Friday, August 6, 2010

Python as a Research Tool

I love the Python programming language. It amazes me how when someone writes pseudo code to describe some algorithms, it tends to be a valid or almost valid Python code, even if the person who wrote it has no idea what Python is. Python is just the most natural way for humans to describe code.
Today I would like to discus the uses of Python as a research tool. I tend to believe that many different researches could benefit from this tool. I use Python for any kind of research I perform. Let’s take a look at my Python usage during the day:
First for any calculation I need to do, I use Python instead of calc.exe. This way I’ve got a log of all the operations I’ve been doing, I can play with the numbers in various ways, and see how everything changes if I just change a value in any of the steps of my calculation. I find the Python Reinteract interpreter, to be the best environment for the task. For those of you who are not familiar with Python Reinteract, it’s an interpreter in which you can go back to any executed line and change it, and see all the results reevaluated in cascade. A little bit like a Soviet encyclopedia, because it’s possible to rewrite the history.
This tool bring us to my college studies, in which I use Python to solve Linear Algebra and Calculus questions. The math modules that comes with Python and the Linear Algebra modules that comes with the Reinteract environment are perfect to solve, test, visualize, check guesses and gain better understanding of the studies.


But my true love is Idle-spoon, a simple variation of the well known idle-fork. The things that where added to the idle-fork in the idle-spoon version are better navigation, a Squeezer (shown in the pictures below) and enabling of more then one instance. When I preform research, the current status of the interrupter holds my current knowledge of the inspected target. I can access any piece of information, because it is all stored in global variables. This allows me to play with the data to try to make some sense of it.

The only thing I feel the lack of is a good assembly debugger to work inside the Python interpreter. As for PDB, I see no use for it due to the GDB syndrome it shows. GDB is a command line debugger that can make a good platform for writing debugging tools. But using the GDB directly is something that tends to be quite slow, ineffective, and limiting of expressiveness.
I’m currently checking the PyScripter, to see if it is any good, for now I can just say that it looks like there are still some functions missing or incomplete.

Other than the variants above (all built upon cPython), I found that there are more variants, such as iPython which doesn’t have any GUI based environment, and therefore I find it to be just a bit less comfort to work with. I love vim, and I sometimes use gvim to write big scripts. I once read in a book that there is a good eclipse plugin for developing Python, but it has no instant interpreter, and therefore should not be considered for research. And for last and least, the Iron Python / Jython, which should both be considered blasphemy. The implementation of the Python VM inside of the Java VM or any other VM, is something that makes no sense to me. It usually suffers from the lack of many modules that I’m used to work with, if it works at all.


Big thanks to the Fox for helping on the making of this blog post.

Friday, March 26, 2010

Cellphones Party

A cellphone is actually a computer with a microphone and an amplifier.
We used to think that its speakers are quite lousy, and rightfully so, because they've got no sound box which is a crucial part in creating a good natural sound. Nonetheless our judgment is based mostly on phone calls' quality which is pretty bad because of the GSM encoding the voice go through when going over the cellular network.
Current phone technology though, with smart phones such as the iPhone, the N95 and Android based phones got better sound quality than ever before. These phones became quite popular recently, striking me with the idea of putting a bunch of those phones together to play music. The quantity of phones might just prove enough to compensate for the quality.

My idea is to write an application for smart phones, to find all the phones running the application that are located in the same room (or preselected phones). The application will synchronize the phones by locating the distance and direction from each other, and then play some music as best as possible. Finding the direction and distance might be as easy as playing a short tone, and waiting for a reply from the other phones over Bluetooth or similar means. By measuring the reply time of about three or four phones, it's possible to calculate the direction and distance.

Although the phones won't produce the best music quality, it could be fun to play with. For instance:
1. Playing perfect surround sound, which means making sound as if it is coming from different parts of the room, even from places with no phones.
2. Creating Active Noise Control, or an interference sound wave. This can create better sound, cancel out noises or even create a sound that only a certain person or a group of people in the room could hear. As far as I understand, it is a bit out the plausible range of the speakers and the computational power of the CPU, but I would love to hear more of the subject from anyone whose got a better understanding.
3. Creating a sonar, to create a 3d map of the room and the objects it contains. Again, my lack of understanding forbids me from knowing the plausibility of the challenge.

On a different but related subject, I like the idea that everyone in a party would have the ability to vote for the next song on the play list. It is already common to find in restaurants songs menu which you can choose song from by sending SMS, but still putting it as an extra interaction of the parties with the DJ has some added value to the concept. Allowing people to watch the play list of the party, voting for songs, and sending insulting messages to all the people who vote for U2 songs is a must for every successful party.

I forgot to thanks Werner for helping me on the last post. Big thanks goes to Omer for this one, check out his new awesome fun web-game @

Thursday, March 18, 2010

Patch like there's no tommorow

On this post I would like to tell the story of three little binary patches I've done recently. I find patching to be the highest form of hacking, it requires decent reverse engineering skills combined with good OS understanding. Every Pirate must have its own eye patch.

1. Gmail Notifier:

Not long ago I bought a USB mail notifier, which is a small LED lamp in the shape of an envelope, that glitters every time I get a new email. About 8 USDs on DealExtreme ( I didn't quite like the software it came with, so I decided I would add the ability of turning the LED on n' off to some better mail notifier. I've spent some time figuring out how to control it using a C++ tool that I wrote, that did not work whatsoever. After some frustrating long hours of reading on the MSDN, I turned to reverse engineer the C# software that came with the device combing some USB port monitoring. After failing again to turn on this stupid LED, I called Python to the rescue. I found out that there is an HID USB module for Python that makes life so much easier. I must say that the Python module was so good at explaining everything, that after two minutes of playing with it, I instantly got the freaking device on, I understood what was wrong with my C++ code and I gained a better understanding of the entire HID mechanism. And my message for everyone who reads this post is, don't work hard, use Python. Anyhow, now I got a small script that sets the USB device to whatever color I choose. I installed the Gmail notifier that is written by Google, set it up, and almost instinctively loaded it to IDA. Strings like "%d unread mails" or "No new mails" were easy to find, so it became quite clear where the patch should go. Using Ollydbg, I wrote the patch down. Ollydbg has a good assembling option, where one can enter assembly code easily, check the encoding and later copy it into the original EXE file. Easy as one, two, three. If anyone has ideas on ways to improve this process, please do tell.

2. SWF32.dll. I've written before about my Flash games cheating experience. One of the problems I was telling you about was patching an Action Script byte code at real time, because after the Flash VM loads the code it changes it and optimizes it, and makes it hard for me to find the relevant code in the memory. So I wanted to add an option to patch an SWF file just after the browser is done loading it, but a second before it's loaded by the VM. The SWF file format supports ZLib compression, and most of the games out there take advantage of it. So I thought a good place to patch would be after the file is inflated. On this attempt I wanted to write down a patch that is a bit more complicated; a patch that would load a set of binary alterings for the SWF file from some text file, check that the original bytes match the target (To avoid oopsies) and apply. So for this patch I used the Microsoft Detours Library, published for free, examples included, on the MSDN. I found the detour library to be very intuitive and useful.

3. The Matrix. I found the bug on the Matrix that allows Neo to jump over buildings, I fixed it and banned the user... Ok, I had another real patch, but I think I'll save it for another time.