Hi there, it's 6 in the morning, yet again (read the opening of the previous article for context). I was already tired after taking 4 class tests, including one surprise test yesterday (I mean, the dates have changed, so what if I haven't slept yet ¯\_(ツ)_/¯). Still, it was a peaceful day until I came across this comment, "So, you guys are collecting everyone's ERP credentials officially now?" on the latest release of GYFT - Get Your Freaking Time-Table (explanation coming ahead). This, followed by other misconceptions, broke the dam and flooded here in this article.

Hi, it’s me from the future, the old me who started to write this article (more like, rant) 2-3 days before the midsems couldn’t complete it before them. And, this is present me completing the article (or, rant or whatever) with more incidents (more like ranting material) which happened in just this short period of time, related to the release of WIMP - Where Is My Prof.

Disclaimer

So, this is me busting myths, stating facts, and explaining current dynamics about metaKGP. Also, ranting here and there on related topics. Just to be clear - if it wasn't already from above - these are my thoughts on how I perceive the situation at hand. Until I mention specifically that this is a statement from metaKGP as an organization, then it implies that these are my personal views only and are not endorsed by metaKGP at all.

Also, I will be using some screenshots of texts that I have received recently (without disclosing any names or without providing enough information that reduces the search space). These are just shared as an example of how to or how not to do a certain thing, in whatever context the conversation’s screenshot is used.

Recommendation
For those whose brains have been affected by excessive consumption of short-form content, resulting in shortened attention spans, this article/rant can be read in 2 parts:

• Busting myths around metaKGP

• Do KGP deserve metaKGP?

What should you expect from this article?

• My ranting here and there

• Clarifying misconceptions around metaKGP’s functioning and its projects

• Understanding the past situation of metaKGP and how those led to the current situation

• Understand the what and why of metaKGP

• How to report an issue / ask for support

Busting myths

There are quite a lot of myths which people assume by themselves. Simply put, some things are assumed to be true by connecting dots as one sees fit. And all of them just make me go crazy ( ╯°□°)╯ ┻━━┻

metaKGP is supported by the administration

No! Not at all!

Neither in the past nor in the present!

And I don’t see this happening even in the distant future (I would be glad if this happens, though). To be more precise:

Association with Hall, Gymkhana & Institute level POR

• Any POR (even if they have “tech” in their names) does NOT have any role or say in metaKGP - AT ALL. Any Gymkhana / Hall / Institute position (focus, I am talking about the “position”; not the “person” holding the position) doesn't have a say in what, when, and how metaKGP does.

  It might be possible that someone from metaKGP holds the above-described position, but that doesn't imply that the position itself has a role in metaKGP. For example, when you approached me in the last tenure (the academic year 2023-2024) when I was serving as the Technology Coordinator for anything related to metaKGP, you approached Arpit Bhardwaj, NOT the Technology Coordinator.

  Warning

  Stay alert from “neta” type people who claim that they have a role (or say) in metaKGP just because they hold a POR. I have seen, people leveraging the name of metaKGP for their own benefit, whenever they seemed fit just because of their position.

  A humble note for these “netas”

  If you hold some position, then you can help us in many ways, help us and boast about it everywhere. But without any contribution leveraging the name of metaKGP is something condemnable. metaKGP projects become illegal for you when it comes to supporting us but leveraging the name of metaKGP for your gains is all good? Sahi hai bhai XD

Support for projects

• Neither metaKGP as an organization nor metaKGP projects are supported, backed, or funded by any institute administration. MetaKGP projects, including - wiki, GYFT, GYFE, Naarad, and IQPS - to name a few, are hosted on a server whose costs are handled by alumni of metaKGP; even this list of who paid how much and when is open to all - metaKGP Finances Sheet.

Updating wiki content is metaKGPs’ responsibility

Let’s first understand what a wiki is,

“A wiki (/ˈwɪki/ ⓘ WI-kee) is a form of hypertext publication on the internet which is collaboratively edited and managed by its audience directly through a web browser.”

Source: wiki : Wikipedia

In simpler words, YOU, as a KGPian, are responsible for updating the wiki's content whenever it is comfortable for you. Making sure the wiki is up & running with all the functions working properly is the role of the maintainers (if the wiki is the only topic of consideration). If you find some information that is outdated and also find the latest information, then it’s your responsibility to update it instead of crying about the outdated information.

However, a handful of guys (and gals) already maintaining over 20 projects can not update the wiki's content. How can you even imagine this small group of students writing all the wiki content ( ╯°□°)╯ ┻━━┻? Fine, you might assume that we have a force of paid students who update the content. BULLSHIT. That force would have to be half of the KGP if you consider the sheer amount of text content on Wiki.

ERP-related projects steal students' data

So, finally, we are at the issue that forced me to write this rant. Let's dive deep into this issue.

This is a major concern about metaKGP projects dealing with ERP, where users are required to enter their ERP credentials on our custom frontend. At present, there are only GYFT and GYFE. There is doubt that the credentials entered are stored on our servers.

I will answer it straight to the point on behalf of my team from metaKGP:

• No, we do not.

• We encourage you to check the codebase for both of these projects on our GitHub repositories - GYFE and GYFT - and verify it for yourself.

Why do we need your ERP credentials?

Sorry guys, I don’t know any black magic to fetch your academic timetable. Unfortunately, both GYFE and GYFT require your timetable, and to do that, we need to access your ERP; hence, your ERP credentials are needed.

But you can host a different codebase on the actual server

Yes, surely we can. But we don't choose to. Now, it's up to you whether you trust us with this or not. Don't believe in our words? These projects can be self-hosted (web version). One can understand the steps to host the project locally from their documentation. Self-host them on a machine you control to control the flow of information.

But I don’t wanna install those gigantic node modules of yours

Use the CLI version. Done. Anything else? After taking this concern into consideration, we spent more time building the projects so that they could be used in both web applications and CLI. That’s how they are publicized as well.

Note

• The footer of this poster mentioning about the CLI version.

• The QR code leads you to the GitHub repository.

Now let’s summarise…

You, the user, have full control over whether YOU CHOOSE:

• To use metaKGP’s hosted version of these projects and provide your ERP credentials

• To self-host the web version or use the CLI version locally and have full control of the data being transferred

• To not use the project :) I mean, no one is forcing you ¯\_(ツ)_/¯. Keep on with your usual life

Naarad + MFTP is illegal

In the context of our discussion, the term ‘Naarad+MFTP’ makes more sense. Both of them, when combined, give the final result of you receiving real-time CDC notices.

TLDR

No, it is not illegal. In no way is the ‘creation’ and ‘working’ of MFTP and Naarad illegal. There is nothing being ‘exploited’ to retrieve the notices (which, from now on, I will be referring to as information). The information is available to every KGPian having access to ERP (from freshmen to final year).

What is MFTP?

MFTP is a backend service that checks ERP for new notice(s) every 2 minutes. Once a new notice is detected, it will be posted to Naarad.

What is Naarad?

Naarad is the noticeboard service for KGPians (having access to their institute email), which displays the notices posted to it. Currently, the notices that are being posted are related to the CDC only. And those notices are automatically posted by MFTP. However, the plan is not to limit Naarad to just CDC notices. We have plans to incorporate other noticeboard services in the future as well. Following are the rough ideas:

• Notices from Apna Noticeboard (accessible only via campus network). It’s the same thing as the ‘Internal (Apna) Noticeboard’ in ERP

• Society events and posts

Where’s the problem?

Let’s understand the problem step-by-step.

The problem is with the type of information we are dealing with. The problem is not directly from the institute; it is induced from the companies. Companies have strict confidentiality policies to not share certain information in their notices (stipends, salary, shortlists, etc) with other colleges.

With the context of the type of information, it’s still not enough to be a problem. This information becomes punishable when shared with other colleges or even publicly.

When Naarad+MFTP is used for this purpose, these projects are put in a tight spot.

So, what’s the solution?

The solution is surprisingly simple.

• Only KGPians should have access to Naarad. Authorize with their institute email. Here’s where we developed Heimdall as a single authorization source for all our required projects.

• On top of that, add user+pass-based authorization as an extra layer of security.

Sharing of Naarad login credentials

However, one can provide the OTP to authorize with their institute email and their username and password to someone outside of KGP (not a KGPian). Yes, true. The same can happen with ERP credentials as well. Seeing this as a problem in ‘Naarad+MFTP’ doesn't make sense, but it’s fine when it happens with ERP. Still, we log all the connections made to Naarad, in case they are needed, with uniquely identifiable information such as username and IP address.

There also is an implementation which restricts signup and login ONLY to campus network while rest of the application works on any network once logged in. The implementation is completed but not merged simply because it wasn’t needed based on our threat model. You can check this un-merged implementation at, Enforce signup and login only via campus network.

Association with administration & POR

With this settled, there is one more thing that is assumed by the public in general. Let’s clear that out as well…

Placement Committee members have no role in the development and operation of either Naarad or MFTP. They are both solely developed by the people from KGP under metaKGP and are not associated with any POR. The reason for non-association is very simple: accountability.

Take this example: ‘Naarad+MFTP’ had an issue, and it failed to deliver urgent notices on time, resulting in someone missing the deadline. Who will be held accountable?

• metaKGP, who develops and maintains it?

• Placement Committee members who endorsed it?

They didn’t want to take that accountability. That’s justified as their endorsement of Naarad implies that this is an official application like ERP. I mean, in the sense that if ERP goes down and notices aren’t received so, they are bound to adjust the deadlines.

That’s where I recommended publicizing with a warning/disclaimer that you use it for your convenience but don’t rely on it solely as a failure of ‘Naarad+MFTP’ won’t be considered by the authorities. And that’s the story of how every notice in ‘Naarad+MFTP’ ends with…

With this, I expected that at least now it is endorsable by them or can be shared through the original CDC Noticeboard, which would have increased the user base of ‘Naarad+MFTP’ who have benefitted from them. But that never happened. I still don’t know (or maybe understand?) why it was denied ¯\_(ツ)_/¯.

KOSS runs metaKGP

No. And, Yes?

Fundamental differences between metaKGP and KOSS

The answer to this particular misconception is subjective. But the following stays true in any case.

• metaKGP and KOSS are different organizations with different functional architectures and different goals to target. The methods of achieving these different goals might sometimes overlap, blurring the lines between them and leading to confusion.

• Describing KOSS, according to me, is a closed group (people are chosen once via a selection process) of open-source enthusiasts. KOSS puts efforts in increasing awareness about open-source and elevating development culture through workshops and events - which might not be only limited to KGP (eg, KWoC)

• MetaKGP is an open group (no such thing as a selection process to join, work, or contribute, except for the electing maintainers) of people with various interests from IIT Kharagpur collaborating together. You need to be a KGPian to be able to contribute to anything. Obviously, credentials are given to maintainers only, but they are elected out of those already active.

  refer, What is metaKGP? ~ by Vikrant Varma aka amrav

A little bit of history

With COVID-19 and things becoming online, most projects lost their importance (GYFT, WIMP, ChillZone, etc.) and weren’t maintained for over 3 years. The sudden shift to online made meet-ups and fun rather difficult, and with all sorts of things happening - which I myself don’t know - things went silent. The pass-on didn’t take place how it was supposed to be originally; with all of the events unfolding, they led to metaKGP development being stale for a long enough time for the ones who knew about metaKGP to graduate and new batches to come, enough that metaKGP came to be known only for the wiki.

With the history of KOSS and metaKGP intermingled, the history of metaKGP was passed on, directly or indirectly, in KOSS. The reasons for intermingled history can be summarised as follows:

• Love for open-source and tech in general

• What metaKGP was trying to do with projects aligned with the goal of KOSS to promote open-source

• This led to a lot of common people in both organizations

Back to the present

And, in the present, when there were enough motivated people to carry out the legacy, we (from KOSS) started fixing all of the old projects (we still are not done yet, far behind from the previous level) to revive the previous glory metaKGP.

That’s how people from KOSS are presently handling metaKGP. That’s how the myth of ‘KOSS runs metaKGP, and if you aren’t in KOSS, you can’t contribute to metaKGP’ came about. You can contribute to metaKGP even if you are not a KGPian ¯(ツ)/¯ (the extent to which you can contribute will be limited, though).

We encourage our juniors from KOSS to contribute to metaKGP projects (we don’t force, I promise ;P). That doesn’t mean metaKGP belongs to KOSS or that the fundamental ideologies of metaKGP are completely lost. We still abide by them; we understand the difference in the purpose of both organizations. It’s just that KGP has forgotten what it was over time, and it was bound to happen with certain things falling into place. That’s the second reason why this article exists. To put this story in general people’s view - with my bias, I understand that.

Do KGP deserve metaKGP?

Wait.. wait.. before jumping to conclusions, let me first clarify what I mean by this. There is a belief that KGPians have done something to deserve metaKGP - like paying a fee or being a part of Gymkhana.

Nope, absolutely not. metaKGP came into the picture as a need by motivated individuals to do something for KGP, expecting nothing in return. And that's how it is still going but with an expectation of humbleness for the efforts?

Side Note: If you can’t be humble, then I expect you to handle my rudeness and not cry about it?

If you care about the monetary aspect, we are actually running on a loss :D

Read About metaKGP, and follow through connected links as well.

Let’s take some examples of this feeling of entitlement. There was this incident when Naarad was down, and I received complaints like this:

• “Don’t take responsibility for things you can not maintain.”

  My Response: A little humble-ness? The project is open source; come forward and help us fix the issue or self-host it for a smaller scale of users. Don’t use it if it’s such an unreliable service. Get your free-loading ass up and build your own? At least you would have a better project than your Netflix or YouTube clones.

• “Give it back to admins/placement committee members so that they can manage it better.”
  My Response: LMFAO, you have reached the peak of being delulu.

  Reality: Back? As far as I understand the meaning of ‘giving back’, you can give something back if you received it or something else from them. None of them did anything to help regarding Naarad or MFTP, if not created problems instead. Admins never helped in this regard. They can’t build one because they are lazy (I know what I am saying). They can’t take ours because students develop it, and they are afraid of taking any issues faced by users on them. What they can do at maximum is outsource it for some cheap labor from a hefty tender, which will result in a fully vulnerable and half-cooked service (referring to the main KGP website). If developed internally, you know what it will look like - remember the CDC CV editor and the entirety of ERP. The reality is it’s just extra work for them; why do it when students are ready (more like forced) to check the noticeboard manually on that crappy ERP. Shouldn’t the CDC Noticeboard be a basic service provided by the institute?

  Why not ERP mass-mailer + CDC Noticeboard?

  Also, some say that institute has the mass-mailer service (the thing by which you receive mails from ERP and other profs) and the CDC Noticeboard, why not just merge them both? Well, technically it is possible but practically it is way out of the question, purely because of the way that mass-mailer works. If you observe you will see 99 emails of other students, along with yours, in the cc section. The algorithm is to send the mail in batch of 99 recipients with a certain time-interval, say 10 minutes. This is because of the restrictions placed on the service they use. So when you receive that mail which was sent to a mass, every set of 99 individuals receive it at different times. The time of arrival can vary from 10 minutes to 3 hours (if you do simple maths). Which will not be sufficient to solve the ‘real-time’ retrieval nature of CDC notices.

  But again, it doesn’t mean this is an unsolved problem (╥﹏╥). And yet, they left this burden for the students, that students are the ones responsible for checking the notice board continuously on that utter piece of crap ERP. And, after all of this, they have the audacity to share notices which have a deadline within half an hour (ﾒ￣▽￣)︻┳═一

I went a little off-topic when ranting, but again, this was supposed to be a rant from the beginning.

Then why do we do it?

Just because we can. We have fun while building stuff. The concept of metaKGP has changed drastically over its history. From being just about the wiki (refer, Why metaKGP? ~ Harsh Gupta, Why metaKGP? ~ Vikrant Varma and What is metaKGP? ~ Vikrant Varma) to a bunch of open-source projects making various hectic processes way less hectic - think about:

• Checking CDC noticeboard manually on your phone every 10 minutes (Naarad and MFTP)

• Creating your academic calendar manually with holidays (GYFT)

• Finding empty rooms during class hours because you don’t want to go back to your hall just to come after an hour for your next class (ChillZone)

• Finding that professor you want to get permission from for whatever purpose, say NOC?, and having no idea how to approach them (WIMP)

• Not having a queryable PYQ repository, thus searching them all over the internet to get to half-cooked websites of KGP (referring to literally everything?) or asking seniors for PYQs multiple times (IQPS, previously MFQP)

• Having no freakin’ idea of what are the previous grade statistics of a subject whose name/syllabus sounds “cool” and you plan to take it as an elective or as an additional to end up in absolute grading (Kronos)

• Filling the feedback form 10 minutes before the deadline just so that you can download your admit card (fERP)

• Not even knowing the on-ground history of your own college, information is limited to just a few ‘privileged’ people (Wiki)

What’s the problem then?

Context for the image: related to Wimp

What’s the problem with it? Nothing. But…

Wait, what? Misinformation? Are you kidding me? Let me rant it out first…

What in this actual world would one achieve by spreading “misinformation” about where a professor is going to be? Surely, one might get to the wrong place at a very crucial time, which might be problematic for them. But why would someone in their right mind build a freakin’ website to play pranks with people? Not us.

The boundaries between being unaware and stupid are getting blurred here. Surely, I understand where they might be coming from - they believe metaKGP ought to serve them for all the reasons I have discussed earlier, or metaKGP is supported by the administration, so we get some ‘exclusive’ data from them. We build the data ourselves, which is scattered all over the ERP or other resources. No one pops out of heaven to provide us with this data magically.

But let me share our POV here as well, as it will be a toxic relationship if we are the only ones who understand you, right? Consider some random guys (and gals) working their asses off for weeks to get something up and running to help even a single person via something they built. Now, there’s a logical issue that everyone in the team missed (I mean, there are a lot of departments, schools, and centers; now, add up all the profs in them; it is not practical to verify each of them). And this is what they get for their hard work.

I don’t understand how you can expect someone to reply politely (until they are getting paid to do so - referring to customer support) with such comments and call the person rude. You were being rude first, rude to their hard work.

Side Story: Core-JS maintainer says, “Open-source is broken”.

With this, I will acknowledge the praise you guys give. Those praises are the things that motivate us to keep building our stuff. And yes, that alone will be a lie; we do it for personal gain, too. We gain experience in building a project and working with a team. But that doesn’t mean to ignore the other side of the story. I felt that it was important to at least share this perspective along with some other important information, such as all those misconceptions that were discussed in the article earlier.

How it should have been?

It would be great if you could stop after the messages in the first screenshot, followed by some examples of those issues that you faced. That’s it. Now, the contact person will contact you regarding whether it is technically possible to fix the issue.

Even better, you can help us fix the problem! In those screenshots, that was a 4th year (yes, who knows how to program as well) ‘claiming’ the spread of ‘misinformation’. Here is this guy in his 1st year fixing the bug. Surely, I don’t expect everyone to understand the programming part and solve the problem. Still, you can be humble and considerate with your issue reports. If you want a humble response, it might hurt your “feelings” if the response isn’t humble. No one here is customer support.

That’s a great way of starting the discussion, and things can follow up with a few questions back and forth. Heck, even the first section of those messages is good (again attached below),

That’s the very least you can do while reporting a bug. This doesn’t apply just to our case. I encourage everyone to follow this for any open source project as the maintainer is most likely not getting any incentives for maintaining the project, which you might be relying on daily, instead of assuming that the maintainer owes you something from your previous lives. Here are a few things which you should add to help the maintainer.

How to report an issue / ask for support

• Before anything, ensure you have read the corresponding documentation - if there is any. Efforts were put into writing that documentation as thoroughly as possible. I spent 3 hours writing the documentation for Naarad to get stupid queries again (from those who have already read the documentation). Here is one of those instances.

  

  

• Describe what went wrong. Provide relevant examples, screenshots, and anything up to the best of your capacity

• Provide the steps to reproduce that bug

Future Plans

I do have some things which I would love to see happen before I graduate:

• Revival of all the projects which are still relevant in present times.

• Revive the original essence of wiki. Contacting different bodies (Hall / TSG / Institute) to raise awareness about updating data on the wiki.

• Revival of Demo Days (it is clickable). Getting contributions from all over the KGP community.

Conclusion

The following myths were examined:

• metaKGP is supported by the administration

• Updating wiki content is metaKGPs’ responsibility

• ERP-related projects steal students' data

• Naarad + MFTP is illegal

• KOSS runs metaKGP

A humble bug report goes a long way :D

And, if you:

• Love tech

• Believe in the open-source ideology

• Understand or want to understand tech and are looking for a peer group (didn’t get to join any society and wants one?)

• Want to build something that has real-life application and solves a problem for the general KGP community or something not limited just to KGP

We encourage you to drop a message in our slack channel and help us out with the already existing projects or bring in a new project idea. If someone from our group, mainly KOSS at the moment, likes the idea, they might work along with you :D

Hi there, it's 6 in the morning and I am writing this. This is not going to be a technical writeup which you might have subscribed me for or expect from me. Rather, this will be my first official blog about my views (I guess? I have written countless of lengthy advises during the time I used to run a cybersecurity group) - coming back to the topic - on a very concerning issue consuming KGP.

Context

The point which I am going to share will involve an example, in which the general public might be more interested rather than the issue which I want to address by this blog, thus I would like to clarify my point of concern before starting with the story so that you read this blog from the same point of view in which I have written it. Also, I actually don't know if it is okay to mention the names of people involved here, so I will be using false names (if required). If some official requires me to provide the names of the parties involved in the story - I do not have any problem with that ¯\_(ツ)_/¯.

Ok, so enough of the background - let's start with the main thing. The issue which I want you to focus is,

Students have a bad image among the administration and are not trusted by them

Or a better way to put it will be,

Students are guilty until proven otherwise

The story

There have been countless encounters, bringing up this issue in-front of me. The most recent one was related to this years' TSG Elections (academic year 2024-2025). Excited? Drum-rolls.. Vote counts for this years' elections were leaked by an ERP developer to a student before the official disclosure of the results.

Possibility of more serious leaks?

Easily said than understanding the consequences of the revelation. Let's talk about some of the implications of this incident:

• Although, the incident which came into light happened after the voting day. But what about the possibility that this can happen during the day of voting?

• Anyone involved, can leak the count during the voting day and this could lead to manipulation of results in various sorts of ways.

• There's that, now think about this, bribing an ERP Developer to tamper with the results :)

Yup that's a serious concern now. Although, not the one which I want you to focus via this blog, please continue reading..

Who am I?

How do I know it? Who am I? Just to give you sufficient information about me:
I am Arpit Bhardwaj, Technology Coordinator, Technology Students' Gymkhana for the academic year 2023-2024. Now, here's the thing - Technology Coordinator is the student position which should receive the elections results first, so that they can update it on the gymkhana website which then serves as the first and foremost source of information for the general student body regarding all the information pertaining to elections.

What did I do?

What did I do after knowing this? Why am I writing a blog? Why not inform it to the concerned authorities? Here's what I did as soon as my investigation concluded:

I immediately informed a concerned official, explained all the details about how I got to know about the issue, how I investigated the student and later found the ERP developer involved in this. I explained this more than once (It was actually more than once, but I can't give an exact count and I don't want any of the parties to raise fingers on me for providing any "false" information). The talk was a quite a bit long, around 20 minutes - I will be discussing it in parts in the blog ahead.

Concerns of the official

Let's first talk about the concerns of the officials, which I found themselves concerning (-_-). Their concern was (writing the gist of it):

• Is there a possibility that ERP was hacked, moreover, hacked with privilege to edit the database and manipulate the vote count?

• And was the hack done by a student?

See, this is a possibility, I am not denying that (neither would you after recent security incidents with ERP) but this can not be concluded from the current situation, how the events took place doesn't point in this direction at all. Next surprising concern:

• What's my hall? Why am I constantly chasing this issue?

I laughed at this, hard. Anyone who knows me well enough, should know that such things (politics and stuff) doesn't matter to me. The sole reason for me to report this was to fulfil my duty as Technology Coordinator and to do what was right, an effort to maintain the integrity of our technical systems. Which was being questioned here ¯\_(ツ)_/¯ . Anyways, we forgot about something or should I say, about someone..

.. What about the ERP Developer responsible for this leak? Their response to this:

If the staff had access to data and they leaked it, HOW CAN WE PREVENT IT?

• As in "WE CAN NOT PREVENT IT" or as in "NOTHING CAN BE DONE ABOUT IT"

"HOW CAN WE PREVENT IT?" - ?? I mean, what? Did I hear it clearly? - this was my reaction after hearing this statement. Let me tell you some technicalities (yeah, what else would you expect from me anyways) - "hacking" doesn't only involve breaking the computer system(s), there is a concept of social engineering (for those who didn't bother to read the wikipedia article - it is, in layman terms, "human hacking", where humans are "hacked" to break into the system or forced/convinced/tricked to provide confidential information). In short, some person leaking information for any reason - "knowingly" - is a crime equivalent to hacking the system. And the official was fine with it, rather concerned about involvement of student directly (as in the end, a student was involved).

IMPORTANT

I do not know what actions were taken against the ERP Developer in concern here.

My concerns

Concern 1

Students are guilty until proven otherwise

This is one of the stories which I am sharing publicly, but there have been more than one incidents of this same topic being raised. To ensure the smooth functioning of an organisation, such beliefs are detrimental. I fail to comprehend this statement entirely. Why emphasise the term "student"? Aren't mistakes made by individuals in administration as well (as evidenced by the example provided)? Why approach the situation with a perspective that implies guilt on the part of students? Instead, why not use a more generic term that encompasses a broader subset of people? Ultimately, both sides make mistakes, and pointing fingers won't facilitate resolution. Rather, focus on solving the issue more than focusing on who caused it in terms of - students or administration - rather than creating generalised beliefs based on actions of some malicious elements of a particular subset of people. This goes for students and administration, both. Let's stop pointing fingers at each other and work together at solving the problem. Because in the end,

Not all students are bad or have malicious intentions

Not all employees are bad or have malicious intentions

Not all admins are bad or have malicious intentions

Concern 2

I do not find the current ERP team to be competent enough to keep our data safe. I don't know about you, I care for my data. Technical inability was a different thing, now they are themselves leaking details? To put it more formally, give students official permission to exploit, find and report bugs in ERP - YOUR BUG REPORTING SYSTEM WILL CRASH IN A DAY! - because that will be overloaded by the massive amount of incoming reports and yes the system itself won't be built properly either ¯\_(ツ)_/¯.

So, what's the solution?

Students are NOT guilty until proven otherwise

I went to a conference, there I got an opportunity to talk with a professor who supported his students (the whole story is itself very inspiring, should discuss about this in another blog). In short, students were involved in migrating the complete network architecture from IPV4 to IPV6, contributing to the original implementations of IEEE protocols (published papers), developed crucial systems for the institute etc. How was this made possible? The quote which this section starts with is what he replied.

But what about the sensitive data?

Say students want to develop something which involves some "confidential data" for the institute or let alone work on the current existing ones and improve them. The same question comes again and again, "How to trust students with the data?". I mean google, microsoft, a random startup.. all of them have employees. All of them have some level of confidentiality available for every employee. Don't they function?

• Let the students sign a Non Disclosure Agreement (that's what the professor earlier in the story did as well). The reality is if they want it, it is not hard to get past the problems presented.

• Don't give them real data, students can work on a dummy data.

Conclusion

It is high time we focus on how we see the problems and stop pointing fingers and making generalised beliefs about a particular subset of people.

IIT Kharagpur once had one of the largest DC (Direct Connect) networks in India. It lost its glory when the pandemic hit and everything went off-campus. This is an effort to restore that glory, let’s get started.

Installing the client

Metahub -the IIT KGP DC Hub - is a private hub and inaccessible from outside the IIT Kharagpur network. Users connect to the hub using DC clients and can share files at high speeds. Metahub was previously known as HiT Hi FiT Hai.
There are various DC clients available for different platforms. To name a few, we have:

However, it is recommended to use Eiskalt DC++ for uniformity across different platforms.
To install EiskaltDC++ on your platform of interest refer to the corresponding section.

Windows

Download Eiskalt DC++.
Go through the basic installation setup and install it.

Linux

Install Eiskalt DC++ on Debian-based distributions like - ubuntu, linux mint etc using the following command

sudo apt install eiskaltdcpp

Note
If you are not on a Debian-based distribution, search for the package name using the package manager your distribution uses and install it.

MacOS

• Install Homebrew - skip this step if already installed.

  • To check whether it is installed or not, use the following command

      command -v brew
    

  • If the output is like the following, then brew is installed!

      ~> command -v brew
      /opt/homebrew/bin/brew
    

• Install Eiskalt DC++ using the following command

    brew install eiskaltdcpp
  

Configuring the client

1. Open Eiskalt DC++ & press the following keyboard shortcut to open its preferences window according to your platform.

   • Windows: ctrl+o

   • Linux: ctrl+o

   • macOS: cmd+,

2. Set a Nick aka username for your current instance.

   

   Note

   • Nick must be unique.

   • Other entries are optional, setting or not-setting them will not create any problem in connecting to the hub.

3. Configure TLS option. Goto: Connection > Advanced > TLS settings and choose Allow TLS.

   Note

   • This is an ambiguous setting. If Allow TLS option doesn’t work for you, you can try other available options. This is further detailed in Some Common Issues section.

   

4. Configure downloads directory. Goto: Downloads > Downloads.

   Note

   • Make sure to configure both, Downloads Directory and Unfinished Downloads Directory.

   

5. Now click Ok.

6. Press the following key combination for the quick connect dialog box, according to your platform.

   • Windows: ctrl+n

   • Linux: ctrl+n

   • macOS: cmd+n

7. Enter the domain for MetaHub - dc.metakgp.org - to connect. Press Ok.

   

   Warning

   Do not use any IP. We have deprecated the usage of IPs and have migrated to the above mentioned domain.

8. You should now be connected to the hub and if the fonts are set properly you should see something like this.

   

   NOTE:

   • Just focus on the Prompts and that you are connected, your exact GUI will be different since I customised mine to not bleed my eyes.

   • To properly render (display) the "METAHUB" text as shown in the screenshot above follow the steps in the "Rendering MOTD" section.

9. You may encounter one of these common issues::

   • Connected to the hub but unable to browse or download files.

   • Nick is already taken by another user.

These issues are well explained with their solutions in the Some Common Issues section. If you run into any other problems not documented here, please fill out the MetaHub Issue Tracker Form to report them. We're always working to improve the user experience and your feedback helps.

How to share content

It's not enough to just download content - to bring back the DC culture - everyone is encouraged to share their collection as well.
To share folder(s) follow the following steps:

Warning
It is a must to mirror (share) whatever you download, so you at least have to share the folder in which you download content from the HUB.

1. Open Eiskalt DC++ & press the following keyboard shortcut to open its preferences window according to your platform

   • Windows: ctrl+o

   • Linux: ctrl+o

   • macOS: cmd+,

2. Now navigate to: Sharing > Basic and toggle off the View share in simple mode.

   

3. Now select the folder(s) where you keep downloaded content from the HUB. Keep the following things in mind:

   • You can choose other folders as well, but choosing your download folder is essential to mirror your downloaded files.

   • You will need to click on down arrows to expand folders.

   • You might need to increase the width of the Name column to be able to see the names of the folders.

How to download content

1. To browse the files of a specific user, simply Right-Click on their profile and select the Browse Files option.

   

2. Now you will be taken to the file explorer for the user's shared directory. Use the Down Arrow to expand the folders of your interest.

3. Now Right-click on the file you want to download and select Download or Download to (for a list of frequently used folders to download).

   

4. Now enjoy tremendously fast download speed and the file will be downloaded.

   Note
   Don't forget to mirror the content you download.

Some common issues

1. You are connected to the hub and can also see the list of all connected users but when you try to browse the files for any user it keeps on connecting and finally, nothing happens. This might be a result of multiple configurational and system issues. To fix them you are recommended to follow the below practices:

   • Allow all incoming connections for the client through your firewall - recommended for all platforms.

   • Changing the mode of your connection.
     To do so, Goto: Preferences > Connection > Connection, explore the available options and select the one that works for you.

     

   • Make sure you meet the minimum sharing requirement to be able to browse and download content from other users.
     Refer to the rules for the exact number. At the time of writing this documentation, the rules are:

     

2. Nick was already taken by another user, even if your Nick was unique.

   

   This happens when the connection with the hub is dropped abruptly. It can be due to multiple reasons:

   • The network was turned off abruptly.

   • The network was changed abruptly.

Due to this, the connection packets remain alive and it appears to the hub that you are still connected, i.e., your previous connection wasn't closed properly.

FIX: The only way to fix it is to wait for at max 15 minutes so that the packets expire automatically and then you can connect to the hub normally. Usually, they expire quite early but sometimes might take time so better have a walk outside your room, get some fresh air then try to connect to the hub again.

Rendering MOTD

This is completely an optional step based on personal preference. If you want to render the ASCII art for METAHUB to be rendered properly, as shown in the image below, you will need a mono font.

Installing mono font

However there are many options available, for the sake of documenting the exact process, we will be installing hack-nerd-font which comes with a mono version of itself. To install it on your system of preference refer to the sections below.

On Windows

1. Download a Nerd Font - recommended Hack Nerd Font.

2. Extract the downloaded zip file.

3. To install all of them simultaneously, you first need to select them all. To do so, click the first font on the list, hold the Shift key, and click the last font. You can also drag to select them if you want. As long as they’re all selected, it doesn’t matter how you do it. It should look like this.:

   

4. Next, right-click on the name of any of the font files. If you have multiple user accounts on your PC, you might want to click Install for All Users. Otherwise, just click Install.

   

5. If you already installed some of the fonts, you’ll get a popup warning you about it. Click Yes and let it proceed.

   

6. Another window will indicate the progress of the installation. Once it disappears, your fonts are installed and ready for use.

On Linux

1. Download a Nerd Font - recommended Hack Nerd Font.

2. Unzip and copy to ~/.fonts.

3. Run the following command to manually rebuild the font cache.

   Bash

    fc-cache -fv
   

On macOS

• Install Homebrew if not already installed.

• Use the following command to install the hack-nerd-font

  Bash

    brew install font-hack-nerd-font
  

Changing fonts on your client

Now that the fonts are installed on your system, follow the steps below to configure the client to use those fonts.

1. Press the following keyboard shortcut to open its preferences window according to your platform.

   • Windows: ctrl+o

   • Linux: ctrl+o

   • macOS: cmd+,

2. Goto: GUI > Fonts.

   

3. Double-click on the currently set font's name.

4. A dialogue box will appear, search for mono keyword.

5. Then select the mono-font you wish to use.

• Get the GitHub Student Developer Pack.

• Now navigate to the benefits page and apply a filter for cloud or just click here. Follow the steps to sign up for Azure, and you will receive $100 credits.

Note
Although, we could have done it directly using Institute ID on Microsoft Azure. But the afore-mentioned method exposes you to various other possibilities which you might have not even thought of. We chose Microsoft Azure here, if you want you can also choose DigitalOcean or any other cloud platform of your preference.

Step 2: Create an EC2 instance

• Goto Azure portal

• Click on the hamburger menu > Create a resource > Compute > Ubuntu Server 22.04 LTS. Fill in the necessary details in the Basics section.

  

  • Create a new Resource Group & give your virtual machine a name.

    

  • Now about region & disk size.
    First, select the cheapest size and then select the region from the available options. A standard B1 size is going to be good enough and will last around 11 months using free credits. Now choose the closest region where the said size is available, which in our case will be South-East Asia. A bigger (aka more costly) size would probably be available in Indian regions. Follow the steps shown in the images below.

    

    

    

    

• Select Password as the Authentication Method and fill in the required fields.

  

  Note
  Though using a password as the authentication method is easy to follow, it is equally less secure. It is recommended to use ssh as the authentication method. It is indeed tougher, to follow the ssh path that's why it is not mentioned in this blog post, you can refer to my gist for the Steps to set up the server via SSH public keys.

• Choose HTTPS(443) in Select inbound ports.

  

• Leave the rest of the settings as default in other sections and click Review+Create.

• Now, wait for the VM to be deployed. Once the VM is deployed

  • Click Goto Resource.

    

  • Click Configure the DNS option under Networking.

    

  • Type in any DNS name like your username in the DNS name label field and press Save.

    

Step 3: SSH into the Remote Server

Warning
For this step, you will need to switch to a network other than that of campus as PORT 22(default port for SSH) IS BLOCKED ON THE CAMPUS NETWORK.

SSH steps are drastically different for a Windows client & a Linux/MacOS (*nix) client.
Refer to the following section to read about the steps for the client of your interest.

SSHing via a Windows machine

• To make sure your PC has SSH client and server both installed, run the following command on Command Prompt as Administrator.

    Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
    Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
  

  • Windows also has Powershell and the new Windows Terminal which combines all the different shell environments. So, you can choose one from these as well, but it doesn't matter in this context.

• Now ssh into the remote server

    ssh user@host_address
  

  Explaining the command
  user: Name of the user given while creating the virtual machine.

  host_address: Public IP address of the machine.

SSHing via a Linux or MacOS machine

• Execute the following command, then enter your password in the prompt.

    ssh user@host_address
  

  Explaining the command

  user: Name of the user given while creating the virtual machine.

  host_address: Public IP address of the machine.

Step 4: Setup OpenVPN Access Server

After we have ssh'ed into the machine, we have to set up the OpenVPN Access Server.

• Before that, it's a good practice to update and upgrade your system via

    sudo apt update
    sudo apt upgrade
  

• Execute the following command

    wget https://git.io/vpn -O openvpn-install.sh && sudo bash openvpn-install.sh
  

  It will download and execute a script that automates OpenVPN server configuration.

• Keep in mind to update the following options during the setup process & leave the rest in their default state:

  • IP address: Your Public IP for the azure machine.

  • UDP or TCP: Enter 2 for TCP as UDP ports are blocked on the campus network.

  • PORT: 443

  • DNS RESOLVER: Enter 4 for OpenDNS.

  • CLIENT: One configuration for one client/device. Name it like pc, mobile, etc.

• The .ovpn file will be stored inside /root directory, copy it into your user's home directory using the following command

    sudo cp /root/client_name.ovpn ~/
  

  Explaining the command
  client_name: Name of the client you specified in the script.

Note
Run the same script to generate new clients (you will need a unique client for each device that’s going to be connected to the VPN), i.e., one.ovpnfile and one connection.

Configuration for Gaming

Use the TCP_NODELAY option if you are planning to use this VPN for gaming. Execute the following command on the remote VPN server

sudo echo "tcp-nodelay" | sudo tee -a /etc/openvpn/server.conf

Now restart the OpenVPN service using

sudo systemctl restart openvpn.service && sudo systemctl restart openvpn-server@server.service

Step 5: Download ovpn files

Now we have to transfer the .ovpn files generated on the remote server to our local machine. The steps to achieve this are different for *nix (Linux or MacOS) & Windows, refer to the following sections to read about the steps for your platform of interest.

Windows

• Download WinSCP a GUI implementation for SCP (secure copy) on windows. Open it.

• Click on New Session.

  

• Enter the following login configuration

  • File Protocol: SCP.

  • Host Name: Your remote machine's Public IP address.

  • Port: 22 (Default).

  • Username: The username which you set for the remote machine.

  • Password: The password which you set for the remote machine.

    

  • Press Login then YES.

• Select and download all the .ovpn files you created which will be shown on the interface.

  

• Now shut down the WinSCP session

Linux & MacOS

Run the following command, the key will be downloaded in the Downloads directory after you enter the correct password set by you earlier.

scp user@host_address:client_name.ovpn ~/Downloads/

Explaining the command
user: Name of the user given while creating the virtual machine.
host_address: Public IP address of the machine.
client_name: Name of the client you specified in the script.

To start/stop/check the status of the OpenVPN server use systemctl:

sudo systemctl start openvpn@server.service
sudo systemctl stop openvpn@server.service
sudo systemctl status openvpn@server.service

For Android:
Follow either of the aforementioned methods and then transfer the downloaded .ovpn file to your Android device via Telegram/Bluetooth/Mail or whatever to your android device.

Step 6: Connecting to the VPN on client devices

Android

Download the OpenVPN Connect app from Play Store. Open the app and after going through the first screen, go to the Files tab, there import the .ovpn file, and connect.

Linux & macOS

• Get OpenVPN Client.

  • Linux

    In most of the distros, you can go to the network manager and import the .ovpn file. If not then install OpenVPN with sudo apt install openvpn.

  • macOS

    You can either download the GUI tool,tunnelblick for importing the .ovpn file or download the CLI tool for OpenVPN via MacPorts or HomeBrew using sudo ports install openvpn and brew install openvpn respectively.

• Start the client with your configuration file

    sudo openvpn --config /path/to/config.ovpn
  

  Explaining the command
  /path/to/config.ovpn: It is the path to the .pem file which you downloaded just before deploying the VM.

Windows

Download the official OpenVPN Connect client for Windows, import the .ovpn file, and toggle it ON to finally connect - video guide.

Step 7: Budget Control

Warning
This is a very important step, to ensure the long-term usability of your credits.

• Use only one instance.

• Bandwidth is free up to $100 credits, so it's better not to waste resources on the VPN.

Note
If in any case, you have to stop an instance forcibly, do it; to be on the safer side.

This guide is meant for beginners as well as readers with basic knowledge. Most of the technical terms have been explained or have been linked to a webpage with more information.

If you still don't understand a term, just Google it :)

This guide explains how to install as well as use a C/C++ compiler to run your code. The compiler used here is GCC.

To write and edit code, any text editor such as Notepad can be used, although, a code editor is recommended because of syntax highlighting, code completion, and much more. Here, we will be setting up a popular cross-platform code editor - Visual Studio Code.

This guide has separate sections for different operating systems. Use the Table of contents to jump to the relevant section corresponding to the operating system of your interest.

NOTE: You are supposed to enter and run a command in a terminal whenever you are given one, in this blog.

A Terminal generally refers to:

• Command Prompt on Windows. Windows also has Powershell and the new Windows Terminal which combines all the different shell environments.

• A Terminal on MacOS and Linux.

Windows

Here, the native Windows version of GCC - called MinGW - will be installed.

There are quite a few methods to achieve this. We will be looking into two of them - one being the most widely popular; using the MinGW installer directly from its website - other being the simplest; using the Chocolatey package manager.

Use the Table of contents to jump to the method of your choice.

Using MinGW installer

1. Download the installer file mingw-get-setup.exe from https://osdn.net/projects/mingw/releases/.

   

2. Run the .exe file. A window titled "MinGW Installation Manager" will open in a few minutes. In the Basic Setup tab, right-click the option named mingw32-gcc-g++-bin and click on Mark for Install.

   

3. Then in the top left corner click on Installation > Apply Changes. Continue through the rest of the installation process while keeping all settings as default. And then, you wait...

   

GCC is installed! Now we have to make it accessible by adding it to the PATH:

1. Go to Windows Explorer > Right-click on "This PC" > Properties > Advanced system settings > Environment Variables.

   

2. At the bottom System Variables panel, look for a Variable named PATH and double-click on it.

3. Click the New button to add a new path to Windows PATH.

4. Enter the Path of the folder to which you installed the GCC (by default, it's C:\MinGW\bin)

   

5. Press OK until you are out of the menus.

You should now have the GCC installed and ready to be used! To verify, type gcc --version in Command Prompt and press Enter; if you get an output stating its version, then it was successfully installed.

The easier way (via chocolatey)

Chocolatey is a package manager for windows that makes installing applications a lot easier and more automatable. As opposed to the long process we went through in the above way, via chocolatey the entire process of installing chocolatey can be reduced to just 3 commands - executed in an Administrator Powershell:

1. Install chocolatey with the instructions from their website: https://chocolatey.org/install

   • Run Get-ExecutionPolicy in an administrator PowerShell. If it returns Restricted, then run Set-ExecutionPolicy AllSigned.

   • Now run:

       Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
     

     and wait for the installation of chocolatey to be complete.

2. Close and reopen the admin PowerShell session.

3. Run choco install mingw and type A to confirm the installation.

   

   You should see this if it succeeds

   

4. Now run gcc --version to verify that it has been installed properly.

   

Linux

Most Linux distributions will have GCC pre-installed. To check if it is installed:

gcc --version

If you get some output; NOT an error, then it is installed.

On Ubuntu and other Debian-based distributions: Run the following commands in the Terminal:

sudo apt update
sudo apt install build-essential

For other distributions just install the package build-essential from your package manager.

MacOS

Though GCC "appears" to be installed in MacOS by default, it's clang in disguise!

Why bother?

For the audience one of the main drawbacks of using clang can be not able to use <bits/stdc++. h>, for your work. To know about the differences in-depth - refer to:

• From the perspective of Apple; the developers of Clang

• From a neutral perspective

Getting GCC installed on MacOS

1. Install homebrew - ignore if already present.

   • To check whether it is installed or not use the following command

       command -v brew
     

   • If the output is like the following then brew is installed!

       ~> command -v brew
       /opt/homebrew/bin/brew
     

2. Installing GCC.

    brew update
    brew upgrade
    brew install gcc
   

   

   Note
   How GCC is installed as gcc-12 and gcc is still clang.

3. Now, you can either use gcc-12 instead of gcc. But if you want gcc to invoke the GNU version of GCC instead of clang then execute the following lines in your terminal. Since MacOS comes with zsh by default we will be giving command for it only but if you have changed your shell then you must be equipped enough to do the following steps on that shell too - Right?

    echo "alias gcc=/opt/homebrew/bin/gcc-12" >> ~/.zshrc
   

   

Unprecendeted issue with MacOS 13(Ventura) & gcc-12

If you are using MacOS Ventura and facing this issue - which means it's not fixed yet - no problem, then read the following issue/discussion to solve it!

• https://github.com/Homebrew/homebrew-core/issues/113968

Yes. You are going to read all of that, try to understand; try to fix. Repeat until you succeed! You have to start self-learning sometime later, so why not start now?

Compiling the code manually

Follow these steps to compile your .c file manually.

1. Create a file with the name first_c_program.c with the following content in it and then save it.

    #include <stdio.h>
   
    int main(){
        printf("Hello World!");
   
        return 0;
    }
   

   ⚠️ Make sure you don't have spaces in your filename!

2. Compile the program and execute it. You can replace executable.exe with anything.anything.

   

   For Windows users, the command to run will be the following, the above works for Linux & MacOS only.

    .\filename.exe
   

Setting Up VS Code

Visual Studio Code is a free and open-source code editor that is customizable through extensions. The C/C++ extension can be used for compiling and running C/C++ code along with many more features.

Installing

1. Open VS Code

2. Open the extensions panel using the button on the left or by pressing Ctrl+Shift+X.

3. Search and install the C/C++ extension.

   

Once the extension is installed, creating or opening any .c or .cpp file will have syntax highlighting, code completion, and other features.

Compiling

To compile the code, open a file and run Terminal > Build Task from the main menu or press Ctrl + Shift + B.

On Windows: From the dropdown, select C/C++: g++.exe build active file(for C++ files) or C/C++: gcc.exe build active file(for C files).

On Linux and MacOS: From the dropdown, select C/C++: g++ build active file(for C++ files) or C/C++: gcc build active file(for C files).

Running

Once the code has been compiled, an executable file will be created (with the same name as the code file). On Windows, this file will have a .exe extension on Windows and no extension on macOS and Linux.

To run the file:

1. Open the VS Code integrated terminal by pressing Ctrl + `.

2. Type:

   • On Windows: .\ followed by the name of the executable file.

   • On Linux and macOS: ./ followed by the name of the executable file.

and press enter.

3. The output of the code will be visible in the terminal!

Code Runner

Depending on your OS, we suggest different code runners. Hop into the section of your interest using the Table of Contents.

Windows 11

You are suggested to use code-runner using WSL instead of using this buggy .run extension which will be installed in this section ahead - which is shared just as an alternative that is relatively easy to set up.

1. Click on the extension's icon.

2. Search for code runner.

3. Install the extension shown in the screenshot below.

   

Linux and MacOS

For simplicity and to automate a few steps for a list of languages you can try code-runner.

Installation

Copy and paste the following command in your terminal and wait for the final message - you are done!

curl https://raw.githubusercontent.com/proffapt/code-runner/main/setup.sh | /bin/bash

Can help in the following ways:

• Just one command to compile and execute the compiled file: run filename.extension.

• Cleans compiled binary by default. So, that you don't submit binary instead of a .c file in your assignments.

• Detects the version of python to be used ( accuracy of 95% ).

• Can be used to create a file with spaces in its name ( vs-code runner extension lacks this )

• Can be used to execute a file in a different directory ( vs-code runner extension lacks this; and limits some functionalities )

• Inbuilt debugger support.

• Integrates with NeoVIM and VS-CODE - steps in the documentation of the tool.

And many more, read the documentation and code for a thorough understanding at https://github.com/proffapt/code-runner.

Tips and Further Reading

DO NOT GUESS how a piece of software might work.

When using a tool for the first time, you CAN'T and MUSTN'T guess how it works! Beginners often make this mistake and waste a lot of their time and of others too; without even searching or reading the docs!
Rather read the documentation/help for that program or just simply search for whatever you wanna achieve with that tool.

Read The Fucking Manual - RTFM

Learn to search!

This is a starting guide, so it was a bit explanatory. What we promote is self-learning. The basic idea behind it is very simple:

1. Read the error carefully and try to understand it.

2. Phrase your problem/goal.

3. Search it on your favourite search engine before asking in groups.

4. Either you will get the solution, if not then ask in groups/forums.

Other Authors

• Harsh Khandeparkar (@harshkhandeparkar)

• Jeffrey Samuel (@signor-koala)

The network on the campus of IIT Kharagpur has a speed of around 700Mbps via ethernet and 50-60Mbps via WiFi in rooms generally (tho in practice the speed is around 2-3 Mbps around the campus), well coming back to the topic. Even after all of this, it's so frustrating to use with heavy restrictions imposed on it; with UDP packets being completely dropped, common social media platforms (like WhatsApp, telegram, discord, etc) blocked, some Linux and Unix (will be referring both as *nix from now) repositories being blocked resulting in errors while updating/installing a package and many more Quoting the administration's reply on being asked upon this:

"This is as per the institute's administrative policy decision. Sorry for this inconvenience."
Computer & Informatics Centre, IIT Kharagpur - Jul 28, 2022.

For a detailed analysis of the network and possible solutions as a whole read IIT-KGP-NETWORK, exhaustive documentation on the network by my senior Mohammad Shehar Yaar Tausif. In this blog, we will be focusing on the communication aspect only, what all are blocked, and the most efficient method to unblock them along with some alternative platforms to shift you and your friends too - not gonna promote Telegram, I promise (￢‿￢ ).

The problem

UDP traffic on standard ports is dropped; interfering with the internals of WhatsApp and maybe discord and telegram too; maybe it was intentional to keep us away from texting all day and focus on studies; not confirm tho but like all of this gonna stop us from using them somehow (￢‿￢ ).

Status of various social media platforms:

⚠️ - Limitations imposed

• YouTube: Restricted Mode - ON.

• Slack: Only the desktop client works.

Though the restrictions are surprising; blocking WhatsApp on the one hand and leaving Facebook and Instagram on the other doesn't seem to fit into any ideology. Anyways let's discuss some possible solutions and their feasibility.

The Solution

1. Using VPNs

Not this much easy, for obvious reasons; most of them are blocked as they rely on UDP, for details on which are blocked and which are not have a look at:

• Non-technical, straightforward documentation

• Technical documentation

This is the only possible way to use the following platforms:

• Whatsapp

• Discord

• Signal

2. Telegram and Proxy

This section is dedicated to telegram and its versatility - the way you will only be configuring proxy on telegram and using the network at its full potential everywhere else - with its proxy protocol namely MTProto; tho it provides other types of proxies too, for example, SOCKS5, HTTPS, etc. none of them will work except MTProto. It was developed solely for enhancing the user experience on weak network connections and now we can utilize it for accessing telegram API through the campus network. For technical details on how it works behind the scenes (as much it is available in the public domain) refer to:

• MTProto - Telegram core

• MTProto - wikidata

Security Aspect

Read the below documentation thoroughly and then only comment on its security and decide whether to use it or not depending on your threat model.

• Telegram Cryptoanalysis Contest - Crypto Fails

• On the CCA (in)security of MTProto

How to configure a proxy?

Refer to either of the sections below, depending on your currently available knowledge and comfortability with this type of technology.

Have no idea what proxies are

1. Go to Proxy Monitoring Bot.

2. Type /mtproto in the chat box.

3. Click on any of the proxies, given to you in reply; try a few and find the fastest one for you.

4. Select the check box Enable Proxy in the popup window; if any.

5. Select Add Proxy and done.

If still facing some issues, then manually add those proxies via the method described next.

Have some idea what proxies are

If you know what proxies are, and you wanna configure your own custom one - be it self-hosted or whatever - follow these steps:

1. Go to Settings -> Data & Storage -> Use proxy (path being same on Android, MacOS, Windows, and Linux).

2. Choose your proxy from the resources below or use the details of your proxy.

• https://t.me/prxlst

• https://proxypage.io/

• https://mtproto.co/

1. Select the proxy type as MTPROTO.

2. Add the IP for the proxy server in the field named Server.

3. Enter the port being used by the proxy in the field named Port.

   Enter username and password, if any.

Observations

It is reliable and secure (not cracked yet, all those attacks which you might have read from the docs in Security Aspect are theoretical and have not been performed successfully yet).

• Direct calls are supported.

• VC and group calls are not supported.

3. Using Web Versions

• You can utilize the web versions of your desired platforms to unblock them via, browser-based proxies like HoxxVPN, SetupVPN, etc but these are unsafe to use.

• One can also use the Opera Browser which comes with an inbuilt proxy - see Free VPN - Opera - this is named as "VPN" by opera but, it is not, it's a fork of SurfEasy proxy which was bought by Opera (source). Not much usable for streaming since it is very very slow (comparable to the speed of TOR).

• A much more "secure" option than the previous ones is Tor via Brave Browser, tho I am not clear about the exact level of security but it's safer than others for sure and a hell lot slow for surfing - can stream videos at 1080p on youtube without buffer tho :). One drawback, which is a real problem; you will have to log in every damn time as there will be no cookie stored for your sessions.

4. Use alternatives

Since the solutions are limited, then a good strategy might be to shift to another working platform like Telegram, slack, and Matrix.org. Facebook is NOT suggested with its poor track record, lots of data leaks, bad privacy policy, and whatnot.

• Reasons not to be used by Facebook

• Matrix.org

Telegram and Matrix.org are my personal choice of alternatives; with telegram being unblocked via its inbuilt proxy configuration and matrix.org staying useful without any configuration.

For people planning to shift to or already there on telegram consider joining: @projecttrik for more details on features and use cases of Telegram, just an initiative by me to make the users understand the potential of telegram.

Now you have a basic idea about the approaches, decide according to your use case and threat model.