Friday, May 16, 2014

Software Tools

Software tools are a ubiquitous part of modern life especially for a software engineer. As a software engineer one handles multiple compilers, integrated design environments (IDE) or something as mundane as Microsoft Excel or PowerPoint. This semester, I added a couple more tools to my toolkit – Prolog, JFLAP and the Petite Chez Scheme.

SWI – Prolog:


Prolog is a logic based programming language and was initially designed for the purpose supporting of Artificial Intelligence programming. I would particularly recommend Swi- Prolog among the various flavors of Prolog available. It is an open source tool that is used for the Prolog programming language. It was particularly useful for practicing my Prolog programming skills. It has a lot of key libraries, good GUI, IDE environment and really good supporting documentation. This made self-learning a lot easier.

JFLAP:



I am sure for every computer science major student, formal languages and computation is one course that can get really difficult to understand. I felt this was mainly because the course can get very theoretical. But while doing this course, I came across JFLAP that really helped me in my understanding of finite machines taught in the formal languages and computation course.

One can play around with this tool to create different finite machines, check the language it produces etc. This tool can be used to experiment on Non Deterministic and Deterministic machines, Turing machines etc. It can also be used to convert a NFA (Non Deterministic Finite Automata) to DFA (Deterministic Finite Automata). It can also be used to obtain regular expressions from a DFA. I found using this tool a lot of fun and very educational.


Petite Chez Scheme:


This is another tool that I used a lot this semester. This is an interpreter for the scheme programming language. Again, it has extensive libraries and a surprisingly good GUI. Even though scheme is a very old programming language, it provides a very good insight into how programming languages have evolved over the years. I really enjoyed using Scheme and would encourage software engineers to do so.


References


Prolog



If you are looking for a completely different programming experience you must simply try Prolog. Using this language you can simply ask your computer simple questions and it will answer it for you. I did a course this semester in which I came across Prolog programming language for the first time. I was pretty impressed with this language as it was completely different from all the languages that I had seen so far. Prolog unlike traditional programming languages is a logical and declarative language. In fact, it was one of the first programming languages based on logic. It was introduced in 1970 by Robert A. Kowalski at Edinburgh University. This language is used widely for artificial intelligence. 

How Prolog works is that it makes deductions based on facts and rules, both of which are specified by the user. A fact describes the object and its relationship with the object. For example, if we consider Silver is shiny as a fact then it is expressed as shiny(Silver) in Prolog. Here 'Silver' is the object. Another example is likes (Swapna, chocolate). This defines a fact that Swapna likes chocolate.

A rule describes a relation between different facts. For example friends(X,Y) :- likes(X,Y),likes(Y,X). Here ':-' is 'if' in Prolog and ',' means 'and'. So this rule means that X and Y are friends if X likes Y and Y likes X. We need to make sure the rules are valid. Every rule must end with a period. The left hand side of the rule has to be a single literal and cannot be negated. In the above example, if the left hand side is not(friends(X,Y)) then it is not a valid rule.

In Prolog the user creates a database with rules and facts. Having done that, the user can ask questions about the various objects and their relationships. Below is a snippet of how the prolog interface looks like.



Let us consider a database example. For instance we can create a database like this:
likes(alice, diamonds).
likes(alice, john).
likes(john, alice).
buys(john, diamonds) :- likes(john, alice).

After the database is created one can ask questions like this:
?- likes (X, diamonds). Would ask the question who likes diamonds
X = alice;                   The answer displayed would be Alice
?- likes (X, john).     Here the question asked is who likes john
X = alice;                Again, the answer displayed would be Alice

A Prolog program database can be thought of a collection of predicate logic statements. The way evaluation takes place is that once you query, prolog performs substitutions based on the logic statements to find the right answer. The searching algorithms are in built in the Prolog compiler.
This predicative logic lends itself naturally to AI programming and thus makes it a very powerful language to use in the fields of artificial intelligence, weather prediction, defense applications to name a few.

References:

Monday, April 21, 2014

Beta Testing


Beta Testing is a critical component of the software release cycle. It is the last stage of testing of a product and takes place after alpha testing.  At this time, the software product is close to completion. When the product is released for Beta testing, the product is in its Beta Release. The key focus of beta testing to make sure the product works seamlessly when finally released to the user.

While alpha testing is usually done by internal testing teams, beta version of the product is released to targeted users outside of the company.  A beta version of the software is close to the final product but has a good probability of having bugs, low performance, crashes and loss of data. Hence, this release it is not available to all users. The users who use it have exclusive access to the product and are called Beta testers. Beta testers work closely with the software testing team of the company to catch all critical bugs and ensure the final build of the product is stable.

In many B2B scenarios the beta sites are the key customers who will be the major users of the software. Thus it makes the Beta test period equally important for the Beta testers as the product would be critical to the success of their own company.

A few years ago, beta testing phase was not a part of the software release cycle. The companies would only release the final version after spending years on testing and improvising the product. But this resulted in some serious flaws, the new culture of Beta testing slowly started to evolve. It started off with companies only releasing the product to selected group of people who are invited to Beta test. Now consumer focused companies release their Beta version to the public and welcome feedback from anyone.




I personally enjoy gaming and hence I have always found Beta testing for games to be a pretty interesting job since you are required to play games for a living! A Beta tester for games would be expected to play the different levels of the games till it crashes in order to test its robustness. The tester would also be required to check if everything looks correct and works logically. This would mean that the tester would need to play the same level multiple times in different ways hoping that it would crash. But this job is not as easy as it sounds. The tester also needs to come up with ideas to break the game and also needs to report anything and everything to the developer. Even though the tester gets to be one of the first few who gets to access the latest game or product that has not been released to the public , he/she would be required to keep the information confidential.

References:
http://www.webopedia.com/TERM/B/beta_test.html
http://money.cnn.com/2014/05/13/technology/innovation/beta-testing/
http://blog.startapp.com/4-tips-beta-testing-success/
http://www.gamasutra.com/blogs/BriceMorrison/20130514/192197/The_Truth_about_Being_a_Beta_Tester.php
https://www.google.com/search?q=beta+testing+games&tbm=isch&source=lnms&sa=X&ei=nWBXU9iDJIaiyATwjoDYBg&ved=0CAgQ_AUoAw&biw=1242&bih=607#q=beta+tester&tbm=isch&facrc=_&imgdii=_&imgrc=7IpcDJrpJNQPuM%253A%3BmncWMctLLkZoSM%3Bhttp%253A%252F%252Fimages.wisegeek.com%252Fhands-with-game-controler-and-tv.jpg%3Bhttp%253A%252F%252Fwww.wisegeek.org%252Fhow-do-i-become-a-beta-tester.htm%3B1000%3B620

Monday, April 14, 2014

Usability Testing



As I use web services or apps on my smart phone, I am always very impressed if I find a site that is very intuitive to use, has icons at the right locations on the screen, has the appropriate content in the drop down menus and allows me to efficiently accomplish what I intend to do. Some apps just seem to be built right and an important reason for this is Usability testing.

Usability testing is a key step in evaluating a product before launch. It is a method that is used to check the product's level of acceptability. Product developers perform usability testing on real end users and evaluate how the product works and what changes need to be made before going “live”.




Given the importance of Usability testing, I was very impressed when I came across an article that talked about the “Lookback” plugin that helps iOS developers to do usability testing for any iOS application from the comfort of their home. This plugin helps developers perform usability testing on a large sample size of users by tapping into the iOS installed base. The way it works is very simple. Once the end user installs the plugin on their apple device, Lookback offers the developers a direct gateway to collect user experiences remotely without any additional tools. Lookback makes users become beta testers.

The front facing camera in the apple device can record the user expressions as he or she uses the app. The microphone catches real time user feedback and the content on the screen gets recorded as well. The developers can then analyze the trove of user data and make their product more user-friendly and successful.

So what attributes are key for Usability testing? Some key attributes are -
Accessibility - This is used to check the ease with which the users are able to navigate through the app.
Responsiveness - How quickly the app responds to the user's actions and the accuracy of its display and response.
Efficiency - This is to check if the user is able to perform the required function with minimum steps.
Comprehensibility - This is to check if the app has sufficient and clear documentation and help that will help users to understand the application.

Today, there is multiple usability testing software tools available. A few that I found to be interesting are- `
Concept feedback: This tool is good especially for website designers and can help get feedback for user interfaces. It is free and simple. The web designer gets feedback about his or her ideas from experts. The drawback is that the feedback is not interactive as the reviewer only reviews the design by looking at it and doesn't use it to get a feel of it.

Chalkmark: This is another interesting and simple product that enables easy usability testing. The developers can figure out where to place the buttons on a webpage and get feedback on typical user behavior when it comes to clicking buttons on the webpage. Again, this is a very easy tool to use and the users can be made to participate in the testing just by sending them an invite to the Chalkmark tool.

References
1) http://www.zdnet.com/lookbacks-usability-testing-app-expands-gets-financial-backing-7000027804/
2) Software Engineering: Modern Approaches by Eric J. Braude , Michael E. Bernstein
3) http://www.usefulusability.com/24-usability-testing-tools/
4) http://productmanagementtips.com/2009/09/22/usability-testing-best-practices/
5)http://thenextweb.com/insider/2013/09/27/lookback-lets-developers-record-and-review-the-screen-gestures-face-and-sound-of-their-app-testers/

Monday, March 24, 2014

Blogs





Writing a blog is a favorite pastime for many. It helps spread knowledge and you can also gain good reputation among your peers if you write good technical blogs. But whether one blogs professionally or as just a hobby ,bloggers must know the basics of Html in order to make the blog look as they want it to. Here is a brief overview on a few html tags that can be used in making your perfect blog.

img.jpg



Html code has two tags, the opening tag and the closing tags. The content goes in between these two tags.


The heading tags help display the heading. Different sizes can be obtained by using different tags like
<h1> text goes here </h1>
<h2> text goes here</h2>
<h3> text goes here </h3>


Another important feature of Html that can be used in blogging is adding hyperlinks to the text. This can be done by using the following code.
<a href =”link goes here”> text goes here </a>


Images definitely attract more viewers to a blog. In order to include images into your blog you can use the following code.
<img src=”link of image goes here” alt=”text goes here” width=”30” height=”50”>


If you need to include bullet points, here is the code that will help you with it.
<ul>
<li>list 1 </li>
<li>list 2 </li>
</ul>


The bold, italics and underline fonts can also be achieved using html tags.
<b>text goes here</b>
<i>text goes here</i>
<u>text goes here</u>

Another feature that can be useful is alignment of the text. You can position you text to the center, left or right using the following html tags.
<p align="left">text goes here</p>
<p align="center">text goes here</p>
<p align="right">text goes here</p>


These were just a few Html tags, there are a multiple tags that are available that can help address any specific requirement .These html tags can go a long way in controlling the structure of your blog. Happy blogging!!



References :
[1] https://blog.shareaholic.com/understanding-blog-analytics/
[2] http://yourcontentnotes.com/2011/02/basic-html-tips-blogging/
[3] http://www.wikihow.com/Write-a-Technology-Blog
[4] https://blog.shareaholic.com/html-101-for-bloggers/
[5] http://www.w3schools.com/html/html_images.asp
[6] http://www.gabrielweinberg.com/blog/2011/08/why-i-blog.html


Monday, March 17, 2014

QR Codes


The QR code aka "Quick Response" code was first designed in Japan for the automotive industry.
Very interestingly, QR codes were first invented back in 1994 for the purpose of tracking parts in the automobile industry. Over time it slowly became more popular and started being used in other industries such as Retail, Banking etc.




A typical QR code shown above is a collection of four squares with a dot in each square and a bunch of lines (horizontal and vertical) mainly used for alignment purposes. A QR code can store alphanumeric (upto 4K characters) and numeric data ( around 7K characters). A QR code usually contains a phone number, url, text message or an email address.

Now the advent of smart phones has accelerated the use of QR codes especially in retail marketing. QR code scanners are free apps that can be downloaded and used to scan QR codes. Scanning a QR code redirects the user to the appropriate website that a company wants their customer to see. This becomes very easy for customers as they don’t have to type in a long url. Also, QR codes are very reliable. A slightly damaged QR code (even if up to one third of the information is lost) can yield the right result after scanning.

The simplicity of use along with its reliability has led to the proliferation of QR codes. Today one can see QR codes from advertisements in trains to a carton of cereal. But proliferation of QR codes has also led to an increase of malicious attacks by cyber criminals.



As with any popular technology, there are risks with using QR codes that have to be kept in mind. I wanted to discuss a couple of suck malicious attacks
 - September, 2011 saw the first major QR code attack that redirected users to malicious websites and apps which tried to gain personal and credit card information. Also, premium texts were sent costing the user money.
- Attackers today can create QR codes that reveal a user’s mobile phone’s IMEI number. This is a unique identification number for a mobile device. This information would be dangerous in the hands of attackers with malicious intentions.
- Hackers can embed in QR codes factory reset codes for mobile phones. When such QR codes are scanned it will delete all data and settings on the phone.

One can prevent such attacks by keeping the phone’s firmware up to date and by using good judgment in choosing which QR codes to scan.

While QR codes are becoming more popular, a new technology called clickable paper is emerging that might one day replace QR codes. The idea of clickable paper would be that one could click an image and that would redirect a user to multiple related pages such as its Amazon website, YouTube video, Twitter account, Facebook page and anything related to the product.


References
  1. http://usa.kaspersky.com/about-us/press-center/press-blog/malicious-qr-codes-attack-methods-techniques-infographic
  2. http://www.answers.com/topic/qr-code
  3. http://resources.infosecinstitute.com/qr-code-ussd-attack/
  4. http://en.wikipedia.org/wiki/QR_code
  5. http://mashable.com/2014/01/09/qr-code-clickable-paper/





Monday, March 10, 2014

Cyber Security


  "DDoS cyber attacks get bigger, smarter, more damaging" -Reuters

                       "McAfee uncovers 200 new cyber attacks per minute in 2013" -v3.co.uk

 "World's biggest cybe rattack detected, 360 million accounts, 1.25 billion email addresses hacked" -The Times of India


Cyber attacks have become a major threat to the world. The importance of cyber threats can be gleaned by the fact that the US government in its recent budget proposal reduced the overall defense spending, but increased the spending to counter the cyber threats. This is not only a national security concern in today's world but also a major concern in consumer space as hackers try to get personal information of users, steal their identities to make money and use them for other nefarious activities.

Given the vast amount of recent attacks, I wanted to highlight a couple of threats that has gotten media attention lately.

- In recent months Twitter, gained a lot of attention due to its IPO. But that was not the only reason why Twitter was in the news. This newly formed company was at the receiving end of a major cyber attack .According to news reports 250,000 user's email addresses, user names and passwords may have been compromised . Even more disturbing was the fact that Twitter took almost a week to discover the live attack that had taken place.

- Target fell victim to a major security breach during last year's holiday season and is believed to be one of the biggest retail security breaches in US history. This breach compromised the credit /debit card as well as personal information of a whopping 70 million customers. The attackers stole the information by hacking the credit card swipe systems at their stores. The scary part is that there are rumors circulating that personal information is being sold in the dark corners of the Internet. This one attack drove down quarterly revenues of Target by twenty percent.






Personally, I have started paying greater attention to cyber security after having done a Cryptography course last semester. As a part of this course, we had a very interesting project in software reverse engineering. For this, I chose a shareware application, disassembled it (after making sure the EULA was not violated) and bypassed the license registration of the software, which is a key security feature. As a result of this, I was able to register for the software without having to buy it. Another project involved creating a very benign Trojan virus. While these projects were very interesting, it also made me realize how vulnerable software is to cyber attacks.

We live in a world dominated by connected devices running on software and have our personal information online . Also, rapid growth of mobile phones and tablets along with the proliferation of apps, each asking for our personal information and location has meant hackers today have multiple routes to gain consumer information. Thus cyber security is all the more important in today's world.

While there is always a threat of falling prey to any cyber attack there are several ways in which one can secure themselves from cyber threats. Software can be made more safe by doing several code reviews and testing so that bugs can be kept to a minimum. It is usually these bugs that allow a back door entry for hackers to exploit. Software reverse engineering attacks can be prevented by adding dead code or using code obfuscation techniques. In order to have a secure online transaction, one must use a secure connection and pay heed to the security warnings that browser suggests. Such counter fixes along with common sense measures such as changing passwords frequently ,using strong passwords, deleting cookies and logging out of public computers, etc can go a long way in preventing personal information from getting hacked easily.

References:

[1] http://timesofindia.indiatimes.com/tech/tech-news/internet/Worlds-biggest-cyberattack-detected-360-    million-accounts-1-25-billion-email-addresses-hacked/articleshow/31133867.cms
[2] http://www.reuters.com/article/2014/03/05/us-cyber-ddos-idUSBREA240XZ20140305
[3] http://mosesike.org/is-information-technology-really-a-good-force/
[4] http://www.latimes.com/business/technology/la-fi-tn-top-cyber-attacks-of-2013-    20130530,0,1649624.photogallery?index=la-fi-tn-top-cyber-attacks-of-2013-20130530-007
[5] http://www.v3.co.uk/v3-uk/news/2333178/mcafee-uncovers-200-new-cyber-attacks-per-minute-in-2013
[6] http://www.gfi.com/blog/wp-content/uploads/2011/12/web-security-threats.jpg