Matt Spraggs

I've been doing a lot of Hack The Box lately. For those who don't know, Hack The Box (HTB) is a playground for would-be hackers to test their skills against machines with various security vulnerabilities. The point isn't to use these skills for nefarious or illegal purposes. Instead, the aim is to train people to think more critically about potential security weaknesses in software so that they can design and implement systems with security in mind. Each machine on HTB has a digital flag (typically a file on the machine containing some secret string) that the hacker must capture. This type of set up is called capture the flag, or CTF.

Newcomers to HTB can start with the Starting Point machines to familiarise themselves with the CTF process. Generally speaking, gaining admin privileges on a target machine is achieved in three stages:

1. Enumeration - determining the services the target is running … 

Read more

With travel restrictions easing after COVID-19, we went on a long-overdue honeymoon road trip to the western United States. 

Despite the title, this blog post doesn't start with Rust. Instead, it starts with the tradgedy of the ongoing global COVID-19 pandemic. Numberphile had recently uploaded a video about the SIR model, which describes the spread of an infectious disease. The simple yet powerful nature of the model and its relevance to current events struck a chord with me: I had to code this up for myself.

Python seemed like the best candidate for the job, given the existence of numerical libraries such as NumPy and SciPy. My first iteration needed just 35 lines of code, a testament to Python's expressiveness and the well-designed library interfaces.

The next step seemed clear to me: how cool would it be to put this on the web? Sure, it's a simple model, but one of great relevance given recent events, so maybe it might interest some.

I weighed my options. I had a … Read more

Wow... it's been a year since I last wrote here.

Awkward.

I do have some excuses. This time last year I was in the middle of getting ready to get married. It's not exactly something you can do over a weekend. Unless you get married in Vegas. Maybe. Anyway, we didn't go to Vegas.

Not long after that I started job-hunting again after feeling the urge for something new. Like so many things, this expanded to fill almost all of my free time, since the application process for development roles is apparently more stressful than doing a presentation in front of thousands of people. Or maybe that's just me? Not sure. In any case, it was a big time sink.

Then we moved flat. I was offered a job in London, and commuting from Southampton was about as much fun as trimming your toenails with a hammer, so my wife … Read more

Last autumn I discovered Crafting Interpreters, a book by Bob Nystrom that gives readers a comprehensive guide to writing interpreters for a toy programming language, Lox. To me the world of compilers and interpreters has always been a total mystery. Okay, so I know what a syntax tree is, and I've occassionally even been brave enough to look at the assembly output for a program I've written. Also doesn't parsing need to happen at some point? Anyway, I was pretty intrigued, so in I dived.

Bob's book is divided into two parts. The first details how to write a tree-walking interpreter in Java. Code is parsed and a syntax tree is generated from it, which is then evaluated in-place. By his own admission, this isn't a particularly efficient way to evaluate code, so the second part of the book describes how to write a stack-based virtual machine in C, which … Read more

A friend and I were discussing the relative merits of LabVIEW the other day. Coming from a theoretical, software-focused background, I struggle with LabVIEW, which I think hides too many of the underlying workings of a program from the user for the sake of simplicity. My friend, on the other hand, does a lot of experimental engineering work and loves that LabVIEW frees him from the need to look at line after line of code.

This got me thinking: should engineers, particularly those working in electronics, be more prepared to work with low-level code? I mean obviously they work with it already, but my (admittedly limited) experience so far is that few engineers take the time to engineer software that is clear, testable and maintainable. In a world where both hardware and software are advancing at an exponential rate, shouldn't we be cultivating engineers who at least appreciate the need … Read more

Note: This shitpost was originally going to be titled "Windows 10: My Take", but I changed it, for reasons that should become immediately apparent in the next paragraph.

You know what really pisses me off with Microsoft's latest OS offering? Windows fricking update. Specifically: why Microsoft hasn't addressed the age-old problem of having updates that can only be installed during the shutdown/restart process.

Okay, so it's true that I have just been through this little lesson in tedium, all because I had to restart my computer for unrelated reasons, but still. Given that, in the words of Tony Prophet, Microsoft's corporate vice president, "Windows 10 is not going to be an incremental step from Windows 8.1," you'd think this is one of the issues they could address. It's true that I have little to no understanding of the internals of Windows, and I appreciate that part of Tony's … Read more

So the title of this post was originally going to be "New Job!", but since I've been in my current post since September I figured that might be a bit misleading, so I added some lovely quotes to make it feel less like a blatant lie.

Since the end of my PhD I've been working in the department of Electronics and Computer Science at the University of Southampton, doing software engineering as part of a project called SMARTmove. The project aims to rehabilitate the upper limbs of stroke patients using a technique known as functional electrical stimulation (FES). By electrically stimulating the arm muscles of stroke patients as they attempt a series of functional tasks it is anticipated that they will recover some control over the arm that was debilitated by the stroke.

The electrical stimulation is provided via an electrode array printed onto a wearable sleeve, and the patient's … Read more

I'm acutely aware I haven't written here for... [looks for last post] nearly six months. This is mainly due to being busy, which in turn has fostered a "sure, I'll write another blog post, when I have time" sort of mentality. I started thinking this in September and, well, here we are.

To force me to get my act together and start writing here again, I offer you this mediocre excuse for a meaningful blog post. This isn't going to be very long but is going to be a bit more wishy-washy, so if you don't care for that sort of thing, feel free to ignore the rest of this and check back here later.

So anyway, what's kept me so busy for the past few months? Well, finishing my PhD by way of writing my thesis was the main thing. The actual writing part filled up my summer entirely … Read more

It's been a while since I last posted here. Sorry. I hope you can forgive me in the fullness of time.

So Thursday the UK decided to leave the EU for some bizarre reason that I still don't fully understand. Many of those who voted to remain feel angry and cheated out of what may have been a more prosperous future than they are now faced with. However, I don't want to rant and rave about how we've made a terrible mistake. I've already done that on Facebook.

Sickeningly, there are already stories and rumours of open racism and/or xenophobia between citizens and EU migrants. As a country we cannot let this happen. This is something we have to fight before it becomes a societal norm.

Here's my simple request, regardless of how you voted: next time you see or hear someone dishing out the racial or xenophobic abuse … Read more