User Experience (UX) References

Here are some interesting references on User Experience / User Interfaces, which I personally recomend:

Traveling Ruby (multi-platform portable Ruby binaries)

Traveling Ruby consists of a set of multi-platform portable Ruby binaries, which can be used to distribute Ruby-based products and run them even in machines where Ruby is not installed. It’s very useful, as you can also use it to pack multi-platform applications.

You can check the project’s home page here:

Traveling Ruby is a project which supplies self-contained, “portable” Ruby binaries: Ruby binaries that can run on any Linux distribution and any OS X machine. It also has Windows support (with some caveats). This allows Ruby app developers to bundle these binaries with their Ruby app, so that they can distribute a single package to end users, without needing end users to first install Ruby or gems.

It can run on

  • Linux x86.
  • Linux x86_64.
  • OS X
  • Windows

 

 

Video:

https://vimeo.com/phusionnl/review/113827942/ceca7e70da

 

Code Smells detectors

A Code smell is an interesting Software Engineering concept. According to Wikipedia, a Code Smell

“refers to any symptom in the source code of a program that possibly indicates a deeper problem.[1] According to Martin Fowler, “a code smell is a surface indication that usually corresponds to a deeper problem in the system“.[2] Another way to look at smells is with respect to principles and quality:[3] “smells are certain structures in the code that indicate violation of fundamental design principles and negatively impact design quality“.

Common code smells include:

  • Class-level smells
    • Large class, Feature envy, Inappropriate intimacy, Refused bequest, Lazy class/freeloader
  • Method-level smells
    • Too many parameters, Long method, Excessively long identifiers, Excessively short identifiers, Excessive return of data
    • Excessive use of literals, Cyclomatic complexity, Downcasting
    • Orphan variable or constant class
    • Data clump

Code Smells detection tools

Some free code smell detection tools (which perform static code analysis) include:

Conclusion

Most of these smells lower your code’s quality and maintainability. Be sure to include some of these detection tools on your development processes, as well as appropriate coding standards. Automatic noncompliance detection can be accomplished by adding these tools to your build process.

You can research more tools at https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis

References

Zero Net : P2P websites without central web server

ZeroNet is a very interesting distributed platform for content publishing and sharing. It has some strong properties, which are very interesting to bypass censorship and online hosting costs.

According to its proponents, it provides:

Open, free and uncensorable websites,
using Bitcoin cryptography and BitTorrent network

In this post we will see how ZeroNet can provide these properties.

Interesting features

  • Password-less BIP32 based authorization
    • Your account is protected by the same cryptography as your Bitcoin wallet.
    • You will need your private key to make changes to a given site
    • the site’s address is also BIP32-based
  • Real-time updated sites
    • visitors are notified of changes
    • and they update their browser contents if needed
  • Namecoin .bit domains support
    • for human intelligible site names
  • SQL Database support
    • runs locally
    • dedicated API for database access
  • Anonymity:
    • Full Tor network support with .onion hidden services instead of ipv4 addresses
  • TLS encrypted connections.
  • Automatic, uPnP port opening.
    • can be interesting for visitors using TCP/IP connections
  • Works with any browser/OS.

How does it work ?

According to its proponents, when you vist a ZeroNet site, this is what happens:

ad-hoc-and-p2p_1014841493414094001

ad-hoc-and-p2p_7615479204197627471

Digging a little bit deeper into detail, we find the following architecture:

screen-shot-02-05-17-at-06-51-pm-001

  1. Create a new site: a BIP-32 address and its respective public and private keys are created
  2. A BitTorrent compatible “.torrent” is created for announcing purposes
  3. The BIP-32 address is announced in the BitTorrent network trackers
  4. The BIP-32 address can be shared with the public
  5. A new visitor asks the BitTorrent trackers for other visitors serving the BIP-32 address
  6. The new visitor connects to the first ZeroNet server (using TCP/IP or TOR) and asks for “content.json“.
  7. After validating the “content.json” contents, it asks for the remaining site contents and validates its signature. It stores all the site’s contents locally
  8. The new visitor announces that it is also serving the site

Site Name

ZeroNet uses a BIP-32 address for the site name. This address can be concatenated to the local ZeroNet server.

For example:

Domain names

Namecoin .bit domains are supported: these addresses can be concatenated to the local ZeroNet server.

  • Example:
  • Other examples:

    screen-shot-11-02-16-at-12-16-pm

  • https://namecoin.org/
    • «Namecoin was the first fork of Bitcoin and still is one of the most innovative “altcoins”. It was first to implement merged mining and a decentralized DNS. Namecoin was also the first solution to Zooko’s Triangle, the long-standing problem of producing a naming system that is simultaneously secure, decentralized, and human-meaningful.»
    • «Namecoin is an experimental open-source technology which improves decentralization, security, censorship resistance, privacy, and speed of certain components of the Internet infrastructure such as DNS and identities.»

Other Benefits

Some additional benefits include:

  • Transparent sites: all the site code for all ZeroNet sites is available and can be audited if needed
  • One click cloning
    • it is very easy to clone an existing site and modify it
  • No back-end code
    • everything runs locally, there is no central server
      • even the database runs locally
    • this means the code runs very fast
    • and that there is no single point of failure or censorship
    • API for local database access
    • offline access is naturally supported
  • Instant CDN (Content Delivery Network)
    • the system behaves naturally as a CDN because it naturally produces multiple site copies (one for each visitor)
  • It is able to run on non-internet networks
    • Mesh-networks, Bluetooth, WiFi-direct, for example
  • Zero discrimination
    • everyone can build a site for a zero cost infrastructure
  • Zero trust
    • it is impossible to modify a site without the original private key (for the BIP32 address)
    • NOTE that it is not impossible to make a copy of the site, it’s just impossible to change a site at a given address without the private key

Other Features and limitations

  • No torrent-like file splitting for big file support
  • Support for anonymous communication (built-in full Tor support added)
  • File transactions are not compressed
  • Encrypted communication (TLS encryption added)
  • No private sites
  • Local ZeroNet service uses 15441 TCP/IP port (or a TOR hidden service) for inbound connections from other visitors

Demo

Step 0 – Install ZeroNet

  • Decompress the package and run the script:
    • ZeroNet.cmd (win),
    • ZeroNet(.app) (osx),
    • ZeroNet.sh (linux)
root@osboxes:~/Downloads# cd ZeroBundle/
root@osboxes:~/Downloads/ZeroBundle# ls -l
lib  
LICENSE.txt  
Python  
ssl  
ZeroNet.sh
root@osboxes:~/Downloads/ZeroBundle# ./ZeroNet.sh 
Downloading https://github.com/HelloZeroNet/ZeroNet/archive/master.zip to ZeroNet directory.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Downloaded.
Extracting... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Done.
Starting ZeroNet/"start.py"...
- Starting ZeroNet...
[15:24:11] - OpenSSL loaded, version: 01000207F
[15:24:12] - Version: 0.4.1 r1536, Python 2.7.11 |Continuum Analytics, Inc.| (default, Dec  6 2015, 18:08:32) 
[GCC 4.4.7 20120313 (Red Hat 4.4.7-1)], Gevent: 1.0.2
[
15:24:12] - Creating FileServer....
[15:24:12] TorManager Tor controller connect error: AssertionError: Tor version >=0.2.7.5 required, found: 0.2.2.35 in TorManager.py line 159
[15:24:12] - Creating UiServer....
[15:24:12] Site:1Name2..hM9F Content.json not exist: data/1Name2NXVi1RDPDgf5617UoW7xA6YrhM9F/content.json
[15:24:12] - Removing old SSL certs...
[15:24:12] - Starting servers....
[15:24:12] Ui.UiServer --------------------------------------
[15:24:12] Ui.UiServer Web interface: http://127.0.0.1:43110/
[15:24:12] Ui.UiServer --------------------------------------
[15:24:12] - Opening browser: default_browser...
[15:24:12] Site:1Name2..hM9F Content.json not exist: data/1Name2NXVi1RDPDgf5617UoW7xA6YrhM9F/content.json
[15:24:16] FileServer Checking port 15441 using portchecker.co...
[15:24:21] FileServer [BAD :(] Port closed: Port 15441 is closed.
[15:24:21] FileServer Trying to open port using UpnpPunch...
[15:24:34] Site:1HeLLo..Tf3D Content.json not exist: data/1HeLLo4uzjaLetFx6NH3PMwFP3qbRbTf3D/content.json
[15:24:36] FileServer UpnpPunch run error: UpnpError: Failed to communicate with igd using port 15441 on local machine after 3 tries. in FileServer.py line 73 > UpnpPunch.py line 319 > UpnpPunch.py line 310


screen-shot-11-02-16-at-12-11-pm

screen-shot-11-02-16-at-12-12-pm

Step 1 – Create a new site

You can create an empty site through the command-line, as follows:

# zeronet.cmd siteCreate

- Starting ZeroNet...
 - OpenSSL loaded, version: 01000201F
 - Version: 0.4.1 r1536, Python 2.7.12 (v2.7.12:d33e0cf91556, Jun 27 2016, 15:19:
 22) [MSC v.1500 32 bit (Intel)], Gevent: 1.1.2
 - Generating new privatekey...
 - ----------------------------------------------------------------------
 - Site private key: 5KfnCgnyqNZWrRJ8tWeg1c5jaXXXXXXXXXXXXXXXXX
 -                   !!! ^ Save it now, required to modify the site ^ !!!
 - Site address:     1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX
 - ----------------------------------------------------------------------
 ? Have you secured your private key? (yes, no) >

Alternatively, you can clone an existing site (much easier option to start with).

Step 2 – View the new site contents

  • In a browser, we can access the new site with the following URL:
  • http://127.0.0.1:43110/1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX
  • Note that the URL to access a ZeroNet site is composed of the local service URL concatenated with site’s BIP-32 address

screen-shot-11-02-16-at-12-10-pm

Step 3 – Update the new site contents

ZeroNet provides some site templates which you can use to quickly add your content.

For example, the Blog and Talk templates allow the content files to be changed through the web interface without any coding. You can clone the ZeroBlog site to create a new blog.

screen-shot-11-02-16-at-01-24-pm

screen-shot-11-02-16-at-03-41-pm

Accessing the new site from another host:

screen-shot-11-02-16-at-04-01-pm

If you want to update your site files manually, you will have to perform some more steps from the command-line:

  • Update the site files located in data/[your site address key] 
    (eg:1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX).
  • When your site is ready run:
$ zeronet.py siteSign 1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX 
- Signing site: 1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX
... Private key (input hidden): 
<enter your private key>

  • in order to inform peers about the changes you made you need to run:
$ zeronet.py sitePublish 1KVaAeeVhhW43FsYPWiEK7FSTuXXXXXXXX
... Site:13DNDk..bhC2 Publishing to 3/10 peers... 
Site:13DNDk..bhC2 Successfuly published to 3 peers 
- Serving files.... 

Stats

You can check your local service’s stats using the following URL:

rev1536 | 88.210.64.173 | Opened: False | Crypt: ['tls-rsa'] | In: 7.23MB, Out: 0.20MB | Peerid: -ZN0041-sbW9XT0WjF9k |
Connections (4, total made: 109):
id proto type ip open crypt ping buff bad idle open delay out in last sent waiting version sites
86 v2 out 112.115.5.254:15441 True ECDHE-RSA-AES128-GCM-SHA256 0.515 0 0 716 6149 0.000 2kB 1kB listModified [] 0.4.1 r1536 3
88 v2 out 78.213.146.86:15441 True AES128-GCM-SHA256 0.140 0 0 716 6130 0.000 2kB 1kB pex [] 0.3.6 r915 3
94 v2 out 78.135.51.152:15441 True ECDHE-RSA-AES128-GCM-SHA256 0.374 0 0 716 6105 0.000 1kB 0kB listModified [] 0.4.1 r1536 2
96 v2 out 179.8.205.91:15441 True ECDHE-RSA-AES128-GCM-SHA256 0.359 0 0 613 6103 0.000 0kB 0kB listModified [] 0.4.1 r1536 2

Tor hidden services (status: OK (7 onion running)):
- 1KVaAeeVhhW43FsYPWiEK7FSTuHdGnbeoX: hyvex7lfikk277kq
- global : bkgn22ygvetxb3ze
- 1BLogC9LN4oPDcruNz3qo1ysa133E9AGg8: 2mtnv2xrii6rrym4
- 131a4VbWAo21oeLffGfty9DVy4SnnPHCND: xzykj3o5yi6vd2xc
- 1Q9xoVam2Kx4Y5r76QkPDCLVMq9t4jRqZc: bol2gf6sil5jbf3n
- 1Name2NXVi1RDPDgf5617UoW7xA6YrhM9F: 6j2u2jiecp3l2d3b
- 1HeLLo4uzjaLetFx6NH3PMwFP3qbRbTf3D: ifnzspvmmwuori33

Db:
- 128.979s: data/content.db
- 127.196s: data/1BLogC9LN4oPDcruNz3qo1ysa133E9AGg8/data/zeroblog.db
- 128.952s: data/1Q9xoVam2Kx4Y5r76QkPDCLVMq9t4jRqZc/data/zeroblog.db

Sites:
address connected peers content.json out in
131a4VbWAo21oeLffGfty9DVy4SnnPHCND [] 0/0/0 0 (loaded: 0) 0kB 0kB
1BLogC9LN4oPDcruNz3qo1ysa133E9AGg8 [88, 86] 2/2/376 465 (loaded: 52) 0kB 3458kB
1HeLLo4uzjaLetFx6NH3PMwFP3qbRbTf3D [94, 96, 86, 88] 4/4/630 1 (loaded: 1) 0kB 807kB
1KVaAeeVhhW43FsYPWiEK7FSTuHdGnbeoX [] 0/0/0 1 (loaded: 1) 0kB 0kB
1Name2NXVi1RDPDgf5617UoW7xA6YrhM9F [94, 96, 86, 88] 4/4/647 1 (loaded: 1) 0kB 818kB
1Q9xoVam2Kx4Y5r76QkPDCLVMq9t4jRqZc [] 0/0/0 3 (loaded: 3) 0kB 0kB

Final Remarks

ZeroNet is a promising technology for the Zero Marginal Cost Society, as it enables democratic access to publishing resources for creative commons sharing, without having to use any private enterprise infrastructure site to host your site content.

This means that ZeroNet is a very interesting technology  if you are worried that your site could be censored by any public authority or private entity, or if you would simple like to use it freely, as it does not imply any fee or payment to external entities.

References

Domain Specific Languages (DSLs) – SLIDES

I’ve uploaded some slides about DSLs, you can find them at:

 

 

Reposting my previous post about DSLs bellow.

Screen Shot 09-01-16 at 04.54 PM

Byzantine mysteries

Domain Specific Languages (DSLs) are special-purpose programming languages developed for a specific domain. Some of its most interesting benefits include:

  • increasing productivity (by reducing the lines of code that have to be written manually)
  • test generation
  • formal verification

These languages work by using higher-level constructions and restrictions. They can be either textual (declarative or imperative) or graphical, and can include multiple views for the same domain.

I’ve used this type of languages extensively in my work and it saves a lot of time. “Preprocessing” is one of the tyipcal ways to implement them. Some subtypes include:

  • Macro processing
  • Source-to-source transformation (conversion between languages)
  • Pipeline
  • Lexical processing

( more info at http://www.rose-hulman.edu/Users/faculty/young/OldFiles/CS-Classes/OldFiles/csse490-mbse/Readings/DSL-Survey-WhenHow.pdf )

You can use these languages for several purposes, including:

  • Defining an entity model
  • Protocol definition
  • High-level user interface description
  • Automated test case description
  • Software architecture description

Microsoft has some easy to use DSL editor tools in Visual Studio…

View original post 78 more words

“vsockets-tools” for VMware hypervisors

I have developed a new open source project: “vsockets-tools”

You may check it out at:

Source repository + pre-compiled binaries:

Paper:

Abstract:
VMware guest machines are able to communicate with their host using a special kind of sockets called “vsockets”. These sockets can be used even if the typical TCP/IP network protocols are not available at the guest. Since “vsockets” don’t use the TCP/IP protocol stack, they are not “visible” to common network testing and penetration testing tools.In this paper we present a set of tools designed to provide a bridge between TCP/IP tools and the “vsockets”. These tools can also be useful for learning “vsockets” behavior and concepts.

Paper Preview:

Screen Shot 06-29-16 at 12.00 PM.PNG