Core Java - Interview Questions and Answers 76 - 100

76. How many bits are used to represent Unicode, ASCII, UTF-16, and UTF-8 characters?

Unicode requires 16 bits and ASCII require 7 bits Although the ASCII character set uses only 7 bits, it is usually represented as 8 bits.
UTF-8 represents characters using 8, 16, and 18 bit patterns.
UTF-16 uses 16-bit and larger bit patterns.

77. What restrictions are placed on the location of a package statement within a source code file?

A package statement must appear as the first line in a source code file (excluding blank lines and comments).

78. What is a native method?

A native method is a method that is implemented in a language other than Java.

79. What are order of precedence and associativity, and how are they used?

Order of precedence determines the order in which operators are evaluated in expressions. Associatity determines whether an expression is evaluated left-to-right or right-to-left.

80. Can an anonymous class be declared as implementing an interface and extending a class?

An anonymous class may implement an interface or extend a superclass, but may not be declared to do both.

81. What is the range of the char type?

The range of the char type is 0 to 2¹⁶ - 1 (i.e. 0 to 65535.)

82. What is the range of the short type?

The range of the short type is -(2¹⁵) to 2¹⁵ - 1. (i.e. -32,768 to 32,767)

83. Why isn't there operator overloading?

Because C++ has proven by example that operator overloading makes code almost impossible to maintain.

84. What does it mean that a method or field is "static"?

Static variables and methods are instantiated only once per class. In other words they are class variables, not instance variables. If you change the value of a static variable in a particular object, the value of that variable changes for all instances of that class. Static methods can be referenced with the name of the class rather than the name of a particular object of the class (though that works too). That's how library methods like System.out.println() work. out is a static field in the java.lang.System class.

85. Is null a keyword?

The null value is not a keyword.

86. Which characters may be used as the second character of an identifier, but not as the first character of an identifier?

The digits 0 through 9 may not be used as the first character of an identifier but they may be used after the first character of an identifier.

87. Is the ternary operator written x : y ? z or x ? y : z ?

It is written x ? y : z.

88. How is rounding performed under integer division?

The fractional part of the result is truncated. This is known as rounding toward zero.

89. If a class is declared without any access modifiers, where may the class be accessed?

A class that is declared without any access modifiers is said to have package access. This means that the class can only be accessed by other classes and interfaces that are defined within the same package.

90. Does a class inherit the constructors of its superclass?

A class does not inherit constructors from any of its superclasses.

91. Name the eight primitive Java types.

The eight primitive types are byte, char, short, int, long, float, double, and boolean.

92. What restrictions are placed on the values of each case of a switch statement?

During compilation, the values of each case of a switch statement must evaluate to a value that can be promoted to an int value.

93. What is the difference between a while statement and a do while statement?

A while statement checks at the beginning of a loop to see whether the next loop iteration should occur. A do while statement checks at the end of a loop to see whether the next iteration of a loop should occur. The do whilestatement will always execute the body of a loop at least once.

94. What modifiers can be used with a local inner class?

A local inner class may be final or abstract.

95. When does the compiler supply a default constructor for a class?

The compiler supplies a default constructor for a class if no other constructors are provided.

96. If a method is declared as protected, where may the method be accessed?

A protected method may only be accessed by classes or interfaces of the same package or by subclasses of the class in which it is declared.

97. What are the legal operands of the instanceof operator?

The left operand is an object reference or null value and the right operand is a class, interface, or array type.

98. Are true and false keywords?

The values true and false are not keywords.

99. What happens when you add a double value to a String?

The result is a String object.

100. What is the diffrence between inner class and nested class?

When a class is defined within a scope od another class, then it becomes inner class. If the access modifier of the inner class is static, then it becomes nested class.

Core Java - Interview Questions and Answers 51 - 75

51. Can a class be defined inside an Interface?

Yes it's possible.

52. Can an Interface be defined inside a class?

Yes it's possible.

53. What is a Marker Interface?

An Interface which doesn't have any declaration inside but still enforces a mechanism.

54. Which object oriented Concept is achieved by using overloading and overriding?

Polymorphism.

55. Why does Java not support operator overloading?

Operator overloading makes the code very difficult to read and maintain. To maintain code simplicity, Java doesn't support operator overloading.

56. Can we define private and protected modifiers for variables in interfaces?

No.

57. What is Externalizable?

Externalizable is an Interface that extends Serializable Interface. And sends data into Streams in Compressed Format. It has two methods, writeExternal(ObjectOuput out) and readExternal(ObjectInput in)

58. What modifiers are allowed for methods in an Interface?

Only public and abstract modifiers are allowed for methods in interfaces.

59. What is a local, member and a class variable?

Variables declared within a method are "local" variables.
Variables declared within the class i.e not within any methods are "member" variables (global variables).
Variables declared within the class i.e not within any methods and are defined as "static" are class variables.

60. What is an abstract method?

An abstract method is a method whose implementation is deferred to a subclass.

61. What value does read() return when it has reached the end of a file?

The read() method returns -1 when it has reached the end of a file.

62. Can a Byte object be cast to a double value?

No, an object cannot be cast to a primitive value.

63. What is the difference between a static and a non-static inner class?

A non-static inner class may have object instances that are associated with instances of the class's outer class. A static inner class does not have any object instances.

64. What is an object's lock and which object's have locks?

An object's lock is a mechanism that is used by multiple threads to obtain synchronized access to the object. A thread may execute a synchronized method of an object only after it has acquired the object's lock. All objects and classes have locks. A class's lock is acquired on the class's Class object.

65. What is the % operator?

It is referred to as the modulo or remainder operator. It returns the remainder of dividing the first operand by the second operand.

66. When can an object reference be cast to an interface reference?

An object reference be cast to an interface reference when the object implements the referenced interface.

67. Which class is extended by all other classes?

The Object class is extended by all other classes.

68. Which non-Unicode letter characters may be used as the first character of an identifier?

The non-Unicode letter characters $ and _ may appear as the first character of an identifier

69. What restrictions are placed on method overloading?

Two methods may not have the same name and argument list but different return types.

70. What is casting?

There are two types of casting, casting between primitive numeric types and casting between object references. Casting between numeric types is used to convert larger values, such as double values, to smaller values, such as byte values. Casting between object references is used to refer to an object by a compatible class, interface, or array type reference.

71. What is the return type of a program's main() method?

void.

72. If a variable is declared as private, where may the variable be accessed?

A private variable may only be accessed within the class in which it is declared.

73. What do you understand by private, protected and public?

These are accessibility modifiers. Private is the most restrictive, while public is the least restrictive. There is no real difference between protected and the default type (also known as package protected) within the context of the same package, however the protected keyword allows visibility to a derived class in a different package.

74. What is Downcasting ?

Downcasting is the casting from a general to a more specific type, i.e. casting down the hierarchy

75. What modifiers may be used with an inner class that is a member of an outer class?

A (non-local) inner class may be declared as public, protected, private, static, final, or abstract.

Core Java - Interview Questions and Answers 26 - 50

26. Can a class be declared as protected?

A class can't be declared as protected. only methods can be declared as protected.

27. What is the access scope of a protected method?

A protected method can be accessed by the classes within the same package or by the subclasses of the class in any package.

28. What is the purpose of declaring a variable as final?

A final variable's value can't be changed. final variables should be initialized before using them.

29. What is the impact of declaring a method as final?

A method declared as final can't be overridden. A sub-class can't have the same method signature with a different implementation.

30. I don't want my class to be inherited by any other class. What should i do?

You should declared your class as final. But you can't define your class as final, if it is an abstract class. A class declared as final can't be extended by any other class.

31. Can you give few examples of final classes defined in Java API?

java.lang.String, java.lang.Math are final classes.

32. How is final different from finally and finalize()?

final is a modifier which can be applied to a class or a method or a variable. final class can't be inherited, final method can't be overridden and final variable can't be changed.

finally is an exception handling code section which gets executed whether an exception is raised or not by the try block code segment.

finalize() is a method of Object class which will be executed by the JVM just before garbage collecting object to give a final chance for resource releasing activity.

33. Can a class be declared as static?

We can not declare top level class as static, but only inner class can be declared static.

public class Test
{ 
    static class InnerClass
    {
        public static void InnerMethod()
        { System.out.println("Static Inner Class!"); }
    } 
    public static void main(String args[])
    {
       Test.InnerClass.InnerMethod();
    }
}
//output: Static Inner Class! 

34. When will you define a method as static?

When a method needs to be accessed even before the creation of the object of the class then we should declare the method as static.

35. What are the restriction imposed on a static method or a static block of code?

A static method should not refer to instance variables without creating an instance and cannot use "this" operator to refer the instance.

36. I want to print "Hello" even before main() is executed. How will you acheive that?

Print the statement inside a static block of code. Static blocks get executed when the class gets loaded into the memory and even before the creation of an object. Hence it will be executed before the main() method. And it will be executed only once.

37. What is the importance of static variable?

static variables are class level variables where all objects of the class refer to the same variable. If one object changes the value then the change gets reflected in all the objects.

38. Can we declare a static variable inside a method?

Static varaibles are class level variables and they can't be declared inside a method. If declared, the class will not compile.

39. What is an Abstract Class and what is it's purpose?

A Class which doesn't provide complete implementation is defined as an abstract class. Abstract classes enforce abstraction.

40. Can a abstract class be declared final?

Not possible. An abstract class without being inherited is of no use and hence will result in compile time error.

41. What is use of a abstract variable?

Variables can't be declared as abstract. only classes and methods can be declared as abstract.

42. Can you create an object of an abstract class?

Not possible. Abstract classes can't be instantiated.

43. Can a abstract class be defined without any abstract methods?

Yes it's possible. This is basically to avoid instance creation of the class.

44. Class C implements Interface I containing method m1 and m2 declarations. Class C has provided implementation for method m2. Can i create an object of Class C?

No not possible. Class C should provide implementation for all the methods in the Interface I. Since Class C didn't provide implementation for m1 method, it has to be declared as abstract. Abstract classes can't be instantiated.

45. Can a method inside a Interface be declared as final?

No not possible. Doing so will result in compilation error. public and abstract are the only applicable modifiers for method declaration in an interface.

46. Can an Interface implement another Interface?

Intefaces doesn't provide implementation hence a interface cannot implement another interface.

47. Can an Interface extend another Interface?

Yes an Interface can inherit another Interface, for that matter an Interface can extend more than one Interface.

48. Can a Class extend more than one Class?

Not possible. A Class can extend only one class but can implement any number of Interfaces.

49. Why is an Interface be able to extend more than one Interface but a Class can't extend more than one Class?

Basically Java doesn't allow multiple inheritance, so a Class is restricted to extend only one Class. But an Interface is a pure abstraction model and doesn't have inheritance hierarchy like classes(do remember that the base class of all classes is Object). So an Interface is allowed to extend more than one Interface.

50. Can an Interface be final?

Not possible. Doing so so will result in compilation error.

Core Java - Interview Questions and Answers 1 - 25

1. What is the most important feature of Java?

Java is a platform independent language.

2. What do you mean by platform independence?

Platform independence means that we can write and compile the java code in one platform (eg Windows) and can execute the class in any other supported platform eg (Linux,Solaris,etc).

3. What is a JVM?

JVM is Java Virtual Machine which is a run time environment for the compiled java class files.

4. Are JVM's platform independent?

JVM's are not platform independent. JVM's are platform specific run time implementation provided by the vendor.

5. What is the difference between a JDK and a JVM?

JDK is Java Development Kit which is for development purpose and it includes execution environment also. But JVM is purely a run time environment and hence you will not be able to compile your source files using a JVM.

6. What is a pointer and does Java support pointers?

Pointer is a reference handle to a memory location. Improper handling of pointers leads to memory leaks and reliability issues hence Java doesn't support the usage of pointers.

7. What is the base class of all classes?

java.lang.Object

8. Does Java support multiple inheritance?

Java doesn't support multiple inheritance.

9. Is Java a pure object oriented language?

Java uses primitive data types and hence is not a pure object oriented language.

10. Are arrays primitive data types?

In Java, Arrays are objects.

11. What is difference between Path and Classpath?

Path and Classpath are operating system level environment variales. Path is used define where the system can find the executables(.exe) files and classpath is used to specify the location .class files.

12. What are local variables?

Local varaiables are those which are declared within a block of code like methods. Local variables should be initialised before accessing them.

13. What are instance variables?

Instance variables are those which are defined at the class level. Instance variables need not be initialized before using them as they are automatically initialized to their default values.

14. How to define a constant variable in Java?

The variable should be declared as static and final. So only one copy of the variable exists for all instances of the class and the value can't be changed also.
static final int PI = 2.14; is an example for constant.

15. Should a main() method be compulsorily declared in all java classes?

No not required. main() method should be defined only if the source class is a java application.

16. What is the return type of the main() method?

Main() method doesn't return anything hence declared void.

17. Why is the main() method declared static?

main() method is called by the JVM even before the instantiation of the class hence it is declared as static.

18. What is the arguement of main() method?

main() method accepts an array of String object as arguement.

19. Can a main() method be overloaded?

Yes. You can have any number of main() methods with different method signature and implementation in the class.

20. Can a main() method be declared final?

Yes. Any inheriting class will not be able to have it's own default main() method.

21. Does the order of public and static declaration matter in main() method?

No. It doesn't matter but void should always come before main().

22. Can a source file contain more than one class declaration?

Yes a single source file can contain any number of Class declarations but only one of the class can be declared as public.

23. What is a package?

Package is a collection of related classes and interfaces. package declaration should be first statement in a java class.

24. Which package is imported by default?

java.lang package is imported by default even without a package declaration.

25. Can a class declared as private be accessed outside it's package?

Not possible.

Spring Interview Questions

Spring Interview Questions

Spring Interview Questions Index
What is Spring framework ?
What is Dependency Injection/Inversion Of Control(IOC) in Spring framework ?
What are the different types of Inversion of Control or dependency injection ?
What are the different types of Spring dependency injection ?
What are the advantages or Pros of IOC (Dependency Injection) ?
What are the pros or benefits of Spring framework ?
What are the various modules in Spring?

1. What is Spring framework ?

Spring framework is an open source Java application framework created to ease developers effort by addressing the enterprise application development complexity. The beauty of Spring framework is it’s layered architecture which allows the programmer to be selective about which all spring components he wants. And Spring also provides a cohesive framework for Java Enterprise application development. Spring framework comprises of several modules that provide different services such as Spring IOC(dependency injection)framework, Spring MVC, Spring data access framework, Spring validator framework etc. In fact, it’s a common practice in Software industry to use struts MVC together with spring IOC framework, so whenever you mention about Spring framework you can be more specific like spring IOC framework or Spring MVC framework.
2. What is Dependency Injection/Inversion Of Control(IOC) in Spring framework ?

You can expect this question, this one among the common Spring Interview Questions.

The basic concept of the Dependency Injection or Inversion of Control is that, programmer do not need to create the objects, instead just describe how it should be created. No need to directly connect your components and services together in program, instead just describe which services are needed by which components in a configuration file/xml file. The Spring IOC container is then responsible for binding it all up.

In other words, while applying Inversion Of Control, at the time of object creation, objects are given their dependencies by some external entity that coordinates each object in the system. That means, dependencies are injected into objects at the time of their creation. So, Inversion of Control means an inversion of responsibility with regard to how an object obtains references to collaborating objects.
3. What are the different types of Inversion of Control or dependency injection ?

There are three different types of Inversion of Control or dependency injection:

• Setter Injection: Dependencies are injected through JavaBeans properties (ex: setter/Getter methods in bean objects).
• Constructor Injection: Dependencies are assigned as constructor parameters.
• Interface Injection: Injection is done through an interface.

Constructor and Setter Injection are the two dependency injection method which Spring supports.
4. What are the different types of Spring dependency injection ?

As I said earlier, its Setter Injection and Constructor Injection

• Setter Injection: Dependencies are provided through JavaBeans properties (ex: setter/Getter methods in bean objects).
• Constructor Injection: Dependencies are assigned as constructor parameters.

5. What are the advantages or Pros of IOC (Dependency Injection) ?

Advantages of Dependency Injection/Inversion of Control are as follows:

• Dependency Injection minimizes the amount of code in any application. Dependency is handled by the framework itself
• Dependency Injection makes developers life easier. With Inversion of Control containers developers do not need to think about how services are created and how to get references to the ones he needs.
• Easily scalable applications. It’s very easy to add additional services by adding a new constructor or a getter/setter method with a minimal configuration. With Spring Framework 3.0, its even easier as <context:component-scan base-package=”com.blah.blah”/> will do everything for you, you don’t need to add getter and setter method and beans for each dependency injection, just autowire the services wherever it needed.<Read how spring 3.0 made a developers life easier>
• Dependency Injection makes your application more test-friendly by not demanding any JNDI lookup mechanisms or singletons in your test cases. IOC containers make testing and switching implementations easy by allowing you to inject your own objects into the object under test.
• Comparing to other options like factory design pattern the IOC container is injecting the dependency into requesting piece of code where as the factory design pattern is more intrusive and components or services need to be requested explicitly.
• IOC containers support eager instantiation and lazy loading of services.
• IOC Containers provide support for instantiation of cyclical dependencies, managed objects, life cycles management and dependency resolution between managed objects etc.

6. What are the pros or benefits of Spring framework ?

This is one among the common Spring Interview Questions

The pros of Spring framework are as follows:

• Spring is an open source framework and free to download.
• Spring has layered architecture. You can select the feature you wants, as I said before you can have Struts MVC and Springs IOC container in one application itself. Eventhough spring has MVC framework if you want you can opt out.
• Spring Enables Plain Old Java Object (POJO) Programming. POJO programming enables continuous integration and testability.
• Dependency Injection is really cool stuff, spring 3.0 onwards the introduction of component-scan/autowiring and Spring Expression Language makes it even spicier.
• spring is lightweight.

7. What are the various modules in Spring?

Spring comprises of seven different modules. They are as follows

Inversion of Control container/ The core container
The core container/IoC container handles the configuration of application components and lifecycle management of Java objects. It is responsible for the Dependency Injection. Inversion of Control container provides the essential functionality of the Spring framework. A primary component of the core container is the BeanFactory, an implementation of the Factory pattern. The BeanFactory applies the IOC pattern to separate an application’s actual application code and configuration and dependency specification.

Spring context
The Spring context is a configuration file that provides context information to the Spring framework. The Spring context includes enterprise services such as JNDI, EJB, e-mail, internalization, validation, and scheduling functionality.

Spring AOP -Aspect oriented programming
The Spring AOP module integrates aspect-oriented programming functionality directly into the Spring framework through its configuration management feature. Spring AOP enables implementation of cross-cutting routines. As a result you can easily enable aspect oriented programming in any object managed by the Spring framework. The Spring AOP module provides transaction management services for objects in any Spring-based application. With Spring AOP you can incorporate declarative transaction management into your applications without relying on EJB components.

Spring DAO -Data access
The Spring JDBC DAO abstraction layer offers an exception hierarchy for managing the exception handling and error messages thrown by different database vendors. The exception hierarchy simplifies error handling and greatly reduces the amount of exception code you need to write, such as opening and closing connections. Spring DAO’s JDBC-oriented exceptions comply to its generic DAO exception hierarchy.Spring DAO is working with relational database management systems on the Java platform using JDBC and object-relational mapping tools and with NoSQL databases

Spring ORM
The Spring framework plugs into several ORM frameworks to provide its Object Relational tool, including JDO, Hibernate, and iBatis SQL Maps. All of these comply to Spring’s generic transaction and DAO exception hierarchies.

Spring Web module
The Web context module builds on top of the application context module, providing contexts for Web-based applications. As a result, the Spring framework supports integration with Jakarta Struts. The Web module also eases the tasks of handling multi-part requests and binding request parameters to domain objects.

Spring MVC framework
The Model-View-Controller (MVC) framework is a full-featured MVC implementation for building Web applications. The MVC framework is highly configurable via strategy interfaces and accommodates numerous view technologies including JSP, Velocity, Tiles, iText, and POI.

Garbage Collection or Memory DeAllocation in Java

In Java, an object which is no longer referred by any reference variable will automatically be removed from the memory, this process is known as Garbage Collection. Garbage Collection is automatically done by Java Virtual Machine (JVM), the automatic Garbage Collection of Java de-allocates the dynamic memory when this memory is no more used by the program. Thus the Garabage collection feature of Java relieves the programmer from the overhead of memory de-allocation.(A major difficulty in dynamic memory allocation in C/C++ was that the programmer is responsible for de-allocating the dynamic memory at the right time. Even though experienced programmers can do this very well, beginners and average programmers often miss the statements for de-allocation which leads to memory-leak in many systems.)

How Garbage collection in Java works

If a reference variable is declared within a function, the reference is invalidated soon as the function call ends. Or programmer can explicitly set the reference variable to null to indicate that the referred object is no longer in use. And then Garbage collector will claim the memory allotted for that.

Please note: Primitive data types are not objects and they cannot be assigned null.

Without headerfiles in C Program

int main() 

{
   printf("Hello, world!\n");
   return 0;
}


Hi Guys!!! U Gonna info - Microsoft tests "smart home" waters with HomeOS

Microsoft's HomeOS provide a central hub through which various household devices can be controlled

Microsoft is looking to unify electrical appliances within the home and establish itself in the burgeoning “smart home” market with the development of HomeOS. Essentially a lightweight “smart home” operating system that aims to make it easy for users to manage their home networks and ease the creation of applications by third party developers, HomeOS is designed to provide a central hub through which various household devices can be controlled.

Like a personal computer that instantly recognizes attached devices such as a USB mouse, Microsoft is seeking to overcome the problem of getting various, currently incompatible devices to communicate with each other. This would make adding new devices to the network as simple as plugging in a USB mouse to a computer.

The current prototype HomeOS system, which includes support for devices such as light switches, security cameras and TVs, is a Windows system running on US$350 worth of hardware through which all commands are relayed. Microsoft Research has demonstrated the simplicity and intuitiveness of the system using the HomeMaestro app on a Windows Phone that lets users set up “rules” that trigger an appliance – turning on a lamp when opening a door, for example. These rules can also be chained together to perform more complex behaviors involving multiple devices.

Google’s Android@Home project promises similar functionality, but maybe Microsoft’s ace in the hole will come from the HomeOS Homestore. Following in the footsteps of Apple’s App Store and Google’s Android Market, this is an app store of sorts that will allow users to find and install third party apps. Like the Android model, developers can target a type of device of a single device, meaning users will have the benefit of apps made for niche devices.

With the amount of technology now found in the average home only set to increase, it seems it’s only a matter of time before someone is able to bring the various devices together under the one roof, as it were.

While Microsoft certainly has the financial and technological teeth to put it in a good position to lead the smart home charge, there's still quite a few steps it needs to make before HomeOS is ready for primetime. As it will probably struggle to launch a home revolution on the back of the struggling Windows Phone platform alone, making the “Home Maestro” home control app compatible with Android and iOS would probably be a good start.

Source: Microsoft Research

The video below shows the prototype HomeOS system being demonstrated using the HomeMaestro app.

HomeOS: Enabling smarter homes for everyone

It is no secret that homes are ever-increasing hotbeds of new technology such as set-top boxes, game consoles, wireless routers, home automation devices, tablets, smart phones, and security cameras. This innovation is breeding heterogeneity and complexity that frustrates even technically-savvy users’ attempts to improve day-to-day life by implementing functionality that uses these devices in combination. For instance, it is impossible for most users to view video captured by their security camera on their smartphone when they are not at home. Heterogeneity across devices and across homes also makes it difficult to develop applications that solve these problems in a way that work across a range of homes.
To simplify the management of technology and to simplify the development of applications in the home, we are developing an "operating system" for the home. HomeOS provides a centralized, holistic control of devices in the home. It provides to users intuitive controls to manage their devices. It provided to developers high-level abstractions to orchestrate the devices in the home. HomeOS is coupled with a HomeStore through which users can easily add obtain applications that are compatible with devices in their homes and obtain any additional devices that are needed to enable desired applications.

Prototype

We conducted studies to both understand the difficulties that people face today in managing modern technologies in the home and understand how they would like to manage and secure them in an ideal world. Based on these findings, we have developed a research prototype of HomeOS. Our current prototype includes support for a range of devices (e.g., switches, cameras, TVs) and applications. Experimental results show that it is easy for developers to write applications and for non-technical users to manage their home networks with HomeOS. A dozen homes have "dogfooded" our prototype, and over 50 students have developers applications and drivers for it. 

In addition to the publications and talks below, the following resources provide more information on the HomeOS prototype and what it supports:

• Programming guide
• Applications and drivers that we developed
• Applications and drivers that others have contributed

Software Licensing

We are licensing (free; non-commercial use) the HomeOS prototype to academic instituitions to encourage teaching and research on connected homes and devices. Thanks to Sigma Designs, we also provide an SDK for Z-Wave devices. 

Many research groups have licensed our prototype, including those at the Georgia Institute of Technology the Univerity of Arkansas,  the University of Michigan, the University of Washington, the University of Wisconsin, and the University of Waterloo.

• Current list of users
• Demo vidoes of some systems developed using HomeOS 

Contact ratul@microsoft.com if you are interested in licensing HomeOS.

Publications

• Colin Dixon, Ratul Mahajan, Sharad Agarwal, AJ Brush, Bongshin Lee, Stefan Saroiu, and Victor Bahl, An Operating System for the Home, in NSDI, USENIX, April 2012
• W. Keith Edwards, Rebecca Grinter, Ratul Mahajan, and David J. Wetherall, Advancing the State of Home Networking, in Communications, ACM, 1 June 2011
• A.J. Brush, Bongshin Lee, Ratul Mahajan, Sharad Agarwal, Stefan Saroiu, and Colin Dixon, Home Automation in the Wild: Challenges and Opportunities, ACM Conference on Computer-Human Interaction, May 2011
• Colin Dixon, Ratul Mahajan, Sharad Agarwal, A.J. Brush, Bongshin Lee, Stefan Saroiu, and Victor Bahl, The Home Needs an Operating System (and an App Store), in HotNets IX, ACM, 20 October 2010

Talks

• Towards commodity smarthomes
  Talks at Duke University, ETH (Zurich), and MPI-SWS (Saarbrucken, Germany)
• Design for the "uninterested" userPanel at IEEE CCW 2011
• View the home as a computer
  Panel at IEEE CCW 2011
• Home automation in the wild: Challenges and opportunities
  Talk at CHI 2011
• The home needs an operating system (and an app store)
  Talk at HotNets 2010
• Beyond the super-rich and the super-geeks: Smart homes for the rest of us
  Panel at ACM SIGCOMM workshop on Home Networks (HomeNets) 2010

In the Future Computer Will be Made Of Only 5 Pens!

Creativity and imagination of people who invent such things are incredible. Something that is so complex as a computer could, in fact, be packed in 5 pens. How is it possible? Just look at images below.

It seems that these are pictures of several pens in the pencil holder. No way to conclude that you are actually looking at the computer.

Just some fancy pencils?

When you look a little closer, it is possible to see that these are not a normal pens. Here, we have some cameras, headset and some fancy looking details.

These pens actually have some interesting details

You need very little time to transform all of these pencils. They now look like they have some other purpose.

Pencils after some transformations

Now we have a keyboard, monitor, and all that is necessary to use our super-modern computer.

Lights, Camera…. Action!

Switch ON

No chance that there is thinner keyboard!

You'll probably have a pain in the fingers due to the hard typing table

Using same technology mobile phones gives you big keyboard

Welcome once again to the wonderful world of human creativity and exceptional technological achievements!

Disadvantages of JAVA

Disadvantages of JAVA 

• No separation of specification from implementation. Java classes aren't divided into specification and implementation parts. Hosch feels that this is an important point for beginners and would like ``this distinction between specification and implementation to be supported by the syntactic structure of the language.'' Lacking such a separation, he would at least like to be able to write prototypes for methods, which Java doesn't allow except within an abstract class or interface.
• No preconditions and postconditions. Hosch's introductory course emphasizes preconditions and postconditions, for which he would like language support. Java, like most languages, has no such support. (Among major languages, only Eiffel does.)
• Visibility rules are ``baroque.'' Hosch decries the many types of visibility in Java. He also laments that Java's syntactic support for hierarchical packages doesn't carry any semantic significance.
• No support for genericity. Hosch notes Java's lack of support for writing generic data structures and methods. As a substitute, he would accept ``type by association,'' such as Eiffel's anchored types.
• No enumeration types. Java lacks enumeration types entirely, although they can be simulated by creating a series of named constants.
• No local constants. In Java, variables that belong to a class can be made constant by declaring them to be final. Variables that are local to a method cannot be declared final, however.
• Exceptions not caught within a method must be declared as thrown by that method. Hosch finds this requirement to be onerous: ``for introductory students, it's a sequence of ugly, unintelligible syntactic marks.''

Memory Allocation in C++

In C, you use malloc(), free() and variants of malloc() to allocate and free memory, but these functions have their pitfalls. Therefore C++ introduced operators for handling memory, these operators are called new and delete. These operators allocates and frees memory from the heap (or sometimes called the free store) at runtime.

In C++, you should always use new and delete unless you're really forced to use malloc() and free(). But be aware that you cannot mix the two. You cannot malloc() memory, and then delete it afterwards, likewise you can't "new" memory, and then free it with free().

Firewall: Packet Filtering

Abstract— Loss of irreplaceable data is a very real threat for any business owner whose network connects to the outside world. Remote access for employees and connection to the Internet may improve communication in ways you’ve hardly imagined. Access to the Internet can open the world to communicating with customers and vendors, and is an immense source of information. But these same opportunities open a local area network (LAN) to the possibility of attack by thieves and vandals. Therefore, security of network is the main criteria here firewalls provide this security. The Internet firewalls keep the flames of Internet hell out of your network or, to keep the members of your LAN pure by denying them access the all the evil Internet temptations. The benefits of connecting to the Internet are clear. This paper discusses the risks you face when you connect to the Internet, describes the types of attacks that can occur, and offers an overview of firewall technology, which can protect your network from hackers. Specifically, the paper discusses the implementation of a firewall and what you should consider in choosing the type of firewall you require.

Keywords— Network LAN, TCP / IP, HTTP, NAT, ISAPI

1. Introduction

In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping and electronic fraud, there is indeed no time at which security does not matter. The explosive growth in computer systems and their interconnections via networks has increased the dependency of both organizations and individuals on the information stored and communicated using these systems. This has led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of data and to protect systems from network-based attacks.

2.       Major Types of Network Attacks

i) TCP SYN flooding and IP spoofing attacks, ii) Smurfing,

iii) Distributed Denial of Service attacks (DDoS), iv) Mail spam, v) DNS spoofing (Malicious Cache poisoning)

3.     Firewalls

Major Networking Security Technologies include using one or more of the following techniques: encryption, firewall, and virtual private networks. The scope of the paper is limited to one security technology for the networked world: Firewalls.   

A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device or a software program running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A network firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. The earliest computer firewalls were simple routers.        An Internet firewall examines all traffic routed between your network and the Internet to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A network firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source, destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependent upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

There are two access denial methodologies used by computer firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria. The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Computer Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that an analyze the application data to determine if the traffic should be allowed through. How a computer firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows. 

1.      Basic Firewall Operation

2.       How does a network firewall interact with OSI and TCP/IP Network models?

Network Firewalls operate at different layers to use different criteria to restrict traffic. The lowest layer at which a firewall can work is layer three. In the OSI model this is the network layer. In TCP/IP it is the Internet Protocol layer. This layer is concerned with routing packets to their destination. At this layer a firewall can determine whether a packet is from a trusted source, but cannot be concerned with what it contains or what other packets it is associated with. Firewalls that operate at the transport layer know a little more about a packet, and are able to grant or deny access depending on more sophisticated criteria. At the application level, firewalls know a great deal about what is going on and can be very selective in granting access.  It would appear then, that firewalls functioning at a higher level in the stack must be superior in every respect. This is not necessarily the case, however. The lower in the stack the packet is intercepted, the more secure the firewall. If the intruder cannot get past level three, it is impossible to gain control of the operating system.

3.       Professional Firewalls Have Their Own IP Layer

 Professional firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system’s TCP/IP stack. It is therefore very difficult for an intruder to gain control of the firewall host computer then “open the doors” from the inside.  According To Byte Magazine, traditional firewall technology is susceptible to misconfiguration on non-hardened operating systems. More recently, however, “...firewalls have moved down the protocol stack so far that the OS doesn’t have to do much more than act as a bootstrap loader, file system and GUI”. The author goes on to state that newer firewall code bypasses the operating system’s IP layer altogether, never permitting “potentially hostile traffic to make its way up the protocol stack to applications running on the system”. 

4.       Firewall Types

Firewalls fall into four broad categories:

i) Packet filters, ii) Circuit level gateways, iii) Application level gateways, iv) Stateful multilayer inspection firewalls

7.1 Packet Filtering Firewall

Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router firewall. A router is a device that receives packets from one network and forwards them to another. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it, or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer, however, and does not support sophisticated rule based models. Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.

  

TCP protocol ensures reliable connection oriented transmission of packets between client and server. 

The flow of the TCP server program can be described in following steps:

i. TCP server opens up a well-known port 8080 and listens for client requests. ii. TCP client opens a socket and requests connection to the server. iii. TCP server acknowledges the request (which is the accept function system call). iv. TCP client sends HTTP/1.1 GET request. v. TCP server sends back the response, if the client and web server address are valid. vi. TCP server sends HTTP/1.1 403 Forbidden response otherwise.

7.1.2 Filtering features available in different operating systems:

Linux- iptables (originally called ipchains), http://www.linuxguruz.org/iptables/howto/maniptables.html, Man page of iptables, Windows – ISAPI (internet session application programming interface).

7.2 Circuit level Gateway

Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.

7.3 Application level Gateway

Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an application level gateway that is configured to be a web proxy will not allow any ftp, gopher, telnet or other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http:post and get, etc. This cannot be accomplished with either packet filtering firewalls or circuit level neither of which know anything about the application level information. Application level gateways can also be used to log user activity and logins. They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically. They are not transparent to end users and require manual configuration of each client computer.

7.4 Stateful Multilayer Inspection Firewall

Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel.

The firewall is an integral part of any security program, but it is not a security program in and of itself. Security involves data integrity (has it been modified?), service or application integrity, data confidentiality and authentication. Firewall security only addresses the issues of data integrity, confidentiality and authentication of data that is behind the firewall. Any data that transits outside the firewall is subject to factors out of the control of the firewall. It is therefore necessary for an organization to have a well-planned and strictly implemented security program that includes, but is not limited to, firewall protection.

5.       Conclusion

The paper reinforces the principle that security technology alone will not solve all security problems.  Responsible management of information is essential. One of the Courtney’s laws sums it up: “There are management solutions to technical problems, but no technical solutions to management problems”.

6.       References

[1]        Cryptography and Network Security: William Stallings

[2]        Network Security: Private Communications in a Public World: Charlie Kaufman, Radia Perlman, Mike Spencer

[3]        Guidelines for the Use of Cryptography in the Enterprise: Wolf Halton, Jack Krichen, Richard Costello

[4]        Encryption Fundamentals: Hugo Fruehauf

[5]        www.firewall-software.com

[6]        www.gocsi.com

[7]        www.searchsecurity.com

[8]        www.ciac.org

[9]        www.computel.com

[10]     www.sans.org

[11]     www.3com.com

[12]     www.cisco.com

[13]     www.extremenetworks.com