Suramya's Blog : Welcome to my crazy life…

June 27, 2024

What’s the Difference Between Mastodon, Bluesky, and Threads?

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 11:39 PM

When Twitter was taken over by Musk a lot of us folks moved to alternatives because of the change in the quality and tone of Twitter. In the early days many alternatives were created but now the field has narrowed down quite a bit and the main alternatives are: Mastodon, Bluesky, and Threads. I have accounts on both Mastodon and Bluesky but primarily use Mastodon as most of the security and Tech experts migrated to Mastodon. Some interesting folks are there on Bluesky as well but for some reason I don’t find it as interesting to scroll the feed over there.

If you are not aware of the apps you might wonder what is the difference between them, EFF (Electronic Freedom Foundation) did a great write up on the various alternatives to Twitter and you can check out the article here.

– Suramya

May 24, 2024

OpenSSF launches Siren to provide real-time security warning for Open Source Software

Filed under: Computer Security,Interesting Sites,Security Tools,Tech Related — Suramya @ 6:41 PM

Securing OpenSource software (OSS) can be a bit of a challenge at times and a lot of the Infosec feeds that give information on Security issues in software are commercial paid entities. There are software that scan for OSS vulnerabilities but we can always use more threat intelligence networks.

Open Source Security Foundation (OpenSSF) has launched a new threat intelligence sharing group called ‘OpenSSF Siren‘ that aims to provide real-time security warning bulletins and deliver a community-driven knowledge base to fill the gap between the open-source and enterprise communities.

The OpenSSF Siren is a collaborative effort to aggregate and disseminate threat intelligence specific to open source projects. Hosted by the OpenSSF, this platform provides a secure and transparent environment for sharing Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with recent cyber attacks. Siren is intended to be a post-disclosure means of keeping the community informed of threats and activities after the initial sharing and coordination.

The Key features of the OpenSSF Siren include:

  • Open Source Threat Intelligence: shared with the community about actively exploited public vulnerabilities and threats.
  • Real-Time Updates: List members receive notifications via email about emerging threats which may be relevant to their projects, enabling swift action to mitigate risks.
  • TLP:CLEAR: To facilitate effective unrestricted transparent communication, the list follows the Traffic Light Protocol (TLP), Clear guidelines for the sharing and handling of intelligence.
  • Community-driven: Contributors from diverse backgrounds collaborate to enrich the intelligence database, fostering a culture of shared responsibility and collective defense.

You can sign up for it here: Siren Sign-Up
Source: OpenSSF sings a Siren song to steer developers away from buggy FOSS

– Suramya

May 12, 2024

A High-Level Technical Overview of Fully Homomorphic Encryption

Filed under: Computer Security,Emerging Tech,Interesting Sites,My Thoughts,Tech Related — Suramya @ 10:13 AM

Homomorphic Encryption is an interesting application of data encryption in that it allows us to encrypt data in a way such that we can perform computations on it without first having to decrypt it. The more formal definition states “Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Homomorphic encryption enables complex mathematical operations to be performed on encrypted data without compromising the encryption.”

I have been following the work on Homomorphic Encryption solutions since 2017 onwards, which was when I first became aware of it and have read tons of articles and papers on it. The overview by Jeremy Kun is probably the best one I have seen so far. His post with A High-Level Technical Overview of Fully Homomorphic Encryption goes into enough technical details that you understand it without going so deep that you are lost in the details.

Homomorphic encryption lets you encrypt data in such a way that you can run programs on it without ever decrypting it. This means that the computer running the program has no access to the underlying data while running the program—neither via intermediate computed values, nor even the result. In particular, if a nefarious human had access to the machine’s raw memory, they still could not learn any information about the underlying data (without breaking the cryptography). A user sends the program an encrypted input, and when the program is done, the encrypted result is sent back to the user to decrypt.

Running a program on encrypted data sounds magical. It works by choosing an encryption scheme that is “compatible” with addition and multiplication in the following sense:

Adding ciphertexts gives you an encryption of the sum of the underlying plaintexts.
Multiplying two ciphertexts give you an encryption of the product of the underlying plaintexts.

Given this power, you can encrypt your data bit by bit, express your program as a boolean circuit—an XOR gate is addition and an AND gate is multiplication—and simulate the circuit. Since XOR and AND form a universal basis for boolean logic, you can always decompose a circuit this way.

Check it out if you are curious about Homomorphic Encryption and want to learn more.

– Suramya

April 16, 2024

Creating a Tic-Tac-Toe game using a single printf statement in a loop

Filed under: Computer Software,Interesting Sites,My Thoughts,Tech Related — Suramya @ 12:19 PM

The printf statement in C/C++ (and other languages) is a fairly innocuous command that prints information to the screen (or any other output stream). Reading over JWZ’s blog post (The Turing Police say “X Wins”) I found that I was mistaken as it is much more powerful than that. In fact, a single printf statement in a loop can be used to create a full interactive game of tic-tac-toe and this is demo’d by Nicholas Carlini, who has implemented this and you can view the code over at their GitHub Repo: tic-tac-toe in a single call to printf.

Apparently, this was inspired by the International Obfuscated C Code Contest. The repo has an explanation on how this works and I am still going through it to wrap my head around how it works and understand it fully. Check it out if you have some time.

– Suramya

March 26, 2024

Sharpshooters bugs catapult their urine out into the world faster than expected

Filed under: Interesting Sites,Science Related — Suramya @ 11:38 PM

Nature is awesome and we are still trying to figure out how a lot of the things common in nature work and how to artificially create the same. So far most of our efforts have been poor copies of what is there in nature.

A bug called sharpshooter has the ability to catapult their urine out into the world from a special liquid-shooter in their butts. Interestingly the water being expelled is faster than the speed at which it was launched which has implications on rocket science, fluid dynamics and many other areas.

“The sharpshooter gets all its nutrition from the thin, watery liquid inside a plant, called xylem sap, which it sucks out with this tube-shaped stylet. That sap has so little nutrition that sharpshooters need to guzzle nonstop. Taking all that liquid in presents a problem – how to move it out. The sharpshooter has evolved the perfect tool for the job: an anal stylus — or butt flicker. Here’s something incredible: Each drop of pee actually travels faster than the speed at which the butt flicker launched it. Learn about this incredible creature’s super-propulsive pee in this video!”

Source: boingboing.netSharpshooters are bugs that catapult their urine out into the world

– Suramya

March 8, 2024

alphaXiv – Forum to discuss any papers posted on ArXiv

Filed under: Interesting Sites,Science Related — Suramya @ 4:40 PM

Research papers can be hard to understand and sometimes you don’t have people or a community around where you can discuss a given paper and collaborate. In Bangalore we have a community called ‘Papers we love’ which did something similar but for a single paper every week as an in-person event.

There is a site called alphaxiv.org/ that I found out about recently. It is an interactive forum for anyone to comment line-by-line on arXiv papers. This allows you to collaborate and discuss the paper with others who find it interesting as well. One thing to keep in mind is that ArXiv papers can be pre-published versions which are not fully peer reviewed yet.

To start using the site, you need to create an account with them. If you don’t have an educational institute email address then you will have to verify your phone no as well in the near future. As of now you don’t need to do that. I guess they are doing this to prevent automated spam. Once you have an account and are logged in using the site is quite easy. You can browse for currently trending topics or search for a specific paper. If you are reading a paper on arXiv, you can change “arxiv.org” to “alphaxiv.org” in your URL search bar, and you will automatically be redirected to the forum for that paper.

Check it out when you get a chance as it is quite interesting.

– Suramya

October 29, 2023

What Happens to a Werewolf if they are on the Moon?

Filed under: Interesting Sites,My Thoughts — Suramya @ 12:15 AM

@SpeakerToManagers shared a very interesting link on Mastodon where Scientific American’s researchers talk about What Happens to a Werewolf on the Moon? assuming a reality where Werewolves are real.

On the other paw, shortly after the monthly sunrise, the entire landscape surrounding our future lycanaut will be lit by the sun, which could then trigger the change; from their view, the entire moon would be illuminated, so it would be, by some definition, full. This could mean that the danger would be hugely amplified because the transformation wouldn’t last a mere terrestrial night but an entire lunar day, which is two weeks in duration. The carnage would be literally unearthly.

The questions raised where quite fun and it is an interesting what if question.

– Suramya

October 19, 2023

How to approach a topic to make learning hard things easy?

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 7:16 PM

Talking about complicated topics is hard. I remember reading somewhere that if you can’t explain what you do in simple enough terms that a grandmother can understand it then you don’t know enough about what you are doing. Unfortunately I can’t find the original quote but if you think about it, it makes sense. People who don’t understand a given topic in depth will revert to using acronyms or jargon to explain what they do. Folks who do understand will be able to explain it using small words and concepts. The best example of this is the Thing Explainer: Complicated Stuff in Simple Words a book by Randall Munroe from the XKCD fame. In the book, things are explained in the style of Up Goer Five, using only drawings and a vocabulary of the 1,000 (or “ten hundred”) most common words. Explore computer buildings (datacenters), the flat rocks we live on (tectonic plates), the things you use to steer a plane (airliner cockpit controls), and the little bags of water you’re made of (cells). My Niece and Nephew love the book and refer to it regularly.

Julia Evans recently gave a talk on Making Hard Things Easy that everyone should listen to or read, since she also gave a transcript. Which was awesome else I would have missed out on this great talk. She talks about how to approach a problem/question/topic to make it easier to understand with examples from her own experience.

Julia is a wiz at making difficult topics seem easy. She publishes Webzines that explain computer topics in easy to understand comic format. I have bought all the ones she has published so far as PDF’s and would recommend you do the same. The site above has samples of her work so do check it out.

– Suramya

October 4, 2023

India’s Early Electronic Music From 1969-1972 released publicly

Filed under: Interesting Sites — Suramya @ 7:56 PM

Not many people are aware that Indian artists have been exploring electronic music since the late 60’s. Unfortunately a lot of that early work was not available because the records from that time were not available. However, recently a bunch of tapes were discovered in a cupboard at the National Institute of Design containing recordings from the work back in the 70’s.

Now these recordings have been publicly released and can be accessed at The NID Tapes: Electronic Music from India 1969​-​1972 .

Check it out if you are a fan of electronic music.

Source: India’s Early Electronic Music From the ’70s Is Finally Being Released

– Suramya

September 7, 2023

Youtube2Webpage: Create Websites with Text from Videos

Filed under: Emerging Tech,Interesting Sites,Linux/Unix Related,My Thoughts — Suramya @ 7:35 PM

In my last post, I had talked about preferring text content to videos and coincidentally my Hacker News feed happened to cover a tool that takes a video link and creates a webpage with a transcript generated from the video’s closed captions paired with screenshots of the video. The program is called Youtube-to-Webpage. It is a Perl script that uses yt-dlp & ffmpeg to do the processing.

I tried it out using the curl video I talked about in the previous command as the input and the software did a decent job capturing the details. The output is very plain and looks like the following:

Transcription of Curl Training video
Transcription of Curl Training video

Since the program uses the built-in YouTube captions for getting the text from the video, the transcription is only as good as how good the captions are. One enhancement, that could make it better is to use a Speech-to-Text engine and use that text in the output. The slightly tricky part would be to match the screenshots with the audio/transcription timestamps.

Check it out if you prefer to read text instead of videos. I wonder how the output would look if we feed this to a LLM and ask it to make it like an article. That can be something we can explore for the next post 🙂

– Suramya

Older Posts »

Powered by WordPress