Often I hear from people, especially younger ones, that they don't know what to do. I have compiled a list of ideas that I think would be great for someone to work on. Next time someone says they can't think of something to do, or that they are bored, point them to this page. # Programming and development ideas: Create a tool that figures out (like make) in what order to run the startup scripts on Linux. Get rid of /etc/rcN.d altogether. Cheat by checking on how other OSes do it, NetBSD had a tool like this IIRC. Create an open-source alternative to Powerpoint. Create a web front-end for managing asterisk. Create a web front-end for a firewall like OpenBSD's pf or Linux's iptables. Show the last N blocked packets, the top N destination ports of blocked packets over different periods of time, the top N source IPs of blocked packets, etc. This is open-ended; you can get creative with graphics, such as the gd library for PERL, or even visualization packages like graphviz, LGL, VolSuite, OpenQVIS, etc. Create an open-source presentation player like Powerpoint. Try and use lyx if you can for the slides. Create a secure and standard way to tell routers and firewalls (e.g. my DFD) to open up a port to a particular machine. See SPA, uPNP. Create a common XML format for PDA information, and add code to import all that shit into your favorite mailer, PDA, etc. Linux programmer to take over dynamic firewall daemon from me. Write a graphical password entry program for the Palm OS. Then write an app to keep data encrypted, using the graphical password. Consider interoperating with gnukeyring. Compile programs and create packages for them for your favorite distro. For example: OS package OpenBSD 3.7 apcupsd FC3 source apcupsd OpenBSD 3.7 Twisted (www.twistedmatrix.com) OpenBSD 3.7 ZopeInterface (www.zope.org) Another thing that is sorely needed is someone to create a privoxy+tor package; right now you have to install both, and reconfigure privoxy... which means you can't have privoxy running normally on the same machine... Write regression tests for your favorite distro. That's where you write a test for every fixed bug to make sure it doesn't get re-introduced. C program that takes an image or other file and converts it into an array for use within a program. Write a version of "the bodyguard" that logs you out when root logs in. The idea is if you're tunnelled through a system and interacting with the next hop, if root logs in and starts poking his nose around, you disappear. For extra credit, re-establish the tunnel around the node where root logged in. Write the first [security/auditing] footprinting tool. Make it modular. Write a version of the old AT&T PathServer, but integrate it with a keyserver and support new GPG keys. Write a network daemon in a "safer" language than C (java, perl, python, ML). Write a tool for open-source developers to automatically publish web pages, source code, and automatically create secure hashes and GPG signatures of both. Basically I want something that does offline generation (precomputation) of HTML files. In other words, don't do it with cgi-bin programs the way sourceforge does. Create a script or makefile target that rsyncs it with a remote web server. It should publish signed archives as well as browsable source code, should extract DESCRIPTION files from the archive and include them in the homepage for the project, create convenient links to (or textually include) the README and INSTALL files, . For extra credit, write wrapper scripts for generating user groups for said developers, such as mailing lists and archives and CVS repositories. You will want to use gpg-agent, especially if you sign lots of files or webpages. When you subscribe to a mailing list, they often send you a verification message. Write a tool that sends the subscription request, and automatically responds to the verification message. Optionally, have it respond to ANY verification message it receives (less safe, but convenient). When you receive an email from a list, you have to examine RFC 822 headers to see how to filter it (unless you like all copies of messages cross-posted to 2 or more lists to end up in the first mailing list's folder). Write a tool which automatically figures this out and creates a .procmailrc entry for the new list. Write something like "password safe" but for Unix/X. Basically it's a database of names, and when you click on them they put the password into your cut-and-paste buffer. So it never gets printed. Of course there is one main password that unlocks the whole deal. Take over maintenance of an abandoned software project. Write a user/directory service that is: Like NIS but doesn't use portmapper/RPC, and is secure Like LDAP but without the x.500 baggage and for just one thing # Creating Unix distros Create a distro that specializes in anonymity services, crypto, defensive network security Create a distro that specializes in p2p and filetrading Create a distro for kick-ass anti-spam mail servers Create a distro for a dedicated email server. Be sure to include tons of anti-spam measures, so that the spammers don't have a single target to optimize against. # Writing and/or documentation ideas: Summarize conversations on mailing lists. Summarize conference proceedings (DEFCON anyone?) Write a better RAID FAQ. Write a homepage for the mdadm tools with good usage info. Write some documentation on bluetooth network stacks in Linux. You may even dive into bluetooth networking models and basics. But please create documentation on hidd and other userland tools. Write a HOWTO on SELinux that isn't super boring. Start archiving and indexing email lists and sell CDs as reference material. Create a web site comparing and archiving various software licenses. Explain what kind of situations demonstrate the advantages of one over the other.