TransferMe!

A great deal was accomplished this week, we have finally chosen a name, TransferMe! We are hoping to get the URL Transfer.me but it’s unclear whether it is available. The team agreed that this name is equally descriptive of the product, short enough to remember, and rolls well off the tongue. We used our Trello board to brainstorm names and this is the one we collectively decided on. We have started using our communication platform Teams and Trello collectively. Turns out, the Trello board has an extension for Teams that allows us to do everything within the Teams app. I’m loving the setup so far!

The First Conflict

This past week we developed some of the project requirements. We had a team assignment that required us to write a 2000-4000 word document that described goals needed to complete the project in more detail. This also required that research be done on different frameworks and technologies we will use, as well as brainstorming some UI concepts and overall flows of the program. We encountered our first minor ‘conflict’ as a group, at least it was a conflict in my eyes; but I am proud of the way we handled it. I sent out a message to the Team 5 days prior to the due date about collaborating on the document and long story short, I received no response until 2 days prior to the due date. I stated that we need to communicate better going forward, and coordinated a meeting time to go over some of the group decisions, in the end I think we all contributed to the assignment equally and we will be a better team going forward because of this!

Moving Forward

After completing the project documents, we are onto the next iteration of planning. We scheduled a meeting and discussed some of the technologies we will need to use for the project. To me, the most daunting part of the project isn’t writing the code, but knowing where to begin and what pieces of the project to work on first. During the meeting, we discussed the cryptography method we plan to use, as well as the database, the framework, the source control, and the IDE we will be using for the project.

For cryptography, we plan on using Diffie-Hellman Key Exchange and ElGamal. We are hopeful that we can use Diffie-Hellman once to establish a secure connection between two people, then on future transfers, we can use ElGamal to achieve adequate security and efficiency. I’m sure there will be challenges as we implement this, but we plan to use a Framework called BouncyCastle which has a highly regarded cryptography library for C#, the language we will be using for the project.

For the database to store files, one of our team members is familiar with an open source database platform called MariaDB. MariaDB acts as a MySql databse so the language will not be difficult for newcomers to work with assuming they have had a small bit of Sql experience (which I have)! The framework, as discussed in the previous blog will be Blazor, a C# web framework that will allow us to build our site using WebAssembly. WebAssembly will be beneficial to us because all C# code is run as assembly language locally on the system. This makes for a fast, responsive web page as well as generating code that is not viewable in the devtools in the browser.

For source control, we will be using Git and GitHub to manage our project. I’m really excited to work with multiple developers on a large scale project. As of now, I’ve only used source control for projects that I have been the sole developer. I can imagine on a large scale project with multiple developers, things could get complicated if not everyone is in agreement with how to use the product. Once we get the development environment setup we will have to have another meeting to discuss how we will utilize source control in the most efficient manner. The IDE we will be using is Visual Studio. This seemed like the simplest choice since the program, the framework, and the language are all written by Microsoft. I believe this is the best choice.

What’s To Come

Our next assignment for the course is an individual assignment, but will aid in a better understanding of the different technologies we will use. This is the first time we will begin setting up the development environment together. I will plan to try coordinating a meeting with the team to discuss who wants to work on what. What I think the team needs most is to develop some type of diagram that will give an overview of the different components and their functions. Something like this diagram, but with specs relevant to our project.

I’m hoping that soon we will all get the development environment setup, a diagram drawn, source control established, and have a final meeting so that we can really start planning the development of this project. I get the feeling it may take longer than we expect…

Name TBD

This week, we had their first two meetings with both of our project sponsors. A bit unexpected, but our project sponsor was a former student who completed the entire project last year. The project was intended to be taken down but was not. Long story short, my team will be recreating the same project from scratch! We will be modifying the project requirements slightly, but the main concept will still be the same. Since the project sponsor was a former student who was not expecting to be a sponsor, we will be working partly with the student and partly with our instructor throughout the year. The good news is we have more flexibility in what we create. The bad news is, we have to start completely from scratch. Now, we must also come up with a new name for our project. Hence the title of this blog post, Name TBD.

First Impressions

Our first meeting was with the former student who initially proposed the project. Thankfully, they were kind enough to assist us in developing project requirements and even offered to help us if we got seriously stuck. They gave us beneficial advice about using trusted cryptography libraries, so we do not have to reinvent the wheel. Our sponsor also gave us advice on a specific framework for .NET and WebAssembly which they used in the project. The framework is Blazor. This framework is intriguing because it enables us to use mostly C# for web development. With traditional web design, the languages used are mostly HTML, CSS, and Javascript . While there will still be a need to use some of the traditional web design tools, using a framework like Blazor will give us increased flexibility which will allow us to spend more time learning the C# language and the .NET framework.

Second Impressions

Out next meeting was with our professor, Bill Pfeil. We went over the project requirements and stretch goals. Which as of now, are:

Project Requirements & Goals

Bill gave us solid feedback on the project scope and encouraged us to accomplish the stretch goal peer-to-peer transfers. Overall, he though this was a great project choice for a senior project. My teammates and I have some background in security which makes us ideal candidates for this project. As it stands, it appears I have taken the most security classes, being the only one who’s taken Cryptography, Defense against the Dark Arts and Intro to Security at Oregon State. I am excited to apply some of the theoretical knowledge I learned in the Cryptography course into this project. Specifically the stretch goal of implementing Diffie-Hellman key exchange.

Next Steps

The next steps I’m hoping to accomplish with my team is to start developing a UML-like diagram to outline the different components of our project. Since most of us have not worked on a project with this big of scale, I believe understanding how different components of our software will interact with each other will be critical in maintaining good development speed. We also need to further define our project requirements down to the small details and start thinking about other questions we have. I’m hoping we can start development sometime around the end of winter term. If we can get an adequate development plan in place, we may even be able to begin work during winter break!

The Beginning

The time is finally here! I have been assigned my senior project! I’ve been excited and anxious for this time since I started at OSU 2 years ago. At this point, being nearly done with all my classes, I’m mostly excited. My team and I will be working on rewriting a website called Crypter. Crypter is a free encryption platform that allows users to encrypt messages and files, then send them to whoever they wish. The caveat is, the user has to send the decryption information to the recipient manually.

I’ve actually wanted to use something like this in the past but did not know of any viable free solutions. Maybe Crypter can be that solution. I can’t count how many times in the past I’ve looked at job offers or contracts and they require a Social Security Number sent back in a PDF via email. Since email typically uses SMTP, none of this data is encrypted and could be susceptible to packet sniffing. Crypter could be an answer to that problem.

Another benefit of Crypter is that it doesn’t require an account and it is very simple to use. If anyone reading wants to try this out, feel free. Just head over to https://crypter.dev and test it out. The process is very straightforward and doesn’t require any sign up. To encrypt files:
1. Choose a message or file to encrypt
2. Select Encrypt
3. Copy the link and the decryption key
4. Send to the recipient or decrypt it in a different tab.

Here are some snippets of the process

After selecting “Decrypt your message” Crypter shows the original message, as long as the decryption key was correct.

Why Crypter?

I selected Crypter as one of my top options because I am excited to learn more about the .NET Framework, and I’ve also taken several classes in the security realm. .NET development excites me because I believe it will become increasingly in demand for software developers in the future since it is so simple to install and run applications on any system, as long as they have the appropriate .NET framework version. I know several colleagues, friends and acquaintances who work for organizations using almost strictly C# and the .NET framework. In my career, I’ve had the opportunity to develop a few small projects in C# and have gotten to see the benefits of .NET but I’m hoping to become more proficient going forward.

During my time in IT, I’ve gotten to explore various aspects of computer security which has always been fascinating. More recently, I’ve taken cryptography, along with other security classes at OSU that I feel will be helpful when working on the implementation details for this website. In my career, I’ve seen sophisticated malware, seen how YARA signatures are created to protect against malware, and most importantly for this project, how files are encrypted and decrypted using certain cryptographic functions.

Questions & Ideas

Currently, I have a few questions that I hope can be answered during our first few meetings with our project sponsor. The first one would be knowing what encryption scheme is used to encrypt the message and is it collision resistant? The other, which isn’t necessarily a question about Crypter itself, the user has to share the key with it’s recipient, how can they do that in a safe way? Maybe a solution could be: once a user creates an account, there could be an encrypted messaging platform, so the user could have a seamless experience sending the message to it’s recipient. As of now, I could see someone encrypting a message, then emailing or sending it using another chat form that is unencrypted, which completely defeats the purpose. This isn’t an issue with Crypter in itself, but I’m curious what the ideal flow would be for a user.

I’m excited to keep this blog updated as I work with my team to develop solutions and get some of these questions answered! See you next week!

It’s All Coming Together

I am finally near the end of my education! It’s been a long and challenging journey. It started as a carefree high school graduate with no direction, motivation, or inspiration. I went to community college only because it was the thing to do, and my mom worked there so I got free tuition. If it weren’t for free tuition, I may have never gone to college.

What did this lead to? Me wasting my time, not putting in effort and getting sub-par grades as I did in high school. However, I had always had a passion for computers. Whether it was fixing computers, learning about software, or playing games. This led to me getting a job working computer sales at Best Buy; which further sparked my interest in computers.

During my 3rd year at Community College, I took an intro to Computer Science class. My Professor, Andrew Scholer, inspired me to dig deeper into computer science and the thought of building software with computers became exhilarating to me. It was also at this time that my mom stopped working at the college and I had to pay full price for tuition again. Ironically, this was one of the best things that happened for my education. It forced me to take my education more seriously since it wasn’t being given to me.

Coming to OSU & Advancing my Career

Fast forward two years and I have finally finished my associates degree in 5 years. Not great, but better than not finishing it at all. I was proud of myself. I was hoping to get a bachelors in computer science but I was unsure where to go after my associates. In my heart, I wanted to go to OSU but my GPA was too low to get into pro school. I had somewhere around a 2.7 after finishing my associates. Luckily, OSU decided to drop the pro school requirement right when I was looking to transfer. I was able to get accepted into the CS program and have a fresh start!

At this point I had advanced my career at Best Buy and was working as a repair technician at Geek Squad. It was inspiring seeing some of the crossover between the computer science I was learning at school and some of the systems I was working on at work. I started playing around with scripting in Bash and used some scripts to automate some of my work when I had to repair Apple systems. This is when I truly started seeing the value of computer science in practice.

No More Free Time

During my college career, I had been working full time and doing school part time. I thought that starting at OSU would be a good time to put all of my focus on school. So I decided to take one term of 16 credits. It was nice only working 10 hours a week, but the commute from Salem to Corvallis was very taxing. I also found that I spent most of my time trying to get everything done on time instead of immersing myself in the course material like I wanted to.

For this reason, I decided to take a different path and started looking for a new job so I could go back to part time school. I was hoping to find a job that paid better. One where I could apply my computer science knowledge and support my growing family. I initially got a job as a technician for the state of Oregon and worked there for a year. Eventually I moved into a more open ended role at a local business. I felt this new position would be a better opportunity to grow my career.

In my new role I’ve been able to apply programming experience by doing some scripting and system administration with PowerShell. The culmination of my job and education experience has made learning new technologies much easier. It feels like things are all starting to come together. It was difficult leaving a stable job with fantastic benefits, but I believe it was the right choice. Time management has been very difficult though. Working 45 hours per week, making time for my wife and seven month old, while taking 8 or more credits has been challenging.

The Coming Year

This will be the 8th, and possibly final year of my education. This journey has taught me the importance of hard work, time management, and dedication. At OSU I’ve been able to keep my grades over a full point higher than in high school and college. For me, all it took was some motivation and direction. For my capstone, I am hoping to get a project where I can utilize the teamwork skills I’ve learned while working in IT, as well as the programming skills I’ve learned at OSU. I am excited to work with a team to build a project that is something we can all be proud of!

Cheers to what should be a great year!