About OTC CatchUp

Note OTC CatchUps are weekly informal sessions involving project showcases and technical discussions. They are held every Saturday from 10:30 PM IST. Join in!.
For all summaries, please visit catchup.ourtech.community/summary.

OTC CatchUp #113

Date: 07-01-2023

Duration: 4 hrs 2 mins

Topics Discussed

  • General introductions.

  • Harsh Kapadia talked about C programming concepts that are ostensibly simple yet difficult to apply.

    • The most basic and confusing concepts include Strings and Pointers.

    • He specifically talked about how numerous functions with similar applications existed such as gets(), fgets(), getline(), etc for String input. The difference is small and a new user usually gets confused at first.

  • Re-learning C after using higher-level languages is an arduous process since these languages abstract away the need to handle certain conditions, especially memory management.

    • C and C++ should be learned properly since they are still preferred for performance and latency-sensitive tasks.

  • Anil Harwani talked about multiple reasons behind C’s importance in the industry.

    • Embedded Systems support C because they have a bad performance in general and cannot accommodate resources for higher-level languages.

  • Anil Harwani exemplified how a normal person might select a language to add a million numbers.

    • If people use C, then they might end up writing inefficient code which doesn’t leverage most of the computer resources, because most people don’t know how to manage memory properly.

    • Due to this, the ironic thing is that Python would end up performing better.

      • People would end up using libraries such as NumPy which do a relatively decent job of utilizing most of the resources.

    • One important thing to remember though is that the answer to such questions changes based on the situation. These are questions that should be asked before jumping to solving the presented problem/question. For instance

      • What kind of input numbers are these? Integers? Decimals?

      • How quickly does the problem need to be solved?

      • How often does one need to solve the question?

      • What is the scale of the problem?

      • Does the question really need to be solved as fast as possible?

  • In the last CatchUp (#112) we had a watch party on How to build a compiler using LLVM.

    • Anil Harwani talked about the compilation of a program to Assembly code.

      • We also talked about the process of Loop Unrolling and Vectorization.

  • We looked at spec.org which showcases CPU benchmark scores and the procedures that were followed to get those results.

    • CPU manufacturers use these scores to estimate where improvements are possible and compare processors.

  • We talked about physical and virtual memory and how the address is calculated.

    • This evolved into a conversation about how programs separate their execution blocks in the memory.

      • The concept of Segmentation is utilized in the physical memory and hard drive as well, to allocate a data storage range and prevent overriding other process' data during execution.

      • Then there came a need for Physical and Virtual Memory.

      • There were attacks that exploited virtual memory as well and it gave a rise to Paging. The OS handles the page table and generates a virtual address and this address is mapped and converted into a physical address by the OS.

      • Paging became critical since virtual addresses could be guessed by programs easily, but Row Hammer was an attack that still caused issues.

        • A RAM is organized in rows and columns of bits, and Row Hammer is a technique to flip bits in the same row by bit-banging a specific pattern of bits which causes bits to flip, which can causes issues.

  • Anil Harwani shared a Memory Latency Test by Chips and Cheese - a tool to measure the memory latency in computers.

    • It tries to check the latency of the L1, L2 and L3 CPU Caches.

    • We checked the difference between two PCs by overlaying and comparing the values in the graph. This showcased the developments made in the newer devices and how the graph for latency over time was smoother for newer processors while older processors had erratic graphs with sharp curves.

  • We talked about the difference between a Telephone Cable and an Ethernet Cable.

    • An Ethernet Cable is more sheathed than a Telephone Cable since it needs to handle higher currents, which induces a larger EMF than in Telephone wires. The thicker sheath in Ethernet Cables reduces the chance of data corruption through EMF interference and induced current problems.

  • Jaden Furtado tried to help Jainam Jagani with debugging his web extension with Manifest v3 issues.

  • Jaden Furtado shared how he hacked Starbucks India and had access to the online and offline payment data of all Indian customers due to API keys hard-coded in their app’s source code.

    • He found quite a few other vulnerabilities as well.

    • Starbucks India acknowledged his responsible disclosure, fixed the problems he had pointed out and compensated him with far less than he deserved, due to 'a change in their policies'.

  • Jaden Furtado also shared that his final year project ScanRE was about scanning GitHub repositories to find vulnerabilities.

    • He is using one of his idle PCs to run this project and find any vulnerabilities.

Attendees

  1. Anas Khan

  2. Aryan Nayak

  3. Ashwin Kumar Uppala

  4. Ayush Chauhan

  5. Harsh Kapadia

  6. Jai Dewani

  7. Jainam Jagani

  8. Kaushal Joshi

  9. Kaustubh Khavnekar

  10. Ninad Naik

  11. Pranav Dani

  12. Pratik Thakare

  13. Ramyak Mehra

  14. Rishit Dagli

  15. Sahil Prasad

  16. Sarah Khan

  17. Sreekaran Srinath

  18. Vedant Panchal

  19. Wilfred Almeida

  20. Jaden Furtado

  21. Anil Harwani

  22. Aryan Maurya

  23. Ayesha Nagdawala

  24. Dhruv Vaidya

  25. Eshaan Vaswani

  26. Hiten Gerella

  27. Hrishikesh Dhuri

  28. Jia Harisinghani

  29. Raghav Rathi

  30. Rhea Mansharamani

  31. Romil Raina

  32. Yash Wavdankar

Meet Screenshot

Meet #113 screenshot

Note For all summaries, please visit catchup.ourtech.community/summary.

We rise by lifting others.
— Robert Ingersoll
Kindness always wins.
— Selena Gomez
Alone we can do so little; together we can do so much.
— Helen Keller