A lot of cool stuff
A disorganized engineering talk
by David Awad
davidawad.com
What is that cool stuff?
Traffic: Basically snail mail, but with 65,535 mailboxes at your house.
Traffic
Computers talk to each other!
They speak in multiple languages called protocols. Protocols have to be “heard” on ports.
The kernel manages all of a machine’s ports that can be reserved by different processes on the computer.
Even if someone knows your address, the mail has to go into a mailbox (or port), sometimes you can make that decision but usually you won’t have to!
HTTP: it’s good enough
HTTP: Hypertext Transfer Protocol
This is probably the most popular protocol ever created; developed by Tim Berners-Lee at CERN in the 1980’s.
“Hypertext is structured text that uses logical links between nodes containing text.” HTML for example is the Hypertext Markup Language that determines the structure and design of a web page.
HTTP is the protocol through which we exchange or transfer hypertext.
The HTTP protocol is usually “spoken” over port 80.
HTTPS:
forget what we said before
It’s not safe at all
HTTPS: Hypertext Transfer Protocol Secure
The innovation was to encrypt the http messages using SSL (Secure Sockets Layer) and later on TLS (Transport Layer Security). The connection is made secure through symmetric cryptography.
This way if someone were watching communications as they went from my house to paypal, they wouldn’t understand what information was being exchanged. So your credit card numbers for online purchasing are safe! (watch out for quantum computers tho)
HTTPS is a different protocol and so it defaults to a different port, 443.
TLS and SSL : Putting the ‘S’ in Trust.
So why would you trust a website? How do you know you’re not being tricked?
When you visit a website it presents something called a certificate (that verifies the ownership of a public key) that validates that you’re talking to who you think you are. Companies that own websites request to get these certificates from an entity called a Certificate Authority.
CA’s can also verify other CA’s.
So you can have chains like this =>
Torrents:
share files. fast.
Torrents:
Torrents are a peer to peer method of file sharing across the internet.
A file is broken into chunks and shared among a group of computers called the swarm.
There are 3 types of machines in a torrenting environment.
Trackers, seeders, and leechers.
Torrents:
Trackers:
Trackers provide a record of who (as in IP’s) have a particular file.
Seeders: servers uploading chunks of the desired file to be downloaded by other machines in the swarm.
Leechers: machines downloading chunks in the swarm
VPNs:
Because Spies.
VPN: Virtual Private Networks
A Virtual Private Network allows you to hide your traffic from your ISP.
This happens by your traffic being again encrypted between you and your VPN, and then having your traffic be outbound from the VPN on your behalf.
You would probably do this if you were doing a lot of illegal downloading wanted to keep your information private from your ISP.
TOR: routing through other nodes on the internet.
Tor: The Onion Routing protocol
Tor directs internet traffic through a free, worldwide, volunteer network consisting of more than 7,000 relays to conceal a user’s location and usage from anyone. (that includes network surveillance or traffic analysis.) Using Tor makes it difficult for internet activity to be traced back to the user.
This is useful because it makes it hard to be traced.
You can access the tor network by downloading the tor browser.
Tor: other crap that comes up
Deep Web: This refers to computers that exist on the internet that aren’t indexable by search engines.
Dark net: a small portion of the deep web that is intentionally hidden and made to only be accessible via tor.
http://dppmfxaacucguzpc.onion/ is a directory of darknet sites that you can check out in a TOR browser.
bitcoin:
Because Centralized Banking.
Bitcoin: decentralized p2p currency
A bitcoin is the first virtual currency that is completely decentralized over a p2p protocol that therefore cannot be regulated by any central authority.
It’s “impossible” to create fake bitcoins or create new bitcoins through tricking the protocol.
More specifically; “a type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, while operating independently of a central bank.”
Bitcoin: decentralized p2p currency
So bitcoin works in the following way, let’s say you have Alice and Bob who want to send money to each other. You start by having alice declare to the world.
“Alice is sending bitcoin 82303348 to Bob.” She then encrypts this message with her private key and sends it out to everyone on the bitcoin network.
Everyone receives this message, including Bob. When bob gets this message, he knows that Alice sent the money. But it gets more tricky than just that. So each bitcoin is actually indexed.
When this message is received, everyone adds it to their copy of a public ledger of all bitcoin transactions.
Bitcoin: p2p transaction validation
As other people on the network hear that message, each adds it to a queue of pending transactions that they’ve been told about, but which haven’t yet been approved by the network.
David checks his copy of the block chain, and can see that each transaction is valid. He would like to help out by broadcasting news of that validity to the entire network.
However, before doing that, as part of the validation protocol David is required to solve an intentionally hard computational puzzle – the proof-of-work. Without the solution to that puzzle, the rest of the network won’t accept his validation of the transaction.
Bitcoin: what’s the puzzle? proof-of-work
The puzzle to be solved, is something like the following.
Let h() be a fixed hash function known be everyone. (SHA-256 for Bitcoin)
Suppose we add a fixed value x=0 to a block of transactions L in a peer’s queue.
h(L+x) = out
h("Hello, world!0") = � 1312af178c253f84028d480a6adc1e25e81caa44c749ec81976192e2ec934c64
h("Hello, world!1") = � e9afc424b79e4f6ab42d99c81156d3a17228d6e1eef4139be78e948a9332a7d8
The puzzle solution might be to find a value of x that creates 4 consecutive zeroes at the beginning of the output value.
Bitcoin: what’s the puzzle? proof-of-work
The puzzle solution might be to find a value of x, or a nonce that creates 4 consecutive zeroes at the beginning of the output value.
h("Hello, world!4250") = � 0000c3af42fc31103f1fdc0151fa747ff87349a4714df7cc52ea464e12dcd4e9
The protocol can of course control the difficulty of the puzzle.
Instead of requiring leading zeroes, the Bitcoin proof-of-work puzzle requires the hash of a block’s header to be lower than or equal to a number known as the target. This target is automatically adjusted to ensure that a Bitcoin block takes, on average, about ten minutes to validate.
Bitcoin: the process of mining
If a suitable nonce is calculated, then the peer can send this value out to the network, the nonce can be checked very quickly, and if it’s legitimate, then the transaction can be added to the blockchains of the peers that are receiving this notice. This proof-of-work is incentivized by offering money to those doing the validating.
A weird forking merkle tree is used to deal with blocks being validated at the same time. The double spend problem is eventually resolved depending on which “fork” of transactions is resolved first.
Bitcoin: any questions?
Docker: because this talk needed more complexity.
The Container Model
Container Engine
Operating System
Kernel
A container is an isolated environment where a particular process can be run, and is guaranteed to work consistently across any platform that supports them.
The Docker Model
Container Filesystem
Filesystem
Docker Engine (virtual machine)
How it probably works is by creating a process that has used chroot.
With the process in this “isolated” environment it downloads relevant resources specified in the container file.
In our case it could be a dockerfile.
How are containers “composed”?
“Composing” containers really just means running a bunch of them at the same time.
This can be really powerful for quickly deploying and testing apps and environments.
Let’s look at some code
Let’s run mongo with docker! Install: https://docs.docker.com/docker-for-mac/
docker pull mongo
docker run --name mongo-hacknight -p 0.0.0.0:27017:27017 -d mongo
We can use docker-compose to setup a cluster of containers with a bunch of dockerfiles all running our different services too!
Any questions?