Disciplined Entrepreneur Day 2

Today we focused on the most important part of the business, the root of the money, our customer. How can we acquire them?

Market Segmentation

Firstly, we have to do market research. At this starting point, an entrepreneur should have an idea expanding the use of technologies to revolutionize lifestyle or ineffective processes. Both of these narrow down feasible market segments which a product can find a spot in them. There is no strict definition for segmentation. It depends on groups of interested. It can be profession: entertainment, industrial, medical, or it can be age ranges: teenagers, white collars, pregnants. But the keys to group people together are:

  1. Same Product – One product can answer the need of all people in that segment
  2. Same Sale Process – Can use same approach to sale for all people in a segment
  3. Word of Mouth – Customers who spread words about a product generate more customer acquisition from a segment

Continue reading

Using CGEN to Generate Files for Binutils

CGEN (Cpu tools GENerator) is a tool to create CPU tools e.g. assembler, disassembler and simulators. All these tools start from uniform code base. This reduces duplicating code written manually. It helps decreasing error from redundancy.

Binutils is a collection of tools dealing with bits and bytes for various types of file format and CPU models. It is one of CGEN’s big fans. Actually, it has CPU description files for CGEN to process laid inside its source tree. That folder is

./binutils/cpu

The CGEN documentation of how to port a processor is confusing to me. Its Wiki and FAQ pages from its homepage are down. Yeah, this is normal for open source projects. Big goals, big users, text-only documents and no funding.

Luckily I found a remnant of its FAQ. After trying a few times, I can get it running.

This walkthrough assumes using binutils-2.25 and cgen-1.1 and targeting lm32 architecture.

Continue reading

I Lined for the Notorious 100th Tokyo Station Suica

On December 20 Tokyo station has reached the age of 100 (1914~). This red brick structure train station is a symbol of Westernization and civilization of Japan. It was ranked 3rd busiest station by JR East serving about 400k people a day. This is a huge thing we should celebrate for. Even me, a foreigner to this country, I am so proud of their long standing history. Actually, JR East made a lot of things just for Tokyo Station since midyear. They even created an Anime to promote the station. [youtube¬†https://www.youtube.com/watch?v=b0HGHsRwNd0 align=’center’]

Continue reading

Disciplined Entrepreneur Day 1

From Dec 16~18, I had an exceptional chance to take a lecture given by Bill Aulet. He is a managing director of Martin Trust Center for MIT Entrepreneurship. Pretty big guy, isn’t he? But in fact, before this class I didn’t know who he is, and I don’t care. I also have negative attitude toward entrepreneurship, because this word lately binds tightly with starting up a company and creating an app for all trivial things. My interest is, of course, computer and I couldn’t see any value of doing it. I just want to get that 2 credits to cross out one of my graduation requirement. But then, after he started teaching, I respect him instantly.

Continue reading

JLPT Cheat Prevention Measures

Japan is really serious about doing wrong or bad. If a Japanese does it once, he is going to be ashamed for his life. This includes exam cheating. If one wants to cheat, he has to be this good. (That’s why Japan is AWESOME!)

I took JLPT N2 (2nd to the most difficult) on Dec 7. JLPT or Japanese Language Proficiency Test holds twice a year. I was surprised there were so many black hair people heading for this test (I’m also a part of this population *-*).

But that didn’t surprise me as much as cheat prevention measures proctors did in the room.

Here is the LIST

  1. No other items are allowed on a table except
    1. Exam question book
    2. Answer sheet
    3. Pencil
    4. Eraser
  2. Eraser must be pulled out from its wrap
  3. Overcoat on laps is checked before the exam starts
  4. Only watches without memory function are allowed to wear
  5. Smartphone must be turned off.
    1. Silence mode is not allowed
  6. Smartphone must be put in a provided envelope and put inside a bag
  7. Go under a table is not allowed
    1. If you need to get an item under a desk, raise your hand, a proctor will do it for you
  8. Stop doing exam immediately after the time is over

I cannot remember about penalty for each action, but they use card system as soccer. Yellow is for warning. Red is for penalty. There was one student trying to write answers after the time was up. All proctors surrounded him and gave a yellow card. The whole room was in chill.

That’s it. One intense afternoon.

Linux Process Scheduler

This post derives words from InformIT – The Linux Process Scheduler by Robert Love. The original is based on the knowledge of kernel 2.6. It is expected to be outdated as at the time of writing Linux kernel has moved to version 3.17.

Introduction

A scheduler is the component of the kernel that selects which process to run next.
It divides the finite resource of processor time between the runnable processes on a system.
It is responsible for best utilizing the system and giving the impression that multiple processes are simultaneously executing.
It tries to determine the most worthwhile process to run and retain fairness to other processes.
The algorithm inside the new scheduler in Linux kernel 2.5 was designed to accomplish these goals:
  • O(1) – Can complete in constant-time
  • Perfect SMP scalability – Each processor has its own locking and individual run queue
  • Improving SMP affinity – Group tasks to a specific CPU and run them there. Only migrate to another CPU to resolve imbalance queue sizes.
  • Good interactive performance – Even under considerable system load, a system should react and schedule interactive tasks immediately.
  • Fairness – Not starving processes or over feeding timeslice to processes
  • Optimize for the common case of only 1-2 runnable processes, yet scale well to multi-processor with many processes

Continue reading

Android Security Evolution

Cupcake 1.5

  • ProPolice to prevent stack buffer overruns (-fstack-protector)safe_iop to reduce integer overflows
    • Canary value check just before return from a function
  • Extensions to OpenBSD dlmalloc to prevent double free() vulnerabilities and to prevent chunk consolidation attacks. Chunk consolidation attacks are a common way to exploit heap corruption.
  • OpenBSD calloc to prevent integer overflows during memory allocation

Gingerbread 2.3

  • Format string vulnerability protections (-Wformat-security -Werror=format-security)
  • Hardware-based No eXecute (NX) to prevent code execution on the stack and heap
    • Avoid abusive memory use
  • Linux mmap_min_addr to mitigate null pointer dereference privilege escalation (further enhanced in Android 4.1)

Honeycomb 3.0

  • Full filesystem encryption using AES128

Ice Cream Sandwich 4.0

  • Address Space Layout Randomization (ASLR) to randomize key locations in memory
    • Complete in 4.1
  • Randomize heap and brk mapping
  • KeyChain for improving private key and certificate management

Jelly Bean 4.1

  • PIE (Position Independent Executable) support
    • Program binary can be loaded and run from any address
  • Read-only relocations / immediate binding (-Wl,-z,relro -Wl,-z,now)
  • dmesg_restrict enabled (avoid leaking kernel addresses)
  • kptr_restrict enabled (avoid leaking kernel addresses)

Jelly Bean 4.2

  • FORTIFY_SOURCE for system code
    • Compiler fortifies stacks if their size can be determined at compilation time
    • Level 1 for Android 4.2
    • Level 2 for Android 4.4
  • ADB authentication
    • RSA pairing

Jelly Bean 4.3

  • Trusted Platform Module (TPM) support
  • SE Linux permissive mode

Kitkat 4.4

  • dm-verity on boot
    • Verified booting
    • provides transparent integrity checking of block devices
    • helps prevent persistent rootkits that can hold onto root privileges and compromise devices
  • SE Linux enforced mode
    • All root domain binaries work in enforced mode. Others work in permissive mode.
  • Disabling battery usage information from 3rd party applications

Lollipop 5.0

  • Factory reset protection requires a user password before performing
  • Android Smart Lock allows unlocking if a peripheral e.g. smartwatch is around
  • Guest user account
  • Security Enforcement
    • Non-PIE linker support removed – Only PIE binaries are allowed to run, so ASLR can shuffle everything including executable parts.
    • Full disk encryption by default – Performance degrades by 2~5 times in 5.0.
* This does not represent a complete security feature update history in Android but an aggregation of important milestones.

Thank To

References