Wednesday, April 8, 2015

No bullshit approach to training deep conceptual networks with pierogis.

Disclaimer: This is a draft version of the publication. Grammatical and errors of high dumbness values are expected. Any suggestions welcome. 


It has been known for a very long time that polish pierogi are the best.
Many researchers have attempted to improve the quality and taste,
never the less we prove in this publication, that true polish style
pierogi are undeniably superior.


Polish style approach to making pierogi can be decomposed into Implementation, Compilation, Execution and Results Gathering phase. The following sections describe all of the phases. Total execution time of the algorithm is about 4-6 hours, so it is advised to preprocess the ingredients and store in cache and then dynamically load the results just-in-time.

Related Work

The were many attempts to make pierogi. Especially popular approach in USA is making pierogi with potato and cheese. They are all inferior. 

Problem definition

We want to achieve results from fig. 1 while maximizing the taste and overall experience.
Figure 1: Target result.

Approach: Implementation

First we need to implement various ingredients:

For the filling:
maggi (fig. 2)
0,5 kg beacon
2 cabbages
1 handfull of dried mashrooms
2 eggs
2 onions

For the dough:
1 kg flour (+ 50 % reserve)
1 glass hot water
1 teaspoon salt
3 teaspoons vegetable oil

Final touch:
0,5 kg bacon
Figure 2: Maggi - can be found in many Asian markets in USA, it's quite common in Europe.

Approach: Compilation (filling)

Next we need to compile ingredients.

First and foremost cabbage must be cut in 2^2 (recommended) or 2^3 pieces and boiled for about 30 to 60 minutes depending on environment and compiler version.

Figure 3: cabbage being boiled
Then cabbage must be sequeezed out until it has almost no water (pro tip: trap it in a cloth and rotate progressively reducing trap's volume). Compile the cabbage and cut into very mini batches.

Mushrooms should be soaked in water the day before. Also cut in very mini batches.

Finally project bacon onto 3D grid (cubes of side 5mm):

Figure 4: 3D grid projection of bacon and onions.
Union the onion and bacon projection in Pan and apply simulated annealing until crispy. Mix with Cabbage and mashrooms.

Finally apply grid search over values of salt, pepper and maggi. Apply bias correction to maggi, because the taste will become less intense after execution (do overshoot!).

If and only if the grid search has finished, add 2 eggs (grid search will be disabled after that procedure since raw eggs pose a security threat to our system).

Final effect should look somewhat like fig. 5.

Figure 5: compiled filling

Approach: Compilation (dough)

For the dough compilation we will need a lot of clean memory on our table. First we save 1kg of flour on our table and form a heap, with special area of memory reserved in the middle. We put two egg yolks in the middle together with teaspoon of salt and and 3 tablespoons of oil. Snapshot of memory layout at this stage is presented on fig. 6.

Figure 6: Compiled heap data structure.
 Now we come to the hardest step of compilation - optimization. Everybody knows that compiler optimization is the toughest part. We need to optimized the dough until it has the right fully-elastic and strictly-convex form like on fig. 7.

Figure 7: Optimized intermediate representation of the dough.

Approach: Compilation (final stage)

In this stage we compile intermediate representations of the dough and filling to platform dependant pot-friendly form. 

First we need to project the though onto a plane like (fig. 8).

Figure 8: dough partially projected onto a plane.
Then we apply variance-bounded gaussian clustering onto the projected dough and then we map the subsets of filling onto corresponding clusters. 

Figure 10: subset of a filling mapped onto a cluster
Figure 9: clustering of the though

Finally we apply Foldows-Forker transform to compress the clusters into pot-friendly form.

Figure 11: Preparing final executable form of pierogi.

Approach: Execution

We take compiled pierogi and we execute them in boiling water. After the pierogi emerge on the surface on the water, we exponentially backoff for approximately four minutes (assuming the dough was projected onto thin enough plane), potentially more. 

Approach: Results collection

Resulting data should be collected on a plate and annotated with fried 3D grid projected bacon. Final version stored to desk/table should like like on fig.1


We have managed to implement the real world version of pierogi. Our results are summarized in table below.

Attempt Results
Walmarts Pierogi Terrible
Random polish guy's pierogi Poor data quality
Minced-meat pierogi Disgusting
Our pierogi Vastly superior
Table 1: Comparison of various pierogi making approaches.


Polish pierogi are the best.

Appendix A: Failure modes

Failure mode A (timeout errors):
In order to ensure results are collected before time X, the pierogis should be precompiled and executed at time X - 30 minutes

Failure mode B (undercooked pierogi):
Apply better projection algorithm when compiling though. Alternatively increase exponential backoff during execution.

Failure mode C (neutral taste):
Add more maggi!

Thursday, May 22, 2014

Exploring limits of covert data collection on Android: apps can take photos with your phone without you knowing.

SHORT VERSION: Android apps can take photos with your phone in background phones without displaying any notification and you won't see the app on the list of installed applications. App can send the photos over the internet to their private server. You can also find video with demo in this post.

Introduction (camera)

I discovered this almost by accident while doing a team project for a Computer and Network Security course at my university. The project suggested by college of mine (Predrag Gruevski) was mostly about using cameras on PC's without turning on indicator light. There were already promising findings in this field (iSeeYou paper discussed doing so on old Mac models). Since the project was relatively general each of member of our team took different approach. I initially started with low-level USB hacking, but despite genuine efforts I found nothing really interesting. Further experiments seemed really boring to me, because they in general involved trying various different cameras and hours of starting at LED light hoping the camera light won't blink.


I switched my focus to Android. Initial research was promising. There are many apps on Play Store (if you are iPhone user think App Store) that aim at taking pictures without any visual indication (ACLU-NJ Police TapeMobile Hidden Camera and more) but from what I found all of them require app activity to be visible and phone screen to be on. Some of them manage to record video without visible preview. 

Technical Details

What I wanted is to take pictures without user knowing, but at any time, not only when the app is on. I started googling and first thing that I found is that using Camera technically requires a preview to be displayed on screen in order to take video, but background services do not have associated visible activity. But let's not get discouraged an keep trying. I wrote a small camera app for my Nexus 5. My first approach was to create a View object that is not attached to any activity and feed preview to that object. That fails (I literally get "take picture failed" exception). The I remembered something that later turned out to be very relevant. Facebook messages draws to the UI, even when the app is not technically running:

This turned out to be indeed the right track. I attached preview to the screen from the background service and indeed I was able to take a photo! This is not yet ideal - the preview is visible on the screen user can clearly see that something is going on. But then I tried to remove it. Here's a list of approaches:

  • Make preview invisible - failed: Android just ignores this setting for preview
  • Make preview transparent - failed: Android just ignores this settings for preview
  • Cover preview by another view - partially failed: the view on top is still obstructing the screen
  • Make preview 1x1 pixel - successful
The result was amazing and scary at the same time - the pixel is virtually impossible to spot on Nexus 5 screen (even when you know where to look)! Also it turned out that even if you turn the screen completely off, you can still take photos, as long as the pixel is still there. 


If you cannot see this video here's a direct link:

How can you protect yourself form malicious apps?

If you are as disturbed by this find as I am you will start asking what can we do to avoid such situations. The bad news is that it's kind of a cat and mouse game - no matter how hard you try attackers can find more ways to obfuscate malicious activity. The good news is there are some ways that seem (at least given my current knowledge hard to circumvent:

  1. Pay attention to permissions (for example does Simple Notepad* really need access to your camera?)
  2. Keep your Google Account secure - if somebody can access your Google account they can install apps on your phone remotely without you approving it! Set up two step verification. Change your password from time to time. Set up secure password
  3. Uninstall unused apps. 

    battery                    internet
  4. High battery consumption (settings -> battery), and high bandwidth (settings -> data usage) are potential culprits

  5. Look at the background services that are running (settings -> apps -> running) - does Simple Notepad* really require background service
  6. Swiping app out of application list does not switch off background services (if you want to completely switch it off go to App Info (long press app icon inside menu and drag it to app info section) and click force stop - this ensures no background services are running. As @LB points out "force stop" effect is not permanent (technical: The service can be started again by registering and receiving an intent). 
*Simple Notepad is a made up example - I am not referring to any app in particular.

(hopefully constructive) criticism of Android design decisions

Let me start by the fact that I really like Android SDK (maybe except the fact that it's Java - but I understand the logic behind that decision). It's nice because it gives a developer a lot of power. There are just some things that are possible on Android that simply would not be possible on other platforms.

However given the fact that privacy is recently more and more of a growing concern, it would be nice to adjust accordingly. In my opinion privacy can be achieved by transparency without sacrificing comport. I could imagine use cases where I want app to take photos from background service. But I think it's inexcusable that user is not notified about this face. Android has a very nice notification bar. Users are very used to it. Why not make a use of it here. Same goes for sounds recording location recording etc.

Another thing I think Android team should look into is modern security research. There's lot of ways of using data without direct access. Very simple example would be that can send emails to users without learning their email address - with Google acting as a intermediary.

All of those suggestions can be summarized in on sentence - please put more effort into ensuring users' privacy. 

Monday, July 29, 2013

Trip to Hawaii (part 2)

Day 3 - flight to Maui

Early in the morning we went to give back our car to Enterprise and went by taxi to the airport. Our taxi driver turned out to be an ex Vietnamese War soldier. Apparently there's lot of them in Hawaii and they spawned quite high percentage of current population there.

Flight to Maui was very short and comfortable, Hawaiian Airlines rules! In the plane we learned from the newspaper that some people in Hawaii make their living from searching for wedding rings and other jewelry on the shore using a metal detector. The one that was interviewed by a newspaper claims that he tries to find the owners first at local hotels (but does he?). We got some photos of both islands from bird's-eye view:


Maui (can you see wind turbines?)

We got to Hawaii and having learnt from our mistakes we got a car immediately. We drove to the city where we stayed (Lahaina). On our way we saw marvelous views, example:


Upon arrival to the hotel we were greeted by an extraordinary nice french lady, that explained a lot about what we can see in Maui, asked us about our plans and borrowed us Maui travel guide. 

We dumped our stuff in the room and went to restaurant near the hotel (for which we got 15% discount from the hotel lady). 
We ordered what was listed in a menu as "Today's catch". It was really tasty, but quite expensive. Which eating we notice we start to sweat. Maui was much hotter than O'ahu. My personal hypothesis: Maui is a much wilder island and there's not so much carbon dioxide emissions, so the sun is not blocked. 

We took a short walk along main street in Lahaina - there was a lot of art galleries, organized tour stands (btw. some of the tours had very weird age requirements - the minimum age of 30 years old - especially the ones called swimming with dolphins). We also saw Chinese art museum which also had cinema room showing 40s movies of Tomas Edison:

At the end of the street there was a Forrest Gump themed restaurant:

After that we decided that we will end the day by just snorkeling on some beach. After short internet research we chose Kapalua bay, which later turned out to be an excellent choice. The water was crystal clear, there was almost no people, small waves - ideal for snorkeling. We saw plenty of sealife: crab colonies on the stones near the shore, large schools of big and colorful fishes further from it and finally as we were just about to leave the beach we saw giant 1-1.5 meter long turtle! It was very friendly and it was not swimming away even when we got close to it and touched it. Also which we were swimming we saw a Hawaiian wedding on the beach!

We ended the night by going to another local restaurant where we ordered cookie pizza and a milkshake.

Day 4 - way to Hana

The day before while walking around Lahaina we noticed some people trying to sell this t-shirts:

Naturally, we decided to go for it. The road was awesome. It felt like need for speed game. The views were spectacular and we had a few interesting stops on our way. I loved it. Agnieszka not so much:

Also here are some of the views we saw on the way:

Our first stop were beautiful private gardens, that somebody decided to make available for public, but places smoothie and fruit stand at the entrance. It sounds like the business is great all the time we same them they were busy serving customers. We ourselves ordered an pineapple smoothie and it was delicious.

 We walked on short 1 mile trail inside the garden and while the trail itself was interesting...

...the final attraction was amazing - the twin waterfalls:

Next stop we attempted to visit local lava cave (which as we learned is owned a one person and he makes my out of it by lending flashlights) and botanic garden, but first one was too much time, second one was closed. 

We also visited local airport near Hana, but it wasn't too exciting:

On our way we noticed a lot of fruit stands, which would be boring on it's own if not the fact there was no person guarding it. You just come take fruit, put money in the box and leave. That would definitely not pass in Poland :)

At that point we decided that it would be nice to swim a bit, so we headed for the interestingly named black sand beach. We weren't dissapointed - it was a beach and the sand was black. I also personally like the strong waves - stronger than any other place in Hawaii that we visited:

That and getting some gas in Hana was one of our last stops after which we decided to head back after getting some gas and buying a dragonfruit:

 Not to repeat the way we decided to go south of Hana. The way was much more curvy and wild and also as we later learned much more dangerous due to falling rocks. To add to it when it rails the rocks usually fall down and block the road (as we later that day learned from the local taxi driver) and while it was raining when we drove there, nothing like this happened to us. 

On our way back we passed a road that is periodically closed due to river that sometimes appears. We also almost hit some animals, which we frequently passing the road and almost invisible at night. 

We finished out day by ordering a Hawaiian Plate at Da Kitchen Cafe in Kahului, which despite good opinions on yelp we did not like. In town they had a festival, but sadly it finished before we arrived.

Day 5 - the volcano

In the morning we checked out of the hotel and we proceeded to visit a volcano. The way to volcano was awesome and so were the views:

For some reason it is very popular there to bike down the way from the top of volcano:


At the very top it looked like mars surface you see in the movie - large plains of red stone. There was also an astronomical observatory, which was apparently due to its remote and high location one of the best ones in the world:

After staying for a short while on the top of the mountain, we headed back to Enterprise to give back our car. Rest of the day we spend walking around Kahului. Started with a walk along the beach, where we saw a lot of kite surfers:

When we got to the downtown, we went to Thai Restaurant, we tried to mail some postcards, but Post Office was closed. We ate some homemade pineapple icecream - the best icecream I ever eaten in my entire life. After that we tried to sunbathe for a bit, but the sun was hiding behind the clouds.

So we went back downtown and watched a movie - Pacific Rim - it was very bad and nobody should ever watch it. After the movie we took the cab to the airport and flight back to O'ahu, spend the night on the airport and flew back home.

In general the trip was amazing and I highly recommed it to anybody. If I were to change one thing I would chose less known island to visit, because it seemed like the less known it was, the nicer it was to visit.

The end