OpenSSL and Android versions

I couldn’t find in the internet what version of OpenSSL is used in each Android version. So,  I used this simple script to find it out, the results are in table below.

OpenSSL Android
UNKNOWN 1.6_r1
UNKNOWN 1.6_r1.1
UNKNOWN 1.6_r1.2
UNKNOWN 1.6_r1.3
UNKNOWN 1.6_r1.4
UNKNOWN 1.6_r1.5
UNKNOWN 1.6_r2
UNKNOWN 2.0.1_r1
UNKNOWN 2.0_r1
UNKNOWN 2.1_r1
UNKNOWN 2.1_r2
UNKNOWN 2.1_r2.1p
UNKNOWN 2.1_r2.1p2
UNKNOWN 2.1_r2.1s
0.9.8m 2.2.1_r1
0.9.8m 2.2.1_r2
0.9.8m 2.2.2_r1
0.9.8m 2.2.3_r1
0.9.8m 2.2.3_r2
0.9.8m 2.2.3_r2.1
0.9.8m 2.2_r1
0.9.8m 2.2_r1.1
0.9.8m 2.2_r1.2
0.9.8m 2.2_r1.3
0.9.8m cts-2.2_r8
1.0.0a 2.3.1_r1
1.0.0a 2.3.2_r1
1.0.0a 2.3.3_r1
1.0.0a 2.3.3_r1.1
1.0.0a 2.3.4_r0.9
1.0.0a 2.3.4_r1
1.0.0a 2.3.5_r1
1.0.0a 2.3.6_r0.9
1.0.0a 2.3.6_r1
1.0.0a 2.3.7_r1
1.0.0a 2.3_r1
1.0.0a cts-2.3_r10
1.0.0a cts-2.3_r11
1.0.0a cts-2.3_r12
1.0.0e 4.0.1_r1
1.0.0e 4.0.1_r1.1
1.0.0e 4.0.1_r1.2
1.0.0e 4.0.2_r1
1.0.0e 4.0.3_r1
1.0.0e 4.0.3_r1.1
1.0.0e 4.0.4_r1
1.0.0e 4.0.4_r1.1
1.0.0e 4.0.4_r1.2
1.0.0e 4.0.4_r2
1.0.0e 4.0.4_r2.1
1.0.0e cts-4.0.3_r1
1.0.0e cts-4.0.3_r2
1.0.0e cts-4.0_r1
1.0.0e cts-verifier-4.0.3_r1
1.0.0e cts-verifier-4.0_r1
1.0.0e sdk-4.0.3-tools_r1
1.0.0e sdk-4.0.3_r1
1.0.0e sdk-adt_r16.0.1
1.0.0e sdk-adt_r20
1.0.1c 4.1.1_r1
1.0.1c 4.1.1_r1.1
1.0.1c 4.1.1_r2
1.0.1c 4.1.1_r3
1.0.1c 4.1.1_r4
1.0.1c 4.1.1_r5
1.0.1c 4.1.1_r6
1.0.1c 4.1.1_r6.1
1.0.1c 4.1.2_r1
1.0.1c 4.1.2_r2
1.0.1c 4.1.2_r2.1
1.0.1c 4.2.1_r1
1.0.1c 4.2.1_r1.1
1.0.1c 4.2.1_r1.2
1.0.1c 4.2.2_r1
1.0.1c 4.2.2_r1.1
1.0.1c 4.2.2_r1.2
1.0.1c 4.2_r1
1.0.1c cts-4.1_r1
1.0.1c cts-4.1_r2
1.0.1c cts-4.1_r4
1.0.1c cts-4.2_r1
1.0.1c cts-4.2_r2
1.0.1c sdk-support_r11
1.0.1e 4.3.1_r1
1.0.1e 4.3_r0.9
1.0.1e 4.3_r0.9.1
1.0.1e 4.3_r1
1.0.1e 4.3_r1.1
1.0.1e 4.3_r2
1.0.1e 4.3_r2.1
1.0.1e 4.3_r2.2
1.0.1e 4.3_r2.3
1.0.1e 4.3_r3
1.0.1e 4.3_r3.1
1.0.1e 4.4.1_r1
1.0.1e 4.4.1_r1.0.1
1.0.1e 4.4.2_r1
1.0.1e 4.4.2_r1.0.1
1.0.1e 4.4.2_r2
1.0.1e 4.4.2_r2.0.1
1.0.1e 4.4.3_r1
1.0.1e 4.4.3_r1.0.1
1.0.1e 4.4.3_r1.1
1.0.1e 4.4.3_r1.1.0.1
1.0.1e 4.4.4_r1
1.0.1e 4.4.4_r1.0.1
1.0.1e 4.4.4_r2
1.0.1e 4.4.4_r2.0.1
1.0.1e 4.4_r0.7
1.0.1e 4.4_r0.8
1.0.1e 4.4_r0.9
1.0.1e 4.4_r1
1.0.1e 4.4_r1.0.1
1.0.1e 4.4_r1.1
1.0.1e 4.4_r1.1.0.1
1.0.1e 4.4_r1.2
1.0.1e 4.4_r1.2.0.1
1.0.1e 4.4w_r1
1.0.1e cts-4.4_r1
1.0.1e sdk-4.4.2_r1
1.0.1e sdk-4.4.2_r1.0.1

Money is not everything

Back in my days as university student, one of the most important concepts in the classes “Project management”  and “Investment projects evaluation” was the ROI. With WhatsApp saying To handle 50 billion messages a day the focus is on making a reliable system that works. Monetization is something to look at later, it’s far far down the road. [1] and Zuckerberg saying Simply put: we don’t build services to make money; we make money to build better services.[2] in the IPO letter, it is clear that not everything is about money.


“Steve’s talked about the goal of Apple, and the goal of Apple is not to make money but to make really nice products, really great products”, said Jonathan Ive [3].



Yes, not everything is about money, money doesn’t have real value, money shouldn’t be necessary…money shouldn’t exist in the first place

Other unrelated but interesting parts on the WhatsApp architecture article:

– In 2011 WhatsApp achieved 1 million established tcp sessions on a single machine with memory and cpu to spare. (Wow!)

– Ejabberd in FreeBSD. (I played with that!)

-32 engineers, one developer supports 14 million active users. (Good people is worth)



[3] Inside Apple, Chapter 3. Adam Lashinsky


As usual, a lot of interesting things are going  in The Internet, here are some that caught my attention:

1) Mozilla Persona

A better way to sign in.

It can be used to implement SSO (Single-Sign-On), in someway it is similar to OpenID.
The identity provider is not notified, which is very good for privacy.
It is focused on the browser (built on the BrowserID protocol)
Take a look


2) IDEs in the Cloud

Many things are moving to the Cloud, and IDEs are not the exception.
Cloud9 the IDE (not the restaurant with tasty food) is a popular one.

This link lists more options.


3) Visual Regular Expressions

Chances are that you know the saying

Some people, when confronted with a problem, think “I know, I’ll use regular expressions.” Now they have two problems.
Attributed to jwz.

Well, that is less true with Debuggex, a pretty cool tool to visualize JavaScipt, PCRE and Python regular expressions. Debuggex eases the problem of using regular expressions. It integrates Mozilla’s Persona and embedding in StackOverflow.

RegexPlanet is another good option but isn’t possible to visualize regex…

One thing I would like to see:   Debuggex is  open-source instead of  Debuggex is not open-source

Check it out


4) FreeBSD in the PlayStation 4

Seems like the PlayStation 4 will be running Orbis OS, a modified version of FreeBSD.


5) Synchronization via procrastination

The article Structured Deferral: Synchronization via Procrastination overviews how to maintain data synchronized using a lazy approach.
It compares reference counting, hazard pointers…

Recommended article


6) On Java garbage collection

Article explaining the G1 Garbage Collector.


7) Serval Project

Serval Project brings Open telecommunications using mesh networking.

These are the features that make it interesting:
1) Opertaes in normal phones (there is an app for Android)
2) The nodes keep the phone number
3) All calls are end-to-end encrypted

This has wide range of use cases, e.g., using cell phones in over-crowded places, communicating during disaster, freely communication during civil resistance, communicating with friends without using carrier’s networks…

An article in MIT Technology Review

A related TED’s talk video

The project page in indiegogo

Open Garden is a similar project that is worth looking


8) The Process of Innovation

A software guy named James Gosling (not a Senior Consultant, not a Principal Engineer, not a Dr, just a plain Software Guy) talks in Standford’s Computers Systems Colloquium about the process of innovation. Among other interesting facts and anecdotes he talks about:

  • The cost of risk. For a company, going into a research project is a risk because, research project takes time (time is money, and researchers are not cheap), and there are big chances that the research couldn’t be capitalized.
    So, from the risk point of view, it is safer/better to acquire a company that has already developed a product as result of a research project. This is also better from the accounting point of view, even if the price to pay is high, the company’s is not exactly spending money but just changing the form of an asset, as opposed to literally spend money in a research project until it becomes profitable, if someday turns out to become profitable. For companies is better to buy instead of develop. Around 20′
  • He compares the ‘success rate of R&D projects’ in IBM with 1%-5% considering more than 3% highly productive, and Sun with 10% – 20%. The fact that Sun’s outperformed IBM might be due to the fact that almost every manager at Sun had a technical/engineering background. Around 30′
  • How to do technology transfer? Create something new, killing the old…or transform the old into something new


9) A different approach to schedule public transportation

Self-Organization Leads to Supraoptimal Performance in Public Transportation Systems

This interesting and not conventional paper, argues that self-scheduling public transportation is more efficient than the typical approach where vehicles come at regular intervals.

Take a look

psshfs in DragonFlyBSD

How I got mount_psshfs(8) to work.

mount_psshfs basically offers the same functionality as sshfs(1). Putting it to work is quite easy but it is not enabled by default, so some work is required.

0) Set up ssh keys

1) Build, install and boot a new kernel which includes the following parameters. Here is how.
 pseudo-device putter # PUFFS(4)
options PUFFS #Pass-to-Userspace Framework File System

Alternatively, just load the module
kldload puffs

2) Add device rules in /etc/devfs.conf
 perm putter root:wheel 0666

3) Enable vfs.usermount
In /etc/sysctl.conf add

4) Mount it!
 mount_psshfs -O IdentityFile=/home/earthling/.ssh/mercury_rsa mercurius@ /home/earthling/mnt/remote_to_mercury



mount_psshfs: handshake failed, server does not support sftp?
mount_psshfs: puffs_mount: cannot open /dev/putter
mount_psshfs: puffs_daemon: Permission denied
mount_psshfs: puffs_mount: Permission denied
mount_psshfs: puffs_mount: Operation not permitted

Why Software Testing?

Doing testing* is not my favorite part in the process of software development but, it is a very important one. Therefore, every well rounded developer should know at least the basics of QA/QC and testing.

Understanding the testing process also gives insights to develop better software.


For these reasons I got interested in software testing and wrote this little memo based on a few resources listed in the references section.

*Testing here refers to user level testing. It should be noted that I am fan of BDD and I love writing unit tests, integration tests and automatizing tests.    





There is often confusion in the IT industry regarding the difference between quality control
and quality assurance. Many “quality assurance” groups, in fact, practice quality control.
Quality methods can be segmented into two categories: preventive methods and detective
methods. This distinction serves as the mechanism to distinguish quality assurance activities
from quality control activities.
Quality Assurance is preventive and inspects the process
Quality Control is detective and inspects the product
Quality perspectives
Quality has two working definitions:
• Producer’s Viewpoint – The quality of the product meets the requirements.
• Customer’s Viewpoint – The quality of the product is “fit for use” or meets the
customer’s needs.
Software Quality Factors
•Correctness – Extent to which a program satisfies its specifications and fulfills the
user’s mission objectives.
• Reliability – Extent to which a program can be expected to perform its intended
function with required precision.
• Usability – Effort required learning, operating, preparing input, and interpreting
output of a program.
• Maintainability – Effort required locating and fixing an error in an operational
• Interoperability – Effort required to couple one system to another.
Your organization must define quality before it can be achieved…this applies everywhere
Testing is a measurement process. It attempts to measure the implemented software against
either or both specifications and user needs.
Software testing does not add a lot of value to the business if all they
are doing is validating that incorrect requirements are implemented correctly.
Adequacy of users to use the technology
There are two components to any professional process. The components are the process itself,
and the competency of the process user to use that process effectively. The two components
must be properly coordinated for the new technology governed by that process to be used
Figure 1-10 The Five Levels of Process Maturity
Relationship of the competency of the user technology to the process
controlling the use of that technology. The figure shows the five levels of technology process maturity, and the competency of the user to use the technology from high to low.
Limited resources
When resources are very limited, we should focus on finding critical bugs, verifying that specs are meet, and verifying basic functionality.
Lacking or Poorly Written Requirements
If requirements are lacking or poorly written, then the test team must have a defined method
for uncovering and defining test objectives.
Computer System Verification Example
About the execution of the test plan
The test plan should be executed as designed. If the plan cannot be executed as
designed it should be changed, or notations made as to what aspects of the plan were
not performed.
The Differences Between Programmers and Testers
Testers, have learned that their job is testing for compliance to a specification.
Programmers have been trained that a problem is to be analyzed in depth and a perfect solution designed before any coding begins.
Testers are to make the software better not to find programmers’ mistakes.
Learn to Start Without a Specification,specifications by example,
Succeeding with Agile Software Development Using Scrum Chapter, Chapter 13
Kind of same concept used in RSpec.
Agile Software Development Using Scrum
On a Scrum project, testers and programmers need to unlearn these behaviors.
Testers learn that testing is also about conformance with user needs. Programmers
learn that a fully considered design is not always necessary (and sometimes not
even desirable) before coding begins.
Succeeding with Agile Software Development Using Scrum Chapter 1, 8
Assessment: is the thoughtful analysis of testing results, and then taking
corrective action on the identified weaknesses.
Process: A process can be defined as a set of activities that represent the way work is performed. The outcome from a process is usually a product or service. Both software development and software testing are processes.
Quality Assurance: is preventive and inspects the process.
Quality Control: is detective and inspects the product.
Regression testing: Regression testing is retesting unchanged segments of the application system. It normally involves re-running tests that have been previously executed to ensure that the same results can be achieved currently as were achieved when the segment was last tested.