Internship

Blog posts about my internship in Switzerland

Internship: Interesting week

Hi there folks! In between washing clothes and studying, I’m having a small break for writing a blogpost. Last week has been a good week, a lot of interesting things happend! I worked on a fork of the BouncyCastle crypto library to use in an Android runtime environment. Something similar to SpongyCastle but to be independent and have our own java security provider, we prefer to fork the BouncyCastle library and add our own changes. My job was to perform an upgrade to the new BouncyCastle version. This means pulling in the code and fixing the problems that arise with incompatible or new code. I finished the project rather early and have some time left on my hands.

Since I have time left, my boss proposed to teach me how to program Hardware Security Modules (HSM’s) and setting up Public Key Infrastructures (PKI’s) which are core systems in for example every security system of a bank. It makes sure your transactions are performed in a secure and trusted environment. This will be a very hands-on experience which I don’t think you can learn in school (apparently some dare to discuss that if you make the right choice of course), the experience of someone in the industry is really big. That’s something I started to realize early on in my internship and now am more than aware of.

Besides work I also did some things which the most part consisted out of studying for my exams. Other than that I also skyped with my girlfriend, which flew to Peru on Tuesday , where she will be staying till the end of december! Thank God for technology like Skype, imagine if I could only write letters or e-mails to her and don’t see her pretty face!

We also had colleagues in, from a dutch company called Advanced Encryption Technology (AET Europe) . Me personally did not have much to do with them, as my project is focused on a whole other part of the business than they are conducting. But this meant that we went for dinner in the evenings on Thursday and Friday. Had the best fish in the world on Friday by the way, truly marvelous. Despite the fact that you learn a lot at the internship itself, you learn more from these dinner talks. How things are done on a managing level, as everybody (besides the spanish intern José and me) sitting at the table have managing positions. Interesting talk with the head manager on how he selects his people and how they do the sales and development of their product. Too much to sum up here.

Signing off for now, got some work to do, groceries and studying => woohoo! This will be my last post originating from a swiss IP. Although I might use a swiss VPN in the future, which technically would invalidate my claim that this will be my last post from a swiss IP-address. Oh well, you get my point.

Cheers, folks!

Dario

PS: My last project is being open-sourced at www.intellicastle.org

Interning: week 5: Whirlpool of emotions

Longtime no see, as they say.. last weeks were so busy, full of emotions and passed fast , I hardly found the time to write. Internship is going awesomely well. Finished the first part of the project which was kind of penetration testing and checking for information leaks. Now busy on the second part of the project which is updating a BouncyCastle fork for the Android framework. By far the most interesting library project in Android I have done.

Besides work I also had some free time here in Swiss, I kid you not! =D Although I worked mostly long days, but that is compensated by starting late in the morning. Anyhow, in my weekends I visited a friend up in the mountains, which was a nice experience! Last weekend was magical, my girlfriend came to visit me, had the best weekend so far here in Swiss. Miss her every bit of the way. And coming weekend my sister will visit with her boyfriend! Yeah agreed, I’m spoiled.

Okay, enough with the emotional stuff. Really loving the vibe at work, due to the small size of the team I have a very good contact with everyone in the office. Which basically nowadays is my boss,  a colleague and the other intern haha 😀 Learning a lot of stuff which is impossible to learn at school. Going from the JCA/JCE frameworks in Java and concepts and techniques for implementing crypto systems to working with HSM (Hardware Security Modules) and EJBCA enabled appliances (for PKI’s).

For the interested reader, I will be talking at XDA-DevCon which is from 26th till 28th september in Manchester, UK. My talk will be about “Android Security Overview and Safe Practices for Web-Based Android Applications”. Still tickets available!

Looking forward to the last two weeks (tomorrow is national holiday in Swiss yeaaah), signing off for now!

Cheers,

H4

Week 2: Interning, eating veggie and doing laundry

It has been a while since I wrote a blog post about my internship (more than a week, woooah), anyhow got half an hour to spare as I’m doing the laundry. Yes, for the second time, no I have not ruined my clothes. Yet.

Made some progress at work, nothing too fancy but nevertheless it was a progression. For obvious reasons I won’t go into much detail. Oh and while compiling some stuff, which I needed for a cross-compilation, I managed to wreck my linux distro. On a Friday. Yeah not the best way to end your week.

On Thursday my boss Thomas took me to the oldest vegetarian restaurant in the world: Hiltl. I love meat so needless to say I was a little bit skeptical about eating vegetarian. I must say, that vegetarian burger was quite good. The restaurant was also simply amazing. I would certainly recommend it when going to Zürich, even when you’re not a vegetarian.  After Hiltl we went to a panorama bar in the center of Zürich. First you enter a restaurant and at the end of the restaurant there is an elevator which brings you to the sky bar. It is called Jules Verne, after the famous French writer. The view there was amazing. Not that cheap though 😉

Woops, there goes my alarm. Time to fetch the freshly washed clothes. Look at me, doing all grown up stuff.

Cheers,

H4

PS: Go Belgium!!! Seriously Messi, just have a bad day today, thaaaaat would be great.

 

Cryptography everywhere

Halfway through my first week, I learned already a lot of new things. Monday was pretty chill, did some touring in the city with the secretary and got to know my boss in person. Everyone was friendly and easy going. In the afternoon I got introduced to the company’s products and fields of business which are Smart-card systems and Public Key Infrastructures (PKI). Yesterday and today I got extensive workshop-sessions from my daily supervisor. We covered A LOT.

We started of with the basic concepts and techniques of the Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE) API’s, basically the components that put security and crypto into the Java platform. I got drilled in symmetric and asymmetric cryptography algorithms, with all the flavors. Going from CBC to EBC to ECC. Hybrid cryptographic concepts, signing of files and PKI’s. It was overwhelming and nice to learn. But needless to say a mild headache got the better of me today. Oh, and to top it off: some of the slides were in German. Jup, German. But my supervisor was very good in explaining it in perfect English. So I had that going for me, which is nice.

Tomorrow I start on the real job , which I cannot really disclose the details of but basically it’s penetration testing/information extraction in an Android environment. Anyhow, very interesting start of the internship and everybody is nice, friendly and more important, they are experts in their respective fields, simply amazing.

Cheers,

H4

PS: Did you know that intelliCard forked the open-source BouncyCastle library and adapted it for Android! Awesome, I know 😀 : http://intellicastle.org

PPS: My daily supervisor is a security wizard. The things he knows is from my perspective, endless. He wrote a lot of useful software: http://www.borderzone-software.ch/ Take a look at the FileBrowser: simply the most useful swiss army knife every IT-guy needs. (PUN INTENDED)

Grote avonturen beginnen klein

Before I left, someone special gave me a small card with the text “Grote avonturen beginnen klein”, which in english translates to “Big adventures start small”. It couldn’t be closer to the truth. First sunday in Switzerland, I am simply impressed by the nature and the city. You can find photographs on my FB-stream.

It started, indeed, very small. Searched for an internship online, applied, did an interview and got the internship. It all flew by so fast, and tomorrow morning it’s my first day on the job.

The surrounding nature is ridiculously beautiful. I can walk from the apartment to the side of the lake in, I think, 2 minutes. Got a flatscreen in the room, got a living room with an even bigger flatscreen. Hell, even a kitchen with a Nespresso machine 😀 (heaven on earth for computer geeks).  Also got fitness machines, no excuses there I guess.

That will be all for now. Swiss greetings,

H4

View of the lake on 2 minutes from the apartment.

View of the lake on 2 minutes from the apartment.

Prepping for that internship

Sooooooo. For everybody who does not follow my Facebook-feed or heard me in the last couple of months, I will be doing an internship in Switzerland for two months. I will probably be blogging about my stay in Switzerland a lot, so anybody interested can subscribe or just follow twitter or fb for updates about this blog.

Now we got those administrative messages  out of the way, my first actual blogpost about my internship. I am still at home, prepping like a maniac for my first long stay abroad. Luckily my mom is doing the major part of the ‘work’, so my part of the job is reduced to saying : “yes I need that” or “no mom, I have enough of those things already”.

I’ll be driving to Switzerland saturday morning, my parents are accompanying me and will drop me off safely at the apartment. Yes I am spoiled, no I am not ashamed for having lovely parents ;-).

The internship itself is situated in the field of security engineering, penetration testing and (big surprise) Android development. Not necessarily in that order. I am very excited for my first work experience in these major fields, which are undoubtedly the most interesting ones for me.  I am interested in security since we had a computer with windows 95 and my dad had put a password on it.  I wanted to bypass the goddamn thing, which gave birth to my (healthy) interest in cyber security. The Android-part of my geek personality started 5 years ago, when I bought my first Android device and which kickstarted my enthusiasm and passion for this mobile-piece-of-art platform.  I think it’s pretty clear that I am very excited to learn a lot in these fields, things I can impossibly learn in an academic environment.

What can you expect from this blog for the next two months? Probably pictures and stories about my stay, not much about my internship or technical details since I signed NDA’s and I don’t want to risk leaking critical information. Look at me all acting mature and responsible.

Signing off here for now. Next blog post will probably come from a swiss IP-address.

Cheers,

H4