Recent Security Papers

So in research progress, we’ve recently published or had accepted two conference papers in the area of distributed system security. The first is a paper called “Removing the Blinders”, with co-authors David Zage and Cristina Nita-Rotaru. The basic insight of the paper is that in many protocols, nodes make decisions about other nodes based on just the last message they got from them. This is a kind of “blinders”, hiding other information the node has about the other nodes, which prevents them from making smart decisions about the peers based on the holistic information available.

However, the effort required in the first paper is totally manual. Discovering the set of attacks, and then finding the defenses for those attacks is takes a smart person thinking about it for a long time. We next set out to solve part of the problem – discovering the attacks. We focused on a restricted set of systems—those implemented in a structured language such as Mace. By applying a greedy state space exploration search strategy, we can discover a class of attacks that cause poor performance in systems. This work was accepted to NDSS 2012, about a tool we call Gatling.

Meanwhile, part of our current research involves further generalizing this work.

A real-foods diet

So over the last several months, I’ve been working at losing weight. So far, I’ve lost about 26 pounds. My diet?

  • Less Soda. I started out by cutting back to 1 every other day. Now it’s more like 1 every once in a while. (i.e. 1-ish a week). If you figure I was having 1-3 in a day, that’s basically a drop of 150-450 calories a day, without replacement. In the place of the Dr Pepper, I’ve been mostly drinking water. I’ve also cut out my morning juice, for the most part, after being convinced that juice provides a lot of sugar/calories and not a lot of nutrition.
  • Eating products that are less processed, and more whole. This means reading ingredient lists. If there are a bunch of ingredients I don’t recognize, probably not a good sign. Most recently, this meant buying regular, all-natural sour cream rather than the fat free sour cream. When I stopped to look at the ingredient list of the sour cream, it had many, many ingredients as compared to the regular sour cream, including cellulose, which is basically the same thing as paper or wood pulp as I understand it. We just ate stroganoff made from the regular sour cream, and WOW was it good! So basically, while I’m losing weight, I’m eating richer, tastier foods, and feeling less hungry.
  • Accepting that my body had no clue what full and hungry meant. This can be attributed to many things, including the over-eating I was doing and the highly processed foods, especially the “light” foods I was eating which were essentially training my body that food did not correlate with calories. There were nights that I would make dinner portions for Kristina and I, and we would be eating, and she would remark how she was full and should stop. I would have been quite content to keep eating, but would follow her lead, and assume that what I had eaten was enough to fill me, so I would stop. I’m still not quite there, but I have started to be able to recognize sometimes in the evenings when I’m not hungry so that I opt not to snack because I’m not hungry rather than just the fact that intellectually I know I don’t need more food (which is still more common).

On the down side, one of the things we did as part of this movement was to visit our local dairy and buy a set of local cheeses. Tasty, yes. (Not necessarily more whole than what we could get at the store, but buying fresh/local is still something I’ve been doing as part of this general movement). Anyway – this morning we learn that the cheese we ate/bought while there is subject to a voluntary recall due to possible bacterial containment with a 3-70 day incubation period. Oh well.

One resource I have really enjoyed using for this is Fooducate. I enjoy both following their blog, and using their iPhone app to scan products to find out tidbits of things I ought to know.

Since I’ve been doing so much reading about food, I find I may post more about it too, so I’ve created a category for food.

HPDC Paper (InContext: Simple Parallelism for Distributed Applications)

This past week, one of my students presented his first paper at HPDC. There is a more detailed blog entry at the research website by the student, but I wanted to mention it here too. (Post:

The very short story: the Mace toolkit has scalability issues since events must run atomically (think a big lock protecting events to run only one at a time). This paper describes the first step towards loosening that restriction, and running different events in parallel as long as they are not both trying to write to global state.

FSE Paper (Finding Latent Performance Bugs in Systems Implementations)

This post was promised some time ago, about our paper published at the conference on Foundations of Software Engineering (2010), a top conference in software engineering. Instead of posting it here, however, Karthik (one of my student co-authors), posted a description of our FSE paper here:

The very short description: by building robust systems, we hide some of our correctness bugs, converting them into performance problems. Our paper is about using model checking concepts to discover such bugs with a minimum of developer effort. See the post and paper on the group website.

Public WiFi: should you use a VPN if you only use HTTPS sites?

I got this question from a friend, so thought I would post these thoughts in case they help others too.

Okay – so to VPN or not to VPN on a public wi-fi network….

I guess, in the end, it all comes down to the security concerns you have.

Before discussing details, I’ll start by saying that I do not often personally connect to a VPN when using a public WiFi network, despite having one Purdue hosts that I could use.

The technical difference between VPN and HTTPS comes down to the layer of the network stack where the encryption takes place. A VPN would encrypt all traffic leaving your machine, but moreover, would direct it all to your VPN provider (your desktop, as the article suggests). Once it reaches your desktop, it will travel over the desktop’s normal network path to the rest of the internet. HTTPS, on the other hand, is
applied to a specific and single network connection between your mobile device and a given server.

So, considering only traffic to HTTPS sites, let’s look at what information is leaked.

  • With the VPN, all traffic is destined for your desktop. On the one hand, this is good, because no one can tell what sites/services you
    are using. None of your network traffic, except that which was to setup the VPN, is readable on the public network. There are, however,
    two kinds of things which are leaked. (1) the volume and pattern of traffic you use. [There is no solution for this. But you should be
    aware that it is viewable to all, and there may be profiling techniques which can be applied to learn things based on this.] (2) the fact that you have a connection with your VPN provider. From a privacy standpoint, this in fact may be a very serious concern, because if you are using your desktop as your VPN, then it may very precisely identify who you are, where you live (see an article today in Ars Technica on mapping based on an IP, etc.
  • With HTTPS, only the web traffic to the given server(s) is encrypted. In particular, other information is leaked. (1) The IP addresses of all the sites you connect to, which may identify who you bank with, who you work for, who your email provider is, etc. (2) The DNS queries you issue, which would make it even easier to identify what sites you are visiting, without having to reverse-map an IP-to-hostname, when the IP may have multiple hostnames. (3) More precise information about your traffic patterns, since it is subdivided by destination rather than being aggregated in the VPN case. (4) Some HTTPS sites will include static content or images from a non-encrypted source (some browsers warn about such things). This information of course would also be unencrypted.

Next, consider the other traffic your mobile device may be sending. For example, if it participates in any convenience networks (i.e. Bonjour
for peer host discovery), this traffic will all be present too, and may or may not be encrypted, based on the service.

Another consideration is the exposure to attack your device has. In both cases, your device is connected to the wireless network. However,
in the VPN case, the default settings of the device may be generally more secure, since the wireless network wouldn’t need to support some of
the extra traffic. It becomes harder to launch an attack, since the machine is mostly looking for traffic from the VPN, and will ignore most
local traffic. HTTPS leaves any such services (e.g. iTunes listening for connections from the on the iPhone) listening.

Finally, there is the cost. VPN adds an extra layer of overhead, and an extra layer of places where things can go wrong. Also, all traffic is
going through your desktop, which may significantly reduce the bandwidth you can achieve, and add latency. (And of course, an HTTPS site when using a VPN is being encrypted twice – once at the HTTPS layer, and once at the VPN layer). Further, the choice of a VPN vs HTTPS may have other unpredictable effects – a wireless network provider may block VPN traffic, or possibly deprioritize it. Or they might do the same for HTTPS traffic (though deprioritizing is more likely than blocking in this case).

Okay, one more consideration – which is the quality of the encryption. Both technologies can provide a range of encryption quality, so
vigilance must be used in ensuring effective encryption is used. Some browsers will warn about weak SSL configurations on servers, but VPN
encryption quality is generally less well verified.

Hope this helps,

Virgin Mobile MiFi is Useless

Before Christmas, I purchased a Virgin Mobile MiFi as an alternative to the then-weak tethering options for an iPhone. I was particularly excited about the MiFi from VM because I do not need one all the time, but just sometimes while I’m traveling.

Over Christmas, it worked OK. I had a problem keeping it charged in the car because it wouldn’t charge from a normal micro-USB connection, but needed a specialized one (I think it may simply have to do with making the data lines, but for whatever reason it would not charge from a separate USB cable plugged into a car-USB adaptor, despite the fact that it will charge an iPhone and an iPad simultaneously.

But I fixed that by getting a separate car charger. Well, now I cannot download any content at all over the MiFi. It became un-activated, and I had to go back through the activation process. After doing so, I can download content from (I even purchased some bandwidth so I could use it – I’ve been able to use none).

I’ve now tried to use the MiFi 3 times on 3 separate days over 3 weeks. It has failed each time, with the same symptoms. I have rebooted everything, tried to use the reset button on the device, the laptop, etc. I am thoroughly and utterly convinced that it is a VirginMobile problem. (This is obvious from the fact that it can connect to the virgin mobile site).

I also tried to call the support line just now, and sat on hold 5 minutes with frequent apologies from the automated system that they are busier than usual. From what I’m reading on websites, they have been busier than usual for months.

So that’s it. I’m going to give up on my MiFi. I might try to sell it, except that I don’t think I would feel good selling it.

Instead, I’m going to try the new hotspot functionality of my iPhone. It’s disgustingly priced as a tethering plan, but from what I’m reading, I can turn it on and off at will, switching between data plans anytime I want. So if that’s true that may work out well for me.

If VirginMobile wishes to correct this, they can refund my $20 for the data I bought recently, and contact me. Maybe they can unlock the device to use with companies other than VM, or maybe they can make it work. But from what I’m reading on the internet, this infrastructure is just a disaster, and many of us feel like we totally wasted the money we put into it.

Oh well. Live and learn.

GPS iPhone Apps

I have received a number of requests from people interested in lists of worthwhile Apps for iDevices (iPhone, iPad, etc.). Underlying this is of course a question about whether I like my iPad. I do. I rate it as a “fun toy”. It is good enough that many evenings I do not need to use my computer – because if I am just consuming content (reading news, shopping, etc.), then there is no need for my laptop. It’s only (like tonight), when I’m doing a lot of typing that I need my laptop. As an added bonus, the iPad is easier to use in bed, and never gets hot.

In any case, today I want to focus on one particular kind of App – the GPS app. Around Thanksgiving last year, we (Kristina and I) tested out several GPS Apps on the iPhone. These included Navigon, CoPilot Live, and MotionX GPS Drive (in opposite order).

In rating GPS Apps, we identified a few key factors:

  • Maps: downloaded on-the-fly, or as part of the app itself. This impacts map freshness, app size, and mobile data usage. Including the maps in the app means the maps will be more stale, and makes the app around 2GB. Downloading the maps as you go makes the maps more fresh and keeps the app small, but uses more mobile data, and doesn’t work well in areas of poor coverage.
  • Live Traffic: Useful for routing around accidents and such.
  • Routing: TTS (Test-to-speech), for reading street names aloud. We found this feature very important to avoid looking at the screen too often. Some apps read only street numbers or numbered streets: you actually want one which can synthesize street names.
  • Polish. How elegant is the App.
  • Price
  • Map Data: there are two main map providers NavTeq and TeleAtlas. They have different qualities, strengths, and weaknesses. This turned out not to be a major issue for us (I forget which one we’re using anyway).

The apps rate as follows:

  • MotionX GPS: This is the cheapest of the options, but comes with a subscription model instead of a pay-for-the-app model. Maps are downloaded on the fly. The app was reasonably impressive, but in the end we decided we needed the maps included in the app. At the time, it also did not support TTS, though I think that may have changed.
  • CoPilot. CoPilot worked just fine – with the features we wanted, but was rather unpolished. However, in exchange it was cheaper.
  • Navigon. This was the most expensive app we tried, and in our opinion, you get what you pay for here. It has TTS, live traffic (add on charge), and also includes the maps in the app. All this, and a very polished interface as well.

While I have not tried the newer Garmin App, it downloads the maps as you go, so it doesn’t really fit the criteria we needed. In our opinion, Navigon was the best choice. I do, however, recommend looking for times when the app is on sale. You can use something like AppShopper to see the history of pricing on an app. Note also, with Navigon, you can pay different amounts depending on how much maps you want. If you don’t need Canada – get the US only version, etc.

Upcoming posts…

So I need to add some posts. I don’t have time to write them now, but if I promise them here, maybe I’ll make the time for it.

  • More games – pandemic, ticket to ride, etc.
  • iPad review
  • Research report – FSE paper

BTW, did I mention I now have a son?
He’s doing well – now 5.5 mos old. Now I’ve finally recovered some and am digging out of the hole a bit, hence the new posts.

Keeping it Simple (or: Grilling on Charcoal)

So a couple weeks ago our gas grill stopped working. Right in the middle of cooking. Originally, I thought we were just out of gas, so I had swapped it out with our spare tank we keep on hand for just such an occasion. But I could not get the grill to re-light. I couldn’t hear the gas either, which I usually can do. I re-tried many times, before finally giving up. Later on, after doing some debugging, I had decided to try replacing the regulator. Unfortunately, despite using a wrench, etc., I could not disconnect the old regulator/hose assembly. At this point I was fed up. The grill was I think about 6 years old, so it lived an okay life.

In deciding what to do about it, I did not envy the thought of replacing it with another gas grill. Gas grills just seemed to me to be overly complex, with a large number of parts which can break and stop working. Couple this with the fact that I’ve never been as happy with the gas grill as I wanted to be — the burners worked pretty well on low and high, but anywhere in between, and they would flicker out and back on, which was always puzzling. Plus, I have to say I never felt like the gas grill made foods taste all that “grilled”. I’m not sure how much benefit it had over the gas range which I had indoors. That flame was consistent, reliable, didn’t run out, was self-lighting, instantly ready, and did not require me to cook in the outdoor elements. So, my go-to grill was the cast-iron grill tray on the gas range, or sometimes, the George Foreman.

So, in looking at new charcoal grills, they were cheaper, promised more-grill-tasting food, fewer parts to break. After all, in the end, it’s basically a fire-safe kettle you put charcoal in. The Weber grill I got had the added feature of a one-touch ash-sweeping system to make it easy to keep clean. It took all of 30 minutes to assemble, and the only tool it required was something to tap the caps on to keep the wheels from sliding off.

Pros and Cons are pretty well established across the internet, but here are a few considerations I went through:

  • Cost: Gas grills are more expensive, but the fuel is supposedly much cheaper. If I the grill is $200 cheaper, and you grill 20 times a year, and your grill lasts 6 years (like my last one), you would have to save $1.66 per meal to make the difference up. I’m not saying it’s impossible, just that I’m not convinced the cost is all that significant either way.
  • Convenience: Gas grills are instant-on, while charcoal grills take more effort and time to get started. Technically, this one is true. However, the starter on my gas grill didn’t last long, and then I needed to use a lighter to start it. Next, I never knew how much gas was left to know when it might run out. Also – as for the instant-on: I always needed to clean the grates before use, so it wasn’t like I could start cooking immediately (not to mention pre-heating the grill). Now, perhaps the charcoal takes longer, but since I generally use that time to prep the food, it seems to be about the same amount of pre-prep in both cases.
  • Taste: The charcoal grill definitely is more grill-like in it’s taste. Plus, I can add fresh herb sprigs to add some smoke to the cooking. Very cool.
  • Cooking simplicity: I have to say, the actual cooking seems pretty nice. Putting the lid down, and just waiting an amount of time for things to be done is great.

I’ve used the grill 4 times now. The first time was an utter failure (I didn’t figure out how to start it properly). Then we had friends come over to show us how it works. Since then I’ve grilled twice, and both times came out great. So, I’m now a happy charcoal grill operator now.

Does anyone want two propane tanks for the exchange system? One is full. The other has an unknown amount of propane (could be empty). I won’t be using them anymore.

Generalizing this out, it is basically illustrates the principle of keeping it simple. The gas grills are more complex, more features, more money, and should be easier and better to use. But for my use, the charcoal grills are more durable, reliable, predictable, and therefore useful. Software often follows the same principle. When we add a lot of complexity to it, we generally add bugs, issues, and make it much harder to know what the software will do. So in summary: keep it simple. Even if you lose some features or flexibility, you may make up for it in the bigger picture.

Live from my iPad

Well, this morning I went and bought an iPad. So far? Very pleased. This post is written using an app for wordpress, which is quite nifty! I especially like the NPR app so far.