Friday, February 29, 2008

[Wireless] Sprint nosedives! Then, WiMAX???

Sprint-Nextel lost more than 20 percent of their stocks value after it annnounced fourth-quarter earning (or loss?) yesterday. The shares of its WiMAX partner - Clearwire, also dropped more than 10 percent in two days.

Now in market, most wireless firms are betting on 3G wireless networks. Even the new handset player, Apple, is going to launch a 3G-capable iPhone this year. Although 3G system was not deployed as fast as it was expected initially, it finally occupies a part of the wireless market and becomes bigger in years. Although WiMAX is newly designed with more advanced technologies, it may have a disadvantage than 3G in time-to-market.

So, who will drive wireless to the MAX? LTE or WiMAX? I bet nobody can answer this. What we know is: Sprint plans to launch commerical WiMAX service in Q2 2008. Ericsson plans to invest 1.5 billion dollars into next generation wireless systems (LTE or 4G) in three years.

But I'll say, no matter it's LTE, WiMAX or 4G, the winner is always OFDM+MIMO. :-)

Tuesday, February 26, 2008

[Wireless] Free global Wi-Fi network?

Today I read an article "Is a free global Wi-Fi network possible?". It said a company called WeFi is hoping to provide a virtual global wi-fi network which is free to allow every to log on.

Actually, WeFi is not the first one working on this. You can find free Wi-Fi hotspots from some websites, such as, etc. The basic idea of this kind of free wi-fi network is to find unsecured hotspots to access in. However, the distinction of WeFi is that it provides a software that can automatically connect your device to the best available hot spot.So it saves time of switiching among different hotspots if there are some.

Nevertheless, the ratio of unsecured (free) access spots to all spots in a typical area is not as high as WeFi said to be 50 percent. By checking the hotspots map provieded by WeFi, I found this ratio is about 20 percent on average. We know current 802.11 products all support WEP or WPA and the vendor encourage people to set up a log-in password for data protection. Only some businesses (such as Panera Bread‎) may have open wi-fi spots. For individual wi-fi hotspot owner, unless he is generosity and can bear the low data rate as well as the risk of privacy intrusion, he may make his wi-fi open and free. My two cents: just finding and utilizing the existing open wi-fi resources may not make this virtual free wi-fi network long-lived. As a wi-fi user, I definitely hope the Internet access be free. But, I also know another phrase "There is no such thing as a free lunch."

Friday, February 22, 2008

[Programming] Processes (1)

From today, we will digress to processes and threads programming.

One standard definition of process (IEEE Std 1003.1) is, "an address space with one or more threads executing within that address space, and the required system resources for those threads". It's like a circular defintion, because in order to understand this definition, you have to know what are threads first. This may not be a problem for those computer gurus, but for beginners, it's better to find a simple explanation, as follows.

The description of process in wikipedia is easy to understand: an instance of a computer program that is being sequentially executed. Further to say, a computer program is just a passive collection of instructions, while a process is the actual execution of those instructions. This is described from the view of the user. On the other hand, in the perspective of operating system, you can say process is the operating system's basic scheduling unit.

So what elements does a process consist of? It's easy to answer, since process is actaully a program. It contains: program code, data, variables, current context (execution status), working directory, access rights (mode and ownership), memory and other system resources allocated to the process etc. For Linux system, processes may share code and system libraries.

In Linux/Unix, you can
a) start a new process by the system() function;
b) replace the current process with a new process by the set of exec() funtions (execl, execv, execlp etc.);
c) or duplicate a new process by the fork() function.

In practice, system() is rarely used to start new processes, because it invokes the new program using a shell, which may cause security problems. So it's preferable to use exec() and fork(). The difference between exec() and fork() is: fork() creates a new child process which is an exact copy of its parent process, but exec() causes a process to cease being an instance of one program and to instead become an instance of another problem.

The flows of the system(), exec() and fork() call are shown in the following figures.

Thursday, February 21, 2008

[Programming] Sockets programming - multiple clients - prologue


Previously we only talked about a very simple case: the server processes one client's request before accepting a connection to the next client. If the processing time for each client is long, and if multiple clients are coming, then the new clients have to wait a long time to be served. Obviously, this is not a good design for the case of multiple concurrent clients.

Several solutions are used in practice, such as:
1) Multi-process method (forked server processes)
2) Multi-thread method (threaded server processes)
3) Select
4) Poll

The first multi-process method calls fork() to create a child process. The main server blocks on accept(), waiting for a new connection. Once a new client comes in, the server calls fork(), the new child process will handel the new connection and the main server is able to serve other new incoming requests.

However, this method suffers the disadvantage that sharing information becomes more complex (you need to use message queues, semaphores etc), and it requires more CPU resource to start and manage a new process for each request.

The second multi-threaded solution offers the lightweight advantages of the first multi-process method. However, multi-threaded program is not easy to debug.

The third and fourth approaches, select() or poll(), offer a different method to block execution of the server until a new event occurs. They usually only uese one process to serve multiple client's request. The server will not need shared memory or semaphore for different clients to communicate. For example. select() works by blocing until something happens.

Oh, hold on, please. You interrupted me, because you already got lost by those new terminologies, such as process, thread, shared memory, semaphore. Yes, in order to understand those, we need to first learn somthing about process/thread. We will cover this in the next several posts.

Tuesday, February 19, 2008

[Programming] Sockets programming on Linux/Unix

Last time we introduced the fundamental of sockets programming and gave an example (WinSock) on the Windows platform.
In deed, socket interface was first introduced in UNIX. In UNIX, socket interface is actually an extension of the concept of a pipe.
However, sockets are created and used differently from pipes because they make a clear distinction between client and server, and they can implement multiple clients attached to a single server.

Again, let's briefly go over the principles of sockets programming:
1) First, a server application creates a socket using the system call socket.
2) Next, ther server process gives the socket a name, using the system call bind.
3) Then the server process waits for a client to connect to the named socket using the system call listen, which creats a queue for incoming connections.
4) For incoming connections, the server can accept them using the system call accept.
5) When the server calls accept, a new socket is created that is distinct from the named socket. This new socket is used only for communication with this particular client. The named socket remains for further connections from other clients.
6) Once a connection is established, a two-way communication will be available between the server and the client. They can communicate with each other using sytem call read/write for AF_UNIX protocol or send/recv for AF_INET protocol.
7) After communication, a system call close or shutdown is called to release the named socket.

Client side:
1) The client creates an unamed socket by calling socket.
2) Then the client uses system call connect to establish with the server by using the server's named socket as an address.
3) If the connection is accepted by the server, then the client can communicate with server using read/write for AF_UNIX protocol or send/recv for AF_INET protocol.
4) Similarly, when communication is finished, a call of close/shutdown is called.

Here's a very simple example of socket server and client programs.

// Local server

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main()
int server_socketfd, client_socketfd;
int server_len, client_len;
struct sockaddr_un server_address;
struct sockaddr_un client_address;

server_socketfd = socket(AF_UNIX, SOCK_STREAM, 0);

server_address.sun_family = AF_UNIX;
strcpy(server_address.sun_path, "server_socket");
server_len = sizeof(server_address);
bind(server_socketfd, (struct sockaddr *)&server_address, server_len);

listen(server_socketfd, 10);
char s_sendbuf[] = "Welcome to server.";
char s_recvbuf[255];
printf("Server waiting\n");

client_len = sizeof(client_address);
client_socketfd = accept(server_socketfd, (struct sockaddr *)&client_address, &client_len);

read(client_socketfd, s_recvbuf, 255);
printf("Message received from client: %s\n", s_recvbuf);
write(client_socketfd, s_sendbuf, strlen(s_sendbuf)+1);

// Local client

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>

int main()
int socketfd;
int length, result;
struct sockaddr_un address;
char sendbuf[] = "Hi, this is client 1.";
char recvbuf[255];

socketfd = socket(AF_UNIX, SOCK_STREAM, 0);

address.sun_family = AF_UNIX;
strcpy(address.sun_path, "server_socket");
length = sizeof(address);

result = connect(socketfd, (struct sockaddr*)&address, length);

perror("Error:client 1");

write(socketfd, sendbuf, strlen(sendbuf)+1);
read(socketfd, recvbuf,255);
printf("Greeting from server: %s\n", recvbuf);

Monday, February 18, 2008

[Security] Winpcap installation problem: Error opening file for writing c:\windows\system32\drivers\npf.sys

Recently a friend asked me to help him install the winpcap on his computer. Winpcap is the packet capture and network monitoring library for Windows. Some network analyzer (such as Wireshark, the new version of Ethereal) or url sniffer (such as Url helper) need winpcap.

However, my friend got an error when installing the winpcap. He tried both the old 3.x version and the new 4.x version of winpcap, but everytime he got an error message "error opening for writing, c:\windows\system32\drivers\npf.sys". We googled the internet and found many people suffered the same problem and no solution was provided so far. Some people said it's due to the insufficient priveledge of the user account to install a driver file, but my friend's account is the administrator. Some other people said you may need to first delete the old npf.sys in the system32\driver folder and then reinstall it again, but we checked this folder and didn't find a file called npf.sys existing. We also closed the firewall and anti-virus software, but the problem is still there.

Finally, we made another try by copying a virus-free npf.sys from another computer to my friend's computer. Then, we found the reason. The system prompts that we cannot copy npf.sys (34,064 bytes) to npf.sys (0 bytes). But we just mentioned that we already did the check, and we didn't have a file named as npf.sys installed. So the only reason will be: there's a sub-directory called npf.sys existing. We checked again, and Bingo, we got it! There's a directory called c:\windows\system32\drivers\NPF.SYS existing on the computer (notice, it's not a file, but a directory). This NPF.SYS directory is empty and with name in upper case. I suspect there's some other softwares (with high probability to be a trojan or spyware) installed this NPF.SYS directory into the system32\drivers folder (they pretended to be a file of winpcap, then they could capture or sniff your password over the network). Later, it may be removed by anti-virus programs. But, it's not cleaned up, the resudual NPF.SYS directory is still on your system.

In summary, if you encounterred the same question (Error opening file for writing c:\windows\system32\drivers\npf.sys), try to first check if you have a NPF.SYS directory installed under \windows\system32\drivers.