Suramya's Blog : Welcome to my crazy life…

January 11, 2021

Do young people not care about privacy because they grew up sharing personal information?

Filed under: My Thoughts,Techie Stuff — Suramya @ 1:03 PM

I don’t agree with statement, though there are many proponents to abolishing privacy online. Unfortunately, over the years we have been trained to give personal information in order to use services online and this is based on the principle that our data has no value and if we have nothing to hide we should be ok to share data online. This is a fallacy.

Having privacy is essential to us as humans because it gives us a judgment free space where we can be ourselves without worrying about what others might think. This allows us to explore unpopular ideas without worry or fear. Plus it is not just people who have unpopular ideas that need privacy. There is a lot of stuff that I wouldn’t want to share with everyone even if it’s nothing illegal or unpopular such as details about my health or personal finances. Privacy doesn’t mean that we don’t want to share information, it just means that I get to choose who has access to data about me.

In certain scenarios privacy helps protect us physically from stalkers or people who mean us harm, think fanatic fans or people fleeing an abusive relationship. Such people would not want their physical location broadcast to the world. There was a case a few months ago where a fan used a photo published by a star to locate her apartment and assaulted her at her apartment. This was a breach of privacy of the star and caused major distress to her. Now imagine if we could immediately find where anyone in the world is located at a given time, this will allow us to determine so much other data about that person such as their health information (if they are visiting a cardiac doctor every week, there is a high probability they are suffering from a hear problem). A few years ago Uber analyzed data from the rides people were taking using it’s service and used that to figure out who was having an affair with whom based on the rides they took and the location they were dropped. It was quite a scandal when it came out and now imagine someone taking this information and blackmailing people.

With the amount of information that we are giving to websites and companies both voluntarily and involuntarily privacy is becoming harder to maintain but that doesn’t mean that we give up and let companies do whatever they want with our data. If we do that then be prepared to have every aspect of your life dissected and analyzed for profit.

Too many people state that they have nothing to hide and have no problems with having their information public. I challenge them to stay in a house completely made of glass (including the bathrooms) and have a bot that publishes all emails/messages/transcripts from their calls publicly. I can bet there won’t be any takers. as everyone has something they wouldn’t want to be public knowledge.

– Suramya

November 28, 2020

My Backup strategy and how it has evolved over the years

I am a firm believer in backing up my data, some people say that I am paranoid about backing up data and I do not dispute it. All my data is backed up on multiple drives and locations and still I feel that I need additional backup. This is because I read the news and there have been multiple cases where people lost their data because they hadn’t backed it up. Initially I wasn’t that serious about it but when I was in college and working at the helpdesk, a phd student came in crying because her entire PHD thesis was on a Zip Drive and it wasn’t working anymore. She didn’t have a backup and was basically screwed. We tried a bunch of stuff to recover the data but didn’t manage to recover anything. That made me realize that I needed a better backup procedure so started my journey in creating recoverable backups.

My first backup system was a partition on my drive called backup where I created a copy of all my important data (This is back in 2000/2001). Then I realized that if the drive died then I would loose access to the backup partition as well, and I started looking for alternatives. This is around the time when I had bought a CD Writer so all my important data was backed up to CD’s and I was confident that I could recover any lost data. Shortly afterwards I moved to DVD’s for easier storage. However, I didn’t realize till a lot later that CD’s & DVD’s start becoming unreadable quite easily. Thankfully I didn’t loose any data but it was a rude awakening to find that the disks I had expected to keep my data safe were starting to become unreadable within a few years.

I then did a bunch of research online and found that the best medium for storing data long term is still Hard Drives. I didn’t want to store anything online because I want my data to be in my control so any online backup system was out of the question. I added multiple drives to my desktop and started syncing the data from the desktop & laptop to the backup drive using rync. This ensured that the important data was in three locations at any given time: My Desktop, My Laptop and the Backup drive. (Plus a DVD copy that I made of all my data every year)

I continued with this backup strategy for a few years but then realized that I had no way to go back to a previous version of any given document, if I deleted a file or wanted to go back to an older version of a file I only had 24 hours before the changes were synced to the backup drive before it was unrecoverable. There was a case where I ended up having to dig through my DVD backups to find the original version of a file that I had changed. So I did a bit of research and found rdiff-backup. It allows a user to back up one directory to another and generates an incremental backup. So we can recover/restore files based on date range. The best part is that the software is highly efficient, once the initial backup is done it only transmits the changes to the files in subsequent runs. Now that I have been using it I can restore a snapshot of my data going back to 2012 quite easily.

I was quite happy with this setup for a while, but while reading an article on best backup practices I realized that I was still depending only on 1 location for the backup data (the rdiff-data snapshots) and the best practices stated that you should also store it in an external drive or offsite location to prevent viruses/ransomware from deleting backups. So I bought a 5TB external drive and created an encrypted partition on the same to store all my important data. But I was still unhappy because all of this was still stored at my home so if I had a fire or something I would still end up loosing the data even though my external drive was kept in a safe. I still didn’t want to store data online but that was still the best way to ensure I had offsite backup. I initially thought about setting a server at my parents place in Delhi and backup there but that didn’t work out for various reasons. Plus I didn’t want to have to call them and troubleshoot backup issues over the phone.

Around this time I was reading about encrypted partitions and came up with the idea of creating an encrypted container file to store my data and then backup the container file online. I followed the steps I outlined in my post How to encrypt your Hard-drive in Linux and created the encrypted container. Once I finished that I had to upload the container to my webhost since I had unlimited storage space as per my contract. Initially I wasn’t able to because they had restricted my account’s quota but a call to their customer support sorted it out after a bit of argument and explaining what I was doing. The next hurdle I faced was uploading the file to the server because of the ridiculously low upload speed I was getting from Airtel. I had a 40 mbps connection at the time but the upload speed was restricted to 1 mbps because of ‘reasons’. After arguing with their support for a while, I was complaining about it at work and one of the folks suggest I check out ACT Internet. I checked out their plans and was quite impressed with the offerings so I switched over to ACT and was able to upload the container file quickly and painlessly.

Once the container was uploaded, I had to tackle the next problem in the process which was on how to update the files in the container without having to upload the entire container to the host. I experimented with a few solutions and then came up with the following solution:

1. Mount the remote partition as a local mount using sshfs. I mounted the partition locally using the following command: (please replace with the correct hostname and username before using)

/usr/sbin/runuser -l suramya -c "sshfs -o allow_other /mnt/offsite/"

2. Once the remote partition was mounted locally, I was able to use the usual commands to mount the encrypted partition to another location using the following command:

/usr/sbin/cryptsetup luksOpen /mnt/offsite/container/Enc_vol1.img enc --key-file /root/UserKey.dat
mount /dev/mapper/enc /mnt/stash/

In an earlier iteration of the code I wasn’t using the keyfile so had to manually enter the password everytime I wanted to backup to the offsite location. This meant that the backup was done randomly as and when I remembered to run the command manually. A few days ago I finally configured it to run automatically after adding the keyfile as a decryption key. (Obviously the keyfile should be protected and not be accessible to others because it allows users to decrypt the data without entering a password.) Now the offsite backup runs once a week while the local backup runs daily and I still backup the Backup partition to the external drive as well manually as and when I remember to do so.

In all I was quite happy with my setup but then I was updating the encrypted container and a network issue made be believe that my remote container had become corrupted (it wasn’t but I thought it was). At the same time I was fooling around with Microsoft One Drive and saw that I had 1TB of storage available over there since I was a Office 365 subscriber. This gave me the idea of backing up the Container to OneDrive as well as my site hosting.

I first tried copying the entire container to the drive and hit a limit because the file was too large. So I thought I would split the file into 5GB parts and then sync them to OneDrive using rclone. After installing rclone. I configured it to connect to OneDrive by issuing the following command and following the onscreen prompts:

rclone config

I then created a folder on OnDrive called container to store the split files and then tried uploading a test file using the command:

rclone copy $file OneDrive:container

Where OneDrive is the name of my provider that I configured in the previous step. This was successful so I just needed to create a script that did the following:

1. Update the Container file with the latest backup
2. Split the Container file into 5GB pieces using the following command:

split --verbose -d -b5GB /mnt/repository/Container/Enc_vol1.img /mnt/repository/Container/Enc_vol_

3. Upload the pieces to Ondrive.

for file in `ls /mnt/repository/Container/Enc_vol_* |sort`; do  echo "$file";  /usr/bin/rclone copy $file OneDrive:container -v &> /tmp/oneDriveSync.log; done

This command uploads the pieces to the drive one at a time and is a bit slow because it maxes out the upload speed to ~2mbps. If you split the uploads and run the command in parallel then you get a lot faster speed. Keep in mind that if you are uploading more than 10 files at a time you will start getting errors about too many open connections and then you have to wait for a few hours before you can upload again. It took a while to upload the chunks but now my files are stored in yet another location and the system is configured to sync to Onedrive once a month.

So, as of now my files are backed up as following:

  • /mnt/Backup: Local Drive. All changes are backed up daily using rdiff-backup
  • /mnt/offsite: Encrypted Container stored online. All changes are backed up weekly using rsync
  • OneDrive: Encrypted Container stored at Microsoft OneDrive. All changes are backed up monthly using rsync
  • External Drive: Encrypted backup stored in an External Hard-drive using rsync. Changes are backed up infrequently manually.
  • Laptop: All Important files are copied over to the laptop using Unison/rsync manually so that I can access my data while traveling

Finally, I am also considering backing up the snapshot data to BlueRay disks but it will take time so haven’t gotten around to it yet.

Since I have this elaborate backup procedure I wasn’t worried much when one of my disks died last week and was able to continue work without issues or worries about loosing data. I still think I can enhance the backups I take but for now I am good. If you are interested in my backup script an extract of the code is listed below:

function check_failure ()
	if [ $? == 0 ]; then
		logger "INFO: $1 Succeeded"
		logger "FATAL: Execution of $1 failed"
		wall "FATAL: Execution of $1 failed"
		exit 1

# Syncing to internal Backup Drive

function local_backup ()
	export BACKUP_ROOT=/mnt/Backup/Snapshots
	export PARENT_ROOT=/mnt/repository

	logger "INFO: Starting System Backup"

	rdiff-backup -v 5 /mnt/data/Documents/ $BACKUP_ROOT/Documents/
	check_failure "Backing up Documents"

	rdiff-backup -v 5 /mnt/repository/Documents/Jani/ $BACKUP_ROOT/Jani_Documents/
	check_failure "Backing up Jani Documents"

	rdiff-backup -v 5 $PARENT_ROOT/Programs/ $BACKUP_ROOT/Programs/
	check_failure "Backing up Programs"


	logger "INFO: All Backups Completed Successfully."

# Syncing to Off-Site Backup location

function offsite_backup
	export PARENT_ROOT=/mnt/repository

	# First we mount the remote directory to local
	logger "INFO: Mounting External Drive"
	/usr/sbin/runuser -l suramya -c "sshfs -o allow_other username@remotehost:. /mnt/offsite/"
	check_failure "Mounting External Drive"

	# Open the Encrypted Partition
	logger "INFO: Opening Encrypted Partition. Please provide password."
	/usr/sbin/cryptsetup luksOpen /mnt/offsite/container/Enc_vol1.img enc --key-file /root/keyfile1
	check_failure "Mounting Encrypted Partition Part 1"

	# Mount the device
	logger "INFO: Mounting the drive"
	mount /dev/mapper/enc /mnt/stash/
	check_failure "Mounting Encrypted Partition Part 2"

	logger "INFO: Starting System Backup"
	rsync -avz --delete  /mnt/data/Documents /mnt/stash/
	check_failure "Backing up Documents offsite"
	rsync -avz --delete /mnt/repository/Documents/Jani/ /mnt/stash/Jani_Documents/
	check_failure "Backing up Jani Documents offsite"

	umount /mnt/stash/
	/usr/sbin/cryptsetup luksClose enc
	umount /mnt/offsite/

	logger "INFO: Offsite Backup Completed"

This is how I make sure my data is backed up. All of Jani’s data is also backed up to my system using robocopy as she is running Windows and then the data gets backed up by the scripts I explained above as usual. I also have scripts to backup my website/blog/databases but that’s done using a simple script. Let me know if you are interested and I will share them as well.

This is all for now. Let me know if you have any questions about the backup strategy or if you want to make fun of me. 🙂 This is all for now. Will write more later.

– Suramya

October 16, 2020

Response to a post that insists that you should ‘Focus on your Job not side projects’

Filed under: My Thoughts,Techie Stuff — Suramya @ 11:44 AM

I found this post while surfing the web, and the main point of the post is to tell people that they should stop focusing on their side projects because the recruiters would not be interested and what matters in getting a job is what your current company name is. He also recommends dropping the side projects and read “Cracking the code interview” instead to learn everything you need to know about algorithms and binary trees so that you get a job. There are so many things in the post that I disagree with that it was hard for me to figure out where to start.

Let me start off by saying that having a cool portfolio will not necessarily get you a job as there is an element of luck involved. You do need to know how to crack an interview so do read through the Cracking the Code Interview, How to Interview etc. I will not go through a list of do’s and donts for interview’s here as that is not the purpose of this post but basically you need to show that you are competent in the skill set they are looking for and not a problem person to work with. (Basically you need to leave your ego at home). That being said, there are enough candidates in the market looking for a job and you need something that will differentiate you from the rest of the crowd. That’s where your side projects come in.

I am going to quote some of the more problematic portions of the post here and then respond to make it easier for people to follow my reasoning. So lets dig in.

First, most recruiters don’t care about your personal projects or how many meetups you went during the year. What matters the most is your current company – and by that I mean the name of your current company. It was saddening me before, but now that I’m on the other side today, with a manager position, I better understand this. This is plain common sense. You can generally assume that a developer coming from a cutting-edge company has better chances to be a great developer than a developer coming from a Java 1.4 shop. He may not be smarter, but he has been hired by a company with a most demanding hiring process, and has been surrounded by some of the smartest developers.

I completely disagree with this. (I will be using recruiters to mean Tech Recruiters who are basically head hunters for a firm but not the people who will be working with you.) Recruiters are not there to talk to you about your personal projects, they are there to assess your fit into the skillset that the sourcing company is asking for, if you are a match for the skills then they will move you to the next level where you interview with the Hiring Manager or go through a Technical Interview. If you are not a fit then it doesn’t matter if you have a million side projects, they will not proceed with the interview. One way side projects help in such a scenario is to allow you to prove you have the skills in a particular domain even though you haven’t worked on it in a professional capacity.

Coming to the second point, using the current company as a hiring criteria is one of the most idiotic things I can think of for screening people. I have worked in Goldman Sachs, Sprint & Societe Generale and as with everywhere there were some employees in each company which made you think “How on earth did they get hired here?” and this is after a seriously demanding set of interviews to join the firm (I had 9 interviews for Goldman). Just because they work at a company doesn’t mean they are the best fit for your requirement. Secondly no company is uniform, so it is guaranteed that there will be parts of the company working with cutting edge while other teams will be on antique systems. In one of my previous companies (not going to name them here 🙂 ) there was a team using Git & the latest software stack for building their releases and another team that used RCS and tooling around it to build their software.

Assuming that the entire company is on the same stack is a mistake especially when talking about large companies. In small to medium companies this might not be the case always but even there, it is possible that there is a legacy system that is not changed/upgraded and people are working on it. Forget latest systems, a lot of the major banks still have Mainframes running critical portions of their software and other parts of the bank which use AI/ML for their projects.

Yes, there is a certain quality that is assumed when interviewing a person from a famous company but it is not what I am basing my hiring on, you will be hired on your skills not your past job experience. Basically in my opinion your past jobs can get you in the door for the interview but passing it is up to your skills & attitude. You should try to use the side projects as a way to showcase your skills. e.g. if you created a super cool way of doing x with a new technology it will do more to showcase your skill than stating that you did coding from 9-5.

Worse, having too many personal projects can raise a flag and be scary for the recruiter.

I have never had this happen and I was the guy with a ridiculous no of side projects through out my career. Most of the skills I have are from trying out new technology at home and since just reading a book on it doesn’t make you proficient I would end up using the tech for my next project giving me experience in working on the tech. In fact I have found my side projects to be a great benefit when interviewing because most technical interviewers are techies themselves and it can be fun to discuss such projects with them. I remember one particular interview where I mentioned one of my side projects (email to SMS bridge) during the interview and then actually spent about 20 mins talking about the applications for it and how it could be improved. It played a big part in why I was hired for the role.

If a company is scared that you are working on stuff outside their work areas then I don’t think that it is a company that you would want to work with in any case. At least I wouldn’t want to work for such a company.

My CTO experience was an anomaly, at best two lost years, at worst a sign that I was too independent, too individualistic, not a good team player. Only relatively small and ambitious startups, like the one I’m in today, were valuing this experience.

Again I must disagree. When you work in a startup you learn a lot and get to explore areas outside of what you are officially supposed to be doing. This is a great benefit when working in the normal big companies because you now know how the other parts of the software/hardware stack work and can use that to identify issues before they become a problem.

However, one point I do want to stress is that if you started a company right out of college and became a CTO in it, then it will not be given as much weightage as if you had done it after a bit of industry experience. I worked with a startup in my previous company where the entire teams combined work experience was less than mine and it was quite apparent in how they worked. For example they were very casual about releases and if they managed to finish an extra feature before the release even though it wasn’t tested they would go ahead and release it without notifying us. But the drive they brought into the project was something else. I was blown away by their push to ensure that their software did everything we asked it to.

The best way to dig a new technology is to practice it in your daily job. You’ll spend seven hours a day on it and will quickly become infinitely more proficient than if you just barely used it on nights and weekends. You may tell me that we face a chicken or egg problem here. How to get a job where you’ll work on a really attractive technology if you never used it before? Well, instead of spending nights superficially learning this technology, spend your nights preparing interviews. Read “Cracking the code interview”, learn everything you need to know about algorithms and binary trees. As we all know, the interview process is broken. Instead of deploring it, take advantage of it.

Unless you are very lucky you will hardly ever be working on cutting edge tech at your day job. Companies don’t want to experiment with new untested technologies for their production systems, they want something rock solid. If you are lucky you will get a few hours a week to try out a new tech to evaluate it and then a few months/years before they put it in production (depends on the company).

In summary I would like to say that Side projects can be a big benefit while searching for a job but you also need to ensure you don’t neglect the other parts of your profile like communication skills, leadership skills, team work etc. If you have a very strong skillset and you are using side projects to expand your skills then you should be good for most companies.

Well this is all for now. Will write more later.

– Suramya

October 14, 2020

Walking around in a Cell using Virtual Reality

Filed under: Computer Hardware,Emerging Tech,Techie Stuff — Suramya @ 11:59 PM

It’s hard to view 3D data on a 2D screen efficiently which is why Virtual Reality (VR) & Augmented Reality (AR) have so many fans as they allow us to interact with data in 3D, making it more intuitive and easier to process (for some use cases). Now there is another application for VR that actually makes sense and is not just hype. Researchers at University of Cambridge & Lume VR Ltd have managed to convert super-high resolution microscopy data into a format that can be visualized in VR.

Till 2014 it was assumed that we could never obtain a better resolution than half the wavelength of light. The Nobel Laureates in Chemistry 2014 managed to work around this limitation creating a new field called Super-resolution microscopy that allows us to obtain images at nanoscale. This enables us to see the individual molecules inside cells to track proteins involved in various diseases or watch fertilized eggs as they divide into embryos. Combining this with the technology from Lume VR allows us to visualize and interact with the biological data in real time.

Walking through the cells gives you a different perspective and since the data is near real time it allows us to literally watch the cell’s reaction to a particular stimuli. This will have massive implications for the Biomed/BioTech fields. Maybe we can use it to figure out why organ rejections happen or what causes Alzheimer’s.

“Data generated from super-resolution microscopy is extremely complex,” said Kitching. “For scientists, running analysis on this data can be very time-consuming. With vLUME, we have managed to vastly reduce that wait time allowing for more rapid testing and analysis.”

The team is mostly using vLUME with biological datasets, such as neurons, immune cells or cancer cells. For example, Lee’s group has been studying how antigen cells trigger an immune response in the body. “Through segmenting and viewing the data in vLUME, we’ve quickly been able to rule out certain hypotheses and propose new ones,” said Lee. This software allows researchers to explore, analyse, segment and share their data in new ways. All you need is a VR headset.”

Interestingly vLUME is available for download as an Open Source program from their Git repository. The program is free free-for-academic-use. Check it out if you are interested in how it works.

Source: New virtual reality software allows scientists to ‘walk’ inside cells

– Suramya

October 12, 2020

No Batteries or Electronics Required to power the Internet of Plastic Things

Filed under: Emerging Tech,Techie Stuff — Suramya @ 11:48 PM

One of the problems we face when trying to create devices that connect to each other or have built in intelligence is how do we power such devices? The trade-off has always been between portability and connectivity. Now, thanks to the efforts of Researchers at the University of Washington, we have a technique for three-dimensionally (3D) printing plastic objects that can communicate with Wifi devices without batteries or electronics. Building on top of previous work in which another research team managed to transmit their data by either reflecting (1) or not reflecting (0) a Wi-Fi router’s signals. However the problem was that they needed multiple electronic components to work, which is something that’s not always feasible. The team published their paper back in 2017 and have been hard at work enhancing their technology since then. Now after years of effort they have managed to map the Wi-Fi backscatter technology to 3D geometry and create 3D CAD Models that can be printed using standard 3D Printers. This drastically reduces the cost of implementing this technology and opens the field for 3D printed devices for any and all projects.

Printed Wi-Fi. We present the First 3D printed design that can transmit data to commercial RF receivers including Wi-Fi. Since 3D printing conventional radios would require analog oscillators running at gigahertz frequencies, our design instead leverages Wi-Fi backscatter, which is a recent advance in low-power wireless communication where a device communicates information by modulating its reflection of an incident Wi-Fi signal. The device can toggle an electronic switch to either absorb or reflect an ambient signal to convey a sequence of 0 and 1 bits. The challenge however is that existing Wi-Fi backscatter systems [Kellogg et al. 2016] require multiple electronic components including RF switches that can toggle between reflective and non-reflective states, digital logic that controls the switch to encode the appropriate data as well as a power source/harvester that powers all these electronic components. Our key contribution is to apply Wi-Fi backscatter to 3D geometry and create easy to print wireless devices using commodity 3D printers.

To achieve this, we create non-electronic and printable analogues for each of these electronic components using plastic filaments and integrate them into a single computational design. Specifically,To print the backscatter hardware, we leverage composite plastic Filament materials with conductive properties, such as plastic with copper and graphene fillings. We characterize the RF properties of these filaments and use them to design fully 3D printable antennas and RF backscatter switches (see §3).

* In lieu of digital logic electronics, we encode bits with 3D printed plastic gears. Specifically, ‘0’ and ‘1’ bits are encoded by the presence and absence of tooth on the gear respectively. To backscatter a se-
quence of bits, the gear teeth are configured to toggle the backscatter switch between reflective and non-reflective states.

* We leverage the mechanical nature of many sensors and widgets to power our backscatter design. We present computational designs that use push buttons to harvest energy from user interaction as well as a combination of circular plastic springs to store energy. Finally, we design 3D printable sensors that directly power the backscatter system, through their sensing operation.

The team basically has managed to leverage mechanical motion to power their devices. e.g. pushing a mechanical button will use the mechanical motion to provide power for it to transfer data. Another really interesting side effect of their research will be to drastically reduce the electronic waste generated because these devices will no longer require batteries to operate.

Currently they have managed to power a detergent bottle that signals when it’s empty and automatically order’s refills among other things. I can envision it being used in smart clothing in the near future to power the data transmission or powering mechanical dials & switches for digital systems that don’t need to be wired into the system. In fact there there are multiple such usecases which will benefit from this technology. Sky is the limit for this tech. In fact it might even be feasiable to use this in space missions where every gram of weight needs to be managed and removing the need for heavy batteries will have an immediate impact on cost.

I will definitely be keeping an eye out for future breakthroughs in this area.

Source: IEEE Spectrum: Here Comes the Internet of Plastic Things, No Batteries or Electronics Required

– Suramya

September 30, 2020

How to fix vlc’s Core dumping issue while playing some videos

Over the past 2 days I found that the VLC install on my computer was suddenly having issues playing some of the video files on my computer. Initially I thought that it was a problem with the video file, then I realized that this was also happening with videos that had be playing fine earlier. When I ran vlc from the command line to play the problem video it gave the following output on screen when it crashed:

[00005587b42751b0] dummy interface: using the dummy interface module…
[00007f00c4004980] egl_x11 gl error: cannot select OpenGL API
[00007f00c4004980] gl gl: Initialized libplacebo v2.72.0 (API v72)
[00007f00c402a310] postproc filter error: Unsupported input chroma (VAOP)
[00007f00bd986e50] chain filter error: Too high level of recursion (3)
[00007f00c4028d40] main filter error: Failed to create video converter
[00007f00bd986e50] chain filter error: Too high level of recursion (3)
[00007f00c4028d40] main filter error: Failed to create video converter
[00007f00bd986e50] chain filter error: Too high level of recursion (3)
[00007f00c4028d40] main filter error: Failed to create video converter
[00007f00bd986e50] chain filter error: Too high level of recursion (3)

[00007f00c44265c0] chain filter error: Too high level of recursion (3)
[00007f00c4414240] main filter error: Failed to create video converter
[00007f00bd9020d0] main filter error: Failed to create video converter
[00007f00cc047d70] main video output error: Failed to create video converter
[00007f00cc047d70] main video output error: Failed to compensate for the format changes, removing all filters
[00007f00c4004980] gl gl: Initialized libplacebo v2.72.0 (API v72)

A google search told me that a possible solution was to disable hardware acceleration in the Video settings but that didn’t fix my problem. So I took a look at the kernel.log file in /var/log and I got the following error when the program crashed:

Sep 30 21:11:44 StarKnight kernel: [173399.132554] vlc[91472]: segfault at 28000000204 ip 00007f2d8916c1d8 sp 00007f2d8aa69db0 error 4 in[7f2d8915c000+1d000]
Sep 30 21:11:44 StarKnight kernel: [173399.132568] Code: 98 48 8d 44 07 20 0f 18 08 8b 44 24 08 4d 8d 0c 1a 4d 8d 04 2b 85 c0 0f 85 cb fd ff ff 4c 8b 6c 24 28 4b 8d 04 29 4b 8d 14 20 <41> 0f 6f 01 43 0f 6f 0c 29 41 0f 7f 00 43 0f 7f 0c 20 43 0f 6f 04

Spent about an hour searching for the solution using the details from the kernel.log but got nowhere. Finally I found a forum post where one of the solutions offered was to remove the vlc configuration files, since I didn’t have any other bright idea’s I renamed the vlc config folder by issuing the following command:

mv ~/.config/vlc ~/.config/vlc_09302020

Then I started vlc and just like that everything started working again. 🙂 Not sure what caused the settings to get borked in the first place but the issue is fixed now so all is well.

– Suramya

September 29, 2020

Mounting a Network drive over ssh in Windows using WinFsp & SSHFS-Win

I have computers running both Windows & Linux and at times I need to share files between them and I have been looking for a convenient way to access the files from my Linux machine from my Windows machine without having to run SAMBA on the Linux. This is because historically SAMBA has been a security nightmare and I don’t want to run extra services on the computer if I can avoid it. Earlier this week I finally found a way to mount my Linux directories on Windows as a network mount over SSH using WinFsp & SSHFS-Win and I have been running it for a couple of days so far without any issues. (So far)

Follow these steps to enable SSHFS-Win on your windows machine:

Install WinFsp (Windows File System Proxy)

WinFsp is a set of software components for Windows computers that allows the creation of user mode file systems similar to FUSE (Filesystem in Userspace) in the Unix/Linux world. You can download it from the project’s GIT repository. The Installation file is available by clicking on the download link under ‘Releases’ near the top right corner of the page. The latest version is WinFsp 2020.1 at the time of this writing.

You install the software by running the MSI file you downloaded and the default options worked for me without modification.

Install SSHFS For Windows

SSHFS-Win is a minimal port of SSHFS to Windows. It is available for download from the project’s Git repository. You can compile from source or download the installation file by clicking on the download link under ‘Releases’ near the top right corner of the page. The latest version is SSHFS-Win 2020 at the time of this writing.

Please note that you will need to have WinFsp installed already before you can install SSHFS-Win successfully.


Once you have installed both the software you can start using them and map a network drive to a directory using Windows Explorer or the net use command. Instructions for use are as below (Taken from the project Documentation):

In Windows Explorer select This PC > Map Network Drive and enter the desired drive letter and SSHFS path using the following UNC syntax:


The first time you map a particular SSHFS path you will be prompted for the SSH username and password which can be saved using the Windows Credential Manager so that you don’t get prompted for it again. In order to unmap the drive, right-click on the drive icon in Windows Explorer and select Disconnect.

Visual demo of how to Map a Network drive using SSHFS-Win

You can map a network drive from the command line as well using the net use command:

net use X: \\sshfs\suramya@StarKnight

You will then be prompted for the password and once you authenticate you can use the new drive as usual. You can unmap the drive as follows:

net use X: /delete

I find this quite useful and hope you do as well.

Thanks to MakerLab, Department of Computer Science, HKU for pointing me in the correct direction

– Suramya

September 26, 2020

Source code for multiple Microsoft operating systems including Windows XP & Server 2003 leaked

Filed under: Computer Related,Techie Stuff — Suramya @ 5:58 PM

Windows XP & Windows Server source code leaked online earlier this week and even though this is for an operating system almost 2 decades old this leak is significant. Firstly because some of the core XP components are still in use in Windows 7/8/10. So if a major bug is found in any of those subsystems after people analyze the code then it will have a significant impact on the modern OS’s as well from Redmond. Secondly, It will give everyone a chance to try and understand how the Windows OS works so that they can enhance tools like WINE and other similar tools to have better compatibility with Windows. The other major impact will be on systems that still use XP like ATM’s, embedded systems, point-of-sale, automated teller machines, set-top boxes etc. Those will be hard to upgrade & protect as is some cases the companies that made the device are no longer in business and in other cases the software is installed in devices that are hard to upgrade.

This is not the first time Windows source code has leaked to the internet. In early 2000 a mega torrent of all MS Operating systems going back to MS-DOS was released, it allegedly contained the source code for the following OS’s:

OS from filename Alleged source size (bytes)
——————— —————————
MS-DOS 6 10,600,000
NT 3.5 101,700,000
NT 4 106,200,000
Windows 2000 122,300,000
NT 5 2,360,000,000

Leaked Data from the latest leak

Alleged contents of the Torrent file with MS Source Code.

The leaked code is available for download at most Torrent sites, I am not going to link to it for obvious reasons. If you want to check it out you can go download it, however as always be careful of what you download off the internet as it might have viruses and/or trojans in it. This is especially true if you are downloading the torrent on a Windows machine. Several users on Twitter claim that the source code for the original Xbox is included as well, but the information is varied on this. I haven’t downloaded it myself so can’t say for sure either way.

Keep in mind that the leak was illegal and just because it has leaked doesn’t mean that you can use it to build a clone of Windows XP without written authorization from Microsoft.

Source: ZDNet: Windows XP source code leaked online, on 4chan, out of all places

– Suramya

September 12, 2020

Post-Quantum Cryptography

Filed under: Computer Related,Quantum Computing,Techie Stuff — Suramya @ 11:29 AM

As you are aware one of the big promises of Quantum Computers is the ability to break existing Encryption algorithms in a realistic time frame. If you are not aware of this, then here’s a quick primer on Computer Security/cryptography. Basically the current security of cryptography relies on certain “hard” problems—calculations which are practically impossible to solve without the correct cryptographic key. For example it is trivial to multiply two numbers together: 593 times 829 is 491,597 but it is hard to start with the number 491,597 and work out which two prime numbers must be multiplied to produce it and it becomes increasingly difficult as the numbers get larger. Such hard problems form the basis of algorithms like the RSA that would take the best computers available billions of years to solve and all current IT security aspects are built on top of this basic foundation.

Quantum Computers use “qubits” where a single qubit is able to encode more than two states (Technically, each qubit can store a superposition of multiple states) making it possible for it to perform massively parallel computations in parallel. This makes it theoretically possible for a Quantum computer with enough qubits to break traditional encryption in a reasonable time frame. In a theoretical projection it was postulated that a Quantum Computer could break a 2048-bit RSA encryption in ~8 hours. Which as you can imagine is a pretty big deal. But there is no need to panic as this is something that is still only theoretically possible as of now.

However this is something that is coming down the line so the worlds foremost Cryptographic experts have been working on Quantum safe encryption and for the past 3 years the National Institute of Standards and Technology (NIST) has been examining new approaches to encryption and data protection. Out of the initial 69 submissions received three years ago the group narrowed the field down to 15 finalists after two rounds of reviews. NIST has now begun the third round of public review of the algorithms to help decide the core of the first post-quantum cryptography standard.

They are expecting to end the round with one or two algorithms for encryption and key establishment, and one or two others for digital signatures. To make the process easier/more manageable they have divided the finalists into two groups or tracks, with the first track containing the top 7 algorithms that are most promising and have a high probability of being suitable for wide application after the round finishes. The second track has the remaining eight algorithms which need more time to mature or are tailored to a specific application.

The third-round finalist public-key encryption and key-establishment algorithms are Classic McEliece, CRYSTALS-KYBER, NTRU, and SABER. The third-round finalists for digital signatures are CRYSTALS-DILITHIUM, FALCON, and Rainbow. These finalists will be considered for standardization at the end of the third round. In addition, eight alternate candidate algorithms will also advance to the third round: BIKE, FrodoKEM, HQC, NTRU Prime, SIKE, GeMSS, Picnic, and SPHINCS+. These additional candidates are still being considered for standardization, although this is unlikely to occur at the end of the third round. NIST hopes that the announcement of these finalists and additional candidates will serve to focus the cryptographic community’s attention during the next round.

You should check out this talk by Daniel Apon of NIST detailing the selection criteria used to classify the finalists and the full paper with technical details is available here.

Source: Schneier on Security: More on NIST’s Post-Quantum Cryptography

– Suramya

September 11, 2020

Testing the world’s largest digital camera by photographing Broccoli

Filed under: Astronomy / Space,Techie Stuff — Suramya @ 6:53 PM

The world largest digital camera has completed its first test successfully by capturing the first 3,200-megapixel images of a Broccoli. This camera is meant to be part of the telescope at the Vera Rubin Observatory where they will be taking photographs of the sky to help us improve our understanding of the universe. Once it goes live it will photograph its entire field of view (the area of about 40 full moons) every few nights, which will give the researchers the ability to pinpoint the locations of billions of stars and galaxies, while also catching anything that moves or flashes.

The imaging sensors for the camera took over 6 months to assemble as they need to be mounted very precisely. The sensors are assembled in a grid of 9 sensors called a scientific raft and the whole setup consists of 25 rafts. Each raft is precisely mounted with a gap of just 5 human hairs between each raft. Each raft costs approximately $3 million each so you won’t be able to buy it from the corner shop anytime soon. Once the sensors were assembled successfully the whole apparatus is cooled to a negative 150 degrees Fahrenheit which is their operating temperature.

Even though the assembly was completed back in January the scientists were unable to take test pictures due to the Coronavirus pandemic till May. Even though the sensor assembly has been completed the team still doesn’t have all the remaining camera components such as lenses. So they had to improvise by using a 150-micron pinhole to project images on to the CCD array. That’s correct, they used the same ‘technology’ as what we used as kids to learn about photography to take a picture with the largest ever camera built.

Since they needed to take a picture of something that would allow them to verify the quality of the picture they decided to take a picture of Broccoli which has a lot of lumps & bumps on its surface making its structure perfect to test out the new camera sensors.

“Taking these images is a major accomplishment,” said Aaron Roodman, professor and chair of the particle physics and astrophysics department and the scientist at SLAC responsible for the assembly and testing of the LSST camera, in a statement.

“With the tight specifications we really pushed the limits of what’s possible to take advantage of every square millimeter of the focal plane and maximize the science we can do with it.”

The team is estimating that the camera would be ready for testing by mid-2021 before it’s sent off to Chile for installation in the Vera Rubin Observatory.

Source: Vera Rubin: Super telescope’s giant camera spies broccoli

– Suramya

Older Posts »

Powered by WordPress