Device to apply heat to burn hairs and dirt that clog wheels of suitcases/walkers/strollers/rollators/chairs

Suitcases, strollers, walkers, rollators, chairs and other objects with wheels often suffer from hairs and other dirt getting wrapped around the axles of a wheel, reducing functionality of the wheel, which will run less smooth, or even be blocked. Many objects do not allow easy replacement of wheels or axles to fix the problem. One solution is to mechanically remove these hairs, using scissors, knives or other sharp tools. The drawback of this method is that it could damage the object. Another method is to apply heat to melt the hairs. People have suggested to briefly heat the wheels using a lighter to melt any hairs. The risk is that heat is applied too long and the heat would damage the object. This document introduces a concept of a portable device that would heat a thin metal tip using a battery or other power source and apply heat locally to melt hairs and other dirt wrapped around the axles with the goal to break the hairs so they can simply be removed from the wheels, while not heating up any other part of the object by accident which could damage the object

Using build identifiers to fingerprint ELF binaries and link to build information without having access to source code

Finding out where a software program or library comes from and how it was built without having direct access to the source code is not a trivial problem to solve. While versions of programs can be fairly accurately guessed this is a lot more difficult for build configuration. By comparing build identifiers from binaries of which nothing is known with build identifiers extracted from binaries for which source code and build information is available it is in certain cases possible to find out what source code and build information was used for a binary

Finding out how close source code files are to files in the Git version control system.

A lot of popular software is developed using a version control system. Historically systems such as RCS, CVS and Subversion were used, but a lot of developers have moved to Git. These systems have a lot of information available about the history of a file. When software is distributed, it is often distributed without this history information. In some situations it is important to find out how close a certain piece of software is to any given version in a version control system, for example for assessing copyright, security research or other provenance issues. keywords: Git, software engineering, security, defect discovery, tls

One time sharing of data between apps on mobile devices

Sometimes there are situations where data needs to be shared between mobile devices, but where the users of the mobile phones do not want to share phone numbers, e-mail addresses or transfer data via Bluetooth or NFC

Detecting suboptimal USB connections and informing a user about it

There are different hardware standards that share the same physical connectors and are backwards compatible. Examples are USB 1.1, USB 2.0 and USB 3.0. The different hardware standards specify different speeds per profile and different maximum speeds. Plugging a fast device into a port that only supports older standards will mean that the slower speed of the older standard will be used which could lead to a decrease in hardware performance and a suboptimal user experience. By informing the user if he/she makes a suboptimal choice in connecting devices to a computer, the performance of the devices, as well as the user experience, can be vastly improved

Using federated social networks for efficiently distributing CVE information

This document describes an open method for distributing information related to CVEs using social networks (in particular the open standard ActivityPub), which would allow users to get updates for specific CVE reports or specific events, and also potentially capture feedback from users around these updates. The CVE reporting system is the main vehicle for openly distributing information related to security vulnerabilities in software or configurations of software. CVE reports are useful but it has proven to be difficult to easily inform users about updates to CVE reports. In response a whole industry has sprung up around CVE and aggregation and distribution of information related to CVEs to fill this gap. The platforms used for distributing the aggregated information are closed and require payment to access the information. keywords: activitypub, fediverse, cve, cwe, security, social networks, activitystrea

Finding version information for binary files with YARA fingerprinting using a multi-layered approach

Detecting provenance of binary files can be done by using the YARA pattern matching tool. It is easy to write or generate YARA rules to detect a particular version of a binary file, but detection can be time consuming as for some packages there are many versions, meaning there are potentially lots of different rules that need to be applied, with most of them applied while it is already clear that there will never be any successful matches for those rules. Using multiple scan phases allows doing a coarse check first to determine the overall package using a generic package rule and then zooming in to find the particular version using package/version specific rules. Keywords: fingerprinting, elf, code provenance, software scanning, open source compliance, yar

Finding (partial) code clones at method level in Android programs without access to source code to detect copyright infringements or security issues

Nearly all programs for Android devices are distributed without source code being made available. This means that it is a lot harder to do audits of these programs for for example copyright infringement detection or security issue detection. By examining individual methods inside an Android program and comparing these to a database of methods from known programs it is possible to make an educated guess of which programs or program fragments are used in the program, and possibly detect copyright infringements or trojaned versions of programs

Recognizing a natural language or language class in source code files

When doing analysis of source code archives from an unknown origin it can be helpful to find out where the code originated from geographically. Comments in these files can be helpful, as they are quite often written in the native natural language of the developer. Finding out which language the file is in can help understanding the flow of the code (example: translating comments) and provenance. By analyzing the contents of a file and seeing which character sets the contents belong to a better guess can be made

Generating QR code or bar code labels based on information from online marketplaces for use on physical music releases to keep online and offline inventory synchronized

A significant part of the global trade in physical music releases, such as vinyl records, CDs, and so on has moved from physical stores to online market places such as Discogs. Many brick and mortar stores also sell their inventory online. Keeping inventory in the physical store and online store synchronized is a challenge, but can be made easier using labels with QR codes or bar codes