Site Sections
Posts
16
Comments
24
Trackbacks
0
Tuesday, August 19, 2008
Compression and Encryption

Implementing applications that communicate over the wire imposes many challenges to the developer. You suddenly have to think much more about the security and performance of your application. To protect data from unauthorized use, we can encrypt it. In .NET, classes that deal with cryptography were available since the first release. In order to improve the performance while transferring data over low-bandwidth channels, we'll compress it. Fortunately, classes that help us with compression has been shipped with the .NET Framework since version 2.0. In many cases, we want to compress and encrypt data at the same time. Moreover, they're all based on streams, so it's very easy to plug them together as demonstrated by the following code snippet:

using System;
using System.IO;
using System.IO.Compression;
using System.Security.Cryptography;

class Program
{
    static void Main(string[] args)
    {
        using (FileStream inputStream = new FileStream(@"D:\Desktop\blog.xml", FileMode.Open))
        using (FileStream outputStream = new FileStream("Output.out", FileMode.CreateNew))
        using (DeflateStream compressor = new DeflateStream(outputStream, CompressionMode.Compress))
        using (CryptoStream encryptor = new CryptoStream(compressor, 
            new RijndaelManaged().CreateEncryptor(), CryptoStreamMode.Write))
        {
            byte[] buffer = new byte[2048];
            int count;
            while ((count = inputStream.Read(buffer, 0, buffer.Length)) != 0)
                encryptor.Write(buffer, 0, count);
        }
    }
}

As you can see, the output of the encryption algorithm is passed to a compression stream and it outputs it to a file. This code works correctly, but is it the ideal way to do so? The answer is no. It's not the correct way of doing so. There's an important thing you should make sure of when you're compressing and encrypting data in general. You should compress data before encryption. Why? Let's take a high level look at how they work. Most compression algorithms are based on recognizing redundant patterns in the input and replacing them with smaller tokens. They usually use Huffman coding in some way to accomplish this task. Achieving a good level of compression is all about good level of pattern recognition. Compression ratios also depend on the nature of input data since if there are no redundant sequences, there'll be nothing to replace. A characteristic of a good encryption algorithm is that you should not be able to distinguish its output from random data. After all, it's their goal to ruin every possible pattern in the output. Did you notice a theme here? The output of a good encryption algorithm is the worst input you can feed to a compression algorithm! Compressing encrypted data usually increases its size. The above code should be written as:

using (FileStream inputStream = new FileStream(@"D:\Desktop\blog.xml", FileMode.Open))
using (FileStream outputStream = new FileStream("Output.out", FileMode.CreateNew))
using (CryptoStream encryptor = new CryptoStream(outputStream, 
    new RijndaelManaged().CreateEncryptor(), CryptoStreamMode.Write))
using (DeflateStream compressor = new DeflateStream(encryptor, CompressionMode.Compress))
{
    byte[] buffer = new byte[2048];
    int count;
    while ((count = inputStream.Read(buffer, 0, buffer.Length)) != 0)
        compressor.Write(buffer, 0, count);
}

This is essentially the same code snippet with the order of encryption and compression reversed. I compared the size of the output file generated by running different methods on a 44KB XML document:

Original document 44KB
Compressed only 12KB
Encrypted only 45KB
Compressed then encrypted 12KB
Encrypted then compressed 68KB

It'll make a huge difference if you switch the order of encryption and compression. Never compress encrypted data. It's basically useless.

posted @ Tuesday, August 19, 2008 5:16 AM | Feedback (0)
Monday, August 11, 2008
Visual Studio 2008 and .NET Framework 3.5 Service Pack 1 Released

The past few days have been terrific from a .NET developer standpoint. To make devs have more fun, Microsoft just shipped the final release of Visual Studio 2008 and .NET Framework 3.5 Service Pack 1which is much more than a simple update. There are some new features in areas such as WPF, data abstraction, ....

Another thing that's worth mentioning is the availability of .NET Client Framework which is a stripped down version of the full .NET Framework (just like J2SE/J2EE). It helps deployment of client applications by reducing the framework's footprint.

You can download the service pack here.

posted @ Monday, August 11, 2008 12:58 PM | Feedback (0)
Thursday, August 07, 2008
SQL Server 2008 is out!

After the long wait (well, not as long as 2000-2005 wait) Microsoft finally released SQL Server 2008 to manufacturing.

SQL Server 2008 is built upon the solid and well-celebrated SQL Server 2005 foundation and adds many new features specially tailored for the newest trends in the industry. My favorite is the spatial data type support. SQL Server is now much more suitable for GIS applications. For example you can now natively write queries to find the cheapest gas station in 5 miles! Ain't it amazing?

I'm currently considering to migrate some of our about to release projects to SQL Server 2008.

Long ago, I skimmed the new features of SQL Server 2005 and I'm planning to write a summary of cool new features in SQL Server 2008 soon.

You can download SQL Server 2008 RTM Trial here.

By the way, SQL Server Express is now available in native x64 version (previously, it had to be run under WoW64 subsystem).

At the end, I want to thank SQL Server team at Microsoft that did a great job providing a high quality (SQL Server 2008 is really stable and well-tested) release.

posted @ Thursday, August 07, 2008 2:26 AM | Feedback (0)
Monday, August 04, 2008
Monolingual - Remove Unnecessary OS X Resources

Mac OS X is a bloated operating system. When an operating system wants to support different architectures and different languages all in the same software package, on the same disk, it has no other choice to duplicate resources for different CPU architectures and different languages. It cannot do magic so it takes up your valuable disk space (it's specially valuable if you're using a MacBook Air with a Boot Camp partition, not to mention the 64GB SSD version).

Fortunately, there's a solution for this problem that will effectively free up your disk space by removing unnecessary languages, keyboard layouts and binary code from you applications and the operating system.

An open source project named "Monolingual." does the task painlessly and reliably. I haven't had any problems with it so far.

posted @ Monday, August 04, 2008 3:03 PM | Feedback (0)
Blog, Blog Server, Blog Client

When I was going to start this blog, I was looking for a good blog engine to run. I looked at several .NET blog engines and I couldn't find one suitable for a personal blog. Most of them are offering much more functionality than I need for a simple blog. I preferred a simple, elegant blog engine and none of them offered this simplicity and elegance. Even the Persian blog engine I personally wrote which will hopefully be released soon, doesn't bring the simplicity I liked. In fact, it's not their fault. They have to be full featured engines supporting many users, multi-author blogs, user customizable templates and much more. I want to have full control on my blog so free blog providers were out of choice. I decided to write a very light and simple blog engine myself for my personal use. Since I didn't have spare time to do so, I decided to install community server and use it for a while until I write my own engine. I haven't had enough time to do so yet and I'm still going with it. As I remember, community server was started from ASP.NET forums open source project by a then-Microsoft employee named Rob Howard (I remember he was mostly the ASP.NET caching guy) who left MS and started to develop community server. From a simple forum project, it grew to support blogs, gallery and much more for a multi-user environment and now it's really a big project. As a side note, I remember many of the ideas and patterns that are now part of ASP.NET itself started from that forums project (like roles, membership, data provider pattern, etc.).

I hate writing blog posts in a browser. I like Windows Live Writer very much and I really wish there was a similar thing on Mac OS X for free. If I have enough time, after I wrote my light blogging engine, I will write a blogging client for Mac OS X Leopard and possibly iPhone OS 2.0.

By the way, I know this blog looks like crap in Firefox. It has something to do with the theme used. I don't know if it was broken from the start or I broke it. I primarily use Safari on Leopard and IE7 on Vista and it looks OK on them. I agree this is unprofessional but it doesn't worth fixing as I want to rewrite the engine from scratch. I promise I'll support Firefox on my own engine. Until then blame everything on community server guys :)

posted @ Monday, August 04, 2008 12:57 PM | Feedback (0)
Friday, July 25, 2008
Windows Vista and Disaster Recovery

Windows Vista is a great operating system. In fact, it's the best full-featured client operating system I've seen (after working with different versions of Windows, Linux, and Mac OS X for my day to day tasks). I believe Leopard is a better general purpose (read: for dumb people, aka users) OS but if you need to do something serious, nothing comes close to Vista. What I don't get is how people compare it to XP. In my opinion Vista is a MUCH better operating system than XP. I can't stand working with XP at all. It seems even slower if you have more than 2GB of RAM. Vista is a nice OS, though it has its own problems and I should admit it's far less than expectations.

I didn't want to continue OS wars here in this post. I want to talk about the nice system recovery features in Windows Vista which is really great if you run into disasters. My desktop PC is powered by a Core 2 Quad Q6600 processor, 4GB of RAM, and 2x500GB hard disks configured as a 2x400GB RAID 0 and 2x100GB RAID 1 volumes. It runs Windows Vista x64 on the RAID 0 volume.

To improve performance, I had activated the advanced write back caching on the system drive.

In the past few weeks, we've experienced lots of power outages (one more reason get out of Iran as soon as possible). Once, I turned my PC on after a power failure and an unfriendly black screen told me that your registry file is corrupted. The system couldn't boot anymore.

A nice less advertised feature of Windows Vista came to help, I inserted the DVD and booted into it. Got into recovery options and it automatically started startup repair. Apparently, it issued a chkdsk command, checked the filesystem and replayed the journal. It rebooted, the same error popped up again. I booted into the DVD once more and it gave me the option to use system restore to recover the system. I restored to the latest restore point available and after a few minutes, the system booted happily. It saved lots of hassles.

Windows Vista is really improved in the area of system recovery. In fact the shadow copy feature has saved my data several times. Once it was 10GB of data on an external HDD which I had just shift-deleted! It's really a great and useful feature. Unlike the well advertised Time Machine on Leopard which is nothing more than a very simple backup application with a fancy, useless user interface, that is kinda just a demo of CoreAnimation framework, previous versions is a real new feature that really works. I'm not the kind of person that has enough hard disks to do all my backups. Previous versions give me exactly what I want at no extra cost and it's one of the features I can't live happily without. As a friendly advice, turn it on all drives. It'll help you when you least expect it!

posted @ Friday, July 25, 2008 2:12 PM | Feedback (0)
Google Bomb against University of Tehran

I, as a very frustrated student of the University of Tehran and stupid instructors there, had to figure out a way to express my feelings. Since there are many other guys and gals around who have more or less equivalent feelings, I came up with the idea of a blog (named UT-Haters, after Linux hater's blog and UNIX haters handbook) and initiating a Google bomb on phrase "University of Tehran" to reference that blog. I'm pretty sure it's gonna be a litttle fun!

posted @ Friday, July 25, 2008 1:21 PM | Feedback (0)
Sunday, July 20, 2008
How to run unsigned apps on your jailbroken iPhone OS 2.0

UPDATE 2: Don't use this guide, my "ldid" version was old and it didn't work. You can also use this nice article to enable build and go support in Xcode, just like you've had an official development cert!

UPDATE: It's been said that this method breaks unsecured WiFi connections. I've not tried it since I'm on WPA2 (tell me if it does or not). Do it on your own anyway. In fact, there's a better method using "ldid" (apt-get install ldid) that generates executable hashes or something and allows it to run correctly. You should run "ldid -S executable". I couldn't make it work though. It always pops out an error message for me.

You can run unsigned apps you develop using Xcode on your jailbroken iPhone OS 2.0 device. You'll need SSH installed and running on your iPhone.

This technique relies on disabling signature check by means of altering a kernel config with sysctl (Note that I don't deserve any credit for the job, all the credit goes to saurik, I just came up with a LaunchDaemon for it).

To be able to run unsigned apps, you should run this command as root on your iPhone:

sysctl -w security.mac.proc_enforce=0 security.mac.vnode_enforce=0

The parameters will be reset after a reboot, therefore we'll make up a launch daemon to set the parameters at every boot:

To do so:

nano /Library/LaunchDaemons/com.mehrdadafshari.iphone.autostart.plist

Paste the following:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">

<dict>
    <key>Label</key>
    <string>com.mehrdadafshari.iphone.autostart</string>

    <key>RunAtLoad</key>
    <true/>

    <key>ProgramArguments</key>
    <array>
        <string>/etc/rc.local</string>
    </array>
</dict>
</plist>

Save and exit (Ctrl+X,Y,Enter).

nano /etc/rc.local

Paste the following:

#!/bin/sh

/usr/sbin/sysctl -w security.mac.proc_enforce=0 security.mac.vnode_enforce=0

Save and exit (Ctrl+X,Y,Enter).

chmod +x /etc/rc.local

reboot

You're done! Copy your app developed using Device profile in Xcode (build/Debug-iphoneos/AppName.app or Release-iphoneos/AppName.app) to /Applications with SSH and run it, you have to kill SpringBoard to make it show up on the iPhone.

scp -r MyApp.app root@iphone.local:/Applications

ssh root@iphone.local 'killall SpringBoard'

I think you can put them as custom build actions in the Xcode tools and make them run everytime you build!

Have fun developing iPhone apps and keeping your $99!

posted @ Sunday, July 20, 2008 1:39 PM | Feedback (1)
Tuesday, July 15, 2008
Intel Launched "Centrino 2" Mobile Technology

Intel launched the new revision of its Centrino mobile platform! It's built on Intel 4 Series Express chipset and supports WiFi-n and WiMAX wireless technologies. It is said that a new wireless adapter supporting WiMAX and WiFi will be available in the second half of this year. A key technology in the new chipset series is the addition of something similar to what we've seen in some laptops such as "Sony VAIO SZ" series which Sony calls hybrid graphics system. It allows laptops to have a dedicated graphics processor while being able to switch to an integrated graphics chip to conserve power. Intel has also announced a new line of faster, more power-efficient processors, the fastest of which is X9100 chip which is running at 3.06GHz clock speed and has a 45W TDP. The greatest thing is the availability of the first mobile quad-core processor in the next 90 days!

Intel is a very innovative company. They make really great products! Go on Intel!

posted @ Tuesday, July 15, 2008 7:09 AM | Feedback (0)
Friday, July 11, 2008
Free US iTunes Store Account

Following the release of iTunes 7.7 software and the long-awaited AppStore for iPhones and iPod touches, I decided to download some apps to get prepared for iPhone OS 2.0 update. The first app I decided to download was the Apple provided "Remote" application which allows you to control iTunes on your systems remotely over WiFi using your iPhone or iPod touch and it even supports AirTunes! When I clicked Get App, I found out that just like music tracks, you should have an iTunes account to be able to download the apps, even free ones. So I decided to figure out how to open an iTunes account. The problem is when you want to open an account in iTunes, it requires you to provide billing information (valid credit card or paypal) to successfully register, therefore, it's necessary to have a credit card registered in the store's country (which I did not have). The trick is to fool the iTunes store using a redemption code. If you have an iTunes gift card and provide it at the time of registration, it will allow you skip the credit card part. Since buying a gift card is not the best solution, you should find a free redemption code and use it instead. I found one at www.tunecore.com/freealbum. Just enter this code at the registration page of the US iTunes Store and select None as the payment method. Just fill in the info (I think you should make sure ZIP code and state match) and you're done!

Enjoy downloading apps from the App Store and weekly freebies!

posted @ Friday, July 11, 2008 3:40 PM | Feedback (2)
Archives