Reading (For Dummies)

SUOC Reunion

Jithka, Sean, and a new recruit Christine came out to Joshua Tree to represent my alma mater's climbing expertise. Laura came down for the event, truly making it one that could not be missed.

I posted a whole big smattering of photos here. Uploading photos via Movable Type has become a little bit painful lately...Gallery is nice as it has a Java applet for bulk uploading, and an interface to use ImageMagick to rotate/crop/resize/whatever photos once they're there. Very nice.

The trip was absolutely fantastic. I was climbing better than I've ever climbed before, even sending a few 5.8s and 5.9s. In the Gunks I would often struggle with 5.6/5.7 moves. I'd like to think that I'm becoming more experience now and can think through moves better. It might just be that I've been going to the gym for the last month or so (nothing spectacular as I'm pretty weak, but at least I'm doing something with my arms besides just typing).

I've been missing Laura immensely over the last few months, wondering how life can put us in the same geographic location again...

Runway v. 0.0.1

My beginnings of a contribution to the open source community. I'm going to call the end product 'Runway.' Working for the government taught me that a witty name for a project is far more important than its usefulness, but this little tool should hopefully have both.

I've always found it odd that there is no software that presents the user with an airport-like menu for Linux. Y'know, click the menu, and it shows you all of the available access points. Click one, and you'll join it. Built-in signal status would also be nifty.

So far, my code is just a piece of junk using the wireless tools library to extract AP info into a data structure. The way the kernel returns data on a wireless scan is actually highly annoying -- it's a stream. Parsing out all the info is pretty much a pain.

I'm writing the library part partially for work. My employer has OK'd my use of GPL software and the dissemination of what I do to the public, which is always nifty. Now I just have to teach myself GTK programming so I can write all the menu crap for it.

The library/object file is iw-list.o, its main function is the aptly-named do_scan() which takes an interface file descriptor and a blank list head reference. It will fill the reference with yummy data for your consumption. The example program is iw-daemon. When compiled with debugging on, it will probe your wifi card once a second and tell you what it found, and also identify the strongest signal. Yeah, it's written horribly, etc, etc. Feel free to laugh at my amateur coding. I haven't written any actual programs in a while (really, a few years ago I wrote a v. nifty EFS that was done much better thanks to peer-reviewed code). It'll get better, though.

Download file - wifi-tools-modified.28.tar.gz

Genetic "Fuzzing"

One of the things I absolutely love about dating a genetic engineer is learning the crossover between our two fields. Tonight, she taught me about genetic fuzzing.

Genetic research is kind of like penetration testing. At least, as a computer security nerd, that's how I like to think of it. There's an awful lot of compiled code to look at (genes). The classically slow method of finding a portion of a gene responsible for a certain characteristic is to find a lot of examples of the organism with the trait in question, start sequencing them, and find overlaps. Bioinformatics has a lot to add, although there's is almost too much data to search through.

A researcher that she just ran into came up with one of those "Duh," ideas, though. The researcher was trying to find a way to make a certain plant drought-tolerant. A typical way to influence drought tolerance in plants is to find the genes that control their guard cells. Guard cells, if you remember from high school biology class, are on the underside of leaves, and are responsible for absorbing carbon dioxide and releasing oxygen from the plant. One of the side-effects, or "feature" of guard cells is that they release a fair amount of water. There are a few chemical modifications that can be made in the way guard cells process carbon dioxide. Naturally, implementing these changes requires knowing where and on which gene in a plant guard cells are controlled.

Laura began tackling the problem of drought tolerance by studying guard cells in undergrad. Her approach was to find the genes controlling guard cells. She looked at transgenic plants with a reporter gene (which turns blue in the presence of another chemical) randomly inserted in the genome, a method known as enhancer trap tagging. The reporter gene would mimic the expression of the adjacent gene (blue coloration in the tissue where the adjacent gene is expressed). Through screening the collection, she looked for the blue coloration in the guard cells. After finding several individuals, the adjacent gene can be determined, through gene-specific cloning, and analyzed further. It's a slow process.

The other researcher used the reverse method. Instead of finding plants that were drought tolerant, he took normal plant seeds, exposed them to a toxin that produces a high number of genetic copy errors in DNA replication (ethyl methyl sulfonate -EMS), and planted them. He let them grow up a bit, and then starved the plants of water. After a few runs, he found some plants that were surviving! Obviously they had mutations that were limiting water vapor transpiration from the guard cells. Some sequencing work could then be used to narrow it down. The gene mutation found increased drought tolerance by enhancing ABA (plant hormone: abscisic acid) sensitivity for seedling growth and stomatal closure [1]

Of course, this method doesn't work for a lot of things, like, say, animals (PETA) or humans (er...). For plant biologists, though, it's quite an interesting technique because it's almost-but-not-quite an obvious approach to finding what they're looking for...

[1] Chen Z et al. (2006) Mutations in ABO1/ELO2, a subunit of holo-Elongator, increase abscisic acid sensitivity and drought tolerance in Arabidopsis thaliana. Mol Cell Biol 26(18): 6902

Confessions of a Caffeine Addict

I used to be a total nut for caffeine. It started in college. I actually remember the semester well -- I was taking a course on 'The Principles of Programming Languages.' For the course, we implemented an interpreter, in scheme, that had most of the capabilities (and syntax) of the core of Java. It was very interesting. The programming often kept me up until sunrise.

I had been missing those days. Now I'm reliving them, happy as a clam. I was up until 3am last night, working on a wireless scanning daemon (the goal here is to perform certain actions/run scripts/etc when a particular SSID or channel is found). Also rewriting LUKS, and trying to make Xen boot Windows in a respectable manner on my Macbook...

I usually try to limit my caffeine intake these days, because coffee makes me jittery and nervous. I invented a new drink that seems to work well. I call it a "Pink Eye" -- not quite a Red Eye, I have the coffeehouse folk fill a cup with decaf, and then put a shot of (caffeinated) espresso in it. It's a loose take on an infection that my older brother got often from our lake while we were growing up. It's pretty nifty, as it has less caffeine than regular coffee, and has an unusual flavour.

And that is how code is made.

Parallels is Awful?

I was just poking around with Parallels on my Mac once again, while discussing a weird bug in Ruby with my old friend Aaron. He wrote up a little security analysis on Parallels here. I have to say that it's worth looking at if you're into security and you have a Mac. It has scared me enough to remove Parallels from my machine.

The jist of it is that, the way Parallels works opens up your machine in a bad way -- someone could possibly write new functions and insert them into kernel space (where they would run with absolute privelege to do anything), and then they could call that new function and do all sorts of fun things -- anything that your hardware is capable of doing, that userspace program could then do. Not very good for security...