September 25, 2002

Kama-Sutra Algorithm

Can't sleep, and decided to go online to chat with some old friends a couple of hours ago(Started at about 1:30am). Got in a heated debate with Jason about my belief in how cryptography has been around in so many forms, allowing us to win WWII (argue with me all you want dude.. but without the breaking of Enigma.... many a battle would have turned out different. Geeks did more to help win the war than you think. Yet we get very little credit for it.) to the Kama-sutra... useful crypto dates back way before most people think.

Anyways, in the middle of all this the gauntlet was thrown down that I can't actually write USEFUL crypto code with just a browser (and no compiler or crypto libs) to deal with what happened way back then. I rarely take on challenges, as I don't need or care to prove myself... but I thought this would be fun enough to make an exception. SO .. to prove you wrong Dr. J..... here is my Kama-sutra algorithm in Javascript *ppfttt*

Ok, some background for some of you that have no clue what I am talking about. One of the oldest forms of substitution encryption is dated back to something like the 4th or 5th century in the original writings of the Kama-sutra. Yes the sex box thing. But the Kama-sutra is more than just about the exileration of a hightened awareness of sexual feeling. It stressed highly a recommendation for women to study 64 arts, which ranged from cooking to chess. The 45th art was the art of secret writings, which was supposed to be a way for women to secretly be able to communicate and conceal the details of "relationships" they may have. Now adays I think they call those "Harloquin Romance novels" or something like that. Ok, maybe not.

Anyways, the Kama-sutra algorithm is a simple pairing algorithm. In other words, you divide the 26 letters in the alphabet into 13 pairs, matching each other up. A simple example could be something like:

A C E G I K M O Q S U W Y
B D F H J L N P R T V X Z

Now, if I wanted to apply the algorithm on a text message such as:

Meet me behind the oak tree.

I would replace the M with the N, the e with the F etc etc. After encrypting it,
the cipher text would look like:

NFFS NF AFGJMC SGF PBL SQFF.


Sidebar: In case you are new to crypto... you will normally find cipher text
in upper case, and plain text in lower case.

Sidebar2: Did you notice that using that pairing... foo=epp. How quaint.

When I was in junior high, this is how we used to pass notes to each other. Used to piss off the teacher when they confiscated it and wanted to read it to the class. I remember getting in HUGE trouble with the math teacher once, and was forced to explain to the principal what the note said, and how we wrote it. They had a hard time explaining to my grandmother that while in class we were playing with encryption ciphers which was beyond them *laugh*. I had a harder time explaining why I knew what the Kama-sutra was.

Anyways.... here is my Kama-sutra algorithm. Dr. J.... I would like the case of Mountain Dew brought up the next time you are in Canada :)

 

Plain Text:
Cipher Text:

Anyways, thats about it. I guess I could make it more intelligent and clean... but I am just trying to show that it is possible with a "mere browser". It is useful enough to actually create Kama-sutra style message either randomly.. or with a pre-shared set of pairs. And of course... the whole reason I started all this was to show it COULD be done in a browser without crypto libs or a compiler, and to get tired so I could go to sleep. Mission accomplished. *yawn*

:)

Its now almost 4am. I gotta get some sleep before the product demo tomorrow ^H^H^H^H today at 10am.

I'm outta here.

Posted by SilverStr at 03:49 AM

September 20, 2002

Idiots I tell ya

You are going to be stranded on a desert island. You are allowed one luxury item. You can expect that the island will be sandy and lush with vegitation. What do you bring. A SKATEBOARD!. Bloody dolt. Lets see... be more practical to bring.. oh I don't know... A SURVIVAL KIT.... maybe some WARM CLOTHES.... but no... a skateboard.

Survivor is again polluting our minds. Voted by me is Robb, the skateboarding bartender as the most pathetic, idiotic and annoying person in the series. I hope he gets punted quite soon. Of course, I kinda thought Ghandi should have been punted. All she has done is whine and give up constantly. She blew a challenge... which I would be fine with.. except that she was giving up. Thats what cost her. She freaked when the other team got close, threw up her hands and quit. Of course, the pastor John wasn't all that funny with the slime water joke.. but he atleast was strong enough to help the team out for another round or two. Alas.. I'm not on the island, so it doesn't matter much.

Interesting sidebar. You will note after the "recess style" team selection process (quite demoralizing I bet... interesting move) each survivor was asked name, age and occupation. And it was made clear that you DIDN'T have to answer parts if you didn't want to. Only ONE didn't say his occupation. And that was Clay. Then during some of the voting comments were made about the fact he didn't need it financially. I will bet this guy is a successful businessman. Probably has a lot of money already and that has people jealous. Or, he owns a business that somehow relates to Survivor. He probably owns a Camping store chain or something. God forbid he knows how to survive. Or maybe he's a famous chef.. and doesn't wanna cook on the island. We all know how chefs were treated in PREVIOUS Survivor series. The geeky underling with a secret occupation. Hmmmmmmm.

Oh well. ScoobyD is probably in heaven now that its started again. I for one hope Rob goes and tries surfing with his board and drowns or something. Of course Jeff would design a series with someone you will love to hate. Otherwise, this is getting to be the same... but different. Oh when oh when will my CSI be back.

Posted by SilverStr at 03:39 PM

September 19, 2002

Funny Picture

I just spit up a good quanity of coke on my keyboard when I saw this.









:)

Posted by SilverStr at 05:36 PM

Oh ya... its the turtle!

It's HIP to be:

repeat 4 [fd 10 rt 90]

(psstttttt.... thats a square)

Ahh.. the good old days of Logo. Well, I am happy to say that the kewl guys over at MIT have revived logo with Star Logo, a nice Logo tool written in Java. Logo was one of the first programming languages that I enjoyed as a kid, and could be credited for the first game I ever wrote. It wasn't Quake by any means... but hey... nobody else was doing it. (So I thought at the time). I am gonna see if I can get my daughter hooked on this, and enjoy Logo as I did.

Fingers are sore. Have had to do a LOT of writing lately. Wrote 3 tech docs as well as rewrote the product section on the company web site. Now in the process of working with Limos to write a very detailed "Reviewers Guide" of the product. We shutter at the thought of the 80 page manuscript we are embarking on, just so people know how to see everything in the product. (Something we ALWAYS lacked at the old company).

REALLY wanting to attack some new ideas I have with some SNMP monitoring code. I want to enhance the monitoring with real time host watch viewing on the network. In this way you can totally follow what users are doing. Further to this, eventually I hope to have it clickable so if you want to see what a user is seeing, you could very well do it through the code I have interfacing with snort. ie: You see someone is using up some bandwidth that looks like instant messaging, when they are working. You simply could click on that session, zoom in, and then have every packet going to them also echo to your screen. The monitoring tool could resassemble it and you could read what they are reading. Or view what they are viewing. Or play it back later as part of forensic analysis. (Showing a boss his pr0n session would be quite enlightening I would think). However, we are in a code freeze while we get the sales and marketing guys every imaginable document you can think of. *sigh*

I'll get to it someday soon I hope.

Posted by SilverStr at 03:35 PM

September 15, 2002

Lakes abound!

Enjoyed a family day yesterday at Harrison HotSprings and Harrison Lake. (Sorry I couldn't make it Arc for the move... my daughter wanted to me to spend some time with her doing something different). One of the luxuries of living where I do is I am about 30 minutes away from two different lakes. Cultus in one direction, and Harrision in another.

Every year Harrison has the World Class Sand Sculpture Contest. They make some amazing work with mere sand and water, and is always a treat to go see. This year though.. it was nuts. We couldn't find ANY parking... and had to simply drive by slowly to catch a glimpse of the art work. We then decided we didn't want the crowds, and we headed to the Yacht Club to go hang out at the break. Harrison is home to a few really good windsurfers, and we thought we would relax and enjoy the breeze off the lake. It was great. Very relaxing. I took a few pictures with the old Kodak digital camera but didn't actually put any effort into setting the quality of the pictures etc. I wanted to see what would happen when I simply pointed and shot. Well, here is the results:




As you can see, without doing anything with the shutter, exposure or zoom this little 1.3 Megapixel baby takes "Ok" pictures. I could have done better quality shooting, which I will have to try next time I am out. Over all though... wasn't to bad for a digital camera that is discontinued.

Work is pretty hectic. With the commercial release now out we are scrambling to update the web site, set up an Online store and get huge amounts of documentation (Press Kits, Reviewer's Guide etc) out the door in the next few weeks. Nice on one side as I can sit on my deck with the laptop to churn this stuff out, but takes me away from the passion of coding. Hopefully in the next week or two you will get to see the effort of stuff being done. (If you care to that is) We now have a VP of Sales that used to be one of the head sales gurus at Group Telecom and IBM. It is refreshing to hear what we need to do on the sales side from someone really experienced in doing such things in the IT industry. I sense good things in this guy. Only time will tell... and the revenues of course.

Still waiting to hear when I am supposed to be going to China. Supposed to be soon... but I have no clue what soon means on the Chinese calander. Again.. only time will tell. And on that note.. I am gonna go jet for a bit and do some more tweaking on the interface to
PayPal
. We are using them to do online transactions (both credit cards and online chequing), and I have found its not easy to deal with GST and PST calcs on a US driven transaction system. I need to write a perl wrapper around the transaction to basically figure out the calc and make the charge dynamically during the transaction. *Ugg* . TTYL

Posted by SilverStr at 03:32 PM

September 08, 2002

Code statute of limitations

So I was doing some research on the statue of limitations for old code, and there is an interesting clause that:



Poorly written code that would be failed in first year computer languages has the right to be ridiculed and mocked indefinitely. Especially if said source code author knows better that do such silly things.

I am pretty sure this includes REALLY silly mistakes like free()ing pointers you just nullified 3 lines before. Even more so if you then do the exact same thing over 70 times in the same code. Especially when you can put a VERY simply wrapper test such as:


if( ptr )
free( ptr );


I'm sorry if I sound cranky... when friendship seems belittled when you ask a simply question.. I get that way. Of course in years from now... I will probably continue to do this, only to find out I am really criticizing myself. :)

Posted by SilverStr at 03:29 PM

September 07, 2002

What a beautiful night

Spending a quiet night a home. Just finished watching Das Boot and now sitting on the patio at 10:30 at night with the laptop (wireless is a $DIETY send), a good bottle of Gwetztraimenier (some day I will get that spelling right) and listening to Chris Botti and thought I would update my journal.

So whats new? We did our commercial release last week. That felt pretty good. With some help from ScoobyD, we even included a complete migration tool to turn old Merilus product into ours. Hopefully that will aid old customers in upgrading.

Been spending time looking at winpcap and writing supporting code for nmap and tcpdump services in cygwin for XP. I can pretty much now do all the same stuff I can do on all the different Unix flavors in relation to digital security forensics, and network auditing. Even got ngrep working, which is nice.

My trip to China sounds like its back on. I was supposed to go last month, but some changes happened (for the good) that delayed things. So with any luck I will get some good digital camera pics of the Great Wall end of September/beginning of October. Guess time will tell.

Other than that, not much else to report. Running isn't going well... I am just not enjoying it. Eating slipping a bit, but not to bad. Was supposed to go to Langley and check out a car show today, but just didn't get down there (it ended at 7pm.. wife worked till 6). Missed seeing some sweet old 'Vettes apparently. Oh well.

Well, its getting kinda chilly.. I think I will go inside. TTYL

Posted by SilverStr at 03:26 PM

September 02, 2002

Bye bye Summer (Hello Marklar!)

Labour day week is almost to a close, as well as summer. Which is ok by me, as I prefer the artisitic canvas of the trees as they turn crimson and golden. Wanted to leave the summer in style though, and our neighbourhood got together for a block party and barbeque Saturday night. Was a lot of fun.

With the tears of the $DEITY falling on us right now (summer is over, so its time to rain again), I am cooped up inside and decided to make some use of it. Spent a good portion of last night and this morning rereading Java Security from ORA and brushing up on the dynamics of certificate management in Java. I am going to end up having to write our own PKI infrastructure, including our own Certificate Authority (CA) to allow us to maintain policy enforcement device certs within our application. I think I am going to write it as an entirely separate app and put in hooks to support access to the devices. Since everything is now driven by an XML engine anyways, that shouldn't be to hard.

Marklar! Marklar! Marklar! Marklar! This is the name I will follow for some time. According to this article Apple has been porting OSX to x86 in parallel to their PPC version since the beginning. Although it is doubtful that I am going to get a copy of this any time soon, I will be one of the first to blow away my laptop on put OSX on my x86 system when its available. It will take 3rd party developers some time to port their apps to x86... but hey... if Steve Jobs can get over the hardware hurdle... someday... we could be in luck.

Following Solas's lead, I took the Fark Cliche survey today:



You are Domo Kun!

Take the "Which FARK Cliche Are You" quiz!

So many silly surveys.. so little time. Anyways, I am gonna go and spend some more time thinking about the Certificate policy server. Need a kewl name for it. Anyone have any ideas?

Posted by SilverStr at 03:24 PM