1 - Are you are a resident or national of any country or region other than Crimea, Cuba, Iran, North Korea, Syria, or Sudan?Yes
2 - Are you or will you be 18 years of age or older by December 1, 2018?Yes
3 - Are you eligible to work in the country or countries in which you will reside throughout the duration of the program?Yes
4 - Do you confirm that you are not a person or entity restricted by US export controls or sanctions programs?Yes
5 - Are you available for a full-time, 40 hours a week internship between the project dates? Please list any commitments you have between these dates that might conflict with you being available full-time to work on the internship on any given week, other than job and school commitments covered in questions below. (We expect interns to work out with their mentor how they make up for short absences.)Yes and I don’t have other commitments
6 - Have you read and agree with what's stated in our internship contract?Yes
7(i) - Are you free of any job commitments between the internship dates? (Skip questions 7(ii)-7(iii) if the answer is Yes.)Yes
7(ii) What are the dates during which you have other job commitments and how many hours a week do they require?
7(iii) Given the information you provided above, can you certify that your job commitments will take up no more than 20 hours a week for at least seven weeks between the internship dates?
8(i) - Are you enrolled in school between the internship dates? (Skip questions 8(ii)-8(v) if the answer is No.)No
8(ii) - What are the dates for the semesters and exam sessions that fall between these dates? How many weeks do you have during the internship period that are outside of the semester or exam session dates?8(iii) - What classes and for how many credits are you taking in each one of the semesters that overlap with the internship dates? How many credits does a full-time student typically take a semester at your school? Please attach or provide a link to a curriculum that supports this information (required).8(iv) - Do you plan to use your internship participation to satisfy a project requirement and receive school credits? If so, how many credits will you receive?8(v) - Given the information you provided above, can you certify that after subtracting the credits, if any, that you will receive for the internship, you will take no more than half of the typical number of credits a full-time student takes at your school for at least seven weeks between the internship dates?
------------------------------------
Do you confirm that you are eligible for this internship as stated in our eligibility rules at https://wiki.gnome.org/Internships#Eligibility?Yes
Do you confirm that you have read and agree with the internship contract linked at https://wiki.gnome.org/Internships#Eligibility?Yes
== Personal Information ==
If you are accepted, fields in this section that are marked "(public)" will be displayed on a public acceptances page. If you prefer different information to be displayed publicly than you want to provide in this form, please provide both a private version visible only to the coordinators and mentors of the internship, and a public version to be displayed publicly.
Name (public): Ludovico de Nittis
Preferred pronoun (e.g. she, he, they): he
E-mail address: aasonykk gmail comBlog URL (public, required): https://ryuzakikk.github.io/IRC nick (public, optional): ryukk_
Twitter URL (public, optional):
Website or Portfolio URL (optional):
GitHub, GitLab, or any other code repository URL (optional): https://github.com/RyuzakiKKLinkedIn URL (optional): https://www.linkedin.com/in/ludovico-de-nittisAny other online presence URL you wish to provide:
Location (city, state/province, and country) (public): Imola, BO, Italy
Education completed or in progress (include university, major/concentration, degree level, and graduation year):I have a Bachelor degree in Computer Science and Engineering achieved at University of Bologna (Unibo) in December 2015.
I'm currently attending the second year of the Master degree (still in Computer Science and Engineering at Unibo) and the graduation date is planned to be next October 2018.
How did you hear about this internship?From the blog post on
https://www.gnome.org/news/== Project Information ==
What project are you interested in?I’m interested in the project “USB Protection”
Who is a possible mentor for the project you are interested in?A possible mentor is
Tobias MullerPlease describe your experience with the GNOME community and GNOME projects as a user and as a contributor. Some experience with GNOME stack and some contributions to GNOME are required for considering the application. Include information and links to the contributions you made:I started using Linux in my desktop PC in 2008 with Ubuntu 8.04. Since then I tried a lot of desktop environments and distributions until about 5 years ago when I settled with Arch Linux and GNOME.
When last year I discovered the GSoC event I immediately tried to apply for GNOME, that was my chance to start giving back after years of being just an user.
It ended up being an incredible experience and, thanks to the GUADEC 2017 conference, I was also able to interact with other GNOME’s users and developers.
Now I’m currently co-maintaining GNOME-Keysign.
As a contributor I did the following commits:
On gnome-control-center:
https://gitlab.gnome.org/GNOME/gnome-control-center/commit/409c99bdf4d0c12c19f4ddc6cecafa8e66858ae6https://gitlab.gnome.org/GNOME/gnome-control-center/commit/9e2ec5a0bbd4e67b8c6810ad0f6cc36be710f09ahttps://gitlab.gnome.org/GNOME/gnome-control-center/commit/d6fd9742a292c686658fa1f00fda933c807df6fehttps://gitlab.gnome.org/GNOME/gnome-control-center/commit/b8972e885c73c337de42e6f0434e775bf6edb552https://gitlab.gnome.org/GNOME/gnome-control-center/commit/2b14ccdf86812eeff06f4b12b7ebe52c057fdaa5On GNOME-Keysign:
https://github.com/gnome-keysign/gnome-keysign/commits?author=RyuzakiKK(I used github because gitlab
can’t filter the commits by author )
On lasem:
https://gitlab.gnome.org/GNOME/lasem/commit/6f2feed780d9139a45c06e1ad399d06a4f351fbfOn gdk-pixbuf:
Please describe your experience with the project you are interested to participate as a user and as a contributor and relevant areas. Include information and links to the contributions you made:This project revolves around increasing the USB protection using USBGuard.
In the past weeks I started using USBGuard in my system to have a more comprehensive understanding of how it works and what it is capable of. I also checked and used the API that USBGuard provides.
Given the fact that maybe we want to expose this new USB protection in the GNOME-Control-Center under the privacy tab, I created mockups now listed in the project wiki page. Those has been created editing the relevant UI parts of GNOME-Control-Center and compiling it with flatpak.
I also checked what lockscreen related functionalities are exposed via DBus.
Please describe your experience with any other FOSS projects as a user and as a contributor:Even if maybe not so relevant to this project, these are my others main contributions to open source programs:
I added a new device to Home Assistant:
Component:
https://github.com/home-assistant/home-assistant/commits?author=RyuzakiKKDocumentation:
https://github.com/home-assistant/home-assistant.io/commits?author=RyuzakiKKLibrary:
https://github.com/RyuzakiKK/pyialarmI wrote an Android application as an University project and continued developing it afterwards. As of now is available in the Play Store and F-Droid:
https://github.com/RyuzakiKK/NoteCryptThe flatpak manifest of GNOME-Keysign on Flathub:
https://github.com/flathub/org.gnome.KeysignPlease describe any relevant projects that you have worked on previously and what knowledge you gained from working on them (include links):During my University career I had two classes where we used the C programming language: “programming” class in first year where we learned to program and “operating systems” class in second year where we learned how to handle concurrent tasks, still in C (semaphores and conditional variables).
We also had a “web technologies” class where we learned how to use _javascript_ (it may be useful in case I need to also edit GNOME-Shell) and later in “web services” we used TypeScript.
The others relevant tasks I performed are listed above in the “Please describe your experience with the project” section.
Please describe the details and the timeline of the work you plan to accomplish on the project you are most interested in (discuss these first with the mentor of the project):This project aims to increase the security without compromising the usability.
In order to achieve it we need to constantly gather feedback from the users during the entire course of development. Apart from the initial community opinion, as soon as we reach a working proof of concept, of the specific part we are trying to implement, we should let the users test it and adapt the future development based on the received feedback.
Nov 1 - Nov 30 (“Getting on speed” Period)
Further discussing the implementation ideas with the mentor and the community.
Reading and studying the documentation for GLib.
Gain confidence with the GNOME-Control-Center codebase.
Dec 1 - Dec 16
The first step is adding the ability to always block new USB devices through GNOME Control Center’s privacy tab.
Dec 17 - Dec 30
Adding the ability to prevent new USB devices only when the lock screen is active while still allowing keyboards (we don’t want to lockout a user if his keyboard breaks).
This can be implemented as a daemon waiting for the relevant DBus signals (like the org.gnome.ScreenSaver ActiveChanged event), or implementing the logic directly in GNOME Shell.
Dec 31 - Jan 13
Refining the “block only with the lock screen enabled” implementation.
Add a notification when a new blocked USB device has been plugged in when the lock screen was enabled.
Jan 14 - Jan 27
First attempt to also protect when the lock screen is not active. Starting simple, just lock the screen every time an USB device is plugged. Then try to do something more sophisticated, like locking the screen only if the device was never plugged in before.
Jan 28 - Feb 10
If a device is plugged when the session is unlocked, we try to check if this device has been already authorized before and block it only if it is new.
Feb 11 - Feb 24
Base the authorization against the running applications, for example if there are flatpak programs running we could check the likely needed devices from the permissions requested by those applications.
Feb 25 - Mar 1
Last week of work, bug hunting and fixing.
Finish writing unit/integration tests for cover, as much as possible, the code I wrote.
Writing documentation.
Code cleaning.
