Apr 15

Spy-E: Idea

This semester for Agile course, Arman Garip, Can Göçmen, Deniz Sökmen, Enes Şenel and I came together as a team to develop something that I personally wanted to be involved in.

It is Spy-E!, (pronounced as sphay-hee, not spahi, that’s something else.). It’s a game!

It may seem very standard goal for today’s world, well, all of us wanted to develop a one that we play and enjoy.

First we started talking about which games we enjoy most. Starting with Metal Gear Solid series, an upcoming MGS V: Phantom Pain, mostly Deniz and I enjoyed how the stealth is used as a game mechanics. Starting from MSX2 (very old gaming console from Japan), the first game of the series, Metal Gear was the first one to include these mechanics.  Furthermore it moved to NES platform with a very bad remake of the MSX2 version. After that Metal Gear Solid (over six million copies sold) was released on Playstation. Moving the game from 2D to 3D, for me it’s a unbelievable breakthrough. (Beware that Playstation has a MIPS R3000A-family R3051 CPU with 33.8688 MHz clock.)

Screen Shot 2015-04-08 at 15.55.48

(Water reflections are amazing, for that time.)


Metal Gear Solid: VR, (extra missions, which are a great expansion also to the story.) the main character of the series, Snake trains in a VR environment for a greater threat, a device which can launch a nuclear missile to every location on earth. (Summarising a very big franchise with a one sentence 🙁 ) You learn about stealth and weapons in those missions.

I met with MGS franchise, long time ago with MGS 3: Snake Eater via my PS2. One of our random conversations with Deniz, he convinced me to play the whole series to understand the whole franchise.

Long story short, we decided to make a game that has a theme like MGS:VR, except you are not a super-genetically-engineered soldier. Your character will be a anonymous person who wishes to be a Spy to be used by a fictional government to steal enemy intelligence from well-protected enemy headquarters. You should be able to avoid enemy soldiers, surveillance systems to be stay undetected.

It was a pity for MGS: VR to not be able to build your own levels. After you beat all of them, you probably get bored after a while. We decided to include an level editor to Spy-E for that reason.

We started developing Spy-E last month with agile methodology. Each week(sprint) we are required to show our additions to the project and discuss about the requirements with our instructor.

About the engine(is it in-house or third-party?), screenshots, models and more, in next post.

Jun 14

At 2:00 AM to 4:00 AM = A Pong on Arduino

In 2013 Fall, I bought a TFT LCD Screen for my Arduino Uno (r3), in order to increase the level of fun I get from electronics. Especially after EE203 course, it is fun to play with something that works without making you crazy at the end of the day (check this hotel-safe circuit, that I built for course project. Painful hours.).


I got rid of all of the cables of my hotel safe project that were attached to the breadboard. By looking this schema, I connected my TFT LCD Screen to my Arduino Uno. I tested it with TFTDisplayText example. At 2:00 AM, with an unknown inspiration, I put a small challenge to myself to make the game Pong playable throughout the serial port.


For the code you can get it from this gist. Have fun with electronics at last. 🙂

Mar 14

VerySimpleCPU Simulator on Web

Check it out here. Details are coming soon.
Screen Shot 2014-03-18 at 11.41.14 AM

Feb 14

MongoDB notes

Nowadays, I am working on an academic research, which a database server is required. Because of the amount of data we will have, and being able to easily store JSON files directly to the database, we have selected MongoDB which is a NoSQL open source database, very popular one actually,

Knowing the traditionally way to query in a database like MySQL, SQLite etc., it was a kind of a harsh learning curve for me to understand the basic functionallity at the beginning. Once I grasped that, learning other things are significantly faster than the beginning.

So, there are some small notes that I gathered from lot’s of different sources that I wanted to share.

For me handling and designing data is like a medical surgery. Let’s assume you have an increasing amount of data, records increases over hundreds of thousands. While recording the data, data source may give some fields corrupted or not the way that you expect, even you have read the all things on documentation of that source. (There is a very small percentage of finding a well-documented data sources, if you think you found, it may also not always perfect.) For myself, I was fetching a data which has geolocation features(latitude, longitude) for more than one source. I used inheritance and abstraction for creating a base point, and implemented new classes which inherits this abstract class to convert these data based on differences.

However later implementing these services, after several days I wanted to make 2dsphere based queries on Mongo to search records that are close to my-desired-location. It didn’t worked. So I figured out that, that source was the only one that gave coordinates in String form. Hopefully, I didn’t have so many records. I simply write this to the MongoDB console and magic happened! And I changed my subclass immediately. I learned that I should not get lost in the joy of sending a JSON file without looking the data. Testing, testing, evaluating results and testing again is very important.

After for making queries like, “get me records that my distance to these records are at max is this ..” were easy. (Note that $maxDistance is always meters for $geometry = GeoJSON format else radians)

Before writing this query, you must make sure that you have indexed this “loc” field as “2dsphere”. Indexing is required for this action.

Other handful notes:

This one says, find me 5 items where “city” field is Istanbul and print prettily.

This case, you may have a customer data, you expected customers to enter two mails or write only a primary mail. Code snippet at below, gets all customers’ primary and secondary mail fields who actually have “primary mail” field or “secondary mail” field. Making logical operations like this are very powerful and save your time.

You wanted to get rid of a field, that is easy:

For more details about writing a query you should also check this page.

I wished that you could have written more about MongoDB and of course using it with a Python Adapter. May be next time.


Nov 13

Dilixiri, Securing an REST API and OzU-EMS

Screen Shot 2013-11-21 at 11.00.14 PM

In 2010, I was working on moving web app of Dilixiri to a iPhone app. (Dilixiri is a Turkish-English and English-Turkish sentence translation app.) The problem was of that time, our small team does not know anything about handling data between different softwares. I knew some stuff about TCP/UDP because of my PyQt book‘s example. I first thought about making a TCP server on the server side and then since Dilixiri’s page is a Django based HTML page that simply uses a HTML POST to translate a sentence, I tried to do the same thing as web browser does.

For two major versions of Dilixiri (1.0-2.0), it worked pretty well. I was simulating what web browser does by using actually same headers that what a browser does while making a request. Another problem was parsing response(HTML file). I used some simple “split( )” functions to find the text that I am looking for. (Now I feel embarrassed about it, especially after learning about the side effects and regex.)

However in 2012, instead of making another big mistake, I made something right without knowing that it is the best practice for Dilixiri(partially).  In 3.0, I changed how the app handles the translation by using JSON in the middle. But I was afraid of third party users who could easily use it on their software. I got to think about a solution to handle it.

My first attempt was, implementing using GET parameters based API. So in this case:
But if somebody discovers this url pattern, it can be used without permission. Despite my first attempt that is in engineering may referred as a very bad implementation, this time I thought about giving an API key like some of the famous web services do. But if I request a translation:
It is the same thing. This request can be listened in the network and be repeated again. (like Man-in-middle-attack) At the end, I implemented something like:

I hashed request and API key same time that for every request, I use a different hash number. By implementing this, still relay attacks can be done but a fully working API that makes translations as same as Dilixiri became impossible without knowing API key.

A big drawback is you can only use just a one API key. Another is relay attacks. For an API like Dilixiri, it is not a big deal but when you think about other services. It should be handled, both immunity from relay attacks and being able to serve more than one clients.

How to achieve this ? Nowadays, in Computer Club, we are working on OZU-EMS(Özyeğin University Event Management System) that allows clubs to send their club events to this system and system will share it on its mobile app, web page and etc. Also it also saves time in the university side. (A professor that is responsible for the club, and the social coordinator in the university accept or reject this event request by the club easily in a painless way.) We were looking for a way to make an API to serve these events for different clients that are outside of the server. Such as an Android app or a Kinect based Windows app(CreativeOzu(another club) is working for that.). After a small research, I found that my Dilixiri 3.0 approach was the correct one, but lot’s of clients and different API keys, there should be a public key and private key. I personally wanted to share these links for detailed explanation about implementing this solution:

There should be other methods such as implementing HTTPS based service or something else. But I think such kind of custom solutions are better, if you wanted to handle and understand by yourself.

May 13

GrayDeer – An Auto-Grading Solution For Instructors and Assistants


“Deer Head” by USA Fish and Wildlife Service, Tom Kelley from OpenClipArt

It’s been a very busy semester, it is really hard to find time to add some new posts to share things about my personal experiences and cool stuff that I learned.

This semester as you know from my previous post, we have started learning much professional stuff than the previous semester. Since we are assigned to finish a term project, it is enjoyable to find time to implement these things.

So for my CS102 term project is “GrayDeer”. Actually it is not just mine, Eren and I have been working on it since March 2013. It seems we have coded over 7.000 lines together and it still grows, everyday as time comes closer to the demo day. As you know, Eren and I are taking a first-year CS lesson at this moment. At the demo day, it may not be completely useful in daily use,(also maybe it should be considered as a prototype) however I believe it is a great opportunity for try/learn/experiment about such kind solutions. At the end, we may create a final product that can be(may be) useful around the world.

GrayDeer is a “distance education” tool for the lectures that requires involvement of programming. This tool solves instructors’ and assistants’ huge problem. “Giving a homework, checking this homework and grading it”. And also not only grading, but also giving feedback about it unlike the IDEs do today.

We have entered to TUBITAK’s(Scientific and Technological Research Council of Turkey) competition called “University Level Entrepreneurship and Innovativeness Competition”(2238-B Üniversite Düzeyi Girişimcilik ve Yenilikçilik Yarışması) with GrayDeer. We passed the first step and won an award. It is still quite exciting for me to get these news. I hope we can pass the other steps and got the final award.

I will try to share the presentation that we will show after the demo.