Are Viruses and Botnets Same – Not Really

Have you heard about Virus? Let me put the term properly, “Computer Virus”. Most probably, if you are running a licensed Windows operating system and most probably, you will be running a anti-virus software from well known vendor which comes to you for free while you purchase the computer (desktop or laptop). What is the purpose of the AV software? It helps you to defend from Virus and Worms. Don’t they help you to protect you from Viruses? Yes, AV will help you to safeguard your computer from viruses provided you update the AV software quite often. Is that an enough protection? Not really.

Think about a weird computer connected to Internet through his broadband and scrapping his head and orkut with no reasons. Suddenly, he gets a sweet email and within seconds he installs software which is tiny. As soon as the software was installed, CPU utilization goes up momentarily. What could be the reason?

The weird computer user is a victim of a “Botnet”. What is Botnet and is it another fancy term? Mind it…It may seem to be a fancy term with a devastating character. As soon as they get installed, they spread the bad news quite faster. Botnet are nothing but tiny software that is installed in a system (Windows, these days) and take control of your network. How it does that?

It’s simple. Botnets does one thing and does it fine. As soon as the tiny software is installed, an IRC connection is made to a malicious IRC Server. This malicious IRC server has hell a lot of features. All the exploits will be there as tiny modules and the modules get downloaded to the box based on the vulnerability. The beauty is that the clients keep on downloading the malicious module and shortly after that the way is over.

So next time, we an email comes to you, be sure that you really want to install the software. Prevention is better than cure. No AV to date can cease the activity of Botnets. Only solution is to reimage the system. But feel free to reimage the systems even if you are 1% sure that you are infected with Botnets. I am not exaggerating as they effects are devastating. In short Botnets are not viruses, but they are Virus of Viruses…

How to Escape from Phishing

Just few minutes back, I received an email from a popular bank in America about locking of my banking account and requested me to re-login to activate it. I was very happy by looking at the email because of the humor. The simple reason for my laugh is that “I do not have an account with any bank in America. Neither I had one”.

Being interested in Security (these days, I am much inclined towards web application security), I could readily understand that it was phishing. Luckily, it got into my SPAM folder and that positively confirms that it was phishing. I clicked the link and I could see the exact replica of the original site. This is was my impression at the first sight but after carefully watching it for 2 minutes, I can notably see minute differences between the fake and original web site.

For me it was funny as I did not have an account and so I was able to come to a conclusion. Think about people who have an account and the email was delivered to account holders. If the users are not security literate, this can possibly lead to monetary losses. What one needs to do when such an email comes in.

1. First, take the email and do not read in a hurry
2. Spend few minutes to read and re-read, re-read, re-read carefully.
3. If you are good in English (any language) grammatically and syntactically, you will find hell a lot of mistakes. This is enough to confirm phishing as banks never make these silly mistakes in simple English. Also you can find a lot of punctuation errors. This is common mistakes one can find in fake sites.
   
4. Check the origin email account. Usually, the banks will send emails from their domain name.
5. Follow the link and check the address bar. Verify the website. It should resemble your bank website. But you will find mistakes.
6. The email will also have a sense of urgency. For example, take action in next 24 hours.
7. Once you doubt an email, notify the bank (just forward the email you received).
8. Login to the bank account by typing the bank url (if you need) and not by clicking a link in the email. You can notify your friends, a social service
   

The following snapshot is a phishing mail. Check out for errors.

After Two Days
It is in fact, a phishing. I confirmed it after two days the site was blocked and the server was down. The following is the snapshot I took 2 minutes back.

STEP Auto - Another STEP in my career to cherish

It was my third experience presenting a paper in an International Conference and the Second STEP Auto. I should say, this time they made a tremendous job and improved a lot when compared the one happened early this year. I happen to witness a keynote address and few best practice papers. The keynote address was fine and best practices papers are equally good. But some of the papers delve deep into test management which are not so relevant to me at this point of time, so I choose to skip those sessions.

Our talk was scheduled as last slot in the best practices but does that mean the audiences were in the mood to leave for the day. Not absolutely. The audiences were wonderful with sparkle in the eyes, eager and welcoming thoughts from all the speakers. We were just preparing to make our speech in a different way and at the same time we wanted to put our thoughts on Web Application Security. It was our undoubted thought that anything is a character and done with a Passion becomes an Art. Especially, the web application security as there is no silver bullets and attacking them is pretty easy. Our thoughts are mainly focused on the words Art, Passion and Character and the rest of the technical details revolved around these foundations.

We had a sweet surprise to us even before our talk. The shock was that the last two talks had to be done in 20 minutes instead of allocated 35 minutes. The person who presented before us literally found hard to put his thought and he was asking for more time (literally). It is not fair in the part of the conference people to get the time from the speakers. So we had some time (20 minutes) to think and we did not speak with each other. But we had clear plan which was not trying to cover entire slides but covering few slides in depth.

We stepped in and as expected, we were requested (asked) to complete the talk in 20 minutes. We assured that we would stick with time (we tried to be gentlemen.. but really aren’t). My friend started off the presentation and he progressed through slides. I didn’t see the watch but he would have taken 12-15 minutes. He talked about web application evolution, threat classification, “panic and patch” and patch management process. I took over and talked on Security in SDLC followed by penetration testing. Finally, we wrapped up the talk with a “Take away” and “What it takes to follow”.

I wasn’t aware about the response from the audiences. Here and there we had an unusual (usual) pun. We spoke for 35 minutes and we got a nice comment from the conference chairman that people would like our talk even if we speak for 45 minutes. What a comment? I was craving and aiming for comments like those and made public speaking, a passion. We do receive similar response from one of the participants. Overall, it was great feeling. Technically, I have a long way to go and this is just a starting.

I aspire to write similar blogs in future quite consistently.

Precious book on Java – Effective Java by Joshua Bloch

Before getting into some useful reviews, I would like to write something about myself 4 years back. I was an ordinary Engineer (even now) and learning Networking. I said to myself, I would never like Java in my life. But due to various (???) reasons, I was forced to work in Java. My initial days with Java were terrible and I was stumbling like any other newbie. But slowly, I was made to like Java. It took me two years to write some code with a lot of passion. I should honestly say that it is due to this great book “Effective Java”. This is absolutely not an over rating and the book deserves much more credits as it changed my perspective on Java.

By Java, I mean Core Java. This book made to understand the elegance of Java and its strong APIs. While reading I often refer Java Libraries written by the author of this book. Each of his words has a meaning to it. The one two three four chapters I like most are Threads, Exceptions, Object Creation and Deletion and of course Classes and Interfaces. Though, the other chapters are equally good, I particularly like these four chapters because they are cornerstone to Java. The author has given a lot of Best Practices and if you apply those best practices, your code is much maintainable, readable and comprehensible.

Threads offer you a greater flexibility but writing thread safe application is harder. The current day applications have seriously bugs and if they are running properly, it is nothing more than mere coincidence. The book also explains the results of over synchronization and wait/notify. The chapter on exceptions is more fulfilling and it gives two great thoughts – Exception Chaining and Exception Translation which is handy when your application has many layers. The book gives thoughts on object creation, object deletion, classes and interfaces.

This is a right book for you to have a copy of this book if you are really interested in writing code effectively. This book helps you to think Java in an art from.

Favor Composition (“has a”) over Inheritance (“is a”)

!!! Composition and Inheritance should complement each other !!!

The important key words of any object oriented programmer is “is a” and “has a”. These two key words relate an object with another object. For example, in a real world a “Human” and “Man” is a relationship. “Human” and “Hands” have “has a” relationship. In short, “Man” is a “Human” and “Human” has hands. Inheritance is a great tool that helps to define hierarchy and model concepts as real world objects. It also reduces greater amount of code through code reusability. But in normal scenario, composition just helps up to model objects as they are. For example, Earth has continents, Continents have countries, countries have states, states have cities/towns/villages and goes on. Here the composition is typically used for the relationship “has”. Traditionally, when one wants to implement a function, a method will be added. But composition can be used in an extraordinary ways to bring in dynamic behavior in the system. The composition makes the software flexible and it gives different dimension to object oriented programming. Let us quickly get into some action with an example.

You need to implement different types of sorting algorithm. But there are many sorting available and you should implement bunch of them. Based on the client requirement, you need use any one of the sorting algorithm (when there is low memory, you need to go for insertion sort but if the memory is high you can go for quick or merge sort). The bottom line is the client knows which algorithm is needed and your framework has to do the job. If the memory is low, the clients decide to go with insertion sort and the framework needs to use the sorting algorithm. Also, if the client is interested, the client should be able to fit in their own algorithm “weird sorting” into your framework. How will you go about with this problem? How will you design classes?

There are two ways of solving this problem. The first way is very crudest way where you have all the sorting algorithms implemented in a same class. The single class will have methods – binarySort, insertionSort, heapSort and so on. This straight away blow up the design principle – open close principle. For adding up new sorting “weird sorting”, you need add a new “weird” method. It produces a maintenance nightmare. The second way is slightly smarter way where in the sorting algorithms are implemented as class for each class inheriting from a class “Sorting” which is abstract. But the clients have to use them based on their requirement and most importantly they cannot change the sorting algorithm dynamically.

The third approach to this problem is implement an abstract class or an interface “Sorting” that has a method “sort”. Each sorting algorithm implements this “sort” method and as the result you have many sorting algorithm. When you want add “weird sorting”, it is as simple as to add new class implementing the “sort” method. Your code follows open close principle and this avoids a lot of testing. You can for sure say that your new code does not introduce a bug in the old code. So far, we talked about inheritance. This is usual stuff.

How will you allow others to invoke the sorting method? You need to extend each of the sorting class and so that others invoke the “sort method”. But this method leads to class explosion. When a new sorting is implemented, you need to change/add code. But instead of doing this, you can have the sorting algorithm as a component with a “has a relationship”. For example,

public class Client {
private Sorting sortingAlgorithm;

public void setSortingAlgorithm(Sorting sortingAlgorithm) {
this.sortingAlgorithm = sortingAlgorithm
}

public void someOperation() {

sortingAlgorithm.sort(); //first

/// some operation

sortingAlgorithm.sort(); //second
}

Consider the method someOperation() of Client class. Also assume that Client is a shared object and so many people decide on the particular sorting algorithm. Now the sorting algorithm can be changed dynamically based on various factors. If your application has memory management module, it can play its part to decide on the particular sorting algorithm. In the above example, the first method could be a different sorting and the second sorting could be a different sorting. This, what we mean by flexibility.

In order to engage people in using composition, most developers argue the words “Favor Composition over Inheritance”. These words are simply phrased to give you the power of composition. These words should not be taken literally and no composition works greatly without employing inheritance. So both “Composition”and “Inheritance” should complement each other in a true object oriented perspective. It is time to etch

!!! Composition and Inheritance should complement each other !!!