martes, 11 de febrero de 2014

Surveillance, people and power

I just twitted about "The Day We Fight Back" a movement sponsored for some organizations like the Free Software Foundation, the Electronic Frontier Foundation, among other tech-related bodies and associations. Put aside the time (a decade at least) being known for my support to the free software and also open source software, which prompted me to start typing this post is the kind of job I'm doing nowadays.

Going straight to the point, directly under my control are around 10 cameras installed abroad the city where I currently live. This is not the first time I do security related development. And for the most part (thinking as an ex-volunteer firefighter) I really think that the current project which involves more than cameras is really helpful for the people in this city. Let's temporarily forget the goal of the project.

I think about the cameras as the eyes of first response corps, certainly these days (almost) everyone carries a mobile phone capable of doing free calls to the emergency number, a big chunk of this mobile users own a so called smart-phone capable not only of making the emergency call, but also most of these gadgets are equipped with sensors and in some cases software capable of sending geo-location data and media to the emergency control centres. What this devices can't provide neither replace is the training of first responders teams and dispatch operators.

So, the right mix of technology with trained and highly ethic people in charge of the cameras I was talking about in the first place, make the surveillance projects worth. The problem arises from an education and economics background. I can sleep fine every night, since I do a professional and transparent (to maximum allowed extent) work, I was grown educated by certain ethics and in a relatively comfortable environment. Speaking of my current work, all code I've written is being published with some sort of free or open source licence, so it can be openly audited. But what about the high rank officers, middle ground operators and other people with access to the technology and who are able to exploit it for their own purposes?

Technically, I or any person with the right skill set can create things that can be twisted into evil tools by other kind of skilled people, how do you control the later?

I could stop doing what I do, but some one else will do it anyways. The key is education which is the easiest part, since the other part, the economics are a bit more complicated to even think about, but easily controlled by education means though.


martes, 10 de diciembre de 2013

Ten years of a great learning experience

In 2003 I started seriously playing with the GNU/Linux operating system, it was a matter of months to make the switch from Windows XP to almost running Slackware 9.1 only. That choice was a good one, it brought along a learning tidal that I've been enjoying since then.

One year or so passed and in July of 2004 I already felt very comfortable working in the shell, coding in Emacs and even playing my mp3 music collection and DVDs, things weren't so smooth and fancy as today, there wasn't transparent borders, or shadows, Ubuntu was in diapers and setting up the graphic desktop was a pain in the ass in your lucky day. But I learnt a lot about my hardware and the inner workings of the operating systems, not only Linux based ones.

I got an old IBM Pentium 100MHz with 48MB RAM and 20G Hard Drive along with an USRobotics 56k modem, the modem was intended to provide Internet connectivity for my main PC that ran Slackware, the internal modem of the later didn't played well with Linux. Thinking about what to do with the Pentium machine I stumbled upon some on-line article about Hotmail. I thought of learning about servers by running my own web, email, ftp and any kind of server on the venerable IBM hardware, which proved to be a fine workhorse running by several months almost unatended with no downtime (actually the server ran several years, but I upgraded the hardware very soon), unless lack of power of the like. I wasn't bound to dialup too much time, very soon in mid 2004 I leased a 256Kbps DSL connection which made perfect fit with the server project.

I started researching about pre-Microsoft, Hotmail's original infrastructure, trying to emulate it if possible, it turned out that FreeBSD was the operating system used by Hotmail and qmail was the MTA. I already knew about the BSD family of unices, but never touched one of such beasts before. Again the task of learning was daunting at times, but very joyful overall. This time gained a lot of knowledge about the workings of the Internet, web servers and the way http requests/responses are handled (really helpful for my career as web apps developer), qmail and how the protocols SMTP, IMAP and POP work togheter, I used to host my own domain, both web and email and my own Subversion server. FreeBSD 4.1 was the operating system choice, also great for learning about true unix which is not the same as GNU/Linux.

In ten years I've seen the raise (meaning widespread use) of virtualization technologies which I started using in 2005 with Xen and VMware, later clouds came and I was also interested in learning about it, good old (which was the domain name of my server) then left the physical layer and went to heaven, well only to the cloud in the form of an AWS AMI.

And the learning path does not seem to end soon, today I got my first server on IPv6 (you need to be on IPv6 in order to be able to reach the website). Thanks to Hurricane Electric and their IPv6 Tunnelbroker service, I know a bit about IPv6 (I should know, I did the CCNA course) and the difference between v4 and v6 is more than 2 :-)


miércoles, 11 de septiembre de 2013

A learning exercise with python

I was reading Python's documentation in order to start working on an app for a friend of mine, Python fits well in that project because the list data type it supports. While reading about lists and sets in specific I thought these Python features could serve as the basis for a DBMS development exercise, and it is how it all began.

I started thinking about the specific implementation and wrote some code to kick start the project, it is hosted in Bitbucket and is released under the Apache 2.0. license terms so anyone can join the learning experience by contributing to XE which is the DBMS's name.

As I said above, the plan is to leverage Python strengths, besides the sets and lists the language provides modules and methods for handling the filesystem. So to avoid unnecessary complexity the storage engine uses the underlying operating system's filesystem hierarchy; this is not an original idea, until the year 2012 I was working for VectorstarDB a company whose main product was a column oriented DBMS (you can read a technical overview about it here), I'm only recycling some ideas from there.

It is not my goal to develop a commercial product or anything, I think about XE more like some sort of Minix, a tool for learning DBMS design and implementation, along with gaining Python experience along the way.