tag:blogger.com,1999:blog-16484892046731615772024-03-26T23:38:23.660-07:00Komodia's technical blogMy name is Barak Weichselbaum and I'm the CEO of Komodia, I have different blogs, because I don't want to mix the content types of the blogs. From time to time I get the urge to write, and use this platform to do so.Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-1648489204673161577.post-84665855022063776392012-12-29T06:07:00.002-08:002012-12-29T06:07:21.571-08:00Decline of the PCMany companies were caught off guard by the decline of PC usage, since Komodia's SDK is Windows based this affects me as well. I'm planning for two year now the "day after", when PC is no longer relevant or it's not economical to develop for it anymore. Some colleagues disagree with me and think that PC will be relevant even 3 years from now (the point I think it will die), who's right? I have no idea, all I do know that I have already rolled out a new product that is not tied to PC (<a href="http://url.komodia.com/">URL Classification service</a>).<br />
<br />
What do you think?Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com2tag:blogger.com,1999:blog-1648489204673161577.post-76810759393731500092012-07-30T09:20:00.001-07:002012-07-30T09:20:29.975-07:00WFP, LSP and reset dropsFor the past few weeks I tried to hunt a bug with WFP, when using IE8 on Win7 some connections would not close when closing the IE8 via the close button and they were seen as orphaned connections.<br />
<br />
I researched the matter and discovered that unlike FF and Chrome that closing the connections gracefully with FIN when they are closed, IE (or the OS) sends resets, and with the WFP some connections would not close. <br />
<br />
I tore the WFP a new one, with many debug prints eventually I got to the conclusion that no resets were dropped, so I tested again without the WFP and discovered that some connections are not closed and after 30-60 seconds the server side closed them (and not the client side as it should), probably a bug of MS.<br />
<br />
When using a LSP this didn't occur because when the LSP is unloaded it closes all the connections gracefully, so I added a function in the <a href="http://www.komodia.com/products/komodia-redirector">Komodia's Redirector</a> to track closed apps and manually close all outstanding connections, this way connections are closed after a few seconds and not 30-60 seconds.Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com3tag:blogger.com,1999:blog-1648489204673161577.post-60801526110361432332009-12-17T23:03:00.000-08:002009-12-17T23:08:23.172-08:00SSDSSD stands for Solid State Drive and they are flash based Hard drive, I'm a big fan of them and the reason is that I work quite allot with virtualizations software that allows me to test the products on various OS and scenarios, working on a traditional hard drive is quite slow and when most of my work is spent on waiting for OS to boot, and change scenarios it accumulates over time so I setup three SSD raids (all raid0):<br /><br />1. 6 16GB Mtron which gives me crazy speed of 600mb/s<br />2. 2 128GB Corsair for my OS<br />3. 2 128GB Corsair for my main virtualize OS drive<br /><br />Over a period of time I can say that this setup saved me allot of time and frustration and I can also add that until you worked from a SSD drive, you don't know what a computer is :)<br /><br />This is a speed benchmark of the Mtron raid:<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFV6bZBNwbfy9qWGuFM7chu-Omaxj17KQMXzFYWY3Pm3as98dZVxOXsRD0773EkJlbJDgtb7dWIST5kfZjNAWnOB0PRCZt8abHZNHWYOvmrw381y-tYhBvClu_EWwsBsed9ylOvUQdL5c/s1600-h/untitled.JPG"><img style="cursor: pointer; width: 400px; height: 292px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFV6bZBNwbfy9qWGuFM7chu-Omaxj17KQMXzFYWY3Pm3as98dZVxOXsRD0773EkJlbJDgtb7dWIST5kfZjNAWnOB0PRCZt8abHZNHWYOvmrw381y-tYhBvClu_EWwsBsed9ylOvUQdL5c/s400/untitled.JPG" alt="" id="BLOGGER_PHOTO_ID_5416469432755516178" border="0" /></a><br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com2tag:blogger.com,1999:blog-1648489204673161577.post-14742987794773875052009-12-13T17:08:00.001-08:002009-12-13T17:24:13.890-08:00Detours the storyI "fell" in love with detours and detouring around three years ago when I learned about them, ever since it's been a sharp weapon in my programming arsenal, but as much as I liked them I always had a problem, I learned and used <a href="http://research.microsoft.com/en-us/projects/detours/">Microsoft Detours</a>, but they are not free, only if your software is non commercial, which isn't the case for me. Anyways I started to look for a solution, free, paid or information that will help me write a solution. Documentation was confusing because the concept of detouring is mixed with hooking which is a different approach and something I didn't need. I bought a library for 100$ just to find out it isn't doing what I wanted, I considered it a 100$ fee to learn how not to do it as the library was bad even for what it was suppose to do (I'm not giving any names on purpose) so I found another library which is widly known (again no names) but it requires runtimes for a language which is not MSVC (you probably know the library by now) which again is bad for me and I wanted to be able to sell my products without forcing my clients to buy licenses for 3rd party SDK which will probably come off my profits.<br /><br />I've talked to a friend of mine which introduced me to detouring back in the days and he explained to me the mechanics of detouring as he was a kernel programmer and in his previous position he subvered most of the kernel. With this new knowledge I was able to build a library that does exactly what Microsoft Detour does, and because I'm intercepting only a handfull of functions I don't need to make it generic.<br /><br />Time has passed, everyone was happy but I got more and more requests to support my detouring apps for 64bit, now if detours was a pain for 32bit they are a nightmare for 64bit and the reason is that MS excluded two important features that are required to perform detours:<br /><br /><ul><li>Naked __declspec</li><li>__asm</li></ul><p>Without these two, detouring would be a nightmare, so again I researched the web and just like before I went down the same path: MS Detours professional supports 64bit but costs quite a lot (last time I saw a price it was 10k$), and it can't be downloaded so I couldn't learn what they are doing. The non MSVC library doesn't support 64bit detours because there isn't a 64bit version of the development language, and the 100$ library, well, it was bad and nothing changed about it :)</p><p>The only difference is that I know how the 32bit detours work, so I researched again on the subject and again documentation is scarce and fuzzy but in a moment of insomnia I managed to find a solution for the problems with 64bit detours :) my code is working and just like before I need to make sure it works for all my detours but the hard work is done, I can safely say that as for this moment, my company is one of the handfull that are in possesion of such technology.</p><p>Just to be fair and unbiased there's another LGPL (I hate L/GPL) library which is doing kernel hooking which is quite of an overkill for me and I couldn't learn anything from it, it's called: <a href="http://www.codeplex.com/easyhook">EasyHook</a>.</p>Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com4tag:blogger.com,1999:blog-1648489204673161577.post-88683201393223327042009-03-15T20:28:00.000-07:002009-03-15T20:38:25.816-07:00Code designA few months ago I read about <a href="http://en.wikipedia.org/wiki/Nikola_Tesla">Tesla</a> that he could vision entire technical drawings and designs in his mind's eye and while inspecting the design he could find flaws in it and fix it before drawing a single line on a paper. Tesla is an example of a genious with poor marketing skills, because he died in debts alone at the age of 86, this man is refered to: "the father of physics" and "the father of the 20th century"<br /><br />When I code I have the same effect like Tesla, I see the code in my mind's eye, I know what to do, I don't need to design it on a paper or computer software and when I write it out, it's like doing without "thinking" I've been doing this for the past 23 years, I've calculated I've got around 30,000 hours of coding experience, which shaped my personality as well, for good or bad.<br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com5tag:blogger.com,1999:blog-1648489204673161577.post-58784323689916165992009-03-12T19:08:00.000-07:002009-03-12T19:14:42.303-07:00Finally I got my blog backHad problems <span class="blsp-spelling-error" id="SPELLING_ERROR_0">login</span> because the switch between <span class="blsp-spelling-error" id="SPELLING_ERROR_1">blogspot</span> and blogger, had <span class="blsp-spelling-error" id="SPELLING_ERROR_2">alot</span> to write about but no <span class="blsp-spelling-error" id="SPELLING_ERROR_3">login</span> :(<br /><br />Anyway we have a new web site (<a href="http://www.komodia.com/">http://www.komodia.com</a>) and I think the design is very good, now I'm working on getting some more links and articles, there are some crucial keywords which the site is not ranked in the top 10 and because <span class="blsp-spelling-error" id="SPELLING_ERROR_4">Winsock</span> <span class="blsp-spelling-error" id="SPELLING_ERROR_5">LSP</span> is a niche I know it's possible to rank the site quite high for <span class="blsp-spelling-error" id="SPELLING_ERROR_6">LSP</span> keywords.<br /><br />Some technology update, there's a new version of the HTTP sniffer <span class="blsp-spelling-error" id="SPELLING_ERROR_7">comming</span> out (<a href="http://www.komodia.com/index.php?page=sniffer.htm">http://www.komodia.com/index.php?page=sniffer.htm</a>), total rewrite of the first version, new version is fast, robust, stable and works like a charm, and on top of that I will add <span class="blsp-spelling-error" id="SPELLING_ERROR_8">Firefox</span> support so the new sniffer will support both IE and FF.<br /><br />I have some thoughts about creating a retail version of the sniffer with many retail features to sell, I'm not sure though, what I do know that if this comes to be, I'll hire some outsource to do the GUI, my GUI abilities are minimal functional at best :-)<br /><br />That's it for now,<br /><span class="blsp-spelling-error" id="SPELLING_ERROR_9">Barak</span>Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com1tag:blogger.com,1999:blog-1648489204673161577.post-5610188688525495002009-01-13T20:57:00.001-08:002009-01-13T21:10:15.230-08:00SupportSupport is very essential for the client, specially with complex code and SDK and nothing is more frustrating then paying money for something that doesn't work or doesn't work as it should.<br /><br />Recently I had two cases which I was the client and I needed the support.<br /><br />First story is that I bought an SDK for 100$, the guy on the other side answered my questions prior to the purchase, basically he said - you won't get any support, you're on your own, I decided the amount was worth the risk and I bought the SDK. After I inspected the code therally I discovered a pitfall that meant I can't use the SDK - ofcourse this wasn't mentioned before anywhere and for 90% of users this will be ok because they will never link the problem I discovered to the problems they will experience. Well the guy said that there won't be any support and the amount isn't worth my time asking my money back, so I consider this a teaching experience, how to not act toward my clients.<br /><br />Second story is of a special piece of code I purchased that was written specially for me. I discovered a bug in the way the program was behaving and I asked the guy to help me tracking the bug, he said there's no bug, it works great for him and the problem is on my end. I know there's a bug in his code and I can't roll the problem to my clients because I want them to be 100% satisfied - so I say for two hours and debuged a code that isn't mine, I ran two sniffers, wrote custom logs and found the problem and fixed it, indeed it was a hard bug to find however it was exactly the kind of bug I suspected it was and I mentioned it to the guy that said, it works great for me. Again I consider this a learning experience, my clients got a great product and I learnt new technology on the way.<br /><br />Good news is that our <a href="http://www.komodia.com/index.php?page=ssl.html">SSL hijacker</a> has entered beta stage and is now working quite good, some fixes are still needed to make it work great but that's quite an achievement, specialy that there's no other product on the market that does that, without alerting the user that is.<br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com5tag:blogger.com,1999:blog-1648489204673161577.post-51563184714078139602008-12-10T17:22:00.000-08:002008-12-10T17:25:51.227-08:00FinalyAfter two years of planning, researching, working on other things I finally released something I wanted to release: <a href="http://www.komodia.com/index.php?page=sniffer.htm">"Free SSL sniffer"</a>. The night I worked on it I decided that I will release it nomatter what, I worked until 7am and when I had something working I uploaded it to the web, that was a long night.<br /><br />The next day I smoothed some roughed edges and went on submiting it to freeware directories. I also made a movie showing how I manage to redirect HTTPS site to another, but meanwhile I don't publish the movie.<br /><br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com2tag:blogger.com,1999:blog-1648489204673161577.post-71975189938862216332008-11-24T19:16:00.001-08:002008-11-24T19:25:57.375-08:00Three new releasesToday was an extremly busy day, I release three new open-source projects to the world which meant, packaging, writing html pages, pdf guides, nothing that is really programming :)<br /><br />The releases are:<br /><br /><strong><a href="http://www.komodia.com/index.php?page=tcpip51.htm">TCP/IP Library V5.1</a></strong><br /><strong></strong><br />New features are two classes that implement asynchronous TCP encrypted by SSL using <a href="http://www.openssl.org/">OpenSSL </a>(I wrote about it in my <a href="http://barakw.blogspot.com/2008/11/ssl-over-tcpip.html">first post</a>) and asynchronous TCP encrypted by <a href="http://www.schneier.com/blowfish.html">BlowFish</a> algorithm.<br /><br /><strong><a href="http://www.komodia.com/index.php?page=AhoCorasick.html">Aho-Corasick search algorithm</a></strong><br /><strong></strong><br />This is one of the best multiple string search algorithm, me and my friend Eyal brainstormed about string search algorithms for parental control, my old algorithm was unefficient, something in the likes of O((k^2)*log(n)), k - number of letters in the searched string, n - the number of words in the dictionary, and now with the new Aho-Corasick algorithm it dropped down to O(n+k), k - number of letters in the search string, k - longest dictionary word length, quite a difference :)<br /><br /><strong><a href="http://www.komodia.com/index.php?page=KomodiaRelay.html">Komodia's Relay</a></strong><br /><strong></strong><br />This is an open-source relay that I release a long time ago, I decided to post a compiled version of it today after I used it myself to simulate port-forwarding on my machine to allow a friend to use SSH to connect to a VM linux machine (to test a new project of mine)<br /><br />This was a long productive day, I'm very happy :)<br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com23tag:blogger.com,1999:blog-1648489204673161577.post-77897059730714193172008-11-11T20:04:00.000-08:002008-11-11T20:13:50.808-08:00Marketing<p>Good news, I just finished the newest class that I'm going to publish as part of V5.1 of the TCP/IP library, a symmetrical encrypted socket. I'm using the Blowfish algorithm, since I have a very easy implementation class of this encryption and there aren't any export restrictions. Before using this class I thought of using CryptoPP (<a href="http://www.cryptopp.com/">http://www.cryptopp.com/</a>) however the "release" version of this library is 18mb which was a big no for me.</p><p>There are two kinds of products that you can market, products with existing markets, and you only need to be better than the competition and products without a market, which means the market is new and you will have to let the market know you exist.</p><p>Lets take a case scenario, my friend Zak product (<a href="http://www.reimage.com/">http://www.reimage.com</a>) is fixing the XP OS. Suppose he will want to market his product, he will need to advertise the same way as his competition is advertising, a good keyword to advertise with would be "XP Repair". I want to advertise my Komodia Redirector (<a href="http://www.komodia.com/index.php?page=redirector.html">http://www.komodia.com/index.php?page=redirector.html</a>), which words to use? How do I reach my target costumers? There's no competition, my product is the only one that is on the market. The way I currently market it is by bringing people into my website for information about components that such a product will use, e.g. suppose you come to my shop and buy an engine, gear, oil, fuel, I can assume you want to create a car, so when people come to my site and look for LSP, the Redirector will probably be a product that they will be interested in.</p><p>Barak</p>Barak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com6tag:blogger.com,1999:blog-1648489204673161577.post-70974359996885275282008-11-09T14:10:00.000-08:002008-11-09T14:35:56.230-08:00In love with my codeA problem I've been having for a long time is the fact that I "fall in love" with my code. I consider myself as an artist and my code as my art, the problem arises when I'm choosing a path based upon the code I'm going to write, usualy I find a certain technology more appealing to me and I use it but sometimes the time to finish that piece of code will be longer then it would if I had picked another "less sexy" technology. As I grew up and matured I looked back to the times I made choices which today looks like a complete waste of time, I don't regret these choices because I learned new technologies which I wouldn't learn otherwise.<br /><br />As an army programmer and as a programmer working as an employee in another company which I was after my army service was over - making such "mistakes" doesn't cost you money, now that I own my own company these mistakes do cost money and avoiding them is a must.<br /><br />I have many conversations with my friend: Zak Dechovich the founder and CEO of Reimage (<a href="http://www.reimage.com/">http://www.reimage.com/</a>) about marketing and time to market, as an ex programmer he understand where I'm comming from because he experienced it first hand in marketing his "XP repair" product. In a conversation we had a month ago I told him that I have a product that is 70% ready that can filter traffic based on keywords, he asked whether I can release something to the market right now? I told him that I can take the redirecting platform (<a href="http://www.komodia.com/index.php?page=redirector.html">http://www.komodia.com/index.php?page=redirector.html</a>) and start to market this version within a week, and so I did, that was a good advise on this part and a wise decision on mine.<br /><br />Today I made another decision, I have core functionality of an "SSL" hijacker which allows me to inspect and modify encrypted SSL data without alerting the browser, however the communication module I wrote which is based on shared memory and named pipes is too slow for me and it reaches a stage that it is so complex that finishing it would take three months. I sat down to see what are my alternatives and found a solution that would enable me to release it in two to three weeks, a good solution that will be more stable then my original one, it's a little "less sexy" but as the artists of the past, I need to walk the fine line between doing my art and pleasing my patron, my patron is the "bottom line" :)<br /><br />I'm happy I'm able to make such decisions because using a simpler and cleaner technologies means a more stable product, which is easier to understand and maintain. My friend Zak quotes civilization IV: "A product is perfect when you can no longer remove features from it".<br /><br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com5tag:blogger.com,1999:blog-1648489204673161577.post-18045904483364665232008-11-05T15:42:00.000-08:002008-11-05T16:02:20.298-08:00SSL over TCP/IPThis is my first post in blogspot, this is not my first post ever, I do have a personal blog written in hebrew in which I'm anonymous, I decided to open this blog to talk about my technical experiences, something I can't do in my personal blog.<br /><br />So without further adieu lets go into the technical nitty gritty :)<br /><br />Currently I'm working on a project that needs to take unsecure traffic on one end, and send this data using SSL to another secure location, the interception is done using LSP and I've decided to use my redirector product (<a href="http://www.komodia.com/index.php?page=redirector.html">http://www.komodia.com/index.php?page=redirector.html</a>) as a base platform. Currently the redirector doesn't support SSL and takes and outputs normal traffic, if the traffic is encrypted it can only redirect it as is, changes will be noted by initiating or ending party.<br /><br />So....I thought, lets change the redirector to output SSL on one end, and since I'm an avid user of C++ design patterns and didn't wish to rewrite the "redirector" or refactor the entire code base I've decided to create a socket class based on my TCP/IP library (<a href="http://www.komodia.com/index.php?page=newtools.html">http://www.komodia.com/index.php?page=newtools.html</a>) CTCPSocketAsync. Naturally I thought of OpenSSL as the library to use, I researched if it's possible to use asynchronous sockets and OpenSSL and I came across this nice project (<a href="http://www.lenholgate.com/archives/000456.html">http://www.lenholgate.com/archives/000456.html</a>) that included a source code of SSL using asynchronous sockets based on MFC framework (something I try to avoid, which made me start writing the TCP/IP library back in the days), but it gave me a good start to learn and understand how OpenSSL operates.<br /><br />I started with compiling the OpenSSL, it wasn't hard, I still remember the time it took me to compile Mozila/NSS platform, arghhh, I used this nice guide to help me (<a href="http://www.devside.net/guides/windows/openssl">http://www.devside.net/guides/windows/openssl</a>), then I assembled OpenSSL code on top of a new class called CTCPSocketAsyncSSL (how original), at first some concepts in the sample I learned from weren't clear, however after debugging my code I understood what and why. I took a different approach then the sample, I like to keep infrastructure operations and I count SSL handshake as such, under the hood, if the user wants to do something with that, I allow it, but for most users they don't really care, all they want it Send/Receive and that's it.<br /><br />After two nights and 1500 lines of code, I got the class to work as SSL client, and I will finish the class tomorrow to be a SSL server as well. After I got the class working I was excited because I'm planning to release version 5.1 of the library and as far as I know there aren't good open source asynchronous socket soluttions (I don't like GPL because it hinders you, you can't use it in commercial applications!) and of course other solutions cost money. V5.1 is going to change this, I think I will release it in one or two weeks, still got to finish some other work before I can dedicate the time needed to release the new version.<br /><br />So now what? I will incorporate the SSL code into the redirector and then I'll see which SSL solution I will deploy on a Linux machine, would it be perl script or Squid proxy server?<br /><br />Until next time,<br />BarakBarak Weichselbaumhttp://www.blogger.com/profile/03708363135844299469noreply@blogger.com9