• As we discussed before,not handling checked exceptions would lead to compilation failures,unlike runtime exceptions
 public static void main(String[] args) {
        throw new Exception();
         }


This is CE (for here onwards,I'll refer it CE=compilation error:P )
  • Creating Exceptions,

 
  •   See throws clause as a filter (like we saw try - catch as nets ).They inform an exception may come.

 

  • Q)
public class ExceptionEg {
   
    static void A() throws Exception{
        System.out.print("A");
        throw new Exception();
    }
    static void B(){
        System.out.print("B");
        A();
        System.out.print("C");
    }
   

    public static void main(String[] args) {
        try {
            System.out.print("D");
            B();
            System.out.print("E");
           
        } catch (Exception e) {
            System.out.print("caught");
        }
       
    }
}


what would be the output?

Output would be D B A then CE.
So how can we avoid the CE? simply adding a filter (throws clause) at B method or putting a net (try - catch block) at  A or B methods.
  
  • What happens at method overriding then? Easy,two simple rules
If the superclass method does not declare an exception 
*   If the superclass method does not declare an exception, subclass overridden method cannot declare the checked exception but it can declare unchecked exception.  
If the superclass method declares an exception 
*   If the superclass method declares an exception, subclass overridden method can declare same, subclass exception or no exception but cannot declare parent exception. 


  •  You get an ExceptionInInitializerError if something goes wrong in the static initializer block.

    class C
    {
      static
      {
         // if something does wrong -> ExceptionInInitializerError
      }
    }
 So hope that this wraps up all the necessary important points that a java developer should know when it comes to exception handling :)





Even if you were following the correct steps of installing ubuntu along side with windows,there is a possibility that, at the installation type window, you are shown the whole hard disk instead of the hard drive with windows partition like the figure below.



 
  



or if you were trying to install only ubuntu,you may have warned that,
 


Then you are having this problem that I'm addressing here.

This happens mainly because if you had Windows 8,it is in UEFI mode with gpt partitions, and then if you are reinstalling like Windows 10 in BIOS boot mode,  Windows DOES NOT correctly convert from gpt to MBR(msdos). It leaves backup gpt table.  

The main problem here is even though you have some gpt left in your hard disk,if you check hard drive from windows (from disk manager's properties or from command prompt) it does not show you that.

 


Golden splendor of the moon,drawn on the night sky.
Stolen from the sun,but neither is he proud.
It is just the burning of his inner spirit into flames.


The curly waves that ocean wears,
a wonderful creation of moving breeze.
But  even the breeze is not the master of his helm.


Nothing can beat the smiling rose with her dark red wings.
Oh poor she! Her very own weapon has betrayed her.
Left her alone making her crying in a fading white dress.


Every corner,if looked closer,filled with reflections of that eternal truth.
Nothing lasts,not even the pain of losing.
When even the ‘ownership’ does not really  own a meaning,

Why bother? Why greedy?







GoogleDrive, OneDrive, Dropbox can be hacked without user’s passwords



You may most probably have heard of Man-in-the-Middle attacks where a malicious actor makes a cyber attack by inserting himself between the sender and receiver and gain access to their confidential and/or valuable data. While last couple of years, the giant enterprises of world got so shocked by  Man-in-the-Middle attacks,well,now they have something more to worry seriously about.
According to the latest research presented in Black Hat conference 2015,Las Vegas, Man-in-the-Cloud(MITC)  is the new type of cyber attack which gets access to cloud-based files, get this,even  without using any particular malicious code  or compromising the victim’s user name or password, thus making  it really difficult to detect.  If  it’s not explicit credentials  or Man-in-the-Middle, what is it?,you may be wondering. The magic wand is synchronization token. 
Let me explain how it happens,as per the  Black Hat conference .MITC attacks are driven on file synchronization services such as GoogleDrive, OneDrive, Dropbox, and Box as their infrastructure for command and control (C&C), data exfiltration, and remote access.File  synchronization allows the users to have the most updated copies of file repositories across the multiple devices.Service providers through a synchronized software installed at the user end,checks for changes made in the cloud hub and mirrored them locally in “sync folder” through a dedicated channel and vice versa. Authenticating to cloud is mostly done using a synchronized token by them which would not compromise the whole account but gives the ability to share with other collaborators through compromised token.
Now let’s see how the vulnerability of synchronization token open space for MITC attacks.

    ⦁ After the authentication process with explicit credentials,file synchronization does not require them again for any further operations since it’s done through synchronization token.

This machine independent token would be then stored in a file or a registry depending on the service provider.
The attacker creates an account and stores a synchronization token which represents attacker’s account in the victim’s machine’s appropriate place.


Then the needed token is copied to victim’s sync folder,so now the attacker has the token which is being synchronized with his created account
That is it, easy peasy! No middle-man thing ,No username,No password.
See,that is why it is hard to avoid MITC attacks or to trace them because no footprint is left as such,but just a simple code 
                                                                ⦁      to modify file
                                                                ⦁ to do a registry edit

Even though the thought of exposing your cloud based data to a state which can possibly be hacked would give you goosebumps, still a totally trusted solution cannot be recommended.An enterprise can use Cloud Access Security Broker (CASB) to monitor and detect an abnormal behavior in their file synchronization services.So it is finally if your dedication towards controlling access to synchronized file is highter,the security level would be higher,which on the other hand need not to be mentioned.

Next PostNewer Posts Previous PostOlder Posts Home