WhatsApp hack and other notorious data breaches

WhatsApp hack and other notorious data breaches

Image result for whatsapp hack

A vulnerability in WhatsApp allowed hackers to install surveillance software in users’ phones. The attack was possible due to a security flaw in the app’s phone call function. Financial Times reported that the Israeli company NSO is behind the attack. Who has been affected is yet to be determined, but the company advanced that the attack was highly targeted. WhatsApp is urging users to update the app.
But WhatsApp was not the only big company to get hacked. Based on a list from CSO Online, who composed a ranking not on the number of records compromised, but on how much damage the breach caused for companies and users, check out this gallery to see the surprising big-name companies you never knew were hacked
The Financial Times initially reported on the WhatsApp vulnerability that allowed attackers to inject spyware on

phones via the app’s voice-calling function. WhatsApp believed the spyware was developed by Israeli cyber surveillance
company NSO Group.

What are Google Products by Category?

What is the difference between OOPs and SOLID Principle?

OOPs ?

  • Object Oriented Programming is based on the idea of “objects“. 
  • In programming everything is identified as an object and its properties and behaviors to solve a problem.
  • Ex:   Chair 
  •       properties are Type, shape, color, size, width,weight
  •       behaviors are changed the width, color, position

Java OOPs Concepts


SOLID ?

  • SOLID is  set of of Principles which helps to design a “Solution” for a object oriented programming concepts
  • SOLID is basically design principles used to create great software Architecture to develop a better software


To conclude SOLID is a principle helps in Oops concepts. SOLID principle will help us to write loosely coupled code which is highly maintainable and less error prone.  


What are chatbots?

Tidio chatbot thank you message
Terms like chatbots, virtual assistants or natural language processing have entered the marketing speak already. They are, most likely, confusing, I admit. However, these are also the things we, business owners, talk and obsess about, and for a reason.
Much of the data we have suggests that the rise of chatbot marketing will only continue, after all.  
According to Gartner, for example, within just a year, chatbots will handle up to 85% of customer service interactions.

How Do Chatbots Work?

Every interaction with a chatbot focuses on two core activities:
  1. Analysis of the user’s request, in which the computer program breaks down an incoming message to identify user intent and match it with relevant information.
  2. Returning the response – Delivery of the identified messages to satisfy the user intent or request.

 

Google Tools

Google Analytics Product 

 

AdSense

AdSense helps you earn money by displaying ads on your website that are relevant to your audience. Correlate key AdSense metrics, like eCPM and Unit Impressions, with more data from Analytics.
Learn more about AdSense  

Google Ads

Google Ads is an online advertising program that helps you reach customers and grow your business. Improve your ad campaigns and analyze the entire customer journey – from ad click to conversion.
Learn more about Google Ads  

Ad Exchange

Ad Exchange helps you earn money by displaying ads on your website that are relevant to your audience. Correlate key Ad Exchange metrics, like eCPM and Unit Impressions, with more data from Analytics.
Learn more about Ad Exchange  

BigQuery

Google BigQuery is a Google Developers tool that enables super-fast queries over large data sets. You can export session and hit data from a Google Analytics 360 account into Google BigQuery, so you can run queries over all of your Analytics data.
Learn more about BigQuery.  

Display & Video 360

Display & Video 360 is Google’s cross-exchange real-time-bidding buying solution for large customers. The integration provides users with the ability to create re-marketing audiences from within a Google Analytics 360 account and then share the audiences with a Display & Video 360 account for targeting.
Learn more about the Display & Video 360  

Campaign Manager

Campaign Manager is an ad management and ad serving solution that helps agencies and advertisers manage the entire scope of digital advertising programs. This integration allows Google Analytics 360 customers to view and analyze Campaign Manager data in Analytics.
Learn more about the Campaign Manager  

Search Ads 360

Search Ads 360 is a search management platform that helps agencies and marketers efficiently manage some of the largest marketing campaigns in the world across multiple engines and media channels. Integrating with your GA account allows you to see Analytics site engagement stats in Search Ads 360.
Learn more about the Search Ads 360  

Google Play

Play Linking is no longer a Google Analytics feature.
The Google Play Console lets developers publish and distribute their apps. Learn more about your app users, including how they discover your app and what devices they use.
Learn more about the Google Play Console.

Postbacks

Postbacks is a feature that lets you inform your non-Google ad networks when an install or deep-link conversion is detected. This helps ad networks optimize ad campaigns, which results in better quality ads and more effective CPAs for app developers and more relevant ads for end users. They provide a feedback loop that helps the entire mobile ads ecosystem.
Learn more about Postbacks to Third Parties a 

Search Console

Search Console can help you understand how users find your site through Google search. Identify ways to attract more attention to your site and prioritize development efforts.
Learn more about Search Console

What is SOLID Principles?

What is SOLID?

SOLID are five basic principles which help to create good software architecture.

S stands for SRP (Single responsibility principle):- A class should take care of only one responsibility.

O stands for OCP (Open closed principle):- Extension should be preferred over modification.

L stands for LSP (Liskov substitution principle):- A parent class object should be able to refer child objects seamlessly during runtime polymorphism.

I stands for ISP (Interface segregation principle):- Client should not be forced to use a interface if it does not need it.

D stands for DIP (Dependency inversion principle) :- High level modules should not depend on low level modules but should depend on abstraction.

Why SOLID ?

SOLID principle will help us to write loosely coupled code which is highly maintainable and less error prone.

1.1 Single responsibility principle (SRP)

A class should take one responsibility and there should be one reason to change that class. 
Now what does that mean? 
Image 2 for SOLID architecture principles using simple C# examples
Now see this tool is a combination of so many different tools like knife, nail cutter, screw driver, etc. So will you want to buy this tool? I don’t think so. Because there is a problem with this tool, if you want to add any other tool to it, then you need to change the base and that is not good. This is a bad architecture to introduce into any system. It will be better if nail cutter can only be used to cut the nail or knife can only be used to cut vegetables.
Now you see C# example on this principle

namespace SRP
{
    public class Employee
    {
        public int Employee_Id { get; set; }
        public string Employee_Name { get; set; }

        ///


        /// This method used to insert into employee table
        ///


        /// Employee object
        /// Successfully inserted or not
        public bool InsertIntoEmployeeTable(Employee em)
        {
            // Insert into employee table.
            return true;
        }
        ///


        /// Method to generate report
        ///


        ///
        public void GenerateReport(Employee em)
        {
            // Report generation with employee data using crystal report.
        }
    }
}

Employee’ class is taking 2 responsibilities, one is to take responsibility of employee database operation and another one is to generate employee report. Employee class should not take the report generation responsibility because suppose some days after your customer asked you to give a facility to generate the report in Excel or any other reporting format, then this class will need to be changed and that is not good.
So according to SRP, one class should take one responsibility so we should write one different class for report generation, so that any change in report generation should not affect the ‘Employee’ class.

public class ReportGeneration
{
     ///


     /// Method to generate report
     ///


     ///
     public void GenerateReport(Employee em)
     {
         // Report reneration with employee data.
     }
}

2.2 Open closed principle (OCP)

Now take the same ‘ReportGeneration’ class as an example of this principle. Can you guess what is the problem with the below class!!

public class ReportGeneration
{
    ///


    /// Report type
    ///


    public string ReportType { get; set; }

    ///


    /// Method to generate report
    ///


    ///
    public void GenerateReport(Employee em)
    {
        if (ReportType == “CRS”)
        {
             // Report generation with employee data in Crystal Report.
        }
        if (ReportType == “PDF”)
        {
            // Report generation with employee data in PDF.
        }
     }
 }

 Yes you are right, too much ‘If’ clauses are there and if we want to introduce another new report type like ‘Excel’, then you need to write another ‘if’. This class should be open for extension but closed for modification. But how to do that!!

public class IReportGeneration
    {
        ///


        /// Method to generate report
        ///


        ///
        public virtual void GenerateReport(Employee em)
        {
            // From base
        }
    }
    ///


    /// Class to generate Crystal report
    ///


    public class CrystalReportGeneraion : IReportGeneration
    {
        public override void GenerateReport(Employee em)
        {
            // Generate crystal report.
        }
    }
    ///


    /// Class to generate PDF report
    ///


    public class PDFReportGeneraion : IReportGeneration
    {
        public override void GenerateReport(Employee em)
        {
            // Generate PDF report.
        }
    }

So if you want to introduce a new report type, then just inherit from IReportGeneration. So IReportGeneration is open for extension but closed for modification.

2.3 Liskov substitution principle (LSP)

SOLID Principles- Liskov Substitution (1) - 2 dogs graphic
This principle is simple but very important to understand. Child class should not break parent class’s type definition and behavior. Now what is the meaning of this? Ok let me take the same employee example to make it understandable this principle. Check the below picture. Employee is a parent class and Permanent and Contract employee are the child classes, inhering from employee class.
Image 3 for SOLID Principle with C# Example
Now see the below code:

public abstract class Employee
{
    public virtual string GetProjectDetails(int employeeId)
    {
        return “Base Project”;
    }
    public virtual string GetEmployeeDetails(int employeeId)
    {
        return “Base Employee”;
    }
}
public class CasualEmployee : Employee
{
    public override string GetProjectDetails(int employeeId)
    {
        return “Child Project”;
    }
    // May be for contractual employee we do not need to store the details into database.
    public override string GetEmployeeDetails(int employeeId)
    {
        return “Child Employee”;
    }
}
public class ContractualEmployee : Employee
{
    public override string GetProjectDetails(int employeeId)
    {
        return “Child Project”;
    }
    // May be for contractual employee we do not need to store the details into database.
    public override string GetEmployeeDetails(int employeeId)
    {
        throw new NotImplementedException();
    }
}

Up to this is fine right? Now, check the below code and it will violate the LSP principle.

List employeeList = new List();
employeeList.Add(new ContractualEmployee());
employeeList.Add(new CasualEmployee());
foreach (Employee e in employeeList)
{
    e.GetEmployeeDetails(1245);
}

Now I guess you got the problem. Yes right, for contractual employee, you will get not implemented exception and that is violating LSP. Then what is the solution? Break the whole thing in 2 different interfaces, 1. IProject 2. IEmployee and implement according to employee type.

public interface IEmployee
{
    string GetEmployeeDetails(int employeeId);
}

public interface IProject
{
    string GetProjectDetails(int employeeId);
}

Now, contractual employee will implement IEmployee not IProject. This will maintain this principle.

2.4 Interface segregation principle (ISP)

This principle states that any client should not be forced to use an interface which is irrelevant to it. Now what does this mean, suppose there is one database for storing data of all types of employees (i.e. Permanent, non-permanent), now what will be the best approach for our interface?

public interface IEmployee
{
    bool AddEmployeeDetails();
}

And all types of employee class will inherit this interface for saving data. This is fine right? Now suppose that company one day told to you that they want to read only data of permanent employees. What you will do, just add one method to this interface?

public interface IEmployeeDatabase
{
    bool AddEmployeeDetails();
    bool ShowEmployeeDetails(int employeeId);
}

But now we are breaking something. We are forcing non-permanent employee class to show their details from database. So, the solution is to give this responsibility to another interface.

public interface IAddOperation
{
    bool AddEmployeeDetails();
}
public interface IGetOperation
{
    bool ShowEmployeeDetails(int employeeId);
}

And non-permanent employee will implement only IAddOperation and permanent employee will implement both the interface.

2.5 Dependency inversion principle (DIP)

This principle tells you not to write any tightly coupled code because that is a nightmare to maintain when the application is growing bigger and bigger. If a class depends on another class, then we need to change one class if something changes in that dependent class. We should always try to write loosely coupled class.
Suppose there is one notification system after saving some details into database.

public class Email
{
    public void SendEmail()
    {
        // code to send mail
    }
}

public class Notification
{
    private Email _email;
    public Notification()
    {
        _email = new Email();
    }

    public void PromotionalNotification()
    {
        _email.SendEmail();
    }
}

Now Notification class totally depends on Email class, because it only sends one type of notification. If we want to introduce any other like SMS then? We need to change the notification system also. And this is called tightly coupled. What can we do to make it loosely coupled? Ok, check the following implementation.

public interface IMessenger
{
    void SendMessage();
}
public class Email : IMessenger
{
    public void SendMessage()
    {
        // code to send email
    }
}

public class SMS : IMessenger
{
    public void SendMessage()
    {
        // code to send SMS
    }
}
public class Notification
{
    private IMessenger _iMessenger;
    public Notification()
    {
        _ iMessenger = new Email();
    }
    public void DoNotify()
    {
        _ iMessenger.SendMessage();
    }
}

Still Notification class depends on Email class. Now, we can use dependency injection so that we can make it loosely coupled. There are 3 types to DI, Constructor injection, Property injection and method injection.
Constructor Injection
public class Notification
{
    private IMessenger _iMessenger;
    public Notification(Imessenger pMessenger)
    {
        _ iMessenger = pMessenger;
    }
    public void DoNotify()
    {
        _ iMessenger.SendMessage();
    }
Property Injection
public class Notification

{
    private IMessenger _iMessenger;

    public Notification()
    {
    }
    public IMessenger MessageService
    {
       private get;
       set
       {
           _ iMessenger = value;
       }
     }

    public void DoNotify()
    {
        _ iMessenger.SendMessage();
    }

} 

Method Injection
public class Notification
{
    public void DoNotify(IMessenger pMessenger)
    {
        pMessenger.SendMessage();
    }
}

Reference : https://www.codeproject.com/Tips/1033646/SOLID-Principle-with-Csharp-Example

Microsoft Web Protection Library

Microsoft Web Protection Library

Microsoft
The Microsoft Web Protection Library (WPL) is a set of .NET assemblies that help you protect your web sites. The WPL includes AntiXSS that provides a myriad of encoding functions for user input, including HTML, HTML attributes, XML, CSS and JavaScript. WPL also includes the Security Runtime Engine that provides a wrapper around your existing web sites, ensuring that common attack vectors do not make it to your application.

The Microsoft Web Protection Library offers AntiXSS, an encoding library, to protect your current applications from cross-site scripting attacks and the Security Runtime Engine to help protect your legacy applications.

AntiXSS is now End of Life

In .NET 4.0 a version of AntiXSS was included in the framework and could be enabled via configuration. In ASP.NET v5 a white list based encoder will be the only encoder. 

As such the standalone versions of AntiXSS should be considered end of life.

The source and installers will remain online allow people using earlier versions of .NET to enable an alternative, whitelist based encoded but no further enhancements, outside of security fixes, will be made.

Download from nuget or the Microsoft Download Center

AntiXSS

AntiXSS provides a myriad of encoding functions for user input, including HTML, HTML attributes, XML, CSS and JavaScript.

  • White Lists: AntiXSS differs from the standard .NET framework encoding by using a white list approach. All characters not on the white list will be encoded using the correct rules for the encoding type. Whilst this comes at a performance cost AntiXSS has been written with performance in mind.
  • Secure Globalization: The web is a global market place, and cross-site scripting is a global issue. An attack can be coded anywhere, and Anti-XSS now protects against XSS attacks coded in dozens of languages.

AntiXSS was merged into the .NET framework in v4.0. We recommend you use the bundled version, however we continue to make a standalone version available for older frameworks.

Security Runtime Engine

The Security Runtime Engine (SRE) provided a wrapper around your existing web sites, ensuring that common attack vectors to not make it to your application. Protection is provided as standard for

  • Cross Site Scripting
  • SQL Injection

The SRE was meant as a defense in depth strategy, adding an bandage around your application until you could update the underlying code to provide encoding and SQL injection protection. It is no longer provided as a download and it’s use is not recommended, but source is available for those wanting to continue to use it or enhance it

Why to Choose .NET?

1. Productive 

.NET helps you develop high quality applications faster. Modern language constructs like generics, Language Integrated Query (LINQ), and asynchronous programming make developers productive.
Combined with the extensive class libraries, common APIs, multi-language support, and the powerful tooling provided by the Visual Studio family, .NET is the most productive platform for developers.

2. Any app, Any platform 

With .NET you can target any application type running on any platform. Developers can reuse skills and code across all of them in a familiar environment.


From mobile applications running on iOS, Android and Windows, to Enterprise server applications running on Windows
Server and Linux, or high-scale micro-services running in the cloud, .NET provides a solution for you. 


3. Performance where it matters

In the TechEmpower benchmarks, .NET processed 6.97 million requests per second, Java Servlet processed 2.55 million, and Node.js processed 0.83 million.

NET is fast. Really fast! That means applications provide better response times and require less compute power. StackOverflow serves 5.3M page views a day on just 9 servers.
The popular TechEmpower benchmark compares web application frameworks with tasks like JSON serialization, database access, and server side template rendering – .NET performs faster than any other popular framework.

4. Trusted and secure

.NET provides you with immediate security benefits via its managed run time. A collection of services prevent critical issues like bad pointer manipulation or malicious attempts to alter compiled code. Microsoft takes security very seriously and releases updates quickly when threats are discovered

5. Large ecosystem

Leverage the large .NET ecosystem by incorporating libraries from the NuGet package manager, our extensive partner network, and the Visual Studio Marketplace. Find answers to technical challenges from the community, our MVPs, and our large support organization.

6. Open source

 The .NET Foundation is an independent non-profit supporting the innovative, commercially-friendly, open source .NET ecosystem. Over 60,000 developers from over 3,700 companies outside of Microsoft are contributing to .NET open source.
In addition to the community and Microsoft, Technical Steering Group members, Google, JetBrains, Red Hat, Samsung and Unity are guiding the future of the .NET platform.

Watch Microsoft Build – Live Stream Free

Watch live as technology leaders from across industries share the latest breakthroughs and trends, and explore innovative ways to create solutions. After the keynotes, select Microsoft Build sessions will stream live—dive deep into what’s new and what’s next for developer tools and tech.
Watch the livestream now: https://www.microsoft.com/en-us/build

Design a site like this with WordPress.com
Get started