Posts Tagged ‘computer’

NUML students outshine in Computer Software competitions

June 11th, 2014

A group comprising of three Computer Sciences students of National University of Modern Languages (NUML), outshined at a software competition which was organized by FAST-NU.

The group of students including Abdul Wali, Mehwish Hamid and Kanwal Rani developed a software “Text to Sign Language Interpreter” which is of great help for special people suffering from hearing and sight losses. The software developed by the student has ability to convert a soft form of the book into sign language.

Students displayed their software in NaSCon 14 at FAST which was highly appreciated in the competition and it won the 2nd position in the event. It is also pertinent to mention that same group has also won the ExciteCup Competition which was held in Muhammad Ali Jinnah University (MAJU).

Moreover, Farhan Sharif, another student of BS Computer Science developed a software as his final year project “Hidden SMS based communication using Text Steganography” to transmit hidden text in an SMS and secured the second position in software development competitions `Softcom’ which was held at GIKI and then in ExciteCup at MAJU.

The students said “these projects were supervised by their teacher Attaullah Ghafoor and it was his guidance which made us confident to participate such a highly competitive competition.

The participation and winning of the prize has not only added into their energies and confidence but it has also given them an insight that how actually software market and industry work.

The exposure has placed us on an advantaged position than others and we are now in position to perform better in the field of software development”, they added.

The students along with Dean Brig (R) Dr Muhammad Akbar and Head Assistant Professor Sajjad Haider of Faculty of IT and Computer Sciences met Rector NUML Maj Gen (R) Masood Hasan where he felicitated the students for their achievements saying it was moment of pride to see students performing well in their fields and carving a bright future under the guidance of their teachers. He also announced cash prizes and certificates for the students.


Computer security Tales from the TrueCrypt

June 6th, 2014

WHEN the about-to-be-former spy Edward Snowden leaked a huge cache of top-secret documents to the press in May 2013, it confirmed what computer-security researchers had long nervously joked about: that Western intelligence services, and especially America’s National Security Agency, are in the business of subtly nobbling the cryptographic software that secures computers all over the world.

Mr Snowden’s documents named many big hardware and software firms as working with the spies, including the likes of Microsoft, Apple and Intel. Fortunately for those with something to hide there are alternatives to big American firms. A popular one is TrueCrypt, a piece of software which lets its users scramble the contents of their computers in a way that means anyone who does not know the password will see only a stream of gibberish.

Or that is what it used to do. On May 29th TrueCrypt’s website was updated with a brief, cryptic message. It warned that “Using TrueCrypt is not secure as it may contain unfixed security issues”. A new version was released that was incapable of encrypting anything. It exists only to help users recover encrypted files.

The announcement caused plenty of raised eyebrows. TrueCrypt had been in development (by a group of anonymous programmers) for ten years and was popular with everyone from security-conscious lawyers to journalists with sources to protect and dissidents in countries where too much complaining can land you in prison or worse. It is open-source, meaning its code is freely available for anyone to look at. Mr Snowden’s revelations had boosted its popularity still further.

Curiouser and curiouser

TrueCrypt offered a short explanation: the end of Microsoft’s support for its ancient Windows XP operating system. Newer versions of Windows come with their own disk-encryption program, BitLocker, and the message recommends using that instead. But, as security researchers were quick to point out, this is a strange piece of advice. After Mr Snowden’s revelations, those with a serious need for TrueCrypt would be reluctant to trust BitLocker.

One theory is that TrueCrypt’s developers have simply been hacked, and that the message is a piece of mischief-making. But SourceForge, a repository for open-source software which hosts TrueCrypt, reported that it had noticed nothing unusual: “We see no indicator of account compromise; current usage is consistent with past usage.” Had they been hacked, the development team might have been expected to say so in public. But they have not.

Another, more paranoid interpretation is that the developers have been tapped on the shoulder by the Men in Black. That is what happened to LavaBit, an e-mail provider which promised to encrypt its users’ messages. Like TrueCrypt, it was used by Mr Snowden. It shut itself down in August after the American government came calling, demanding the site’s encryption key, which could be used to unscramble the e-mail of all its roughly 400,000 users. A gag order required that the firm’s founder, Ladar Levison, not tell anyone this was happening, something that Mr Levison resisted. If TrueCrypt has been similarly clobbered, the sudden shutdown might be designed to warn its users off.

Since TrueCrypt’s developers shun the limelight, no one can be sure. But Matthew Green, a cryptographer at Johns Hopkins University who is helping to co-ordinate a formal security audit of TrueCrypt, thinks the real explanation is more prosaic. He blames a mix of burnout and events, pointing out that, over the ten years of its development, what might have been a fun side project for a group of footloose 20-something programmers could well have turned into an unwelcome burden on their free time. “Then all of a sudden you have Glenn Greenwald [one of the journalists to whom Mr Snowden leaked his documents] using it to secure stuff with real national-security implications,” he says. “Not to mention people like me deciding to audit it—that’s when it’s no longer fun anymore.” Dr Green is in contact with someone claiming to be one of TrueCrypt’s developers, who confirms that story.

Yet even this explanation is not entirely satisfying. Why quit so abruptly, with so little warning? When developers of open-source software get bored, the reins are often taken up by others, but TrueCrypt has made no effort to organise something similar. (Dr Green hopes other programmers may nonetheless step in, though there may be legal complications.) And why give the questionable advice to move to BitLocker? Whatever the answer—and whether or not it eventually becomes public—the mystery is a neat illustration of the fallout from Mr Snowden’s revelations for the computer-security industry, which must now recalibrate its professional paranoia. Everyone agrees that a little more is sensible. Yet too much would be crippling.


This Software Glitch From The 1970s Could Suddenly Affect Every Computer On The Planet In 2038

May 23rd, 2014

Remember how panicked we all were about the Y2K crisis back in the year 2000? Everyone freaked out because computers only used two digits to represent a year in their internal clocks, so Jan. 1, 2000 would also be 1/1/00 – the same apparent date as Jan 1. 1900.

In 1999, this problem looked as if it might derail modern life, as computers reset themselves as if it were the beginning of the century and not the end.

Now there’s a new, even bigger global software coding fiasco looming: A huge amount of computer software could fail around the year 2038 because of issues with the way the code that runs them measures time.

Once again, just like in 1999/2000, every single piece of software and computer code on the planet must now be checked and updated again. That is not a trivial task.

In 2000, we bypassed the Y2K problem by recoding the software. All the software – a fantastically laborious retrospective global patch. Although Y2K was not a disaster, it was a massive disruption to the tech industry at the time. Virtually every company on the planet running any type of software had to locate their specific Y2K issue and hire someone to fix it. Ultimately, Y2K caused ordinary people very few problems – but that’s only because there was a huge expenditure of time and resources within the tech business.

The 2038 problem will affect software that uses what’s called a signed 32-bit integer for storing time. For those who aren’t well-versed in computer science, bits are how memory is stored; they are how computers save documents.

When a bunch of engineers developed the first UNIX computer operating system in the 1970s, they arbitrarily decided that time would be represented as a signed 32-bit integer (or number), and be measured as the number of milliseconds since 12:00:00 a.m. on January 1, 1970. (For instance, the value “919642718″ is 919,642,718 seconds past that date in the 1970s – or Sunday, February 21, 1999, at 19:18:38 ET.)

UNIX time coding has since been incorporated widely into any software or hardware system that needs to measure time.

This system makes a lot of sense when you need to see how much time has passed between two dates. The problem arises because 32 bit software can only measure a maximum value of 2,147,483,647 seconds. This is the biggest number you can represent using 32 bit system.

To understand this, consider that the biggest number you can represent with one digit is 9. The biggest number with two digits is 99. The number system we’re used to uses a base of 10. So two digits can represent all of the numbers up to 100, or (10 x 10)-1, which equals 99. And three digits can represent numbers up to 1000, or (10 x 10 x 10) -1 = 999.

The binary system that computers use works the same way, but with a binary base of two, instead of 10. So for a 32-bit system counting in binary base of two, the highest number it can represent is (2 to the power of 32) -1, which equals … 2,147,483,647.

On January 19, 2038 – 2,147,483,647 seconds after January 1, 1970 – these computer programs will exceed the maximum value of time expressable by a 32-bit system using a base 2 binary counting system, and any software that hasn’t been fixed will then wrap back around to zero, thinking that it’s 1970 again.

To learn more about this problem, we checked in with Jonathan Smith, a Computer and Information Science professor at the University of Pennsylvania.

According to Professor Smith, this is a real problem that will affect a specific subset of software that counts on a clock progressing positively.

“Most UNIX-based systems use a 32 bit clock that starts at the arbitrary date of 1/1/1970, so adding 68 years gives you a risk of overflow at 2038,” he explains. “Timers could stop working, scheduled reminders might not occur (e.g., calendar appointments), scheduled updates or backups might not occur, billing intervals might not be calculated correctly.”

Thankfully, though, the solution technically difficult. We just need to switch to higher bit values like 64 bits, which will give a higher maximum. In the last few years, more personal computers have made this shift, especially companies that have already needed to project time past 2038, like banks that need to deal with 30-year mortgages.

In reality, the 64-bit system just pushes off the problem to a later date when the new maximum is reached, but they do extend the maximum date to 292 billion years from now – which seems like a pretty good deal.

Apple claims that the iPhone 5S is the first 64-bit smartphone. But the 2038 problem applies to both hardware and software, so even if the 5S uses 64 bits, an alarm clock app on the phone needs to be updated as well. (If it’s using a 32-bit system in 2038 it will wake you up in 1970, so to speak.) So the issue more of a logistical problem than a technical one.

The problem does not seem too urgent – we have 24 years to fix it it! – but its scope is massive. To give you an idea of how slowly corporations can implement software updates, a majority of ATM cash machines were still running Windows XP, and thus vulnerable to hackers, until April of this year even though Microsoft discontinued the product in 2007.

And the Y2K fiasco suggests that the tech industry will, by and large, ignore the 2038 issue until it becomes too expensive not to – i.e. the very last minute.


Get Adobe Flash player