Category Archive Information Security


Will Bitcoin Ever Be Regulated?

Reading Time: 4 minutes

As Bitcoin and other digital assets continue to grow in adoption and popularity, a common topic for discussion is whether the U.S. government, or any government for that matter, can exert control of its use. 

There are two core issues that lay the foundation of the Bitcoin regulation debate:

The digital assets pose a macro-economic risk. Bitcoin and other cryptocurrencies can act as surrogates for an international currency, which throws global economics a curveball. For example, countries such as RussiaChinaVenezuela, and Iran have all explored using digital currency to circumvent United States sanctions, which puts the US government at risk of losing its global authority.

Image source

International politics and economics are a very delicate issue, and often sanctions are used in place of military boots on the ground, arguably making the world a safer place. 

The micro risks enabled by cryptocurrency weigh heavily in aggregate. One of the most attractive features of Bitcoin and other digital assets is that one can send anywhere between a few pennies-worth to billions of dollars of Bitcoin anywhere in the world at any time for a negligible fee (currently around $0.04 to $0.20 depending on the urgency.) 

However, in the hands of malicious parties, this could be very dangerous. The illicit activities inherently supported by a global decentralized currency run the gamut: terrorist funding, selling and buying illegal drugs, ordering assassinations, dodging taxes, laundering money, and so on. 

Can Bitcoin Even Be Regulated?

Before diving deeper, it’s worth asking whether Bitcoin can be regulated in the first place. 

The cryptocurrency was built with the primary purpose of being decentralized and distributed– two very important qualities that could make or break Bitcoin’s regulation. 

By being decentralized, Bitcoin doesn’t have a single controlling entity. The control of Bitcoin is shared among several independent entities all over the world, making it nearly impossible for a single entity to wrangle full control over the network and manipulate it as they please. 

Image source

By being distributed, Bitcoin exists at many different locations at the same time. This makes it very difficult for a single regulatory power to enforce its will across borders. This means that a government or other third party can’t technically raid an office and shut anything down. 

That being said, there are several chokepoints that could severely hinder Bitcoin’s adoption and use.

1. Targeting centralized entities: exchanges and wallets 

A logical first move is to regulate the fiat onramps (exchanges) , which the United States government has finally been getting around to. In cryptocurrency’s nascent years, cryptocurrency exchanges didn’t require much input or approval from regulatory authorities to run. However, the government started stepping in when cryptocurrency starting hitting the mainstream. 

The SEC, FinCEN (Financial Crimes Enforcement Network), and CFTC have all played a role in pushing Know Your Customer (KYC) protocols and Anti-Money Laundering (AML) policies across all exchanges operating within U.S borders.  

Cryptocurrency exchanges have no options but to adhere to whatever the U.S. government wants. The vast majority of cryptocurrency users rely on some cryptocurrency exchange to utilize their cryptocurrency, so they will automatically bend to exchange-imposed regulation. 

Regulators might not be able to shut down the underlying technology that powers Bitcoin, but they can completely wreck the user experience for the great majority of cryptocurrency users, which serves as enough of an impediment to diminish the use of cryptocurrency for most.

2. Targeting users.

The government can also target individual cryptocurrency users. Contrary to popular opinion, Bitcoin (and even some privacy coins) aren’t anonymous. An argument can be made that Bitcoin is even easier to track than fiat because of its public, transparent ledger. 

Combined with every cryptocurrency exchange’s willingness to work with U.S. authorities, a federal task force could easily track money sent and received from certain addresses and pinpoint the actual individual with it. Companies such as Elliptic and Chainalysis have already created solid partnerships with law enforcement in many countries to track down illicit cryptocurrency uses and reveals the identities behind the transactions. 

Beyond that, we dive into the dark web and more professional illicit cryptocurrency usage. Although trickier, the government likely has enough cyber firepower to snipe out the majority of cryptocurrency-related cybercrime. In fact, coin mixers (, coin swap services (ShapeShift) and P2P bitcoin transactions ( have been investigated for several years now and most of them have had to add KYC and adhere to strict AML laws. 

Final Thoughts

Ultimately, it’s going to take a lot to enforce any sort of significant global regulation on Bitcoin, with the most important factor being a centralization and consensus of opinion. The majority of the U.S. regulatory alphabet agencies fall into the same camp of “protect the good guys, stop the bad guys”, but there isn’t really a single individual piece of guidance to follow. Currently, cryptocurrencies are regulated in the US by several institutions: CFTC, SEC, IRS, making it difficult to create overarching regulatory guidelines.  

In short, yes– Bitcoin can be regulated. In fact, its regulation has already started with the fiat onramps and adherence to strict KYC & AML laws. While in countries such as Ecuador, Bolivia, Egypt and Morocco Bitcoin ownership is illegal, in the US, it would take some bending of the moral fabric of the Constitution in order for cryptocurrency ownership rights to be infringed.

However, it cannot be shut down. There are still ways to buy, sell, and trade Bitcoin P2P, without a centralized exchange. It would take an enormous effort by any government to completely uproot something as decentralized as Bitcoin, but that future seems more dystopian than tangible.

By Vandrei

This article originally appeared here



Reading Time: 2 minutes

It seems as though something new is always brewing on the technological front!  I have been hearing about “Mastodon” for quite a while and sought to find more things about it and here they are:

  1. ‘Mastodon’ is an open source decentralized network
  2. Each group is an “instance” (reminds me of my Java programming days :)) or “server”
  3. You can post messages, videos or images
  4. You can think of many such “servers” floating in the “Mastadon” space
  5. You can join any “server” of your interest
  6. You can join any “server” based on “Category” of your choice(Technology, General, Art, Journalism and more)
  7. You can create your own “server” too and lay your own rules
  8. All “servers” are ad-free and non-algorithmic
  9. Since it is decentralized, it is free from any sort of tapping or interference
  10. None of the data is monitored or collected. However, all data that you type will be visible to the “server” creator(obviously! :))
  11. All thoughts have a limit of 500 characters(which can be edited or deleted)
  12. You can interact with members from your own “server” or from other “servers”
  13. “Mastodon has stronger anti-harassment tools”



There are many smaller and finer features but the major ones are listed above… for more about “Mastodon” do visit this link..

Maybe, the most important and key take away from the “Mastodon” social network, is the ability to pass thoughts on social media without being observed by anybody thus bolstering the concept of “privacy”…



Popular Information security tools

Reading Time: 2 minutes

Can you imagine peeping into your network and

  • seeing the traffic come in and go
  • see the applications on the net that are trying to access various software on your system,
  • and understand the weaknesses in your system and more?

All this and more can be done by various tools that are available to study the systems. Tools in the Information security domain help us to analyze and understand the network traffic in a deeper way. There are many tools constantly appearing and it is good to keep with the new technologies and changes. 

Here is a brief list of some of the popular Information security tools:

  • Metasploit

        ‘Metasploit’ is a popular pen testing framework primarily designed to hack into systems and test them before the hackers can penetrate them and cause damages. It is available for the Windows, Linux and macOS operating system. It was originally written in Perl and then it was rewritten in Ruby. It is currently owned by Boston based company Rapid7. It has an open source version as well as commercial version.

        ‘Wireshark is a network protocol analyzer and packet sniffer and was formerly known as ‘‘Ethereal’. It is freely available for the Windows, Linux,macOS, FreeBSD, NetBSD operating systems. Wireshark enables you to read and analyze the traffic packets and not alter it in any way.

Here are a few features of Wireshark:

  • “Deep inspection of hundreds of protocols
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis”(Source:

For more on Wireshark, read more here.

       ‘Nessus’ is a vulnerability scanner available from Tenable, Inc. It is available for the Windows, Linux and macOS platforms. It is primarily used to detect and identify vulnerabilities and stay ahead of the hackers. It has been trusted by more than 27,000 organizations and is one of the most widely used vulnerability scanners.

On an average, when a new vulnerability is disclosed, a new plugin is released within 24 hours of its disclosure. There have been more than 100 zero day vulnerabilities discovered in the past 3 years by means of the Nessus scanner. For more on the Nessus scanner, visit this link.

         Aircrack is a tool that is used to assess Wi-Fi security. It consists of a tool for detector, packet sniffer, cracker and analysis tools.

        Since weak passwords are still the easiest way to hack into a system, ‘John the Ripper’ is a tool to detect just that. This tool detects weak passwords and is available as a free and Open source version as well as a commercial version. It is available for Windows, macOS, DOS, Unix, BeOS and OpenVMS.  For more information on John the Ripper, visit this link.

We have seen a just a brief list of the different tools in the Information security domain. Stay tuned for more technical posts!

This is the seventh post for #MyFriendAlexa by @Blogchatter.  I am taking my blog to the next level with #MyFriendAlexa and #Blogchatter.


iOS 13 privacy

Reading Time: 3 minutes

With Apple releasing the new iPhone 11 and its 13th major release of its mobile operating system, ‘iOS 13 on September 19, 2019’, it is the privacy features of iOS 13 that stole my glance! (as usual) Some general features of the iOS 13 are:

  1. The update is applicable only to models of  iPhone 6S and above
  2. There is a new optimized battery charging
  3. Apps are expected to be launched faster
  4. The ‘Do not disturb while driving’ feature detects if you are using public transport and does not turn ‘on’
  5. Unknown callers will be sent straight to voicemail
  6. Enhanced privacy features

Data gathering:

Like it or not, data is always being gathered about you in the background of all devices and social media forums. All social media giants do this and either we are victims of it unknowingly or knowingly. How do we control the apps and social media giants from snooping on our personal data, our pictures etc? Code the operating system appropriately…and that is exactly what Apple has done!

Giving access to our private data knowingly is one thing – but gathering it without our knowledge is totally another thing! 

As I was testing the new iOS 13 OS from a security standpoint, I was amazed by the intricate way in which privacy has been built into every application in the iPhone device. Be it ‘Contacts’, ‘Calendars’, ‘Photos’, ‘Bluetooth’, ‘Files and Folders’ – privacy can be tuned to everything and makes sure every application asks your explicit permission before accessing the private data on your mobile devices. 

  • Camera: There is an explicit disclaimer stating that the pictures and videos that are taken will have other details like where and when they were taken. 
  • Contacts: The following picture shows applications that have requested access to your contacts 



The following picture shows what happens when ‘Whatsapp’ is not given access to ‘My Contacts’:

  • Photos: The picture below shows the permissions which have been given to certain application to access the photos on a device



  • Files and Folders: Applications that have requested to the files and folders appear here
  • Bluetooth: Applications that have requested access to Bluetooth is listed here


       The above picture shows an ‘Alert’ when an application like ‘Amazon Alexa’ is trying to access ‘Bluetooth’.

It is nice to see a tech giant using the power of programming and coding in a positive way. It is also nice to see that the whole data gathering process in Apple is much more transparent than other social media giants and we are able to determine whether we would like to share our pictures, location “All the time”, “Once” or “Never”

Maybe, the overall message in the Apple services says it all “Apple services are designed to protect your information and enable you to choose what you share”

With privacy and security being woven to every application of the iOS 13, it is a sure winner!! Maybe the other tech giants will soon follow suit!!

This is the sixth post for #MyFriendAlexa by @Blogchatter. I am taking my blog to the next level with #MyFriendAlexa and #Blogchatter.


Certifications vs Degree

Reading Time: 2 minutes

‘Certifications’? Ask this to any computer professional – and their eyes will surely glow… 🙂 ‘certifications’ are available in every computer field – as an example, we have the Oracle Java certifications(OCJP, OCJWCD), PMP certifications, data center certification(CCNA, CCNP), computer hardware certifications(A+, Server+), cloud certifications(AWS, CCNA) and the Information security certifications like CISSP, CCSP, CEH(which I am most interested in… 🙂 ) and more…- in fact, you can hardly meet a software professional in the computer field who is not certified!!


Having said this, many colleges also offer degrees in the Computer field such as Bachelors degree in Computer Science and Engineering(for India), Masters degree in Computer Science and Engineering and many other degrees directly or indirectly related to the Computer field. All these degrees require 4 years(Masters programs will take lesser number of years) of hard work and good grades to pass with a good GPA or marks. 

So, which is more respected – degrees or certifications in the computer industry?

As you step into the employment phase of life, initially, educational qualifications will definitely pave the way for a good and plum job in the desired industry and domain. But after a period of time, as technology rolls and changes all in its path – though our core values from the degree are strong and firm, we need additional skills to move up the career ladder. This is where certifications step in. 

Every certification tests you on different skills apart from your work experience. In fact, mid and high level positions in an organization might demand certifications to validate you and make sure that you are still in sync with the industry. You will have to spend at least 3-4 months  studying for these certification exams and the exams will not be easy by any means. After you are certified, most of these certifications might have to be renewed every few years. In fact, I have high respect for professionals who put a series of certifications behind their name!! 🙂


I am sure any organization will be happy with a candidate who has an amazing degree plus all the relevant certifications but I think certifications definitely steal the thunder from a higher degree in the mid and high level employment space!! 🙂

This is the fifth post for #MyFriendAlexa by @Blogchatter. I am taking my blog to the next level with #MyFriendAlexa and #Blogchatter.



ATM hacking

Reading Time: 2 minutes

Cars can be hacked, phones can be hacked, all smart devices can be hacked – so why not ATM machines? Scary isn’t it? This news from the ‘Economic times’ stole my glance and I had to blog about it right away! 

Hacking and the procedure to do it required a bit of expertise in the days gone by, but that is no longer the case in today’s world. Data breaches cost millions of dollars in losses and ATM hacks are also estimated to cost around $3.5 million dollars in losses between late 2017 and early 2018 in the US (Source:

In today’s world, we do not  need thorough hacking and certified professionals to hack ATM machines to steal your credit/debit card information. It can be done by simple tools such as ATM malware cards and ATM hacking tutorials which are easily available in the “dark web” for as low as 100$. And how much time does it take to do it? Just 15 minutes!!

Sounds easy for a hacker, isn’t it?

It is…in fact… in a physical attack, if a device is implanted behind the ATM machine, the machine will give out cash without proper authentication to unauthorized individuals!! (yikes!!)

Since most ATM machines use the same software, attacking one machine will ensure that similar machines can be attacked in a similar manner. Most ATM hacks are performed on machines that run the Windows XP operating system.

How to protect yourself:

After the shocking news of how common and easy it is do ATM hacking, the next question comes about how to protect yourself from it:

  1. It is always wise to use ATMs at well lit locations and those locations that see more footfall
  2. Be aware of ATM skimmers(these are the ones that steal your credit/debit numbers and your PIN) that are attached to the ATM machines and make sure that you are able to use the card smoothly(if not – there is a probability that a skimmer is attached)
  3. Keep track of your bank balance constantly
  4. If you can – try and withdraw money from the bank itself(or try using “Cash back” option in the US and other Western countries)

ATM hacking and other attacks are always on the rise. It is imperative for us as customers to keep ahead of the curve and adopt safety practices!!



This is the third post for #MyFriendAlexa. I am taking my blog to the next level with #MyFriendAlexa and #Blogchatter.


AI and Cyber security

Reading Time: 3 minutes

“Artificial intelligence” or “AI” is a word that has been generously splashed all over and is omnipresent in our lives today and yet most of us are hardly aware of it. From Siri to Alexa to spam filters to smart searches, AI is powering our lives and simplifying it wherever we go.  

What is AI and how does AI work?

In simple terms, AI is a part of Computer Science that tries to simulate human intelligence in machines. Machine learning is a sub-topic of AI and is used along with AI or independently. 

Considering ‘gmail’ as an example, have you ever wondered how regular unwanted email gets pushed into the  “Spam” folders? One way “spam” can be detected is by making use of AI. By carefully studying hundreds and thousands of messages, the machine learns that the messages with certain “keywords” fall into “Spam”.  In our example here, the machine is trained to be “artificially intelligent” to detect “spam”.

This type of learning is close to our learning process as well. The more we read, understand and comprehend – the more decisions we can take. 

We can also see AI and ML(machine learning) powering the job sector with bots speaking to job seekers and helping them get an appropriate  job.

Cyber security:

“Cyber security” is a branch of study which is used to secure personal and business assets through various means and possibilities (like firewalls, VPNs, anti-virus definitions and more) It also involves studying different types of attacks and preventing them in addition to in-depth topics like phishing, ransomware, pen testing, vulnerability assessment and more.

This is a minimal list of cyber security duties –

The cyber security analyst is expected to read a lot of network data in traffic packets and understand the patterns and anomalies in them. This will enable them to detect threats early and sound the alarm for organizations to prevent breaches. Cyber security engineers also work to detect viruses by comparing new files against a signature list of virus definitions.  

So, what happens when “cyber security” makes use of AI?

There are many ways where AI helps cyber security:

  1. Human beings get weary and tired of doing network analysis for a prolonged period of time. Detecting threats and tuning applications is a tedious job, and prone to errors as fatigue sets in. “Alert fatigue” is real and human beings get exhausted looking for patterns and anomalies in the network. This is where AI steps in to enable the user to detect threats more easily. Machines never tire and the power of “artificial intelligence”  and “machine learning” is harnessed by using algorithms that detect “keyword matching, statistics monitoring, anomaly detection”(Source:
  2. AI systems are also trained to detect malware in software rather than only human beings doing it. 
  3. Making the users click on malicious links in an email is the simplest form of hacking. Innocent users click on poisonous links that lead them to part with their precious data. These phishing emails can also be detected by using AI by employing appropriate algorithms.
  4. The power of artificial intelligence can also be harnessed when responding to security incidents. Human intelligence and artificial machine intelligence can work together to speed up detection and response times to security incidents.

These are some ways that cyber security engineers can make use of AI. But it has be remembered that AI can be used by hackers and other miscreants for their own benefit too. It is up to cyber security professionals to keep ahead of the game and thwart them with appropriate techniques.

This is my first post for #MyFriendAlexa. I am taking my blog to the next level with #MyFriendAlexa and #Blogchatter.





Face app

Reading Time: 3 minutes

It seems the online world is embroiled in some sort of controversy or the other giving me plenty to write about!! 😉 Jokes aside – have you downloaded and used the currently viral ‘Face app’?   If you have or have not yet done so, read on…

What is ‘Face app’?

‘Face app’ – the AI , face editor is a freely downloadable app for both Android and iOS platforms and is owned by a Russian company Wireless Labs. It is available both on Google Play and Apple App store. I downloaded it and it was really fun to try the different looks(with a smile, without a smile, with makeup, without makeup) and the younger version and older version of oneself are phenomenal too…For a moment, I threw all my security caution to the wind and dissolved into it and enjoyed it!! 🙂 But, not for long… 

The ‘Face app’ asks for your permission to access the pictures from your ‘Gallery’ and no sooner, do you give it the permission – it takes your ‘face’ from a picture and performs a lot of magic to it. It definitely keeps you enthralled and even has options to use your pictures from social media platforms such as ‘Facebook’.

What is all the noise about ‘Face app’ now?

On the face of it, ‘Face app’ seems to be another app for everyone to have a bit of fun online, but there is more to what meets the eye. Your pictures are all uploaded to the cloud which itself is unnerving from a privacy standpoint. Along with this, there is another problem that has been reported widely which is in the ‘Terms and conditions’ of the viral app. The ‘Terms and conditions’ state this:

“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you..”

While you own your “face” content, you are giving the app exclusive rights for your “face” content to be stored perpetually and be used for other derivative works and display it anywhere!! (yikes) I cannot imagine my face being stored on some strange servers in some part of the world and being used for strange purposes!! 

This is the part of the ‘Faceapp’ that is deeply troubling for all users of the Internet community today.

What is being done then?

  1. US Senate minority leader, Chuck Schumer has called on the FBI and Federal Trade Commission to look into the privacy issues with ‘Faceapp'(Source:
  2. In the wake of privacy concerns, the CEO of Faceapp has stated that most of the pictures are deleted within 48 hours(Source:
  3. User data is definitely not transferred to Russia
  4. Users can requests their data to be deleted
  5. Only the selected picture is uploaded and not all the pictures from the ‘Gallery’ are uploaded

The net result of heavy outburst on social media unfortunately or fortunately, the downloads for ‘Faceapp’ have supposedly increased by 500% in the last six days(Source:

My take on the whole Faceapp drama:

While privacy issues constantly rake the online world, this is probably one of the few times that even non-serious security individuals have woken up to security and privacy thoughts. While our entire online data(conversations, payments, locations, group pictures, events, gatherings) is always moving silently behind the computer screen, a picture of a “face” moving around has really shaken everybody up( A picture is definitely worth a thousand words 🙂 !! ) More people are questioning the privacy behind the fun which is definitely a good thing.

We will see how the ‘Faceapp’ drama unfolds further but for now it is good to see ‘Faceapp’ has definitely woken up the sleeping privacy giant in all of us!!




Are you a “Cyberchrondriac?” or a “Script kiddie?”

Reading Time: 2 minutes


I am sure most of us have heard of the term “hyperchrondriac”. A “hyperchrondriac” is a person who is excessively worried about their health and imagines any minor ailment as a major health concern. Combine this feeling with today’s Internet usage and we have a “cyberchrondriac”!

A “cyberchrondriac” is a person who is guilty of combing the Internet for any or more information about their health concerns. They read various things on the Internet about the minor symptoms that they may have and imagine that they have a terrible disease. With more and  more medical terms and information freely available on the Internet, we all become “cyberchrondriacs” at one time or the other. Their medical ailments may be unfounded or real – but they definitely add to the misery of doctors who are trying to diagnose the real problem. Best option for all “cyberchrondriacs” is to seek medical advice right away and not do a lot of medical research on the Internet…

Script kiddies:

The Internet is our oyster now. We can do anything and everything with its might.We can crack, cook, code, learn and more with the Internet… then why not “hack”? Those looking to hack into websites can learn a great deal by a single minded effort to learn malicious things online. This is where “script kiddies” step in…

‘Script kiddies’ is the name given to newbie hackers. These newbie hackers are not professional hackers and have not perfected the art of ‘hacking’. ‘Script kiddies’ are those who have learnt to hack by reading various articles and publications and watching several online videos on hacking. They also steal other people’s code as they lack enough programming knowledge to wield an attack. In spite of the fact that they are “professional hackers” in the making, their attacks still do affect the majority of users in an equally harmful way. ‘Script kiddies’ do all this and more for the excitement of it and to get joyous bragging rights.

This post saw a definition of a few terms on the Information security front…Stay tuned for more technical updates..



ByBala Manikandan

ArrayLists: Dynamic Arrays in Java (Part 2)

Reading Time: 3 minutes

Here is the second post on ArrayLists which is a continuation from part 1 . Here are some points covered in the first part:

  • Main advantage of ArrayLists over arrays
  • Creating an ArrayList
  • Adding elements to ArrayLists
  • Iterating through the elements
  • Modifying and deleting elements

In the next section, we will deal with some methods commonly used to query an ArrayList.

Querying ArrayLists:

The following example demonstrates the usage of some more ArrayList methods:

//Other methods of ArrayList

package codingexamples;

import java.util.*;


public class ArrayListExample3 {

     public static void main(String[] args){

        ArrayList<String> list = new ArrayList<>();




        list.add(1, “Watermelon”);



        String val = list.get(3);     //retrieve element at index 3


          int sz = list.size();










The output of the code is:

[Apple, Watermelon, Banana, Grapes, Apple]








The methods get() and size() used above are self-explanatory, which is evident from the first three lines of output (remember that index 3 is the fourth element). The method contains() returns true if the specified item is present in the list and false otherwise. In this case, the list contains “Banana” but does not contain “String”. And last, the indexOf() and lastIndexOf() methods return the indices of the first and the last occurrences of the specified object, respectively, or -1 if the object is not present. This is consistent with the above output.

The next section deals with a slightly more advanced concept related to ArrayLists.

Role of the equals() method in results of ArrayList methods:

The equals() method of class Object is inherited by all the classes in Java. But by default, it only checks whether the references of the invoking object and the method parameter are the same, or in other words, it returns true only if they refer to the same object. However, classes may override this method and define a new “equality” condition, which usually involves comparison of the instance variables of the objects.

Some of the methods in the ArrayList class, such as remove(), contains(), indexOf() and lastIndexOf() use the equals() method to check if an object is present in the list or not. Thus depending on whether the equals() method is overridden or not, the results of these methods may differ. This is demonstrated in the following code:

//Demonstrating effects of overriding equals() in classes used as the

//element type in an ArrayList

package codingexamples;

import java.util.*;


class Person1{

    private String name;

    Person1(String nm){name = nm;}

    public String getName(){return name;}

    //no equals() override


class Person2{

    private String name;

    Person2(String nm){name = nm;}

    public String getName(){return name;}


    //Override equals(), returns true if the names are equal

    public boolean equals(Object obj){

        if(obj instanceof Person2){

            Person2 other = (Person2)obj;

            boolean isEqual =;

            return isEqual;



            return false;




public class ArrayListExample4 {

    public static void main(String[] args){

        ArrayList<Person1> list1 = new ArrayList<>();

        Person1 p1 = new Person1(“John”);

        Person1 p2 = new Person1(“Roger”);




        System.out.println(list1.contains(p2));                     //prints true

        System.out.println(list1.contains(new Person1(“Roger”)));   //prints false!

        list1.remove(new Person1(“John”));                      //doesn’t remove John!


        for(Person1 p : list1)

            System.out.print(p.getName() + “:”);



        ArrayList<Person2> list2 = new ArrayList<>();

        Person2 p3 = new Person2(“John”);

        Person2 p4 = new Person2(“Roger”);




        System.out.println(list2.contains(p4));                    //prints true

        System.out.println(list2.contains(new Person2(“Roger”)));  //also prints true!

        list2.remove(new Person2(“John”));                         //removes John


        for(Person2 p : list2)

            System.out.print(p.getName() + “:”);




The output of the code, as it turns out, is:







The above code defines two almost identical classes, Person1 and Person2, both of which have a single instance variable, name. But Person1 does not override equals(), whereas Person2 does. In case it is tough to understand the code in the equals() override of class Person2, for now just remember that the new definition returns true if the names of the two Person2 objects are the same.

Now an ArrayList of Person1 objects is created and two Person1 objects with names John and Roger are added to it. If the ArrayList is queried whether it contains the object referenced by p2 (that is, ‘Roger’), it results in true. But if instead you pass a new object whose ‘name’ is also Roger to the contains() method, it results in false! Why? Because Person1 did not override equals(), and thus only object references were compared all along! Similarly, the next line demonstrates an unsuccessful (for the very same reason) attempt to remove ‘John’ from the list. This is demonstrated in the third line of output, which displays the ‘names’ of all the elements in the list.

The same things are done for another ArrayList of Person2 objects, and a significant change is observed in the output, only because Person2 overrode equals(), and so names instead of object references were compared! Thus the second call to contains() on the second list also produced true, and this time John was successfully removed from the list.

We have seen how to use ArrayLists in Java in this post – stay tuned for more technical posts!