SIPB Cluedump Series 2011

From SIPB Cluedumps

Jump to: navigation, search

SIPB Cluedumps are informal technical talks, well supplied with snacks. Interrupt with questions at any time, or quietly get up for food.

Cluedumps will (with a few exceptions) run at 8pm on Tuesday evenings, starting September 20th. Any deviations from this schedule will be listed for each talk below. There are still a few weeks available in November for those who would like to give a talk and have not yet indicated their interest. Spots are going fast, so speak now! Feel free to email the Cluedump Series organizers at cluedumps at obvious dot edu with any questions. For weekly announcements, blanche yourself onto cluedump-announce, or mail us and we'll add you.

Full schedule

[edit] The Open Source Workshop: a hands-on introduction to the tools of open source development

Date: September 20, 2011, at 2:30 PM
Presenters: Jessica McKellar (jesstess)
Location: 2-143
Notes: You must bring a wifi-enabled laptop and charger. Attendees must install some software prior to arriving. Please visit for the workshop software installation instructions. Participants must RSVP for this event at Slides for this talk can be found here.
Abstract: Want to contribute to open source projects, but not sure where to start or what tools to use?

In this 3 hour session, we'll cover:

  • what open source is: where it came from, what makes it important, and the many ways to contribute
  • the life cycle of a project bug
  • using IRC to get help and talk to other project contributors
  • how to create and submit a patch to a bug tracker for review
  • how to check out code stored in a revision control system and apply patches to it

By the end of this session, you will have hands-on experience with all of the common tools used to contribute to open source projects and will be ready to go out and contribute to your first project. We'll wrap up with resources to continue practicing and ways to find good projects and bugs for new contributors.

See “Notes” above for what to bring and installation instructions. Please e-mail with questions about the curriculum, software installation, or anything else.

Bio: Jessica is a software engineer at Ksplice Oracle, working on rebootless kernel updates on Linux. She is also an organizer for the Boston Python Meetup, a maintainer for the Twisted and OpenHatch open source projects, and a local STEM volunteer. She enjoys the Internet, networking, low-level systems engineering, relational databases, tinkering on electronics projects, and contributing to and helping other people contribute to open source projects.

[edit] Bitcoin

Date: September 27, 2011, at 4:00 PM
Presenters: Duncan Townsend (duncant)
Location: 2-143
Abstract: Bitcoin is a currency. Just like any other currency, it can be used to buy and sell goods and services. However, bitcoin is decentralized; there is no bitcoin mint nor is there any authority for verifying transactions. The decentralized nature of bitcoin is achieved through some fancy cryptography. Come to this cluedump to find out more about the technical aspects of bitcoin as well as the social implications and the history of the bitcoin market.
Bio: Duncan Townsend is a Junior in Course 6-2. He is primarily interested in artificial intelligence, but he dabbles in other fields, like cryptography. He used to run a bitcoin anonymizing service until an exploit was found and he almost lost $11,000.

[edit] Understanding PGP and Using GPG

Date: October 4, 2011, at 4:00 PM
Presenters: Benjamin Barenblat (bbaren)
Location: 2-143
Abstract: PGP is a public-key cryptography system used for certifying data integrity as well as for transmitting data securely. It's commonly used to sign and verify software distributions and packages (Linux kernel, Ubuntu/Debian packages, etc.), and it can even be integrated into version control systems such as Git. Unlike public-key infrastructures (such as MIT's certificate system) in which participants rely on a trusted authority, PGP keeps trust an individual decision: individuals certify the authenticity of others, forming a distributed "web of trust."

This cluedump aims to give you sufficient technical knowledge to begin making informed and logical decisions about protecting your data with PGP. I'll give an overview of PGP and public-key cryptography--as well as why you should care; we'll then dive into the details and implementation of the OpenPGP protocol. The bulk of our time, however, will be spent on common uses for PGP, with an emphasis on the GNU Privacy Guard (GPG), a widely-used free implementation.  In particular, I will present my suggestions on how to set up a well-thought-out GPG installation (based on my frustration at the lack of good tutorials online today).

This cluedump is based on and quite similar to that given by Steve Woodrow in the fall of 2009. As a follow-up, there will be a key-signing party organized by Duncan Townsend in late November.

Bio: Benjamin Barenblat was born in New York City, but he moved to Texas as soon as he could. In his spare time, he enjoys functional programming, exploring the Semantic Web, and maintaining a slightly higher-than-healthy level of paranoia.

[edit] Why learn Haskell?

Date: October 11, 2011, at 4:00 PM
Presenters: Keegan McAllister (mcallister.keegan [at] gmail [dot] com)
Location: 2-143
Notes: slides
Abstract: Tired of programming languages that just rehash old concepts with new syntax? Haskell is a truly unique language that will expand your mind and show you new ways to solve problems. We'll take a whirlwind tour of Haskell features, from simple to sophisticated, foundational to practical. We'll see how Haskell offers a better way to write software, be it pure computation or concurrent transactional network code. I won't get bogged down in details of syntax, or waving my hands about the ineffable beauty of functional programming. These are great topics to study on your own. This talk will give you some compelling, concrete reasons to do so.
Bio: Keegan McAllister has used and studied Haskell for five years, and maintains Haskell libraries for SMT solving and x86 disassembly, among others. He spends way too much time on #haskell IRC, and knows of SIPB through his time as a kernel engineer at Ksplice.

[edit] Getting Started With Debathena Development

Date: October 18, 2011, at 3:30 PM
Presenters: Jonathan Reed (jdreed), Geoffrey Thomas (geofft), and Ben Kaduk (kaduk)
Location: 3-133
Abstract: Learn about the Debathena project, how to become involved as a developer, and more.
Bio: Jonathan Reed '02 is an Associate Member of SIPB and Senior Liaison to the Students in IS&T's Faculty and Student Experience (FSX) group, where he spends more time working on Athena than his job description would suggest.
Benjamin Kaduk is the current SIPB Treasurer and a Ph.D. candidate in Chemistry. When he is not busy causing molecules to do acrobatics or working on OpenAFS for FreeBSD, he tries to keep Athena in top shape.
Geoffrey Thomas is a SIPB member and developer on the and Debathena projects.

[edit] Scripts

Date: October 25, 2011, at 4:00 PM
Presenters: Edward Yang (ezyang)
Location: 3-133
Notes: Slides: evolution and goals

If you are interested in Scripts but were too hosed to make it to the talk, be sure to peruse the slides and email or stop by the office (W20-557) and talk to someone working on the project.

Abstract: Abstract: Scripts is SIPB’s shared hosting service for the MIT community. However, it does quite a bit more than your usual $10 host: what shared hosting services integrate directly with your Athena account, replicate your website on a cluster of servers managed by Linux-HA, let you request hostnames on *, or offer automatic installs of common web software, let you customize it, and still upgrade it for you? Scripts is a flourishing development platform, with over 2600 users and many interesting technical problems.
Bio: Edward is a functional programming fugitive who escaped from Cambridge and swum across an ocean to wreck havoc at MIT.

[edit] CouchDB -- A Real World use at MIT

Date: November 1, 2011, at 4:00 PM
Presenters: Jeff Schiller (jis)
Location: 3-133
Abstract: This talk will discuss the MIT Websurvey service and how it takes advantage of the CouchDB database system. CouchDB is one of the new generation of "noSQL" databases. While there are several good noSQL database solutions out there, CouchDB is interesting because of its novel multi-master write replication strategy. This permits us to operate multiple servers, each with a writable copy of the database, and keep it all sane!

[edit] Statistics and the Non-Conflict between Bayesians and Frequentists

Date: November 8, 2011, at 3:00 PM
Presenters: Keith Winstein (keithw)
Location: 3-133
Abstract: In 2007, an academic cardiologist downloaded 42 medical studies from the Web site of drug giant GlaxoSmithKline, combined them, and found that the world's best-selling diabetes drug caused heart attacks. GSK lost about $12 billion in sales and market value, and last Thursday agreed to pay a $3 billion fine over its marketing of the drug. But a different way to analyze the same data, called Bayesian analysis, finds with conservative assumptions that the drug actually reduces heart attacks. Or does it? I'll present a new take on the difference between classical statistical methods and Bayesian techniques, showing how the opposing schools are two sides of the same coin. Viewed formally in the context of confidence and credibility intervals, criticisms of each practice have a tight symmetry and can be transformed into each other. I'll also show results from a new algorithm that calculates the performance of contemporary "exact" hypothesis tests that hadn't previously been characterized.
Bio: Keith Winstein is a graduate student in Course 6. From 2007 to 2010, he covered science, technology and medicine as a staff reporter for The Wall Street Journal.

[edit] PGP Key-signing party

Date: November 15, 2011, at 3:00 PM
Presenters: Duncan Townsend (duncant)
Location: 3-133
Bio: Duncan Townsend is a Junior in Course 6-2. He is primarily interested in artificial intelligence, but he dabbles in other fields, like cryptography.

[edit] Almost Thanksgiving -- no Cluedumps! Happy holidays!

Date: November 22, 2011, at 3:00 PM

[edit] Server Security

Date: November 29, 2011, at 3:00 PM
Presenters: Geoffrey Thomas (geofft)
Location: 3-133
Notes: slides
Abstract: This is an updated version of a guest lecture on server security for MIT Lincoln Lab's Capture the Flag class last semester. We'll discuss a couple of public-facing SIPB services, their security models, and how we're able to run things in such a public environment safely. We'll also compare them with standard (out-of-the-box) server configurations for the same types of applications.

[edit] Secrets Of Static Binary Analysis

Date: December 6, 2011, at 3:00 PM
Presenters: Christien Rioux
Location: 3-133
Abstract: Ever wanted to know more about how static binary analysis works? It's complicated. Ever want to know how C++ language elements are automatically transformed? The high-level overview of how machines analyze code for security flaws is just the beginning. In this talk we'll be delving into the gritty details of the modeling process.
Bio: Christien Rioux, co-founder and chief scientist of Veracode, is responsible for the technical vision and design of Veracode’s advanced

security technology. Working with the engineering team, his primary role is the design of new algorithms and security analysis techniques.

Previous years

Personal tools