he common recipe for performance improvement is to profile an application, identify the most time-consuming routines, and finally select them for optimization. Sometimes that is not enough. Developers may have to look inside the OS searching for performance improvement opportunities. Or they might need to optimize code inside a third party library they do not have access to. For those cases, other strategies shall be used. This presentation reports the experiences of Motorola's Brazilian developers reducing the startup time of an application on Motorola's MOTOMAGX embedded Linux platform. Most of the optimization was performed in the binary loading stage, prior to the execution of the entry point function. This endeavor required use of Linux ABI and Linux Loader going beyond typical bottleneck searching. The presentation will cover prelink, dynamic library loading, tuning of shared objects, and enhancing user experience. A live demo will show the use of prelink and other tools to improve performance of general Linux platforms when libraries are used.
The document discusses how the Linux dynamic loader and LD_PRELOAD environment variable can be exploited to intercept and modify the behavior of shared library functions at runtime. It provides examples of how this technique could be used to implement a man-in-the-middle attack on OpenSSH authentication, log passwords, and extend the functionality of system programs like 'cat'. While powerful for debugging, this approach also has security disadvantages as it requires access to the executable and works only on exported symbols.
Mixing Source and Bytecode: A Case for Compilation By Normalization (OOPSLA 2...lennartkats
Language extensions increase programmer productivity by providing concise, often domain-specific syntax, and support for static verification of correctness, security, and style constraints. Language extensions can often be realized through translation to the base language, supported by preprocessors and extensible compilers. However, various kinds of extensions require further adaptation of a base compiler's internal stages and components, for example to support separate compilation or to make use of low-level primitives of the platform (e.g., jump instructions or unbalanced synchronization). To allow for a more loosely coupled approach, we propose an open compiler model based on normalization steps from a high-level language to a subset of it, the core language. We developed such a compiler for a mixed Java and (core) bytecode language, and evaluate its effectiveness for composition mechanisms such as traits, as well as statement-level and expression-level language extensions.
This document provides an overview of advanced Perl concepts including:
1. Finer points of looping, including the continue block and multiple loop variables. Subroutine prototypes allow specifying the number and types of arguments.
2. Working with files using filehandles for reading, writing, and appending. Functions like open, close, rename, unlink for file operations.
3. Working with directories using opendir, readdir, rewinddir and related functions.
4. EVAL for evaluating strings and blocks of code. Packages for namespacing and modules. BEGIN and END blocks act as constructors and destructors.
3 sentences or less.
Binding Objective-C Libraries, Miguel de IcazaXamarin
This document discusses how to create bindings between Objective-C and C# code using Xamarin.iOS. It covers when to create bindings, how the binding process works, and ways to improve bindings. Key points include:
- Bindings allow existing Objective-C/C code and libraries to be consumed from C# in Xamarin.iOS apps. They map Objective-C APIs and objects to equivalent C# interfaces and classes.
- The binding process involves generating C# interfaces that map to Objective-C headers, then building a binding library that surfaces the native APIs in C#.
- Features like notifications, properties, enums and structures are discussed. Advanced topics cover improving bindings through extensions, strong
The document discusses the ELF file format and dynamic linking process. It describes the ELF header, program header table, and segments that make up an ELF file. The dynamic linker loads segments into memory, resolves symbols using hash tables, and initializes shared libraries and the main executable in the correct order. Symbol resolution involves determining the symbol hash, searching hash buckets in each library, and comparing names.
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...Shinpei Hayashi
This document presents an approach for generating assertion code from the Object Constraint Language (OCL) using model transformations. The approach constructs a hierarchy of programming languages based on their structural similarities. This allows rules for translating OCL to be reused across multiple implementation languages, saving approximately 50% of the effort compared to creating individual translators. An evaluation implemented the approach in Maude and demonstrated its ability to generate code for Java, Python, Haskell and O'Haskell from a single OCL specification.
This PPT discusses the concept of Dynamic Linker as in Linux and its porting to Solaris ARM platform. It starts from the very basics of linking process
The document discusses how the Linux dynamic loader and LD_PRELOAD environment variable can be exploited to intercept and modify the behavior of shared library functions at runtime. It provides examples of how this technique could be used to implement a man-in-the-middle attack on OpenSSH authentication, log passwords, and extend the functionality of system programs like 'cat'. While powerful for debugging, this approach also has security disadvantages as it requires access to the executable and works only on exported symbols.
Mixing Source and Bytecode: A Case for Compilation By Normalization (OOPSLA 2...lennartkats
Language extensions increase programmer productivity by providing concise, often domain-specific syntax, and support for static verification of correctness, security, and style constraints. Language extensions can often be realized through translation to the base language, supported by preprocessors and extensible compilers. However, various kinds of extensions require further adaptation of a base compiler's internal stages and components, for example to support separate compilation or to make use of low-level primitives of the platform (e.g., jump instructions or unbalanced synchronization). To allow for a more loosely coupled approach, we propose an open compiler model based on normalization steps from a high-level language to a subset of it, the core language. We developed such a compiler for a mixed Java and (core) bytecode language, and evaluate its effectiveness for composition mechanisms such as traits, as well as statement-level and expression-level language extensions.
This document provides an overview of advanced Perl concepts including:
1. Finer points of looping, including the continue block and multiple loop variables. Subroutine prototypes allow specifying the number and types of arguments.
2. Working with files using filehandles for reading, writing, and appending. Functions like open, close, rename, unlink for file operations.
3. Working with directories using opendir, readdir, rewinddir and related functions.
4. EVAL for evaluating strings and blocks of code. Packages for namespacing and modules. BEGIN and END blocks act as constructors and destructors.
3 sentences or less.
Binding Objective-C Libraries, Miguel de IcazaXamarin
This document discusses how to create bindings between Objective-C and C# code using Xamarin.iOS. It covers when to create bindings, how the binding process works, and ways to improve bindings. Key points include:
- Bindings allow existing Objective-C/C code and libraries to be consumed from C# in Xamarin.iOS apps. They map Objective-C APIs and objects to equivalent C# interfaces and classes.
- The binding process involves generating C# interfaces that map to Objective-C headers, then building a binding library that surfaces the native APIs in C#.
- Features like notifications, properties, enums and structures are discussed. Advanced topics cover improving bindings through extensions, strong
The document discusses the ELF file format and dynamic linking process. It describes the ELF header, program header table, and segments that make up an ELF file. The dynamic linker loads segments into memory, resolves symbols using hash tables, and initializes shared libraries and the main executable in the correct order. Symbol resolution involves determining the symbol hash, searching hash buckets in each library, and comparing names.
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...Shinpei Hayashi
This document presents an approach for generating assertion code from the Object Constraint Language (OCL) using model transformations. The approach constructs a hierarchy of programming languages based on their structural similarities. This allows rules for translating OCL to be reused across multiple implementation languages, saving approximately 50% of the effort compared to creating individual translators. An evaluation implemented the approach in Maude and demonstrated its ability to generate code for Java, Python, Haskell and O'Haskell from a single OCL specification.
This PPT discusses the concept of Dynamic Linker as in Linux and its porting to Solaris ARM platform. It starts from the very basics of linking process
In this PDF you can learn about Kotlin Basic as well as Intermediate part. As also you can develop the android apps and publish in a google play store.
Detecting Occurrences of Refactoring with Heuristic SearchShinpei Hayashi
This document describes a technique for detecting refactorings between two versions of a program using heuristic search. Refactorings are detected by generating intermediate program states through applying refactorings, and finding a path from the original to modified program that minimizes differences. Structural differences are used to identify likely refactorings. Candidate refactorings are evaluated and applied to generate new states, with the search terminating when the state matches the modified program. A supporting tool was developed and a case study found the technique could correctly detect an actual series of refactorings between program versions.
Assemblers translate assembly language into machine code object files. Linkers merge object files and library routines into executable files by resolving references and assigning memory locations. Loaders bring executables into memory and start program execution by initializing registers and jumping to the main routine.
Objective-C is an object-oriented programming language based on C. It uses message passing to call methods similarly to Smalltalk. The syntax is based on C with the addition of object-oriented features like classes, inheritance, polymorphism, and dynamic typing. Memory management in Objective-C applications is handled automatically by the compiler through reference counting. Categories allow extending classes at runtime by adding new methods.
This document provides an overview of the software build process in VisualDSP++, programming Blackfin processors in C, and creating efficient C code. It discusses:
1) The software build process, including the files involved like source files, object files, libraries, and the executable.
2) How ported C code will build and execute but may be large and slow if optimizations are off and cache is disabled.
3) The linker description file which defines the hardware system and specifies available memory for the linker.
This document discusses advanced Perl concepts including finer points of looping, using pack and unpack, working with files and directories, eval, data structures, packages, modules, objects, and interfacing with the operating system. It provides examples and explanations of continue blocks, multiple loop variables, subroutine prototypes, determining calling context, packing and unpacking data, opening, reading and writing files, getting file information, working with directories, using eval, defining arrays of arrays, packages, modules, BEGIN and END blocks, and the basics of defining objects and classes in Perl.
The document provides an overview of the ELF (Executable and Linkable Format) file format used by most Unix operating systems. It discusses how ELF files contain sections and segments that provide information to linkers and loaders. Specifically, it explains that sections contain code and data and are used by linkers to connect pieces at compile time, while segments define memory permissions and locations and are used by loaders to map the binary into memory at runtime. It also gives examples of common sections like .text, .data, .rodata, and describes how dynamic linking with the PLT and GOT tables allows functions to be resolved at load time.
The document discusses the process from compiling source code to executing a program. It covers preprocessing, compilation, assembly, linking, and the ELF file format. Preprocessing handles macros and conditionals. Compilation translates to assembly code. Assembly generates machine code. Linking combines object files and resolves symbols statically or dynamically using libraries. The ELF file format organizes machine code and data into sections in the executable.
Sentence-to-Code Traceability Recovery with Domain OntologiesShinpei Hayashi
The document describes a technique for recovering traceability between natural language sentences and source code using domain ontologies. An automated tool was implemented and evaluated on a case study using the JDraw software. Results showed the technique worked well, recovering traceability between 7 sentences and code with higher accuracy than without using the ontology. The ontology helped improve recall and detect traceability in cases where word similarity alone did not work well. Future work is needed to evaluate on larger cases and domains.
My slides from "Inside PHP", a talk about how to change the syntax of the PHP programming language.
Modified PHP 5.4.4 source code (with the "until" keyword added during this presentation) is available here:
http://github.com/thomaslee/oscon2012-inside-php
The document provides an introduction to the Python programming language. It discusses what Python is, its creator Guido van Rossum, and how to write a simple "Hello World" program. It also covers Python data types, operators, flow control using conditionals and loops, functions, input/output operations, and the Zen of Python philosophy guiding Python's design. The document serves as the first day of instruction in a Python course.
The document provides an overview of Symfony2 internals. It discusses the main Symfony2 components like HttpFoundation and DependencyInjection. It also covers Composer, autoloading standards like PSR-0, and how the request-response cycle works in Symfony2. The document demonstrates these concepts and also discusses how Symfony2 uses events.
Python was created in the late 1980s by Guido van Rossum. It draws influence from many other languages like ABC, Modula-3, C, C++, Algol68, SmallTalk, and Unix shell scripting languages. Python is an interpreted, interactive, object-oriented scripting language that is highly readable and easy to maintain. It has a large standard library and supports features like being interactive, object-oriented programming, databases, GUI programming, and is portable across platforms.
A hands-on introduction to the ELF Object file formatrety61
In our 6th semester we developed miASMa - a 2 pass Macro Assembler for an x86 machine. miASMa generates Relocatable Object Files that conforming to the ELF Format.
The essence of the VivaCore code analysis libraryPVS-Studio
The article tells developers about VivaCore library, preconditions of its creation, its possibilities, structure and scope of use. This article was written simultaneously with the development of VivaCore library and that's why some of the details of the final realization may differ from the features described here. But this won't prevent the developers from getting acquainted with the general work principles of the library, mechanisms of analysis and processing of C and C++ source code.
My slides from "Inside Python", a talk about how to change the syntax of the Python programming language.
Modified Python 3.2 source code (with the "unless" keyword added during this presentation) is available here:
http://github.com/thomaslee/oscon2012-inside-python
“What should I work on next?” Code metrics can help you answer that question. They can single out sections of your code that are likely to contain bugs. They can help you get a toehold on a legacy system that’s poorly covered by tests.
These are Java ways of functional style; pragmatic ways of understanding and introducing Lambda/Functional API.
你可以在以下找到中文說明:
http://www.codedata.com.tw/java/jdk8-functional-api/
At a previous JRubyConf, we talked about Thnad, a fictional programming language. Thnad served as a vehicle to explore the joy of building a compiler using JRuby, BiteScript, Parslet, and other tools. Now, Thnad is back with a second runtime: Rubinius. Come see the Rubinius environment through JRuby eyes. Together, we'll see how to grapple with multiple instruction sets and juggle contexts without going cross-eyed.
A(n abridged) tour of the Rust compiler [PDX-Rust March 2014]Tom Lee
The document provides an overview of the major stages in Rust's compiler:
1) Scanning converts source code to tokens. Rust's scanner is in libsyntax/parse/lexer.rs.
2) Parsing converts tokens to an AST using grammar rules. Rust's parser is in libsyntax/parse/parser.rs and outputs an AST in libsyntax/ast.rs.
3) Semantic analysis applies Rust's rules through name resolution, type checking, borrow checking etc. This is handled by librustc/middle/*.rs.
4) Code generation translates the AST to LLVM IR. Rust uses librustc/middle/trans/base.rs and writes output with
Whirlwind tour of the Runtime Dynamic LinkerGonçalo Gomes
This document provides an overview of the Linux runtime dynamic linker. It discusses the anatomy of Linux C/C++ libraries, including static and dynamic libraries. It then covers the dynamic link API in Linux, including functions like dlopen, dlclose, dlsym, and dlerror. Finally, it gives a high-level view of the Linux process startup, which involves the kernel executing fork and execve to spawn a new process, mapping the binary and interpreter into memory, and the interpreter performing dynamic linking operations before jumping to the program entry point. It includes several demos and mentions useful tools for working with binaries like ldd, nm, and readelf.
JavaScript and popular programming paradigms (OOP, AOP, FP, DSL). Overview of the language to see what tools we can leverage to reduce complexity of our projects.
This part goes over language features and looks at OOP and AOP with JavaScript.
The presentation was delivered at ClubAJAX on 2/2/2010.
Blog post: http://lazutkin.com/blog/2010/feb/5/exciting-js-1/
Continued in Part II: http://www.slideshare.net/elazutkin/exciting-javascript-part-ii
In this PDF you can learn about Kotlin Basic as well as Intermediate part. As also you can develop the android apps and publish in a google play store.
Detecting Occurrences of Refactoring with Heuristic SearchShinpei Hayashi
This document describes a technique for detecting refactorings between two versions of a program using heuristic search. Refactorings are detected by generating intermediate program states through applying refactorings, and finding a path from the original to modified program that minimizes differences. Structural differences are used to identify likely refactorings. Candidate refactorings are evaluated and applied to generate new states, with the search terminating when the state matches the modified program. A supporting tool was developed and a case study found the technique could correctly detect an actual series of refactorings between program versions.
Assemblers translate assembly language into machine code object files. Linkers merge object files and library routines into executable files by resolving references and assigning memory locations. Loaders bring executables into memory and start program execution by initializing registers and jumping to the main routine.
Objective-C is an object-oriented programming language based on C. It uses message passing to call methods similarly to Smalltalk. The syntax is based on C with the addition of object-oriented features like classes, inheritance, polymorphism, and dynamic typing. Memory management in Objective-C applications is handled automatically by the compiler through reference counting. Categories allow extending classes at runtime by adding new methods.
This document provides an overview of the software build process in VisualDSP++, programming Blackfin processors in C, and creating efficient C code. It discusses:
1) The software build process, including the files involved like source files, object files, libraries, and the executable.
2) How ported C code will build and execute but may be large and slow if optimizations are off and cache is disabled.
3) The linker description file which defines the hardware system and specifies available memory for the linker.
This document discusses advanced Perl concepts including finer points of looping, using pack and unpack, working with files and directories, eval, data structures, packages, modules, objects, and interfacing with the operating system. It provides examples and explanations of continue blocks, multiple loop variables, subroutine prototypes, determining calling context, packing and unpacking data, opening, reading and writing files, getting file information, working with directories, using eval, defining arrays of arrays, packages, modules, BEGIN and END blocks, and the basics of defining objects and classes in Perl.
The document provides an overview of the ELF (Executable and Linkable Format) file format used by most Unix operating systems. It discusses how ELF files contain sections and segments that provide information to linkers and loaders. Specifically, it explains that sections contain code and data and are used by linkers to connect pieces at compile time, while segments define memory permissions and locations and are used by loaders to map the binary into memory at runtime. It also gives examples of common sections like .text, .data, .rodata, and describes how dynamic linking with the PLT and GOT tables allows functions to be resolved at load time.
The document discusses the process from compiling source code to executing a program. It covers preprocessing, compilation, assembly, linking, and the ELF file format. Preprocessing handles macros and conditionals. Compilation translates to assembly code. Assembly generates machine code. Linking combines object files and resolves symbols statically or dynamically using libraries. The ELF file format organizes machine code and data into sections in the executable.
Sentence-to-Code Traceability Recovery with Domain OntologiesShinpei Hayashi
The document describes a technique for recovering traceability between natural language sentences and source code using domain ontologies. An automated tool was implemented and evaluated on a case study using the JDraw software. Results showed the technique worked well, recovering traceability between 7 sentences and code with higher accuracy than without using the ontology. The ontology helped improve recall and detect traceability in cases where word similarity alone did not work well. Future work is needed to evaluate on larger cases and domains.
My slides from "Inside PHP", a talk about how to change the syntax of the PHP programming language.
Modified PHP 5.4.4 source code (with the "until" keyword added during this presentation) is available here:
http://github.com/thomaslee/oscon2012-inside-php
The document provides an introduction to the Python programming language. It discusses what Python is, its creator Guido van Rossum, and how to write a simple "Hello World" program. It also covers Python data types, operators, flow control using conditionals and loops, functions, input/output operations, and the Zen of Python philosophy guiding Python's design. The document serves as the first day of instruction in a Python course.
The document provides an overview of Symfony2 internals. It discusses the main Symfony2 components like HttpFoundation and DependencyInjection. It also covers Composer, autoloading standards like PSR-0, and how the request-response cycle works in Symfony2. The document demonstrates these concepts and also discusses how Symfony2 uses events.
Python was created in the late 1980s by Guido van Rossum. It draws influence from many other languages like ABC, Modula-3, C, C++, Algol68, SmallTalk, and Unix shell scripting languages. Python is an interpreted, interactive, object-oriented scripting language that is highly readable and easy to maintain. It has a large standard library and supports features like being interactive, object-oriented programming, databases, GUI programming, and is portable across platforms.
A hands-on introduction to the ELF Object file formatrety61
In our 6th semester we developed miASMa - a 2 pass Macro Assembler for an x86 machine. miASMa generates Relocatable Object Files that conforming to the ELF Format.
The essence of the VivaCore code analysis libraryPVS-Studio
The article tells developers about VivaCore library, preconditions of its creation, its possibilities, structure and scope of use. This article was written simultaneously with the development of VivaCore library and that's why some of the details of the final realization may differ from the features described here. But this won't prevent the developers from getting acquainted with the general work principles of the library, mechanisms of analysis and processing of C and C++ source code.
My slides from "Inside Python", a talk about how to change the syntax of the Python programming language.
Modified Python 3.2 source code (with the "unless" keyword added during this presentation) is available here:
http://github.com/thomaslee/oscon2012-inside-python
“What should I work on next?” Code metrics can help you answer that question. They can single out sections of your code that are likely to contain bugs. They can help you get a toehold on a legacy system that’s poorly covered by tests.
These are Java ways of functional style; pragmatic ways of understanding and introducing Lambda/Functional API.
你可以在以下找到中文說明:
http://www.codedata.com.tw/java/jdk8-functional-api/
At a previous JRubyConf, we talked about Thnad, a fictional programming language. Thnad served as a vehicle to explore the joy of building a compiler using JRuby, BiteScript, Parslet, and other tools. Now, Thnad is back with a second runtime: Rubinius. Come see the Rubinius environment through JRuby eyes. Together, we'll see how to grapple with multiple instruction sets and juggle contexts without going cross-eyed.
A(n abridged) tour of the Rust compiler [PDX-Rust March 2014]Tom Lee
The document provides an overview of the major stages in Rust's compiler:
1) Scanning converts source code to tokens. Rust's scanner is in libsyntax/parse/lexer.rs.
2) Parsing converts tokens to an AST using grammar rules. Rust's parser is in libsyntax/parse/parser.rs and outputs an AST in libsyntax/ast.rs.
3) Semantic analysis applies Rust's rules through name resolution, type checking, borrow checking etc. This is handled by librustc/middle/*.rs.
4) Code generation translates the AST to LLVM IR. Rust uses librustc/middle/trans/base.rs and writes output with
Whirlwind tour of the Runtime Dynamic LinkerGonçalo Gomes
This document provides an overview of the Linux runtime dynamic linker. It discusses the anatomy of Linux C/C++ libraries, including static and dynamic libraries. It then covers the dynamic link API in Linux, including functions like dlopen, dlclose, dlsym, and dlerror. Finally, it gives a high-level view of the Linux process startup, which involves the kernel executing fork and execve to spawn a new process, mapping the binary and interpreter into memory, and the interpreter performing dynamic linking operations before jumping to the program entry point. It includes several demos and mentions useful tools for working with binaries like ldd, nm, and readelf.
JavaScript and popular programming paradigms (OOP, AOP, FP, DSL). Overview of the language to see what tools we can leverage to reduce complexity of our projects.
This part goes over language features and looks at OOP and AOP with JavaScript.
The presentation was delivered at ClubAJAX on 2/2/2010.
Blog post: http://lazutkin.com/blog/2010/feb/5/exciting-js-1/
Continued in Part II: http://www.slideshare.net/elazutkin/exciting-javascript-part-ii
It is an introduction to the Native Hook mechanism, which is a function hook mechanism in Android. It is implemented in Bionic linker, which is the dynamic linker in Android. With Native Hook mechanism enabled, you can hook any native function with another one, without any modification to the existing libraries.
This document discusses linkers and loaders from a programmer's perspective. It covers key concepts like object files, program loading, linking with static and dynamic libraries, symbol resolution, relocation, position independent code, and shared libraries. The main points are that linkers combine object files and resolve symbols, loaders load programs into memory, static libraries are linked at compile time, dynamic libraries allow sharing of code and dynamic loading, and position independent code allows shared libraries to be loaded at any address.
The document discusses various tools that are part of the GNU toolchain used for embedded software development. It provides descriptions of common tools used with the GNU Compiler Collection (GCC) such as ar, autoconf, as, gdb, ld, libtool, make, nm, objcopy, objdump, ranlib, readelf, size, strings and strip. It also covers topics like the preprocessor, compiler options, anonymous unions, arrays of zero length, and using attributes with GCC.
DEF CON 27 - DIMITRY SNEZHKOV - zombie ant farm practical tipsFelipe Prado
Linux EDRs present challenges for adversaries seeking to evade detection. The document discusses several strategies and techniques for evading Linux EDRs, including:
1) Utilizing existing trusted system binaries as decoys to bypass process pattern matching. Techniques include using ld.so and busybox to launch payloads.
2) Developing "Uber preloaders" that can load modular payloads and provide command line arguments for evasion.
3) Storing payloads in volatile memory using techniques like memfd_create to avoid detection by EDRs scanning files on disk.
4) Coordinating payloads and preloaders through a "Zombie Ant Farm" module that stores
Linux executables are in ELF format. The document discusses Linux executable formats, compiling C programs in Linux using GCC, and executing programs. It also covers libraries in Linux including static and shared libraries, error handling using errno and assertions, signals and signal handling, process monitoring and /proc filesystem, and managing command line arguments using getopt_long.
[Defcon24] Introduction to the Witchcraft Compiler CollectionMoabi.com
With this presentation, we take a new approach to reverse engineering. Instead of attempting to decompile code, we seek to undo the work of the linker and produce relocatable files, the typical output of a compiler. The main benefit of the later technique over the former being that it does work. Once achieved universal code ‘reuse’ by relinking those relocatable objects as arbitrary shared libraries, we'll create a form of binary reflection, add scripting capabilities and in memory debugging using a JIT compiler, to attain automated API prototyping and annotation, which, we will argue, constitutes a primary form of binary code self awareness. Finally, we'll see how abusing the dynamic linker internals shall elegantly solve a number of complex tasks for us, such as calling a given function within a binary without having to craft a valid input to reach it.
The applications in terms of vulnerability exploitation, functional testing, static analysis validation and more generally computer wizardry being tremendous, we'll have fun demoing some new exploits in real life applications, and commit public program profanity, such as turning PEs into ELFs, functional scripting of sshd in memory, stealing crypto routines without even disassembling them, among other things that were never supposed to work. All the above techniques have been implemented into the Wichcraft Compiler Collection, to be released as proper open source software (MIT/BSD-2 licenses) exclusively at DEF CON 24.
Jonathan Brossard is a computer whisperer from France, although he's been living in Brazil, India, Australia and now lives in San Francisco. For his first conference at DEF CON 16, he hacked Microsoft Bitlocker, McAffee Endpoint and a fair number of BIOS Firmwares. During his second presentation at DEF CON 20, he presented Rakshasa, a BIOS malware based on open source software, the MIT Technology review labeled "incurable and undetectable".
This year will be his third DEF CON ... Endrazine is also known in the community for having run the Hackito Ergo Sum and NoSuchCon conferences in France, participating to the Shakacon Program Committee in Hawaii, and authoring a number of exploits over the past decade. Including the first remote Windows 10 exploit and several hardcore reverse engineering tools and whitepapers. Jonathan is part of the team behind MOABI.COM, and acts as the Principal Engineer of Product Security at Salesforce.
Twitter: @endrazine
Facebook: toucansystem
https://moabi.com
Here are some examples of pattern rules:
%.o: %.c
$(CC) -c $< -o $@
frammis cooker: frammis.o cooker.o
$(CC) -o $@ $^
clean:
rm -f *.o frammis cooker
This uses implicit pattern rules to compile .c files to .o, links the objects into the executables frammis and cooker, and defines a clean target to remove the object and executable files. The % wildcard allows make to recognize common filename patterns and apply the appropriate compilation/linking rules.
Functional programming (FP) is a powerful approach to problem solving. Until now, the majority of the PHP community hasn’t realized this, but it’s actually fully available to us in PHP! When the size of PHP applications increases, they become extremely hard to maintain and reason about, especially when sharing and modifying global state. The current misconception is that applications can only be written with an OO design, so why PHP?
Functional programming doesn’t preclude object-oriented principles, in fact they are orthogonal paradigms that complement each other perfectly well. FP can be used within the context of MVC frameworks, like Laravel, which are driven more towards the OO side. Using PHP to drive the business logic within your model can create a best of breed, poly-paradigm application. In addition, FP allows you to create more testable code that is easier to reason about and free of bugs.
It’s time to create awareness about functional programming in PHP. This talk will focus on what FP is, and how PHP developers can leverage it to develop robust and scalable applications.
This document discusses exciting features of JavaScript including how it can be used in browsers and non-browser environments. It covers how JavaScript supports object-oriented, functional, and aspect-oriented programming paradigms through its first-class functions, closures, and other language features. The document also discusses how code generation and introspection are possible in JavaScript and how this enables implementing domain-specific languages through techniques like lambda functions. In conclusion, the author expresses optimism about JavaScript's potential for large-scale development.
Post exploitation techniques on OSX and Iphone, EuSecWest 2009Vincenzo Iozzo
The document discusses post-exploitation techniques on macOS and iOS. It summarizes a technique called "userland-exec" that allows executing binaries on macOS without involving the kernel. It then describes efforts to port this technique to iOS by injecting libraries instead of binaries due to code signing restrictions. The author demonstrates injecting an unsigned library into a process on a factory iPhone by hijacking the dlopen function and loading the library from memory. This technique paves the way for developing advanced payloads like Meterpreter on unmodified iOS devices.
This document discusses the compilation process of a C program from source code to executable. It involves 4 main stages: preprocessing, compilation, assembly, and linking. Preprocessing handles includes and macros. Compilation converts to assembly code. Assembly converts to object code. Linking combines object files and resolves symbols to create the executable. C is an efficient, portable, and flexible language that has been widely used since 1972.
This document discusses libraries in C/C++. It describes static libraries as archives of object files that are included in the final executable. Shared libraries are similar but the executable only contains a reference, with the actual code located in the shared library file. The document provides details on creating, linking with, and dynamically loading both types of libraries. It also lists some benefits of each like code sharing for shared libraries and simplicity for static libraries.
The document discusses development environments and build processes for GNU/Linux systems. It covers tools like the GNU Compiler Collection (GCC) and autotools that are used to compile, link, and build static and dynamic libraries. The key points are:
- Development environments include toolchains like GCC, libraries, headers and debuggers for compiling locally or cross-compiling for embedded targets.
- The build process involves preprocessing, compiling, assembling, and linking object files into binaries or libraries using tools like GCC and the GNU binutils.
- Static libraries archive object files, while dynamic libraries use external symbols and have version dependencies displayed by tools like ldd.
- Autotools like GNU make and autotools provide
The document summarizes post-exploitation techniques on OSX and iPhone. It describes a technique called "userland-exec" that allows executing applications on OSX without using the kernel. This technique was adapted to work on jailbroken iPhones by injecting a non-signed library and hijacking the dynamic linker (dlopen) to map and link the library. With some additional patches, the authors were able to load an arbitrary non-signed library into the address space of a process on factory iPhones, representing the first reliable way to execute payloads on these devices despite code signing protections.
An introduction to the basic concepts on functional programming, explaining why it is a hot topic for some years now, what it is and some suggestions of functional languages to be learned.
This document provides an overview of C++, beginning with introductions to object-oriented programming and the two versions of C++. It describes key C++ concepts like classes, constructors, destructors, function overloading, and namespaces. It also covers arrays of objects, pointers to objects, the this pointer, and static class members. The document is intended to familiarize readers with fundamental C++ concepts in preparation for more advanced topics.
Similar to Strategies to improve embedded Linux application performance beyond ordinary techniques (20)
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
8. Loading a dynamically
linked program
.interp
A
Load dynamic
linker .rel.text
Relocation
.rel.data
.dynamic
Libraries .init
Dependency
libraries
Program’s
Symbol entry point
tables
A
9. A closer look at relocation
Relative Symbol-based
Type
Lookup failed
Symbol’s
Compute
hash Yes
offset
Lookup
Hash Next No
scope
Add load bucket object empty
address
Yes Next
Match
element
No No
Adjust
Chain Yes
address
empty
12. How does prelink work? I
• Collects ELF binaries which should be prelinked and all the ELF
shared libraries they depend on
• Assigns a unique virtual address space slot for each library and
relinks the shared library to that base address
• Resolves all relocations in the binary or library against its
dependant libraries and stores the relocations into the ELF object
• Stores a list of all dependant libraries together with their
checksums into the binary or library
• For binaries, it also computes a list of conflicts and stores it into a
special ELF section
Note: Libraries shall be compiled with the GCC option -fPIC
13. How does prelink work? II
• At runtime, the dynamic linker first checks if it is prelinked itself
• Just before starting an application, the dynamic linker checks if:
• There is a library list section created by prelink
• They are present in symbol search scope in the same order
• None have been modified since prelinking
• There aren’t any new shared libraries loaded either
• If all conditions are satisfied, prelinking is used:
• Dynamic linker processes the fixup section and skips all normal
relocation handling
• If at least one condition fails:
• Dynamic linker continues with normal relocation processing in the
executable and all shared libraries
16. How to use prelink?
• prelink –avf --ld-library-path=PATH --dynamic-linker=LDSO
• -a --all
• Prelink all binaries and dependant libraries found in directory hierarchies
specified in /etc/prelink.conf
• -v --verbose
• Verbose mode. Print the virtual address slot assignment to libraries
• -f --force
• Force re-prelinking even for already prelinked objects for which no
dependencies changed
• --ld-library-path=PATH
• Specify special LD_LIBRARY_PATH to be used when prelink queries
dynamic linker about symbol resolution details
• --dynamic-linker=LDSO
• Specify alternate dynamic linker instead of the default
19. Motivation II
If there are any libraries you are going to use
only on special occasions, it is better to load
them when they are really needed.
20. The Basics
#include <dlfcn.h>
void* dlopen ( const char* filename, int flags);
void* dlsym ( void* handle, const char* symbol);
char* dlerror (void);
int dlclose (void* handle);
#echo Although you don’t have to link against the
library
#echo you still have to link against libdl
#
#gcc main.cpp -ldl -o program
21.
22. Loading C++ Libraries
C++ uses mangling!
int mod (int a , int b); _Z3sumii
float mod (float a, float b); _Z3sumff
math.cpp math.o
23. The example
class Foo
{
public:
Foo(){}
~Foo(){}
void bar(const char * msg)
{
std::cout<<"Msg:"<<msg<<std::endl;
}
};
24. The solution
Step 1 Define an interface for your class.
Foo
+ Foo()
+ ~Foo()
+ void bar(const char*)
25. The solution
Step 1 Define an interface for your class.
<<interface>>
Foo
+ virtual void bar(const
char*) = 0
FooImpl
+ Foo()
+ ~Foo()
+ void bar(const char*)
26. The solution - Lib’s Header file
Step 1 Define an interface for your class
#ifndef FOO_H__
#define FOO_H__
class Foo
{
public:
virtual void bar (const char*) = 0;
};
27. The solution - Lib’s Header file
Step 2 Create “C functions” to create and destroy instances
of your class
Step 3 You might want to create typedefs
extern "C" Foo* createFoo();
extern "C" void destroyFoo(Foo*);
typedef Foo* (*createFoo_t) ();
typedef void (*destroyFoo_t)(Foo*);
#endif
31. Inspiration
“How To Write Shared Libraries”
Ulrich Drepper- Red Hat
http://people.redhat.com/drepper/dsohowto.pdf
32. Less is always better
Keep at minimum…
• The number of libraries you directly or indirectly depend
• The size of libraries you link against shall have the smallest size possible
• The number for search directories for libraries, ideally one directory
• The number of exported symbols
• The length of symbols strings
• The numbers of relocations
34. Reducing search space
Step 1 Set LD_LIBRARY_PATH to empty
Step 2 When linking use the options:
-rpath-link <dir> to the specify your system’s directory for
libraries
-z nodeflib to avoid searching on /lib, /usr/lib and others
places specified by /etc/ld.so.conf and /etc/ld.so.cache
#export LD_LIBRARY_PATH=“”
#gcc main.cpp -Wl,-z,nodeflib -Wl,-rpath-link,/lib
-lfoo -o program
35. Reducing exported symbols
Using GCC’s attribute feature
int localVar __attribute__((visibility(“hidden”)));
int localFunction() __attribute__((visibility(“hidden”)));
class Someclass
{
private:
static int a __attribute__((visibility(“hidden”)));
int b;
int doSomething(int d)__attribute__((visibility
(“hidden”)));
public:
Someclass(int c);
int doSomethingImportant();
};
36. Reducing exported symbols II
{ You can tell the linker which
global: symbols shall be exported
cFunction*; using export maps
extern “C++”
{
cppFunction*;
*Someclass;
Someclass::Someclass*; #g++ -shared example.cpp -o
Someclass::?Someclass*; libexample.so.1 -Wl,
Someclass::method* -soname=libexample.so.1 -Wl,-
}; -version-script=example.map
local: *;
};
37. Pro and Cons
Pros Cons
Visibility attribute Visibility attribute
• Compiler can generate optimal • GCC’s specific feature;
code; • Code become less readable;
Export Maps Export Maps
• More practical; • No optimization can be done by
• Centralizes the definition of library’s compiler because any symbol may
API; be exported
38. Restricting symbol string’s lenght
namespace java
{
namespace lang
{
class Math
{
static const int PI;
static double sin(double d);
static double cos(double d);
static double FastFourierTransform
(double a, int b,const int** const c);
}; _ZN4java4lang4Math2PIE
} _ZN4java4lang4Math3sinEd
} _ZN4java4lang4Math3cosEd
_ZN4java4lang4Math20FastFourierTransformEdiPPKi
39. Avoiding relocations
char* a = “ABC”; A B C 0
.data
const char a[] = “ABC”; A B C 0
.rodata
ELF
43. Improving responsiveness
It is not always possible to optimize code because:
• You might not have access to problematic code;
• It demands too much effort or it is too risky to change it.
• There is nothing you can do (I/O latency, etc…).
• Other reasons ...
49. In conclusion …
• You learned that libraries may play an important role in the startup
performance of your application;
• You saw how dynamic link works on Linux;
• You were introduce to prelink and and became aware of its potential
to boost the startup;
• You learned how to load a shared object on demand, preventing
that some them be a burden at startup;
• You got some tips on how to write libraries to get the best
performance;
• You understood that an UI that provides quick user feedback is more
important than performance;