How To Protect C# Applications From Buffer Overflow Attacks

buffer overflow attack is once the user purposely enters an excessive amount of data in such the way that the program can spill the information across completely different memory locations which can cause bad  behavior like opening another vulnerability for the attack to use.

This works through the utilization of user input. If the information size isn't checked properly before process the information in sure ways in which, it will become prone to a buffer overflow attack.

Protecting from buffer overflow :
we will be using the c-sharp console application(CLI) as an example.

First create a byte array which we will use to store the user input in next, notice that we are giving it a fixed size of 255 bytes.

byte[] byt = new byte[255];

Now we will get some user input.

Console.Readline()

Now let's convert it to a byte array.

Encoding.Default.GetBytes(Console.ReadLine())


Now set it to our previously declared 'bytes' byte array with a fixed size of 255 bytes...

byt = Encoding.Default.GetBytes(Console.ReadLine());


The vulnerability here is that the user can be inputting a string of 256+ bytes or characters so once converted to bytes, it'll be rather more than the 'bytes'; byte array will handle - a most of 255.

To fix this, we are able to merely check the byte count 1st before setting it to the 'bytes' byte array...
string readLine = Console.ReadLine();
if (Encoding.Default.GetBytes(readLine).Length <= 255) {
byt = Encoding.Default.GetBytes(readLine); 

}


Now, if the user enters a string that once regenerate to byte is larger than the 'bytes' byte array will handle, it merely will not arrange to set the 'bytes' byte array to the new input.

Top 4 Steps to Improve Performance Appraisal in Company


Top 4 Steps to Improve Performance Appraisal in Company
Employees are the soul of company and keeping them happy is the most important thing to consider. Offering a better working environment, handsome and timely package are certain things that need to be followed in the right way. Effective and well manage data base in a huge firm is important for keeping a close watch over services of employees efficiency and performance. This ultimately helps in performance appraisal of the employees and keeping them happy for long term.

There are software that allows the company to keep track of the performance of each employee and following it for long term. However, this appraisal solution is later divided into 4 different steps which are mentioned below:

· Assessing Job Performance:  The ratings of the employee’s performance entirely depend on the company’s performance.  However, the evaluation process is quite hectic. The process involves observing and keeping the record of each employee by using performance appraisal software which brings down the issues. The solution helps in tracing productivity, problem solving abilities and quality of work primarily; also factors like attitude, co-operation, communication etc.

· Ratings and Rankings: Once the rating is done, the assessment is processed by superior authorities, which consist of team or individual. Through the help of software, they post their comments and suggestions for the same. The comments section contains improvements, suggestions, goals to be achieved, potential of employees, etc.

· Remarks: The software also helps to improve the efficiency of the employee. Employers can generate a separate column to put down remarks through which employee need to work on in order to improve their performance. This certainly helps in working hard on required points and stay focused on the work. While evaluation, it is advisable to give examples of strengths and weaknesses of the employees this will help on working on the same in a better way.

· Seeking Feedback: The software also comes with feedback section that will help the employee to give feedback and approach the authorities regarding the assessment. They can also raise question regarding the same.

The main aim of having performance appraisal software is to get connected with employee through evaluating them and helping to keep their performance well for long term. Using of such software will certainly boost the working environment of the staff and take the company to the forward level.

Common Misconceptions Regarding Flipping Classrooms

Common Misconceptions Regarding Flipping Classrooms

Flipped classrooms are a great way of expanding the learning curve of students. Using this technique, students get to spend more time critically analyzing topics. Frequent discussions regarding topics in class help students learn more effectively. Moreover, students actually get to clear their confusions with the teacher in class. The idea behind flipped classrooms is to enhance interaction with students.

It focuses on clearing students’ concept regarding different subjects. Students also learn to become independent as they get used to learning about the topic at home. There are many misconceptions regarding flipped classrooms. These misconceptions are a reason why flipped classrooms are discouraged in general.

These misconceptions need to be cleared to enable a better understanding of flipped classrooms. Let’s look at some of the most common misconceptions regarding flipped classrooms:

1. Flipped Classrooms Are Based On Video Lectures

This is one of the most common misconceptions regarding flipped classrooms. This misconception arose because most flipped classrooms use media presentations. The only reason video lectures and media presentation are used is because students find it easier to learn this way. However, flipping classrooms doesn’t necessarily mean that students have to watch video lectures. A classroom can be flipped by asking students to read a particular topic at home or research on a particular topic of a subject. The aim of a flipped classroom is to encourage the students to study at home and discuss what they have learned in class.

2. Flipped Classrooms Eliminate the Need for Teachers

Flipped classrooms are not an alternative to teachers. Students may study at home using interactive means or books. But they need a teacher to provide guidance to them in class. This is one of the reasons why flipped classrooms have excellent turnarounds. Teachers can spend more time on actually coaching students about the aspects they don’t understand. The learning and lecturing part is received by the students at home.

3. Students Get Disorganized In Flipped Classrooms


Flipped classrooms are thought to make students disorganized. This is because when they are studying at home they have no supervision at all. However, the result of a flipped classroom is quite contrary to this. Flipped classrooms do anything but make students disorganized. In fact students, learn to become more independent. They learn to grasp the concept for various courses on their own. Moreover, if they have any confusion about a topic, the teacher is always there to guide them in class. Students get a sense of responsibility when using flipped classrooms.

4. Students Will Have No Peer Support


Since students do most of the studying at home, it is believed that they won’t have any peer support. On the other hand, there are other students during discussions in class. However, the main concern is peer support at home while studying. But this problem is solved with the help of online forums. Many institutes that have adapted flipped classrooms have online forums where the students can interact. These forums allow the students to post their queries there. The forum is monitored by the teacher who answers any questions the students may have. Moreover, the teacher can also make a note of the common queries and prepare a class discussion accordingly. In addition, these forums enable students to interact with each other to discuss problems they may have.

5. All the Subjects Will Need to Be Flipped

This is one of the major reasons why teachers avoid flipping classrooms. They believe that they alone cannot flip their subject unless the other teachers are doing so as well. However, this is not the case. In fact flipping a classroom can be done with just a single topic as well. The aim is to have the students prepare for the lesson at home and discuss the topic in class.

Now that these misconceptions are cleared, you will know how beneficial flipped classrooms are.

Author Bio :
David Miller is an educational researcher who has vast experience in the field of teaching, Online testing and training. He is associated with prestigious universities and many leading educational research organizations. He’s also an ed-tech veteran, currently pursuing research in new eLearning developments and contributing author with ProProfs.

How to Turn a Static Website Into a WordPress Theme?


Still a number of business owners are running a static HTML website. But when it comes to making changes in the static site, it becomes mandatory for the website owner to have HTML programming knowledge. So, if you lack coding skills you must migrate your static site to a dynamic platform. WordPress is a highly popular dynamic platform and its popularity is not going to abate too soon. You don't have to throw all your HTML and CSS files away when moving to WP platform. Rather you can convert your HTML files to WordPress.

When converting HTML files to Wordpress theme, generally WP default theme named TwentyThirteen is being used. To carry out the conversion you'll need a copy of HTML as well as CSS files for your current site, which will be later converted to WP theme format. There are various choices you get in terms of the program, which is used to make edits in your file. Well, you can choose text-editors such as Notepad and Notepad++ or rather use Dreamweaver instead. For this purpose, you can take up HTML to Wordpress Service.

Here's a step-by-step procedure following which you'll be able to Convert HTML to Wordpress Theme.

Step 1: Creation of Files and Folders

Begin with creating a new folder on your system’s desktop. Next, give a name to the folder. Choosing an easy to remember name won't let you forget where the folder is saved, such as the name of your WPTheme. Once you've named your folder create two files namely style.css and index.php, and add both these files to the newly built folder.

In order to make your WordPress platform recognize the files you've just created, make sure to create a comment block for the style.css file including the information like theme name, URI, a brief description, version, author and author URI.

Later, verify whether the TwentyThirteen theme is set to be your active WP theme or not. Subsequently, in the WP admin panel go to Appearance and then the Editor. Open your style.css file and copy the content from it, and paste it into the newly built style.css file.

Step 2: Create new PHP files

To Convert HTML to Wordpress Theme in the second step you'll need to open WP theme editor, wherein your existing theme will be segregated into different parts – the header, footer, sidebar and main index. You can make use of the same components for building some other WP themed site. For doing so, you'll need to divide the components into different PHP files. Next, all you need to do is to copy of the code of each HTML section and place them in their respective PHP files.

Get logged in your WP admin panel. Open the theme editor followed by the file in which you want to copy the code. For instance, open header.php file of your static website; copy the code and then paste it into the newly crafted header.php file. Follow the same procedure for rest of the files.

Step 3: Use Newly Created PHP files to fetch data

To bring in data from newly crafted PHP files, open the index.php file in your WP theme folder saved on your desktop. Add PHP code to your file top and just after the tag, as show below:



Now you have constructed your own WP theme. But wait! Your theme is developed, but you may find it to be blank. You'll have to add content to it.

Step 4: Add your content

Now you may have to add content in your theme. How will you display the content in your tailor-made WP theme? For this purpose, you require WordPress’ loop function – The Loop.

Installing the loop function, requires copying the following code into your index.php template.



Step 5: Initiate your Theme

To set-up your theme, visit a FTP client and sign in to your website directory.

Go to wp-content>>themes folder.

Upload your new theme folder to this folder. Open your WordPress admin panel, go to Appearance>>themes tab. Your theme will now be visible just click on Activate.

That's it, you are done!

About Author:

Sarah Parker is a developer comes technical writer at Designs2HTML Ltd. She loves to share relevant and useful tutorials on WordPress markup conversions on Twitter to treat technical professionals with required stuffs.

Free Apps That Can Save Your Money


Free Apps That Can Save Your Money

It is estimated that 96% of the world’s population (7.1 billion) or 6.8 billion are mobile users, according to the February 2013 report of the International Telecommunication Union (ITU). This represents a 13.3% increase over the 6.0 billion of 2011 and higher by 25.9% than the 5.4 billion subscribers in 2010. There was also an increase on time spent by the average US mobile user from 2 hrs and 38 minutes daily in March of 2013 to 2 hrs and 42 minutes daily as of March of 2014 as reported by Flurry news.

In addition to the huge number of mobile users, there is also the sheer number of mobile applications available on various App stores. From the  iTunes App store alone, downloaded Apps reached50 billion for the Month of May in 2013. And out of the 2 hrs and 42 minutes time spent on mobile devices, 86%of them were spent on downloaded Apps, a clear evidence of how Apps have dominated the mobile world.

In general, mobile Apps are supposed to make life easier. There are business Apps that literally put your business in your pocket. There are also apps that revolutionize learning and Apps for pure pleasure and leisure such as Apps to download music,movies and games, Apps to connect with friends  and more. What adds to the universal acceptance of Apps is the availability of free Apps, some of which make saving money easy.

Let’s look at these money saving free Apps:

* Pic2shop, MySuperList & Idealo

These are barcode readers or scanners that allow you to compare prices of what you need and get them at the cheapest price from a specific retailer. These Apps usually have an extensive database of products from a multitude of local and online retailers.

Pic2Shop is the pioneer barcode scanner and is one of the few Apps that can read barcodes even without autofocus on all Android and iPhone models. Meanwhile, MySuperlist has added features that allow you to enjoy cash backs and set price alerts.

* Spendometer

This is one of the best free mobile Apps for saving money. It’s a brilliant budgeting App that makes daily cash management easy and simple. You can create a budget, input your spending and generate a spending report on it. The Spendometer can also generate the data on how much cash is on hand and how much has already been spent on a weekly or monthly basis. All you need to do is input all your spending and Spendometer will do the rest.

* Skype

Skype save you on phone bills. It is a free App that allows you to send a message or make a call, even a video call for free. You can even send photos of any size to friends, family and associates without paying an exorbitant fee For Multi-Media Messaging Services. And you can do all these wherever you are or whenever you want to as long as there is an Internet connection.

* Livingsocial

Livingsocial offers huge discounts on vacations, gyms, spas, restaurants, live performances and events and more in your area as well as in the whole of Australia. Daily discount deals are available and you can buy directly using your mobile device. You can enjoy an active social life at very little cost with Livingsocial.

Conclusion
We have mentioned a few apps only, there are many apps but they're are all not free of charge. If you know any other apps that will save your money let us know by commenting on this post.

How to Save Money Each Month – 76 Easy Things You Can Do Right Now

What Security Professionals Can Learn From The 5-Year Old Xbox Hacker

What Security Professionals Can Learn From The 5-Year Old Xbox Hacker
Sometimes news of poor security hits and it sends the whole web-o-sphere into panic. Heartbleed was an example of one such story. Other times, one can't help but to get a laugh out of weak security. A story that hit last week worth a laugh involved an Xbox account being hacked not by a teenager with a lot of time on his hands, not by a world class hacker or cyber criminals, but by a five year old kid who wanted to play some games he didn't have access to.

Shortly after Christmas last year, the child's parents caught him playing games on the Xbox that he shouldn't have been able to play, having somehow hacked his father's account to buy any game he pleased.

When asked how he broke into the account, the method used turned out to be... well, kind of ridiculous. He had tried guessing a password to his father's account. When that didn't work, he was taken to a password verification screen where... he hit the space-bar a bunch of times and logged in.

Interestingly, Microsoft actually offers a $10,000 bounty to hackers who can crack their system. Given that this seems to have been more of a fluke than a targeted hack, the family didn't get to reap the rewards, but it's kind of funny that educated, technical-minded hackers looking for backdoors and weak points have nothing on a little kid who really wants to play Minecraft.

Microsoft has fixed the hack, so don't bother trying to score some free games. In the future, a few tips that security professionals might want to keep in mind:
  • Don't Just Rely on Professionals
A professional coder is thinking from a professional perspective. They're not looking for dumb hacks that any five year old kid could employ, they're looking for, well, a challenge. When you put a $10,000 bounty on finding security flaws, hackers are looking for a ten thousand dollar hack.
  • Keep a Five Year Old on the Payroll
Child labor laws probably won't allow this, but rewarding children and casual gamers who can hack the system with free games or whatever prizes are appropriate to your website or gaming service wouldn't be a bad idea. You never know who's going to discover your weak points, so extending bounties to anyone who can find them can help to bring these weaknesses to light in the future.
  • Double Verification Can be Annoying, but Necessary
We might not like typing our credit card number in for every single purchase, but adding an extra security wall after login, at least where money is involved, can help to prevent unauthorized payments, so that even if someone can hack your Xbox Live or Steam account, they won't necessarily be able to make purchases in your name.

"Sometimes security science may seem like it's more, well, art than science," said Jason Hope, tech expert (https://medium.com/@jasonhope) "but with a rigorous approach to developing and testing systems for passwords, verification and online signatures, it's not impossible to build a rock-solid security setup." The five year old hacker doesn't get to keep all the games he bought, but if he keeps at it, he may one day land a job as a professional White Hat hacker. Companies like Sony and Facebook are known to hire professional hackers on a part time and full time basis in order to explore their security systems' flaws and offer tips to improve their verification processes.

Fortunately, it doesn't seem as if the hack has been discovered prior to now, as nobody seems to be coming forward with stories of having their accounts hijacked with the spacebar hack. Most of all, the whole affair has just been a little embarrassing for Microsoft, who generally has a better track record than this when it comes to online security.

In the aftermath of this, it's easy to imagine hundreds of gamers trying similar hacks on the PlayStation Network, Steam and Xbox Live in hopes of scoring a bounty, or at least a few games.

How To Fix Bad Image Quality in Blogger

How To Fix Bad Image Quality in Blogger

I have been with this issue for a longtime but I never minded it, I thought Google automatically compress the images that are being uploaded to picasa web album via blogger and images from Google plus. This is something we do not notice or we don't care but it looks really ugly when some cover images are in bad quality.

So fixing is not big deal, all you got to do is make sure you are logged into your Google account that you use Blogger, then go to your Google + profile( example : +Mohamed Shimran ) from the left sidebar menu select settings , in settings page scroll down until you reach Photos and Videos :

How To Fix Bad Image Quality in Blogger

Now you can see a sub section name Auto Enhance, that's the option/feature that reduces your image quality. In default it is set to Normal so just tick off then your changes will be saved automatically.

How To Fix Bad Image Quality in Blogger

Congratulations, now your problem has been solved. Please leave your comments and share this useful article on your social networks.

How to Send a Fax the Oldschool Way

How to Send a Fax the Oldschool Way
There are a few daily tasks at work that most of us try to avoid like the plague. One of the biggest offenders is the dreaded fax machine. What should be simple, is always an endless nightmare.

Well no worries! This sarcastic infographic takes you step by step through the grueling task of fighting with the fax machine just to send a measly signature form to a client a few cities over, poking fun at all of the headaches that occur along the way. From unhelpful tech support to paper jams and exploding toner, we’ve seen it all when it comes to conventional fax.

Luckily, step number five will finally give you all the answers you’ve been looking for - the online fax. In this final step you will do away with the bulky equipment, limiting landlines, and endless paper cuts, and switch over to the simple yet ever so effective online fax.

This infographic is brought to you by FindAFax.com.

Tread Carefully When Choosing A Content Management Solution For Your Business


Tread Carefully When Choosing A Content Management Solution For Your Business

Planning a company’s website strategy can be a tough. If you’re trying to decide on a content management system as the foundation to your organisation’s online presence, you’ve probably trawled through many possible options.

So what features are important? What CMS is right for your needs? Here’s some ideas to point you in the right direction:

What Are Your Goals?
How much content are you going to be publishing? What is the strategy for getting that content in front of your potential customers? If you’re leaving publication in the hands of your staff, then you need to consider ease of use. If you’re employing an outside company to help you, you need to consider the industry standard options. Once you’ve picked a CMS, you’re going to find it a real headache to change course if the feature set doesn’t allow for future expansion, or doesn’t offer the ease of use you require from day one.

Decide On A Budget
Open source software will offer huge savings over a proprietary system. You’ll have a wider range of customisation options and the opportunity to tailor every detail to your own needs. Open source solutions like Wordpress also allow you to tap into a huge pool of developer options, as this type of open source solution is hugely popular with a massive user base. On the flip side, a paid-for enterprise solution will likely be less customisable and cost more in terms of both monthly outlay and technical development, but will come with very strong security features and dedicated support staff for more complex applications.

Check Out The Competition
If large corporate organisations are using a particular CMS with a high frequency, it’s a good sign it’s a safe option. You need to know that your solution will be supported for years to come and that it has an active user base, or you could be left in the dark if it falls out of favour with developers and designers.

Behind The Scenes
Before you dive in and sign up for a CMS, you need to understand that the hosting required may differ in terms of software requirements and ease of set up. Not every CMS will work with every type of programming language, especially where databases are concerned. You need to make some investigations about this before you enter into a long contract with your hosting company.

Can You Use The CMS For Marketing Campaigns?
CMS systems from companies like Siteglide feature complex and comprehensive tools for managing your marketing campaigns. For more information please refer to : http://www.siteglide.com. If you need the ability to send emails, monitor your results and manage secure areas and ecommerce, then you might be better signing up for a paid-for, enterprise style service.

Can You Migrate?
It shouldn’t be a huge issue, but it’s worth making some checks to determine if your current content can be easily migrated and organised on the new CMS. This could be a potential headache that leaves you with unacceptable amounts of downtime and chaos.

Choosing a CMS for your business is a process that requires some careful planning and consideration. Check the competition, weigh up the available options, and only make a decision after you’ve checked out all of the options.

Wendy Lin is a freelance writer who specialises in guest blogging. She is a CIO of 2 businesses and is also a watercolour painter.