Created by Jan Wrobel Subscribe to updates RSS feed

This page contains links to various software-related projects that I've worked on. I occasionally blog. You can contact me at


Shapespark is a company that we have started with my friends Wojtek and Jagoda. We are building a service for professional architects and interior designers to create WebGL-based real-time interactive visualizations. Our site and our first visualization is at

Web access control

wwwhisper is an application independent authorization back-end for web servers. It is an open-source project, I also run a Heroku add-on that allows to easily use wwwhisper from Ruby or Node.js applications hosted on Heroku.

Reflection Scan

A paper and a proof of concept that introduces a timing off-path attack on TCP. The attack exploits a shared routing queue to disclose TCP session secrets: an ephemeral port and sequence numbers used by two sides of a TCP connection.

Speech Trainer

A recording application for Android specialized for quickly recording and hearing back words, sentences or musical phrases. The application automatically terminates recording and plays recorded samples when a period of silence is detected. Source code is on github.


A one day hack based on Speech Trainer. The application replays everything you say with a short delay, which momentarily confuses the brain and disturbs speech. 'Great...when it is working' to cite one of happy users.

Intercepting HTTP traffic in Firefox

nsITraceableChannel is a Firefox API that I co-authored while working on Firekeeper. Jan Odvarko's from Firebug explains the API in more details (Firebug uses nsITraceableChannel to implement its network tracing console).


An Intrusion Detection System for Firefox. I had a privilege of being mentored by Len Sassaman while working on Firekeeper during the Google Summer of Code. The project is no longer maintained.

HTTP referer and phishing

HTTP referer passes sensitive information to untrusted parties, the information can be used to make malicious content seem trustworthy.

Out of Kernel FileSystem

An experimental virtual filesystem for Linux that works entirely at the user level and does not require any kernel patch or module. Source code and documentation is on sourceforge. If you know Polish, you may be interested in a Master's Thesis about OKFS. It starts with high level explanation of how Linux file system works.

Mingetty autorelogin

A mingetty productivity enhancing patch for dinosaurs that still work in a plain text mode. It allows to automatically log in with a name of a user that is already logged on some other virtual console. The feature is currently used by about 0 users, but the number grows exponentially. See patched version, original is on sourceforge.

still life