Differential Fuzzing the Webassembly

Total Page:16

File Type:pdf, Size:1020Kb

Differential Fuzzing the Webassembly Master’s Programme in Security and Cloud Computing Differential Fuzzing the WebAssembly Master’s Thesis Gilang Mentari Hamidy MASTER’S THESIS Aalto University - EURECOM MASTER’STHESIS 2020 Differential Fuzzing the WebAssembly Fuzzing Différentiel le WebAssembly Gilang Mentari Hamidy This thesis is a public document and does not contain any confidential information. Cette thèse est un document public et ne contient aucun information confidentielle. Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Technology. Antibes, 27 July 2020 Supervisor: Prof. Davide Balzarotti, EURECOM Co-Supervisor: Prof. Jan-Erik Ekberg, Aalto University Copyright © 2020 Gilang Mentari Hamidy Aalto University - School of Science EURECOM Master’s Programme in Security and Cloud Computing Abstract Author Gilang Mentari Hamidy Title Differential Fuzzing the WebAssembly School School of Science Degree programme Master of Science Major Security and Cloud Computing (SECCLO) Code SCI3084 Supervisor Prof. Davide Balzarotti, EURECOM Prof. Jan-Erik Ekberg, Aalto University Level Master’s thesis Date 27 July 2020 Pages 133 Language English Abstract WebAssembly, colloquially known as Wasm, is a specification for an intermediate representation that is suitable for the web environment, particularly in the client-side. It provides a machine abstraction and hardware-agnostic instruction sets, where a high-level programming language can target the compilation to the Wasm instead of specific hardware architecture. The JavaScript engine implements the Wasm specification and recompiles the Wasm instruction to the target machine instruction where the program is executed. Technically, Wasm is similar to a popular virtual machine bytecode, such as Java Virtual Machine (JVM) or Microsoft Intermediate Language (MSIL). There are two major implementations of Wasm, correlated with the two most popular web browsers in the market. These two are the V8 engine by Chromium project and the SpiderMon- key engine by Mozilla. Wasm does not mandate a specific implementation over its specification. Therefore, both engines may employ different mechanisms to apply the specification. These dif- ferent implementations may open a research question: are both engines implementing the Wasm specification equally? In this thesis, we are going to explore the internal implementation of the JavaScript engine in regards to the Wasm specification. We experimented using a differential fuzzing technique, in which we test two JavaScript engines with a randomly generated Wasm program and compares its behavior. We executed the experiment to identify any anomalous behavior, which then we analyzed and identified the root cause of the different behavior. This thesis covers the WebAssembly specification extensively. It discusses several foundational knowledge about the specification that is currently lacking in references. This thesis also presents the instrumentation made to the JavaScript engine to perform the experiment, which can be a foundation to perform a similar experiment. Finally, this thesis analyzes the identified anomaly found in the experiment through reverse engineering techniques, such as static and dynamic analysis, combined with white-box analysis to the JavaScript engine source code. In this experiment, we discovered a different behavior of the JavaScript engine that is ob- servable from the perspective of the Wasm program. We created a proof-of-concept to demonstrate the different behavior that can be executed in the recent web browser up to the writing of this thesis. This experiment also evaluated the implementation of both JavaScript engine on the Wasm specification to conclude that both engines implement the specification faithfully. Keyword webassembly, fuzzing, c++, compiler, testing, programming language, static analysis, dynamic analysis ii Abstrait Auteur Gilang Mentari Hamidy Titre Fuzzing Différentiel le WebAssembly Programme d’Études Double Diplôme de Master Filière d’Attachement Security and Cloud Computing (SECCLO) Encadrants Académiques Prof. Davide Balzarotti, EURECOM Prof. Jan-Erik Ekberg, Aalto University Categorie La Thèse de Master Date 27 July 2020 Pages 133 Langue Anglais Abstrait WebAssembly, familièrement connu sous le nom de Wasm, est une spécification pour une représentation intermédiaire qui convient à l’environnement Web, en particulier du côté client. Il fournit une abstraction de la machine et des jeux d’instructions indépendants du matériel, où un langage de programmation de haut niveau peut cibler la compilation sur le Wasm au lieu d’une architecture matérielle spécifique. Le moteur JavaScript implémente la spécification Wasm etrecom- pile l’instruction Wasm en l’instruction machine cible où le programme est exécuté. Techniquement, Wasm est similaire à un bytecode de machine virtuelle populaire, comme Java Virtual Machine (JVM) ou Microsoft Intermediate Language (MSIL). Il existe deux implémentations majeures de Wasm, en corrélation avec les deux navigateurs Web les plus populaires. Ces deux sont le V8 de Chromium et le SpiderMonkey de Mozilla. Wasm n’exige pas une implémentation spécifique sur sa spécification. Par conséquent, les deux moteurs peuvent utiliser des mécanismes différents pour appliquer la spécification. Ces différentes implé- mentations peuvent ouvrir une question de recherche: les deux moteurs implémentent-ils également la spécification Wasm? Dans cette thèse, nous allons explorer l’implémentation interne du moteur JavaScript par rapport à la spécification Wasm. Nous avons expérimenté en utilisant une technique de fuzzing différentiel, dans laquelle nous testons deux moteurs JavaScript avec un programme Wasm généré de manière aléatoire et comparons son comportement. Nous avons exécuté l’expérience pour identifier tout comportement anormal, puis nous avons analysé et identifié la cause profondedes différents comportements. Cette thèse couvre largement la spécification WebAssembly. Il aborde plusieurs connaissances fondamentales sur la spécification qui manquent actuellement de références. Cette thèse présente également l’instrumentation faite au moteur JavaScript pour effectuer l’essai, qui peut être une base pour effectuer une essai similaire. Enfin, cette thèse analyse l’anomalie identifiée trouvée dans l’essai grâce à des techniques d’ingénierie inverse, telles que l’analyse statique et dynamique, combinées avec une analyse en boîte transparente au code source du moteur JavaScript. Dans cette essai, nous avons découvert un comportement différent du moteur JavaScript qui est observable au point de vue du programme Wasm. Nous avons créé une preuve de concept pour démontrer les différents comportements qui peuvent être exécutés dans le navigateur Web récent jusqu’à l’écriture de cette thèse. Cette essai a également évalué l’implémentation des deux moteurs JavaScript sur la spécification Wasm pour conclure que les deux moteurs implémentent fidèlement la spécification. Mots Clés webassembly, fuzzing, c++, compilateur, essai, langage de programmation, analyse dynamique, analyse statique iii Kupersembahkan karya terbaik ini untuk Ibunda tercinta Ayahanda tersayang Naini, Rosma, Ema, Anizar, Abuzar Adit, Faris, Aziz, Tawfiq, Dimas, Joan Icha, Ina, Neyga, Rima, Azza, Ahda, Iid, Levin, Dinda, Ajeng, Leo, Upiek, dan semua keluargaku And also dedicated to my best friend Enrico Budianto, whom I always wished I could still have a long endless discussion together about our shared interests. Let this be a prayer that I can continue what he left. And to all my teachers. Acknowledgement The education of the author was supported by the European Union through the Erasmus Mundus Joint Master’s Degree (EMJMD) Master’s programme in Secu- rity and Cloud Computing (SECCLO) for the intake year 2018 (Project Reference: 586541-EPP-1-2017-1-FI-EPPKA1-JMD-MOB). The education of the author was conducted at Aalto University, Finland, and EURECOM, France. This thesis work was supported through an internship in the Software and System Security (S3) Group at EURECOM, France, from February 2020 to July 2020. Forewords I give all praise to Allah that I can complete this master’s thesis successfully. It has been a marvelous journey in the last two years in Finland and France. Before, I did not imagine that I would study computer security. I always thought that this field was challenging, and I did not dare to work in this field. Yet, getting admitted to the Security and Cloud Computing (SECCLO) program was a sign that people are confident with my ability. I learned various new knowledge in this program. From a mathematical foundation of cryptography to binary program exploits. Without enrolling in SECCLO, I would not have been able to learn that knowledge by myself. I met people who share the same interests as me. We did many things together. We met every week to study cryptography together. We traveled together for our summer school. And we got to enjoy a small farewell dinner before our path diverged. I want to say thank you to all SECCLO 2018 batch to the time we shared for the last two years. I extend my gratitude to my classmate Christian Yudhistira for being a very nice roommate in France. I also thank you to Eljon Harlicaj, a SECCLO 2019 student, for many random conversations we had in the past one year. I got a very fantastic opportunity to work on a research assignment at Aalto University. I finally got my chance to get my hands dirty in working withcom- pilers, and I mastered the compiler more than I could learn in
Recommended publications
  • Dynamic Web Pages with the Embedded Web Server
    Dynamic Web Pages With The Embedded Web Server The Digi-Geek’s AJAX Workbook (NET+OS, XML, & JavaScript) Version 1.0 5/4/2011 Page 1 Copyright Digi International, 2011 Table of Contents Chapter 1 - How to Use this Guide ............................................................................................................... 5 Prerequisites – If You Can Ping, You Can Use This Thing! ..................................................................... 5 Getting Help with TCP/IP and Wi-Fi Setup ............................................................................................ 5 The Study Guide or the Short Cut? ....................................................................................................... 5 C Code ................................................................................................................................................... 6 HTML Code ............................................................................................................................................ 6 XML File ................................................................................................................................................. 6 Provide us with Your Feedback ............................................................................................................. 6 Chapter 2 - The Server-Client Relationship ................................................................................................... 7 Example – An Analogy for a Normal HTML page .................................................................................
    [Show full text]
  • Interaction Between Web Browsers and Script Engines
    IT 12 058 Examensarbete 45 hp November 2012 Interaction between web browsers and script engines Xiaoyu Zhuang Institutionen för informationsteknologi Department of Information Technology Abstract Interaction between web browser and the script engine Xiaoyu Zhuang Teknisk- naturvetenskaplig fakultet UTH-enheten Web browser plays an important part of internet experience and JavaScript is the most popular programming language as a client side script to build an active and Besöksadress: advance end user experience. The script engine which executes JavaScript needs to Ångströmlaboratoriet Lägerhyddsvägen 1 interact with web browser to get access to its DOM elements and other host objects. Hus 4, Plan 0 Browser from host side needs to initialize the script engine and dispatch script source code to the engine side. Postadress: This thesis studies the interaction between the script engine and its host browser. Box 536 751 21 Uppsala The shell where the engine address to make calls towards outside is called hosting layer. This report mainly discussed what operations could appear in this layer and Telefon: designed testing cases to validate if the browser is robust and reliable regarding 018 – 471 30 03 hosting operations. Telefax: 018 – 471 30 00 Hemsida: http://www.teknat.uu.se/student Handledare: Elena Boris Ämnesgranskare: Justin Pearson Examinator: Lisa Kaati IT 12 058 Tryckt av: Reprocentralen ITC Contents 1. Introduction................................................................................................................................
    [Show full text]
  • Deadline-Driven Serverless for the Edge
    SledgeEDF: Deadline-driven Serverless for the Edge by Sean Patrick McBride B.S. in German, May 2007, United States Military Academy M.A.S. in Information Technology and Management, May 2013, Illinois Institute of Technology A Thesis submitted to The Faculty of The School of Engineering and Applied Science of The George Washington University in partial satisfaction of the requirements for the degree of Master of Science January 8, 2021 Thesis directed by Gabriel Parmer Associate Professor of Computer Science c Copyright 2021 by Sean Patrick McBride All rights reserved ii Dedication This thesis is dedicated to the many educators, mentors, and battle buddies that have helped me grow as a technologist, software engineer, and computer scientist. Sankaran Iyer, Susan Schwartz, Chris Okasaki, Christa Chewar, Ray Trygstad, Jeremy Hajek, Jeffrey Kimont, Robert Hendry, Carol Davids, Bill Slater, Bonnie Goins, David Gaertner, Andy Quintana, Patricia Schatz, Wayne Bucek, Pat Medo, Lih Wang, Tony Liu, Bill Seubert, Marty Horan, Fred Bader, Mitch Green, Bob Kaas, Richard Lewis, Gwen Dente, Ray Mullins, Frank DeGilio, Paul Novak, Bruce Hayden, Art Breslau, Chris Ganim, Mark Woehrer, Will Dory, Steve Payne, Walt Melo, Mark Davis, Omri Bernstein, Eliot Szwajkowski, Dani Young-Smith, Conrad Holloman, David Tillery, Garth Hershfield, Daniel Cox, Doug Fort, Jeff Hemminger, Josh Rutherford, Hiromi Suenaga, Kait Moreno, Howie Huang, Ben Bowman, Yuede Ji, Pradeep Kumar, Nahid Ghalaty, Roozbeh Haghnazar, Morris Lancaster, Gabe Parmer, Phani Kishoreg, and the unnamed others I’ve forgotten. I am mostly an ambulatory accumulation of the investments others have made in me over the years. I hope that you consider me a worthy investment, and I pledge to pay this forward! iii Abstract SledgeEDF: Deadline-driven Serverless for the Edge Serverless Computing has gained mass popularity by offering lower cost, improved elasticity, and improved ease of use.
    [Show full text]
  • Machine Learning in the Browser
    Machine Learning in the Browser The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:38811507 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA Machine Learning in the Browser a thesis presented by Tomas Reimers to The Department of Computer Science in partial fulfillment of the requirements for the degree of Bachelor of Arts in the subject of Computer Science Harvard University Cambridge, Massachusetts March 2017 Contents 1 Introduction 3 1.1 Background . .3 1.2 Motivation . .4 1.2.1 Privacy . .4 1.2.2 Unavailable Server . .4 1.2.3 Simple, Self-Contained Demos . .5 1.3 Challenges . .5 1.3.1 Performance . .5 1.3.2 Poor Generality . .7 1.3.3 Manual Implementation in JavaScript . .7 2 The TensorFlow Architecture 7 2.1 TensorFlow's API . .7 2.2 TensorFlow's Implementation . .9 2.3 Portability . .9 3 Compiling TensorFlow into JavaScript 10 3.1 Motivation to Compile . 10 3.2 Background on Emscripten . 10 3.2.1 Build Process . 12 3.2.2 Dependencies . 12 3.2.3 Bitness Assumptions . 13 3.2.4 Concurrency Model . 13 3.3 Experiences . 14 4 Results 15 4.1 Benchmarks . 15 4.2 Library Size . 16 4.3 WebAssembly . 17 5 Developer Experience 17 5.1 Universal Graph Runner .
    [Show full text]
  • 04 ISC 228-TESIS.Pdf
    UTN –FICA Análisis y Estudio de Tecnología Ruby on Rails con bases de datos Postgresql para Aplicaciones Web 2.0 UNIVERSIDAD TÉCNICA DEL NORTE Facultad de Ingeniería en Ciencias Aplicadas Carrera de Ingeniería en Sistemas Computacionales TESIS PREVIA OBTENCIÓN DEL TITULO DE INGENIERO EN SISTEMAS COMPUTACIONALES Tema: “Análisis y Estudio de Tecnología Ruby on Rails con bases de datos Postgres para Aplicaciones Web 2.0” Aplicativo: Implementación del Portal Web 2.0 para la Mancomunidad de la Cuenca del Río Mira AUTOR : CHRISTIAN FERNANDO REALPE ROSERO. DIRECTOR : ING. MARCO PUSDÁ. IBARRA – ECUADOR, 2012 Christian Fernando Realpe Rosero Implementación del Portal Web 2.0 para la Mancomunidad de la Cuenca del Río Mira Print to PDF without this message by purchasing novaPDF (http://www.novapdf.com/) UTN –FICA Análisis y Estudio de Tecnología Ruby on Rails con bases de datos Postgresql para Aplicaciones Web 2.0 Certifico: Que la Tesis previa a la obtención del título de Ingeniería en Sistemas Computacionales con el tema “Análisis y Estudio de Tecnología Ruby on Rails con bases de datos Postgres para Aplicaciones Web 2.0”con el aplicativo “Implementación del Portal Web 2.0 para la Mancomunidad de la Cuenca del Río Mira” ha sido desarrollada y terminada en su totalidad por el Sr. Christian Fernando Realpe Rosero con C.C. 100251109-3 bajo mi supervisión para lo cual firmo en constancia. Atentamente, Ing. Marco Pusdá DIRECTOR DE TESIS Christian Fernando Realpe Rosero Implementación del Portal Web 2.0 para la Mancomunidad de la Cuenca del Río Mira Print to PDF without this message by purchasing novaPDF (http://www.novapdf.com/) UTN –FICA Análisis y Estudio de Tecnología Ruby on Rails con bases de datos Postgresql para Aplicaciones Web 2.0 UNIVERSIDAD TÉCNICA DEL NORTE CESIÓN DE DERECHOS DE AUTOR DEL TRABAJO DE INVESTIGACIÓN A FAVOR DE LA UNIVERSIDAD TÉCNICA DEL NORTE Yo, CHRISTIAN FERNANDO REALPE ROSERO, con cedula de identidad Nro.
    [Show full text]
  • Authentication in the Mesh with Webassembly
    Authentication in the mesh with WebAssembly Sondre Halvorsen Master’s Thesis, Spring 2021 Thesis submitted for the degree of Master in Informatics: programming and system architecture 30 credits Department of Informatics Faculty of mathematics and natural sciences UNIVERSITY OF OSLO Spring 2021 © 2021 Sondre Halvorsen Master Thesis http://www.duo.uio.no/ Printed: Reprosentralen, University of Oslo Abstract At the start of the last decade Marc Andreessen stated in his now famous blog entry; ‘Software is eating the world’ [173], and as software is eating the world, problems stemming from its security, or lack thereof, is eating it as well. Or- ganisations are increasingly moving to the cloud and adopting new architecture patterns in this new environment, such as cloud native and microservice ar- chitecture. While moving to the cloud generally results in better security for organisations, due to large professional platforms, microservice architectures in- troduce some new problems in regards to cross-cutting concerns like security, robustness and observabiltity. Service mesh is a technology that aims to provide cloud native and application agnostic solution to many of the challenges with micro service architectures. In parallel with the cloud native revolution there has been innovations in areas like security as well. Authentication, authoriza- tion, and access control have changed drastically, with new requirements for how users want to manage and use their identity. Zero Trust Architectures is an example of this drawn to its logical conclusion where no connection is trusted by default. Unfortunately security breaches stemming from poor implementation of security protocols and frameworks rank among the highest still.
    [Show full text]
  • Javascript API Deprecation in the Wild: a First Assessment
    JavaScript API Deprecation in the Wild: A First Assessment Romulo Nascimento, Aline Brito, Andre Hora, Eduardo Figueiredo Department of Computer Science Federal University of Minas Gerais, Brazil romulonascimento, alinebrito, andrehora,figueiredo @dcc.ufmg.br { } Abstract—Building an application using third-party libraries of our knowledge, there are no detailed studies regarding API is a common practice in software development. As any other deprecation in the JavaScript ecosystem. software system, code libraries and their APIs evolve over JavaScript has become extremely popular over the last years. time. In order to help version migration and ensure backward According to the Stack Overflow 2019 Developer Survey1, compatibility, a recommended practice during development is to deprecate API. Although studies have been conducted to JavaScript is the most popular programming language in this investigate deprecation in some programming languages, such as platform for the seventh consecutive year. GitHub also reports Java and C#, there are no detailed studies on API deprecation that JavaScript is the most popular language in terms of unique in the JavaScript ecosystem. This paper provides an initial contributors to both public and private repositories2. The npm assessment of API deprecation in JavaScript by analyzing 50 platform, the largest JavaScript package manager, states on popular software projects. Initial results suggest that the use of 3 deprecation mechanisms in JavaScript packages is low. However, their latest survey that 99% of JavaScript developers rely on wefindfive different ways that developers use to deprecate API npm to ease the management of their project dependencies. in the studied projects. Among these solutions, deprecation utility This survey also points out the massive growth in npm usage (i.e., any sort of function specially written to aid deprecation) and that started about 5 years ago.
    [Show full text]
  • Rich Media Web Application Development I Week 1 Developing Rich Media Apps Today’S Topics
    IGME-330 Rich Media Web Application Development I Week 1 Developing Rich Media Apps Today’s topics • Tools we’ll use – what’s the IDE we’ll be using? (hint: none) • This class is about “Rich Media” – we’ll need a “Rich client” – what’s that? • Rich media Plug-ins v. Native browser support for rich media • Who’s in charge of the HTML5 browser API? (hint: no one!) • Where did HTML5 come from? • What are the capabilities of an HTML5 browser? • Browser layout engines • JavaScript Engines Tools we’ll use • Browsers: • Google Chrome - assignments will be graded on Chrome • Safari • Firefox • Text Editor of your choice – no IDE necessary • Adobe Brackets (available in the labs) • Notepad++ on Windows (available in the labs) • BBEdit or TextWrangler on Mac • Others: Atom, Sublime • Documentation: • https://developer.mozilla.org/en-US/docs/Web/API/Document_Object_Model • https://developer.mozilla.org/en-US/docs/Web/API/Canvas_API/Tutorial • https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide What is a “Rich Client” • A traditional “web 1.0” application needs to refresh the entire page if there is even the smallest change to it. • A “rich client” application can update just part of the page without having to reload the entire page. This makes it act like a desktop application - see Gmail, Flickr, Facebook, ... Rich Client programming in a web browser • Two choices: • Use a plug-in like Flash, Silverlight, Java, or ActiveX • Use the built-in JavaScript functionality of modern web browsers to access the native DOM (Document Object Model) of HTML5 compliant web browsers.
    [Show full text]
  • XML a New Web Site Architecture
    XML A New Web Site Architecture Jim Costello Derek Werthmuller Darshana Apte Center for Technology in Government University at Albany, SUNY 1535 Western Avenue Albany, NY 12203 Phone: (518) 442-3892 Fax: (518) 442-3886 E-mail: [email protected] http://www.ctg.albany.edu September 2002 © 2002 Center for Technology in Government The Center grants permission to reprint this document provided this cover page is included. Table of Contents XML: A New Web Site Architecture .......................................................................................................................... 1 A Better Way? ......................................................................................................................................................... 1 Defining the Problem.............................................................................................................................................. 1 Partial Solutions ...................................................................................................................................................... 2 Addressing the Root Problems .............................................................................................................................. 2 Figure 1. Sample XML file (all code simplified for example) ...................................................................... 4 Figure 2. Sample XSL File (all code simplified for example) ....................................................................... 6 Figure 3. Formatted Page Produced
    [Show full text]
  • Document Object Model
    Document Object Model DOM DOM is a programming interface that provides a way for the values and structure of an XML document to be accessed and manipulated. Tasks that can be performed with DOM . Navigate an XML document's structure, which is a tree stored in memory. Report the information found at the nodes of the XML tree. Add, delete, or modify elements in the XML document. DOM represents each node of the XML tree as an object with properties and behavior for processing the XML. The root of the tree is a Document object. Its children represent the entire XML document except the xml declaration. On the next page we consider a small XML document with comments, a processing instruction, a CDATA section, entity references, and a DOCTYPE declaration, in addition to its element tree. It is valid with respect to a DTD, named root.dtd. <!ELEMENT root (child*)> <!ELEMENT child (name)> <!ELEMENT name (#PCDATA)> <!ATTLIST child position NMTOKEN #REQUIRED> <!ENTITY last1 "Dover"> <!ENTITY last2 "Reckonwith"> Document Object Model Copyright 2005 by Ken Slonneger 1 Example: root.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE root SYSTEM "root.dtd"> <!-- root.xml --> <?DomParse usage="java DomParse root.xml"?> <root> <child position="first"> <name>Eileen &last1;</name> </child> <child position="second"> <name><![CDATA[<<<Amanda>>>]]> &last2;</name> </child> <!-- Could be more children later. --> </root> DOM imagines that this XML information has a document root with four children: 1. A DOCTYPE declaration. 2. A comment. 3. A processing instruction, whose target is DomParse. 4. The root element of the document. The second comment is a child of the root element.
    [Show full text]
  • Full Stack Web Development
    Full Stack Web Development Partial report in partial fulfilment of the requirement of the Degree of Bachelor of Technology In Computer Science and Engineering By Charchit Kapoor (161207) Under the supervision of Umesh Sharma Product Manager (magicPin Samast Technologies Pvt. Ltd) To Department of Computer Science Engineering and Information Technology Jaypee University of Information Technology,Waknaghat,Solan-173234 Himachal Pradesh I CERTIFICATE Candidate Declaration I”declare that the work presented in this report ‘Full Stack Web Development’ in partial fulfilment of”the requirements for the award of the degree of bachelor of Technology in Computer Science and Engineering submitted in the department of Computer Science and Engineering/ Information Technology,”Jaypee University of Information Technology Waknaghat, is an authentic record of my work carried out over a period of Feb,2020 to”May,2020 under the Supervision of Umesh Sharma (Product Manager, magicPin). The matter embodied in the report”has not been submitted for the award of any other degree or diploma. It contains sufficient”information to describe the various tasks performed by me during the internship. Charchit Kapoor, 161207 This is to certify that”the above statement made by the candidate is true to the best of my knowledge. The report has been reviewed by the company officials, and has been audited according to the company guidelines. Umesh Sharma Product Manager magicPin (Samast Technologies Private Ltd.) Dated: May 29th, 2020 II ACKNOWLEDGEMET We have taken efforts in”this project. However, it would not have been possible without the kind support and help of many”individuals and organisations. I would like to extend our sincere thanks to all of them.
    [Show full text]
  • Flash Player and Linux
    Flash Player and Linux Ed Costello Engineering Manager Adobe Flash Player Tinic Uro Sr. Software Engineer Adobe Flash Player 2007 Adobe Systems Incorporated. All Rights Reserved. Overview . History and Evolution of Flash Player . Flash Player 9 and Linux . On the Horizon 2 2007 Adobe Systems Incorporated. All Rights Reserved. Flash on the Web: Yesterday 3 2006 Adobe Systems Incorporated. All Rights Reserved. Flash on the Web: Today 4 2006 Adobe Systems Incorporated. All Rights Reserved. A Brief History of Flash Player Flash Flash Flash Flash Linux Player 5 Player 6 Player 7 Player 9 Feb 2001 Dec 2002 May 2004 Jan 2007 Win/ Flash Flash Flash Flash Flash Flash Flash Mac Player 3 Player 4 Player 5 Player 6 Player 7 Player 8 Player 9 Sep 1998 Jun 1999 Aug 2000 Mar 2002 Sep 2003 Aug 2005 Jun 2006 … Vector Animation Interactivity “RIAs” Developers Expressive Performance & Video & Standards Simple Actions, ActionScript Components, ActionScript Filters, ActionScript 3.0, Movie Clips, 1.0 Video (H.263) 2.0 Blend Modes, New virtual Motion Tween, (ECMAScript High-!delity machine MP3 ed. 3), text, Streaming Video (ON2) video 5 2007 Adobe Systems Incorporated. All Rights Reserved. Widest Reach . Ubiquitous, cross-platform, rich media and rich internet application runtime . Installed on 98% of internet- connected desktops1 . Consistently reaches 80% penetration within 12 months of release2 . Flash Player 9 reached 80%+ penetration in <9 months . YUM-savvy updater to support rapid/consistent Linux penetration 1. Source: Millward-Brown September 2006. Mature Market data. 2. Source: NPD plug-in penetration study 6 2007 Adobe Systems Incorporated. All Rights Reserved.
    [Show full text]