Ivan Zorin

Open Source Firmware for Soldering Hardware from Pine64, Miniware/Morningtools, and Sequre.

I joined this project with a couple of patches to improve the experience with my TS80P, but definitely have found way much more than just that, such as a lot of wonderful people & very interesting knowledge from them. Gained skills are (but not limited to):

• getting familiar with STM MCU family;
• researching USB-C & QC/PD protocols;
• FreeRTOS fundamentals;
• Docker basics;
• GitHub Actions under the hood to improve and maintain test & build pipelines;
• coding “tidiness”, implemented & powered by clang-format for C & C++ and by linters for Bash & Python;
• a lot of “glue scripting” between makefiles, JSON configs, Bash, Python & C & C++ code;
• minor refactoring of C & C++ code & adding new features;
• soft skills, to find & develop acceptable & compromise solutions for problems with the community together.

Open Source Firmware for HydraBus — OSHW-based hardware hacking multitool.

I joined this project to improve Makefile since I was curious in a couple of aspects of “tooling” the source code tree. But I ended up maintaining, refactoring & improving scripts in Bash & Python, bringing builds to GitHub Actions and getting familiar with ChibiOS to add a couple of features to the firmware.

Simple Bash-based wrapper-like scripting app for picocom terminal app.

This is one of my little projects which make life easier. I wrote this Bash scripting app since I was getting tired of finding proper full path names for devices in /dev and dealing with serial port configuration for every device I have using serial console app manually to access it. Now after installing picocom, configuring udev & INI-like file for the script once, I can get access to all of my pre-configured devices as easy as $ femtocom DEVICE_ALIAS when any of them are just plugged in.

Tiny & portable fully cross-platform experimental network API library.

This is one of my oldest projects which I still try to keep afloat. The idea is to make busybox/toybox, but for network tools only, so ping, netcat or custom tcpdump utilities could be implemented using this library API with less then ten C calls for major operating systems including (but not limited to) GNU/Linux, FreeBSD, MacOS, QNX, Windows.

This project did help me a lot to learn many network basic technologies and API such as (but not limited to):

• foundations of OSI model TCP/IP network model & common network protocols;
• common UNIX network API: BSD sockets (socket, bind, listen, accept, recv, send);
• GNU/Linux network API: PF_PACKET/SOCK_RAW, epoll, skbuff, netlink, netfilter;
• FreeBSD/MacOS network API: bpf, kqueue;
• Windows network API: Windows Sockets (WSA), NDIS;
• make build systems for major operating systems including nmake for Windows;
• rich C macros to write & build trully portable code without any modding from the side of a library user.

Graphical app to show all the details about a laptop battery in GTK-based GNU/Linux Desktop environments.

This was my very first solo Open Source project which I started from scratch and made it to the first official stable release. This allowed me to get a lot of experience with such things as Launchpad infrastructure, Bazaar, apt repos, deb packages, release cycles, GTK+, Python, PyGTK, D-Bus & UPower, UX & UI fundamental concepts.

Once the app has been tested & released, the project has been frozen since it’s reached its goal and I just didn’t have enough of time back then catching up with transitions like GTK2 ⇒ GTK3 & GNOME2 ⇒ GNOME3.

Researching a multiprotocol USB modem, or Why “S” in IoT still stands for “Security”.

Despite unprecedented security incidents with such IoT botnets as Mirai, there are still many devices whose security leaves much to be desired. And with a very particular set of skills and some luck, an unsafe device can be turned into an “attack vector” for other devices. Sometimes it is not at all necessary to have hardcore skills in hardware analysis and rэvэrsэ engineering.

The talk was intended for a wide range of specialists interested in firmware security. It was overview of the modern device with the hints how to use common software tools to analyze GNU/Linux‘based firmware for embedded hardware.

system/vold patch for backward compatibility of Full Disk Encryption in CyanogenMod 12.1 with 3.x Linux kernel.

I had Google Galaxy Nexus back then, and since I prefer to use my devices as long as they last, I had to build slightly custom AOSP‘based CyanogenMod firmware for my device. But FDE didn’t work properly. I had to trace & triage the root cause of the issue to fix it.

The problem did occur because in system/vold a system call (through device-mapper related crypto API into the kernel space) wasn’t compatible with out-of-dated 3.x Linux kernel since user space code in system/vold relied on more updated kernel versions. Therefore, implementing a workaround patch for system/vold with backward compatibility of 3.x Linux kernel did solve the issue.