Good to see myself scratching my head

I started blogging ambitiously and also had promised myself that I would be reading and writing quite often. Yet again, I broke my promise. Never mind as long as you highest expectations, it is a fair deal. It is always better to have a great failure than mediocre results. The confession is enough and let us get ready straight away.

Let me start with a simple question “In Java, why synchronization is so important and avoiding over synchronization is much more important?” Probably, from a bookish guy one can expect the answer for the first part of the question. But in order to understand and answer the second part, you need to get to your refrigerator and have to gulp of citrus drink. One needs to understand the internals of JVM or should have known little bit on JVM. Believe me, it is thrill to learn the answer for the second part.

I have found the answer and in coming days, you can find a detailed article right here…

Until then, keep exploring. Happy learning

UNIX Process - Learning of a Classic never ends

Learning never stops and if it is a classical subject every becomes teacher in no time and student in no time. With a bit of optimism, let me put my thoughts here. Surely comments are welcome and all comments will be put in the hall of fame of this online magazine.

Today, I got sometime to think :-) and thought that I should start writing on processes. For anyone who is new/old the right place to get a start is process. Before getting started, the objectives of this entire article to discuss on process with sufficient details. Moving forward, this blog will have tutorials/scribblings on Unix Externals/Internals.

1. What is process? How it looks like?
2. As an user how one can see the process in your Unix/Linux System?
3. What are various states of process? How they transition?
4. What are the important terminology and data structure needed to continue my journey?
5. Why I need kernel to run my process? I have written "Hello, World" program, why I need kernel to run and get the output?
6. What are various modes/context?
7. How processes switch between modes and contexts? What is the object of those switches?
8. What are the commonly used commands/utilities that are related to the process/process management?
9. Is it going to be a theory? Can you give me code and explain stuffs? Can you also give me license to use the example as per my wish?

Aspiring journey towards UNIX System programming

It was official hang over with Java for the past three years and within these years the things have changed a lot. I never thought or expected to become a Java programmer however I m successfully traveling in the world of Java for the past three years. Personally, I had a lot of learning and it is in fact most fulfilling learning experience in my life time. Having written bunch of articles in Java Technology (it doesn’t necessarily mean that I m an expert), I m thinking to shift gears. I am planning to enter into Unix System Programming world.

UNIX/Linux as an operating system and a programming environment excites me simply because of being simple. Few years back, I was dreaming that I would become an operating system programmer but ended up being an application developer. But I never felt guilty as I always dedicated my time to read Linux internals. Thanks to the authors of Linux Kernel Development and Understanding the Linux Kernel. Now, I am seriously thinking of learning for heart. Yes, learning what my heart likes.

So my agenda for 2008 is to become a better programmer and learn UNIX System programming, UNIX/Linux Internals and Linux Kernel programming. This seems to be over ambitious goal because UNIX/Linux by know means little operating systems. It really takes considerable of time to understand the internals of the both the operating system. So, let me see how far I come close to my target in 2008. When I say, learn I really mean learning UNIX/Linux as both Art and Science.

Keep watching, suddenly you may find interesting write-ups. It is a matter of time. Unlike the sensex, you will find a lot articles in holidays/weekends :-)

Wishing Everyone, a Very Happy New Year

Are Viruses and Botnets Same – Not Really

Have you heard about Virus? Let me put the term properly, “Computer Virus”. Most probably, if you are running a licensed Windows operating system and most probably, you will be running a anti-virus software from well known vendor which comes to you for free while you purchase the computer (desktop or laptop). What is the purpose of the AV software? It helps you to defend from Virus and Worms. Don’t they help you to protect you from Viruses? Yes, AV will help you to safeguard your computer from viruses provided you update the AV software quite often. Is that an enough protection? Not really.

Think about a weird computer connected to Internet through his broadband and scrapping his head and orkut with no reasons. Suddenly, he gets a sweet email and within seconds he installs software which is tiny. As soon as the software was installed, CPU utilization goes up momentarily. What could be the reason?

The weird computer user is a victim of a “Botnet”. What is Botnet and is it another fancy term? Mind it…It may seem to be a fancy term with a devastating character. As soon as they get installed, they spread the bad news quite faster. Botnet are nothing but tiny software that is installed in a system (Windows, these days) and take control of your network. How it does that?

It’s simple. Botnets does one thing and does it fine. As soon as the tiny software is installed, an IRC connection is made to a malicious IRC Server. This malicious IRC server has hell a lot of features. All the exploits will be there as tiny modules and the modules get downloaded to the box based on the vulnerability. The beauty is that the clients keep on downloading the malicious module and shortly after that the way is over.

So next time, we an email comes to you, be sure that you really want to install the software. Prevention is better than cure. No AV to date can cease the activity of Botnets. Only solution is to reimage the system. But feel free to reimage the systems even if you are 1% sure that you are infected with Botnets. I am not exaggerating as they effects are devastating. In short Botnets are not viruses, but they are Virus of Viruses…

How to Escape from Phishing

Just few minutes back, I received an email from a popular bank in America about locking of my banking account and requested me to re-login to activate it. I was very happy by looking at the email because of the humor. The simple reason for my laugh is that “I do not have an account with any bank in America. Neither I had one”.

Being interested in Security (these days, I am much inclined towards web application security), I could readily understand that it was phishing. Luckily, it got into my SPAM folder and that positively confirms that it was phishing. I clicked the link and I could see the exact replica of the original site. This is was my impression at the first sight but after carefully watching it for 2 minutes, I can notably see minute differences between the fake and original web site.

For me it was funny as I did not have an account and so I was able to come to a conclusion. Think about people who have an account and the email was delivered to account holders. If the users are not security literate, this can possibly lead to monetary losses. What one needs to do when such an email comes in.

1. First, take the email and do not read in a hurry
2. Spend few minutes to read and re-read, re-read, re-read carefully.
3. If you are good in English (any language) grammatically and syntactically, you will find hell a lot of mistakes. This is enough to confirm phishing as banks never make these silly mistakes in simple English. Also you can find a lot of punctuation errors. This is common mistakes one can find in fake sites.
   
4. Check the origin email account. Usually, the banks will send emails from their domain name.
5. Follow the link and check the address bar. Verify the website. It should resemble your bank website. But you will find mistakes.
6. The email will also have a sense of urgency. For example, take action in next 24 hours.
7. Once you doubt an email, notify the bank (just forward the email you received).
8. Login to the bank account by typing the bank url (if you need) and not by clicking a link in the email. You can notify your friends, a social service
   

The following snapshot is a phishing mail. Check out for errors.

After Two Days
It is in fact, a phishing. I confirmed it after two days the site was blocked and the server was down. The following is the snapshot I took 2 minutes back.