https://unorde.red/ Recent content in unorde.red on unordered Hugo -- gohugo.io en-US Mon, 28 Aug 2023 00:00:00 +0000 https://unorde.red/mount-macpherson/ Mon, 28 Aug 2023 00:00:00 +0000 https://unorde.red/mount-macpherson/ 2427m (427m prominence) Monashee Mountains, Gold Range Revelstoke, BC In late August my brother and I were looking for a nice, accessible summit to do in the area, and settled on Mount MacPherson as a good candidate. The summit is quite close to and visible from Revelstoke, although not nearly as spectacular as some of the other visible summits such as Mount Begbie. Access is via the Three Valley-Victor FSR, which is about a kilometer east of the Three Valley Lake Chateau on Highway 1, west of Revelstoke. https://unorde.red/mount-carnarvon/ Wed, 26 Jul 2023 00:00:00 +0000 https://unorde.red/mount-carnarvon/ 3046m (406m prominence) Canadian Rockies, Waputik Mountains Yoho National Park, BC I was camping in the beautiful Yoho National Park, so naturally it was time to climb a big mountain. I poked around the map for a bit and settled on Mount Carvarnon as a good candidate. Close to the campsite, lots of elevation, and reportedly good YDS class 3 scrambling. The most accessible route up is from Emerald Lake, which is a popular tourist destination. https://unorde.red/mount-fosthall/ Sat, 22 Jul 2023 00:00:00 +0000 https://unorde.red/mount-fosthall/ 2686m (816m prominence) Monashee Mountains, Gold Range Monashee Provincial Park, BC There are two standard ways to do Mount Fosthall, both gaining the south ridge from the south east. The easiest is probably to start at the Sol Mountain Lodge from the east, taking the South Caribou Pass Trail to the Mount Fosthall route. This shouldn’t be much more than 1000m elevation gain, and is much shorter than the other route. https://unorde.red/cape-wrath-trail/ Thu, 05 Nov 2020 00:00:00 +0000 https://unorde.red/cape-wrath-trail/ The Cape Wrath Trail is an approximately 350 km (220 mi) walk through the Scottish Highlands, stretching from Fort William to the northwesternmost point of mainland Britain, Cape Wrath. The route is unmarked and there is no official line. It has the reputation of being Britain’s toughest long distance walk. In the fall of 2020 I hiked the Cape Wrath Trail solo in eleven days. This trail already has its share of uncertainty, but the global pandemic raging in the background brought a few more. https://unorde.red/damctf-crypto-guess-secret/ Mon, 12 Oct 2020 00:00:00 +0000 https://unorde.red/damctf-crypto-guess-secret/ This challenge asks us to break a ‘super secure and efficient communication method’. It also gives us the server code, although this isn’t really necessary—the server itself tells us all we need to know. The server explains in detail what it does. It accepts a string, and creates the plaintext by concatenating it to the flag. The plaintext is then compressed using the lossless deflate (zlib) algorithm. Lastly, the compressed data is encrypted using AES_CTR_128. https://unorde.red/bazel-go-and-protobufs/ Mon, 20 Apr 2020 00:00:00 +0000 https://unorde.red/bazel-go-and-protobufs/ Suppose you’re setting up your first project using Bazel, written in Go and using Protobufs as a data format. It’s easy to make mistakes. I did, and ended up with the following build error: compilepkg: error running subcommand: exit status 2 /***/file.go:xx:xx: cannot use o (type *protopb.Object) as type protoreflect.ProtoMessage in argument to "google.golang.org/protobuf/proto".Unmarshal: *protopb.Object does not implement protoreflect.ProtoMessage (missing ProtoReflect method) /***/file.go:yy:yy: cannot use o (type *protopb.Object) as type protoreflect. https://unorde.red/exploring-facebooks-network/ Fri, 28 Feb 2020 00:00:00 +0000 https://unorde.red/exploring-facebooks-network/ What does the (physical) network of a big internet company like Facebook look like? I’m going to try to find out. I’ll be making a lot of assumptions, loosely backed by informaton gathered from possibly out of date sources. I’ll try to be explicit when something is guesswork. A good place to start is the traceroute tool. By default it performs reverse DNS lookups for each hop. This often reveals interesting information, and facebook. https://unorde.red/sanity-checks/ Sat, 14 Dec 2019 00:00:00 +0000 https://unorde.red/sanity-checks/ In my line of work I’ve dealt with a lot of automated data pipelines that feed into production systems. Validating the output of these pipelines in an automated manner is frequently difficult. Suppose you had a different data source you could validate against. If you could reliably tell whether your pipeline was producing invalid data using this data source, why not directly incorporate this data into your pipeline? Alternatively, if the data source isn’t reliable enough to do so, chances are you’ll need a human to come look at the diffs either way. https://unorde.red/redpwnctf-mallcop/ Sat, 17 Aug 2019 00:00:00 +0000 https://unorde.red/redpwnctf-mallcop/ Mallcop was the least-solved challenge in the Misc category. We were given a zipped file of 20 problem instances. The server gives us the following problem description: Sick of Chick-fil-A, Daniel's son deserts him to make a break for the parking lot. (Un?)fortunately, Max the Mall Cop is here to help! The n stores in the mall are connected by walkways such that none of them form a cycle; in other words, there is exactly one path from one store to another. https://unorde.red/redpwnctf-alien-transmissions/ Fri, 16 Aug 2019 00:00:00 +0000 https://unorde.red/redpwnctf-alien-transmissions/ This was one of the higher scoring challenges I completed. We’re given the following description: Brownie plugged his USB stick in, ready to take a look at the alien transmissions he had received. However, when he opened the document, he discovered that it was all encrypted! Brownie remembered overhearing Tux bragging about a 38 character xor key, and realized that he must have encrypted his document. Help Brownie find the key to decrypt the transmissions! https://unorde.red/icmp-and-nat/ Mon, 18 Feb 2019 00:00:00 +0000 https://unorde.red/icmp-and-nat/ ICMP stands for Internet Control Message Protocol. It is used by network devices to send error messages and operational information. If you’ve ever used ping to poke a machine, you’ve used the ICMP protocol! The ICMP protocol is very simple. It is considered a layer 3 protocol, and messages are wrapped by IP. The header consists of several fields. The first byte is a numeric type. For example, 8 is an IPv4 echo request, while 0 is an IPv4 echo reply. https://unorde.red/uid/ Sat, 17 Mar 2018 00:00:00 +0000 https://unorde.red/uid/ What happens when an unprivileged user runs the binary -r-s---r-x 1 root root 1024 Mar 17 21:57 binary which executes the following lines of code? setreuid(geteuid(), geteuid()); system("/bin/sh"); Let’s find out. First, we need to understand what a uid is. The POSIX standard defines three different user identifiers. These allow processes to dynamically take on different roles, providing they have the required privileges. The real uid identifies the (real) owner of a process. https://unorde.red/cryptobin/ Thu, 04 Jan 2018 00:00:00 +0000 https://unorde.red/cryptobin/ Over the holidays I spent some time on two different but related sets of challenges. The first was the Krypton wargame at OverTheWire. This wargame goes over some basic classical cryptography. I was a bit disappointed in the last level, I don’t think the way I solved it was the intention of the author. It certainly didn’t match the level text. The second was the AIVD kerstpuzzel, which is an annual Christmas puzzle produced by the Dutch equivalent of the CIA. https://unorde.red/tcp/ Sat, 04 Nov 2017 00:00:00 +0000 https://unorde.red/tcp/ This article assumes the reader has basic knowledge of IP. IP gives us addressing and the ability to send packets from one machine on the internet to another, assuming that routing is configured correctly at each hop. However, it provides little else. Imagine trying to send a large file over IP. Due to the length restriction on IP packets, the file is broken up into chunks, and each chunk is sent in order as an IP packet. https://unorde.red/autonomous-systems/ Tue, 10 Oct 2017 00:00:00 +0000 https://unorde.red/autonomous-systems/ This article assumes basic knowledge of IP and CIDR. The internet is made up of a huge number of networks. These networks are owned by many different entities in many different countries, who each control one or many IP prefixes. The IANA and the internet registries under it allocate the prefixes. But how are these networks identified, and how does traffic flow between them? An autonomous system is collection of IP prefixes controlled by a single entity. https://unorde.red/cidr/ Mon, 09 Oct 2017 00:00:00 +0000 https://unorde.red/cidr/ This article assumes the reader has basic knowledge of IP. IP defines the IP address, and the packets that are sent across networks. However, it doesn’t state how the packets are routed. What happens when a packet arrives at a router? The only information the router has is the destination address. If it isn’t directly connected to the machine hosting this address, how will it know where to send the packet? https://unorde.red/ip/ Sun, 08 Oct 2017 00:00:00 +0000 https://unorde.red/ip/ The Internet Protocol is responsible for moving data across network boundaries. How does it do this? Addressing To route data on a multi node path from one machine to another, it is necessary to uniquely and deterministically identify the source and destination machine (it should be noted that this idea is abused a lot in the wild). IP does this by defining a numerical IP address. For IPv4, this is a 32 bit number (e. https://unorde.red/hashwalk/ Fri, 29 Sep 2017 00:00:00 +0000 https://unorde.red/hashwalk/ Hashwalk is an exercise in futility. It attempts to mount a preimage attack on a cryptographic hash function by using local search. This is essentially a poor man’s differential cryptanalysis. A good, general purpose cryptographic hash function should exhibit the avalanche effect. This means that a small change in the input (e.g. a single bit flip) results in a large change in the output (e.g. approximately half of the bits being flipped). https://unorde.red/overthewire-bandit/ Sat, 10 Jun 2017 00:00:00 +0000 https://unorde.red/overthewire-bandit/ Today I finished the Bandit wargame at OverTheWire. It was a lot of fun! It’s aimed at players looking to become familiar with the command line and basic linux tooling. I got to use a lot of utilities from coreutils that I didn’t even know existed. I was familiar with nearly all of the concepts touched on in the levels. Despite this, I still managed to get stuck several times. Understanding the concepts on a higher level often isn’t enough – sometimes you really need to understand the utility intimately to get the job done. https://unorde.red/character-encoding-refresher/ Mon, 20 Mar 2017 00:00:00 +0000 https://unorde.red/character-encoding-refresher/ Sometimes I forget the details on different character encodings. Maybe you do too. Unicode Unicode is a standard designed to facilitate consistent encoding and representation of text. Unicode encodes graphemes to code points, where a grapheme is the smallest unit of a writing system of a language. A code point is a number. So Unicode by itself is not enough to store text on a computer, since the way that the code points should be stored in memory is not defined. https://unorde.red/topological-sorts/ Sun, 12 Mar 2017 00:00:00 +0000 https://unorde.red/topological-sorts/ Detecting and finding cycles in directed graphs are common problems in graph theory. A while back I was looking for an algorithm to detect whether a graph had a cycle or not, and it turns out there are a lot of different ways to approach this. Ultimately, the best method to use will probably depend on why you’re looking for cycles, and what you want to do with them (or their absence). https://unorde.red/spring-pathvariable-dots-failed-exception-handling/ Thu, 12 Jan 2017 00:00:00 +0000 https://unorde.red/spring-pathvariable-dots-failed-exception-handling/ If you use Spring Boot to set up an endpoint using @RequestMapping with a @PathVariable at the end of the request URI, you might run into several quirks if this path variable happens to include a dot. For example, consider the following mapping: @RequestMapping(value = "/api/resource/{id}", method = RequestMethod.GET) @ResponseBody public Resource getResource(@PathVariable("id") final String id) { final Resource resource = resourceService.findById(id); if (resource == null) { throw new ResourceNotFoundException(); } return resource; } This mapping returns a Resource object in the response body, which is serialized to JSON using Jackson2. https://unorde.red/lattices-and-sphere-packings/ Sun, 11 Dec 2016 00:00:00 +0000 https://unorde.red/lattices-and-sphere-packings/ This article assumes basic knowledge of linear algebra and group theory. What is a lattice? Good question. First, we’ll need to define some concepts. Definitions When we think of the word lattice, we most likely envision some kind of spacial structure. The faces of a crystal, or the metal beams of a bridge that form a repeating pattern of shapes. Using mathematics, we can distill this structure down to a periodic arrangement of points in some \(n\)-dimensional space. https://unorde.red/avr-programming/ Tue, 11 Oct 2016 00:00:00 +0000 https://unorde.red/avr-programming/ Written by Victor van Poppelen. The Arduino Nano The Nano is a very simple board, essentially just an AVR MCUwith an FTDI chip for communicating over USB. On the top left of the schematic1 is the pinout of the board, and in the centre is the pinout of the AVR chip (an ATmega328 or ATmega328p)2. You can follow the pins to various components, and/or directly to the pins of the board itself. https://unorde.red/what-is-diffie-hellman/ Tue, 15 Mar 2016 00:00:00 +0000 https://unorde.red/what-is-diffie-hellman/ This article assumes knowledge of basic group theory, and basic asymptotic complexity (big O notation). For efficiency reasons, most encryption used on the internet and elsewhere is done using symmetric-key algorithms. A symmetric key algorithm uses one key for both encryption and decryption. This requires the sender and receiver to share knowledge of a secret key. For two parties who have never communicated securely before, this is a non-trivial problem. How does one establish a shared secret using insecure channels? https://unorde.red/styling-machine-schedules-in-latex/ Sat, 23 Jan 2016 00:00:00 +0000 https://unorde.red/styling-machine-schedules-in-latex/ Recently I worked on a project about the Job Shop Problem, and came across the need to visualize the machine schedules that were being generated. A quick search revealed the type of diagram I was looking for to be the Gantt chart. There’s a lot of tools that can produce these kinds of charts from data, like this python script in combination with gnuplot. However, I wasn’t looking to make a chart from data, and preferred to do it inside LaTeX, without embedding any images (to be fair, gnuplot is capable of outputting latex markup – but it seemed quicker to do myself). https://unorde.red/microcorruption-ctf-hollywood/ Sun, 20 Dec 2015 00:00:00 +0000 https://unorde.red/microcorruption-ctf-hollywood/ This is my writeup for “Hollywood”, the very last level on the Microcorruption CTF. Like usual, if you haven’t already solved it or given it your very best shot, you should stop reading and go do that now. This level doesn’t have any clever tricks, it just takes perseverance. Intro The introduction text reveals two things. One is randomization, and the second is that there are no hardware modules attached. If this lock is to open using a valid password, it means that the password is checked within the binary, and thus the password must also exist somewhere in the binary. https://unorde.red/microcorruption-ctf-chernobyl/ Fri, 18 Dec 2015 00:00:00 +0000 https://unorde.red/microcorruption-ctf-chernobyl/ This is my writeup for “Chernobyl”, the second to last level on the Microcorruption CTF. Like usual, if you haven’t already solved it or given it your very best shot, you should stop reading and go do that now. The input This binary is pretty big compared to previous levels. There’s a lot more functionality, and I spent a fair bit of time getting acquainted with the program. I first stepped through some test inputs to see what was going on. https://unorde.red/microcorruption-ctf-lagos/ Tue, 15 Dec 2015 00:00:00 +0000 https://unorde.red/microcorruption-ctf-lagos/ This is my writeup for the “Lagos” level in the Microcorruption CTF. It goes through my (naive) thought process and my initial solution. If you haven’t already solved it or given it your best shot, you should probably stop reading and do that first. The filter This level takes your input from the heap, and filters out non-alphanumeric characters before copying them to the stack. As soon as a non-alphanumeric character is reached, the copying stops. https://unorde.red/microcorruption-ctf-bangalore/ Mon, 14 Dec 2015 00:00:00 +0000 https://unorde.red/microcorruption-ctf-bangalore/ This is my writeup for the “Bangalore” level on the Microcorruption CTF. If you haven’t already solved it or given it your best shot, you should probably stop reading and go do that first. This level introduces the concept of DEP, or Data Execution Prevention. You can read a lot about DEP elsewhere, but the gist of it is in the name—it prevents instructions from being executed in certain areas of memory. https://unorde.red/particle-swarm-optimization/ Wed, 15 Jul 2015 00:00:00 +0000 https://unorde.red/particle-swarm-optimization/ Particle swarm optimization (PSO) is a local search metaheuristic. It was initially developed by Kennedy, Eberhart and Shi in the late 1990s, and was meant to simulate social behaviour such as birds flocking to a promising position in a multi-dimensional space. A simplified version of the algorithm was found to perform optimization, which led to its adoptation as a local search algorithm. The algorithm is easy to implement, and makes very few assumptions about the problem. https://unorde.red/0/ Sun, 21 Jun 2015 00:00:00 +0000 https://unorde.red/0/ Hi, I’m Alex and I’ll be writing about stuff that I’m interested in. Right now that includes algorithm design, cryptography, infosec and data mining, but that may change in the future. I’m not the best at keeping a blog going, but we’ll see how it goes this time. https://unorde.red/about/ Mon, 01 Jan 0001 00:00:00 +0000 https://unorde.red/about/ Hi, my name is Alex van Poppelen. This is my digital space, where I write about things that interest me. I’m a Senior Software Engineer at Google. I work on Google’s network infrastructure. I’ve worked as an SRE, on DNS, load balancing, traffic engineering, security and a lot of data and configuration pipelines. Before Google, I completed an M.Sc. in Computer Science where I wrote my thesis on the intersection of coding theory and lattice cryptography, followed by a short stint in the security and identity management industry at a small scale-up. https://unorde.red/archive/ Mon, 01 Jan 0001 00:00:00 +0000 https://unorde.red/archive/ https://unorde.red/now/ Mon, 01 Jan 0001 00:00:00 +0000 https://unorde.red/now/ Last updated January 2023. I recently moved back to Kelowna, BC, Canada, after about 14 years away. It’s changed! But in other ways, it also hasn’t. 2022 was a very good year for me, full of friends, enriching experiences and big changes. It’s bittersweet to have closed the chapter on London. I’ll always look back fondly on my five years there. So what’s next? Now that my personal life is settling down, I’m starting to think more about my career.