Good Technology Ideas


Often I hear from people, especially younger ones, that they don't know what to do. I have compiled a list of ideas that I think would be great for someone to work on. Next time someone says they can't think of something to do, or that they are bored, point them to this page.

This page has some rather old ideas so check around and make sure the problem hasn't already been solved.

Business Ideas

Are you unemployed right now? Here's instant ways to end that.

Although postmates has many competitors, none of them let you order from anywhere. And Postmates doesn't exist in large markets like Houston.

Uber for plumbers, tow trucks, oil change, car mechanics (minor repairs), moving households (market in US is dominated by 4 major players, ripe for disruption - but see the story of Walnut Moving Company).

App for listing doctors, like yelp, and for scheduling housecalls.

App for matching massage therapists, tables, and customers.

Hardware Ideas

Trash blanket - make a foldable soft thing that looks like trash but you place it over valuables in your car here is an example. I would love to see someone commercialize this. You would print it on something foldable, complete with shadows and whatever, and loosely attach translucent plastic garbage bag over it to throw off depth perception etc. If you're so inclined, go for it.

Bluetooth headset that works as bionic hearing, has throat mic, bone conduction speakers, so you can use it on motorcycle or convertible or on noisy street. Maybe goes around your neck and has a big lithium battery in there for recharging things? I don't know if that'd be uncomfortable but it's a place we don't currently carry much weight, so shouldn't be overburdened.

How about a direct peer-to-peer calling protocol for inside an apartment. Inside Wi-Fi range. If you had that then you have basically have personalized paging for everybody in the apartment. And then you could have something like a console which is installed by your front door of your complex and it basically create a FaceTime or other video conferencing into a panel in your apartment hich creates a similar connection to your personal phone. Ideally all of this would happen without requiring cell service or wiring within the apartment, and it can use the paging panel spots that we normally use for intercoms. This would allow you to see and hear them and then in addition some of the panels would respond to DTMF sound by doing something for example by letting the person in.

Someone should create a roomba that is easier to drive around and that you can drive around with an app. It would give you a live video feed between the robot and year so that you could check up on your animals. Maybe it could have a robotic arm for feeding them food or petting them.

The same thing could be used as an alarm system, and you could drive it around to investigate noises etc. Could use an old android phone for sensors - kind of like the app that Ed Snowden designed

Someone should really make a wireless access device that has a built-in firewall that runs PF and to Wi-Fi radio sets so that it can relay data from a client to an upstream Wi-Fi router through the firewall without any problems. It will also need to be able to pretend to be a Web device in order to get through certain captive portals. That might be simpler just by having it be able to clone something's MAC address. Can we use the WiFi pineapple hardware for this? Anyway, it'd be nice if it was a cell hotspot and a USB battery, too.

Programming and Software Development Ideas


Get rid of captive portals. Come up with a cryptocurrency method for paying for internet access in the 802.11 supplicant (e.g. 802.1x) or something that does not break TLS and force-tls. So people can pay for internet access, get paid for providing it, and not break TLS or other security guarantees. Will not fix IoT that want to auth against the network, though, and supplicants are a pain. But at minimum a DHCP response that explains how to pay for the network would be very useful. Is this how it pops up browser windows now? Could be something more automated and less HTTP-interception-like.

Come up with in-kernel virtualization layers that allow you to encrypt data storage. For example, RAM, and hard disk. The solves most of the data remanance problem. Someone should do a paper about this crypto and layering. How could key hierarchies and crypto layers allow us to protect guests from inadvertently leaking data to other guests, or to the host, etc?

For the network block device, you can use i.e. Shamir secret sharing to share data among N nodes such that it takes K to reconstruct it. This also allows for erasure coding as well. This seems like a contradictory goal but should be soluble - see e.g. Tornado Codes.

Come up with an ABI for requesting and releasing things we previously considered permanently allocated to the OS (i.e. RAM). This allows OS to request from hypervisor, and to release if needed. This is more of a "how do I run virtual machines efficiently" issue but leads to my next idea....

During OS ABI request or release, you can sanitize data store, which solves the rest of the remanance problem. It can also help to basically get randomized data, which having the wrong key would do.

Hypervisor call to get RNG data would be quite useful. Then guest could seed with host pool data. For bare metal this could be a no-op. Maybe we can just virtualize a call to the Intel RNG instead?

Someone should come up with a way to make a virtual machine so that all of its outbound traffic through some sort of traffic conditioner multiplexer like TOR. If the hypervisor was capable of patching everything into her we could avoid the notorious leaks of DNS and ICMP.

Create a web front-end for a firewall like OpenBSD's pf or Linux's iptables. Show the last N blocked packets, the top N destination ports of blocked packets over different periods of time, the top N source IPs of blocked packets, etc. This is open-ended; you can get creative with graphics, such as the gd library for PERL, or even visualization packages like graphviz, LGL, VolSuite, OpenQVIS, etc. This may be done by IPCop, smoothwall, and PfSense. See the Linux router or firewall distributions.

Create a secure and standard way to tell routers and firewalls (e.g. my DFD) to open up a port to a particular machine. See SPA, uPNP. There might be some XML-based standard by Ivan Ristic by now.

Linux programmer to take over dynamic firewall daemon from me. Look for link to dfd_tbk in this document which describes my idea.

Write a graphical password entry program for a cell phone platform. Then write an app to keep data encrypted, using the graphical password. Consider interoperating with gnukeyring.

Write some software on Android or another open smart phone platform that does disk encryption using the login password.

Write a version of "the bodyguard" that logs you out when root logs in. The idea is if you're tunnelled through a system and interacting with the next hop, if root logs in and starts poking his nose around, you disappear. For extra credit, re-establish the tunnel around the node where root logged in.

Write a version of the old AT&T PathServer, but integrate it with a keyserver and support new GPG keys.

Write a network daemon in a "safer" language than C (java, perl, python, ML). See for example of how to drop privileges safely.

Write something like password-gorilla, but not in TCL; it's too slow; consider python. Come up with a better GUI, that allows you to copy nodes, move subtrees, etc, and that doesn't move to your current desktop and grab focus when it auto-locks.

Write a user/directory service that is: - Like NIS but doesn't use portmapper/RPC, and is secure - Like LDAP but without the x.500 baggage and for just one thing

Write a secure replacement for NFS. It should not be limited to 8 supplemental groups, and it should use soemthing like SSH keys for authentication.

Write a new, secure version of torrentflux; it is the only multi-user seedbox software.

  • do NOT use PHP (and def no allow_url_fopen!)
  • do NOT have RFI vulns
  • use python web frameworks

Write a secure replacement protocol for IRC - possibly use SILC as a baseline - then write a secure server in e.g. java, ruby, python - consider an asynchronous server for scalability - gevent - pythonic chat server - async servers in python

Create a way to synchronize bookmarks between multiple machines without relying on someone else's servers. It should be FLOSS, and could do neat things like de-dup, update when hitting permanent redirects, show bar graphs of reachability, automatically redirect to when the page disappears, etc.

Security Things Involving Safe Code Execution

Each of these would benefit from either a "safe" language like python/ruby, or (better yet) a verified code execution technology like Michelson programming language. That's because they're modular and not only would you not trust authors of 3rd party modules completely, you would also not necessarily trust anyone to never make a mistake.

Create a PDF replacement format that's open and not full of security holes.

Write a good [security/auditing] footprinting tool. Make it modular, and write it in python or ruby.

Write a replacement for TITAN, the system tightening script. Make it modular, and write it in python or ruby. Allow the user to say things like:

  • mailman module: "list such-and-such should never be open to public"
  • DNS server module: "no recursive resolutions, except for XXX"
  • postfix module: "all traffic should be secured with TLS"

Write a replacement for the old Kuang expert system. Make it modular, and written in python or ruby.

Write something like tcpdump or wireshark, but write the protocol decoding routines in a safer language. ruby and python come to mind, but ocaml might be faster. We really need a safe way to handle untrusted data.

Learn IDA Pro very well, and then write something better, preferably in a better/safer language, possibly python or ruby (or maybe ocaml, java, clojure, etc.) First review ollydbg and see if it's a good base, or whether it needs to be a rewrite-from-scratch.

Firewall Idea

If you have ever programs firewall rules for IPtables and BSD's pf you will recognize that BSD firewall is so much better. But they are as fundamentally incompatible as BASIC and python. No matter how much you try, you can't run a python script in a BASIC interpreter or vice-versa.

But you cannot always choose the operating system you want. Maybe you want to use a high-end router as your firewall, to save energy, and you can get dd-wrt (linux) but not BSD to run on it.

So one of the ideas I had was if we could come up with a way to securely execute code inside the kernel space then we could actually just upload a program.

In other words you would not have to choose you would just create an execution framework for a virtual machine that could implement whatever firewall framework logic you wanted.

For example the Berkeley Packet Filter basically executes in kernel space it execute a tiny virtual machine. This is because you can't copy the packets into user space and back without a huge performance penalty, so instead you upload the filter rules to kernel space.

And there are adaptations to allow it to jit compile that virtual machine into native code.

And there are people who have extended BPF to work on sockets, and other things, making it simliar to dtrace.

But so far we do not have a general purpose programming language that is secure. I think that may have changed with the development of the Michelson programming language for smart contracts for the cryptocurrency called Tezos. That is based on OCaml, and amenable to formal analysis.

And if that could be generalized so that you could run arbitrary code in it in kernel space you could potential he do firewall rule decisions and data shaping and traffic classification and it packet inspection inside the kernel which is much more efficient.

Not only that but you would no longer need to have a different operating system for your firewalls. Now you can choose the best OS and the best firewall engine, and not have to compromise on either.

General Development

Create a web front-end for managing asterisk because it's a neat system but configuration is hard.

Create a better program for GPT partitioning than parted. Do it in layers; one for implementation, one for scripting, and one for CUI. The last one is the most challenging.

Create a FLOSS standard, possibly based on XML, for calendar entries that works with cell phones, and a format for mailing meeting invitations to people, and MUA plug-ins or helpers to add them to your calendar. Also let it scrape sites (like RSS aggregators) for import into your own calendar. Like Google Calendar, but on your own systems. I think Google calendar uses ical, so maybe look at that. Also look at:

  • Chandler
  • Citadel
  • Claws Mail (vCalendar plugin is required to handle iCalendar in Claws Mail)
  • Darwin Calendar Server
  • Drupal with its event module
  • Evolution the Gnome email/calendar client
  • Horde
  • Kontact (namely KOrganizer and KMail)
  • Lightning (a Mozilla extension for Thunderbird)
  • Moodle will export iCalendar data or let you subscribe to a Moodle iCalendar feed
  • Mulberry
  • OLAT - LMS supporting import and export of personal and shared calendars via iCal
  • OpenCRX
  • Open-Xchange
  • PHP iCalendar web based display of shared calendars
  • Plone open source content management system
  • Simple Groupware
  • SPIP a CMS that allows the export of its site calendar in the iCal format
  • Sunbird (a Mozilla stand-alone application)
  • TYPO3 via its Calendar Base Extension
  • WebCalendar
  • WebGUI
  • Webical
  • Zimbra Collaboration Suite

Compile programs and create packages for them for your favorite distro. For example, last time I checked, OpenBSD needed a package for apcupsd, and others. If you're doing Linux, consider a debian package, so that Ubuntu can use it. Also, it'd be nice to have various security tools as debs if they aren't already.

Write regression tests for your favorite distro. That's where you write a test for every fixed bug to make sure it doesn't get re-introduced.

When you subscribe to a mailing list, they often send you a verification message. Write a tool that sends the subscription request, and automatically responds to the verification message. Optionally, have it respond to ANY verification message it receives (less safe, but convenient).

When you receive an email from a list, you have to examine RFC 822 headers to see how to filter it (unless you like all copies of messages cross-posted to 2 or more lists to end up in the first mailing list's folder). Write a tool which automatically figures this out and creates a .procmailrc entry for the new list. See my ultimate email config here

Take over maintenance of an abandoned software project.

Work with the FSF on a Skype replacement. I think the first step in this is to come up with a sockets-like interface to a p2p overlay network, like a SOCKS proxy, and then just port a VOIP app to it. Perhaps you could use something like the tinc-vpn

Do something like rdiff/rsnapshot that can back up multiple machines without creating new config files for every machine. Or look at duplicity and try doing something similar to that.

A better make. Consider nmake, part of ast-base.

The Makefile language is difficult to read and obtuse (GNU make moreso, BSD make less so). Perhaps it is time to make something better than make. In fact, it might be a great idea to write it as python, because python's syntax is so clean and simple that most programmers can use it, even if they haven't learned python. Plus, it will be so extensible; imagine the difficulty of modifying how GNU make worked, and compare that to modifying a python program.

When generating a HTML file via a program like lyx, you get a number of output files: - foo.html - various GIF/JPG/PNG files - some crap, like latex log files Problem is, you don't want the crap files on your web server, and specifying the many-to-many relationship of input files (lyx plus images) to output files (html plus images) is nearly impossible in traditional make. Figure out a better way.

Write a firefox plug-in or web proxy that allows you to seamlessly navigate through's archives.

Some kind of tool that reminds you of things just before you'll forget And then remind you at exponentially increasing intervals

Write some kind of rsync-like algorithm - possibly as a C library - or maybe as an OO framework (python, ruby) The nice part about OO framework is that you can customize parts of it quite easily. This would be useful for my HDB project

A better archival framework - maybe something like an OO tar to avoid complex logic - I've heard FreeBSD has a cool utility but it's in C

A modular compression framework - design the predictors, encoders, dictionaries as replaceable components

Create a file system "compacting" tool (similar to a defragmenter) that allows you to pack all the data on a hard disk, so that the VMWare/virtualbox disk image can be shrunk. This is often necessary whenever you delete a lot of stuff from a disk set to 'grow as needed', for example after doing an update of the OS and all packages.

Create a program like fdupes (and related tools), but in pure ruby or python, so it's eaesy to download and run.

Go through the dedupe tools related to fdupes and make debian/ubuntu packages for them.

Creating Unix Distros

Create a distro that specializes in anonymity services, crypto, defensive network security. Similar to Backtrack, but defensive.

Create a distro that specializes in p2p and filetrading

Create a distro for kick-ass anti-spam mail servers

Create a distro for a dedicated email server. Be sure to include tons of anti-spam measures, so that the spammers don't have a single target to optimize against.

Create a distro specifically for game development, and/or a slim run-time that can run easily under any OS (e.g. via VMWare or Xen or Virtualbox). Wouldn't it be cool to pop in a CD/DVD and boot directly into a OS optimized for the game, or run it efficiently in a VM?

Writing / Documentation

Summarize conversations on mailing lists. There's one like this for LKML, which is just too high traffic. Someone needs to do this for full disclosure and BUGTRAQ.

Summarize conference proceedings (DEFCON, Black Hat, etc.)

Write a better RAID FAQ.

Write a homepage for the mdadm tools with good usage info.

Write some documentation on bluetooth network stacks in Linux. You may even dive into bluetooth networking models and basics. But please create documentation on hidd and other userland tools.

Write some documentation on USB. Answer the question: If I have an arbitrary USB device that only comes with windows software, how do I make it work on Linux?

Document ACPI well. For example, if my laptop's sound and wireless don't work after closing the lid, how do I fix it?

Write a HOWTO on SELinux that isn't super boring.

Start archiving and indexing email lists and sell CDs as reference material.

Create a web site comparing and archiving various software licenses. Explain what kind of situations demonstrate the advantages of one over the other. (probably done)

Write a book for O'Reilly on build systems. Not just GNU make, but how to structure your source code repositories to build programs, documents, etc. quickly, consistently, easily.


Create a tool that figures out (like make) in what order to run the startup scripts on Linux. Get rid of /etc/rcN.d altogether. Cheat by checking on how other OSes do it, NetBSD had a tool like this IIRC. This is done; there are many styles for Init.

C program or PERL script that takes an image or other file and converts it into an array for use embedded within a program. Done by the "convert" program in most Linux distros.

Create a Linux distro specifically for gaming. Include as many games as you legally can. Include Wine and Windows games, if you can. Possibly done in this distro

There seems to be nobody making PC cases that have built-in SATA backplanes with over 4 hotpluggable drives in the front. This means you must either use an external case with bottleneck connections in between, or you must buy a Synology/QNAP or whatever. Update: found U-NAS.

Make something with all the functionality of OpenSSL, but in OOPL.
  • error conditions are handled really strangely
  • code is obscure
  • API keeps changing
  • make sure it gets in Ubuntu repos
  • Update: there's plenty of alternatives now like s2n
Make a better CA program than TinyCA.
  • UI is weird
  • write it in python/ruby to make it easy to fix
  • make sure it gets in Ubuntu repos
  • Update: XCA fits the bill

A Linux device driver (or device mapper LVM kind of thing) for using a SSD as a transaction log for the data being written to HDDs later. Thus, if something was being rewritten multiple times, it could all be done on flash. Might function like the Seagate Momentus laptop hybrid HDDs. Needs more thought. Update: You can do this in ext3/4 and ZFS I'm sure.