I just graduated with a Bachelor of Science degree in Physics from the University of Latvia!

It took me 4 years to complete the studies. During these years I took more than 50 courses from physics, mathematics and computer science departments and my average grade was 9.1/10 (students in Latvia are graded from 1 up to 10, 10 being excellent, 9 being very good, ..., 4 being the lowest grade for passing a course. Anything below 4 means failure).

As I already mentioned in the about me page, I chose to study physics because I already had a broad understanding of various topics of computer science. Now I can proudly say that I understand a lot of physics as well.

Here is a picture of me with a diploma in my hands. :)

Here is another picture with all of us who graduated from University of Latvia with a B.Sc. degree in Physics in 2008. I'm right in the middle of the front row!

Talking about my future plans, I decided not to go to a graduate school just yet. I'll spend the next year or two hacking on whatever interests me the most and learn exactly what I have wanted (more mathematics and more computer science). It also means that I will be able to post more frequently here. :)

Thanks for reading my blog!

This week on Musical Geek Friday - **The Free Software Song**!

The song is written and performed by the founder of Free Software Foundation and the most active free software advocate Richard Stallman (scroll down for a video of Mr. Stallman performing it himself).

Richard wrote this song at a filksinging session at a science fiction convention. He realized he had never written a filksong relating to free software, so he figured it was time he did. He remembered that he had never written a filksong using Bulgarian dance music, so he figured that would be a good thing to do for once. He chose Sadi Moma because it is not too fast or complicated, and is easy to sing.

Here it is - **The Free Software Song**!

[audio:http://www.catonmat.net/download/richard_stallman-free_software_song.mp3]

Download this song: the free software song.mp3 (musical geek friday #9)

Downloaded: 14079 times

Download lyrics: the free software song lyrics (musical geek friday #9)

Downloaded: 1799 times

Here is the lyrics of The Free Software Song:

Join us now and share the software;

You'll be free, hackers, you'll be free.

Join us now and share the software;

You'll be free, hackers, you'll be free.Hoarders may get piles of money,

That is true, hackers, that is true.

But they cannot help their neighbors;

That's not good, hackers, that's not good.When we have enough free software

At our call, hackers, at our call,

We'll throw out those dirty licenses

Ever more, hackers, ever more.Join us now and share the software;

You'll be free, hackers, you'll be free.

Join us now and share the software;

You'll be free, hackers, you'll be free.

Here is Richard Stallman himself performing The Free Software Song:

Original link: http://www.youtube.com/watch?v=iW87vxM11tw

The audio quality of this video is poor. Here is a much better version by a band with a hilarious title "The GNU/Stallmans":

Original link: http://www.youtube.com/watch?v=xSkCny-HtTw

Download "The Free Software Song"

Download this song: the free software song.mp3 (musical geek friday #9)

Downloaded: 14079 times

Download lyrics: the free software song lyrics (musical geek friday #9)

Downloaded: 1799 times

Click to listen:

[audio:http://www.catonmat.net/download/richard_stallman-free_software_song.mp3]

Have fun and until next geeky Friday! :)

Here are more hacker videos (previous post was on Defcon videos). This time they are from Shmoocon hacker conference. They put out videos from 2006, 2007 and they are putting out videos from 2008 pretty soon.

Shmoocon, as they describe themselves, is an annual East coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software & hardware solutions, and open discussions of critical infosec issues.

Here are the videos from Shmoocon 2006:

- Behavioral Malware Analysis Using Sandnets by Joe Stewart
- Asterisk: VoIP for the Masses by Damin [presentation]
- Black Ops Of TCP/IP 2005.5 by Dan Kaminsky
- Breaking LanMan Forever by Dan Moniz and Patrick Stach
- Covert Crawling: a wolf among lambs by Acidus
- The Church of Wi-Fi presents: An Evil Bastard, A Rainbow and a Great Dane! by Renderman, Thorn, Dutch, and Joshua Wright [presentation and coWPAtty tool]
- Network Policy Enforcement / Network Quarantine - Latest Security Gimmick or Good Idea? by Steve Manzuik
- Responding to Responsible (or Not) Disclosure by Jon Callas and Special Guests
- ConCon: A History of Hacker Conferences by Jason Scott
- Advanced Network Reconnaissance with Nmap by Fyodor
- FreeBSD jail(8), A Secure Virtual Machine by Ike
- Do it yourself: Building an Enterprise Class Surveillance System by Joel Wilbanks [presentation]
- Advances in Single Packet Authorization by Michael Rash [presentation, and fwknop tool]
- Network Security Monitoring with Sguil by Richard Bejtlich and David Bianco [presentation]
- Countering Attacks at Layer 2 by Eric Smith [presentation]
- "Hacking the Friendly Skies" by Simple Nomad [presentation]
- A Young Gentleman's Primer on the Reading and Emulation of Magnetic Cards by Abend
- Anonym.OS: Security and Privacy, Everywhere You Go by dr.kaos, digunix, atlas and beth
- Bitchslapping Wireless IDS/IPS appliances by Eldon Sprickerhoff [presentation]
- Web Application Vulnerabilities and Exploits by Matt Fisher [presentation]
- Wi-Fi trickery, or how to secure, break and have fun with Wi-Fi by Laurent Butti and Franck Veysset [presentation]
- Kryptos and the Cyrillic Projector Ciphers by Elonka Dunin
- Reverse Engineering for Fun and BoF It! - 2006 by Pedram Amini, Chris Eagle [presentation]
- Trojans and Botnets and Malware, Oh My! by Lance James [presentation]
- Snort BoF by Cazz
- Windows Vista Heap by Adrian Marinescu
- Outbound Content Compliance by Jim Noble [presentation]
- Lockpicking and Physical Security Fundamentals by Deviant Ollam
- j0hnny's Greatest Hits: The Best of Johnny Long by Johnny Long
- Securing Civil Liberties - Or Why Hackers Should Run the Government by Jennifer Granick

Here are the videos from Shmoocon 2007:

- Hacking the Airwaves with FPGA's by H1kari
- Auditing Cached Credentials with Cachedump by Eoin Miller and Adair Collins
- Security Breaches are Good for You by Adam Shostack
- No-Tech Hacking by Johnny Long
- Boomstick-Fu: The Fundamentals of Physical Security at its Most Basic Level by Deviant Ollam, Noid and Thorn
- Hacker Potpourri by Simple Nomad
- Extend your Code into the Real World by Ryan Clarke
- Weaponizing Noam Chomsky, or Hacking with Pattern Languages by Dan Kaminsky
- Bypassing NAC Systems by Ofir Arkin [presentation]
- Web Application Incident Preparation by Matt Fisher, Cygnus and PresMike
- JavaScript Malware for a Grey Goo Tomorrow by Billy Hoffman
- Backbone Fuzzing by Raven
- Windows Mobile Software: Raw and Exposed by Seth Fogie [presentation]
- Hacking Disposable Digital Cameras by John Maushammer
- WPAD: Proxy Attack by Chris Paget
- Vulnerability Disclosure Panel Palaver (or 0-day: OK, No Way, or For Pay) by Katie Moussouris
- A Hacker Looks at 50 by G. Mark Hardy [presentation]
- The Church of WiFi presents: A Hacker in Iraq by Michael Schearer [presentation]
- Wireless (and Wired) Networks @ Security Cons by Luiz Eduardo
- The Hacker Foundation: The Ethic in Action by Jesse Krembs and Nick Farr
- Dissecting ShmooCon Labs by The Shmoo Group
- VOIP, Vonage, and Why I Hate Asterisk by Joel Bruno and Eric Smith
- Attack Detection and Response with Linux Firewalls by Michael Rash [presentation]
- Assess the Security of Your Online Bank (Without Going to Jail) by Chuck Willis
- RFIDiots by Major Malfunction
- Encrypted Protocol Identification via Statistical Analysis by Rob King and Rohlt Dhamankar [presentation]
- Three Crypto Geeks on the Current State of Cryptography and the Internet by Rodney Thayer, Jon Callas and Ben Laurie
- Standard Bodies - What are these Guys Drinking? by Al Potter, Renderman, and Russ Housley
- 0wn the Con by The Shmoo Group

Here are the videos from Shmoocon 2008:

- 21st Century Shellcode for Solaris by Tim Vidas [presentation]
- Advanced Protocol Fuzzying - What We Learned When Bringing Layer2 Logic to SPIKE Land by Enno Rey and Daniel Mende
- Baked not Fried Performing an Unauthorized Phishing Awareness Exercise by Syn Phishus [presentation]
- Forced Internet Condom by Aaron Higbee and Jaime Fuentes [presentation]
- Forensic Image Analysis to Recover Passwords by David Smith [presentation]
- Got Citrix Hack It! by Shanit Gupta [presentation]
- Hacking Windows Vista Security by Dan Griffin [presentation]
- Hacking the Samurai Spirit by Isaac Mathis [presentation]
- How do I Pwn Thee Let Me Count the Ways by RenderMan
- Intercepting Mobile PhoneGSM Traffic by H1kari
- Electronic Voting - Risks and Opportunities by Alex Halberman
- Legal Issues for Bot-net Researchers and Mitigators by Alexander Muentz [presentation]
- Malware Software Armoring Circumvention by Danny Quist [presentation]
- PEAP Pwned Extensible Authentication Protocol by Josh Wright and Brad Antoniewicz [presentation]
- Path X Explosive Security Testing Tools using XPath by Andre Gironda, Marcin Wielgoszewski and Tom Stracener [presentation]
- Practical Hacker Crypto by Simple Nomad
- SIPing Your Network by Radu State, Humberto Abdelnur, and Olivier Festor [presentation]
- TL1 Device Security by Rachel Bicknell
- The Geek and the Gumshoe or Can Mathematics and Computers Really Solve Crimes by Michael Schearer and Frank [presentation]
- They're Hacking Our Clients! Why are We Focusing Only on the Servers by Jay Beale [presentation]
- Using Aspect Oriented Programming to Prevent Application Attacks by Rohit Sethi and Nish Bhalla [presentation]
- Virtual Worlds by Charlie Miller and Dino Dai Zovi [presentation]
- VoIP Penetration Testing Lessons Learned by John Kindervag and Jason Ostrom [presentation]
- Web Portals Gateway to Information or a Hole in our Perimeter Defenses by Deral Heiland [presentation]
- When Lawyers Attack! Dealing with the New Rules of Electronic Discovery by John Benson, Esq [presentation]
- Why are Databases so Hard to Secure by Sheeri Cabral [presentation]
- On the Social Responsibility of Hackers Panel by Bruce Potter (moderator), Simple Nomad, Johnny Long, Rick Dakan [info on panel]

Enjoy and don't forget to comment on which videos you liked the best!

I just found out about Google's Treasure Hunt 2008. They say that "it's a puzzle contest designed to test yer problem-solving skills in computer science, networking, and low-level UNIX trivia."

Apparently I have missed the first three puzzles (first, second and third) but I'll give the fourth puzzle a shot.

The fourth problem is about prime numbers and it's formulated as following:

Find the smallest number that can be expressed as

the sum of 7 consecutive prime numbers,

the sum of 17 consecutive prime numbers,

the sum of 41 consecutive prime numbers,

the sum of 541 consecutive prime numbers,

and is itself a prime number.For example, 41 is the smallest prime number that can be expressed as

the sum of 3 consecutive primes (11 + 13 + 17 = 41) and

the sum of 6 consecutive primes (2 + 3 + 5 + 7 + 11 + 13 = 41).

## The Solution

I'll write how I got the solution as I go, so I'll mix the past and present tenses in this post. Sometimes I'll write what I am going to do and sometimes I'll write what I just did.

I have no desire to generate lists of prime numbers myself as it has been done infinitely many times already. I'll just use a publicly available list of prime numbers! Here is a list of first fifty million primes.

I'll use my Unix-fu to find the solution.

First I noticed that the primes are zipped and split into chunks of million primes per file. The file names are like "primes1.zip", ... "primes50.zip".

A quick loop from 1 to 50 and wget gets all these files to my hard drive:

$ for i in $(seq 50); do wget "http://primes.utm.edu/lists/small/millions/primes$i.zip"; done

Next, I unzip all these files, and remove those zips to save space:

$ for i in $(seq 50); do unzip "primes$i.zip" && rm -f "primes$i.zip"; done

After doing that and looking at what I got, I realized that they were in some strange format, 8 primes per line, space padded and with some text on the first two lines. Here is an example how the first five lines look in primes1.txt file:

The First 1,000,000 Primes (from primes.utm.edu) 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89

I want all my primes to be in one file and one prime per line so I can extract N-th prime by looking at that line.

I used the following command to merge all the files into a single file:

for i in $(seq 50); do (awk 'BEGIN { OFS="\n" } NR > 2 {print $1,$2,$3,$4,$5,$6,$7,$8}' primes$i.txt >> primes.txt) && rm -f primes$i.txt; done

A quick verification that I did not lose any primes:

$ wc -l primes.txt 50000000 primes.txt

Now I'll create four files which contain sums of 7, 17, 41 and 541 consecutive primes, not exceeding the biggest prime in primes.txt file. I did that with the following AWK one-liner:

$ last=$(tail -1 primes.txt) $ for N in 7 17 41 541 do awk 'BEGIN { prev[0] = 0 } NR < '$N' {prev[NR] = $1; sum += $1 } NR >= '$N' { psum += prev[NR-'$N']; delete prev[NR-'$N']; prev[NR] = $1; sum += $1; if (sum - psum > '$last') { exit } printf "%d\n", sum - psum }' primes.txt > primes$N.txt done

The command created primes7.txt, primes17.txt, primes 41.txt and primes541.txt files. These files contain sums of prime numbers and just some of them are primes.

The solution, if it exists in the given data set, is the intersect of all these files. If there are multiple items in the intersect, the smallest should be chosen and checked if it really was a prime.

$ sort -nm primes541.txt primes41.txt | uniq -d | sort -nm primes17.txt - | uniq -d | sort -nm primes7.txt - | uniq -d 7830239 $ grep -m1 7830239 primes.txt 7830239

We have found the solution! It's **7830239**!

I submitted the answer and after a few minutes it was confirmed to be correct! Awesome!

Your question: [7, 17, 41, 541]

Your answer: 7830239

Time received: 2008-06-06 23:33:26.268414 UTCCorrect answer: 7830239

Your answer was: Correct

Now leave a comment and tell me how you solved this problem!

This week on Musical Geek Friday - **The Bill Gates Song**!

I found this song while watching a TED Talk on good vs. bad software interfaces called "When It Comes to Tech, Simplicity Sells" (scroll to the bottom to view this talk). To funny things up the speaker, David Pogue, bursted into a few songs, one of them being a song about Bill Gates.

David Pogue is the personal-technology columnist for the New York Times. Each week, he contributes a print column, an online column and an online video. His daily blog, "Pogue's Posts," is the Times's most popular blog.

So, here it is! **The Bill Gates Song**:

[audio:http://www.catonmat.net/download/david_pogue-bill_gates_song.mp3]

Download this song: the bill gates song.mp3 (musical geek friday #8)

Downloaded: 94804 times

Download lyrics: the bill gates song lyrics (musical geek friday #8)

Downloaded: 3275 times

Here is the lyrics of The Bill Gates Song:

I've been a geek forever,

And I wrote the very first DOS.

I put my software and IBM together,

I got profit, and they got the loss!

I write the code that makes the whole world run,

I'm gettin' royalties from everyone.

Sometimes it's garbage, but the press is snowed,

You buy the box, I sell the code.Every software company

Is doing Microsoft's R&D.

You can't keep a good idea down these days.

Even Windows is a hack

We kinda based loosely on the Mac.

So it's big, so it's slow,

You've got nowhere to go!

I'm not doing it for praise!I write the code that fits the world today,

Big mediocrity in every way.

We've entered planet domination mode,

You'll have no choice, you'll buy my code.

I am Bill Gates, and I write the code!

Here is the TED Talk with the song. The talk includes another two songs about Steve Jobs and technical support nightmare.