Often I hear from people, especially younger ones, that they don't know what to do. I have compiled a list of ideas that I think would be great for someone to work on. Next time someone says they can't think of something to do, or that they are bored, point them to this page. This page is kinda old so check around and make sure the problem hasn't already been solved. # Programming Maintenance Take over maintenance of an abandoned software project. Linux programmer to take over dynamic firewall daemon from me. http://www.subspacefield.org/security/dfd_keeper/ Look for link to dfd_tbk # Programming and development ideas: Copy the FreeBSD binary emulation system into Linux, and start supporting Mac OS X binaries, to some degree or another. Figure out what to do about cocoa, etc. Create a tool that figures out (like make) in what order to run the startup scripts on Linux. Get rid of /etc/rcN.d altogether. Cheat by checking on how other OSes do it, NetBSD had a tool like this IIRC. Create a web front-end for managing asterisk. Create a web front-end for a firewall like OpenBSD's pf or Linux's iptables. Show the last N blocked packets, the top N destination ports of blocked packets over different periods of time, the top N source IPs of blocked packets, etc. This is open-ended; you can get creative with graphics, such as the gd library for PERL, or even visualization packages like graphviz, LGL, VolSuite, OpenQVIS, etc. Create a secure and standard way to tell routers and firewalls (e.g. my DFD) to open up a port to a particular machine. See SPA, uPNP. Write a graphical password entry program for a cell phone platform. Then write an app to keep data encrypted, using the graphical password. Consider interoperating with gnukeyring. Compile programs and create packages for them for your favorite distro. For example: OS package OpenBSD 3.7 apcupsd FC3 source apcupsd OpenBSD 3.7 Twisted (www.twistedmatrix.com) OpenBSD 3.7 ZopeInterface (www.zope.org) Write regression tests for your favorite distro. That's where you write a test for every fixed bug to make sure it doesn't get re-introduced. C program or PERL script that takes an image or other file and converts it into an array for use embedded within a program. Write a version of "the bodyguard" that logs you out when root logs in. The idea is if you're tunnelled through a system and interacting with the next hop, if root logs in and starts poking his nose around, you disappear. For extra credit, re-establish the tunnel around the node where root logged in. Write a good [security/auditing] footprinting tool. Make it modular, and write it in python or ruby. Write a replacement for TITAN, the system tightening script. Make it modular, and write it in python or ruby. Allow the user to say things like: mailman module: "list such-and-such should never be open to public" DNS server module: "no recursive resolutions, except for XXX" postfix module: "all traffic should be secured with TLS" Write a replacement for the old Kuang expert system. Make it modular, and written in python or ruby. Write something like tcpdump or wireshark, but write the protocol decoding routines in a safer language. ruby and python come to mind, but ocaml might be faster. Write a version of the old AT&T PathServer, but integrate it with a keyserver and support new GPG keys. Write network daemons in a "safer" language than C (java, perl, python, ML). See privilege.py for examples of how to drop privs: http://www.subspacefield.org/~travis/python/privilege/ When you subscribe to a mailing list, they often send you a verification message. Write a tool that sends the subscription request, and automatically responds to the verification message. Optionally, have it respond to ANY verification message it receives (less safe, but convenient). When you receive an email from a list, you have to examine RFC 822 headers to see how to filter it (unless you like all copies of messages cross-posted to 2 or more lists to end up in the first mailing list's folder). Write a tool which automatically figures this out and creates a .procmailrc entry for the new list. http://www.subspacefield.org/~travis/email_config/ Write something like password-gorilla, but not in TCL. It's too slow. Maybe python. Come up with a better GUI, that allows you to copy nodes, move subtrees, etc. Write a user/directory service that is: Like NIS but doesn't use portmapper/RPC, and is secure Like LDAP but without the x.500 baggage and for just one thing Write a secure replacement for NFS. It should not be limited to 8 supplemental groups, and it should use soemthing like SSH keys for authentication. Work on a Skype replacement. Do it as a p2p network layer with a nat-busting socket-like interface on top, followed by a VoIP client on that. Just creating yet another SIP client won't help the people in the world who don't want to open up 10,000 ports for RTP. In fact, why don't you use ZRTP? Do something like rdiff/rsnapshot that can back up multiple machines without creating new config files for every machine. Or look at duplicity and try doing something similar to that. Create a PDF replacement format that's open and not full of security holes. A better make: The Makefile language is difficult to read and obtuse (GNU make moreso, BSD make less so). Perhaps it is time to make something better than make. In fact, it might be a great idea to write it as python, because python's syntax is so clean and simple that most programmers can use it, even if they haven't learned python. Plus, it will be so extensible; imagine the difficulty of modifying how GNU make worked, and compare that to modifying a python program. When generating a HTML file via a program like lyx, you get a number of output files: - foo.html - various GIF/JPG/PNG files - some crap, like latex log files Problem is, you don't want the crap files on your web server, and specifying the many-to-many relationship of input files (lyx plus images) to output files (html plus images) is nearly impossible in traditional make. Figure out a better way. Write a firefox plug-in or web proxy that allows you to seamlessly navigate through archive.org's archives. Learn IDA Pro very well, and then write something better, preferably in a better/safer language, possibly python or ruby (or maybe ocaml, java, clojure, etc.) First review ollydbg and see if it's a good base, or whether it needs to be a rewrite-from-scratch. Write a new, secure version of torrentflux - do NOT use PHP (and def no allow_url_fopen!) - do NOT have RFI vulns - use python web frameworks Some kind of tool that reminds you of things just before you'll forget: http://en.wikipedia.org/wiki/Forgetting_curve And then remind you at expoentially increasing intervals: http://www.anthus.com/LogLearn/LogLearn.html Write some kind of rsync-like algorithm - possibly as a C library - or maybe as an OO framework (python, ruby) The nice part about OO framework is that you can customize parts of it quite easily. This would be useful for my HDB project: http://www.subspacefield.org/security/hdb/ Write a secure replacement protocol for IRC possibly use SILC as a baseline then write a secure server in e.g. java, ruby, python consider an asynchronous server for scalability http://www.gevent.org/ http://www.newthinktank.com/2010/11/python-2-7-tutorial-pt-18-chat-server/ http://nichol.as/asynchronous-servers-in-python A better archival framework maybe something like an OO tar to avoid complex logic A modular compression framework design the predictors, encoders, dictionaries as replaceable components # Creating Unix distros Create a distro that specializes in anonymity services, crypto, defensive network security. Create a distro that specializes in p2p and filetrading Create a distro for kick-ass anti-spam mail servers Create a distro for a dedicated email server. Be sure to include tons of anti-spam measures, so that the spammers don't have a single target to optimize against. Create a Linux distro specifically for gaming. Include as many games as you legally can. Include Wine and Windows games, if you can. Create a distro specifically for game development, and/or a slim run-time that can run easily under any OS (e.g. via VMWare or Xen or Virtualbox). Wouldn't it be cool to pop in a CD/DVD and boot directly into a OS optimized for the game, or run it efficiently in a VM? # Writing and/or documentation ideas: Summarize conversations on mailing lists. There's one like this for LKML, which is just too high traffic. Someone needs to do this for full disclosure and BUGTRAQ. Summarize conference proceedings (DEFCON, Black Hat, etc.) Write a better RAID FAQ. Write a homepage for the mdadm tools with good usage info. Write some documentation on bluetooth network stacks in Linux. You may even dive into bluetooth networking models and basics. But please create documentation on hidd and other userland tools. Write some documentation on USB. Answer the question: If I have an arbitrary USB device that only comes with windows software, how do I make it work on Linux? Document ACPI well. For example, if my laptop's sound and wireless don't work after closing the lid, how do I fix it? Write a HOWTO on SELinux that isn't super boring. Start archiving and indexing email lists and sell CDs as reference material. Create a web site comparing and archiving various software licenses. Explain what kind of situations demonstrate the advantages of one over the other. (probably done) Write a book for O'Reilly on build systems. Not just GNU make, but how to structure your source code repositories to build programs, documents, etc. quickly, consistently, easily. # Done Create a FLOSS standard, possibly based on XML, for calendar entries that works with cell phones, and a format for mailing meeting invitations to people, and MUA plug-ins or helpers to add them to your calendar. Also let it scrape sites (like RSS aggregators) for import into your own calendar. Like Google Calendar, but on your own systems. I think Google calendar uses ical, so maybe look at that. Also look at: * Chandler * Citadel * Claws Mail (vCalendar plugin is required to handle iCalendar in Claws Mail) * Darwin Calendar Server * Drupal with its event module * Evolution the Gnome email/calendar client * Horde * Kontact (namely KOrganizer and KMail) * Lightning (a Mozilla extension for Thunderbird) * Moodle will export iCalendar data or let you subscribe to a Moodle iCalendar feed * Mulberry * OLAT - LMS supporting import and export of personal and shared calendars via iCal * OpenCRX * Opengroupware.org * Open-Xchange * PHP iCalendar web based display of shared calendars * Plone open source content management system * Simple Groupware * SPIP a CMS that allows the export of its site calendar in the iCal format * Sunbird (a Mozilla stand-alone application) * TYPO3 via its Calendar Base Extension * WebCalendar * WebGUI * Webical * Zimbra Collaboration Suite Create a way to synchronize bookmarks between multiple machines without relying on someone else's servers. It should be FLOSS, and could do neat things like de-dup, update when hitting permanent redirects, show bar graphs of reachability, automatically redirect to archive.org when the page disappears, etc. Make something with all the functionality of OpenSSL, but in OOPL. - error conditions are handled really strangely - code is obscure - API keeps changing - make sure it gets in Ubuntu repos - This is called GNU-TLS or a2ssl or cryptlib a variety of things. Make a better CA program than TinyCA. - UI is weird - write it in python/ruby to make it easy to fix - make sure it gets in Ubuntu repos - It's called XCA