Tag: ietf

IETF 102 hackathon remotely from Mauritius

The cyberstorm.mu team has been participating in several IETF hackathons these recent years. For the IETF 102 hackathon, we focused tremendously on innovation: The goal to create two teams for the TLS 1.3 project, one for the Implementation team and the other is Interop. At the same time, getting hands on the HTTP 451 project. The IETF hackathon encourages developers to collaborate and develop utilities, ideas, sample code and solutions that show practical implementations of IETF standards. It is not a competition but a collaborative event.

 

IETF 102 hackathon remotely from Mauritius 1

For this IETF hackathon, myself and Loganaden Velvindron core members of cyberstorm.mu team decided to lead the event. We searched a marvelous venue at Pointe aux Piments, a remote coastal area in the north-west of Mauritius which was very peaceful and can accommodate the whole team including first-timers of the IETF hackathon for three nights. As regards food, the best place is at Triolet, a village nearby which is famous for street foods including Pizza, Indian food, Grilled, Burgers and Brianis. We also chose that venue as it included a WiFi hotspot, several rooms, bathrooms, and even a swimming pool.

IETF 102 hackathon remotely from Mauritius 2

The participants from the cyberstorm.mu team was: Loganaden Velvindron, Rahul Golam, Kifah Sheik Meeran, Nigel Yong Sao Young Steven Ken Fouk, Muzaffar Auhammud, Codarren Velvindron, and myself – Nitin J Mutkawoa. As regards to the first-timers were: Veegish Ramdani, Jeremie Daniel, Jagveer Loky, Nathan Sunil Mangar, and Avishai Poorun.

On day 1, we all set up our lab environments and since most first-timers were in the TLS 1.3 Interoperability team, a plan was already designed. We knew since the beginning that there would be the logistic issues, so we brought spare laptops, screens, memory card, projector, etc.. Logan explained the situation we had to deal with especially when it comes to interoperability to the first-timers. Then, they assigned themselves some tasks. At first, it was time-consuming to get started, but at the end of day1, I can feel how everyone was working as a team and looking in the same direction for the TLS 1.3. On the other hand, Veegish was getting hands-on HTTP 451. Whilst the Interoperability team was having fun, the implementation team, on the other hand, was yet another challenge: Improving source code for TLS 1.3 compat layer.

On day 2, everyone woke up early and went for a morning walk. Afterward, the team was back to coding and debugging. Whilst some were on the implementation and Interoperability tasks, Veegish already advanced on the HTTP 451 project. A debrief carried out by logan to understand where the team stands. We had to constantly evaluate ourselves so that we knew in which direction we are moving. At the end of the day, most of us were already in the pool for some chilling moments. I seized the opportunity to make a Time Lapse video with my iPhone 7+ 🙂

 

On day 3, the atmosphere was intense. The implementation team needs to make sure the code has been tested and it is running correctly. I was heavily involved in the PHP CURL library part. The testing part was very challenging. At some moment I was so tired and hopeless as the testing part was really complex. At the same time, others were trying to help each other. Kifah was also on some bash scripting for the interoperability part. He wanted to automate some tasks. Logan was also looking at his code and helping the others. Well, at the end of the day we were so happy to be able to accomplish what we had planned. Everyone looked so tired. The only option is to go back to the pool.

We also decided to make some mini videoS to relate our experience during the hackathon. I uploaded the videos on YouTube. You can view it from the playlist below:

On day 4, we packed up to our destination. At that very moment in Montreal, the hackathon was still going on. I reached home at about 19:00 hrs Mauritius time. I was assigned a three minutes presentation for the hackathon carried out by the Mauritius team. It was already midnight. I was so tired. I knew that the presentation had to be carried out. Logan was constantly texting me to make sure that I did not fall asleep. You can view the presentation remotely live in Montreal Canada.

What did IETF hackers say about the IETF 102 hackathon?

“What I think was the most productive output during this time for me was pair-programming…” – Kifah

“I was very excited to be part of the Inter-operability team where I worked with OpenSSL, BoringSSL, WolfSSL, and tlslite using TLS1.3 protocols.” – Jagveer

“Making Internet Protocols great again during the IETF 102 hackathon” – Logan

“Finally after long hours of debugging he managed to test the protocol being used by NRPE locally” – Rahul

“Then… we finally got a Client Hello from Wireshark and made the PR” – Nigel

“At first I thought that it would only be working, working and working but besides of work we started creating bonds.” – Jeremie

“I got a lot of advice, support, and motivation to work with my team members and try to implement on a strategic basis and critical thinking the internet protocols and see their limit on a technical perspective.” – Avishai

“Once OpenSSL was installed, I then performed my first TLS 1.3 Handshake, Resumption, and 0-RTT but did run into difficulties with NSS.” – Chromico

“But while everyone is waiting, we are working. We have reached a deeper understanding of how it will affect our lives.” – Codarren

“IETF 102 was a very fun and challenging experience in which I got to work on several opensource projects” – Muzaffar

“At first, I did encounter some issues like parsing JSON files, but I manage to work on those issues” – Veegish

We also had a follower on Twitter appreciating our effort and participation during the IETF 102 hackathon. Thanks, Dan York, senior manager at ISOC.

IETF 102 hackathon remotely from Mauritius 3

I’m happy that this hackathon was at the required level. It was a great initiative from the cyberstorm.mu team. No major incidents occurred in our HQ at Pointe aux Piments. Everything that was planned went all and it’s worth investing yourself in this collaborative event.

IETF 101 Hackathon by the cyberstorm.mu team

We believe in rough consensus and running code” – Just have a look at the IETF website, this is the motto that you would come across. This is why the IETF hackathons are so special during the year and cyberstorm.mu team is proud to be the first team in Mauritius who do not only participate in such type of event but also lead the TLS working group. The IETF 101 hackathon was yet another challenge for the cyberstorm.mu team. But, once you are in, the fun begins. Compared to the IETF 100 hackathon, cyberstorm.mu team made an improvement in terms of lines of codes and focused on more projects. We participated remotely in projects such as TLS 1.3, DNS, and HTTP 451. A wiki was also created during that event.

Photo credits: IETF.org
Photo credits: IETF.org

We used Jabber to communicate for the IETF 101 hackathon. Other media such as Facebook was found out to be interesting. I should admit that on Friday and Saturday I went to sleep at 02.00 AM with just the testing part completed. At 23:00 hrs, Logan was asking everyone to go to sleep as we needed more energy on the next day. What is more relieving is the team spirit where everyone was helping each other during that hackathon.

One of the interesting issues noticed is about TLS malformed traffic and such thing was able to be detected using Wireshark. Once the patches were ready and the testing part was working fine, we made a debrief at Flying Dodo beer brewing company at Bagatelle Mall and was ready to submit patches to their respective projects. I was assigned the “Stunnel” project and a library in “Eclipse Paho”.

Debriefing at Flying Dodo accompanied with beer and some fries
Debriefing at Flying Dodo accompanied with beer and some fries

After the debriefing, Logan was getting ready for his remote presentation at the IETF. We all went through the slides that logan created and went back home happy to see the presentation live on YouTube.

Special thanks go to the IETF Organising team for having us as Technology Champions! Nick Sullivan head of cryptography expert at CloudFlare, Charles Eckel, Barry Leiba, Meetecho team, Cisco for sponsoring the event and all members of the cyberstorm.mu team which made this hackathon a success in the world history of Mauritius.

Other’s are also talking about the IETF 101 hackathon?

“I had initially started a bit slow, as I was working on other projects in parallel. Everyone was already deeply immersed in their projects, we could see PRs and code merges flying right from the first day.”Codarren Velvindron

Developers working with OpenSSL can finally start to work with TLS 1.3, thanks to the alpha version of OpenSSL 1.1.1 that landed yesterday.” – TheRegister

I think that you guys have better weather and more fun that we did”Charles Eckel

The DNS madness: 185 RFCs totaling 2781 pages. Hello DNS security flaws ” – Loganaden Velvindron

IETF Hackathons encourage developers to collaborate and develop utilities, ideas, sample code and solutions that show practical implementations of IETF standards. The IETF Hackathon in London on 17-18 March is poised to be the largest ever.” – IETF

 In case you are asking yourself, “who are the cyberstorm.mu ?” You can consider is as “a group of developers from Mauritius who loves to code and are passionate about information security.” More information at https://www.cyberstorm.mu

IT and Internet Users of Dodoland by cyberstorm.mu

Since the split of the Linux community in Mauritius, cyberstorm.mu (name rebranded due to trademark issues) was born. A new vision and objectives were the foundation of the cyberstorm.mu group. Our aim is to reach more people who will code in software that is used worldwide. The cyberstorm.mu family kept growing. Today, we have brought more members to the cyberstorm.mu community and right now, there is a boom in this group. Additionally, people from various part of the world wants to be part of the group, as seen on our Facebook group. cyberstorm.mu has been hosting live video streams on YouTube to bring together more people willing to learn and share in the community.

Just chill. Let me get back to the title of this blog – IT and Internet Users of Dodoland! On Saturday, the 18th of November 2017, I was at the University of Mauritius together with Logan. We were joined by Jagveer Loky. A presentation was carried out on “Introduction to Github” and the launch of the Mailing List called the “IT and Internet Users of Dodoland”. During the presentation, Logan brushed over the importance of having a Github account as well as sharing one’s code on it.

Intro to github_uom by cyberstorm.mu from loganaden

An example is to publish one’s assignment by a student. This acts as a catalyst for the academic development of the student. Today, companies will usually search the Github account of people, including Mauritians before recruiting them. Students were encouraged to create their Github accounts and even a blog. Then, we discussed the achievement in the IETF 100 Hackathon. For example, the patches about TLS 1.3 during the IETF 100 Hackathon. At the end of the session, we announced the creation of the Mailing List “IT and Internet Users of Dodoland”. Jagveer Loky from the cyberstorm.mu community was chosen to be the moderator of the mailing list. He will ensure the proper and smooth running of the mailing list.

At the University of Mauritius

IT and Internet Users of Dodoland by cyberstorm.mu 4

At the end of the presentation, we had conversations with the students who were interested in topics such as OpenSSH, MVC, Java Programming, and MongoDB. Notes were taken to focus on these topics in the days to come. Then, we headed to Flying Dodo Bagatelle to celebrate the launch of the new mailing list by the cyberstorm.mu team.

Celebrating with beer and pizza at Flying Dodo Bagatelle

IT and Internet Users of Dodoland by cyberstorm.mu 5

We also had a video stream, where we were joined by other people from the cyberstorm.mu community who came forward asking questions about the IETF 100 Hackathon and on several aspects of TLS1.3. Jagveer shoot a question as to whether people knew about the IETF in Mauritius. Of course, many knows about the IETF, but at what level is the contribution? As a technical guy, merely watching what’s going on at an IETF Hackathon does not make sense but instead contributions should be carried out in terms of codes to make the OpenSource community more rigid. 

Video Stream from Yesternight

At cyberstorm.mu, we kept on innovating to transmit the messages through the internet as well as on the ground. Weeks back, we were also at the University of Mauritius where we met Yashtir Gopee who is a passionate of robotics and Artificial Intelligence. He also joined the cyberstorm.mu community and is willing to join the “IT and Internet Users of Dodoland” Mailing List.

Yashtir and Logan

IT and Internet Users of Dodoland by cyberstorm.mu 6

Indeed, we have come a long way since the creation of cyberstorm.mu. In such short time, we have been able to meet our objectives and we are continuing towards innovations and quality work in the group. I am looking forward that people make good use of the Mailing List and bring forward their issues as well as their contributions. Click to join the Mailing list.

IETF 100 hackathon on TLS 1.3 by cyberstorm.mu

Some days back, The Register mentioned cyberstorm.mu (name rebranded due to trademark issues) preparing for IETF100 hackathon. Hooray! Yeah, we did it and the hard work finally paid off thanks to the core team and the whole of cyberstorm.mu team. After registering on the IETF – Internet Engineering Task Force website, the cyberstorm.mu team set itself on the TLS1.3 API source code. We were all focused on the OpenSSL codes.

Once in our office, we set up the network and our equipment. Check out logan’s blog to have an idea how things went on. That’s true we struggled in the beginning, but finally we could see the light at the end of the tunnel. Patience and patience is all what you need and a calm mind to study how things are in the code. The testing was then carried out to confirm the beauty of the TLS 1.3 codes in our chosen projects. You can also view the TLS tutorial which explains the objectives of TLS1.3. For example: Mitigation of pervasive monitoring.

Here are some hints about the security from TLS1.3

  • RSA key was removed.
  • Stream ciphers was reviewed.
  • Removal of compressed data mechanism which was able to influence which data can be sent.
  • Renegotiation was removed.
  • SHA1 and Block ciphers were removed.
  • Use of modern cryptography like A-EAD.
  • Use of modern key such as PSK.

For more details see this blog from OpenSSL. We were also working together with the TLS team in Singapore which was lead by Nick Sullivan, champion at the IETF TLS hackathon.

After the IETF Hackathon, it was announced publicly about the good job done by the cyberstorm.mu team on the IETF channel.

The team at the beach 🙂

IETF 100 hackathon on TLS 1.3 by cyberstorm.mu 7

More links :

PS: Any more links related to IETF Hackathon TLS 1.3 let me know, I will add it here!

Feel free to join the cyberstorm.mu community group on Facebook and follow us on our cyberstorm.mu Twitter account.

ISOC IETF session & Side conference at AFRINIC-25

AFRINIC-25 was held at Sofitel Imperial Resort & Spa in Mauritius this year from 25th to 30th of November 2016. Members of cyberstorm.mu were proud to be present during the ISOC IETF session. Logan, who is also a member of cyberstorm.mu introduced me to Kevin G. Chege of ISOC who was leading the meeting. There were several topics tossed on technical IETF standards at the workplace by Padma Pillay-Esnault of Huawei.

Photo Credits: Afrinic.net
Photo Credits: Afrinic.net

I made a short introduction on OpenSUSE as an OpenSUSE advocate and laid emphasis on the challenges of the OpenSUSE community in terms of code contribution. Also, a brief overview of the OpenSUSE infrastructure, the open build service, the visualization platform, and factory development at OpenSUSE.

One of the contributions made during the cyberstorm.mu hackathon – Operation SAD – Search and Destroy where codes were contributed to Monit – An opensource utility for proactive monitoring. It can conduct automatic maintenance and repair. What is most interesting during the hackathon is the deprecation of SSLv3 in Monit.

More details were shed on the spreading of the disease called SSLv3. There are many developers still importing Monit as secondary tools on their application. A live example where Github repos are infected with SSLv3 where the same need to be removed to mitigate attacks. The RFC 7568 (Thanks to the TLS working group) – which was applied during the course of the hackathon was taken as an example as well as the methodology and application of the SDLC – Software Development Life Cycle standards during the hackathon.

A slide during the IETF meeting

An open discussion among participants and audience was then carried out. The aim is to have each one to share their concerns and initiative to reach their goals. As regards to me, i laid emphasis that IETF materials should not only reach University students, but also other individuals who have the skills and know-how and ready to learn for the betterment of Africa and Mauritius. Hackathons were proposed to be carried out at international level under the umbrella of the IETF – Internet Engineering Task Force. 

I would also sincerely thank the ISOC, AFRINIC and sponsors for making this event a successful one.

Some pictures here:

afrinic-25

ISOC IETF session & Side conference at AFRINIC-25 8
ISOC IETF session & Side conference at AFRINIC-25 9
ISOC IETF session & Side conference at AFRINIC-25 10
ISOC IETF session & Side conference at AFRINIC-25 11
Loading image... Loading image... Loading image... Loading image...