About OTC CatchUp

Note OTC CatchUps are weekly informal sessions involving project showcases and technical discussions. They are held every Saturday from 10:30 PM IST. Join in!.
For all summaries, please visit catchup.ourtech.community/summary.

OTC CatchUp #115

Date: 21-01-2023

Duration: 2 hrs 53 mins

Topics Discussed

  • General introductions.

  • Pranav Dani and Dheeraj Lalwani discussed about MWC meetup in Churchgate, held on that day.

    • Overall, it was a good meetup. While most of the talks were aimed at "beginners", Faiz Malkani's talk was more inclusive and talked about how one can find their foot in a world that seems enormous.

  • We discussed how GPUs are not always faster than CPUs in every scenario.

    • CPUs have a lower latency due to faster access to the cache memory.

    • GPUs have a higher bandwidth.

    • Harsh shared a video regarding the same: Are GPUs Faster than CPUs?

  • We talked about (FLOPS) Floating Point Operations Per Second, and how it affects the performance of a CPU.

    • It is a method of encoding real numbers within the limits of finite precision available on computers.

  • Jaden Furtado explained how an SQL injection works and also how ScanRE, the project he showcased, uses Regex to find vulnerabilities in the GitHub repositories.

    • PhP implements sanitization in the form of a function called mysqli_escape_string() which was updated to mysqli_real_escape_string(), which could be used to mitigate SQL injection, although both versions have vulnerabilities.

      • Since these functions add a \ before the special characters in the code (for instance: 'SELECT * from TABLE where id='.$var, where var is a set of special characters), it is possible to bypass the sanitization by using \\ instead of \ which is one of the major vulnerabilities.

  • Jaden Furtado talked about how ScanRE is split into four stages: Fetch, ScanCode, StoreResults and Delete.

    • None of these parts are dependent on each other and can be run independently.

    • Since they are independent, he is using Celery to queue and run the tasks asynchronously.

      • Anil Harwani suggested that this is essentially an out-of-order pipelining engine that is trying to get done as much work as it can with as much latency it can tolerate.

    • Anil Harwani talked about how Celery would act as point of vulnerability since now it is dependent on the developers maintaining Celery to not mess up the codebase.

    • Jaden Furtado suggested that he is essentially scanning the entirety of GitHub to find vulnerabilities in the codebase.

      • Anil Harwani suggested that this would require differential scanning since the repositories are constantly changing.

  • Jay Kaku shared that his final year project is about making a coprocessor on a FPGA.

    • Jaden Furtado asked multiple questions about the feasibility of the project and cooperation from the professors.

  • We discussed the common issues while switching from android to iOS, out of which WhatsApp migration is the most irritating for most users.

    • While there are ways to handle the situation, it isn’t user-friendly, which is how Apple locks users into its ecosystem of products and services.

Projects Showcased

  • Wilfred showcased his Portfolio Website.

    • His portfolio is a fork of Brittany Chiang's portfolio website which is also used by many people.

  • Jaden Furtado shared his updates on ScanRE - A tool for scanning and finding vulnerabilities in GitHub repositories using static code analysis.

    • The tool checks for vulnerabilities in the code by using regex.

    • He created a UI for the tool.

    • GitHub repository

Attendees

  1. Ayush Bhosle

  2. Ayush Chauhan

  3. Chiranjeev Srivastava

  4. Darshan Rander

  5. Dheeraj Lalwani

  6. Harsh Kapadia

  7. Jaden Furtado

  8. Jainam Jagani

  9. Jatin Chaudhary

  10. Jay Kaku

  11. Krishna Gadia

  12. Nikshita Karkera

  13. Ninad Naik

  14. Pranav Dani

  15. Pratham Rohra

  16. Pratik Thakare

  17. Smit Jethva

  18. Viranchee Lotia

  19. Wilfred Almeida

  20. Sarah Khan

  21. Siddharth Bhatia

  22. Tushar Nankani

  23. Ananya Verma

  24. Anil Harwani

  25. Ayush Bhosle

  26. Ayush Chauhan

  27. Jia Harisinghani

  28. Krishna Dave

  29. Navya Agarwal

  30. Prateek Pardeshi

  31. Ritojnan Mukherjee

  32. Saarthak Kumar

  33. Yash Wavdankar

  34. Altaf Alam

  35. Atharva Honrao

  36. atharva yadav

  37. Bhavesh Garud

  38. Cloud Core

  39. Dg Star

  40. Divyansh Singh

  41. Gaurav Ghade

  42. Harsh Sharma

  43. Harshal Shekdar

  44. Hiten Dusseja

  45. Manas Thadhani

  46. Manish Dusa

  47. Naveen Pandey

  48. Prasad Satpute

  49. Raj Yadav

  50. Ruturaj Chandgude

  51. Sakshi Bhandari

  52. Sarvesh Parab

  53. shruti singh

  54. Shrutik Gupta

  55. Tushar Shelke

  56. Vaishnavi More

  57. Vidhi Vaishnav

  58. Vighnesh Hinge

  59. Vrajesh H

  60. who else but Tullu

  61. Yo Yo

Meet Screenshot

Meet #115 screenshot

Note For all summaries, please visit catchup.ourtech.community/summary.

Want to improve the content of this page?

Want to get more involved? Learn how to contribute.


We rise by lifting others.
— Robert Ingersoll
Kindness always wins.
— Selena Gomez
Alone we can do so little; together we can do so much.
— Helen Keller