Posts Tagged with work

posted by brwyatt on September 22, 2013

I've been thinking, I need to use this blog more. Because I can.

Not much really goes on around here, really, but I have some interesting ideas and projects I'm starting or will start, or at least want to offer up for others. But I do also have the random ramblings of a crazy person, too. In theory, I assume that if I throw enough stuff on here, something may be useful to someone. Maybe.

Last weekend, I finally decided to "break into" my 24-port SGE2000P Linksys switch again. QoS managed to turn itself on again, and as a bonus, all the settings were reset. Long story short, I found out why, and any Cisco device user will instantly know why. Needless to say, any time it loses power, it will reset to it's "startup config". This is a great failsafe if you manage to make a change that breaks everything. But, I was able to get back into the router, change the settings, and then found the copy config section in the settings (yes, I'm using the web GUI, I'm too lazy to learn IOS right now) so I could copy the running config to the startup config. What this means for me, is no more having my download randomly drop from 20mbps down to 0.2mbps while trying to watch Youtube.

In somewhat related news, I've got an 8-core box sitting in with my servers at the moment, but powered down. It has been there for a while, and I've been wanting to get it configured to jump-start my virtual environment before I get the real hypervisor I'm planning to get sometime in January. My thinking was that I could set this small server up, get all the core network infrastructure setup on it (DHCP, DNS, Puppet master, network auth (NIS? LDAP?), Zabbix, etc), as well as learning how to setup and configure OpenStack, and start tinkering with it NOW, so that when the expensive hardware comes in, I can just move everything over to it, and start playing with more useful stuff such as moving everything off my old server (MySQL (Postgres instead?), Tor, Freenet, Minecraft server, etc) over to it, and even start messing with some more fun things like metrics and things like Redis and RabbitMQ. My only issue is not exactly FINDING time... but MAKING time. As soon as I walk in the door to my aparement, my brain just turns off. This effects my other personal projects as well.

Speaking of personal projects...

I have more than a few "personal projects", all under the name Jungle Cat Software, and hosted publicly on GitHub. As you can see there, I have a few things up with varying degees of work put into them. I probably have the most work put into Bad Science! and BRGE (the engine behind Bad Science!), which was probably the most fun project, but also the least useful. BitcoinAccess was a Bitcoin RPC client that could talk back to either an RPC-enabled client you left running at home, or a service that follows the Bitcoin RPC standard, and is probably the more reasonably useful project... if I finish it. If anyone is inclined to help on any of these projects, I would happily welcome it, and you can find more about what I planned by looking at their boards on the Trello account.

More recently, I started (for some definition of the word "started") another project aiming to combine several ideas in Tor and Freenet; basically using routing more similar to Freenet, but in a real-time way such as Tor, and preferencing low-latency paths and neighbors. I'm personally quite fond of this idea, and I think it could actually be useful. So let me talk about CryptNet for a moment.

So here is my thinking. Largely, it's intent is to be oriented aroud the idea of a "OpenNet", and connect to anyone nearby that you can, possibly even scanning your LAN for connections. Once connected, you now become a part of the network, and route traffic just as a relay in Tor or a node in Freenet would. Except for some differences. Freenet is, essentially, a distributed datastore; incomming requests are checked locally to see if you have data, and then passed on to nodes that appear to be "closer" to the data if you don't (there is a bunch of math and stuff happening here that I'm not going to get into). There is also some stuff with the ranomly-decrementing TTL to hide the originator, and then found (or not found) data travels back along the same path and that's that. Tor, in contrast, creates "circuits" in order to route requests. If a request to an external resource is made, then it is created to an exit node and your traffic passes through a series of three nodes on the network, then out to the destination (some services, like DuckDuckGo, will host a router that can exit to their services, and traffic will be routed to their exit to improve performance). Traffic to an internal network resource again creates a circuit, and then is routed to that resource.

What I'm proposing is something slightly different, and something that can take advantage of the higher bandwidths available. But, then again, we still don't want to flood the Internet! If each client has a handful of "addressable keys" (think GPG fingerprints or Bitcoin addresses), a user can discard or create new ones as necessary, but keys should typically stick around for at least a little while during a given "transaction" on the network (A file download, a conversation, etc). From here, we can start building a kind of "table" of what keys we find from which of our connections to the network, and if we see them on multiple, we can determine which link(s) are faster, so we can start building a graph, but where we can only see a small part of it, specifically, our own connections to our neighbors, and which keys they route through them. But this only gives us half the story. Our connection to "A" might be lower-latency, but a user with a given key might be closer to node "B" (or may even be owned BY "B"!), and may have a shorter round-trip time. So we can get into some interesting Math and huristics there.

It may also be possible to send the same message through ALL of the nodes you are connected to, and those nodes could do the same. Obviously this can get out of hand really fast. By using the key table mentioned before, nodes can eliminate some paths if they don't have the key, and we can even send responses back upstream to say "I don't know this key" if a request is received and you know the key doesn't exist or is unroutable from you, thus eliminating that node as a valid path. Nodes on the network also need to NEVER route a duplicate message with the same ID, in case of duplicate paths. It is expected to receive duplicate messages at times, and they need to be handled correctly (that is to say: ignored and NOT passed on again), it may be also good to transmit a "key not found" back upstream to the node that sent the duplicate message, to remove the slower path from their routing tables. In this way, the network can find the fastest paths through the network.

However, this does bring up an interesting concern for attacks similar to Freenet, where if an attacker has all your connections, they can start to reasonably determine who you are and your activities. But also, due to "path reduction", this attack could become possible from a distance. Thus, Key rotation, but keys can be linked as the same person with enough data (like bitcoin addresses). Rotating connections (dropping some connections, and creating new ones), much like Tor circuits, can help resolve some of that, changing the landscape of the network as nodes move around in the graph. So this brings up interesting routing challenges; and, as you can see, can result in a bit of bandwidth consumption, especially with newer connections.

But one thing I really like, is the idea of having a common "key store" on the client that plugins can use to store keys, so that the client can properly determine which messages are for itself, and route them to the proper plugin. And since all the messages are a common format, any kind of data can be routed through even older nodes that may not even support the plugin. In it's simplest state, the client is simply a router for the network. It keeps track of keys it sees and connections, and that's it. You can add plugins which create and manage keys for the user, and allow interaction on the network. Someone could easily write a plugin to act like an exit node and a proxy node, to allow regular network traffic (like HTTP) to be proxied over it (just like Tor), or write a datastore, just like Freenet, or even write encrypted communications on top of it, even run things like Tor hidden services, or possibly filesharing like as on DC++ or Gnutella.

I think it has potential, but maybe not. I think the bandwidth hit is survivable, especially on LANs, and the architecture could provide, essentially, a faster kind of Freenet for more real-time applications. What do y'all think?

posted by brwyatt on June 9, 2012

I keep forgetting I have this blog to write my thoughts and ramblings for the world to see (and for spammers to try and spam the comments, apparently...(And FAIL MUAHAHAHAHAHAHA)).

So... Tomorrow (well, I guess today...) I'm moving out of my parent's place and into my own place. It isn't too far, but it is exciting and scary. Still kinda working on packing, though at this point, much of this can just be carried by hand, but I want to make it a little easier on me. I should also probably note that this is all possible because I'm now a FULL TIME, SALARIED employee at work! That, in itself is pretty exciting too... I mentioned it before when I got to sign the paperwork, but now the paychecks are comming in from what was an offer, but is now an official position.

As far as the moving goes, I'll be without my own Internet until sometime Monday when it gets installed. I'll be leaving my server here, though, so there won't be downtime till probably Sunday night, lasting until whenever on Monday when the Internet is hooked up. I'm paying for 25/25 BUSINESS Internet with a static IP address (71.244.54.5).

So that should be fun and exciting... probably should get some sleep or get some more stuff packed...

posted by brwyatt on April 19, 2012

On Monday, I finally received my first two spam emails on my Tor email account on brwyatt.net. It is no surprise since that address is publicly listed with the list of Tor nodes from when I ran a Tor Relay (and will again). So, I got to install SpamAssassin and tested it out and it works. This is actually kinda exciting, to be honest, getting my first spam email on my domain. I haven't gotten any spam since, however, which is good, but I really wanted to see it get assassinated by my fancy new spam filters.

On the other side of things, I got an official job offer at work today. Still have all the paperwork to do for it, but it is exciting. It is nice to see life moving forward.

posted by brwyatt on February 13, 2012

To get the boring stuff out of the way, I've updated the homepage text and the about page text to have some amount of better information on it, but haven't done anything more than that. Should probably have the most recent blog post showing on the home page, though... Maybe next update...

But, on a more important/personal note... I've been looking at apartments lately. Parents have pretty much said that I need to move out and have given June as the general time that it will be done. This isn't entirely a bad thing, and I suppose I kinda needed that push. I just need to secure things down at work and get that all settled. But I think I have a place all picked out, it is nice, simple, and they offer Verizon FiOS for Internet access, so I can still have super fast Internet at the new place.

So things are looking up, and I'm moving on and at the edge of starting MY LIFE. I have a job doing things I'm interested in (even though it can be stressful at times, but that isn't always a bad thing), I'm preparing to move out to my own place, and it is looking like school is no longer an issue or source of stress in my life. I realized yesterday that this has been the moment I've been waiting for, things have been coming together and I just have to take a couple more steps to get to the edge, but it is right there, within my reach, and it is exciting. Scary, sure... but exciting. I mean, I'm not thrilled about paying bills, but there is something to be said about manaing your own life, even if it means you have to deal with the shitty things like taxes and bills. So, in a way, I'm even excited about paying bills, because it will be MY electricity, MY water, MY Internet, MY phone, MY car.

Like I said: scary, but exciting.

posted by brwyatt on January 23, 2012

Not that I really have much to say on a regular basis, but I can try!

Regarding my previous post, things have calmed down quite a bit; and besides that one incident at home, the rest of the week really was quite amazing. Work really was a lot of fun, I was really in my element this week, doing server maintainance/setup/configuration type stuff, the things I tend to do on my own for fun at home.

Then, Thursday night, I finally got Linux working on my laptop! Had to manually fix the graphics and install the Catalyst 11.11 drivers manually, but other than that everything else "just worked". That is, until one of the updates managed to break Bluetooth, so I've got to use a wired mouse until another update fixes it. (which there will be at some point).

As far as the site goes, I haven't really worked much on any of the technical stuff lately, with exception to getting my Jabber server to work with the MySQL database to have the site and Jabber share logins. I still have to get user "levels" setup so that I can open registrations to others. Been having some issues using external auth with ejabberd, but I hope I'll figgure it out. If anyone has anything they would like to see on this site, leave a comment, I'd love to hear any suggestions anyone might have!