👨‍💻

Recently, I've been spending a lot of time thinking about Android app performance, specifically regarding network requests. Developers working on mobile apps are allowed a lot more customization for low-level details (for example, we get to customize our own network stack!) but in exchange, we must plan for our applications to work in some crazy environments. Our users might be on WiFi, 5G, 4G, or even GPRS. They could be sitting in a coffee shop or riding on a high speed rail with their cell service hopping to a new cell tower every 10 minutes. They could even be using satellite if they're sailing on a boat or flying through the air. On top of all this, we need to be able to support everyone using a $100 to $1000 smart phone. Interestingly enough, the conditions that mobile developers have to run their mobile apps in is actually reminiscent of the conditions that botnet developers have to run their malware in! The Mirai botnet malware ran with a tiny memory footprint, a tiny e...

I was looking back at Computer Networking: A Top-Down Approach  by Kurose and Ross, a textbook I used for CS145 , (shoutout to Professor Yu who is a really excellent professor) and I noticed this excerpt from the chapter called "Networks Under Attack": Most Internet DoS attacks fall into one of three categories: Vulnerability attack. This involves sending a few well-crafted messages to a vulnerable application or operating system running on a targeted host. If the right sequence of packets is sent to a vulnerable application or operating system, the service can stop or, worse, the host can crash. Bandwidth flooding. The attacker sends a deluge of packets to the targeted host―so many packets that the target's access link becomes clogged, preventing legitimate packets from reaching the server. Connection flooding. The attacker establishes a large number of half-open or fully open TCP connections at the target host. The host can become so bogged down w...