Core S² Software Solutions

Over the last few weeks, I’ve been developing a Minecraft multiplayer plugin. To help testing my code before making it public, I’ve been deploying nightly buildings onto a private server hosted physically right next to my work-desk (no special software, just cron-based SVN updates).

I’m making this server public, along with a paired status twitter account and an online map viewer. Check it out:

• BasicBukkit plugin
• Server Status Twitter page
• Server live-map

Today I learned you really can building computers (or at least calculators) our of almost anything! My next project: build a turing-complete lego machine… (I’m sure it’s been done by now!)

Recently I’ve started working on CoreCodex again; I had to stop at the end of last semester because of school work load. Now that I’m reviewing what I previously wrote, I started to realize I had some smaller security issues, but knew there must be more. No one writes code perfectly without peer-review or at least a good self-review.

Google Gruyere is a powerful little GoogleApp which is a web-security lab taught through the Google Code University. It is similar to a WarGame found on several websites to teach programmers (in this case, web programmers) how to find, break, and fix common security bugs in software. What I find brilliant about this online course is that it is a true “lab”: you can create instances of the target website, attempt your own attacks, and review code as well as implement your own bug-fixes.

I know that at my university, we do not explicitly teach nor even offer a course on web security outside of simple IT / Unix concepts (i.e. user / file permissions with chmod, etc..). I found Google’s Gruyere lab powerful, educational, and best of all: helped me find several vulerabilities on CoreCodex and fix them! Check it out, can you find all the vulnerabilities:

Don’t forget to check out Google University; it has some powerful docs to help out any new and advanced software developer!