Monthly Archive June 2019

ByJayanthi

‘Sharenting’

Reading Time: 3 minutes

‘Sharenting’ – “What is that?” might be the thought for many of us…it was the same thought for me too and soon I was researching more and more into the topic…here are a few of my findings and thoughts…

Social media personalities:

As discussed in another post, all of us have different social media personalities when we are online. While some of us feel comfortable sharing only our achievements online, many of us share a whole lot of other personal things  and there are yet others who totally shun social media! All of us have different takes and views on sharing information online. While there is no perfect right or wrong here and each person is entitled to share what they want,just knowing the risks empowers us.

The “star” subject:

These days there are videos for every type of content….

“You need to bake a cake?”  “Just go to YouTube” might be a popular retort…

“You want to paint?” “Just head to YouTube too”…

“You want to learn Java?” “Head to YouTube – there are plenty of live coding examples that make coding much more easier to learn…..”

While the subject in the above example is “cake”,”paint brush” and “code”, there are numerous videos where the subject is “children”. Children growing, talking about everyday activities with children, children,children and more children…most of the times the author talks about their own children in great detail. Not only videos, there are blog posts and other means of sharing which feature one’s own children.

Some times, some children’s digital identities are fixed from the time they are in their mother’s wombs!!

The more information we share about them – the more views, likes, shares and subscribers we get. We think we are helping other people out there in the same boat(and we might be helping somebody I am sure) -but I am not sure if that is always the case…in the corner of my mind there comes a faint thought if we are exploiting the children in any way because they cannot say anything…

This is “sharenting” which is talking excessively about them and recording every minute detail in full public view….

I admit I am also guilty of a few posts about my grown children as well! 🙂 But all my posts are reviewed by the star of the post – as all of them are old enough to make that decision. Some times, they are amused and sometimes they are not so amused but I hit “publish” only after the final assent by them!

I think most of us do not have that luxury as most of our child subjects are too young. We assume that we do not have to take their permission and yes, if they are too young – we cannot and we do not have to….

But apart from the privacy thought,the multi-million dollar sharenting question is what will the child think of all this sharing and “sharenting” when they grow up?

As you might be knowing, children grow up fast and it will be just be another 4-5 years before they assert their online identity.

Will they say “Stop, mom and dad, why did you have to record me so much?”or will they share your happiness in all the recording and sharing? Only time will tell…

Conclusion:

So, where are you on the “sharenting” spectrum? Do you share a little about  your kids or do you share a lot about them? What do you think they will think of this in the future?

What is my final take on “sharenting”? Take “sharenting” with care and balance – let us not embarass our future social media citizens!! 🙂

All thanks to Cybermum_India and Cybermum_AU for this thought that transformed into a complete blog post! 🙂

ByBala Manikandan

Anonymous Inner Classes and Lambda Expressions in Java

Reading Time: 6 minutes

Before beginning this post, I would like to state that this post assumes some prior knowledge of Java (particularly inheritance, using interfaces and overriding methods)

Most classes we have seen have their own name and exist on their own (outside any other class or method). But anonymous inner classes can exist inside another class/method, and do not have a name (hence the name ‘anonymous’). These classes must either extend another (named) class or implement an interface. When the interface being implemented has only one abstract method, the anonymous inner class can be converted into a special expression called a lambda expression (as of Java 8), which simplifies the code. This post talks about anonymous inner classes and lambda expressions in detail.

Anonymous Inner Classes

As mentioned above, anonymous inner classes do not have a name, can exist within another class/method, and must extend another class or implement an interface.

Let us see the various examples that can be used to work with anonymous inner classes:

  1. The following example uses an anonymous inner class to extend another class and create an object of it on the spot. Observe the syntax carefully:

//Using anonymous inner classes to override methods of an existing class

package codingexamples;

class Sample{

    public void display(){

        System.out.println(“Sample”);

    }

}

public class Example1 {

    public static void main(String[] args){

        Sample s1 = new Sample();

     

        Sample s2 = new Sample() {                //line 1

            public void display(){

                System.out.println(“Sample 2”);

            }

        };                            //this semicolon is very important

       

        useSample(s1);

        useSample(s2);

    }

    static void useSample(Sample s){

        s.display();

    }

}

The output of the above code is:

Sample

Sample 2

Observe the bold section of the code carefully. Note that the first line of code in this region ends in a curly brace, not a semicolon. This line declares a reference variable of type Sample, and initializes it with an object whose type is not Sample, but an anonymous subclass of Sample. The curly brace at the end of the line is the start of the anonymous inner class body.

The next three lines of code, as we can see, are overriding the display() method in the class Sample. This is, of course, the reason behind creating anonymous inner classes. The last line of (bold) code requires some attention. The closing curly brace marks the end of the class, but that’s not all – there is also a semicolon to end the statement started on line 1! As it is unusual to see semicolons after closing braces, this is very easy to miss.

On the whole, the code creates two Sample references, one holding a Sample object, and another holding an object of an anonymous subclass of Sample (which overrides display()). These variables are then passed to the useSample() method which calls their respective display() methods. This leads to the output mentioned above.

 

2. Anonymous inner classes implements an interface in the second example:

//Using anonymous inner classes to implement methods of an interface

package codingexamples;

interface Movable{

    void move();

}

public class Example2 {

    public static void main(String[] args){

      Movable m1 = new Movable(){

            public void move(){

                System.out.println(“m1 is moving”);

            }

        };

       

        useMovable(m1);

    }

    static void useMovable(Movable m){

        m.move();

    }

}

 

The output of the above code is, as expected:

m1 is moving

This code is very similar to the first example. Note that even though the syntax used is ‘new Movable()’, the code is not instantiating the interface (it’s not legal to do so). The variable m1 refers to an anonymous implementer of Movable.

3. Anonymous inner classes can extend/implement classes/interfaces having more than one method as well. They can also be used as method arguments (watch the syntax again). The following example illustrates these two points:

//Another example of anonymous interface

package codingexamples;

interface Bounceable{

    void bounce();

    void jump();

}

public class Example3 {

    public static void main(String[] args){

        /* Create an anonymous implementer of Bounceable in the argument list of useBounceable() */

       useBounceable(new Bounceable(){

            public void bounce(){

                System.out.println(“Anonymous object bouncing”);

            }

            public void jump(){

                System.out.println(“Anonymous object jumping”);

            }

        });

    }

    static void useBounceable(Bounceable b){

        b.bounce();

        b.jump();

    }

}

 

The output of the above code is:

Anonymous object bouncing

Anonymous object jumping

Observe how the object of the anonymous inner class is created right inside the argument. Also note that in this case, the statement ends with a closing curly brace, a closing parenthesis and then a semicolon.

Lambda Expressions

Now we will move onto Lambda expressions. Consider the following scenario. You have a class Student, which stores some details of a student such as name, marks etc. You also have an interface Check, as shown below:

interface Check{

    boolean test(Student s);

}

This is meant to create multiple custom ‘checks’ on the attributes of each student (for example, ‘name’ starts with ‘A’, ‘marks’ >= 95 and so on). For each such test condition, prior to Java 8, it would be necessary to define a class that implements the interface. Of course, it would be inconvenient to define multiple such implementers with names such as ‘CheckName’, ‘CheckMarks’ etc. (as one can see, it is repetitive). Another approach is to use anonymous inner classes as implementers of interface Check (already discussed above), which removes the problem of repetitive names. However, each anonymous implementer, as we have seen already, spans at least five lines of code.

Java 8 allows you to create ‘instances’ of functional interface ‘implementers’ through the use of lambda expressions (a functional interface is one that contains exactly one abstract method). These can, in certain cases, replace anonymous inner classes and simplify the code. The following example defines the class Student, interface Check and makes use of the interface through lambdas:

//Demonstrate the use of lambda expressions

package codingexamples;

class Student{

    private int marks;

    private int grade;

    private String name;

    public Student(String n, int m, int g){

        name = n;

        marks = m;

        grade = g;

    }

    public String getName(){

        return name;

    }

    public int getMarks(){

        return marks;

    }

    public int getGrade(){

        return grade;

    }

}

//Check is a functional interface (one abstract method)

interface Check{

    boolean test(Student s);

}

public class Example4 {

    public static void main(String[] args){

        Student[] students = {

            new Student(“John”, 90, 7),

            new Student(“Roger”, 70, 9),

            new Student(“Fred”, 88, 6),

            new Student(“Robert”, 60, 8)

        };

       //Lambda expressions

        Check seniorsChk = s -> s.getGrade() >= 9;

        Check toppersChk = s -> s.getMarks() >= 85;

       System.out.println(“Senior students:”);

        filterStudents(students, seniorsChk);

       System.out.println();

       System.out.println(“Toppers:”);

        filterStudents(students, toppersChk);

    }

    static void filterStudents(Student[] stu, Check chk){

        for(Student s: stu){

            if(chk.test(s))

                System.out.println(s.getName());

        }

    }

}

The output of the above code is:

Senior students:

Roger

Toppers:

John

Fred

Before going into the working of this code, let us observe the syntax of the lambda expression. The general syntax of a lambda expression is:

<Parameter(s)> <Arrow> <Lambda Body (must be an expression which evaluates to the abstract method’s return type)>

To understand better, keep in mind that the following expression:

s -> s.getGrade() >= 9

Is equivalent to (in this case):

new Check(){

     public boolean test(Student s){

            return s.getGrade() >= 9;

     }

}

Thus a lambda expression essentially just behaves like an anonymous inner class, with fewer lines of code. Now we can understand that the code basically creates two ‘test conditions’ on Student objects, using lambdas, and then filters a list (array) of Student objects using these ‘test conditions’ (implementers of interface Check). Walk through the lines of code to understand better. Here, Roger is considered a senior as he is in a grade higher than or equal to grade 9, and John and Fred are considered toppers as each of them has scored more than or equal to 85 marks each.

Before we end, let us rewrite the code in Example 2 using a lambda expression (interface Movable used in that example is also a functional interface). Old code is commented out:

//Example 2 rewritten using a lambda expression

package codingexamples;

//assuming interface Movable already exists

public class Example5 {

    public static void main(String[] args){

        /* Movable m1 = new Movable(){

            public void move(){

                System.out.println(“m1 is moving”);

            }

        };

        */

        Movable m1 = () -> System.out.println(“m1 is moving”);

        /* note that parentheses are needed when the method

                accepts zero arguments or more than one argument */

        useMovable(m1);

    }

    static void useMovable(Movable m){

        m.move();

    }

}

The output of the code remains the same as before. Note that examples 1 and 3 above cannot be rewritten using lambdas, as example 1 uses a class, and example 3 uses a non-functional interface (two abstract methods).

We have seen different types of anonymous inner classes and Lambda expressions in this post… stay tuned for more technical posts!

 

ByJayanthi

Offensive and defensive security

Reading Time: 2 minutes

Did you know that the words ‘offensive’ and ‘defensive’ can be used in the InfoSec domain as well? If you follow my writings on Information security – you might realize that the InfoSec domain itself feels different for one set of posts and different for another set of posts…The two distinct classifications are ‘offensive security’ and ‘defensive security’.

While which part of security interests you, depends on you and you alone, security might never be an independent task and it might be a combination of both that you might be facing at work everyday. Having said that, let us move onto to see what is meant by ‘defensive’ and ‘offensive’ security.

Defensive security:

Conventional security is mostly termed as ‘ defensive security’. ‘Defensive security’ deals with security mechanisms that defend the business/home environment like firewalls, VPNs, anti-virus definitions and more. Just like with other applications of the word ‘defensive’ – ‘defensive security’ is more of a reactive approach. We install anti-virus software to keep out viruses, firewalls to block intrusion attempts, work with business continuity and disaster recovery experts, draw security plans to protect the organization but we do not tear the system down to find the vulnerabilities in it.  This is ‘defensive security’.

Offensive security:

‘Offensive security’ on the other hand is the exact opposite of ‘defensive security’. It is like performing a root canal treatment on the business and personal systems to unearth the various vulnerabilities in systems to seal them effectively! Ethical hacking, pen testing,vulnerability assessments,  digital forensics, advanced attacks all come under the umbrella of ‘offensive security’.  Offensive security involves attacking and pen testing live systems. Offensive security mechanisms are much more intensive than defensive security tactics.

ISPO — home page wordle

There are numerous offensive security certifications but the ‘OSCP'(Offensive security certified professional) and the very popular CEH(Certified Ethical hacker from EC-Council) stand out. If you think hacking is your thing, become a white hat hacker and earn these precious certifications. These certifications however are not for the faint of heart. They involve more technical expertise and more hands-on experience. For example, the OSCP certification exam is conducted for a full 24 hours!(yes, you read that right!) 

OSCP certification:

  1. Candidates taking the grueling OSCP certification must first take the ‘Pen testing with Kali Linux’ online course before attempting the examination
  2. The cost of course and the exam is 800$ which involves 30 days lab access
  3. “The OSCP examination consists of a virtual network containing targets of varying configurations and operating systems”
  4. The candidate is expected to research the network, find vulnerabilities and execute attacks.
  5. Successful OSCP holders can conduct remote and client side attacks, deploy tunneling attacks to bypass firewalls and more! 

More information about OSCP certification can be found here

Which type of security are you more aligned to? Defensive or Offensive? Does it fascinate you?