00 01 02|....|00 01 02 00 01|
det(A) = |10 11 12| => |10 11 12 10 11|
         |20 21 22| ...|20 21 22 20 21|

det(A) = Sum of the products of the diagonal elements from left to right – sum of the products of the diagonal elements from right to left

det = (00*11*22 + 01*12*20 + 02*10*21) - (02*11*20 + 00*12*21 + 01*10*22)

These are the corresponding 3 lines of code of the above mentioned method which I have contributed to SymPy:

elif n == 3:
    det = (M[0, 0]*M[1, 1]*M[2, 2] + M[0, 1]*M[1, 2]*M[2, 0] + M[0, 2]*M[1, 0]*M[2, 1]) - \
          (M[0, 2]*M[1, 1]*M[2, 0] + M[0, 0]*M[1, 2]*M[2, 1] + M[0, 1]*M[1, 0]*M[2, 2])

It is also about 100X faster than using bareiss and the correctness is easily confirmed (as per the comment by the developer)

This is the pull request of mine which was merged by one of the developers in Sympy -> https://github.com/sympy/sympy/pull/2180
Even they have added me to the contributors list -> https://github.com/sympy/sympy/pull/2183

I was very weak in Math during my bachelor’s degree (I even had a backlog in vector Calculus and ODE, which is related to this contribution :-p) . Recently (after joining for master’s degree), I started liking math. I would like to thank my Math teacher Bhadrachalam sir for invoking my interests in the same. I came to know about SymPy through Vipin sir. As I didn’t had any previous knowledge in Python, I started learning it from PySchools, two weeks ago. Then I started looking into the code of SymPy on last Friday and I made my first contribution yesterday!

Xen hypervisor installation and configuration


As a part of Security in Cloud course of my master’s degree, I have configured and installed Xen hyper-visor in Ubuntu 12.04. Hence I thought to blog about it

Xen is an open-source hypervisor (The hypervisor presents the guest operating systems with a virtual operating platform) and manages the execution of the guest operating systems),  which makes it possible to run many instances of an operating system or indeed different operating systems in parallel on a single machine or a host machine.
Now, you might think that why I have used Xen hypervisor instead of VirtualBox or VMWare? The answer to that question is simple: The difference between Xen and VirtualBox is their usage or application. VirtualBox is to be used as a desktop application. So VirtualBox expects you to have a host OS pre-installed in your machine (say: Linux, Windows or Mac). Where as Xen is quite opposite, It can be thought of as the host OS even though you wouldn’t use it like a desktop environment. In terms of performance, Xen will probably edge out VirtualBox as it is a bare-metal (runs directly on host’s hardware to control the hardware and to manage the guest OS machine) hypervisor since the host OS is for Xen is tuned more for virtualization tasks rather than desktop duties. Another advantage of Xen is that it uses QEMU (which is a machine emulator and virtualizer). When used as a virtualizer, QEMU achieves near native performances by executing the guest code directly on the host CPU (especially when it is run under Xen hypervisor).

Pre-requisites for installing Xen hypervisor

We need to check whether our system supports Intel – VT / AMD -V hardware virtualization extensions for host CPU. All the latest Intel and AMD processors supports full virtualization. It may not be supported by some old Intel/AMD CPUs.
Use the following commands to verify whether hardware virtualization is enabled or not

(in a root shell for Intel machine)

# grep --color vmx /proc/cpuinfo

if the output is having vmx flags then your Intel CPU supports hardware virtualization.

(in a root shell for AMD machine)

# grep --color svm /proc/cpuinfo

if the output is having svm flags then your AMD CPU supports hardware virtualization.

Check your BIOS settings

Many, system manufacturers disable AMD or Intel virtualization technology in the BIOS by default. You need to reboot the system and turn it in the BIOS. (Take a look at this picture)
VirtualizationBIOSCapable_thumb

Checking Xen kernel

By default, if you booted into Xen kernel it will not display svm or vmx flag using the grep command. To see if it is enabled or not from xen, enter:

$ cat /sys/hypervisor/properties/capabilities

You must see hvm flags in the output. If not reboot the box and set Virtualization in the BIOS.

Installing Xen hypervisor and utilities

I am installing xen hypervisor and virtual machine manager, which is a desktop application for managing VM’s and its supporting tools.

$ sudo apt-get install xen-hypervisor-4.1-amd64 xen-utils-4.1 xenwatch xen-tools xen-utils-common xenstore-utils virtinst virt-viewer virt-manager  

Now, reboot to Xen kernel (a new entry will be visible in your grub)

$ sudo reboot

And verify installation has succeeded

$ sudo xm list
Name                                        ID   Mem VCPUs      State   Time(s)
Domain-0                                     0   945     1     r-----      11.3

Xend configuration
Edit /etc/xen/xend-config.sxp and add this line at the end of the document. To enable the UNIX domain socket server.

(xend-unix-server yes)

We need to start/restart the xend server in-order to apply the changes

$ sudo service xend start

Edit the bashrc file in your home directory to add this line. This will set a value to the environment variable VIRSH_DEFAULT_CONNECT_URI

export VIRSH_DEFAULT_CONNECT_URI="xen:///" 

Reboot your machine and then verify for libvirt installation:

$ sudo virsh version
Compiled against library: libvir 0.9.8
Using library: libvir 0.9.8
Using API: QEMU 0.9.8
Running hypervisor: QEMU 1.0.0

Lets start the virtual machine manager

$ sudo virt-manager

A new window will pop-up like this:
snapshot2

Lets a create a virtual instance now.

Before creating a virtual instance I will copy down the error which I have got and I will provide the solutions for the same:
Screenshot at 2011-12-30 20_15_44
Screenshot at 2011-12-30 20_15_44
You can fix these issues by executing these commands:

$ sudo mkdir /usr/lib64/xen -p
$ sudo cp /usr/lib/xen-4.1/* -r /usr/lib64/xen/
$ sudo mkdir /usr/share/qemu
$ sudo cp -r /usr/share/qemu-linaro/keymaps /usr/share/qemu/ 

The system thew errors as it was expecting files in the specified directories which was not present in my machine. What I did was – I made the specified directories and copied files from the real directories.

We’ve fixed all the issues regarding creating the virtual instance. Lets start creating a virtual instance. You can follow the below given steps to do so:


You can follow the following steps to create so:
snapshot3

snapshot7

snapshot4

Run the installer

From now on you should install the guest from the ISO as if you were installing it on real hardware:

snapshot8

Creating a network bridge on the host

Install the bridge-utils package:

$ sudo apt-get install bridge-utils

We are going to change the network configuration1. To do it properly, you should first stop networking2:

$ sudo invoke-rc.d networking stop

To setup a bridge interface, edit /etc/network/interface to look something like this (it works for me!):

auto lo
iface lo inet loopback
auto br0
iface br0 inet dhcp

This will create a virtual interface br0.

Now restart network:

$ sudo /etc/init.d/networking restart

Bridge br0 to eth0

$ sudo brctl addif br0 eth0

And change the default bridge name to the one which you have created just now (“br0”).

snapshot9

You may not be able to ping to any machines from your ethernet interface, but you will be able to do the same using the br0 interface. This is because your ethernet’s IP is assigned to your bridge interface and ethernet interface is given a new IP. Run this command (the below given results was from my machine and it varies from network to network)

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.30.8.1       0.0.0.0         UG    0      0        0 br0
10.30.8.0       0.0.0.0         255.255.252.0   U     0      0        0 br0
10.30.8.0       0.0.0.0         255.255.252.0   U     1      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

And find the default gateway of your network.

$ sudo route add default gw YOUR_GATEWAY dev br0

This will add the default gateway and  associates with previously configured br0.

After executing the above mentioned steps, you should get something like this for getting the correct results:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.30.8.1       0.0.0.0         UG    0      0        0 br0
0.0.0.0         10.30.8.1       0.0.0.0         UG    0      0        0 eth0
10.30.8.0       0.0.0.0         255.255.252.0   U     0      0        0 br0
10.30.8.0       0.0.0.0         255.255.252.0   U     1      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

Manually installing an HVM Guest VM

Download the ISO image of any operating system (I used Ubuntu 12.04 32 bit version’s ISO)

Create a virtual disk of size 10 GB (9.8 G approximately)

$ dd if=/dev/zero of=new.img bs=1M count=10000

Create a guest config file ubuntu.cfg

builder = "hvm"
name = "ubuntu-hvm"
memory = "512"
vcpus = 1
vif = ['bridge=br0']
disk = ['file:/media/linux_data/Ubuntu.img,sda,w','file:/media/linux_data/ubuntu-12.04-desktop-i386.iso,hdc:cdrom,r']
vnc = 1
boot="dc"
vncdisplay = 7

Then you could create that virtual instance using this command:

$ xm create Ubuntu.cfg

In-order to run this virtual instance, you have to install xvncviewer, A VNC client lets you connect to a desktop that’s been shared..

$ sudo apt-get install xnc4viewer
$ xvncviewer localhost:7 

Now you can install the ubuntu 12.04 in your hypervisor and enjoy!

Hello world boot loader


Introduction

What is a boot loader?

  • It is a piece of code that runs before any operating system is running.
  • Boot loaders are used to boot other operating systems, usually each operating system has a set of boot loaders specific for it.
  • Boot loaders usually contain several ways to boot the OS kernel and also contain commands for debugging and/or modifying the kernel environment.

In this blog, I am concentrating only on Linux boot loaders. I’m trying to implement a simple 16 bit “hello world” boot loader which runs in an infinite loop.

OS used : Kubuntu 12.04, 64 bit.

Installing all the essential packages

  • $ sudo apt-get install nasm build-essential
  • Installation of virtual box in Linux (Download  Oracle Virtualbox from here)

Create a Virtual Drive image

Lets create a virtual drive image to copy the boot loader in-order to save a physical storage medium. Our first task is to find a place where we can put our boot loader virtually which can be loaded into a Virtual machine later. We’ll use a virtual floppy disk to do so.

Create a virtual floppy disk

$ head -c 1474560 /dev/zero > bootloader.vfd

You’ll have an empty “1.44 MB” image.

Code

This is the link to the code
compile the code using this step:

$ nasm -f bin -o OS.bin 1.asm

Copying the boot sector to virtual floppy drive

$ dd status=noxfer conv=notrunc if=OS.bin of=bootloader.vfd

This does a none-truncating move of the OS.bin into ‘bootloader.vfd’ (so it’s not blank anymore, its now got a boot loader installed), but the vfd file stays at a size of 1.44MB and the first 512 bytes of the file is overwritten with the bin file.

Running our code

Lets open up our Virtual machine. Create a new machine. Create a tiny virtual disk image of say 500 MB (minimum size of a VDI that can be created in a VM)

Adding a virtual floppy drive in Virtual box

Bootloader displaying “Hello World” message

Choose type as others and version as DOS Go to that VM’s settings->storage and select the virtual floppy disk that you have created. Now its time to boot and you can see this message printed!

SecurIT – 1st International Conference on Security of Internet of Things



If you have ever been concerned about using the internet and sharing details, you are not alone. Most of the common appliances in offices and households today are capable of being connected to the internet and indirectly monitoring your usage. While this offers larger flexibility, this convenience should not compromise your privacy. If you want to know all about this and how to manage threats and continue to live securely in the cyberworld, don’t miss out on this event. Amrita Vishwa Vidyapeetham is organizing the first ever international conference on Security of Internet of Things, SecurIT 2012, to be held at Amrita University campuses in Kochi and Amritapuri from 16 to 19 of August, 2012.

The SecurIT 2012, international conference will provide a leading-edge, cross-functional platform for researchers, academicians, professionals and industrial experts around the world to present and explore the latest advancements and  innovations in systems, applications, infrastructure, tools, test beds and foundation theories for the Security of Internet of Things. The three day conference will be hosted in the Amrita University campus in Amritapuri, in one of the most beautiful and picturesque locales of the Kerala coastal line.

The Internet of Things is a network of internet-enabled objects integrated via embedded devices, communicating with human beings as well as other devices as a distributed network. The conference focuses on the latest trends and  dvancements in the security aspect of internet of things. The conference will have academicians from universities and research labs and professionals from industry verticals such as security solution companies, automobile, mobile and wireless companies etc. to participate and contribute their original work and technical papers in key areas such as s security in cloud computing, mobile networks, cyber-physical control systems, healthcare systems, etc.

The conference uses a variety of formats to enable dialogue and participation ranging from technical presentations, demos, breakout sessions and hands-on workshops and tutorials on various key subjects of interest. As part of the conference events, an exciting student contest on ethical hacking called, sCTF (SecurIT Capture The Flag) is being conducted with attractive prizes and awards for the top-runners. Eligible students are offered free accommodation and travel grants to participate in the conference.

The conference is also conducting a contest ‘PitchFest’ a contest for start-ups with innovative ideas on internet of things. This contest is a perfect platform to present your innovative business ideas in the field of Internet of Things. The event is being held in cooperation with Cloud Security Alliance, and Trusted Computing Group. Pitchers can present their ideas in front of the elite panel of Pitchfest comprising Top level executives from our associate partners such as, Intel Capital, Cloud Security Alliance, Trusted Computing Group and www.edventure.com. The event will also give you an ample opportunity to network with many of the C level executives and CEOs from world famous companies across the globe.

The SecurIT 2012 conference will feature keynote and invited talks by world renowned speakers such as Robert Kahn, Co-Inventor of TCP/IP protocol, Esther Dyson, Entrepreneur & Philanthropist, Gulshan Rai, Director General, Cert-In, Pranav Mehta, CTO Embedded Systems, Intel Corporation,Yuliang Zheng, Professor, Department of Software and Information Systems University of North Carolina.

The conference is co-chaired by Dr. Ross Anderson, University of Cambridge and Dr. Greg Morrisett, Harvard University. The conference is steered by world-known technocrats and computer scientists such as Dr. Andrew Tanenbaum, VU, Amsterdam, Dr. Robert Kahn, Co-inventor of TCP/IP & CEO President, CNRI, Reston Virginia; Dr. Gulshan Rai,  Director General, Cert-In, Dr. John Mitchell, Professor, Stanford University & ACM Fellow, Dr. Gene Tsudik, Editor-Chief of ACM
Transactions on Information and System Security & Professor, U.C. Irvine, Dr. Prasant Mahopatra, IEEE Fellow & Professor, U. C. Davis; Dr. Sree Rajan, Director, Fujitsu Laboratories of America, Dr. Masahiro Fujita, Professor, University of Tokyo, Dr. Venkat Rangan, Amrita University.

For more information, please visit our website, http://www.securit.ws/