Since Snapchat became available in Denmark, I think it was late 2011 maybe early 2012, I have been a user and since 2005 I have had a facebook account. I have actually had two, the first was deleted for some reason, so my current one is from 2008 and I have been using it almost religiously ever since then, both on my computers and mobile devices.
One of the things that comes with social-networks in general is notifications and the expectations from your affiliations. That is one of the few things I have detested from the beginning. I started disabling notifications in all social network applications I used such as Instagram, Twitter, Facebook. The only communication tools I have were I still had notifications enabled is Facebook Messenger and SMS. However, that did not remove the always available expectation from my affiliations. The app that surprised me the most was Snapchat, everyone expected me to answer with in a few minutes, even during my school/work days, and certain persons continuously got angry with me for not responding.
Then, last summer I got a new phone and I decided to not install Snapchat, delete my account, and not tell anyone, after a week one of my friends sought me out and actually started yelling at me for not responding to her snaps. I told her I had uninstalled the App and deleted my account because she and others expected my constant availability. She got even more angry with me and didn’t speak to me for months. This kind of behaviour was a result of how integrated instant communication have become in our daily life. So I have decide to completely stop using Snapchat, I have added a public statement on my facebook profile for all my friends to read that I am no longer using Snapchat.
Now the Facebook App, I am a member of several groups on facebook where Magic the gathering, Linux, and BSD is discussed. The tone in these groups the tone got extremely rough and often the discussion turned into personal attacks instead of a discussion of the actual topic. This annoyed me so much, but due to the facebook mobile app I had constant access to this flow of negativity and often it actually put more stress on me than I thought. I discovered this because I accidentally deleted the facebook app and forgot to reinstall it, and I slowly became more relaxed and a positive. So for this reason I have decide to keep that App uninstalled as well.
So for quite some time I have had an issue with my book collection and that problem is simply that it has gotten out of hand. I no longer have a full overview over what books I have, who have lent what, and what I actually what I thought about all my books.
For some time I tried to use Delicious Library 2 and 3  by delicious monster and I have been quite happy with it for a long time. But unfortunately the prices is more than I am willing to pay for what for me essentially was a library system. I looked for open source alternatives, but most was either too complex to use, required custom building of the software, and most required me to have a server running. None of which I was interested at the time. Another issue is that most of the open software solutions out there were developed with the intent of being run in a full library setting, integrating with identification system, I also did not want to use. I did find a solution at one point called books which was all what I wanted but it is unfortunately no longer maintained. I finally ended up using Good Reads  started by Otis Chandler and Elizabeth Khuri, now owned by Amazon. However, it has a lot of faults, firstly I couldn’t create a account without a Facebook account and the site is extremely slow, it also have a lot of features I never use, and a lot of features I am missing.
Due to the above mentioned reasons I have for a while wanted to implement my own system, and I have from the start wanted to call it Alexandria, after the Library of Alexandria.  I have started the implementation, dropped it, and started again over and over again. Because I couldn’t decide on the correct technologies to use, where my main problem was what to use for the frontend user interface and for the programming language on the backend.
The reasons for my indecision on the programming language for the backend, is that I over the past two to three years have run into so many programming languages that I wanted to learn and try, that I simply could not decide between one I knew or one to learn. One of the longest running contestants have been Rust , but I simply had to realise that Rust is a programming language of epic proportions, but I simply do not have the time at the moment to learn to use it for more than a system programming language. Another contender was Go , I like the structure of Go and how it feels like C, but does not want to kill you pointers (I like pointers). But I also through my experience at Chocolate Cloud, realised that Go may not be ready for such as system and the way Object Oriented Programming (OOP) is done in Go I don’t really like and this is purely from a syntax and structure perspective. As these are just two of the language, you can see that I have had some problems deciding. I have come to the decision using either Ruby  or Python . Most who know me in person, will know that of the programming languages I have ever tried, Ruby will for ever be my greatest love, it is actually one of the reasons this blog uses Jekyll and not Pelican. But that is simply not fair to use as an argument for choosing it for this project. Also I have some experience developing similar systems in Python, so Python makes more sense. So the plan is as follows, use Python until I am done with PhD afterwards I may switch to another language, I may even write a few parts of Alexandria in other languages just to test the out, sound idiotic but HEY! my project. My issue on the frontend is that I do not really know what is good and what is crap, the only thing I know is that I don’t really like Angular. However, after reading about different libraries and frameworks, I have come to the conclusion that I will be using Vue.js 
So what I will be using is Python, Vue.js, and I will design the system to be usable with multiple database backends.
The system will be developed incremtially and when I have time, and I will release it under either the BSD-3 software license haven’t decide yet.
Hope you will follow the development on gitlab .
Continuing my ramblings about being a PhD. This post will include thoughts on courses I have to take, the stress levels, and why the hell I am doing this.
So first of status, I have submitted my first paper for a conference and I have start working on base demonstration for the project I am working on. Though I still cannot go into details about the project. I have also hosted my first teaching session. At the moment I am attending to courses and acting as teaching assistant for certain parts in another.
SO! Courses, I am following the two courses; Science Teaching and Research Integrity, the first being mandatory at the faculty for Science and Technology. The first course aims to teach new PhD Students how to activate students to become better students, how to provide feedback both to students and courses holders, and how to assess students. I like the course as does provide information about teaching which I had no previous knowledge of and it has helped me develop a lab exercises for the course I am teaching assistant in, called Distributed Storage. However, as I am a former undergraduate and graduate student, a lot of the course is also self explanatory. One thing I do like a lot is that the courses holders utilise the tools and techniques we are taught in the course, to teach us and thereby, provide a practical illustration of how to use a given tool or technique. For the course Research Integrity, the purpose is to teach PhD’s to conduct ethical and good research whilst maintaining a high standard for how the research is conducted and how you avoid bad research, it covers the rules and code of conduct which helps you have research with a high level of integrity. Do recent scandals of bad research ethics in Europe, Japan, and the USA I see this course as highly relevant and it provides a good guideline for how to act and conduct your research. It also outlines the grey areas and how those should be navigated. All in all I am very satisfied with both courses.
Next, I will talk a bit about being a teacher assistant. As I have been employed by Steinwurf ApS, the guys who make the software library Kodo, my supervisor thought it a good idea that I gave a small introduction lecture and hosted an exercise session on kodo-python. Now, I hate teaching, but the entire process from planing the lecture and exercise session, what content I wanted to cover, formulating the exercises, and presenting the lecture, was very interesting and I found that I didn’t mind teaching in a small class room based setting, with few students, though most of my colleagues came to watch. It was also very good for me see that students also listen, though some could have been better, but couldn’t they always :p However, one thing I had/have a giant problem with, was getting the software library to build on the students different operating systems, which was a pain in both the students and my buttocks. Therefore, I have decided that the next time I do this course/lecture the I will provide the students with a virtual machine containing all the data and tools they need.
STRESS!!! So, I have tried to handle stress as a student for almost a decade now and the it has not become easier as a PhD student, it has however become different. As a normal student you fear not reaching a deadline in 6 months or failing an exam. As a PhD student, I have had weekly deadlines, which if I did not meet them, I would have been in trouble with the department. This puts a hold new level of stress on me and my colleagues, which I luckily expect as I had talk to former PhD students. But, for some reason I do not feel as stressed as I did as a student. The ability to almost 100% control my own time helps a lot and does defuse the issue a bit. So stress levels are high, but much more manageable.
One of the questions I get the most and actually continuously get is; You where offered real money, a real job(s), why take a PhD? Simple, I liked the project, that is the reason I pursue a PhD. I have no intent of academic career, but I would like to work in R&D later in life.
That is it for now
In December 2017, I applied for an open PhD position at Aarhus University Department of Engineering in the group for Communication System, with Associate Professor Daniel E. Lucani as supervisor. The project is on the subject of improving the utilisation of multi-cloud storage and at the moment that is all I can say, but for sure more is to come. In March 2018, I was informed that I had been chosen as the one for the position and if I still would like to accept it. I did and started as a PhD Student on the first of August 2018. This post and those to follow, will cover my thoughts, doubts, and more about being a PhD Student.
First I will like to talk about the doubts which at least I had about becoming a PhD Student after I accepted the position. So I had been accepted WOHOO it had been my dream to become a PhD since the day I first started at Aarhus University back into 2009, though back then I wanted to end up the cryptography group in the Department of Computer Science. But amongst the joy of being accepted, I started doubting myself 1) Am I smart enough? 2) Can I do three more years at University? 3) Can I return to Aarhus University and not fail? and so on.
Am I smart enough? Well you idiot you where accepted where you not? Well yes! But let me tell you secret, I am highly insecure about my intelligence. When I take an IQ test I score between 127 and 138 depending on the IQ test, but every time I thought that it was just luck. I even have a fairly good GPA, surprise I became a PhD Student, but every time I got top mark, I thought that the examiner and co-examiner was too nice, I did not believe that I earned the grade it. I basically sounded like a winy little brat without any faith in my own abilities. However, after long discussion with a former project group member from Aalborg University, I came to accept that I might be smart enough and that I actually earned my grades and where I am. The idea do still come to the surface from time to time, especially when my colleagues discuss topic related to mathematical topics not covered by the curriculum in the Software Engineering program at Aalborg University. But, I have learned that it is okay to not know, as long as you are willing to learn, research a topic, and ask help when needed. This realisation real removed a mountain from both my chest and shoulders. Though I still have to work on the issue, I am much better now.
Can I do three more years at University? You have to think a lot about this before and after you apply for a PhD position and if you have the least bit of doubt. Start talking to current PhD Students and ask question about their experience. Do you think that you can handle it? Can you do that for three years. Most I talked to said a 40+ hours work week is to be expected, some even said higher. I already worked around that amount of time during my 9th- and 10th semester, so sure I could do it. But can I do it for three more years? I came to the conclusion, that the project sounded fun and interesting, so I was willing to accept three more years of this, so the answer to this was yes!
Can I return to Aarhus University and not fail? So for those who do not know my past I attend Aarhus University from September 2009 to approximately en October 2010, and for a lot of personal reasons including exam anxiety I dropped out. The psychological beating from that hurt a lot and to a certain extend still does. I thought that it was handled and that the it would just be another office, just in a different town. Well it was not, what I had not realised was that my office would be in the very building were I broke, this resulted in my very first day becoming a psychological slap in my face and I had to reevaluated my choice of becoming a PhD student, should I quit? Should I ask to move office? After a talk with my supervisor and some friends, I decided to stay and fight my demons. So now we just need to see if I fail or not.
So after almost a month, what I my thoughts on being a PhD Student? Well first of, it requires a lot more planning than being a ordinary student. You have to plan your day much more yourself, keep on track with monthly plans, courses, events, fit in research, fit in writing papers, give better estimates for how long time an experiment will take to conduct and so on. So if you are not good at time management you will be fucked. Secondly, no one expects you to be perfect from the start. You are suppose to become an expect, not start as one. This is a very important lesson as it lets you relax more from the start and give you room to grow as a student. Lastly, for this post, communication is your bread and butter. Communicate with secretaries, professors, other PhDs, other researchers and others are extremely important and if you do not learn it, you will fail.
I will try and keep this “series” going to document my time as a PhD Student, even if I fail.
So for a while I have wanted to focus on cyber/computer security from the attackers perspective and how to implement certain types of attacks. This first guide will focus on dDOS attack, the theory behind, a stupid attack implementation and a smarter way of executing an attack.
Now for reasons which should be obvious, I will have to state that these guides are purely for academic and informative purposes and the techniques presented can/will results in lawsuits against you and your associates if used outside the law. I hold no responsibility for your usage of the knowledge, that you obtain through these guides and associated source code.
Distributed Denial of Service Attack (dDOS)
So first let us start with the base a attack a denial of service attack (DOS), what we want to achieve is to ensure that no data can be transmitted from a server serving a service and essentially also blocking data from being transmitted to that server, though the later is not the main goal.
So how can we achieve what we want? If we start by looking at the channels of the internet as sucking straws, only a limited amount of water molecules can run through the straw at a time. The same goes for data packets, what we send through the network, only a limited amount of data packets can be handle by the channels at a time. Remember, this is from a very abstract perspective, though illustrative.
So what happens if we force more water into the straw than it can handle, it overflows, thus blogging the entrance of water which should go into the straw. Now the approach of a DOS attack is the same, we overflow the network channel with so many data packets, that not all can parse through and we attempt to make it our packages which goes through the channel such that “real” data packets does not. Thereby, we block the access to the services, as shown in figure 2. Thus our packets overflow the network such that “normal packets” cannot reach their destination.
This is the essence of a DOS attack and also a distributed denial of service (dDOS) attack.
So the first d the distributed part when does this come into play? Well in the old days of the internet and other large public networks could a single machine or node of machines be used to take down a service. However, as servers became more powerful and new defence techniques was invented and used, it became increasingly difficult to execute a successful DOS attack. So how do we overcome these obstacles? Well we increase our resource, we do this by utilise multiple machines and nodes of machines locate anywhere in the world. This increase how many data packets we can “throw” at the server we want to deny access to, as shown in figure 3.
Thus achieving the same result as a DOS attack, just with multiple collaborating attackers. Here we see machines as individual attackers. Thus, assuming all our attackers have the same resources available, same network bandwidth, and is configured in the same way. We can assume a linear increase in data packets, we can throw at the server, with each added attacker machine.
This is a very abstract view on the theory behind a dDOS attack and how it is execute. The next step will be to implement a program which can actually perform such an attack. This will be the next part of the these guides.
Hope you enjoyed this basic introduction to dDOS.
subscribe via RSS