Engineering Color on the Web : An excellent presentation in JqueryTO Conference

Ms. Lea Verou works as a Developer Advocate for W3C. She has a long-standing passion for open web standards, which she fulfills by researching new ways to use them, blogging, speaking, writing, and coding popular open source projects to help fellow developers. She is a member of the CSS Working Group, which architects the language itself. Lea studied Computer Science in Athens University of Economics and Business, where she co-organized and occasionally lectured a cutting edge Web development course for 4th year undergrads. She is one of the few misfits who love code and design almost equally.

We use color every day, but how well do we really understand it? More often than not, we are merely scratching the surface of a large and complicated discipline. In this dynamic session, we will scratch a little deeper, and you will be surprised at how deep the colorful rabbit hole goes.

How does color work on our screens? What’s the difference between color models and color spaces? Which existing features of CSS Color are we under-utilizing? What’s in store for CSS Color level 4? How can we pick both aesthetically pleasing and accessible color combinations?

This is not a design talk, it’s a technical talk about the inner workings of one of the most important design aspects, with many practical takeaways. Whether you identify as a designer or a developer, you will walk out of this session with a new-found confidence about anything color related.

She was calculating the proximity of two colors to show the user how close they are getting. Her first thought was to use the Euclidean distance of the two colors in the RGB cube and divide it by the maximum distance the color could have from any other RGB color. However, this proved out to be inaccurate in many cases, probably due to the lack of perceptual uniformity in RGB. As an example, try #f0f and #ff80ff. Although they are quite similar visually, the reported proximity was around 66% (1 – 128/382).

So she researched  existing algorithms to get the proximity of two colors. Like most things color-related, it looks like Color Difference is not quite as simple as she thought, and is considered a topic of interest in Color Science. However, converting to L*a*b* and using the CIE94 and CIEDE2000 formulas seemed a bit of an overkill for this and she wasn’t terribly impressed with the CIE76 formula after trying the results out online for some sample pairs (e.g. it gives 60% for the aforementioned pair, which is even lower than what she got with her RGB method!).

So she experimented a bit and ended up using an average of her original idea and a sum of the HSL differences (divided by the max differences), which seems to work relatively ok.  There are still cases where it’s off, but ho hum. After all, the proximity is mainly useful when you get close enough to the color (>90%), as until then you tend to play it by eye. Any improvements on the algorithm used are welcome. Or if enough people think it’s not working very well, I’ll bite the bullet and end up using DeltaE.

Most devastating Computer Worm

Much of the world’s transactions, whether it is business or personal, are now done online. From social interaction to keeping track of finances, the Internet is now a very large part of the average citizen’s life. The Internet is not without its own set of risks, however. Should you encounter a virus, your private information could become compromised, data destroyed and hardware completely fried. Not all viruses are created equal, however. Some viruses have produced billions of dollars in damages. Here is a look at 10 of the most expensive computer viruses of all time, and how to avoid a similar devastation in the future.

MyDoom
The most devastating computer virus to date is MyDoom, which caused over $38 billion in damages. In addition to being the most expensive virus to date, its effects were far-reaching and fast-moving. When a user was infected with the virus it creates network openings which allowed others to have access to your computer. In addition, the virus also had the ability to open random programs. In 2004, an estimated 25% of all emails had been infected by the virus.

SoBig
Another harmful and expensive computer virus is SoBig. In 2003, the SoBig virus caused over $37.1 billion in devastation. This fast-spreading virus circulated through email as viral spam, and if exposed, the virus had the capability to copy files, emailing itself to others and causing serious damage to computer software and hardware.

ILOVEYOU
ILOVEYOU is another particularly malicious virus that spread quickly through email, websites and file sharing. The ILOVEYOU virus, or the “Love Letter” worm, affected more than 500,000 systems in 2000 and produced over $15 billion in damages, including $5.5 billion in the first week alone. The virus replicated itself and exposed itself to everyone in the owner’s contact list. This virus was a pioneer for other viruses, as it was one of the first to attach to an email.

Conficker
The Conficker virus caused over $9.1 billion in damages in 2007 and infected millions of computers around the world. The virus scanned computers for weaknesses and vulnerabilities, logged keystrokes and downloaded code from hacker-selected websites and more.

Code Red
One of the most well-known viruses to date is the Code Red virus. It caused over $2 billion in damages in 2001, and had the ability to break into computer networks and exploit weaknesses in Microsoft software. Once the virus infected the machine, it actively looked for other machines on the networks to attack.

Melissa
The Melissa virus was a particularly slimy virus that sent out infected Microsoft Word documents through Microsoft Outlook, delivering viral messages to everyone listed in the Outlook address book. The messages appeared to be coming from the Outlook owner, but was really the Melissa virus at work. A tell-tale indicator that Melissa had infiltrated your Outlook is if your contacts had received an email from you with the message: “Here is that document you asked for … don’t show anyone else.” There would be a word document attached, complete with the Melissa virus. In 1999, Melissa caused $1.2 billion in damages.

 

SirCam
SirCam was a worm that caused over $1 billion in damages in 2001. This virus had the ability to compromise confidential information, delete items or use up space on your hard drive until there was not enough memory to store anything else.

SQL Slammer
SQL Slammer is a virus that greatly affected banks and caused Internet speed to lag significantly across the globe. SQL Slammer caused an estimated $750 million in damages in 2003, and affected 200,000 computers worldwide.

Nimda
Nimda is one of the Internet’s most widespread viruses and among the costliest as well. The virus caused $635 million worth of damages in 2001 and caused Internet browsing time to slow significantly. Additionally, it could affect a user’s email account and send out a read-me file to all contacts listed in the email address book. The virus caused traffic and Internet speeds to slowdown.

Sasser
Sasser created quite a bit of trouble in 2004 when it piled up $500 million in damages, devastated the British Coast Guard mapping system and caused numerous canceled flights. The creator of Sasser was identified as a teenager from Germany, and was quickly apprehended when one of his “friends” turned him in for a $250,000 bounty posted by Microsoft.

Time to Upgrade to PHP Version 5.4

Time to Upgrade to PHP Version 5.4

I have wrote several PHP pages for Leave Management System (our PHP project), some for our class lab and some of them for our assignment for the PHP class. It works perfectly while running in apache server from the local host. I have received “driver not found for mySql database” error running same code from my hosting server. Finally I manage to figure out that the default version of PHP in my server is 5.2. I upgrade my hosting server PHP version to 5.4 and have no problem running my codes there to access mySql database. I think now, this is the time to upgrade your environment to PHP 5.4.

A huge list of changes in version 5.4.

The updates that were intended for postponed PHP 6 were added to PHP 5.4.0 instead, so now PHP includes a huge set of new language features and removes several legacy behaviors.

Major PHP improvements in version 5.4 are

Added class member access on instantiation.

Now you can use fluent interfaces like in Java:  $myCar = (new Car)->setSpeed(100)->setColor(‘blue’);

Added callable typehint.

This typehint allows a string with a function name, a closure, and an array composed of classname (or object) with method name.

Added closure rebinding as parameter to bindTo.

Closure::bindTo() has been modified so now it accepts another argument that defines the new scope. This can either be an object if its class is used as the scope, or a class name.

Added short array syntax.

Makes PHP code more readable and maintainable.

Added binary value format.

Now it’s possible to use binary values directly in the PHP code.

Added support for Class::{expr}() syntax.

Makes PHP more flexible, when calling class/object methods.

Added support for Traits.

A Trait is intended to reduce some limitations of single inheritance by enabling a developer to reuse sets of methods freely in several independent classes living in different class hierarchies.

Added closure $this support back.

Now you have an access to every object property (be it public or not).

Added array dereferencing support.

Provides the implementation of array dereferencing of method/function return.

Added indirect method call through array.

Now $foo() also works in the cases where $foo is a callable array or Closure object.

Changed $GLOBALS into a JIT autoglobal.

$GLOBALS array is initialized only if it’s used. This is a performance/memory optimization, it can however break some of the existing scripts or opcode caches.

Improved performance of @ (silence) operator.

This can speed up PHP scripts which rely heavily on a silence operator.

Added multibyte support by default.

Previously php had to be compiled with –enable-zend-multibyte. Now it can be enabled or disabled through zend.multibyte directive in php.ini.

Added built-in web server that is intended for testing purpose.

The following command will open a web server on the port 8000.

php -S localhost:8000

Lots of performance and memory usage improvements.

 

Removed major PHP features

Removed break/continue $var syntax.   You can no longer use variable to tell PHP how many levels of enclosing loops it should skip to the end of.

Removed safe mode and all related ini options.  Functionality described in this article and marked as depreciated in PHP 5.3 has now been removed.

Removed register_globals and register_long_arrays ini options. If enabled, register_globals injected PHP scripts with all sorts of variables, like request variables from HTML forms or values from GET requests. Now, every request/environment variable must be fetched from an appropriate PHP array.

Removed allow_call_time_pass_reference option. Passing arguments by reference at function call time was deprecated for code-cleanliness reasons. A function can modify its arguments in an undocumented way if it didn’t declare that the argument shall be passed by reference. To prevent side-effects it’s better to specify which arguments are passed by reference in the function declaration only.

There are many reasons, why you should go for upgrade to version 5.4 and this is the time to upgrade.

Research and findings on KeyLoggers

Definition: A keylogger is something that records keystrokes made on a computer. It captures every key pressed on the keyboard and stores it down in a file or memory bank that can be viewed by the person performing the monitoring in real-time, or at a later date.

There are three types of keylogger: hardware keylogger, software keylogger and Kernel/driver keyloggers. A program, device drivers or hardware device that captures every key depression on the computer.

Hardware Keyloggers: Small inline devices placed between the keyboard and the computer. Because of their size they can often go undetected for a long time, but they do require physical access to the machine. These hardware devices have the power to capture hundreds of keystrokes including banking and email username and passwords.

Software using a hooking mechanism: a type of logging that uses the Windows function SetWindowsHookEx() that monitors all keystrokes and can even capture autocomplete passwords. The spyware will typically come packaged as an executable file that initiates the hook function, plus a DLL file to handle the logging functions.

Kernel/driver keyloggers: a this type of keylogger that is at the kernel level and receives data directly from the input device (typically, a keyboard). It replaces the core software for interpreting keystrokes. It can be programmed to be undetectable by taking advantage of the fact that it is executed on boot, before any user-level applications start. However, since it runs at the kernel level, it cannot record autocomplete passwords, as this information is passed in the application layer.

How to protect yourself from KeyLoggers

First and foremost: The best security and related policy is always built on layers.  The best way to protect a system and network from these intrusions always starts with the same methods one would use to prevent the spread of a virus, but additional measures must be taken for these new risk BEYOND those measures.

Keyloggers and Trojans often aren’t detected by Antivirus systems, so make sure you have a good spyware detection and removal tool OR verify your Antivirus program handles these spyware threats as well.  Make sure this software is update and run regularly as new threats can burrow in at any time.

Consider installing a personal firewall on each computer or at least enabling a firewall built into the operating system of the computer.  Firewalls can’t save the world by themselves, but a good personal firewall monitoring incoming AND outgoing traffic from an individual computer will be a good way to find out if anyone is attempting to break in.  It will also give you an idea as to whether or not anyone or thing is attempting to have your computer send data out.

Using auto form filler which is a common feature of Web Browsers including Internet Explorer and Firefox. Works against key loggers but vulnerable to other security breaches. Alternative keyboards make captured keystrokes look like nonsense.  You can customize your own board with Microsoft Keyboard Layout Creator . Software based keyboards are not very effective like on-screen keayboard. All clicks are converted back to keystrokes when you use software based keyboard.

Using anti-keylogger software to detect any keyloggers activity. There is many ways to keyloggers from the users too. Only a few type of keyloggers could be detected using anti-keyloggers software.

I have visited many web sites including following resources to gather information on KeyLoggers as security threats:

http://www.symantec.com/connect/articles/introduction-spyware-keyloggers

https://blogs.mcafee.com/consumer/what-is-a-keylogger

https://blog.kaspersky.com/keylogger/

https://www.securelist.com/en/analysis/204791931/Keyloggers_How_they_work_and_how_to_detect_them_Part_1

http://www.bullguard.com/bullguard-security-center/pc-security/computer-threats/what-is-a-keylogger.aspx

http://www.cxotoday.com/story/the-top-threats-of-2009-keyloggers-spyware/

http://www.keylogger.org/articles/kishore-subramanyam/keyloggers-the-overlooked-threat-to-computer-security-7.html

http://www.techrepublic.com/blog/it-security/be-aware-of-the-threat-of-hidden-keystroke-logging-devices/291/

http://esj.com/articles/2012/11/12/keylogger-security-risk.aspx

http://blog.spamfighter.com/tips-and-tricks/the-threat-of-keyloggers-and-how-to-protect-yourself-from-them.html

http://security.stackexchange.com/questions/3953/methods-of-mitigating-threats-from-keyloggers

http://kudin.net/e/2008/12/27/case-study-of-keyloggers.html

http://www.scmagazine.com/defendant-pleads-guilty-in-brokerage-keylogger-case/article/138180/

http://www.mysecurecyberspace.com/encyclopedia/index/keylogger.html

Everyone will find more information in details from the above-mentioned resources including different type of treats, how dangerous it could be, some sample codes, code to hide from users and many other information.

Reading week before mid-term exam

This is our reading week before mid-term exam. Do I really get enough time to read and prepare for the exam? Probably not as I have to make some changes in the hospital database and significant changes in the Online Leave Management System Database. Have to create and populate database tables with test data set considering all the changes. I am hosting both the application in my Hosting Service Provider’s (Godaddy) server. I have created hosting and access requirements for both the application and sent server access credentials to the team members to work with the server directly.

We have a  very long weekend last week as there was no classes on Security and Quality Assurance on Friday and Career Connection on Monday. Week started with XML mid-term exam review classes on Tuesday. We have prepared study notes in the class by preparing questions and answer for the assigned topics. It was a group exercise to find solutions for selected questions from a chapter and prepare questions to ask to other groups. Class was very effective to gather information from all the covered chapters by different groups. Finally we uploaded solutions and questions to the blackboard for other to download and study as guide to prepare for the mid-term exam.

There was guest speaker from the company Dashboard in our Information Architecture class on Wednesday. They are interested to take few interns to work with their development team for 6 to 12 weeks. Open offer to apply for the position, but they will not going to pay for the period of internship. It might be an opportunity to learn new things and local development practices through this internship. Most of the classmate did not showed their interest for unpaid internship. I think in the same way too. There should be some form of compensation for the time and cost incurred by the internee.

We have learned, discussed and practice some techniques about responsive web design in the Information Architecture class this week. We have discussed about the documentation that need to be submitted in the exam week for the both ASP.NET and PHP project.

We have learn few AJAX control in ASP.NET with several examples in the Mobile Development class on Wednesday. Teacher also did the review on the quiz that took place in the previous week. Discussed on the format and time frame for the mid-term exam and he will post an assignment in the blackboard  to prepare for the exam.

Thursday we are supposed to prepare study notes for the mid-term exam for PHP, but our teacher were sick and we missed the opportunity to get the study notes. We have long discussion on Friday Security and Quality assurance class to cover two weeks topics and a quiz.

Now is time to prepare documentation for the ASP and PHP project and prepare for the exam.

Designing and creating database for ASP and PHP project

This week I am mostly concentrating with designing the database for both the project in ASP.NET and PHP. Feeling lucky to be a member of a very healthy team and members are supportive with very good relations with each other. Our team 7 is redesigning the website and application for Lennox Addington County General Hospital(LACGH).

I have designed following tables including prefix, primary and foreign keys, indexes, column name, column length, data type, data references with other tables and relationship between the tables for Hospital Management System(HMS).

Table Name       Prefix    Description                                       

Users                    us           Table to keep details of all registered users information

UsersLog             ul            Table to keep details of all login information

Employee            em         Table to keep details of all Employees information

Department       dp           Table to keep all Department/Clinic information

EmpReports       er            Table to keep all Employees Reports information

Patients               pt            Table to keep details of all registered patients information

Appointment     at            Table to keep appointment details for the patients

PatientVisit         pv           Table to keep details of all patients visit information

PatReports         pr            Table to keep all Patients Reports information

Donations           dn           Table to keep donors Information

Features              fs            Table to keep Features/Module/Tables Information

Permissions        ps           Table to keep authority of the users

Faqanswer          fa            Table to keep frequently asked questions and answers

Feedback            fd            Table to keep feedbacks from the visitors

Extlinks                 el            Table to keep external links of additional information

Positions              pn           Table to keep working job requirements for Employment/Volunteer positions

Applicants           ap           Table to keep information of applicants for the positions

SysControl          sc            Table to manipulation of systems controls by the admin/staffs

SysInfo                 si             Table to define and display systems information to the web visitors

News                    nw          Table to keep published news

I manage to create scripts for some of the tables and run them in my hosted database. It works fine. But I need to save some special object (logical, images, documents, attachments, audios and videos) data to the database. Still researching on them, which data type I should use to capture them in the system. Considering to retrieval of the information fastest possible and secured manner while hospital administration required to access them.

I am happy to took the responsibility of back end for our PHP project team (Nitral Five) too. We are developing an Online Leave Management System with PHP and MySql. Today I just  completed the designing of the database for our Online Leave Management System.

I am trying to considering detail requirements for all the features to be develop using this database. Hope to make only minor changes during our development, implementation, testing and debugging phases.

Working on ASP.NET and PHP Project together

I have started learning new ideas and techniques to develop web applications and working on ASP and PHP projects together. In both the projects I took responsibility of the back end, which I really love to work with. I have to develop three features for each of the project. I have to design and develop public and admin interfaces of those elected six features from both projects. Public visitors will only be able to visit presentation pages of the features, while system admin will manage Content Management System (CMS) for keeping the website and the applications up to date.  Most of our classes are also now connected to each other, for adding strength to developing two web application on ASP with MS/SQL and PHP with MySQL database. In order to design and develop a comprehensive web application, you need many considerations including interface design, graphics design and selection, navigation, coding and debugging, testing and implementation, training and documentation, security and quality assurance. We have not learned all of them yet from this course. I am hoping to get the knowledge to work with them along with the timeline of the project and web development.

This week started with the Career Connection class where we learned about a few web development companies and the S.T.A.R method of responding to behavioral questions related to strengths, weaknesses and performance. Mr. Sean introduced Ms. Christine of Humber Career Centre who shared much valuable information about the career centre and her own experiences in responding to interview questions. She also mentioned to us about how you can avoid responding to some unusual questions in the interview.

Sorting cards (navigation menu and web interfaces)in many different ways by different persons, was our exercise in the Information Architecture class. Media design students took part with us to share their views about our project after getting a short briefing from our team. Most of them sorted our cards very close to our redesigned navigation, with only a few exceptions.

We learned about Xpath and Xslt that define the path of an element from a XML file and the conversion of XML document in many other formats including HTML and Text. We have also introduced Object Oriented Program (OOP) in the PHP class. We learned how to create classes with objects, properties,  methods, functions, constructs and interfaces. I am getting comfortable with Object Oriented Program after this week’s class. We have to complete a lab to create class to generate new web pages, to extend the methods in the classes to create admin pages. We still have to find and research on PHP and OOP to complete our lab.

We have exercised finding security issues in our security and quality assurance class, related to our features that we are going to develop for ASP.NET project. We are planning to take corrective measures to secure those features from the possible threats.

A busy week in the second semester

The week started with career connection class and a presentation on selected Web Development companies in Toronto. Four students were scheduled to deliver their presentation, but we skipped two of them. Hopefully, we will able to get their presentation in the next week. Stacey and William from my team (Team 7) presented their selected company’s information.  Stacey discussed about Geek Oracle and William discussed on Ecentricarts for their consequent presentations. Both are medium size web development studios, but they have good working environments and they try to involve employees in many other activities. We also researched in group for ” Where can we find jobs?” and present a couple of minutes per group for various job finding resources.

We have learned creating schema from DTD in our XML class on Tuesday. Our teacher has given us many example in the class and finally we did a lab on XML schema creation. I have participated in a 3 step survey on our XML class at night. Ms. Nithya would like to know “what to start?”, “what to stop” and “what to continue?” in the class from this survey.

Wednesday is our most busiest day of the week. We have participated in an exercise in the Information Architecture class for creating new navigation structures from the content inventory of ASP.NET project. We converted and created a flow charting diagram for the navigation. We learnt Language Integrated Query (LINQ) in the afternoon session. We are having a really busy time with ASP.NET as we have to complete two assignments in ASP.NET this week. I have to submit assignment2 on Tuesday night after 3 days of when I’ve submitted assignment1 on Friday night.

We have formed our group of five members for the PHP project. The members are Indika, Tharanya, Luz Elena, Anmar and I. We selected our team name “NITRAL Five” by including first character of our team member’s and our teacher’s names. Meaning of NITRAL is Nitrogen. We will develop a HR and Leave management web application on PHP/MySQL. The sad news is our team member Luz Elena decided to discontinue from the program and we have to complete the project without her contribution. She was also a member of my ASP.NET project team (team7). This week we learned how to use array and function in PHP. I have to submit my lab on PHP array and function by tomorrow night.

I enjoyed exercise on the project budget and Wi-Fi security in Friday class. I have to prepare my assignment on data encryption. I have to create database schema, select the first feature, create a process flow for the ASP.NET project. There is much information to read and research for almost for all the courses. There are so many things to do this weekend, I am not sure how many of them I can complete in time.  It is really a busy week for me this semester.

Winter semester started with new courses

Our new semester started from January 06, 2014 with Career connection course. This course will help us to understand job market, how to stay competitive , how to search and apply for new jobs with proper resume and cover letter and prepared to know the strengths and weaknesses to present the right message to the employer in the interview. There was an interesting  workshop on Strengthsquest in the second week after getting thorough introduction  and a class exercise in the first week. I have submitted my resume, my course expectation and interview question that I want to practice as assignment in the class. Currently I am researching on few web development company that I could prepare and present a 2 minutes review presentation in the class.

We have completed and submitted our content inventory for the Hospital project (Lennox Addington County General Hospital) in the Information architecture class. We also discussed in our team meeting about features to develop in our ASP.NET project. About 20 features we have listed that could be discussed with Mr. Gurpal and distribute them in the team members for start our development process. Requirement analysis and preparing proper documentation will be key priority before start coding for the proposed web application.

It is a great opportunity for me to learn XML and PHP in HTTP 507 and HTTP 506 with our new teacher Nithya Thayananthan.  She is going in details in the class and giving lots of example to practice in the lab. We have a quiz in the second week class. So far we have completed two labs with many new commands, functions and methods.

We are working on an assignment for our Mobile development course which must be hosted online. I have some issue with my hosting company regarding changing to windows hosting, creating new MS-SQL database in the web server and using visual studio to connect that database and work for the assignment. Hope to resolve them soon to look forward with ASP.NET development.

We have to take care about the application security and quality assurance for any website or any web application going to develop for our customers. We are learned about security standard, methods and security threats in the class and group research on security standard as assignment and presented in the class. Also completed individual research on Security threats as other assignment. Hoping  to learn more about different techniques to test and debug the new application in the Security and Quality Assurance course.

Term-Final exam, holidays & new semester

It was really a great feeling being well-prepared for 3 exams and one presentation in the final week of semester one. Exams started with HTTP500 – Web Application Development quiz and practical on Friday. My preparation was not sufficient for the practical exam. I did better in the quiz but I was not satisfied with the practical exam.

On Monday, we did our hospital project presentation (Http 501). I was the final presenter in my team. I distributed 3 pages of briefing before starting my presentation. Overall, our team presentation was good with a few comments and feedback from Mr. Bernie and Mr. Sean. I could end up with a better presentation if I had re-caped some of the key points for the presentation described by other team members.

I had my best exam on Tuesday for Database Design and Development. It was really a well prepared and exam for me. It is sad for me that our teacher Mr. Bill Wright is not going to continue with any other courses with Web Development program.

There was a break of one day for us on Wednesday as there was no exam on Digital Design (Http 503). I have submitted the responsive web design for the hospital site using photo-shop and portfolio site using traditional written documents. We will be missing Mr. Royce Yadav in the following semester too.

We attempted our last exam on Thursday for Web Programming with Mr. Andre Martelli. On the following day, we submitted our final project for Web Application Development (Http 500). It was a wonderful feeling to complete semester one after being busy for three and half months. I enjoyed a three week’s breaks including Christmas and New Year and covered up some topics which I felt difficult to understand during the course. The New Year should bring new inspiration and motivation to begin the new semester, new classes and with few new teachers.

We have started six brand new courses on January 6th 2014, named Career Connection, Web Information Architecture, XML and Web Services, Mobile Development, Web Application Development 2, and Security and Quality Assurance. I am expecting to learn a lot of new ideas and techniques from our teachers in next couple of months in semester two.