MIT Open Course Ware

MIT OpenCourseWare is a web-based repository of MIT university course materials.
It is free, it doesn't require any registration. Obviously, you can't get any certificate or degree!

Others universities all over the world are sharing Course Materials: official ones are those affiliated to the Open Course Ware Consortium.

A great step towards education for all people is to make content and knowledge available for free and the smoothest way possible.

Contents are available as lecture notes, exams, videos, audio files...

It is also possible to contriute on this activity, translating contents in non-english languages or use them (giving the proper attribution to the original MIT Faculty Author/s).
Contents are released in Creative Commons BY-NC-SA License.

Accelerometer-based mouse

A little preview... A full review in few days!

Non-exploitable vulnerabilities at source code level

I am writing a small article describing a kind of vulnerability that can be used against Linux Kernel.
This is due gcc and its optimization procedures, in some cases, make some source code buggy.
Furthermore, in this case, if SELinux is enabled, the system becomes weaker.

The vulnerability is described here (by Brad Spengler) and it can be exploited in Linux Kernel 2.6.30+/RHEL5 2.6.18 in /dev/net/tun.
The implmentation (was, before being fixed):

struct sock *sk = tun->sk;  // initialize sk with tun->sk
…
if (!tun)
return POLLERR;  // if tun is NULL return error

As tun is dereferenced (to use tun->sk) the compiler assumes that tun is non NULL, so it removes the check for tun against NULL.
Avoiding the initial crash caused to bad initialization (using mmap and SELinux), it is possible to exploit the Kernel because there is no check against tun.

I can point You all to this blog, in which are described a lot of vulnerabilities (also silently fixed ones).
Milw0rm is another source of exploit notices.

Songs...

Some good music... I wanted to add a mixtape but favtape is down.

• Kasabian - LSF (NON official video on Youtube)
• Chemical Brothers - Let Forever Be (video on Youtube)
• The Verve - Love is Noise (video on Youtube)
• Harry Nilsson - Jump into the Fire (video on Youtube)
• Jet - Are You Gonna Be My Girl (NON official video on Youtube)
• Peter, Bjorn & John - Young Folks (video on Youtube)
  

How to localize Firefox 3.5.4pre (or latest)

You added Mozilla Firefox repositories to Synaptics and you're getting only the English version of the browser?
Searching for other stuff, I reached this place...

Get your xpi file and your Firefox will be localized!

Google Android porting on x86 - UPDATE

Google Android version 1.5 (Cupcake) has been ported on the ASUS EeePc 701.
Two members of Google Groups, beyounn and cwhuang01 created a Google Code group named Android-x86, in which we are "branching" the original Google Android source code in order to obtain an updated, fully featured and working OS.
We were trying to make Cupcake boot on different NetBooks and/or VirtualBox VMs. So we decided to merge our works.
Current status:

• Intel on-board VGA is working (with 2.6.30 Kernel it is possible to set the right resolution)
• GPS USB Serial device is correctly binded to OS
• LAN 100Mbit Network Adapter is working (both DHCP and static configuration)
• WiFi Atheros 5k Network Adapter is working (both DHCP and static configuration)
• USB Mouse (software mouse) and/or Keyboard works
• USB Pen Drive or Memory reader can be mounted as SD Card
• Audio is working (ALSA was not working due to a rebuild mistake in the Android Make System)
• OpenGL-ES are going to be supported, there's a group of developers sharing their code here
  

Firefox 3.5.1 still exposing bugs

Firefox 3.5.1 represents a step towards a faster browser.
Several benchmarks show Safari 4, Opera 10 and Chrome as the fastest browsers on the market - I heard "Webkit rules" - and they only seem to lack in the plug-ins feature.
I'm not taking into account IE X.x because... I think it already exists only because is bundled into the most common OS in the world. And there's no reason to use it.

Anyway... After the first exploit (more here) soon patched by Mozilla team, we got a bug in JavaScript engine, not well managed in 3.5.1.
The issue is well described here and this time it is not useful for executing code (at the moment), but "only" for a DoS.
Possible workaround? Disable JavaScript, No-Script plug-in or switch to the older JavaScript engine from about:config, disabling javascript.options.jit.content. Choosing the 3rd option, there will be a drop in the overall performances of Firefox.

Uhm...

Tara-ta-ta-taaaaaaaa... I'm lovin' it!

Porting status and Canonical developers' news

The porting process of latest Google Android sources to ASUS EeePc 701 is almost complete.
Current status:

• Intel on-board VGA is working ( 640x480 until 2.6.29 Kernel )
• GPS USB Serial device is correctly binded to OS
• LAN 100Mbit Network Adapter is working ( both DHCP and static configuration )
• WiFi Atheros 5k Network Adapter is working ( both DHCP and static configuration )
• USB Mouse and/or Keyboard works
• USB Pen Drives can be mounted as SD Cards
• Audio is not working ( surely an ALSA configuration issue )

Furthermore, our A.API is working. I cannot tell you anything more.

I read in some websites (ArsTechnica) Canonical developers are focusing their attention on run Android applications on Ubuntu.
That can be technically done by writing a Dalvik VM that lies over a Linux distribution.
Or using an emulator, but it exists and it is too slow. No optimization can guarantee a smooth execution of the applications.

Android on Eee Pc

I am porting a Android to an ASUS Eee PC (fully featured, from source code downloaded on 3rd April).
I'll post few tutorials or something similar in next weeks.


You can know more here.

Blender Project

That's the "Computer Graphics" course project.
It has been my first time using Blender. It is a great editing tool, but it has a weird user interface (I'm not talking about Graphical UI).
Mainly, you must become a "Shortcut God". After that, following tutorials and some experience, you'll get some results.

Enjoy!

Robochecker published on Google Code

We are proud to announce that the whole source code and documentation about our "lego robot playing draughts" is on Google Code, exactly here.

The software has been written in Java, using leJOS API for controlling the NXT Brick.
It is possible to use Java by flashing a custom firmware on it.

It has been a great chance to improve our programming knowledge in Java (in source code you'll find a lot of code as implementation of threading, class factories, interfaces) and have fun.

Google projects: permanent beta (or alpha?)

Google Mail: BETA!
Google Maps: BETA!
Google x | x is a Google project name.

Android was released as 1.0 version. No "BETA" word applied to it. But with the latest repository merge, they're loosing control of the huge number of sub-projects and modules of the project.
They are publishing code stubs, fulfilled with comments (not very useful in most cases), without any implementation example.

I hope Google is having strictly coupled information exchanges with big mobile devices manufacturers, or they'll soon branch the Android project, choosing their best way to implement what they need.

Merry Christmas Blog?

I don't know what happened...
But people are accessing this "almost empty blog" searching "merry christmas" or similar...

Ubuntu Linux x64

I am working on Ubuntu 8.10 x64 since 2 weeks ago.
This last release is something not comparable to other distribution I ever used.
Fedora Core 8 or openSuse could compete against it, but Ubuntu wins:

• for the excellent package manager (synaptic)
• because of the O.S. watches for user actions, always prompting the safest thing to do
  
• for the ease of installation process
• for gnome balance between performances and eyecandy stuff
• because of derived from debian
• ... much more!

What do you think about it? Let me know. Leave a comment!

When everyone would like to be a developer.

Some time ago, I was following the development of "Prince of Persia: Assassin's Creed" game.
An interview at GameTrailers.com caught my attention...
Impressive technical details, indeed...
Awful gameplay...
Jade Raymond as Game Producer...


What a Game Producer!

[UPDATE!] My access counter is listing this entry:

25.11.08 @ 15:24:48 Host ISP:Ubisoft entertainment - Canada

Animator vs Animation

Animator vs. Animation by *alanbecker on deviantART

Context switching...

Thanks to my thesis supervisor, I received a proposal for a project involving Linux kernels, ARM SoCs (and maybe x86 systems) and Android Framework.
I accepted immediately, cause of this is another chance for working on something real.
Obviously, this time I'll work at a lower level. No Java but advanced C language and compiling options on Makefiles.
So, in future, there will be some posts containing some info about linux kernel, unix drivers and so on.

Assembly language

...

MOV AX, 0 ;is weird
XOR AX, AX ;is l33t

... is just an example, or ...

MOV AX, WORD PTR [BX]
MOV DX, 10
MUL DL  ;is weird
MOV DX, WORD PTR [BX]
SHL DX, 1
MOV AX, DX
SHL AX, 1
SHL AX, 1
ADD DX, AX ;is l33t

... sigh!

I'll never win.

Android Developers. Thread Opened.

I choose to open a thread regarding Sun JavaMail, JAF and Android.
I hope it would be useful for all developers whose encountered issues or difficulties using JavaMail on Android.
There were few troubles:

• java.awt.Datatransfer class was missing (and related interfaces): they are available in the Apache Harmony SVN. There were some java.awt.Image dependancies, which have been removed.
  
• The lastest Sun JavaMail API was not working on Android: at build time, the APK popped up an error within an IMAP class. I downloaded source code of it (now Sun JM is opensource) and I fixed some classes.
• Sun JavaMail was working, but not at 100%: it was unable to manage Multipart elements of an email (so most of the email we receive). This API stored MIME-Types to/from Java Object association (a sort of mapping between them) in 2 files within the JAR file. Android is unable to read files in the classic way (due to security policy), so I decided to add the "MIME mapping" programmatically.

You can find the post on Android Developers here.