Anda di halaman 1dari 112








found on the

l, if
Note: Any ob

to u




for -bit co


st 20


, is

il: cd

Ins Intel-commputers


plex nature of In

nd should be
ed, a


VOlUME: 11 | ISSUE: 06

is a
Cat, for
ers em any
ding syst
chro ting s with
ed S pera come ts.
am ul o
de-npowerf releaserovem
ra 1 ble, anhe lates and im
Fe , sta se. T ature
fast day u w fe


` 100

Volume: 01 | Issue: 11 | Pages: 112 | August 2013

In c


Keep Hackers At Bay With

How To Create
Robust Linux
Your Network
With IPTables


` 100
$ 12
S$ 9.5
MYR 19

Save Your Data

With PhoneGap!

A Peek Into Open

Source Licences

What Makes Firebug

A Developers Delight?

9 770974 1 05001






Use Coffee Script to Write

Your Own Javascript


What Makes Firebug A Developer's Delight?


Save Your Data with PhoneGap

Secure Your PHP Application


Build Your Own Firewall

Using IPTables


Secure Your Network with

Firewall Builder


Analyse Your Network

Packets with LibPCAP


The Benefits of OpenSSH

38 Begin Your programming Journey with Go!

Set Up a Certificate
Authority in RHEL5

For YoU & me

Network Security:
An Exciting Challenge for
Modern-Day IT Admins

60 ipCop 2.0.6: The new Watchdog!

uirements: P4, 1GB RAM,
tem Req
d Sys


4 | August 2013

e rep

r a fre

material, if found


to us at fo
k pro


for Intel-compatible,
64-bit computers

August 2013

Fedora 19, code-named Schrodingers Cat, is a

fast, stable, and powerful operating system for
everyday use. The latest release comes with many
new features and improvemnts.

e-mail: cdteam@efyin

Fedora 19, code-named Schrodingers Cat, is a

fast, stable, and powerful operating system for
everyday use. The latest release comes with many
new features and improvemnts.

Installation DVD

CD Team

Installation DVD for Intel-compatible,

64-bit computers

intended, and sho

s un
c, i

he complex na
d to t




: An

A Peek into Open Source


et d


For any enquires, please contact



Rahul chopRa

Editorial, Subscriptions & Advertising

Delhi (hQ)
D-87/1, Okhla Industrial Area, Phase I, New Delhi 110020
Phone: (011) 26810602, 26810603; Fax: 26817563
Ms Jayashree
Ph: (080) 25260023; Fax: 25260394

Customer Care


08 You Said It...

10 Q&A Powered By
OSFY Facebook

12 New Products
16 Offers of the Month
18 Open Gadgets


Pal: The Man
79 Shubhodip
Who Added the Midas Touch
to the Micromax Brand



Back Issues
Kits n Spares
New Delhi 110020
Phone: (011) 26371661-2



Editorial Calendar

Saravana Anand
Mobile: 09916390422

Tips & Tricks

Gaurav Agarwal
Ph: (033) 22294788; Telefax: (033) 22650094
Mobile: 9891741114

We have doubled our
customer base every single
year since we started
Shashank Mehrotra, GM
and business head, BigRock
Revamp Your IT Career as a
Cloud Security Expert
HP Launches New
Servers for SMBs
Popular App Launchers at
Your Fingertips

open GUrUs



The Making of the SUSE

Brand in India

India has immense

under-utilised talent in the
cloud security space
Ritesh Sarvaiya, CEO,,
Learn How to Solve
Non-Linear Equations
with Linear Algebra

6 | August 2013

Saravana Anand
Mobile: 09916390422


Getting Started with the



Getting Started with

Haskell on Emacs

Ms Flory DSouza
Ph: (022) 24950047, 24928520; Fax: 24954278
Sandeep Shandilya; Ph: (022) 24950047, 24928520
Mihir Pathak
Ph: (079) 61344948
Ms Peggy Thay
Ph: +65-6836 2272; Fax: +65-6297 7302
UNiteD StAteS
Ms Veronique Lamarque, E & Tech Media
Phone: +1 860 536 6677
Ms Terry Qin, Power Pioneer Group Inc.
Ph: (86 755) 83729797; Fax: (86 21) 6455 2379
Mobile: (86) 13923802595, 18603055818
Leon Chen, J.K. Media
Taipei City
Ph: 886-2-87726780 ext.10; Fax: 886-2-87726787

Exclusive News-stand Distributor (India)

iBh BooKS AND mAGAziNeS DiStRiBUtoRS Pvt ltD
Arch No, 30, below Mahalaxmi Bridge, Mahalaxmi, Mumbai - 400034
Tel: 022- 40497401, 40497402, 40497474, 40497479, Fax: 40497434


Exploring Software: Extend

Wireless Router Capabilities
Using a Netbook or Laptop



Printed, published and owned by Ramesh Chopra. Printed at Tara Art Printers
Pvt Ltd, A-46,47, Sec-5, Noida, on 28th of the previous month, and published
from D-87/1, Okhla Industrial Area, Phase I, New Delhi 110020. Copyright
2013. All articles in this issue, except for interviews, verbatim quotes, or unless
otherwise explicitly mentioned, will be released under Creative Commons
Attribution-NonCommercial 3.0 Unported License a month after the date
of publication. Refer to
for a copy of the licence. Although every effort is made to ensure accuracy,
no responsibility whatsoever is taken for any loss due to publishing errors.
Articles that cannot be used are returned to the authors if accompanied by
a self-addressed and sufficiently stamped envelope. But no responsibility is
taken for any loss or delay in returning the material. Disputes, if any, will be
settled in a New Delhi court only.

SUBSCRIPTION RATES PeriodNews-stand price


A List Of Internet
Service Providers


You Pay




US$ 120

Kindly add ` 50/- for outside Delhi cheques.

Please send payments only in favour of EFY Enterprises Pvt Ltd.
Non-receipt of copies may be reported to support@efyindia.comdo
mention your subscription number.

On subscribing to OSFY
I am planning to subscribe to Open Source For You but I have
some queries. It would be great if you address them as early as
possible so that I can take a decision soon.
1) There is a discount of 50 per cent when you subscribe to
OSFY. Can you tell me if this is on magazines with or
without the DVD?
2) Can you explain your delivery process?
Praveen K L,
ED: Its good to hear that you plan on subscribing to our
magazine. Well, let me answer your queries, one by one.
1. Open Source For You always comes along with a DVD.
Under the 50 per cent discount scheme too, you will get the
magazine with an enclosed DVD.
2. Typically, we send the regular copies of Open Source For You
through INDIA POSTAL SERVICES. In case of non-receipt
of any issue, you can always inform us within 45 days of the
publication date.
Hope that answers your queries. Do feel free to contact us if
you have any other doubts.

OSFY introduced me to open source

I am a regular subscriber and avid reader of your magazine. I
would like to thank all of you for the wonderful magazine you
publish every month. Indeed, it was LFY (now OSFY) which
first introduced me to the world of FOSS and convinced me to
migrate to Linux.
Today, I wish to join the OSFY team in spreading the
message of open source. I have written an article entitled 'At Your
Fingertips' which is essentially a review and comparison of three
application launchersGNOME Do, Synapse and GNOME Pie.
I like to refer to this type of article as a 'Software Showdown'.
The article includes quotes from the developers and also hints at
the future form of application launchers.
If the article is not up to your magazine's high standards,

Share Your

please do let me know. I would greatly appreciate feedback from

such an experienced editorial team. Your suggestions will surely
help improve my open source advocacy.
Could you also clarify whether an OSFY author is expected to
write every month? My college will be commencing shortly and I
am unsure of how much time I can commit to OSFY. Further, how
much payment do OSFY authors receive for their articles? Thanks
once again for your informative and instructional magazine.
Tushar Bhargava,
ED: It feels great to know that OSFY has inspired you to become
a Linux user. Thanks for letting us know about this. We are also
pleased to hear that you have written an article for us. Well, there
is no compulsion that you have to write every month for OSFY. It's
completely your choice. If your article gets published, you get Rs 750
per page as an honorarium. Hope we have been able to answer your
questions. Please feel free to contact us if you have any other queries.
Note: Incidentally, Tushars article, At Your Fingertips, was
approved by the OSFY editorial team and appears in this issue.
Congrats, Tushar, for making the switch from tech enthusiast to
tech writer!
Content on OpenStack

Karthik Bhat: I need to know more about

OpenStack. Hope to read more information
on it in the forthcoming OSFY issues.
Open Source For You: Hi Karthik.
Thanks for writing in. We have included a lot on OpenStack. In fact, you
will find the articles in the OSFY July
2013 edition. Hope you like them.
Karthik Bhat: Thanks. Thats good
news indeed and I am excited about
buying the issue.

Please send your comments

or suggestions to:
The Editor
D-87/1, Okhla Industrial Area, Phase I,
New Delhi 110020, Phone: 011-26810601/02/03,
Fax: 011-26817563, Email:

8 | August 2013

Powered By

Vyas PS:

How can I install Linux within Windows XP? I need

Linux as a icon on my desktop. Please give the neccesory link for supporting software?
Like . comment

Evin Ugur: Install the free virtualisation program

virtual box, and obtain an image of your Linux
distro of choice. Mount that image, and open virtual
box and tell it to create a virtual machine of said
distro. From there you can customize the virtual
machine to have an icon on the host machine's
desktop/start menu/etc.
Rudra Patra:

Use VMware or Virtualbox.

Mandrita Neogi: Install VMware. Inside the

VM you can install any OS. But it is very slow.
However writing commands in the terminal won't
be an issue.
Cl Khn: Download virtual box and .iso of whichever Linux OS you want install.
Kevin Fitzpatrick: You can install Linux in windows.
You can run it on Windows using QEMU in a few
simple steps. See

Haresh N Latha: Use Ubuntu's WUBI app.

Shyam K Mondal:

In my PC that has Fedora, MySql is configured as

"startup MySql when system(OS) is startup"....Now I
have forgot the command "how to make auto-start?"
and "how to disable this feature?" So, please give me
command line statement for both.
Like . comment

Suman Goswami: 1.To check only MySQLd

[root@fedora ~]# chkconfig --list mysqld
mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@fedora ~]#
2. To make MySQLd auto start when you boot
your computer:
[root@fedora ~]# chkconfig --level 35 mysqld on
Note: Run Level 3 = Full multiuser mode with no
Run Level 5 = X11 or GUI mode
3. Use the chkconfig again to verify the changes:
[root@fedora ~]# chkconfig --list mysqld
mysqld 0:off 1:off 2:off 3:on 4:off 5:on 6:off
[root@fedora ~]
Riya Patankar: Try chkconfig to add MySQL to the
start automatically.

Rahul Ghose: You can use the more user-friendly

'Services' Gnome application or 'BUM' also known as


Jay Gan: Oracle virtual box

Utsav Rana: Install Virtualbox to install Linux, alter-

natively you can do a full installation of Ubuntu. Get

it from Burn the ISO file onto the
disc and boot from it. Ensure that the boot from the
DVD option is enabled to boot from disc.

Vyshakh Pv: Install VirtualBox on Windows, Install

Linux in VB... Make an icon on desktop. Launch
Linux with this icon.

Satyesh Tripathi: Download VMware and Linux

ISO file. Moreover, in Ubuntu you have a WUBI

application that installs Linux on Windows but not
on desktop..

Mohammad Adil: Any virtual desktop software

should work.

Image quality is poor as the photos have been directly taken from
10 | August 2013

Vinit Shandilya:

How can I make socket connection over the Internet

without port forwarding? I'm trying to establish
an HTTP connection between a client phone and a
server phone using basic socket model. The end
points may not reside in the same network. I know
GPRS network provides private IP addresses to client phones, so I can't use that IP address to bind to
server socket (which is also having a private IP address) unless the ISP provides a mapping of private
to public IP address mapping via eDNS (say, www. Is there any work around for this (of
course that doesn't involve paying to third party!)?
Please help!
Like . comment

Rahul Ghose: Check out dyndns (I think it is


Q&A Facebook
Praveen Klp:

Which Linux server is best for me? I need the given

below services DHCP, DNS, SSH, ADS.
Like . comment

Sushant Shambharkar: CentOS

Vadiraj Joish: Centos for sure.
Kevin Fitzpatrick: DSL was updated recently & it's

ISO is only 50 M & can run in windows with QEMU

& a few simple steps. has a 8-12 M ISO w/ GUI min
486 28 M
(might run in windows with QEMU) 65 M ISO runs from
RAM (thus fast, though the above might too).

Abhishek Verma: CentOS.

Alejandro Aguado Manchado: Zentyal is the most easy

Nick Jamison: Hey! I have heard that Android has

quite a few viruses/malware, while Linux has relatively few. How is this possible as Android is a form
of Linux?.
Spencer Allen: People root their phones, there's no need
to root a Linux desktop. People use untrusted binaries on their
phones, and get them from unapproved unmonitored app
repositories like 4shared. For the Linux desktop people mostly
stick to their distro's app repository.
People still don't think of their phones as computers. They just
don't make the connection so they never think to install antivirus
or a firewall BTW if you're looking for a good product to do that I
recommend avast. No you can run as root in Linux if you want,
it's still not advisable though. I think the biggest contributor to
malware on android phones is the fact that not all the software
available to it is free. Just the fact that you have to pay for it has
people looking for cracked versions, anyone who's spent time
gathering pirated software knows it's a game of Russian roulette.
You compound the issue with carriers getting overzealous with
what you can and can't install or can and can't replace on the
phone and you end up with people taking unnecessary chances
with their phones. If it wasn't for the carrier wanting to force their
customers to run crap like AT&T Maps the play store would have
a safe and trusted method of loading custom ROMS.

domain controler based in Linux.

Tshepo Terry Makwela: Ubuntu and then install

ClearOS to give out those services.

Nick Jamison: Thank you! That makes more sense. I don't run
my linux partition in root, but it will look into AV software. Isn't the
ability to root a major security flaw present in Linux?



We are emerging software development company

and training institute situated in the heart of Pune City


Training Division
Eaglet Linux System and Kernel Programming Track
Intel Assembly Programming on Linux and Protected
Mode features of Intel Processor
Advanced C [ANSI C+ GNU C extensions]
Linux System Programming
Linux Kernel Internals and Device Drivers
We are official training partners of Red Hat, Novell
and EC-council. We offer following courses

Network Administration Courses

Cisco Certified Network Administrator (CCNA)
Cisco Certified Network Professional (CCNP)
Cisco Certified Internetwork Expert (CCIE)

Linux Administration Courses

Red Hat Certified System Administrator. (RHCSA)
Red Hat Certified Engineer. (RHCE)
Red Hat Enterprise Virtualization.
Linux Troubleshooting

Network Security Courses

Commitment towards doing off-beat and

product oriented work in core areas such as
system development, openGL etc.
Maximum use of open-source technologies.
Very experienced and committed staff and
cooperative front team.
Situated at the heart of Pune city, with 3500 sq.
ft. floor spanned across two floors.

Certified Ethical Hacker (CEH)

Computer Hacking Forensic Investigation (CHFI)
Licensed Penetration Tester (LPT)
EC-Council Certified Security Analyst (ECSA)
Certified Network Defense Architect (CNDA)

Development Division
We have separate Research and Development lab equipped with state-of-the-art infrastructure and facilities.
Currently, RnD department is working on our own customized Linux distribution and GPU computing.

Connect to us :

Mobile : +918149088007, Phone : 020-65330007

e-mail :,
August 2013 | 11

new products
Now, wireless
routers from Intex!

Yes, you heard that right! Intex

Technologies, known for bringing
out an innovative range of tablets and
smartphones, has come out with two
new wireless routers. The wireless
router portfolio includes the W308R
and W316R that delivers wireless
speeds up to 300 MBps and 150
MBbps, respectively. The new range
of products provides 4x faster wireless
speeds and is backward compatible
with 802.11b/g devices. With this
launch, Intex Technologies is planning
to aggressively build its enterprise
business by expanding its networking
solutions portfolio. With Internet traffic
in India expected to grow six-fold by
2017, we at Intex are anticipating the
conditions and catering to the ever rising
demand for the Internet by offering
innovative networking solutions,
especially engineered to control the
traffic during peak hours to let users
enjoy continued connectivity. We aim to
target varied Internet user bases in the
country through our product strategy
and are aiming for a revenue of Rs 500
million from our networking solutions
business this fiscal year, said Vikram
Kalia, GM, Product Management, Intex
Technologies (India) Ltd.

Price: W316R: ` 1,200

W308R: ` 1,600

Address: Intex Technologies (India)

Limited, D-18/2, Okhla Industrial Area,
Phase II, New Delhi 110020; Ph:
+91 11 41610224/25/26; Email: info@; Website: http://

12 | august 2013

Get your hands on Xolo's quad-core smartphone

If you wish to wield the power of a quadcore processor in an affordable way, Xolo's
Q600 can be a good option. Priced at Rs
8,999, the smartphone features an 11.43
cm (4.5 inch) TFT FWVGA display and
runs on the latest Android 4.2 (Jelly
Bean). Powered by a 1.2 GHz quad core
processor, Xolo Q600 boasts of a 5 MP
rear camera and a 2000 mAh battery.
As we caught up with Sunil Raina,
business head, Xolo, he quipped, The
main aim of Xolo is to provide an array
of power-packed smartphones armed with
all features at various price points. Xolo
Q600 is a good example of the same.

Price: ` 8,999

Address: LAVA International Ltd,

A-56, Sector 64, Noida 201301;
Ph: 0-120-4637100; E-mail:;

Swingtel's TigerTab ups the stakes

in the smartphone slugfest
It's raining quad-cores this year!
Now, Swingtel, a Mumbai-based
company, has entered the fray and
launched a 1.2 GHz powered quadcore smartphone into the market.
The smartphone runs on Android
4.2.1 (Jelly Bean) and is armed
with features like voice unlocking,
3G video calling, changeable back
covers, 1080P HD video playback
and a powerful 2050 mAh battery.
Ajay Sharma, director, Technology
& Strategy, Swingtel, said, Our
products are synonymous with a
high dose of power and a premium
style quotient. Our latest innovation,
TigerTab, comes bundled with
stylish accessories and is aggressively priced. That's our way of saying 'Do
more, for less.

Price: ` 11,500

Address: Swingtel Communications Pvt Ltd, 15-16, Mistry Building, 3rd Floor,
635-637 J S S Road, Mumbai 400002; Ph: 022-2200 0123; E-mail: info@; Website:

new products

Check out this voice-calling tablet from Simmtronics

Budget tablets have been sprouting up all over the place and every
brand is doing its best to get an extra edge over others. Simmtronics's
latest calling tablet, the XPAD X-722, fits the bill. Priced at Rs 5,999,
the tablet runs on Android 4.0 (ICS) and is powered by a Cortex
A8, 1.0 GHz and 400 2D/3D processor. It has a 17.78-cm (7-inch)
capacitive multi-touch screen with a resolution of 800x 480 pixels.
Indrajit Sabharwal, managing director, Simmtronics, said, The
Simmtronics XPAD 722 is a tablet with a difference, promising a
fun-filled experience with the richness of its out-of-box features. The
tablet is designed with intricate features that make it a must-buy.

Price: ` 5,999

Address: Simmtronics Semiconductors Ltd, C-41, Okhla Phase-1, New Delhi 110020;
Ph: + 91 11 40570300; Email:; Website:

LG's Optimus G Pro to take on HTC One and Samsung Galaxy S4

LG has forayed into the high-end smartphone segment
(with prices ranging around Rs 40,000) with the launch of
the much-awaited Optimus G Pro. Priced at Rs 42,500,
the smartphone is competing against the likes of HTC One,
Samsung Galaxy S4, and Sony Xperia Z. Powered by a 1.7
GHz quad-core Qualcomm Snapdragon 600 processor and 2
GB RAM, the LG Optimus G Pro boasts of a 13.9 cm (5.5inch) 1080p HD display with a screen resolution of 1280 x
720 pixels. It has 32 GB built-in storage that is expandable
up to 64 GB via a microSD card, a 13 MP rear camera and a
2.1 MP front-facing camera.

Price: ` 42,500

Address: LG Electronics India, Plot Number 51, Udyog Vihar, Surajpur-Kasna Road, Greater Noida 201306;
Ph: 0120- 2560900; E-mail:; Website:

Kobian brings out an ultra-slim phablet

Kobian Pte Ltd, the company that owns the Mercury brand, has
unveiled its latest phablet the Mercury mTAB Lite. Priced at
Rs 6,000, the Mercury mTAB Lite sports a 17.78 cm (7-inch)
capacitive five point touchscreen. The device is powered by a 1
GHz Vimicro Cortex processor, 512 MB RAM and 4 GB of internal
storage, which is expandable by 32 GB via a memory card. It
runs on Android 4.0 (Ice Cream Sandwich) and is powered by a
2,700mAh battery. Sushmita Das, VP, Business, at Kobian Pte Ltd,
said, Be connected anytime, anywhere with Mercury mTAB Lite.
We at Kobian are focusing on introducing better models in the
phablet segment that will meet todays consumers demand pattern
for computing devices and better prices.

Price: ` 4,249

Address: Kobian Pte Ltd, No. 211/20, 11th Main, 16th Cross, Wilson Garden, Bengaluru 560027;
Email:; Ph: 080-32430234 / 32472234; Website:
14 | august 2013




Samsung Galaxy S4 Zoom

Samsung Galaxy S4 Mini

Gionee Elife E5

Karbonn Titanium S9




Android 4.2.2 aka Jelly Bean

Android 4.2.1 aka Jelly Bean


Android 4.2 aka Jelly Bean

Launch Date:

Launch Date:

Launch Date:

July 2013

July 2013

Launch Date:

July 2013




` 29,990

` 27,900


` 29,990



` 27,900

July 2013

` 19,990

` 19,990





10.9-cm (4.3 inch) qHD Super

AMOLED display touchscreen,
960540 pixels screen resolution, 1.5
GHz dual-core processor, 2,330 mAh battery, 16 MP rear and
1.9 MP front camera, 1.5 GB RAM, 8 GB internal memory (5GB
user memory), expandable up to 64 GB with microSD, 3G, WiFi

10.9-cm (4.3-inch) qHD Super AMOLED

display touchscreen, 960540 pixels
screen resolution, 1.7 GHz dual-core
processor, 1,900mAh battery, 8 MP rear and 1.9 MP HD
front-facing camera, 8 GB internal memory (5GB user
memory), expandable up to 64 GB with microSD, 3G, WiFi

Micromax Canvas 4

Swingtel TigerTab

` 19,990

Android 4.2 aka Jelly Bean



` 19,990

12.19-cm (4.8-inch)
HD Super AMOLED plus display touchcsreen,
1280720 pixels screen resolution, 1.5 GHz
quad-core MediaTek MT6589T processor, 16
GB internal memory, 3G, WiFi

13.9-cm (5.5-inch)
HD IPS touchscreen display, 1.2 GHz
quad core processor, 1 GB RAM, 2600
mAh battery, 1 GB RAM, 13 MP rear
and 5 MP front camera, 16 GB internal
memory, expandable up to 32 GB, 3G, WiFi

Xolo Q600

Celkon Signature One A107





Launch Date:

Launch Date:

Launch Date:

Launch Date:





Android 4.2.1 aka Jelly Bean

July 2013

July 2013
` 17,999

` 17,999

Android 4.2 aka Jelly Bean


` 11,900

` 11,500

5.0-inch HD touchscreen
display, 720x1280 pixels screen
resolution, 1.2GHz quad-core
processor, 2,000 mAH battery,13 MP rear and 5 MP front
camera, 1 GB RAM, 16 GB internal memory, expandable up
to 32 GB, 3G, WiFi

Android 4.2 aka Jelly Bean

4.7 inch touch screen display,

854 x 480 pixels screen resolution,
1 GB RAM, 1.2 GHz quad core processor, 5 MP rear camera, 4 GB internal
memory, expandable up to 32 GB, 3G, WiFi

` 8,749

` 8,749

11.43-cm (4.5-inch) FWVGA capacitive touch screen display, 854 480

pixels screen resolution, 1.2 GHz
quad-core processor, 512 MB RAM,
2000 mAh battery, 5 MP rear camera, 4 GB internal memory,
expandable up to 32 GB with micro SD, 3G, WiFi

Fly F351



Android 4.0

Android 2.3 aka Gingerbread

Launch Date:

Launch Date:

Launch Date:

July 2013

June 2013



July 2013

` 7,999

` 6,499



Lenovo K990

Android 4.2 aka Jelly Bean

` 4,599

` 32,999



` 4,599



Magicon UltraSmart
Q50 Magnus


Android 4.0
July 2013

July 2013



` 32,999

` 7,999

` 6,822


5-inch full touch Screen, 1 Ghz
dual core processor,2100 mAh battery, 8 MP rear camera with dual
LED Flash, 1.3 MP front camera,
512 MB RAM, 512 MB internal
memory, expandable up to 32 GB, WiFi

Samsung Galaxy Mega 6.3


Android 4.2 aka Jelly Bean

Launch Date:

June 2013

` 31,490

` 30,900


8.9-cm (3.5-inch) HVGA

display touchscreen, 1 GHz processor,
1200 mAh battery, 256 MB RAM, 3
MP rear camera, 512 MB internal
memory, expandable up to 32 GB

5.5-inch 1080p IPS capacitive

touchscreen display, 2 GHz dual-core
processor, 2 GB RAM, 13 MP rear and
2 MP front camera, 16 GB internal storage, expandable up to
64 GB, 3G, WiFi

6.3 inch capacitive

touchscreen, 720 x 1280 pixels
screen resolution, 1.7 GHz
dual-core processor, 3200 mAh
battery, 8 MP rear camera, 8 GB
internal memory, expandable up to 64 GB, 3G, WiFi

Sony Xperia ZR

Huawei Ascend Mate

iBall Andi 4.7G Cobalt

HTC Desire XC





Launch Date:

Launch Date:

11.7-cm (4.63-inch) with capacitive

touch screen display, 800 480 pixels
screen resolution, 1 GHz dual-core processor, 1650 mAh battery, 2
MP rear and 0.3 MP (VGA) front-facing camera, 512 MB RAM, 4 GB
of internal memory, expandable up to 32 GB with micro SD, 2G, WiFi

Android 4.1 aka Jelly Bean

Launch Date:

June 2013

` 30,990

` 27, 999


4.55 inch TFT capacitive touchscreen,720 x 1280 pixels screen
resolution,1.5 GHz quad-core
processor, 2300 mAh battery, 2 GB
RAM, 13.1 MP rear camera, 8 GB internal memory,
expandable up to 32 GB, 3G, WiFi

18 | August 2013

Android 4.1 aka Jelly Bean

Android 4.2 aka Jelly Bean

June 2013

June 2013


` 19,995


` 28,990

` 24,990



6.1 Inch LCD touchscreen, 1280 x 720
pixels screen resolution, 1.5 GHz quadcore processor, 4050 mAh battery, 8
MP rear and 1 MP front camera, 2 GB
RAM, 3G, WiFi

` 19,995
4.7-inch capacitive touchscreen, 720 X
1280 pixels screen resolution, 1.2GHz
quad-core processor, 2200 mAh
battery, 12 MP rear camera, 5 MP frontfacing camera, 16 GB internal memory,
expandable up to 32 GB via microSD card, 3G, WiFi

Android 4.0
Launch Date:

June 2013

` 18,299

` 16,249


4-inch WVGA Screen with LCD

display touchscreen, 1 GHz
dual-core processor, 768 MB, 5
MP rear camera, 4 GB internal
memory, expandable up to 32 GB via microSD, 3G, WiFi

Lemon Aspire A1

Samsung Galaxy Core



Android 4.1 aka Jelly Bean

Launch Date:

June 2013


` 15,999

Android 4.0

Android 4.1 aka Jelly Bean

Launch Date:

Launch Date:

June 2013

Launch Date:







4 inch WVGA display touch screen,

480 x 800 pixels screen resolution,
1 GHz processor, 512 MB RAM,
1650 mAH battery, 5 MP rear
camera, 4 GB internal memory,
expandable up to 32 GB, WiFi

12.7-cm (5-inch) IPS display

touchscreen, 1.2 GHz quad core
processor, 1 GB RAM, 2,000 mAh
battery, 5 MP rear camera, 4 GB
internal memory, expandable upto
32 GB, 3G, WiFi

` 15,690

` 14,999


` 15,199

5.3 inch capacitive touch screen,
960 540 pixels screen resolution,
1.2 G Hz processor, 2500 mAH battery, 8 MP rear and 2 MP front facing camera, 4 GB internal memory,
expandable up to 32 GB, 3G, Wifi


10.9-cm (4.3-inch) LCD capacitive
touch screen display, 800 x 480 pixels
screen resolution, 1.2 GHz dual-core
processor, 1800 mAh battery, -5 MP
rear and 0.3 MP (VGA) front camera, 1GB RAM, 8 GB internal
memory, expandable up to 64 GB with microSD, 3G, WiFi

Videocon A55HD

Micromax A92 Canvas Lite



Launch Date:

Launch Date:

Launch Date:









5.0-inch qHD capacitive

touchscreen, 1.2GHz quad-core
processor, 1GB RAM, 2,000mAh
battery,12-MP rear auto-focus
camera, 4 GB internal storage,
expandable up to 32 GB, 3G, Wifi

11.4-cm (4.5-inch) touchscreen

display, 480 x 854 pixels screen
resolution, 1.2 GHz quad-core
processor, 2,000 mAh battery, 512
MB of RAM, 5 MP rear camera with
LED Flash, 4 GB internal memory, expandable up to 32 GB via
microSD, 3G, WiFi

12.7-cm (5-inch) TFT capacitive

touch screen display, 480 X 854
pixels screen resolution, 1 GHz dualcore processor, 512 MB RAM, 2,000
mAH battery, 5 MP rear camera, 4
GB internal memory, expandable up to 32 GB, 3G, WiFi

Karbonn TA-Fone A34

Lava Iris 401e

Sony Xperia L

June 2013


` 11,690

` 13,499


5-inch OGS capacitive touchscreen
display, 1280 x 720 pixels screen
resolution, 1.2 GHz quad-core
processor, 1 GB RAM, 2000 mAh
battery, 8 MP rear camera, 4 GB internal memory, expandable
up to 32 GB, 3G, WiFi

LG Optimus L4 II


` 9,990

Gionee CTRL V4

Android 4.2 aka Jelly Bean

` 13,499

` 13,499


Launch Date:


` 13,990

Intex Aqua I-5

Android 4.2 aka Jelly Bean

June 2013

June 2013

` 14,999




Android 4.1 aka Jelly Bean

June 2013


Spice Coolpad Mi-515

HTC Desire U

` 11,690

Android 4.2 aka Jelly Bean

June 2013

June 2013

` 9,999
` 9,999

Android 4.1 aka Jelly Bean

` 8,499



` 8,499






Android 2.3

Android 4.1 aka Jelly Bean

Launch Date:

Launch Date:

Launch Date:

Launch Date:




Android 4.1 aka Jelly Bean

June 2013

June 2013

` 8,179

` 8,179

Android 4.0

` 7,290


3.8-inch IPS display touchscreen,
480x320 pixels screen resolution,
1 GHz processor, 1,700 mAh
battery, 512 MB RAM, 3 MP rear
camera with LED Flash, 4 GB internal memory, expandable
up to 32 GB, 3G, WiFi


` 7,290
17.7-cm (7-inch) capacitive
touch screen display, 1024 x 600
pixels screen resolution, 1 GHz
processor,3000 mAh battery, 2 MP rear and 0.3 MP (VGA) frontfacing camera,512 MB RAM, 4 GB internal memory, expandable
memory up to 32 GB, 2G, WiFi

June 2013
` 4,249

` 4,249

May 2013

` 19,990

` 18,990

4-inch capacitive touch screen

display, 480 x 800 pixels screen
resolution, 1 GHz processor,1500
mAh battery, 3 MP rear camera 256
MB RAM, 200 MB internal memory,
expandable up to 32 GB with microSD, 2G, WiFi

4.3 inch capacitive touchscreen,
1 GHz dual core processor, 1750
mAh battery, 8 MP rear and 0.3 MP
front camera, 8 GB internal memory,
expandable up to 32 GB, 3G, Wifi

Samsung Galaxy Win I8552

Samsung Galaxy Grand Quattro

Micromax A115 3D

WickedLeak Wammy Passion Z





Launch Date:

Launch Date:

Launch Date:

Launch Date:





Android 4.1 aka Jelly Bean

May 2013
` 19,850

Android 4.1 aka Jelly Bean

May 2013
` 19,850

Android 4.1 aka Jelly Bean

May 2013
` 14,990

` 17,900

` 16,570




4.7 inch TFT capacitive touchscreen,

480 x 800 pixels screen resolution,
1.2 GHz processor, 2000 mAh battery,
5 MP rear and 0.3 MP front camera, 8
GB internal memory, expandable up to
32 GB, 3G, Wifi

12.7 cm capacitive touchscreen,

1 GHz dual core processor, 2000
mAh battery, 5 MP rear and
0.3 MP front camera, 0.93 GB
internal memory, expandable up
to 32 GB, 3G, WiFi

4.7-inch TFT capacitive

touchscreen, 1.2 GHz quad core
processor, 2,000 mAH battery,
5 MP rear camera, 0.3 MP front
camera, 8 GB internal memory,
expandable up to 32 GB, 3G, Wifi

` 9,999

Android 4.2 aka Jelly Bean

May 2013
` 14,490

` 14,490
5-inch capacitive touchscreen display,
1920 X 1080 pixels screen resolution,
1.2 GHz processor, 2,500 mAh battery, 1 GB RAM, 12 MP rear camera, 2
MP front-facing camera, 4 GB internal
storage, expandable up to 64 GB via
microSD card, 3G, Wifi

August 2013 | 19

Samsung Galaxy Tab 3 311

iBall Slide 3G-9728

Lenovo Ideapad A1000

Simmtronics XPAD X-722





Android 4.2 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.0

Launch Date:

Launch Date:

Launch Date:

Launch Date:

July 2013

July 2013



` 15,000

` 25,725

` 25,725


8-inch WXGA TFT display
touchscreen, 1280 X 800
pixels screen resolution, 1.5GHz
dual-core processor, 4,450 mAh
battery, 1.5 GB RAM, 5 MP rear
camera, 32 GB internal storage, 3G, WiFi


` 15,000

July 2013

July 2013



` 6,999

` 8,980


24.6-cm (9.7-inch)
capacitive touchscreen, 1024 X 768 pixels screen
resolution, 1 GHz dual core processor, 5 MP rear
camera, 16 GB internal memory, expandable up to
32 GB, 3G, WiFi


` 8,980



` 6,999




7.0-inch 1080p capacitive

touch display, 1024 x 600 pixels
screen resolution, 1.2GHz dual
core processor, 3,500m Ah
battery1 GB RAM, 0.3 MP front camera, 4 GB internal

17.78-cm (7-inch) capacitive multi touch screen,

800 x 480 pixels screen resolution, 1 GHz processor, 3500 mAh battery, 2 MP rear and 0.3 MP front
camera, 4 GB internal memory, expandable up to
32 GB, 3G, WiFi

Huawei MediaPad 10 Link

HCL ME Tablet Connect 2G 2.0


Sony Xperia Tablet Z





Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Launch Date:

Launch Date:

Launch Date:

Launch Date:

June 2013

` 24,990

` 24,990
10.1 inch capacitive
touchscreen, 1280 x 800
pixels screen resolution,
1.2 GHz quad core processor, 6600 mAh battery, 3 MP
rear camera, 16 GB internal memory, expandable up
to 32 GB, 3G, Wifi

June 2013

` 8,499

` 8,499
7-inch capacitive touch
screen display, 800 x 480
pixels screen resolution, 1 GHz
processor, 3800 mAh battery,
2 MP rear camera, 4GB internal storage, 32GB expandable with microSD, 2G, 3G (via USB dongle), Wi-Fi

June 2013

May 2013



` 8,499

` 46,990



` 8,199

` 42,990



7-inch capacitive touch screen

display, 800 x 480 pixels screen
resolution, 1 GHz processor,3800 mAh battery,2 MP rear camera, 4 GB internal
memory, expandable up to 32 GB, 3G, WiFi

10.1-inch full-HD display

touchscreen, 1.5 GHz quadcore processor, 6,000 mAH
battery,8-MP rear camera, 2
GB RAM, 16 GB internal memory, expandable up to
64 GB, 3G, WiFi

Samsung Galaxy Note 510

Zync Quad 10.1

Simmtronics XPAD XQ1

Croma CRXT 1134





Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Launch Date:

Launch Date:

Launch Date:

Launch Date:

May 2013

May 2013

May 2013

May 2013





` 30,900

` 14,990

` 13,999

` 6,990





` 30,900

` 14,990

` 13,999

` 6,990





8 inch (WXGA) TFT touchscreen,

1280 x 800 pixels screen resolution, 4,600 mAh battery,1.6 GHz
quad core processor, 5 MP rear
camera, 1.3 MP front camera, 16/ 32GB internal memory,
expandable up to 64 GB via microSD, 3G, Wifi

10 inch full HD display, 1920

1200 pixels screen resolution,
1.5 GHz quad-core processor,
5 MP rear camera, 2 MP front camera, 16 GB internal
memory, expandable up to 32 GB via microSD, 3G, WiFi

10.1-inch HD capacitive
touchscreen, 1 GHz quad core
processor, 2 MP rear and 0.3
MP front camera, 4-in-1 multiple video viewing, 2 GB
DDR3 RAM, 16 GB internal memory, 3G, Wifi

7 inch capacitive touchscreen,

1024 x 600 pixels screen
resolution, 1 GHz processor,
3400 mAH battery, 512 MB RAM, 8 MP rear and 2
MP front camera, 4 GB internal memory, Wifi

Swipe Telecom Halo Speed

Asus Fonepad

Intex I Buddy Connect

Celkon CT 888





Android 4.1

Android 4.1 aka Jelly Bean

Android 4.0

Android 4.0

Launch Date:

Launch Date:

Launch Date:

Launch Date:

May 2013

April 2013

April 2013

April 2013





` 6,990

` 15,999

` 9,990

` 8,990





` 6,990

` 15,999

` 9,990

` 7,999





17.7-cm (7-inch) HD display

tablet with 5 Point HD capacitive multi- touchscreen, 800 x 480 pixels screen resolution, 1.5 GHz processor, 3000 mAh battery, 2 MP rear and
0.3 MP front camera, 4 GB internal memory, expandable
up to 32 GB,3G, WiFi

17.7-cm (7-inch) IPS display,

1280 800 pixels screen
resolution, 1.2 GHz processor,1
GB RAM, 3 MP rear and 1.2 MP
front camera, 8/16 GB internal
storage options available and microSD card slot, 3G, WiFi

17.8-cm (7 inches)
touchscreen, 1 GHz Dual core processor,1GB RAM, 2
MP rear and 0.3 MP secondary camera, 3000 mAh
battery, 4 GB internal mempry, expandable up to 32
GB, 3G, Wifi

7 inch capacitive touchscreen,

1024 x 600 pixels screen
resolution, 1.2 GHz dual core
processor, 3500 mAh battery,
2 MP rear camera, 512 MB RAM, 4 GB internal
memory, expandable up to 32 GB, 3G, Wifi

20 | August 2013

Karbonn Smart Tab

Android 4.0
Launch Date:

April 2013

` 7,990

` 7,290
7-inch capacitive touch screen,
800 x 480 pixels screen resolution, 1 GHz processor, 512 MB RAM, 3000 mAh battery, 2
MP rear camrea, 0.3 MP (VGA) front-camera, 4 GB internal
memory, expandable memory up to 32 GB, 3G, Wifi

Salora Fontab

Videocon VT75C

WishTel IRA Capsule




Android 4.1 aka Jelly Bean

Launch Date:

April 2013

` 6,890

` 6,890
7 inch LCD capacitive touchscreen, 1024 x 600 pixels
screen resolution, 1.5 GHz
processor,3500 mAh battery,
2 MP rear and 0.3 MP secondary camera,
memory expandable up to 32 GB, 3G, Wifi

Android 4.1 aka Jelly Bean

Android 4.1

Launch Date:

Launch Date:

April 2013

March 2013



` 6,499

` 16,000



` 5,990

` 16,000



17.7-cm (7-inch) display

touchscreen, 1600 x 1200
pixels screen resolution, 1
GHz processor, 512 MB RAM,
3,000 mAh battery, 2 MP rear and 0.3 MP front-facing camera,
4 GB internal memory, expandable memory up to 32 GB, 3G
via dongle, WiFi

10.1 inch LED multi touch capacitive touchscreen,

1024 x 786 pixels screen resolution, 1.6 GHz dual core
processor, 1GB RAM, 8000 mAH battery, 5 MP rear
and 0.3 MP front camera, expandable memory up to
32 GB, 3G, Wifi

iBall Edu-Slide

Zync Quad 9.7

Zync Quad 8.0

Lava E-Tab Connect



Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean



Launch Date:

Launch Date:

March 2013

March 2013



` 14,999

` 13,990



` 12,999

` 13,990



25.6-cm (10.1-inch) touchscreen, 1280 x 800 pixels

screen resolution, 1.5 GHz dual-core processor, 1 GB
RAM, 2 MP rear and VGA front-facing camera, 8 GB
internal storage, 3G, Wifi

9.7-inch screen with an

LED-backlit Super HD IPS
touchscreen, 2048 x 1536
pixels screen resolution,
1.5 GHz processor, 2 GB RAM, 8,000 mAh battery, 5 MP rear
camera, 2 MP front camera, 16 GB internal memory, expandable up to 32 GB, 3G, WiFi

Android 4.1 aka Jelly Bean

Android 4.1 aka Jelly Bean

Launch Date:

Launch Date:

March 2013

` 12,990

March 2013

` 9,499



` 12,990

` 9,499



8-inch capacitive touchscreen, 1024 x 768 pixels screen resolution, 1.5

GHz processor, 2 GB RAM, 5800 mAh battery, 5
MP rear camera, 2 MP front camera, 16 GB internal
memory, expandable up to 32 GB, 3G, WiFi

7-inch screen with WVGA

capacitive touchscreen, 2. 1
GHz Qualcomm processor,
512MB RAM, 3,000 mAh battery, 2 MP rear camera, 4 GB
internal storage, expandable
up to 32 GB, 3G, Wifi

Swipe Halo

Salora Protab HD

Salora Protab

Datawind Ubislate 7C+ Edge





Android 4.0

Android 4.0

Launch Date:

Launch Date:

March 2013

March 2013



` 6,199

` 5,999



Android 4.1 aka Jelly Bean

Launch Date:

March 2013

` 6,990

Android 4.1 aka Jelly Bean

Launch Date:

March 2013

` 6,599

` 6,990

` 5,499



17.7-cm (7-inch) TFT LCD multitouch capacitive touchscreen,

1.5 GHz processor, 512 MB
RAM, 3,400 mAh battery, 2
MP rear camera, 0.3 MP front
camera, 2G, WiFi

7 inch LCD capacitive touchscreen, 1024 x 600 pixels

screen resolution, 1.2 GHz processor, 1 GB RAM, 0.3 MP
front camera, 3200 mAh battery, 4 GB internal memory,
expandable up to 32 GB, 3G, WiFi

Simmtronics XPad X1010


Android 4.0
Launch Date:

February 2013

` 8,399

` 8,399
10.1-inch capacitive
touchscreen, 1024 x 600
pixels screen resolution, 1.2
GHz processor, 5,600mAh
battery, 0.3MP front-facing camera, 8 GB internal memory,
expandable up to 32 GB, 3G, Wifi

` 4,999

` 5,999



7 inch LCD capacitive touchscreen, 480 x 800 pixels

screen resolution, 1.5 GHz processor, 0.3MP frontfacing camera for video calling, 512 MB RAM, 3200
mAh battery, 4GB internal memory, expandable up to
32 GB, 3G, WiFi

7 inch capacitive touchscreen,

800 x 480 pixels screen
resolution, 1 GHz processor,
512MB RAM, VGA secondary
camera, 4 GB internal memory, expandable memory up to
32 GB, 2G, Wifi

Dell Vostro 2520

Acer Gateway NE56R

Ambrane Mini




Launch Date:

Launch Date:

Launch Date:


` 33500


` 22,699





` 27499

` 20800

` 5,034

Specification: 15.6 inch HD WLED Anti-Glare Display,

Specification: 15.6 inch TFT LCD display screen,

Specification: 7 inches TFT capacitive

January 2013

1366 x 768 pixels screen resolution, Core i3 (2nd Generation) processor, 2 GB DDR3 memory, expandable up to 8
GB, Intel HD Graphics 3000, 500 GB hard disk capacity,
2.36 kg weight.

December 2012

1366 x 768 pixels screen resolution, 2.1 GHz Intel Pentium

processor, 2 GB memory, expandable up to 8 GB, DVD
SuperMulti Drive with dual layer support, 500 GB hard disk
storage capacity, 2.6 kg weight

Android 4.0
November 2012
` 5,499

touch screen, 800 x 480 pixel screen resolution,

1.2 GHz processor, 3000 mAh battery,
Built-in 0.3 MP camera, WiFi

August 2013 | 21

Powered by

Fedora 19 released

The second major release of the Fedora Linux project, Fedora 19, has been released.
The Red Hat-sponsored project has been released seven months after the Fedora
Linux 18 and offers several new
features for server administrators.
The latest version first made
its appearance in the end of
May, giving a sneak peek into
the world of Fedora 19. The
features list is an impressive one
with new Federated VoIP, highavailability features, advanced
firewall security and the latest PHP 5.5 stack.
Now that Fedora 19 has been released, developers will now focus on the
development of Fedora 20, said Robyn Bergeron, Fedora project leader.

Aakash 4 to run on
Android and Linux

Aakash 4 specifications are finally

out, and the Indian government
has officially made a statement on
how it plans to bring out the next
generation of the Aakash tablet
series. Aakash I was a success in
the Indian tablet market but the
follow-ups, Aakash II and III, made
headlines for all the wrong reasons.

Linux Mint 15 Xfce released

Linux has often been touted as the

choice for anyone who doesnt
like Microsofts user interface
and, more importantly, doesnt
like paying the company for
every subscription. Linux Mint
is one popular OS, which offers
a standard distribution with the
Cinnamon or MATE desktop.
The latest to hit the market is
the Linux Mint Xfce desktop distribution, after what appears to be a long delay.
This delay was earlier attributed partly to the fact that although it has been
derived from Ubuntu, the desktops werent actually derived from the Xubuntu
(Xfce) or Kubuntu (KDE) distributions. But, in fact, they were created by the
developers at Linux Mint, based on the latest Mint release.
However, the live/installer image does not seem to be UEFI-boot compatible,
and the user will have to enable legacy boot support to get the live USB image to
work. The Linux Mint 15 Xfce desktop is based on Xfce version 4.10, and works
well with Graeme Gotts Whisker Menu application launcher.

Linus Torvalds brings out Linux Kernel 3.11 RC1

Linus Torvalds has just brought out the first release candidate in the 3.11 branch of
the Linux kernel, which is immediately available for download.
The latest branch of the Linux kernel 3.11 has arrived pretty soon and, as
Linus Torvalds has pointed out, this is actually a very small update compared to
the corresponding 3.10 release, and a lot of changes and improvements have been
pushed into the next version of the Linux kernel. Linus Torvalds mentioned in his
official announcement, This merge window was smaller in terms of the number
of commits, than the 3.10 merge window, but we actually have more new lines.
Most of that seems to be in staginga full third of all changes by linecount is stagingand merging in Lustre is the bulk of that. Lets see how that
all turns out; I have to say that we dont have a great track record on merging
filesystems through staging, he added.
22 | august 2013

While its pretty certain

that the upcoming tablet will
be an improvement in terms of
hardware, the biggest news is that
it will be based on a dual-boot
platform, i.e., Android and Linux
(through a microSD card). The
tablet computers, produced by
MHRD, were conceptualised as a
very low cost device with 17.78cm (7-inch) touchscreen displays
based on Android.

A new logo for Motorola


To all those waiting to hear about

Motorola Mobility ever since
it was acquired by Google, the
most interesting news is the new
brand logo.
Unlike the previous thick and
italic font style, the new logo has
a thinner and softer look. The core
M remains, but it now has more
colours added to it. And it comes
with a Google company tagline.
The previous change to the
logo came when it split from
Motorola Solutions. Back then,
the company tweaked the M from
monochrome to a bright red colour.


Jelly Bean finally

surpasses Android

The last report released by Google

indicated that while Jelly Bean was
growing, it still could not overtake
Android 2.3 (Gingerbread) in terms
of adoption. The latest news from
Google, however, states that Android
4.2 (Jelly Bean) and Android 4.1 (also
Jelly Bean) are not only growing at a
steady pace, but have also surpassed
Android 2.3 (Gingerbread).
Jelly Bean is the only version
that is growing; Androids Ice Cream
Sandwich has lost market share.
Coming to the actual break
down37.9 per cent of Android users
are using Jelly Bean, 23.3 per cent
have devices powered by ICS, 0.1
per cent are on Honeycomb, 34.1 are
stuck with Gingerbread, and 3.1 per
cent, unfortunately, still have Froyo.

Now book train tickets with

Cleartrips Android App!
Getting a train ticket was never so
easy. After IRCTC's SMS ticket
booking service, Cleartrip has
further ironed out the train ticket
booking process for travellers.
Cleartrip has launched the upgraded
version of its Android app, which
not only comes with improvised
features, but also offers support for
train ticket booking as well.
The Cleartrip Android app
version 3.0, as it is known, is
available on Google Play. The app
allows users to search and book
for tickets with Indian Railways.
It also helps in checking for the
PNR status of the waitlisted tickets.
As is the case with the Cleartrip
website, users need to connect their
IRCTC account with their Cleartrip
account on the app to book their
train tickets. The updated Android
app of Cleartrip comes with some
important bug fixes as well.

24 | august 2013

GNOME 3.9.4 has a photos app, and improves Wayland support

GNOME announced that its latest preview release 3.9.4 is out for those who like
to experiment and be brave with codes. The newest release comes with some new
and exciting updates. The GNOME 3.9.4 is the latest development in the 3.9 series,
while GNOME 3.10 is now due in September.
The update brings improvements to Clutter GNOMEs desktop compositor
and also improves compatibility with the Wayland back-end, which is supposed to
offer improved GUI scaling based on the DPI of your screen.
The biggest star among the updates released is the new photos app. The
GNOME Photos 3.9.4 now allows users to access photos from the Flickr online
photo management and sharing Web app, supports pushing images to DLNA
renderers, and supports rubber band selection.
The following core components were updated in GNOME 3.9.4: GTK+,
Glib2, Gvfs, Clutter, Mutter, Glib Networking, GNOME Calculator, GNOME
Contacts, GNOME Disk Utility, GNOME Online Accounts, GNOME Screenshot,
GNOME Shell, GNOME Terminal, Vino, VTE, Cogl, Folks, GJS, Gmime, Pango,
GtkSourceView, and GObject introspection.

Dropbox launches new syncing options; crosses

175 million users

Dropbox, the file-sharing provider, recently announced a platform that is capable

of syncing almost anything on the cloud. The
announcement came at the companys first developer
press conference held at San Francisco. According to
tech experts, the highlight of the event was that the
companys current user base stands at 175 million.
The company itself was started by Drew Houton
and Arash Ferdowsi in an apartment. The duo
launched the service for the first time in 2008it is
now available across platforms that include Windows,
Apple, Mac OSX, Linux and BlackBerry.
The company also touched another major milestone in 2012, crossing the
100 million mark, with users across all platforms. Noteworthy is the fact that
Dropbox has seen an escalation of over 75 per cent within a year, which is no
mean feat by any standards.

Linux kernel 3.10 arrives!

It just took nine weeks of development and the latest Linux version, Linux kernel
3.10, is out. Although the latest Linux
kernel has been released after a brief delay,
it promises significant improvements over
the previous versions. Along with a lot of
improved features, the latest Linux offers
a lot for the users of solidstate storage
devices and AMD graphics hardware.
Apart from the usual bug fixes in the Linux kernel 3.9 version, the latest
version brings along support for the 'bcache' block-layer cache. This allows a
fast solidstate drive to be used as a cache for a larger, slower mechanical drive.
'bcache' has been designed as an alternative to 'dm-cache', which is present in
Linux 3.9, and it works for individual blocks rather than whole files. This boosts
the performance of over file-level solutions, and allows users to set up their own
hybrid storage devices rather quickly.

Linux kernel 3.10 also offers interfaces that can help in controlling the Unified
Video Decoder (UVD) portion of AMD graphics processing units (APUs). UVD was
previously available only for the use of AMD's closed-source proprietary driver
but the new kernel will also have an open source driver to shunt video through UVD.
Linux Kernel 3.10 even has support for AMD's latest Richland APUs.

Developers find Firefox OS most compelling: Survey

Android and iOS are no more the centre of attention! With so many new
smartphone operating systems being announced, it is evident that developers are
shifting focus (and interest) to the newer platforms that can possibly shake up the
stranglehold that Android and iOS have on the market. According to a survey,
developers view Firefox OS as the most promising and compelling among the new
OSs announced, like Tizen and BlackBerry 10.
This finding emerged in the course of a survey conducted by IDC and crossplatform tool vendor Appcelerator. Almost 6,046 Appcelerator Titanium developers
were questioned as part of this survey. Developers were asked how they viewed
Firefox OS, Tizen and Ubuntu. Of these, the Firefox OS won hands down!
Michael King, director of enterprise strategy at Appcelerator said, I was
down in Brazil about a month ago and there was massive interest in Firefox OS.
Everybody came to talk to me about Firefox OS.
Out of all the participants, around 25 per cent said they were interested in Firefox
OS, 19 per cent voted for Ubuntu OS and 9 per cent showed interest in Tizen OS.


Linux Mint 16 'Petra' set for November release

Clement Lefebvre, the head developer of Linux

Mint, has announced that the next version of the
distribution will be code-named Petra and it is
scheduled to be released at the end of November
this year. The 19th release of the distribution,
Linux Mint 16, will be based on Ubuntu 13.10,
and the developers are planning to publish editions with the Cinnamon, MATE,
KDE and Xfce desktops.
In the meantime, the Linux Mint project has also made release candidates
available for the KDE and Xfce editions of Linux Mint 15, which is code-named
Olivia. Like the main edition of Linux Mint 15, which was published at the end of
May, these are based on Ubuntu 13.04 and use version 3.8 of the Linux kernel.

A palm-sized Linux-ready computer

Here comes another Linux-ready computer for enthusiasts! Artila Electronics

has announced the release of Matrix-505 ARM9, which is powered by an Atmel
AT91SAM9G45 400MHz SoC, 128MB DDR2 SDRAM and 128 NAND Flash
with Linux 2.6.38 pre-installed.
A fault resilient booting function is implemented
by using a backup Linux file system in the DataFlash,
which boots up Matrix-505 automatically in case the
primary NAND Flash fails. The Matrix-505 integrates
two 10/100 MBps Ethernet, four high-speed RS-232/485
serial ports, two USB hosts and a microSD socket into a
palm-sized metal box. The DIN-Rail and wall-mounting
capabilities also make Matrix-505s onsite installation
flexible, the press release states.
The Matrix-505 has been designed with simplicity
august 2013 | 25


First open source

supercomputer, Parallella,
shares its source code

One thing we all know is that the

world of open source software
is vast and varied. Think of any
software and you can easily find a
FOSS alternative! But we wonder
if the same is true with open
source hardware. A while back, a
new hardware project inspired by
Raspberry Pi and Arduino, called the
Parallella project, was kick-started
with the promise to create a cheap,
reliable supercomputer for all, and
the team behind it promised that they
would use open source hardware. The
project campaign has now come to
an end and the group has successfully
fulfilled its promise by publishing the
hardware sources for the first version
of the Parallella board on Github.
The most astonishing feature of
the device is that in spite of being a
powerful computer, the whole system
consumes just 5 watts of electricity.
Based on the reports, while in use, the
64-core version of Parallella provides
enough processing power to compete
with a 45 GHz CPU.

Now, a Linux pen that

does a spell-check,
improves handwriting

Have you ever wanted a pen that could

tell you about your spelling mistakes
just like the word processor on your
computer? Presenting Lernstift
(German for learning pen) a
Linux-based smart pen that helps users
correct spelling mistakes and improve
their handwriting as well.
Though there are other smart pens
on the market like Livescribe, Lernstift
is extraordinary because it doesnt
need special paper and allows you to
change pen tipsincluding a fountain
pen module, a ballpoint module, and
also a pencil module. You can preorder the gadget through Kickstarter
and expect it by December this year.
26 | august 2013

in mind and its rock-solid performance makes remote device monitoring

straightforward and dependable.

Now, convert household objects into drones

Drones are known as outstanding machines

that fly with a level of accuracy and
silencea characteristic that makes them
both beautiful as well as dangerous. A
Dutch independent artist and programming
hobbyist, Jasper Van Loenen, has designed
a thin, stainless-steel briefcase that can fly
any household item with just a few turns
of the screw. The Drone It Yourself kit
introduced by Loenen comprises four motors and a CPU control kit that can be
fixed on any household object, and then it has the ability to fly like an Unmanned
Aerial Vehicle (UAV).
The kit was designed using a 3D printer and contains a small bill of materials.
The Drone It Yourself system runs on an OpenPilot flight controller, which
makes the entire kit completely open source and free. You need not use soldering
or heavy machinery to create the components listed. Also, no technical knowhow
is needed to implement it. The kit is based on a simple vice mechanism and can
work with anything that it can grab. As a result, you get flying objects of all
shapes and sizes, but with differing flight complexity.

A Raspberry Pi-powered robot that will make your coffee

Now scientists in Japan have made it possible for you to have a personal robot to
do what you tell it tolike getting you that
cup of coffee. Christened Rapiro, this is a
humanoid robot which can be programmed
to carry out various commands.
The kit itself was first created by a
Japanese company to function as a
catalyst between robotics and Raspberry
Pi. The robot is the size of an average
credit-card and works on Raspberry Pi.
Users can program it to carry out various tasks including managing a personal
calendar, keeping track of the weather and, of course, making coffee.
Interestingly, it is easy for potential buyers to customise the offering based on
their requirements. However, one would have to be familiar with the technology,
which is pretty advanced.

Microsoft to open source WCF RIA Services

Microsoft will be handing over its WCF RIA Services to the Outercurve
Foundation as an open source project. This service will help in developing n-tier
solutions for Rich Internet Applications (RIA), specifically those that employ
Microsoft's Silverlight. Originally founded by Microsoft, the open source
organisation will manage Open RIA Services as part of its ASP.NET Open
Source Gallery. This gallery is already home to various projects including NuGet,
Orchard, DotNetOpenAuth and
Microsoft has been working on the transfer process for some time and
aims to complete the process by this summer. A website has already been
created on Codeplex, which is a hosting platform for open source projects by

Microsoft. Along with other open source projects that comprise ASP.NET MVC,
ASP.NET Web API, ASP.NET Web Pages, Windows Azure SDK and ADO.NET
Entity Framework, Microsoft is believed to have licensed the new project under
the Apache 2.0 licence.

A new energy management controller based on Linux

Canada-based 'Check-It Solutions' has created a Linux-based appliance to control

and monitor the automation and energy management of residential and commercial
buildings. The appliance, which is called CG-300 Controller, is powered by a
1.2GHz Marvell Armada 300.
The device offers Ethernet, ZigBee, Z-Wave and optional LTE. It is
available for sale as part of the Energy Management Starter Kit, which includes
smartphone accessible Web-portal services, Energy Star benchmarking and a
Dent metering device.
The CG-300 has been created to recover data from different locations.
According to Check-It Solutions, It can operate as a standalone controller in
commercial or residential buildings, or it can communicate with existing building
automation systems via protocols, including BACnet or Modbus, to centralise
monitoring information or control functions.
The device comes with 512 MB of DDR3 RAM, 1 GB of SLC NAND flash, a
gigabit Ethernet port, and dual USB ports. The devices internal SLC NAND flash
provides 'high write endurance. A CG-300c model also offers a 4G LTE/HSPA radio.

An Android app for the paralysed

Its the 21st century and there is an app for

everythingfrom managing your TV to getting
your car fixed. The latest to join the line is an app
that has been developed by a student of the Indian
Institute of Technology, Gandhinagar (IIT-Gn)
and is aimed at doing a bit of social good.
The app is for Android users and provides
people paralysed below the neck with greater
freedom of movement. Pritesh Sankhe, a final
year electrical engineering student, is the
developer of the app. In making the app, he
says, he has tried to fuse the technology of robotics and the simplicity of mobile
phones on the Android operating system. Although the application is still in the
development stage, according to Sankhe, there is a possibility that it will soon be
developed and workable for those confined to a wheelchair.
"Smartphones are everywhere nowadays and people are using them
innovatively. Efforts have been made to improve human-robot interaction but, at
the moment, the best example of this is maybe an on-board computer for paralysed
people. How about shrinking the computer to the size of a smartphone and
employing it for day-to-day tasks?" said Sankhe.
Sankhe says that he worked closely under the tutelage of Prof Uttama
Lahiri, who is also his guide. He started work on the framework of the app,
bearing in mind the fact that its users wouldnt be able to move their limbs but
would, in all likelihood, be able to control the app through slight movements
of the head and the neck. "We placed a bright-coloured object on the user's
forehead that can be easily identified by the smartphone camera. Then, we wrote
a software that would track the blob's movements and replicate it to command
the wheelchair," Sankhe said.

Convert Android apps

into Glass apps with

Have you been following the progress

of Glass apps but feel they still lag
behind in the apps field? As we all
know, while Glass is an Android
device, it is not designed to run
Android apps the way they run on
an Android smartphone. But did you
know that Glass users can still enjoy
the goodness of Android apps on
Glass, without compromising too much
on its quality? Heres introducing
GlassBridge, which, in simple terms,
converts your Android apps into Glass
apps. It takes native Android apps and
Bookmarks, and allows you to place
them in the Timeline UI, working
pretty much like Glass.
With the continuing growth of
the Glass Explorer program, users
are fast exploring new ways to use
the Glass hardware. With apps like
GlassBridge, many questions that were
left unanswered by Google are now
being solved. Google had announced,
right in the beginning, that it would be
releasing the API, which could be used
by developers to deliver interesting apps.
Glass is still very limited and has
nothing even remotely similar in the
market. According to a Geek report, the
recent update offered a Glass-friendly
browser, with the ability to look at
most websites, but the lack of a proper
bookmarking system or the ability to
log in to anything, left the experience
somewhat incomplete, until now.
Coming to the flip side,
GlassBridge is pretty vulnerable
at this stage, but that does not
undermine its scope for exploring
various possibilities. Primarily, users
are making use of the Android Debug
Bridge to load an app, which then
syncs with a Glassware app, thereby
allowing a more Glass-friendly set of
controls at the time of launching apps
and bookmarks.

august 2013 | 27


Let's Try

Build Your Own Firewall Using IPTables

A firewall monitors the incoming and outgoing traffic flow in the computer network
such that every packet that enters or leaves the network has to pass through it. Based
on the header information, a set of policies is verified and suitable action is taken
on the packet, with the firewall either allowing authorised traffic to enter/leave the
network or blocking unauthorised packets.

PTables is the firewall used on the Linux platform.

Prior to IPTables, IPfwadm and IPChains were among
the most popular Linux firewalls. They had certain
imperfections, which were fixed, resulting in a new product
from the Netfilter organisation called IPTables.
IPTables is a faster and more secure alternative to IPChains
and IPfwadm. RedHat and Fedora Linux have made IPTables
their default pre-installed firewall package.

Packet processing in IPTables

Every packet passes through a series of built-in queues called

Tables for processing. Each table is associated with a certain
packet activity and is handled by a filtering chain where
firewall policies can be placed.
Basically, there are four tables.
Filter table: This is associated with packet filtering.
NAT (Network Address Translation) table: This is
responsible for alternating the source and/or destination
28 | August 2013

IP address (applicable in case more than one network

interface is enabled).
Mangle table: This is a combination of a filter and
NAT table, and it is related to the modification of the
Quality of Service bits in the TCP header.
Raw table: This is associated with those packets that
are not traced.
The Filter table is the default table and has three inbuilt chains.
The Input chain controls traffic entering/destined for
the system.
The Forward chain controls traffic travelling/being
routed through the system.
The Output chain controls traffic leaving or
originating from the system.
The NAT table has three in-built chains.
The Prerouting chain is used to NAT packets after
changing their destination address.

Let's Try
The Output chain handles packets that are departing
from the system.
The Postrouting chain is used to NAT packets after
changing their source addresses.
The Mangle table contains five chains. These are:
Prerouting chain, Output chain, Input chain, Forward
chain, and Postrouting chain.
The Raw table contains two chains: Prerouting chain
and Output chain.

Configuring IPTables

To enlist previously configured rules, use the following syntax:

Private Network



Public Network

Figure 1: Basic network architecture

sudo iptables -L -t filter
sudo iptables -L tmangle
sudo iptables -L -t raw.

To insert new rule(s) in a table, use the following syntax:

sudo iptables -L -t <table_name>

Here, -L=> list and -t => target table.

This command will enlist all the rules under the targeted
Lets take an example:
sudo iptables -L -t nat

In the above command, the target table is the NAT table,

so it will enlist all the rules configured under this table. The
following commands will hold good for Filter, Mangle and
Raw tables:

sudo iptables -I <target_chain> <rule_position> -t <target_

table> <YOUR_RULE> -j <action_name>

Here, -I => insert a rule in target chain, and -j => jump on

any one of the following actions:
Drop: Discards the packet silently without reporting to
the user.
Reject: Discards the packet and sends an ICMP error
message to the user.
Accept: Accepts the packet.
sudo iptables -I INPUT 2 -t filter -s -j DROP

August 2013 | 29


Let's Try

Here, -s => source IP address of the packet.

The above command will insert a rule to the input chain
of the filter table at the second position. This rule will reject
all the packets coming from the IP address
To append a rule to a table, use this syntax:
sudo iptables -A <target_chain> -t <target_table> <YOUR_RULE>
j <action_name>

Here, -A=> add/append. The rule is added at the bottom of

target chain.
To give an example:
sudo iptables -A INPUT -t filter -d -j REJECT

Here, -d => destination IP address of the packet.

The above command will add an entry at the end of an
input chain of the filter table. This rule will block all the
packets going to
To delete a rule, use this syntax:
sudo iptables -D <target_chain> <rule_position> -t <target

Here, -D => delete.

As an example:

To block all protocols from, change the
protocol name from tcp to all.
To block a TCP service, the TCP port name/port number
associated with that TCP service needs to be mentioned in the
command, which will open/close that port for communication.
As an example:
sudo iptables -A INPUT -t filter -s -p tcp --dport
22 -j REJECT

Here, --dport => destination port.

The above command will close TCP port 22, which offers
the SSH (Secure Shell) service. So, all the packets coming
from, seeking the SSH service from the host,
will be rejected.

Saving the rules

Whenever rules are created, they are saved into the volatile
memory of the system. If a system is restarted, all the IPTables
rules may get flushed unless they are saved. So, it is necessary
to save all the rules in order to make them permanent.
The commands used to save IPTables rules vary with
different Linux distributions.
For CentOS and Fedora, the command is:
/etc/init.d/iptables save

sudo iptables -D INPUT 3 -t filter

The above command will remove the third rule from the
input chain of the filter table.
To flush/delete all the rules, use the syntax given below:

For Ubuntu, use:

iptables-save> /etc/iptables.rules

For all other distributions, use:

sudo iptables -F -t <target_table>

iptables-save> /etc/sysconfig/iptables

Here, -F =>flush/remove all rules.

To give an example:
sudo iptables -F t filter

The above command will flush all the rules from the
filter table.
To block a protocol, use the following syntax:
sudo iptables -A <target_chain> -t <target_table> -p
<protocol_name> -j REJECT

Here, -p => protocol name.

As an example:
sudo iptables -A INPUT -t filter -s -p tcp -j

The above command will discard all TCP packets arriving

30 | August 2013

With each system restart, these commands will invoke all

previously saved IPTables rules.


Firewalls are a crucial component of any computer network,

but they are never adequate. One should not rely only on
firewalls that deal with security issues like corrupted packets
and network intrusions. Regular data backups, secure
password policies, and restricted public access to servers will
also safeguard your network. Hopefully, this article will help
you to create your own firewall using IPTables that will protect
your system against malignant attacks.
By: Mandar Shinde
The author is pursuing M Tech in Electronics Engineering and
working on a project titled "Flexible networking using OpenFlow".
His interests mainly include Linux and networking. He can be
reached at

How To


Use CoffeeScript

To Write Your JavaScript

JavaScript has become the lingua franca of the Web and has gained a lot of popularity
in recent years. Many frameworks and technologies have been inspired by JavaScript,
and it now powers most websites. CoffeeScript helps you to produce JavaScript,
without actually writing too much code.

ven though JavaScript is a powerful language, it has

a few drawbacks such as the structural programming
style. JavaScript has been populated with braces and
semicolons in its source script, which produces a lot of coding
for simple tasks.
CoffeeScript, on the other hand, is a language that
compiles into JavaScript. The underlying idea for
CoffeeScript is JUST JavaScript!'. CoffeeScript enables
you to produce the JavaScript without writing as much
code as you have done previously with JavaScript.

The history of CoffeeScript

CoffeeScript originated on December 13, 2009. Jeremy

Ashkenas released CoffeeScript 0.1.0 with documentation and
a compiler written in Ruby.
On February 21, 2010, CoffeeScript 0.5.0 was released.

This time the compiler was replaced by the compiler written

in CoffeeScript itself.
February 25, 2013, saw CoffeeScript 1.5.0, which was a
significant release supporting Literate Programming.
Dropbox announced on September 13, 2012, that its
browser side codebase replaced JavaScript with CoffeeScript.

Installing CoffeeScript

To install CoffeeScript on your Linux machine, first install

npm (node package manager) on your machine and run the
following command in a terminal:
sudo apt-get install npm

Once you are done with the installation of npm, it's time to
install CoffeeScript.
AUGUST 2013 | 31


How To

Please enter the following command in your terminal:

npm install -g coffee-script

After that, issue the following command using the

coffee -v

It will show you the version of CoffeeScript installed.

Why CoffeeScript is good for you

There are plenty of other languages out there, so what makes

CoffeeScript the 11th most popular language in Github? Why
should you consider learning CoffeeScript? Those were exactly
the questions I asked when I first heard about CoffeeScript.
Keep in mind that the sole purpose of CoffeeScript is
to produce efficient JavaScript, without writing much code.
CoffeeScript also focuses on highlighting all the good aspects
of JavaScript with simple syntax.
Since CoffeeScript has been inspired by Python, Ruby and
Haskell, it adopted the syntax and coding style from them,
which makes it very unique and powerful. Also, CoffeeScript
produces one-third the amount of script that the original
JavaScript does. This means you can write a typical Hello
world' program in a single line, whereas in JavaScript you
have to write three lines. So now you can enjoy the simplicity
of Ruby with the power of JavaScript.
CoffeeScript might come in handy when you're familiar
with the basics of JavaScript, because only the syntax is
different. But JavaScript is at the core of CoffeeScript, so it is
advisable to learn the basics of JavaScript first.

Your first sip of CoffeeScript

Let's start with something small a Hello world' programme

will suffice for now. Open your favourite text editor and type
the following line:
console.log 'Hello, World'

Save the document with the extension, then

go to terminal, and change to the directory where the above
script is stored. Run the above script in the terminal by issuing
the following command:

You will see the greeting in your terminal. Now let us

examine how to convert this CoffeeScript into its equivalent
in JavaScript.
Type the following command in your terminal:
coffee -c
32 | AUGUST 2013

The flag -c stands for compile, which means it is

compiling your CoffeeScript to JavaScript. You will find a
hello.js file in the same directory you're in. When you open
that JavaScript file, it will show you the compiled JavaScript:
(function() {
console.log('Hello, world');

There are several other useful options available for your

CoffeeScript, but I'd like to focus on two options that could be
a great help to you when you're working with CoffeeScript.
The option -p shows the compiled JavaScript on your
terminal once you're done with writing your CoffeeScript.
This could be useful when you want to peek into the desired
JavaScript on the terminal but not on the separate JavaScript
file, so that you don't populate your directory with a lot of
files, unless you're satisfied with the desired output.
The option -w stands for watch, which allows you to
keep an eye on things when you're making changes to your
script. When you combine the -c (compile) option with w as
-cw, CoffeeScript runs in the background and recompiles the
source script as soon as you make changes. You don't have
to manually recompile every time you make changes in your
script. CoffeeScript will take care of it for you.


Another interesting feature of CoffeeScript is REPL (ReadEvaluate-Print-Loop). Similar to Ruby's irb (interactive ruby),
when you run CoffeeScript without any arguments in your
terminal, the prompt changes to something like this:

You can invoke the same by using the following options:

coffee -i

Or if you want something else, you can use:

coffee interactive

This feature will be extremely useful when you want to

evaluate something on the fly. If you want to deal with some
expression whose output you are not so sure of, you could use
it on the REPL and see what the actual output is.

Running CoffeeScript in your browser

CoffeeScript is capable of running anywhere JavaScript runs,

which includes your browser!
Yes, you can run your CoffeeScript directly on the
browser without compiling it to JavaScript, but first

How To


you have to include the CoffeeScript compiler on your

Web page. You can download the compiler from the
CoffeeScript website.
Now let us look at how to use CoffeeScript in your Web
page. Open your text editor and type the following code:
<meta charset="utf-8">
<script src="coffee-script.js" type="text/javascript"></
<script type="text/CoffeeScript">
name = prompt "What is your First Name?"
name2= prompt "What is your last Name?"
fullname=name + name2
alert "Hello, #{fullname}"

Please note that in the 7th line, I've included the

CoffeeScript compiler in the coding. Now save this file in
your Web server and run it. You will see that CoffeeScript
runs in your browser.

The advantages of CoffeeScript

CoffeeScript has numerous advantages over JavaScript. I am

pointing out a few important ones here.
1. Very little coding is involved when programming in
CoffeeScript, as compared to JavaScript.
2. All the good features of JavaScript are present in
3. You don't have to debug any } in your script.
4. You can use any existing JavaScript library seamlessly
with CoffeeScript.
5. With the proper use of whitespace you can make your
script more readable as well as maintainable.

The disadvantages of CoffeeScript

CoffeeScript has only a few disadvantages. When you're

Figure 1: CoffeeScript in action

using CoffeeScript, there's an additional compilation step

involved in the process, but Jeremy Ashkenas says that the
CoffeeScript team is trying to mitigate this in the future.
Another limitation is that there are only a few resources
available for this language, but when you want to learn
CoffeeScript, the website is a great place
to start. You can find many examples and also resources
available for CoffeeScript.

The final word

CoffeeScript is targeted at JavaScript programmers. Its sole

purpose is to remove all the rough edges from JavaScript
and provide a smooth way of programming in JavaScript.
CoffeeScript can be fairly simple to programmers who
began with JavaScript and also to the people who are
from a Python and Ruby background. But those who have
a background in C or Java might feel a little different.
Still, CoffeeScript is definitely worth a shot for every
programmer. Now, programming in JavaScript has an easy
way and a hard way - the choice is yours.

[1] 1.
[3] CoffeeScript: Accelerated JavaScript Development
by Trevor Burnham

K Magimai Prakash
The author has completed a B.E. in Computer Science. As he
is deeply interested in Linux, he spends most of his leisure time
exploring open source.


TechnoMail - Enterprise Email Server Anti SPAM,
Anti Virus, Email Content Filtering
Firewall, Internet Access Control Content Filtering, Site Blocking
Bandwidth Management System
Managed Email Hosting Solutions

1, Vikas Permises, 11 Bank Street,

Fort Mumbai, India-400 001,
Mobile: 09167399917.

AUGUST 2013 | 33

Classifieds for Linux & Open Source IT Training Institutes
IPSR Solutions Ltd.



Linux Lab (empowering linux mastery)

Courses Offered: Enterprise Linux
& VMware

*astTECS Academy
Courses Offered: Basic Asterisk Course,
Advanced Asterisk Course, Free PBX
Course, Vici Dial Administration Course

Courses Offered: RHCE, RHCVA,

Produced Highest number of
Red Hat professionals
in the world

Address (HQ): 1176, 12th B Main,

HAL 2nd Stage, Indiranagar,
Bangalore - 560008, India
Contact Person: Lt. Col. Shaju N. T.
Contact No.: +91-9611192237

Address (HQ): Merchant's

Association Building, M.L. Road,
Kottayam - 686001,
Kerala, India
Contact Person: Benila Mendus
Contact No.: +91-9447294635
Branch(es): Kochi, Kozhikode,
Thrissur, Trivandrum

Advantage Pro
Courses Offered: RHCSS, RHCVA,
RHCE, PHP, Perl, Python, Ruby, Ajax,
A prominent player in Open Source

Linux Learning Centre

Courses Offered: Linux OS Admin
& Security Courses for Migration,
Courses for Developers, RHCE,

Address (HQ): 1 & 2 , 4th Floor,

Jhaver Plaza, 1A Nungambakkam
High Road, Chennai - 600 034, India
Contact Person: Ms. Rema
Contact No.: +91-9840982185

Address (HQ): 635, 6th Main Road,

Bangalore - 560 019, India
Contact Person: Mr. Ramesh Kumar
Contact No.: +91-80-22428538,
26780762, 65680048 /
+91-9845057731, 9449857731
Branch(es): Bangalore

Address (HQ): 1104, D Gold House,

Nr. Bharat Petrol Pump, Ghyaneshwer
Paduka Chowk, FC Road, Shivajinagar
Pune-411 005
Contact Person: Mr.Bhavesh M. Nayani
Contact No.: +020 60602277,
+91 8793342945
Branch(es): coming soon
Linux Training & Certification
Courses Offered: RHCSA,
NCLA, NCLP, Linux Basics,
Shell Scripting,
(Coming soon) MySQL
Address (HQ): 104B Instant Plaza,
Behind Nagrik Stores,
Near Ashok Cinema,
Thane Station West - 400601,
Maharashtra, India
Contact Person: Ms. Swati Farde
Contact No.: +91-22-25379116/

Courses Offered: RHCE,RHCSS,RHCVA,
Address (HQ): GRRASLinuxTrainingand
Contact Person: Mr.AkhileshJain
Contact No.: +91-141-3136868/
Branch(es): Nagpur,Pune

Duestor Technologies
Courses Offered: Solaris, AIX,
RHEL, HP UX, SAN Administration
(Netapp, EMC, HDS, HP),
Virtualisation(VMWare, Citrix, OVM),
Cloud Computing, Enterprise
Address (H.Q.): 2-88, 1st floor,
Sai Nagar Colony, Chaitanyapuri,
Hyderabad - 060
Contact Person: Mr. Amit
Contact Number(s): +91-9030450039,
E-mail id(s):

Eastern Region
Academy of Engineering and
Management (AEM)
Courses Offered: RHCE, RHCVA,
RHCSS,Clustering & Storage,
Advanced Linux, Shell
Scripting, CCNA, MCITP, A+, N+
Address (HQ): North Kolkata, 2/80
Dumdum Road, Near Dumdum
Metro Station, 1st & 2nd Floor,
Kolkata - 700074
Contact Person: Mr. Tuhin Sinha
Contact No.: +91-9830075018,
Branch(es): North & South Kolkata

Open Source Breathes Life into Robots,

Thermostats, and even E-Waste!
The wide range of devices being built using open platforms and development boards
is phenomenal. From a cute robot that can serve coffee to a project that aims to convert
e-waste into educational toys, there are a lot of open source-based innovations happening
around the world. Some of these are for kicks, while others improve the lives of many; but all
are inspiring, as we see month after month. So, here is another set of awesome innovations to
mull over and maybe even contribute to.

Smart thermostat for the Internet of Things era

Tado is a smart Internet-connected thermostat that eliminates

knobs, buttons and even displays from the thermostat
structureit is simply a smooth, smart box that connects
with a smartphone application. It connects to your heating
system using its old thermostat or through the wiring itself,
and enables you to control it through the intuitive smartphone
app. The name Tado is derived from the Japanese greetings
tadaima and okaeri, which mean "I'm back home" and
"Welcome home." True to its name, Tado knows when
someone enters or leaves a room, and automatically turns the
A/C on or off, accordingly. By connecting to the Internet,
Tado adjusts the indoor climate based on weather forecasts,
user behaviour, and the individual buildings characteristics.
According to a pilot study by the company, Tado is able to
save up to 30 per cent on air conditioning related power bills.
The Open Twist: Tado connects to the Internet using
Thingsquare Mist. The Thingsquare platform, developed by
Adam Dunkels of Contiki fame, basically gives everyday
objects a unique identity and connects them to smartphone
apps, so that they become part of the Internet of Things
(IoT). A device maker just needs to add a programmable
wireless chip that runs the Contiki-based, IPv6-compatible,

open source firmware called Thingsquare Mist. The

wireless chip and the Thingsquare firmware securely
connect the device to the Thingsquare cloud backend server.
The cloud backend provides an API for smartphone apps.
Thingsquare works with a range of wireless chips from
several different chip manufacturers, and also supports
different types of wireless radios. With the cloud-based,
easy-to-use development platform, developers can come up
with a range of applications to put the connected device to
good use! In a company press release, Tado co-founder and
CTO Johannes Schwarz claims, By choosing Thingsquare
Mist, we were able to develop an Internet-connected
product within a surprisingly short period of time. Internetconnectivity is at the heart of our product and our customers
value hassle-free installation, something that Thingsquare
Mist helped us bring to our system."

Automate your environment, very easily
WigWag is a simple solution that helps you build intelligent
environments without any complicated networking or
programming. You just need to write the rules in a simple
when x happens, then do y format, using an app that works
on smartphones and tablets, and WigWag will do the rest. For
instance, you can set up a security system that notifies you when
there is movement outside your door by pairing a sensor unit
with the app, and saying when motion; then notify phone.
You can set up any number of rules, to automate any number of
devices, at any number of locations (even remote). You can also
share your rules with friends who are visiting for the weekend,
so they also feel at home with the automated devices in your
houseor they can alter the rules to suit their own convenience!
The WigWag solution comprises three devices: the
sensor, relay and Glowline. The WigWag relay connects
WigWag and third-party devices to the companys cloud
service, which allows the connected devices to interact
August 2013 | 35

with many Internet services such as email, Dropbox and
Twitter. It also makes your sensors work together, so they
and the rules they activate, are smarter.
The WigWag sensor block is a universal sensor device
with eight environmental sensors, four control features,
and two expansion ports. It can measure light; detect
motion, sound, temperature, humidity, movement, and
contact closure (to set up trip-wires). You can also use the
extension ports to add more devices, like garden monitors,
for instance. The WigWag Glowline is a long LED strip
with a power supply that may be used for ambient lighting
or for detecting light and motion.

To pair a WigWag device with the app, you just need to

scan its QR code with your phone. WigWag also works with a
lot of other devices from other manufacturers like Phillips and
Belkin. It is also compatible with Raspberry Pi and Arduino,
so geeks can do a lot with it! There are different packages
available which include some or all of the devices, as you
may want to skip one of these and make use of something you
already have, or mix-and-match with other devices.
The Open Twist: Since much of WigWags hardware
and software are open source, developers can go deep into
it. WigWag hardware devices are based on Contiki, the open
source operating system for the IoT. The rules built with the
WigWag app actually generate Javascript; by tweaking this,
developers can make the system follow many more rules
than the pre-programmed ones. Most of the platform is also
extensible via Javascript, thanks to DeviceJS, an open source
runtime for executing Javascript built by the WigWag team. It
is built on Google V8 and Node.js. DeviceJS ties Javascript to
the physical world, by providing hooks for protocols like IP,
6loWPAN, Bluetooth, Zigbee, RS-232, and devices such as the
Belkin WeMo and Phillips Hue light bulbs. Using DeviceJS,
developers can easily make WigWag talk to any device.
The developer kits also include Arduino and Raspberry
Pi shields, so you can use WigWag to add Internetconnectivity to a wide range of hardware projects.
36 | August 2013

Around the shipping date in November 2013, software

for the Arduino and Raspberry Pi development boards
will be available on Github, and hardware designs for the
development kits will be provided.

Converting e-waste into educational toys
MIT Media Labs researcher Dhairya Dand was pained by the
amount of e-waste he saw at a landfill in Phnom Penh. He
was even more upset by the living conditions of the families
that migrated from villages to work at these landfills, heavy
with the stench of lead and asbestos. And amongst them were
children, even younger than 10 years, who did not find school
fun! As an engineer and designer, Dand set about thinking of
how he could convert the keyboards and mice thrown away
at such landfills into interesting learning tools that would
motivate the children of families working there, to learn. He
launched ThinkerToys, a project that aims to use money from
CSR funds to produce sub US$ 5 kits that can be distributed
to the kids at landfills. These kits simply need to be plugged
into keyboards, speakers or mice found at the landfills, to
make interesting learning tools.
The Open Twist: Dand has currently designed four toys.
Keyano converts old keyboards into pianos; Randomath is a
small kit with an LED screen, which transforms a keyboard
into a math puzzle generator that kids can use to learn
addition and subtraction; Storynory, when plugged into a
speaker or headphones, delivers beautiful stories in local
languages; and TV++ is a power-packed minicomputer that
connects to any old television. All four prototypes are made
using Arduino, with off-the-shelf standard components, and
can be put together at a very low cost. They are open source,
and the community is welcome to improve the designs or
even develop new toys. The final products will also remain
open source, made from SMD components.

Dand demonstrates his work at expos and exhibitions

hoping to garner more support from engineers,
entrepreneurs, etc, to make his dream a reality. You can
visit the OpenToys community at

An open source approach to robotics
Shota Ishiwatari, a Japanese robot maker, has come up with
Rapiro, a low-cost, customisable, programmable Raspberry
Pi-based humanoid robot that can be put to personal use
or for science and technology learning in schools. Rapiro,
according to the maker, costs just a quarter of current
aesthetic robot kits, and one-tenth the price of current Linuxpowered humanoid robot kits. Rapiro has 12 servo motors,
which enable it to walk, turn around the waist and neck, and
handle even fine movements like gripping a pen. But all you
need is a screwdriver and a little time to assemble it.
Rapiro is voice-activated. It can be controlled by
the owners voice, or with a mobile phone or gaming
handset. It can also be connected to the Internet, and notify
you of emails, Facebook messages, etc. It can even be
programmed to safeguard your home or water your plants
when you are away!

The Open Twist: Rapiro comes with a total of 12

specially-designed servo motors, one for its neck, one in
the waist, four for the two feet, and the final six for its
two arms. The torque of the six servos in the neck, waist
and two feet, is 2.5 kgf-cm. The torque of the six servos
in the two arms is 1.5 kgf-cm. Both have operating speeds
of 0.12 sec/60. Both have maximum angles of 180. The
servo control board is programmable and is completely
compatible with the Arduino. Technically, Rapiro can work
with or without a Raspberry Pi, but it is the Pi that adds
all the josh to it, so it is better to fit one in! The design
allows the Raspberry Pi and camera module to be mounted
on the head. PSD distance sensors and speakers can also
be mounted. Once Shota Ishiwataris Kickstarter goal is
achieved, there are plans to publish the sample code and
3D data openly for community customisation.

Sixth Sense
Pranav Mistrys SixthSense is an interesting wearable
gesture computing technology, which involves converting
natural hand movements into digital information, to interact

with computer systems. The SixthSense prototype comprises

a pocket projector, a mirror and a camera. The hardware
components are coupled in a pendant-like device, and
connected to the mobile computing device in the users
pocket. The projector projects visual information enabling
surfaces, walls and physical objects around us to be used
as interfaces; while the camera recognises and tracks the
user's hand gestures and physical objects using computervision based techniques. The software program processes
the video stream data captured by the camera, and tracks
the locations and movements of the coloured markers at the
tip of the users fingers. This information is interpreted into
gestures, which in turn act as instructions to an application.
SixthSense supports multi-touch and multi-user interaction.
The Open Twist: SixthSense is open source. Its hardware
specifications and software code are available at http://code. licensed under the General Public
License (GPL) v3. It is evident from the forum that people
are interested in the project for learning and developmental
purposes. They are also helping make it better.
SixthSense can also be used for commercial purposes
with permission and appropriate licences for the end
product. Mistry, an MIT Media Lab researcher, explained
in an earlier EFY Times interview: I come from India, an
area where till a few years back the notion of technological
advances has always been associated with the western
world; to advances aimed at making the life of the western
world better and better. But if you observe, life in the
western world is good already and we need to break this
model. It is the two-thirds other world that needs the
technological advances so that the life of people in these
countries becomes better. While I could have made more
money if I had sold the technology to a big company, I
believe I will get more blessings if I share the technology
out in the open for the benefit of the masses.

By: Janani Gopalakrishnan Vikram

The author is a technically-qualified freelance writer, editor and
hands-on mom based in Chennai.

August 2013 | 37


Let's Try

Begin Your Programming

Journey with


This article is an introduction to Go, an open source programming language that

makes it easy to build simple, reliable and efficient software.

o is a small and efficient programming language that

supports pointers without missing features available
in high-level languages with a C-like spirit. It also has
a large and wide-ranging standard library.
Go started as an internal Google project in 2007 to help
Google handle big programs developed by big teams. In
November 2009, Go went public, under a liberal open source
licence. So, are you ready to program in Go?

Installing Go

at the time of writing this article, is the latest. Now, it is time

to see some Go code. The Go version of the Hello World
program is the following:
package main
import "fmt"
func main() {
fmt.Println("Hello, world!")

Your Linux/UNIX distribution probably includes a ready-toinstall Go package, so go ahead an install it. In order to find out
the version of Go you are using, type the following command:

In order to compile and run the hello.go file, you should

run the following command:

$ go version
go version go1.1 darwin/amd64

$ go run hello.go
Hello, world!

The output shows that I am using Go version 1.1 which,

38 | August 2013

Please note that in Go, due to the absence of the

Let's Try


semicolon to denote the completion of a command, the

following code will not compile successfully and will
generate an error message:
package main
import "fmt"

Figure 1: Using the quad program from your browser

func main()
fmt.Println("Hello, world!")

I called the Go file hello2.go and I am trying to compile it

as usual:
$ go run hello2.go
# command-line-arguments
./hello2.go:5: syntax error: unexpected semicolon or newline
before {

The formal explanation for this error is that Go requires

the use of semicolons as statement terminators in many
contexts, and the compiler is able to automatically insert
the required semicolons at the end of non-blank lines.
Putting the brace ({) on its own line will put a semicolon at
the end of the previous line, which obviously generates the
error and the presented error message. The good thing is
that you no longer need to worry about brace placement as
in other programming languages.

What is Go?

Go is a relatively new programming language that tries to be

modern, efficient and pleasant to the programmer. The main
characteristics of Go are:
It is fast, fun and productive. After all, programming must
be fun and Go tries to make the programming experience
Go code tries to be both clean and simple.
It supports procedural programming.
It supports object-oriented programming.
It supports concurrent programming.
It supports distributed programming.
It supports garbage-collection.
Go programs are written in plain text Unicode format
using UTF-8 encoding.
It aims for high-speed compilation.
It is designed to scale efficiently.
Go aims to be type safe and memory safe.
It can be used to build Web applications. It also supports
Googles App Engine.
It is a systems language, in the sense that it is expected to
write software such as Web servers.
The syntax of Go looks like that of a C-based language.
Go does not have a preprocessor.

The grammar of Go is regular and simple: a few keywords

that can be parsed without a symbol table.
Go keeps concepts orthogonal because a few orthogonal
features work better than many overlapping ones.
It can replace both C++ and Java. Personally, I do
not like programming in Java but I used to like C++,
although, nowadays, I rarely write in C++ because
I believe that it has become a big and complicated
programming language.
A consequence of Go being fast to compile is that it can be
also used in situations where scripting languages are used.
I think that this is enough for theoretical information. It is
time to see some real and working Go code!

A simple Go example

The following Go program (file countLines.go) reads a text

file and counts the number of lines it has:

FR t Ch
Coding, testing, implementation
Cloud deployment
Mobile deployment
Conversion to different languages
Conversion of speech to text
Splitting to several small modules for
different level usage
The Web application is a financial management
and commerce management product
Work To Be Done At Chennai, Tamil Nadu On Contract Basis,
Payment Basis: Lump Sum or Partnering /
Profit Sharing During Maintenance Can Also Be Considered.

August 2013 | 39


Let's Try

1 // Programmer: Mihalis Tsoukalos

2 // Date: Monday 27 May 2013
3 //
4 // File: countLines.go
5 //
6 // This Go program counts the number of lines in a
text file
8 package main
10 import (
16 )
18 func main() {
if (len(os.Args) == 1) {
fmt.Printf("usage: %s <file1> [<file2>
[... <fileN]]\n",
for _, filename := range os.Args[1:] {
fmt.Printf("%s: ", filename)
30 }
32 func countLines(filename string) {
var err error
var numberOfLines int
numberOfLines = 0
f, err := os.Open(filename)
if err != nil {
fmt.Printf("Error opening file %s", err)
defer f.Close()
r := bufio.NewReader(f)
for {
_, err := r.ReadString('\n')
// If you reach the end of file
// read no more
if err == io.EOF {
40 | August 2013

%s", err)
58 }

} else if err != nil {

fmt.Printf("error reading file
fmt.Printf("%d lines\n", numberOfLines)

You should compile it using the following command:

$ go build countLines.go

Two runs of the created executable file created the

following output:
$ ./countLines hello2.go countLines.go
hello2.go: 8 lines
countLines.go: 58 lines
$ ./countLines
usage: countLines <file1> [<file2> [... <fileN]]

The line-numbers are added in order to better refer to the

Go code and need not be typed. I am now going to explain the
most important parts of the code:
Lines 1-6: Comments for the program.
Line 8: The initialisation and execution of a Go program
always begins with the main package. After some
initialisation procedures, the main() function gets called
and the program execution begins.
Line 10: An import statement with multiple values.
The import command is used for including the
functionality of already programmed packages,
including packages from the standard library.
Line 11: The os package provides platformindependent operating system variables and functions.
The os.Args variable, which is of type []string (a slice
of strings) holds the command line arguments. Its
length can be determined using the len() function.
Line 12: The bufio package provides functions for
buffered I/O, including functions for reading and
writing UTF-8 encoded text files.
Line 13: The io package provides low level I/O
Line 14: The fmt package provides functions for
formatting text and for reading formatted text.
Line 15: The path/filepath package provides functions
for dealing with filenames and paths. The functions
are platform-independent.
Line 26: The := operator is used for both declaring and
initialising a variable. This is called a short variable
declaration in Go terminology.
Line 32: The countLines() function reads the text

Let's Try
file, line by line, until the EOF is reached. Every
time a line is read, the numberOfLines variable is
increased by one.
Line 42: The defer statement is used to postpone the
execution of a function or a method until just before
the enclosing function or method finishes and returns.
If there are any return values, they are evaluated before
the defer statement. The most common use of defer is
the one presented here: to make sure that a successfully
opened file is closed when you do not need it any longer.
A more sophisticated version of the countLines program
that could replicate the functionality of the wc (man wc)
command line utility is easy to program and is left as an
exercise for you to try out.

A more advanced Go example

This part of the article will solve a Quadratic Equation

(ax^2 + bx + c = 0 ) using a Web interface. The presented
implementation does not solve a Quadratic equation when
the discriminant is less than zero. The net/http standard Go
library that is used, makes it exceptionally easy to create
HTTP servers. The source code is as follows:


Programmer: Mihalis Tsoukalos

Date: Wednesday 27 May 2013
Filename: quad.go
This Go program solves Quadratic Equations
using a Web Interface.
A Quadratic Equation has the form ax^2 + bx + c =

9 // Note: Does not support solutions with complex
11 package main
13 import (
19 )
21 const (
= 2
= `<!DOCTYPE HTML><html><head>
24 <style>.error{color:#FF0000;}</style></head>
25 <title>Solving Quadratic Equations</title><body>
26 <h3>Quadratic Equation Solver for OSFY Magazine</
h3><p>Solves equations of the form
27 a<i>x</i> + b<i>x</i> + c = 0</p>`
= `<form action="/" method="POST">


29 <input type="text" name="a" size="1"><label

for="a"><i>x</i></label> +
30 <input type="text" name="b" size="1"><label
for="b"><i>x</i></label> +
31 <input type="text" name="c" size="1"><label for="c">
32 <input type="submit" name="calculate" value="Solve!">
33 </form>`
pageBottom = "</body></html>"
= `<p class="error">%s</p>`
= "<p>%s Solution(s): %s</p>"
oneSolution = "<i>x</i>=%s"
twoSolutions = "<i>x</i>=%s or <i>x</i>=%s"
noSolution = "<i>impossible to solve! No
40 )
42 func main() {
http.HandleFunc("/", solveQuad)
if err := http.ListenAndServe(":8080", nil); err
!= nil {
log.Fatal("Exiting: Cannot start server: ",
47 }
49 func solveQuad(writer http.ResponseWriter, request
*http.Request) {
// Must be called before writing response
err := request.ParseForm()
fmt.Fprint(writer, pageTop, form)
if err != nil {
fmt.Fprintf(writer, error, err)
} else {
if floats, message, ok :=
processRequest(request); ok {
question := formatQuestion(request.Form)
x1, x2 := solve(floats)
answer := formatSolutions(x1, x2)
fmt.Fprintf(writer, solution, question,
} else if message != "" {
fmt.Fprintf(writer, error, message)
fmt.Fprint(writer, pageBottom)
66 }
68 func formatQuestion(form map[string][]string) string
result := formatSignAndNumber("", form["a"][0],
result += formatSignAndNumber(" ", form["b"][0],
August 2013 | 41


Let's Try

result += formatSignAndNumber(" ", form["c"][0],

return result
73 }
75 func formatSignAndNumber(signPad, number, suffix
string) string {
if number == "" || number == "0" || number ==
"0.0" {
return ""
var sign string
if signPad != "" {
sign = signPad + "+" + signPad
if number[0] == '-' {
sign = signPad + "-" + signPad
number = number[1:]
if suffix != "" && number == "1" {
return sign + suffix
return sign + number + suffix
91 }
93 func EqualFloat(x, y, limit float64) bool {
if limit <= 0.0 {
limit = math.SmallestNonzeroFloat64
return math.Abs(x-y) <=
(limit * math.Min(math.Abs(x), math.Abs(y)))
99 }
101 func solve(floats [3]float64) (float64, float64) {
a, b, c := floats[0], floats[1], floats[2]
if (b * b) - (4 * a * c) < 0 {
// Make x1, x2 complex numbers so
// math.IsNaN() is true ("not a float
x1 := math.Sqrt(-1)
x2 := math.Sqrt(-1)
return x1, x2
} else {
root := math.Sqrt( (b * b) - (4 * a * c))
x1 := (-b + root) / (2 * a)
x2 := (-b - root) / (2 * a)
return x1, x2
116 }
118 func processRequest(request *http.Request) ([3]
float64, string, bool) {
42 | August 2013

var floats [3]float64
count := 0
for index, key := range []string{"a", "b", "c"} {
if slice, found := request.Form[key]; found
&& len(slice) > 0 {
if slice[0] != "" {
if x, err := strconv.
ParseFloat(slice[0], 64);
err != nil {
return floats, "'" + slice[0] + "'
is invalid", false
} else {
floats[index] = x
} else {
// The program treats
blanks as 0
request.Form[key][0] = "0"
floats[index] = 0
if count != 3 { // the first time the form is
return floats, "", false
if EqualFloat(floats[0], 0, -1) {
return floats, "The factor of x cannot not be
0", false
return floats, "", true
146 }
148 func formatSolutions(x1, x2 float64) string {
exactlyOneSolution := false
if math.IsNaN(x1) && math.IsNaN(x2) {
return noSolution
if math.IsNaN(x1) {
exactlyOneSolution = true
x1 = x2
} else if math.IsNaN(x2) || EqualFloat(x1, x2,
-1) {
exactlyOneSolution = true
if exactlyOneSolution {
return fmt.Sprintf(oneSolution,
return fmt.Sprintf(twoSolutions,
formatSolution(x1), formatSolution(x2))
163 }

Let's Try
165 func formatSolution(x float64) string {
if EqualFloat(x, 0, -1) {
return fmt.Sprintf("%.*f", decimals, x)
return fmt.Sprintf("%.*f", decimals, x)
170 }

The compilation process is simply as follows:

$ go build quad.go

The generated executable file must be running (using

./quad) before trying to access the http://localhost:8080
URL with your browser. The 8080 port is hard coded
inside the Go code (line 44). Figure 1 shows two screens
of the quad application.
The line-numbers are added in order to better refer to the
Go code and need not be typed. I am now going to explain the
code, line by line:
Line 1-9: Comments about the Go program.
Line 15: The net/http package uses the net package
to add functionality for parsing HTTP requests and
replies. It also provides a basic HTTP client as well as
a basic HTTP server.
Line 16: The log package offers logging functions.
Line 17: The math package contains many math-related
constants and functions.
Line 18: The strconv package contains many functions
for converting strings into other types and other types into
strings. The quad program uses the strconv.ParseFloat()
function that converts a string to a floating-point number.
Line 21: At line 21, the definition of some string constants
begins. Most of them are used for the HTML output. The
decimal constant (Line 22) is used to define the number of
digits after decimal points.
Line 43: The http.HandleFunc function takes two
arguments, a path and a reference to a function
(solveQuad) that will be called when the path is requested.
You can register as many pairs as you want.
Line 44: The port number 8080 is defined in this line
using the http.ListenAndServe() function. The http.
ListenAndServe() function also starts the Web server.
Line 45: If there is an error starting the Web server, an error
message is displayed on the screen and the program exits.
You will see an error example near the end of this article.
Line 49: This line defines the solveQuad() function that
does most of the job, as it is called whenever the website
is visited. The writer argument is where the HTML
response is written and the request argument holds the
details of the HTTP request.
Line 52: The fmt.Fprint() function writes its arguments to
the writer using format %v and space-separated nonstrings,
and returns the number of bytes written and an error or nil.


Line 54: The fmt.Fprintf() function writes its arguments to

the writer using the format string. It returns the number of
bytes written, and an error or nil.
Line 93: The EqualFloat() function compares two float64
variables using the given accuracy. If a negative number is
given as the accuracy level, the greatest possible accuracy
will be tried. The function relies on both functions and
constants from the math library package.
Line 101: The solve() function finds the two solutions of the
quadratic equation if they are real numbers.
Line 102: a, b and c are read here so that the discriminant
can be calculated.
Line 104: If the value of the discriminant is less than 0, then
the solutions are complex numbers, a scenario that is not
supported by the quad program.
Line 118: The processRequest() function reads the data
in the Web form from the request variable. In case of an
erroneous value, an error message is returned.
Line 148: The formatSolutions() function takes two
arguments and returns a string. It checks the number of
discrete solutions and formats the solution or the solutions
using the formatSolution() function.
Line 165: The formatSolution() function formats a single value.
If the selected port is already in use, the error message you
will get will be similar to the following:

2013/05/31 00:34:13 Exiting: Cannot start server: listen tcp

<nil>:8080: address already in use

I find it very impressive that you can write such an

application in Go that also includes a Web interface, with just
170 lines of code, including the comments!


Go is a language that gets your work done. The easiest and

quickest way to learn it is by programming and experimenting.
This article is just the beginning of your journey to Go.
Until our next article, keep programming!
Web links and bibliography

Go documentation:
Go blog:
Go on Twitter:
Google App Engine:
The Way To Go: A Thorough Introduction To The Go
Programming Language, Ivo Balbaert, iUniverse, ISBN:
1469769166, March 2012.
[7] You can find the source code at

By: Mihalis Tsoukalos

The author enjoys UNIX administration, programming
iOS devices and photography. You can reach him at or @mactsouk.

August 2013 | 43

Connect with

Indias Leading IT

For more details about the conference, visit:


Media Partners

Asias Leading
On Open Source
10th Edition


11 - 13

NIMHANS Convention Center


Calendar NOW!



Register Now For FREE Complimentary Passes
EFY Enterprises Pvt Ltd, D-87/1, Okhla Industrial Area, Phase 1, New Delhi 110020; Phone: 91-11-26810601 (02/03)

Exploring Software

Anil Seth

Guest Column

Extend Wireless Router Capabilities

Using a Netbook or Laptop
There are now a range of devices that are Wi-Fi enabled. So for
situations where a wireless router is required, the additional
functionality of NetworkManager 0.98 is a great convenience.

edora 18 includes NetworkManager 0.98 and most

new distributions will now have it. In addition to the
Infrastructure and Ad-hoc modes, NetworkManager now
supports the Access Point (AP) mode.
Currently, the nm-applet does not offer a way to configure an
access point. GNOME 3 includes the option to create a hotspot
by just clicking a button. It uses WEP encryption and assigns
a password to the network. KDE network management offers
greater flexibility in configuring an access point.
In case you are using a lightweight distribution, you can
configure an access point by creating a hotspot file in /etc/
NetworkManager/system-connections. You may then start it
manually. You can route the traffic from the hotspot to the
Ethernet interface.
The limitation is that not all drivers support this mode. For
instance, brcmsmac, which is used by my Lenovo netbook, does not
support it, though ath5k, which is used by EEEPC 701, does.
This brings up an interesting option. Can you use an old
system like an EEEPC 701 easily as a 'proper' router, and what
flexibility would it offer?
The answer, of course, is yes. You may download and
use generic x86 distributions like the OpenWRT distribution in
snapshots/trunk/x86/ from You
can copy it on a USB stick and may need to change the root
partition from /dev/sda1 to, for instance, /dev/sdb1 in the Grub
configuration file.
The generic distribution includes a limited number of drivers and
you may need to download the additional drivers. In my experiments,
the Ethernet driver needed for Lenovo S10 was included. However,
the brcmsmac needed for wireless was not included. As mentioned
earlier, the brcmsmac does not have the support for access point mode
and is not very useful as a router. However, I could use the netbook to
download the drivers needed for EEEPC 701 and use the USB stick
on EEEPC 701 for further experiments.

A bridged router

It is very simple to set up OpenWRT as a simple wireless router.

You define the Wi-Fi mode as 'AP' (access point) and specify
the SSID, the encryption type and the key. The wireless and the
LAN are bridged by default.
Chances are that you may already have a wireless router.
However, its range may not cover the entire premises. You
46 | August 2013

may need to extend the range of your Wi-Fi connection

by using a repeater. Inexpensive routers do not come with
this option. However, it is pretty simple to implement this
functionality in OpenWRT.
OpenWRT offers a number of ways to achieve this goal,
which depends upon the driver used. The different options can
be found in The
various recipes are available on the same wiki.
If the driver supports WDS (Wireless Distribution System)
or similar functionality, the set-up is fairly simple. You just need
to set it up as a client of the main access point and in the Wi-Fiiface section, add the following option:
option wds 1

Both the access point and the repeater need to support

WDS. In case the driver does not support WDS, there will be no
warnings or errors and the effort to act as a Wi-Fi relay/repeater
will silently fail.
You can rely upon alternate set-ups that achieve similar goals.

A relay client

You need the Wi-Fi to work as an access point for your wireless
devices. You also want it to work like a client of your primary
router. The router needs to relay the data across the two modes.
The first option makes the entire set-up turn into a single
network. OpenWRT recipes will call this a routed client with
relayd. The relayd package implements the functionality of
WDS. The key part of the wireless configuration file will be:
config wifi-iface
option device 'radio0'
option mode 'sta'
option network 'wan'
option ssid 'Wifi-network'
option encryption...
config wifi-iface
option device 'radio0'
option mode 'ap'
option network 'lan'
option ssid 'Wifi-relay'
option encryption...

Guest Column Exploring Software

You will notice that the single physical device has two
virtual Wi-Fi interfaces, each with its own SSID. This set-up
is, hence, not totally transparent. Your device will need to
explicitly connect to the access point or the relay.
The corresponding network configuration will contain
the following code:
config interface 'lan'
option ifname 'eth0'
option type 'bridge'
option proto 'static'
option ipaddr ''
config interface 'wan'
option proto 'dhcp'
config 'interface' 'stabridge'
option 'proto' 'relay'
option 'network' 'lan wan'
option ipaddr ''

You will also need to disable the firewall.

A routed client

The second option is that the second Wi-Fi router

establishes a separate network and routes traffic from

this network to the access point. The configuration file

for wireless remains the same as for the relay client. The
network configuration file will contain the following:
config interface 'lan'
option ifname 'eth0'
option type 'bridge'
option proto 'static'
option ipaddr ''
config interface 'wan'
option proto 'dhcp'

The IP address for the LAN will be outside the address

range of the main router. The firewall is preconfigured to
forward traffic from the LAN to the WAN.
OpenWRT is a Linux distribution. So, in principle, you
should be able to add packages to your normal distribution and
create a Wi-Fi extender on your normal laptop. But you would
lose the convenience of NetworkManager. So you may not want
to use it every day, but it is a fun thing to try out.

By: Anil Seth

The author has earned the right to do what interests him. You can
find him online at,,
and reach him via email at

August 2013 | 47


Let's Try

Heres an introduction to Firebug, which is used primarily for debugging client side scripts in
real time and reducing development time. It also helps in creating bug-free code that can run
across leading browsers seamlessly.

s the world of open source development evolves,

debugging code is becoming a complex task.
When it comes to browser client-side scripting that
needs to be debugged, there are few tools available. This is
especially true for runtime debugging on HTML, CSS and
JavaScript tags. Firebug is one of the most popular add-ons
of Mozilla Firefox for Web development. It is a free and
open source plug-in with a BSD licence. Initially written in
2006, Firebug went through numerous updates, making it a
favourite tool for Web software developers, as it certainly
makes their lives easier.
Modern content management systems (CMS) such as
Drupal, Joomla, Wordpress, etc, empower Web development
by embedding the client side code within their content
entities. This, however, puts a burden on developers, when it
comes to debugging the code in scenarios where it works fine
on one browser but fails on another. Since CMS systems also
add their own payload to the developers code, the resultant
code obviously becomes very hard to debug. Firebug comes
in as an essential helping hand in this situation by breaking
code pieces into logical chunks on the screen. It introduces

48 | august 2013

many features which are essential for Web development, such

as inspecting HTML elements, debugging, editing, monitoring
any websites CSS, HTML, JavaScript etc. At the time of
writing, the most recent version of Firebug is 1.11.2 for
Firefox 20. It has two major implementations: an extension
(add-on) for Mozilla Firefox and Firebug Lite, which is for
other browsers.

Why Firebug?

Firebug is a plug-in or add-on to the browser. What this

means is that it has the same level of access and control on
the Web page being rendered, as that of the browser entity.
Firebug runs in the same security context as the browser,
which gives it complete control on the objects and DOMs
(document object model) created within a Web page.
Due to this, Firebug can perform multiple runtime
operations on the client-side code, such as run JavaScript
snippets, inspect HTML content, modify style sheets and
layouts, etc. Optionally, it can also analyse network usage for
a given page. This helps you find out how big the footprint
of a page isincluding the images and other code resources

Let's Try
it contains. Firebug also comes equipped with a nice GUI,
which usually sits silently in the background and on the click
of a button, comes to the foreground and starts providing
useful information to the developers. It is possible to extend
Firebug by calling its API library, and to enhance its features
as a customisation effort.
The latest version of Firebug has advanced features
such as editing CSS templates and adding attributes in
real time, and viewing their effect on the Web page,
dynamically. The developer can leverage this feature to
try all style sheet combinations, check their effect on the
user experience, ensure accuracy and then, accordingly,
make changes in their release codes. This is a great help
when trying out various style sheet objects such as table
widths, foreground and background colours, fonts, etc.
The newer versions can also help in object stack tracing
for advanced developers.
The Firebug interface itself is very user friendly. Based
on the nature of the code being developed and debugged, it
is possible to instruct Firebug to only show certain types of
errors, such as errors for only CSS
code, or only for JavaScript, etc.
This helps to avoid the clutter and
results in quick debugging and faster


i.e., the maximise button or as a bar at the bottom of your

browser. This opens up a Firebug panel dashboard, which
typically occupies the bottom half of the screen. Please refer
to Figure 1, which shows a sample dashboard.
Now lets look at how to use this panel for debugging
purposes. To explain better, lets open the home page
of Facebook. Once the page loads up, open up the
Firebug panel and from the top menu of the panel, click
the second button from the left, which reads Click
an element in the page to inspect. This enables the
highlighter on the browser page; so use the mouse to
highlight the section to be debugged and click the mouse
button. Figure 2 demonstrates that the text reading Sign
Up was selected from the Facebook home page and
was changed to Welcome. As seen in that figure, the
bottom left portion shows the exact HTML tag that was
modified to achieve the result. On the right side of the
panel, we can see the CSS code and tags which form that
particular area of the page. This technique can be used
for modifying any HTML tag, CSS styles, fonts, colours,


While there are no strict prerequisites for Firebug installation,

the computer must have the Firefox
browser installed, preferably the
latest version. It is important to
ensure that no previous installations
of Firebug are present, and if they
are, they should be removed.
The latest version of Firebug
can be downloaded from and
installed. Upon installation, it
is advisable to close all browser
instances and restart the browser.

Figure 1: Sample dashboard

Using Firebug

Firebug can be opened in any one

of the following three waysby
clicking on the icon on the right hand
side of your browser's navigation
bar; by using a shortcut key (default
: F12), or by right-clicking the
mouse button and selecting Inspect
element with Firebug. You can
open it in a new window by clicking
Figure 2: Sign Up' changed to 'Welcome'
Open firebug in new window,

august 2013 | 49


Let's Try

layouts and JavaScript variables, thus demonstrating

the power of Firebug. As can be seen in the same screen
shot, the CSS section on the right also shows the line
numbers of the .css file, which produces that page
section. This really helps developers gain complete
visibility of what needs to be modified in their code.
Firebug is both an inspector and an editor. All
objects, i.e., HTML, CSS and JavaScript can be
edited with a single or double click. When things go
wrong, Firebug lets you know immediately, and gives
you detailed and useful information about errors in
JavaScript, CSS and XML. As you make changes in
Firebug, you can see their result or effect in the browser
instantly. All changes made in Firebug are in real time,
so as you refresh your browser, it will show you the
page before the changes were made. Firebug just helps
you to get a particular CSS file with the line number or
particular HTML tag on a page to make changes from
your local machine, and then you can make permanent
changes the way you want. It allows you to add new
properties in CSS.
Now lets look at a few advanced features of Firebug. As
you can see on the panel, it has multiple views to drill down
into the code, based on which code area needs to be targeted
for debugging. There are two HTML panes, i.e., the Node
view pane and the HTML side panels.
The Node view, which is on the left, allows you to
inspect and modify the HTML tags of the page. When
you hover the mouse over the HTML tags, it shows a
section being highlighted on the page, which points to
the location of elements placed on the page.
HTML side panels are on the right, and give more
information about the styles of the highlighted elements.
There are four side panels: style, computed, layout
and DOM.
Style: It shows you which CSS lines affect what part
of your code. It also shows which style sheet effects
correspond to that part, along with the line numbers.
Computed: It shows the CSS with properties such as
font size, type, alignment, etc. This gives information
about how HTML renders that element.
Layout: It shows you the graphical box model of the
element that you have clicked. It helps you to modify
the values of the padding, margin and border by double
clicking on it in real time.
DOM: It shows the document object model of the
selected element. Its useful for advanced client-side
script debugging.

Console view

The console is for logging, tracing, profiling and the

command line. The console shows JavaScript error message
logs. It can also be used to run JavaScript commands.

50 | august 2013

CSS view

The main difference between styles in the HTML panel and

CSS view is that it allows you to work on all CSS styles, and
not just the highlighted one.

Script view

It allows you to jump to the particular section of the

JavaScript that you have selected. It allows debugging of
functions, shows the stack of functions in real time, the list
of currently active breakpoints, etc. It includes JavaScript
Debugger, which allows you to pause at any time. This feature
is important to debug code snippets that are sluggish and need
performance tuning.

DOM view

The Document Object Model is a great big hierarchy of

objects and functions. Firebug helps you find DOM objects
quickly and then edit them on the fly.

Net view

It gives information about how long it will take for your page to
load or which request takes more time to load. The slowness of
page loading can be attributed to static code, references to other
pages, heavy images, etc. Net view helps you to pin point the
exact section of a file which is slowing down the performance.
It also gives suggestions regarding which images should be
compressed for better performance, etc.

Cookies view

The cookies panel shows you the cookies on your current

or selected page. You can deny cookies for a particular site,
create cookies and also delete cookies, on the fly. Besides
these features, there is a search box available on the panel
which can be used to find elements or the sections of code
being debugged. The panel dashboard can be detached
from the browser, and be placed on screen as a floating
entity for ease of use.
While Firebug is a self-contained environment for
debugging, there are a few limitations which will hopefully
be fixed in future versions. First, the CSS panel doesnt
allow the edit option. Second, while debugging HTML
elements with hover properties, it is cumbersome to use
Firebug to highlight a particular section and debug it. This
is true in case of client-side slide show containers, which
may or may not be using JQuery.
By: Supriya Awati
The author is a PHP developer who loves Web programming, and
has a passion for server and client side scripting. She is fascinated
with the idea of combining Facebook and open source tools to
make programmers lives easy. She works at Valency Networks
( as a cyber security product designer
and can be reached at

How To


Save Your Data with PhoneGap

The article on PhoneGap Application Development in the June issue of OSFY started
with setting up the environment for development followed by a simple Hello World
app and then moved on to exploring various APIs such as Contacts, Accelerometer
and Geolocation. This article covers a lot more...

he APIs we are going to cover in this article are: Storage,

Media, Notifications, and Splash Screen.


This API helps to save the data in the SQLite database and
to fetch the same data later. It enables the application to
use the data across various HTML pages, i.e., the user can
save some data from the first HTML page and then retrieve
that at a later point of time.
Usage: Data storage is used in almost all the apps and games.
Some basic methods for using storage are:
openDatabase(): This method will open the SQLite
database or will create a new one if it doesnt already

exist. It returns a database object that can be used to

manipulate data.
Transaction(): This is responsible for database
changeVersion(): This will change the version with
schema updates.
executeSql(): This allows the execution of SQL
statements. This method invokes SQLResultSet
as a callback, which contains properties like
insertId, rowsAffected and rows which can be
used to display the ID of the inserted row, the rows
affected and the rows returned by the executed SQL
statement, respectively.
August 2013 | 51


How To

Note: There is an object called localStorage, which can be

used to store data in key value pairs. This can be implemented
using the function window.localStorage.setItem("key", value");
The arguments to pass through these methods are:
openDatabase (database_name, database_version,
database_displayname, database_size): This will
create a new database with the details specified, i.e.,
name, version, etc.
database.transaction (insertDB, errorDB, successDB):
This transaction method will lead to running
insertDB, where all the executesql statements will be
written, and success and error will return messages for
success and failure, respectively.
changeVersion(old_version, new_version): This
method will change the version from the old to the new.
_WRITTEN_HERE): All the SQL statements will be
written in the executesql method.
Lets see what these arguments will actually do when
put together.

function successDB() {
var db = window.openDatabase(MyDatabase, 1.0, My
Database, 100000);
db.transaction(queryDB, errorDB);
function queryDB(tx)
tr.executeSql(SELECT * FROM CountryList, [], querySuccess,
function querySuccess(tr, output)
console.log(No of rows returned is + output.rows.
length); (9) and (10)
var len = output.rows.length;

// Create a file name Storage.html

<!DOCTYPE html >
<title>My Page</title>
<script type=text/javascript charset=utf-8
<script type=text/javascript charset=utf-8>
document.addEventListener(deviceready, onDeviceReady,
function onDeviceReady()
var db= window.openDatabase(MyDatabase,1.0,My
function insertDB(tr) {
tr.executeSql(DROP TABLE IF EXISTS CountryList);

for (var i=0; i<len; i++)

console.log(Row = + i + ID = + output.rows.
item(i).code + Data = + output.rows.item(i).name);
function errorDB(error) {
alert(Error processing SQL: +error.code);
</script> </head>
<h2>Fetching Country list from databases..</h2>
<h4> Showing Country list.. </h4>

The output of the above code is given in Figure 1.

The code shown above displays the list of countries saved
in the database. Here is the explanation:

tr.executeSql(CREATE TABLE IF NOT EXISTS CountryList
(countrycode unique, name)); (6)
tr.executeSql(INSERT INTO CountryList (countrycode,
name) VALUES (61, Australia)); (7)
tr.executeSql(INSERT INTO CountryList (countrycode,
name) VALUES (55, Brazil));
tr.executeSql(INSERT INTO CountryList (countrycode,
name) VALUES (1, Canada));
tr.executeSql(INSERT INTO CountryList (countrycode,
name) VALUES (91, India));
52 | August 2013

Figure 1: Storage

How To
1. The PhoneGap support will be added by adding
cordova.js in a <script> tag.
2. The document.addEventListener function will let
PhoneGap load.
3. When PhoneGap is loaded, the openDatabase()
function will create a new database with the details
provided, i.e., database name, version, etc. The size of
the database is 1,000,000 bytes.
4. After creating and opening the database, the database
will call the transaction, which will call the insertDB
method, and if the insertion is successful, then
successDB will be called; else, errorDB will be called.
5. In the insertDB method, if the table CountryList
already exists then the table will be deleted.
6. This creates a new table CountryList, with two
columnscountrycode and name.
7. This inserts the values for the countrycode and name
in CountryList.
8. If the values are successfully inserted in the table,
it displays an alert success and selects all the rows
to display.
9. and
10. This displays the number of rows of data returned in
the console.

3. mediaError: The callback returned when failure occurs

within the process.
4. MediaStatus: The callback that is invoked to indicate
the status changes.
<html> <head> <title>Media Example</title>
<script type=text/javascript charset=utf-8
<script type=text/javascript charset=utf-8>
var recording;
var recInterval;
onDeviceReady, false);
function onDeviceReady() (
var audio = null;
var timer = null;

function playAudio(src) {
audio = new Media(src, onSuccess, onError); (1);
if (timer == null) {
timer = setInterval(function() {

Note: In this example, the values returned are

displayed only in the console, but in real time, you can
show the values in different formats, i.e., list view, grid
view, etc, according to your requirements.

function(position) {
if (position > -1) {
setAudioPosition((position) +


This API gives the ability to play and record audio on the
device. The different ways in which you can use the Media
API are:
1. media.getCurrentPosition(): Returns the current
position within the audio file.
2. media.getDuration(): Returns the duration of the audio
3. Will start playing the audio file. Can be
used to resume a paused file.
4. media.pause(): Will pause a playing audio file.
5. media.release(): Will release all the OS's audio
resources being used by the file.
6. media.seekTo(): Will move the position to a certain
point in the audio file.
7. media.startRecord(): Will start recording an audio file.
8. media.stopRecord(): This will stop recording an
audio file.
9. media.stop(): This will stop the playing audio.
The arguments to pass through are:
1. src: The path of the audio file.
2. mediaSuccess: The callback to be called when a
media object has played/paused or stopped the audio



function(e) {
console.log(Error occured= +

setAudioPosition(Error: + e);
}, 1000);
function pauseAudio() {
if (audio) {

function stopAudio() {
if (audio) {


August 2013 | 53


How To

timer = null;


function onSuccess() {
console.log(playAudio():Audio Success);
function onError(error) {
+ error.code
+ \n +
message: + error.message + \n);
function setAudioPosition(position) {
innerHTML = position;
</script></head><body> <h2> Playing Audio</h2>
<input type=button value=Play Audio
onclick=playAudio(file:///android_asset/www/01..waka waka.
mp3);></input><br> (9)
<input type=button value=Pause Audio
<input type=button value=Stop Audio
<p id=audio_position>Interval</p> (10)
</body> </html>

Note: media.html illustrates the usage of the play,

pause and stop methods. The methods media.startRecord()
and media.stopRecord() can be used similarly.
media.html will be displayed as shown in Figure 2.
Here is the explanation of the code given above:
1. On clicking the button Play audio, the method
playAudio()' with the path of the .mp3 file will
be called and src will be replaced by the mp3
file. In case of success or failure, the methods
mediaSuccess()'/mediaError()' will be called,
2. The method will be invoked and audio
will start playing.
3. This will check for the timer and if the timer is null,
the setInterval function will be called and the audio's
current position will be fetched.
4. If the fetched position is greater than -1 then the
setAudioPosition((position) + " sec")' method will be
called, and in Line 8, the setAudioPosition() method
will fetch the element by ID and replace its text with
the fetched current position.
5. pauseAudio() will pause the already playing audio, and
the interval which is displayed below will be paused.
54 | August 2013

6. stopAudio() will stop the audio Playing Audio

and will call clearinterval().
7. clearInterval() will clear the
Play Audio
interval displayed below the
Pause Audio
Stop Audio
8. This aspect has been already
covered in Point 4.
9. On clicking this button, the
39.192 sec
path of the audio file to be
played needs to be given as a
Figure 2: Media
parameter to the playAudio()
10. This is an element to display the position of the
running audio file in terms of seconds. Its used when
the element's text is replaced by the position in the
setAudioPosition() method.


Device notifications are used to send alerts to the user or to

ask for user input, and so on. These include visual, audio
and vibration alerts. To use device alerts in your hybrid app,
try the Notification API.
Usage: To alert the user to various events.
The methods for using this API are:
1. navigator.notification.alert(): To show alerts to the user
for critical battery, low memory space, etc.
2. navigator.notification.confirm(): To ask the user for
some kind of permission.
3. navigator.notification.prompt(): To prompt the user to
provide some input.
4. navigator.beep(): To send audio alerts in the form of
5. navigator.vibrate(): To send a vibration alert to give
the users some message or inform them about an
The arguments to pass through these methods are:
1. navigator.notification.alert (message,alertCallba
ck,title,buttonLabel): Where a message will be
displayed as an alert message, and alertCallback will
be the method that gets called when the Alert button
gets clicked; title will be the title of the alert box and
buttonLabel will be the name of the Alert button.
2. navigator.notification.confirm (message,
confirmCallback, title, btnLabel1, btnLabel2,...):
All arguments are similar to that of the Alert box
but, in this case, the buttons can be more than one, to
provide multiple options to the user.
3. navigator.notification.prompt (message,
confirmCallback, title, btnLabel1, btnLabel2,...):
The arguments are the same as in the Confirm method.
4. navigator.beep(times): The argument times decides
how many times the beep should ring.
5. navigator.vibrate (milliseconds): This depicts for how
many seconds the device will vibrate.

How To

Notification Examples
Show Alert
Show Confirm
Show Prompt
Play Beep
Figure 3: Notifications

Alert Box Example

Battery Low!

function showAlert() {
navigator.notification.alert( Battery Low!,
alertDismissed, Alert Box Example, Ok);
function alertDismissed() {
// do something
function showConfirm()
navigator.notification.confirm(Do you want to
continue?,onConfirm, Sample Confirm Dialog,Continue,Exit);
function onConfirm()
alert(Selected Button Index + buttonIndex);
function showPrompt()
navigator.notification.prompt( Please enter your
name, onPrompt, Sample Prompt,[Ok,Exit]
function onPrompt(results)
alert(Welcome + results.input1);
innerHTML=Welcome+ + results.input1;

Figure 4: Alert

Sample Confirm Dialog

Do you want to continue?


function playBeep()


Figure 5: Confirm
function vibrate()
</script> </head> <body> <h2 > Notification Examples </

So now, lets create a simple notification.html page and

put all types of alerts in there to see their usage.
// Notification.html
<!DOCTYPE html>
<title>Notification Example</title>
<script type=text/javascript charset=utf-8
<script type=text/javascript charset=utf-8>
document.addEventListener(deviceready, onDeviceReady,
function onDeviceReady() {
some functionality can be written

<p><a href=# onclick=showAlert(); return false;>Show
<p><a href=# onclick=showConfirm(); return false;>Show
<p><a href=# onclick=showPrompt(); return false;>Show
<p><a href=# onclick=playBeep(); return false;>Play
<p><a href=# onclick=vibrate(); return

The output of the above code is shown in Figure 3.

The code shown above will display the corresponding
August 2013 | 55


How To

Sample Prompt
Please enter your name


Figure 6: Prompt

alerts. Here is the

Under the body tag,
there is a list of alerts
in the form of links and
these will call respective
methods when clicked.
1 and 2: On clicking
Show Alert the method
showAlert() will be
called, which will call
the notification,alert
Figure 7: Splashscreen
method and an alert box
will pop up with the Battery Low message; this will call
the alertDismissed callback, when OK is clicked in the
alert box. The output for an alert message is displayed in
Figure 4.
3 and 4: On clicking Show Confirm the method
showConfirm() will be called with a Do you want to
continue? message. On clicking Continue or Exit it will take
you to onConfirm, and an alert will pop up which will return
the selected button index. The output for confirm dialogue
box is displayed in Figure 5.
5 and 6: On clicking Show Prompt the method
showPrompt() will be called with an edit text box, where
the user needs to provide an input. Then onPrompt will
be called as a callback, and will return whatever the user
entered with a welcome message. The output for the prompt
box is displayed in Figure 6.
7. On clicking Play Beep, the device will beep twice
with the devices default beep sound.
8. On clicking Vibrate the device will vibrate for 5
Note: The Play Beep and Vibrate methods should
be tested on the device to observe the results.


This shows you how to give your application an image for the
starting screen, which will be shown when your application is
still loading at the back end.
56 | August 2013

Usage: It is used in apps where the application needs some

time to load. During that time the image will replace the blank
screen with a nice picture to give users a better experience.
The methods for using this API are:
1. To show the
2. To hide the
Pre-requisite: Put your splash screen image into the res/
drawable folder of the Android project. The recommended
sizes for each image are:
xlarge (xhdpi): at least 960 x 720 pixel.
large (hdpi): at least 640 x 480 pixel
medium (mdpi): at least 470 x 320 pixel
small (ldpi): at least 426 x 320 pixel
Now add the following code in the
super.setIntegerProperty(splashscreen, R.drawable.

This will take the image from R.drawable.splashscreen

(where splashscreen is the name of the image), which will be
added to the application.

There is one more parameter in loadUrl 20000, which

defines how many seconds the splashscreen will be displayed.
document.addEventListener(deviceready, onDeviceReady,
function onDeviceReady() {;

Similarly, hide() can be used to hide the screen.

Though we have covered some more APIs in this article,
this is not the end. PhoneGap provides many more APIs,
which you can easily explore, as all of them use a similar kind
of format. There are many more plugins that can be used with
PhoneGap to enhance its benefits. So try your hand at playing
with plugins too. Keep exploring and learning. The doors for
help are always open.

Anupriya Sharma
The author has just graduated and is currently working in the
Android department of a reputed MNC. She loves Android and
iOS development. Apart from that, she manages some time for
cooking, dancing and her all-time favourite, shopping. You can
contact her at



Sandya Mannarswamy

This months column features some questions on algorithms

and data structures.






58 | August 2013

n the last few columns, we have discussed file

system concepts. This month, we take a break
from that and explore a few interview questions.
You are given N integers and are asked to find
the second smallest element among them. How
many comparisons does it take, in the worst
case, to find this out?
A cyclic rotation of a string is obtained by
chopping off a prefix of the string and attaching
it to the end. For example, esportcod is a
cyclic rotation of the string codesport. You are
given two strings P[1n] and T[1..m]. Write
an algorithm to determine whether P is a cyclic
rotation of T.
You are given a set S of N integers. You are
not allowed to compare two integers directly
to determine which is larger. However, you
are given a black box that can determine the
median of a set of three integers. You are asked
to write a program to determine the pair of the
largest and smallest elements in S. What is the
complexity of your program? Can you come up
with an O(N) algorithm to solve this problem?
Now, if you are asked to sort the set S, what
would be the complexity of your program?
You are given a set of k nuts and k bolts.
For each bolt present in the collection, there
is exactly one nut that matches the bolt.
You are not allowed to compare one bolt
with another bolt or one nut with another.
However, you can compare a nut and a bolt to
see whether they match or not. You are asked
to find the largest and smallest bolts. What
is the maximum number of comparisons you
need to make, in the worst case?
You are given two sorted arrays A and B,
each containing N elements. You are also given

an integer k such that k < 2N. You are asked to

find the kth smallest element in the union of
the two arrays A and B. What is the complexity
of your program? Assume that the arrays A
and B do not contain any duplicates.
6. All of us are familiar with the utility make,
which typically is used to compile source files
into an executable. The make utility reads a
file called Makefile, which specifies the rules
and dependencies. The Makefile specifies the
list of source files that need to be compiled and
the dependencies. The basic Makefile typically
looks like what follows:
target: dependencies
[tab] system command

For instance, if there are two files, say, hello.c

and factorial.c, and you want to build an executable
prog1, here is how your Makefile would look:
all: prog1
hello: factorial.o hello.o
g++ factorial.o hello.o -o prog1
hello.o: hello.c
gcc -c hello.c
factorial.o: factorial.c
gcc -c factorial.c
rm -rf *.o prog1

So if the programmer changes hello.c, then

when make is invoked, it understands from the
Makefile that the target executable prog1 is

Guest Column
dependent on hello.o which, in turn, is dependent on hello.c.
Therefore make recompiles hello.c to create a new hello.o
and hence rebuild the target executable prog1. Note that
factorial.c is not recompiled. Now consider that you have
been given an arbitrary Makefile, which specifies a list of
source files as well as the list of dependencies and also a list
of changed source files; write a program to identify which of
the objects need to be rebuilt and the order in which they have
to be rebuilt. Let me give you a hint. Can you visualise the
dependencies as a graph?
7. You are given a set R of n rectangles lying in a
plane. You are asked to determine whether any two of
the rectangles in the set R intersect. What is the time
complexity of your solution?
8. You are given an array A of N integers such that A[1]
>= A[2] and A[n-1] <= A[n]. An element A[i] is a
local minimum if it is less than or equal to both of its
neighbours. Formally, we denote an element A[i] as a
local minimum if A[i] <= A[i-1] and A[i] <= A[i+1]. You
are asked to write a program to find a local minimum
in the given array. The obvious solution is to do a scan
of the entire array A in O(N) time. Can you design an
algorithm that can find the local minimum in log(N) time?
9. You are given a directed graph of the roads in India,
with each edge between two cities being associated
with an independent safety probability p(e). The safety
of a path in the graph is the product of the safety
probabilities of the edges in the path. You are asked to
find the safest path to travel from Bengaluru to Delhi.
Can you design an algorithm for this?
10. You are given a set X of N intervals on the real line. The
intervals are represented by two arrays, XL[1..N] and
XR[1..N], which represent the left and right end points of
each of the N intervals. A subset Y of X is a set of intervals
such that any real value that is contained in some interval
in X is also contained in some interval in Y. In such a case,
Y is called the tiling path or tiling cover of X. The size
of a tiling cover is the number of intervals in Y, which is
needed to cover X. You are asked to write a program to
compute the smallest tiling cover for X. What is the time
complexity of your approach?
11. As we all know, a palindrome is a string that reads the
same forwards and backwards such as x, pop or
noon. Any string can be broken into a sequence of
palindromes. For instance, the string popdad can be
split into two palindromes pop and dad, whereas a
trivial splitting would be to split it into 6, such as p,
o, p, d, a, and d. You are asked to write
a program to split the given string into the minimum
number of palindromic sub-strings. Can you find the
minimum number of palindromic substrings into which
you can split the string bubba banana?
12. You are given an input string A[1..N]. Of all the
sub-strings of A, find the longest sub-string s such


that s appears both forward and backward in A. The

forward and backward sub-strings should not overlap.
For example, for the input string SAWMWASING,
the output should be SAW. For the input string
be YNAM.
13. Lets suppose you are given a weighted graph G and its
minimum spanning tree T. Now you are told that the
weight of one of the edges e in the graph G has been
changed from w1 to w2. How would you recompute the
minimum spanning tree when:
a. w1 is smaller than w2.
b. w1 is greater than w2. While the brute force solution
would be to re-run the MST computation algorithm
for the graph G, can you come up with a better
14. You are given an array A of N positive integers without
any duplicates. Write a program to find the smallest
positive integer k such that k is not a member of A. Is
it possible to come up with an O(N) algorithm for this
problem? If yes, give the algorithm. If not possible,
explain why.
15. Stack is a data structure that supports LIFO (Last In First
Out). Implement a modified version of Stack, which pops
out the most frequently added item.

My must-read book for this month

This months must-read book suggestion comes from one

of our readers, Shanmugavel, and is titled A Discipline of
Programming by Edsger W Dijkstra. This is a programming
classic. Though this is an old book and some of the algorithms
have been super-ceded by better and newer ones, it is still
worth a read to understand the thinking behind designing
clever algorithms. Thanks Shanmugavel, for your suggestion.
If you have a favourite programming book or article that
you think is a must-read for every programmer, please do
send me a note with the books name, and a short writeup on why you think it is useful so I can mention it in the
column. This would help many readers who want to improve
their software skills.
If you have any programming questions or software topics
that you would like to discuss on this forum, please send them
to me, along with your solutions and feedback, at sandyasm_
AT_yahoo_DOT_com. Till we meet again next month, happy
programming and heres wishing you the very best!

By: Sandya Mannarswamy

The author is an expert in systems software and is currently
working with Hewlett Packard India Ltd. Her interests
include compilers, multi-core and storage systems. If you
are preparing for systems software interviews, you may
find it useful to visit Sandyas LinkedIn group Computer
Science Interview Training India at

August 2013 | 59



IPCop 2.0.6: The New Watchdog!

This article describes the various functionalities of a network-based firewall, besides
taking readers through the installation and configuration of IPCop 2.0.6, especially
from the perspective of a small and medium business. It also illustrates how a securely
configured firewall ensures data security and mitigates various risks such as virus spread.

PCop is a complete Linux distribution whose sole

purpose is to protect the networks it is installed on. By
implementing the best of current technology, outstanding
new technology and secure programming practices, it has
become the Linux distro for those wanting to keep their
computers and networks safe.


There are two types of firewalls.

Host-based firewalls are typically software programs
installed on an operating system. They can control which
software programs installed on the computer can access the
Internet and who can access the host system.
Network firewalls are used to control access between
any two networksfor example, your system or network
on one side, and the Internet on the other. Any computer
system or network directly connected to the Internet without
60 | August 2013

any protection is exposed to many risks. From a security

perspective, once you are connected to the Internet, it is your
computer, your system and your network against everybody
else on the other side. Even unknowingly, other infected
systems could cause harm to your system. A firewall is used to
mitigate these risks and to secure your internal systems from
malicious users and programs working on the external side.

Network security for small businesses

Though awareness about firewalls is on the rise, even today,

many organisations assume that installing the operating
system, application software and the connecting network
is all thats required to set up their IT infrastructure. Many
key network security aspects such as the use of managed
switches, securing the wireless network, changing default
passwords, deploying a firewall at the network gateway,
etc, are not considered.

Why open source?

One of the primary reasons for not securing networks is the

expense involved. Here, open source software is an alternate
to commercially available products. These include operating
systems, word processors, spreadsheets, presentation tools,
graphic tools, browsers, etc.
Open source has a wide range of firewall distributions to
offer. Some of them are pfsense, endian, untangle, ipfire and,
of course, IPCop. These can be installed on any computer
system supported by the corresponding distro the hardware
configuration requirement is absolutely minimal. Even an old
computer system with a Celeron CPU, 512 MB RAM and
a 20 GB hard disk can run these firewalls. For the few who
think open source has no support, some of these firewalls
have paid support available.
Readers, please think this over: Any properly configured
firewall, even an open source firewall distribution, is certainly
better than the best non-configured branded firewall!

SME network and security requirements

Let us consider the typical set-up of a small and medium

business a head office with 25 users, branch offices with
4 5 users, and a number of field representatives. Let us try to
summarise their IT network requirements.
Head office:
Computer systems network
Isolation of Internet exposed systems from the
internal network
Internet access control website filtering,
services filtering
Gateway anti-virus and anti-spam
Branch offices:
Site to Site VPN Connectivity for head office
Internet access control website filtering,
services filtering
Field representatives:
Host-to-network VPN connectivity
(for travelling individuals)
Depending upon the number of users and the features
required, the price for commercially available firewalls
suitable for SME network ranges from Rs 10,000 to Rs
50,000. In addition, an annual subscription is required
for continued support. The first few VPN client licences
are free, while additional licences typically cost Rs
2000 per user. The firewall has a pre-defined lifecycle
and one may have to purchase a new model after
support for the current model expires. Against this,
open source distros are available free and come with
community support. Paid support/ maintenance is also
available through local vendors.

IPCop 2.0.6, the open source firewall that runs on

any old computer system and which meets most of these
requirements, is simple to install and has excellent community




ADSL modem (shown)
IPCop Firewall/Router




switch or hub
switch or hub

email server web server


Figure 1: IPCop network

support, which is absolutely free!

Note: Gateway anti-virus and anti-spam module is
currently not available for IPCop 2.0.6

The IPCop firewall

Let us try to understand a network that uses IPCop, with the

help of a simple diagram (Figure 1).
At the head office, the IPCop firewall will segregate the
internal network as:
Protected computers Green network
Protected wireless network Blue network
DMZ computers (systems to be accessed from the
internal network and from the Internet) Orange network
Depending upon the number of users in any remote
branch, the connectivity will be established either by site-tosite VPN (for over five users) or by site-to-host OpenVPN.
These VPN users can access various services from the internal
networkfor example, a CRM/ERP software.
If more than five users from one branch wish to connect
to the head office, at the same time, site-to-site VPN could be
deployed using the IPCop firewall at that branch.

IPCop installation

Start by downloading the ISO image of the latest stable

release from Burn it to a
CD. IPCop installation is very simple and straightforward.
You require a computer system with a minimum of two
Ethernet cards, 512 MB RAM, a 20 GB hard disk or a 1 GB
flash drive, and a CD-ROM drive for installation. Start the
installation by booting from the IPCop CD.
The first screen greets you with the IPCop mission
August 2013 | 61



statement: The bad packets stop here. Press Enter

at the Boot prompt. Select the desired language; an
information dialogue box tells you that pressing Cancel
will reboot the system. Continue by clicking OK. Select
the type of keyboard and the time zone, then enter the
correct date and time, if required. Select the hard disk
on which to install IPCop. Beware that all the data on
this disk will be erased. Then click OK to continue.
Here, a very interesting screen greets you, irrespective
of whether the installation is on the hard disk or on a
flash drive. Select the desired disk type from Flash/
Disk. The installer will create the required file systems
and swap space, ask whether you have an older backup
to be restored, and complete the installation.
Reboot the system and continue to configure the
box. Enter the host name and domain name, before
selecting the Red (Internet) interface type and Ethernet
card. Note that here you can configure any Ethernet
card to any interface. In the earlier version, the first
detected Ethernet was always assigned to Green, and it
was tricky to change it later. Also, to identify the card
easily, you can set it in LED blinking on mode. Assign
Green, Red and Blue (if required) cards, and enter the
Green IP address and subnet mask. Also, select the Red
type, such as Static, PPPoE, etc. You may enable DHCP
if desired, and enter root, admin and backup passwords
to complete this part of the configuration.

IPCop configuration

Reboot the system and wait till you see the login screen
(which can be used to log in as the root user). Use a
client computer browser to open https://IPCopIP:8443
and authenticate yourself as the admin with an earlier
defined password. The first step is to complete the set-up
by configuring the Internet. This trial set-up uses PPPoE
on the Red interface. Proceed to Network > Dialup, and
enter the PPPoE username and password. From the Home
screen (System > Home), click the Connect button to
connect to the Internet. Configure the IPCop Green IP as
the default gateway and DNS in the client TCP/IP settings.
The next important step is to upgrade to the latest
release. Start by checking whether new updates are
available; go to the System > Update page. Select
Refresh Update List and check for the availability of
new updates. Do apply all the available patches. After
the updates, IPCop will be upgraded to the latest version
2.0.6 (as of July 1, 2013).
Configure client systems under Green and Blue with
the corresponding IPCop interface IP address as their
default gateway and DNS. An external DNS IP address
can also be used.
That is all... you can now start browsing securely.
To conclude this article, let me answer a few questions

62 | August 2013

that are frequently asked by users at various organisations,

and explain three real life scenarios where a properly
configured firewall could have helped. Let me emphasise
that not just a branded, but any properly configured firewall
would have saved the day.

Firewall FAQs

All our systems have anti-virus. Do we require a

network firewall? Yes, anti-virus is not a substitute for
a network firewall.
All our systems have a host-based firewall. Do we
require a network firewall?
Yes. First, configuring host-based firewalls on multiple
systems itself is a big task. Also, these firewalls sit only on
operating systems and do not protect other network devices
such as network printers, access points, Network Attached
Storage (NAS) boxes, etc.
Since we have a firewall costing Rs 100,000 installed
in our network, arent our systems protected?
Not sure. While auditing, I have observed that these
firewalls are not configured properly. The best approach
to configuring any firewall is to deny all traffic from the
firewall and allow only the desired traffic by creating
rules, one by one. Such an approach generates a lot of
reconfiguration calls after installation is completed and
hence is not preferred by many. You may buy or install
any good firewall. Much depends on its configuration
rather than anything else.
Is it possible to filter https traffic using IPCop?
Yes, let me try to explain. When you browse a http
website, all data travels in clear text format. In simple
language, this means an intruder can sniff this traffic and
read through your login ID and password. To overcome
this, https websites use an asymmetric encryption
mechanism so that the traffic is sent in encrypted form
from the browser to the Web server, thus ensuring its
confidentiality. Now, since this traffic is encrypted, even a
firewall cant read it! Then the question is, how can it be
filtered? There are two ways:
Blocking the https protocol will disable all https
traffic even all required https websites will be
blocked. You can allow various sites by finding their
IP addresses and creating corresponding allow
rules. This method is tedious, specially considering
that many websites have multiple IP ranges, and a
few website IP addresses change.
Blocking all direct https traffic and allowing it only via
Advanced Proxy (inbuilt in IPCop). Here, all browsers
will have to be configured with proxy settings. The
https proxy functions as follows:
1. Browser https traffic is terminated by the IPCop proxy
(instead of the destination Web server).
2. The URL filter reads the requested URL.

3. If the URL is on the blacklist, the request is dropped.
4. If the URL is not on the blacklist, a new connection is
initiated from IPCop to the destination Web server.
5. A reply from the Web server is terminated on IPCop.
6. IPCop forwards the reply to the corresponding
Web browser.
Here, please observe that the traffic is decrypted and
re-encrypted by IPCop. This results in a slight reduction
in browsing speed, and technically, IPCop can read https
traffic. But this is the way all https URL filters work.

Real life scenarios

Here are some real life scenarios where a properly

configured firewall could have helped
Sasser worm: Sasser attacks the vulnerable Microsoft
SMB port 445. Once affected, the system shuts down in one
minute, displaying a count-down window. If you are really
interested in experiencing Sasser, try this: Install Windows
XP without the service pack, and connect your system to
the Internet directly in a short while, the system will get
infected by Sasser. (Be very careful while you play around!)
This is because, some Sassers are still in the wild and try
affecting vulnerable systems even today!
Here, putting your system behind a network-based
firewall will definitely help. Port 445 of the internal
system will not be accessible from the Internet and the
worm will be blocked by the firewall before entering the
Internal network.
CodeRed worm: On July 13, 2001, a number of
computer systems running the Microsoft IIS Web server
on Windows NT or Windows 2000 were affected by a
worm called CodeRed. It is believed that about 300,000
servers were affected on Day One! The worm was
designed in a very peculiar manner. From the 1st of any


month to the 13th, it would try to spread to random IIS

Web servers. Once a Web server was infected, it would
in turn generate a lot of traffic towards the Internet
searching for IIS servers randomly, ultimately infecting
the vulnerable ones.
A properly configured firewall denying any traffic to be
initiated from the Web server towards the Internet could have
curtailed the spread of this worm. Also, a Web server should
only reply to the incoming Web requests and should not be
allowed to browse the Internet.
In this case, infection of vulnerable IIS Web servers (even
those sitting behind a firewall) was inevitable, but a properly
configured firewall could have definitely stopped the spread
of CodeRed from the affected Web server.
ISP connectivity issues: In an earlier time, one ISP
started its services from a central area of Pune with much
fanfare. A horrifying fact was that all connected networks
were not separated at the ISP end in simple terms, double
clicking on Network Neighbourhood made all the systems
connected to this ISP visible and, of course, the data on
them accessible! Here, deploying a firewall would have
assured separation
[1] Google search for IPCOP LFY
[2] IPCop official website:
[3] A great IPCop forum:

By: Rajesh M Deodhar

The author is a BE in Industrial Electronics, as well as a CISA,
CISSP, CCNA and DCL. He has been working as an IS auditor
and network security trainer-consultant for the last two decades.
You can contact him at

osFY Magazine attractions during 2013-14



Featured List

March 2013


Virtualisation Solution Providers

April 2013

Open source Databases

Certification & Training Solution Providers

May 2013

Network Monitoring

Mobile Apps

June 2013

Open Source application development


July 2013

Open Source on Windows

Web Hosting Providers

August 2013

Open Source Firewall and Network security

E-mail Service Providers

September 2013

Android Special


October 2013

Kernel Special

IT Consultancy

November 2013

Cloud Special

IT Hardware

December 2013

Linux & Open Source Powered Data Storage

Network Storage

January 2014

Open Source for Web development and deployment


February 2014

Top 10 of Everything on Open Source

IT Infrastructure

August 2013 | 63


Let's Try

Secure Your Network with

Firewall Builder
A firewall isolates a trusted, secure internal network from another network like the
Internet, which is not regarded as either trusted or secure. Firewall Builder is an open
source product that makes it easy to configure firewalls.

n computing, hardening is the process of securing a

system by reducing its areas of vulnerability. This is
done by removing needless software, unnecessary logins
and unnecessary services. There are various other methods
of hardening, which may involve applying a patch to the
kernel, closing network ports, setting up intrusion-detection/
prevention systems and firewalls.
A firewall protects the resources of a private network
from users of other networks. Organisations that allow their
employees to access the Internet install a firewall to prevent
unauthorised entities from accessing their own core services
and core data, which is often confidential. Policy is the term
often used in relation to firewalls. A policy can be described
as a set of business rules or restrictions that are implemented
with the use of a firewall.
One of the firewalls methods is to screen requests to
make sure that they come from acceptable sources (domain
names and IP addresses). Many companies make firewall

64 | August 2013

products that include features such as automatic alarms at

given thresholds of attack, logging, reporting, and a graphical
user interface to manage the firewall.
Firewall Builder has features such as a drag-and-drop
GUI, shared objects and search-and-replace. It is available
under GPL; its GUI is based on QT, and hence requires the
QT runtime libraries and development packages if you wish
to build from source.
Firewall Builder is based on the concept of objects.
With this concept, users create objects such as IP networks
and IP addresses to represent entities that will be used in
firewall rules. Objects are stored in libraries. There are
two object libraries that come with Firewall Builder. The
User library stores objects that the user creates while the
Standard library, which is a read-only library, contains
hundreds of pre-defined objects such as common TCP and
UDP services. Once you create a policy with firewall rules
in Firewall Builder, the very next thing you need to do is

Let's Try








Mail Server


Mail Server

Figure 1: Firewall

to compile the policy. This converts your rules from the

Firewall Builder syntax to the command syntax used by the
target firewall platform. You need to recompile the policy
in case you change the rules of a firewall.


Figure 2: Firewall and Cloud Computing


It generates platform-specific firewall commands.

Typing firewall commands is an old school approach;

Firewall Builder allows you to create objects such as an

IP address to represent your HR server.
Groups of objects can be created and can be used to create

You can mail us at You can send this form to

The Editor - D-87/1, Okhla Industrial Area, Phase-1, New Delhi-20. Phone No. 011-26810601/02/03, Fax: 011-26817563

August 2013 | 65


Let's Try


Define Firewall


Import an existing
firewall's rules

Manually create a
new firewall


Objects that
match the
devices, networks,
and services


Predefined TCP
services objects for

Predefined TCP
services objects for


Define Rules

Basic rules in Preconfigured


Customize Policies
from scratch

Configure Rules
on newly created

Configuration File

Firewall rules in
correct command

Verification for
Errors in Rules

Optimization of

Secure connection
using SSH and SCP
to run required

Secure connection
using SSH and SCP
to run required



Identify Target

Figure 3: How Firewall Builder works

a firewall rule.
Easy search facility to find where objects have been used.
Configuration versioning this is a facility to
automatically roll back on the previous firewall
Pre-defined templates for firewall rules and familiar
deployment scenarios.
Start-up scripts pre- and post-firewall scripts.

Supported platforms

Firewall Builder supports policy configuration and

management on Linux iptables, Cisco ASA/PIX, Cisco
Firewall Service Module (FWSM), Cisco router access
control lists (ACL), OpenBSD pf, HP ProCurve ACL,
FreeBSD ipfw and ipfilter.

providers allow.
For Red Hat, Fedora, OpenSUSE, and others,
download and install the Firewall Builder RPM, e.g.,
You need to install libxml2 v2.4.10 or newer, libxslt v1.0.7
or newer, ucd-snmp or net-snmp, and QT 4.3.x, 4.4.x, 4.5.x,
4.6.x to satisfy dependencies.
Navigate to your download directory and execute the
rpm -i fwbuilder-

For Ubuntu, download and install the Firewall Builder

package, e.g., fwbuilder_5.1.0.3599-ubuntu-precise-1_
You need to install QT 4.3.x, 4.4.x, 4.5.x, and 4.6.x to
satisfy dependencies.
Navigate to your download directory and execute the
dpkg i fwbuilder_5.1.0.3599-ubuntu-precise-1_i386.deb

For a Windows installation, double-click the Download

fwbuilder- (18.0 MB) link, then follow the
step-by-step instructions in the installation wizard.
Figure 3 shows how Firewall Builder works.

Firewall Builder vs UFW

Firewall Builder

Firewall and Cloud Computing

Scenario: For an e-commerce application, secure one

or multiple public-facing Web servers. Regardless of
whether that server is situated in DMZ, Amazons Cloud,
Rackspace Cloud, or in Private Cloud, it requires the
same level of risk management. Considering this factor, it
may not be important where the Web server is hosted. A
single firewall policy for Web Server and Database Server
can be enforced. Hierarchical policies can be made and
enforced as per your convenience to make the application
more secure.
In this situation, the easiest implementation is to
leverage the firewall built into each operating system. If we
define the organisations rules within the host-based firewall
as per policies, the risk mitigation policy is not dependent
on the logical location, and hence it can scale as required.
All we need is a good tool for managing the built-in firewall
without complexities.

How to install Firewall Builder in

a Cloud environment

In Private Cloud, Firewall Builder can be installed in various

operating systems and be used according to the environment
or the access to the virtual machine that cloud service
66 | August 2013

firewall (UFW)




GNU General Public


GNU General Public


Interface GUI

Command Line



Now that you know what Firewall Builder is all about,

go ahead and use it to protect yourself and your organisation
from unwanted intrusions.


By: Mitesh Soni

The author is a Technical Lead at iGate Global Solutions
Limited. He is in the Cloud Services (Research and Innovation)
Group and loves to write about new technologies. Blog: http:// and

Let's Try


Analyse Your Network Packets

with LibPCAP
Data on a network flows in the form of packets, which are entities that carry your data
across the network. These packets are routed from one router to another by intelligent
nodes. LibPCAP is a library that lets you capture these packets.

acket capture lets you intercept and entirely grab any

packet (with all its headers) that is seen by the network
device. Packet capture is done regardless of which port
the packet is sent to, or even regardless of the host. LibPCAP
provides an implementation independent library that lets you
access the underlying packet capture facility provided by your
operating system. Hence, libPCAP is used to capture packets,
directly off the network cards.


in this article, is a working C/C++ compiler (I have used gcc

in this article) and libPCAP. To install libPCAP on Ubuntu,
you can simply run the following command in a terminal:
apt-get install libpcap-dev

In other distributions, you can download the source

package for libPCAP from and build it with the following commands:

There are a few things you should know before you can
implement the code provided in this article.
Here is a list of things you might want to review before
proceeding to read this article.
1. Basics of C programming
2. The basics of networking and its terminology

make install

Getting started

Understanding libPCAP

The only thing you need to set up, to run the codes provided

Now that we have set up everything we need, let us try

and understand libPCAP better.

Let us have a look at the structure of the PCAP packet sniffer

August 2013 | 67


Let's Try

that we are trying to design. With this, I'll highlight the

functions libPCAP will need to perform.
First, find out the device you want to sniff on. In Linux,
this can be eth0 (ethernet), or wlan0 (wireless). This may
vary based on your network connection. LibPCAP can
automatically find which device you want to sniff on. Next,
set up PCAP and initialise it, to sniff on the device you found
or set up in the previous step. You can then set up filters, to
capture only the kind of traffic you are interested in. When
you specify a filter, then you must compile it, for correctness,
before you apply it. Finally, make libPCAP grab packets in a
loop, until your needs are satisfied.

Opening the device for sniffing

It is remarkably simple to set up your device. If you know

your device string (eth0, wlan0, etc), you can set it directly, or
pass it as a parameter to your program. If you want libPCAP
to find your default device, use pcap_lookupdev (char
*errbuf). The parameter errbuf is buffer memory (array),
which stores the description of the error in case the command
fails. Most libPCAP commands let you pass this array as a
parameter, and it universally performs the same function.
The code to find out the default device is given below:
int main()
char *dev,errbuf[PCAP_ERRBUF_SIZE];
printf("Device: %s\n",dev);
return 0;

The size of the error buffer errbuf is defined to be PCAP_

ERRBUF_SIZE. This is a value predefined in the pcap.h header
file. Compile the above code with the following command:
gcc code1.c -lpcap

-lpcap is the linker directive to link the associated

libPCAP shared library, and must be used every time you
want to compile code that uses libPCAP. You may also need
to run your compiled program with root privileges.
Alternatively, if you know the device you want to sniff on,
you can simply call the function:
pcap_lookup with the dev = * device id for the device you
want to sniff on* eg dev=wlan0

To open the device for sniffing, use:

pcap_t * pcap_open_live (char *device,int snaplen,int
promisc,int to_ms,char *errbuf)
68 | August 2013

The values of the parameters in the above defined function

are as follows.
device: This argument stores the device specified
above (the device to be sniffed on).
snaplen: This is an integer that defines the maximum
number of bytes to be captured.
Promisc: This is an integer that sets the device to work in
promiscuous mode. Promiscuous mode sniffs all traffic
on the wire -- this could be all the traffic on the network.
The downside of using promiscuous mode is that it can be
easily detected, and the host may be taxed for resources. In
non-promiscuous mode, the sniffer only captures packets
that are relevant to the host, which means that only traffic
that is to, from or routed by the host will be captured.
to_ms: This is an integer that specifies the read time out
in milliseconds (a value of 0 specifies no time out).
errbuf: This stores the error message in case the call
Notice that the function returns a pointer value of type
pcap_t. This function returns a value that is your session
handler. The code to open the connection is given below:
int main()
char *dev,errbuf[PCAP_ERRBUF_SIZE];
pcap_t *handle;
return 0;

The value of BUFSIZ is defined in pcap.h. In the above

code, you are passing the value of the device you want to
sniff on, which was found by the pcap_lookupdev function,
while you are setting the maximum number of bytes to be
captured to be BUFSIZ, the packet sniffing mode to be
promiscuous, and no time out on read time.

Filtering traffic

At times, you will be interested in only certain types of traffic,

rather than in capturing all packets. Here is where filters come
in. They let you only capture certain kinds of traffic. For
example, you may only want packets from a specific protocol
like UDP or TCP. Now, one may wonder why you shouldn't
use if/else statements? Well, you could, but filters are easier
to use, and are more efficient. Before you apply your filter,
you must compile it. The expression for the filter is a string.
Compile it with the following function:
int pcap_compile(pcap_t *handler,struct bpf_program
*filter,char * filt,int opt, bpf_u_int32 netmask)

Let's Try
The parameters passed to pcap_compile are as follows:
handler This is the session handler obtained earlier.
filter This is the location where you store the
compiled filter.
filt This is the string that represents your filter. The
tcpdump man pages document the syntax of these
filters well.
opt Specifies whether the compiled filter should be
optimised or not.
netmask Specifies the network mask that your filter
applies to.
Once the filter has been compiled, you must now apply it.
Use the following function to do so:
int set_filter(pcap_t *handler, struct bpf_program *filter)

where handler is the session handler, and filter is the location

where your compiled filter resides. This is straightforward.
The following code documents how filters must be used:
int main()
char *dev,errbuf[PCAP_ERRBUF_SIZE];
pcap_t *handle;
struct bpf_program filt;
char filter_app[]="port 80";
bpf_u_int32 mask,net;
return 0;

In the above code, the function pcap_lookupnet is used

to identify the network details, like the IP and network
mask, given the device. Notice that the variable filter_app
stores the string port 80, which is your filter string, which
specifies that only traffic on port 80 should be captured. Port
80 is the TCP port. The syntax for other filter commands is
documented in the tcpdump man pages.

Actual sniffing

Now that you have your filters, session and device set up, you
need to actually start capturing packets, which you can do
using the following function:
u_char * pcap_next(pcap_t *handler,struct pcap_pkthdr *h)

where handler is the session handler mentioned earlier

and h is a structure that will store a pointer to information about


the packet to be captured. This includes the time it was sniffed,

the packet length, and the length of the specific portion of the
packet captured (in case it is fragmented). The function returns a
pointer of type u_char to a packet that is described by h.
The code to use the pcap_next is given below:
int main()
char dev[]="wlan0",errbuf[PCAP_ERRBUF_SIZE];
pcap_t *handle;
struct bpf_program filt;
char filter_app[]="port 80";
bpf_u_int32 mask,net;
struct pcap_pkthdr header;
const u_char *packet;
printf("%d \n",header.len);
return 0;

In the above code, you captured the packet and printed

the length of the packet captured. Also note that, in the
above code, the device string has been set to use the wlan0
connection to listen to packets on the wireless device. To
see the list of available devices on your Linux system, you
can use the ifconfig command at the terminal, and set your
device accordingly.
In practice, very few sniffers use pcap_next directly.
They usually use pcap_loop or pcap_dispatch to capture
multiple packets. They use callback functions. If you
have worked with Javascript, you might be familiar with a
callback function. It can be understood as a function that is
called, every time an event occurs. The functions pcap_loop
and pcap_dispatch call the callback, every time a packet is
captured. The signature for pcap_loop is given below:
int pcap_loop(pcap_t *handler,int cnt,pcap_handler
callback,u_char *user)

The parameters for pcap_loop are defined below:

handler This is the session handler.
cnt This is the number of packets which should be
captured by pcap_loop.
callback This is the callback function specified only
by identifier, without the parentheses.
user These are some additional arguments that we as
users might want to pass to the callback function.
August 2013 | 69


Let's Try

pcap_dispatch is identical in usage. The only difference

between pcap_loop and pcap_dispatch is that pcap_dispatch
will only process the first batch of packets it receives from the
system, while pcap_loop will keep processing packets until
the count runs out.
The callback function should have the signature, which
should be as follows:
void callback_function(u_char *arg, const struct pcap_pkthdr
*pkthdr,const u_char *packet)

The arguments to the callback function are as follows:

arg - This is the list of user parameters you passed to
pkthdrThis parameter contains information about
the packet captured. The structure of the pcap_pkthdr
is given below:
struct pcap_pkthdr{
struct timeval ts;
bpf_u_int32 caplen;
bpf_u_int32 len;

Figure 1: Output
char dev[]="wlan0";
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t* descr;
const u_char *packet;
struct pcap_pkthdr hdr;
struct ether_header *eptr;
/* net/ethernet.h */
struct bpf_program fp;
/* hold compiled program */
bpf_u_int32 maskp,netp;
/* subnet mask */
pcap_lookupnet(dev, &netp, &maskp, errbuf);
descr = pcap_open_live(dev, BUFSIZ, 1,-1, errbuf);
pcap_compile(descr, &fp, "port 80", 0, netp);
pcap_setfilter(descr, &fp);
pcap_loop(descr, -1, callback_function, NULL);
return 0;

packet This is a pointer to the first byte of data

containing the entire packet. As you might imagine, the
packet isn't a string, but rather a collection of structures.
Now that we have established the basics, we can proceed
to build a small packet sniffer using libPCAP.
The code for the packet sniffer is given below:
#include <pcap.h>
#include <stdio.h>
#include <stdlib.h>
void callback_function(u_char *arg, const struct pcap_pkthdr*
pkthdr,const u_char* packet)
int i=0;
static int count=0;
printf("Count: %d\n", ++count);
printf("Size: %d\n", pkthdr->len);
for(i=0;i<pkthdr->len;i++) {
printf("%c ",packet[i]);
printf(" . ",packet[i]);
if((i%16==0 && i!=0) || i==pkthdr->len-1)
int main(int argc,char **argv)
int i;
70 | August 2013

In the callback_function, we are only displaying the

packet number, size of the packet and the packet payload. The
output of running the above code is given in Figure 1.
With this, I conclude the introduction to programming
with libPCAP. You have learned some of the basic
concepts behind network sniffing. Do test and experiment
with libPCAP, to understand its full potential. There are
also other sniffers you could experiment with, namely
tcpdump and wireshark.

By: Sahil Chelaramani

The author is an open source activist, who loves Linux, Python
and Android. He is a fourth year student at the Goa Engineering
College (GEC). In the author's own words, Beyond anything
else, I love to code.



The Benefits of OpenSSH

The SSH service is very widely used in open source infrastructure set-ups. Due to its small
footprint on the network, as well as the ease of installation and maintenance, SSH replaces
many remote shells in data centres today. OpenSSH is a very famous flavour of this
protocol, and this article talks about its benefits and the challenges associated with it.

penSSH is free Secure Shell software that

provides great services in terms of protocol-based
connectivity as well as security. It replaces almost
all legacy applications such as Telnet, rlogin, etc. It is
important to understand how the protocol works, and the
bells and whistles provided in terms of features. Please
refer to Figure 1, which shows the protocol stack forming
the OpenSSH protocol services. For those who know
how Telnet works, it is easy to understand the working
operations of OpenSSH. Similar to Telnet, it runs as a
daemon service on Linux servers, while the client uses an
SSH client utility such as putty to connect to the server.
SSH is available on Windows as well as UNIX platforms,
and is widely used on Linux infrastructures. By default,
it uses TCP port 22 for communication. However, unlike
the Telnet protocol, OpenSSH is primarily used to ensure

data security and, to that end, it uses cryptography to

authenticate the client and the server, and also for data
transfer purposes. This ensures confidentiality and integrity
of the data that flows on the wire.
Its communication has three basic stepsthe client-server
handshake, authentication and secure data exchange. During
the handshake phase, both the sides exchange information
about the OpenSSH protocol version and the cipher
algorithms they support (which are typically the combinations
of asymmetric and symmetric encryption, as well as hashing
algorithms and compression algorithms). Unlike SSL, in this
protocol, the server sends the first data block to the client.
As for authentication, the server is authenticated using the host
key, whereas the client typically stores the key fingerprint at some
predefined location and validates it later in the process. Please see
Table 1, which shows the supported client authentication methods.
August 2013 | 71



TCP Forwarding, Session Multiplexing
SSH-User Auth Layer
PAM and password based authentication
SSH-Transport Management
Key based authentication and key creation

Figure 1: OpenSSH Protocol Stack

Table 1

Client authentication method



Client and server have key pairs

and exchange public keys during
the authentication process


Plain text password for the given

login user is used for authentication


Limits client access to a

particular host/hosts


Works on the basis of pre-stored

security question and answer

People often mistake OpenSSH for a single utility installed

on the server side, which is not true. In fact, it contains many
small executables, each for a specific feature or purpose.
Table 2 lists such important tools from the protocol stack.
Table 2


Server daemon service


Client program to connect to daemon


Secure FTP for file transfer


Secure file copy utility


Helps create keys for public key and host

key-based authentication

Now lets look at the operations of each component as

shown in Figure 1. The bottom layer that rides on the TCP
protocol is the transport management layer, which is very
important, because it takes care of crypto operations such as
key generation and management. The next one is the user
authentication layer, which is responsible for authenticating
end users to the sshd dmon services, which are hosted on
the server side. Once authentication is complete, a secure
tunnel is created for data communication. This layer also
ensures that you can use one of the many available ways of
authentication such as the legacy username and password
style, or the more advanced smart cards. The topmost layer is
connection management, which adds features such as session
multiplexing and also ensures additional security by blocking
application layered attacks.
72 | August 2013

Installing OpenSSH

OpenSSH can be downloaded from and the installation

steps are as easy as for any other binary installation on a Linux
distro. On Windows machines, running the installable exe file guides
you through the steps. Remember to check if OpenSSH already
exists on the machine; this is because many open source distributions
come equipped with OpenSSH as a default SSH daemon. It is also
important to secure the OpenSSH protocol, because, by default, it
runs services in an unsecured fashion. Securing it involves studying
and manipulating multiple parameters in the configuration files,
which was covered in some articles in ealier issues of OSFY.

Features of OpenSSH

While there are many features available in OpenSSH, lets discuss

those that are important from the security and operations point
of view. First and foremost, it supports almost all operating
systems available, right from the legacy openbsd project to
the most recent Linux or Windows distribution. As mentioned
earlier, it is an open source protocol stack and available under
free licensing. OpenSSH has strong authentication capabilities.
This is achieved by various levels of encryption as well as a few
built-in features that block security holes, especially in the areas of
routing and DNS spoofing. It also provides very strong encryption
standards such as 3DES, AES, etc, which make it a perfect fit
for industry standard installations. It offers protocol privacy, by
which all authentication happens seamlessly and in a manner that
is transparent to the user and systems, but at the same time, is a
robust and verbose logging system that ensures audit trails of each
activity. The way security is designed in the protocol is as if it
never trusts the network or the remote connection.
As for the utilities, SFTP and SCP help copy files securely over
the SSH tunnel between clients, or the client and server. OpenSSH
also supports data compression which reduces chatter on the
network, thus making more bandwidth available to other nodes. It
also supports protocol tunnelling, whereby legacy protocols such
as Telnet or tftp can piggy-back over an existing authenticated ssh
tunnel. For advanced IT implementation, most secure protocols
such as Kerberos and AFS ticket passing are also supported.


While OpenSSH is a versatile, robust and secure protocol, it is

imperative to tune it up in order to ensure security. OpenSSH
is available on all Linux distros as well as various versions of
Windows. Read up on the documentation to understand the right and
secure way of installing and configuring the protocol.
By: Prashant Phatak
The author has over 22 years of experience in the field of
IT hardware, networking, Web technologies and IT security.
He runs his own firm, Valency Networks, in India (www., providing consultancy in IT security
design, security penetration testing, IT audit, infrastructure
technology and business process management. He can be
reached at



Secure Your PHP Application

In the open source world, PHP programming is always given first preference due to its
availability and flexibility. It is a powerful server side scripting language and provides a
robust framework to create versatile Web applications. However, a few recent virus attacks
on PHP-based websites have shown that this power can be diminished if the programmer
doesnt implement a few important security measures. This article talks about important
challenges in PHP programming from the security point of view and provides solutions to
avoid or mitigate those risks.

ets quickly look at how PHP works. Typically, PHP runs

on an Apache Web server; however, it can also run on
commercial Web platforms such as Microsoft IIS. PHP
is a set of libraries installed on the Web server side, which forms
a framework to process Web requests. It also has the necessary
bells and whistles to perform back-end database connectivity
and to call Web services. An important part of its engine is to
generate dynamic HTML based on the program being executed
and communicate it back to the browser over the http connection.
PHP does not process HTML, CSS templates or JavaScript. This
is because those are client-side scripts and hence are rendered
and processed on the browser side.
First, lets talk about website security, in general. No
security can be possible without a complete solution around
a Web server. For example, a properly configured firewall,
hardened operating system, locked down Web server and
back-end database are essential for end to end website security.
PHP, from the security perspective, is a versatile programming
language; however, it doesnt provide any inherent, built-in
automatic means to secure code. It is up to the programmer to

understand security problems and ensure that the code handles

those situations properly. When we talk about security in a Web
application, it boils down to two categoriesremote and local.
Local exploitation is caused due to the incorrect or imperfect
set-up of Web servers and the configuration of the operating
system on which it runs. Remote exploitation takes place
when malicious users who know how to exploit code level
vulnerabilities make their way through the intricate details of
the Web deployment system. There are ways to mitigate risks
in both these categories. Please study Table 1, which shows the
typical security problems with examples.
Table 1

Problem area

Possible exploit

Forms processing

Form submit spoofing


Session hijacking


SQL injection

Shared hosts

File system exposure

August 2013 | 73

PHP security


Refer to Table 1 and note that there are many problem

areas with possible exploits; however, this article
is limited to those that are found frequently. Forms
processing is a vital area of many websites. Pages such
as 'Contact us' and 'Brochure download' can contain
simple text boxes and a forms submit button. When the
user fills in the information and submits the form, the
information entered makes its way to the server. If this
information is not being parsed for errors and is not being
validated for malicious attacks, it can lead to trouble. For
example, a non-validating form can accept JavaScript,
which can get executed on the server. The same applies to
XML and HTML content.
Remember that the form is always on the browser side
and, hence, is very easy to re-construct to launch an attack.
To elaborate further, lets say that a form submit accepts
an email address, to which an email bulletin will be sent
every day and, hence, the email address will be stored in a
database. If the malicious users enter a space character or
leave it blank, they would make their way to the database,
if not validated. There are two problems here; first, the
database will have bogus blank entries and second, when
the email server does its daily job, it will have to deal with
sending emails to blank addresses, which can possibly
create problems on the email server itself.
In PHP the form submitted values can be intercepted on
the receiving page by using the $_POST function. These
values can then be parsed and the user can be directed to an
error page in the event of incorrect form entries. Lets look
at another example. Lets suppose a form that accepts the
date range is to be submitted. The program is then supposed
to use that information to construct a SQL query to pull up
data records in that date range. In this case, if the validation
for the date range is not performed to restrict specific dates,
malicious attempts could be made to provide a very wide
range, resulting in a SQL query that will return millions of
results, thus taking down the database server and the website.
Non-validation of forms can also result in cross-site scripting
attacks, as well as HTTP request spoofing attacks.
Speaking of database related security problems, please note
that the PHP engine works with the Web servers operating
system to connect to the database and perform SQL operations.
There can be security challenges in the way the SQL server is
accessed. For example, the SQL connection must be opened
on the PHP server side scripting, which is enclosed in the
<?php and ?> tags. It is a common mistake to perform SQL
connectivity via JavaScript, which exposes the database user
name and password on the client side, thus compromising
security. Second, if the SQL query is being constructed based
on the users input through forms, it is important to validate the
entries as explained above. If not done, it can lead to an SQL
injection attack. Lets look at the example of a form accepting

74 | August 2013

a user name in the form, which is then being inserted into the
database table by using the PHP code given below:
$sql = "INSERT INTO users (username) VALUES ('{$_

If we carefully examine the code, it shows that the

username being accessed through the submitted form
is being inserted without any validation. Now consider
what would happen if a hacker writes DROP TABLE or
any other intrusive SQL command instead of the user
name. Since there is no validation, it will get executed,
thus causing data loss. This is the simplest form of SQL
injection and, unfortunately, even today, most websites are
still vulnerable to this type of attack.
When a browser connects to a Web server running PHP,
it establishes a session that is used by the server to deliver
the page and its contents, which are requested. Sessions are
important because they help the PHP engine in a way to
preserve data across subsequent actions. This further helps
programmers to build more sophisticated and user friendly
applications. Each session contains its own identifier and
there are multiple functions available in PHP to deal with the
session and its variables. The security problem with a session
is that it can be either guessed, predicted or destroyed. For
example, if a PHP-based website stores the logged in users
username in the session, it is absolutely important that on
each page request the username is checked. PHP provides the
$_Session function to retrieve session variables, and it should
be used properly for this purpose. If this sort of parsing is
not done, then an advanced hacker can steal the session and
impersonate the user, causing data theft.


As explained earlier, PHP security is not a built-in feature

that can simply be turned on. It is a consolidated effort
by those administering the Web server and the operating
system. Besides that, secure programming practices demand
that developers understand the implications of their coding
and mitigate risks by taking correct security measures.
PHP provides many functions that should be studied and
implemented. This is especially true for shopping cart
websites that are hosted on Apache-PHP engines.
By: Supriya Awati
Supriya is a PHP developer, loves Web programming and has
a passion for server and client side scripting. She is fascinated
with the idea of combining Facebook and open source tools to
make programmers lives easier. She works at Valency Networks
( as a cyber security product
designer and can be reached at

Let's Try


Set Up a Certificate Authority in RHEL5

Security certificates are widely used for authentication. This article explores how
to set up a Certificate Authority in RHEL5.

ecurity certificates are basically used for authentication

purposes and you must have encountered a number
of websites that use them. These digital certificates
are issued by a Certificate Authority. Such certificates
contain the public key of the applicants and various other
information regarding their identity. In this article, well
discuss the setting up of a Certificate Authority in RHEL and
certificate signing.
Before we start, just make sure you have openssl installed
on your system and follow the steps listed below:
1. Open the /etc/pki/tls/openssl.cnf file in a text editor and write
down the following lines under the [ CA_default ] section:

You can find the purpose of each of these objects in the /

etc/pki/tls/openssl.cnf file.
2. Under the [ req_distinguished_name ] section, you can
specify the default values for several fields:

stateOrProvinceName_default=West Bengal

These fields are used during the time of certificate

3. Now it is time to create your working directories using
the following command:
mkdir p /etc/pki/myCA/{certs,crl,newcerts,private}

4. Create a certificate index file using the command that

touch /etc/pki/CA/index.txt

5. To create another file for the next certificate serial

number to be issued, use the following command:
echo 01 > /etc/pki/myCA/serial

Continued on page 81...

August 2013 | 75

Open Gurus


Getting Started with the MinnowBoard

With the embedded market being flooded with open source hardware boards, its tough
finding one that not only suits your budget, computing power needs, etc, but is also
backed by a strong community, beginner friendly documentation and a great out-of-thebox experience. The authors search finally ended at MinnowBoard, which successfully
lived up to all his expectations, from a hobbyists point of view.

Angstrom OS)
10.66 cm x 10.66 cm (4.2 x 4.2)


While playing around with MinnowBoard, you will have

a number of doubts. The following links would be the best
places to start looking for answers:

Operating systems supported by MinnowBoard

At the time of writing this article, Angstrom is the officially

supported operating system. Support for Android, Ubuntu and
others will follow soon.

Where to buy MinnowBoard

innowBoard (see Figure 1) is an open source

hardware board based on the Intel x86 architecture.
It is also a reference platform for the Yocto Project
(, which lets you build your
own embedded Linux distribution. MinnowBoard can be
complemented with plug-in boards called lures, which
augment its functionality. Listed below are some of the cool
features of MinnowBoard.
1GHz Intel Atom E640 processor
microSD card slot, DVI
Gigabit Ethernet
USB host (x2)
4GB microSD card with embedded Linux distribution (the
76 | August 2013

You can buy it from various worldwide distributors such as

Mouser, DigiKey, Special Computing, Element14, etc.
The cost of MinnowBoard is currently US$ 199.

MinnowBoard lures

As mentioned earlier, a lure is a plug-in board (similar

in concept to the Arduino shield) used to extend the
functionalities of MinnowBoard. At the time of writing this
article, breakout board (aka BOB lure), trainer lure and
beacon lure were available. More are to follow soon. For more
information about the lures, please refer to the following link:

Box contents

When you purchase a MinnowBoard, you get the following

items included in the box: MinnowBoard, a USB cable, 4GB
microSD card and a power adapter.

Download the latest Angstrom image

Please visit the link below to download the latest Angstrom

Linux image for the MinnowBoard:


Open Gurus

Figure 2: Angstrom

Figure 1: MinnowBoard
At the time of writing this article, the latest image available
for download was Angstrom-development-GNOME-imageeglibc-ipk-v2012.12-minnow-2013.05.24.img.xz

Preparing the microSD card

For the purpose of this article, I am using Ubuntu 12.10 running

on a 64 bit machine. Now insert your microSD card into the
computer but make sure that it is not mounted. Now, identify
the correct raw device name (like /dev/sde - not /dev/sde1).
You can do this by using a tool called disk utility in Ubuntu.
Now navigate to the folder where you have downloaded the
image using the terminal. Type the following command into the
terminal window to write the image to the microSD card:
xzcat Angstrom-development-GNOME-image-eglibc-ipk-v2012.12minnow-2013.05.24.img.xz | sudo dcfldd of=/dev/sdX

Here, sdX stands for the raw device ID of the microSD

card. Please be patient as this operation will take some time.
Once successful, remove the microSD card.

Booting MinnowBoard

Now, plug in the microSD card into the MinnowBoard.

To power it up, connect the 5V/2.5A power supply to the
MinnowBoard. Then, you can either choose to take the
GUI or the Command Line approach. In the GUI approach,
you will connect an external display to the DVI port on
MinnowBoard, and the USB compatible keyboard and mouse
on the corresponding USB host ports.

Figure 3: USER LED(s) on MinnowBoard

In the Command Line approach, connect the MinnowBoard

to your computer using the USB cable provided. The next
step is to setup the terminal emulator so that we can access the
board's serial console. There are two possible ways here. Either
use a terminal emulator or the Linux 'screen' command. Let us
discuss the first method. Install minicom/Gtkterm in Ubuntu.
I personally prefer minicom. Install it by typing the following
command in the terminal window:
sudo apt-get install minicom

Start minicom by typing the following code into the terminal:

sudo minicom -s

Configure it by selecting the correct USB port, set the

baud rate to 115200, and both software and hardware control
to NONE.
The other way is to use the Linux screen command, as
shown below. Its much easier too!
screen /dev/ttyUSB1 115200

Also, in most cases, the virtual USB serial port is

ttyUSB1. If it does not work, try ttyUSB0.
If all went well, you should be greeted with a familiar
Angstrom login in the terminal as shown in Figure 2. The
username for the same is root and for the password, just
press ENTER. You should see the following prompt:
August 2013 | 77

Open Gurus

a virtual filesystem, which enumerates the devices and
busses attached to the system (board, in our case) into
a file system hierarchy that can be accessed from user
space. It is generated by the kernel and always mounted
at /sys. As discussed earlier, the trigger for D11 and D12
LED(s) has to be changed to make them function as user
LEDs. I would describe 'trigger' as the API used to link an
LED to an 'event' in kernel space. Here, 'event' could be a
microSD card or Ethernet activity, heartbeat, power, etc. To
understand this better, lets look at LED D11, for example.
The trigger for D11 has been set by default to heartbeat.
So, to use it as a user LED, we have to change the trigger
for it to none as shown below:
echo none > /sys/class/leds/minnow_led0/trigger

Toggling the user LED

Figure 4: LED on

Figure 5: LED off

User LEDs on MinnowBoard

There are a total of five LEDs on MinnowBoard as shown in

Figure 3. Out of those five, two are user LEDs, namely D11
and D12, but by default, they cannot be used as user LEDs.
You need to change their default trigger for that.
The user LEDs are accessible via the user space in Linux
at the location given below, on the filesystem:
There is one directory per user LED, named as shown below:
Here, led0 is D11 while led1 is D12. Inside each one of
those directories, there is a file named brightness. If you
write a 1 or a 0 to this file, then you can control the status
of that LED, i.e., toggle it ON or OFF, respectively.

Changing the default trigger

In a nutshell, what we are trying to do is to access the on

board user LEDs via the user space in Linux. To be more
precise, we are trying to use the sysfs interface. Sysfs is


This is the best part. Write the following commands in your

terminal to toggle the D11 user LED (the first one is for
turning ON and the latter for turning OFF):
echo 1 > /sys/class/leds/minnow_led0/brightness
echo 0 > /sys/class/leds/minnow_led0/brightness

You should get the output shown in Figures 4 and 5.

I would like to thank Scott Garman, David Anders, Dave Albert for
all their help and guidance. A huge shoutout to Dave Stewart and
the Yocto Project team at Intel for such an awesome initiative!

By: Jayneil Dalal

Jayneil is a FOSS advocate who loves to explore different open
source technologies. His prime areas of interest are Embedded
Linux, Open Hardware and technical writing. He has presented
papers at Embedded Linux Conference 2013, Linuxcon
North America 2012, Drodicon Berlin 2012 and various other
international conferences. He is a big time Arsenal fan. He can be
reached at

Your favourite Magazine

on Open Source is now
on the Web, too.
Follow us on Twitter@LinuxForYou

78 | August 2013

Open Strategy

Shubhodip Pal:
The Man Who
Added the Midas
Touch to the
Cricket tournaments, movie titles,
F1 racing, football...Micromax
is seen almost everywhere. This
is the brand that has grown
beyond imagination over a
period of six-eight months. It all
happened when Shubhodip Pal,
the man with the Midas touch,
joined the company as its Chief
Marketing Officer and took it on
an uncharted course to success.
Micromaxs Canvas series of
smartphones is now a case study
for almost all OEMs. One can
easily attribute this success to
Shubho, as he is fondly called,
because Canvas was his brain
child. Diksha P Gupta from
Open Source For You spoke
to Shubhodip Pal for a
behind the scenes peek
at the strategies that
made Micromax the
brand it is today.

Shubhodip Pal,
Chief Marketing Officer, Micromax

For U & Me

For U & Me

Open Strategy

: Micromax has come a long way, from being just

another name in the market to becoming a pioneer in
the smartphone segment. The credit of adding this zing
to the brand clearly goes to you. Can you share what you
actually did to the brand from the time you joined the firm?
Nothing much really! What I did was convert simple rocket
science into the basics. I concentrated on getting the basics
right. The first thing I did was knock off the 43 sub-brands that
Micromax previously had, classifying our products into four
simple categories. We thought smartphones needed to be out
there under one sub-brand, therefore Canvas came up. The
story of how the name Canvas actually came to be used goes
back to the time when I was being interviewed by the company.
I was asked what nothing like anything meant to me, and I
said its a large canvas and I can do whatever I feel like. And
thus, the Canvas series was born. All the feature phones come
under the Bolt brand, the tablets under Funbook and the
women-centric phones under the Bling brand. We have done
away with brands like Ninja. So, thats the first thing we did.
The second thing we did was to ensure that our
communication is clear and cuts across all barriers
addressing any person I talk to, be it in this country or any
other part of the world. Consistency in communication was
also an important thing that we ensured. The ton of the brand
got reflected with all these efforts. We started looking at
Canvas 2, then Canvas HD and went on to Canvas Music
and Canvas 4, which has just been launched. You can see a
consistent line of communication in all these launches and
that is what actually has helped us.
Finally, our management also played an important role in
all of this. They take decisions pretty quickly. I could easily
launch MMS, which stands for movies, music and sports,
which is the brand ethos for Micromax. We have been
consistent with this. Theres no point in doing something
only once. If I am on MTV video music awards, I would
want to be there for at least three years. If I am associated
with music, I would want to get the best bands here, because
I know the pulse of the youth of the country. We do not
define the youth by the age group but the attitude. Some
like rock, some like electronic dance music, and so on. I
can cater to all these if I get associated to different kinds
of music bands and different sorts of events. I may not be
able to get a high rating from TAM Media Research because
of all these activities, but I can feel the pulse of the youth
on social media and gauge their exchanges online. The
measurement tools could reflect a particular opinion about
what we do, but my gut feel is different. I love the freedom I
am getting to do different things with the brand. That makes
a lot of difference to the work I do.

: Where do you plan to take Micromax with its new


Global! I wonder why we cant be the first Indian brand

to go global!
80 | August 2013

: When do you plan to do this?

I cant comment on it at this point in time but very soon, I

guess. The pace at which we are working, you never know
it may happen sooner than one thinks. To all the people who
want to know the answer to this question, I can just say that
we will be the first Indian brand to go global. It may happen
some time next year. And that is the reason why we want to be
consistent in what we do. So if I make something here, it has
to work across Latin America, Europe and other parts of the
world. The concept of MMS cuts across continents. Its just
the artiste and type of sport/music that will change depending
upon the geography and taste of local people. All we need to
do is to understand that and go ahead with our strategy.

: So what cities and cultures are you targeting right now

to go global?

Almost every part of the planet. Lets see where we can really
make it.

: With the company going global soon, where do you see

your Indian competitors?

I wont differentiate between the local and global competitors.

Its just a function of who does what first. We are known
for innovation and for a lot of firsts. So if we can continue
with that pace, I think we can make a good dent in the global
market as well. It all depends upon how we do it and how
well we time ourselves.

: Its time for touchscreen smartphones but there are

takers of physical QWERTY keyboards as well. Are you
not planning to get back to that segment?
There are takers of physical keyboards but if you look at it
from the market perspective, the touch panel is really the
way to go. You can still do a QWERTY with the touchscreen
phone and you dont necessarily need physical keys. So, I
think there are more takers for touchscreen devices, hence
we stick to them.

: Any logic for sticking to stock Android and not tweaking

with Googles operating system?

As I said, its Canvas. I can do whatever I want with stock

Android. And that is how we created Canvas 4. If I look
at any other form of Android, I cannot do my bit. Stock
Android gives users the openness and freedom to do anything
they want to with their smartphones. It also helps my users
leverage the applications created by Android developers for
the Android ecosystem. Also, if you look at a majority of
the devices out in the market, they are all on stock Android.
There are very few people really tweaking Android. Its like
if I create a car today, running on fuel which is not diesel
or petrol and it is not available everywhere, I will have a
limited user base for it. So, if I create a platform which is not
commonly used across applications, it is of no use. So the fact
that you need to be a part of the eco-system is very important.

Open Strategy

: And will you continue to be with stock Android for

future devices as well?

As of now, yes. We have no plans to change that.

: What about a Windows phone?

Maybe in the near future. We are looking at it and

evaluating it. It is definitely one of the options before us,
but I do not have definite answers as to when you can see a
Micromax Windows Phone device. We are looking at it for
both phones and tablets.

: Who do you consider your competition in the Indian

market right now?

Just the top five players.

: You seem to be aping one of the top five brands,

Samsung, in the way they do teaser adslike you did
with Micromax Canvas 4. You teased the world with Canvas
4 features one by one, like Samsung does for its devices.
What is the idea behind this strategy?
It is not Samsungs strategyits a well-known marketing
strategy. Its a marketing plot that people use to generate
curiosity in the market place. One can only generate curiosity
if the brand has some power. We have seen that in the last
eight months Micromax has been able to develop that pull
for the brand, with this teaser ad strategy. And we have never
gone wrong with the expectations of the consumer. We began
with Canvas HD, then Canvas 2 and then Canvas 4. If you
see, we received around 11,500 pre-orders for Micromax

For U & Me

Canvas 4 in less than 36 hours of opening the pre-booking. So

the strategy clearly works.

: What was the idea behind pricing Canvas 4 so


Micromax Canvas 4 is priced at Rs 17,999. The idea behind

pricing it in this bracket is that there is a big gap in this price
segment. The Rs 15,000-20,000 segment is very pricesensitive. Again, we are not here to make losses. We are also
not here to make humongous amounts of money. We are here
to make the right amount of money. We completely believe
that it is all about the democratisation of technology. If I can
package everything and still make money, why should the
consumer suffer! Just because I am giving them fantabulous
features, it does not mean I have to charge them a bomb.

: When you came on board, you probably had two

challenges to face. The company lagged in its marketing
strategies and in its product profile too. What challenge did
you try to address first?
I tried handling both simultaneously. I felt the need of
addressing both together and the founders of this firm have
been very open minded about this. When I had my final
presentation in November last year (and I had not joined
the company then), they agreed on what had to be the final
roadmap and what needed to be done. We do not have deep
pockets in terms of the budget. We have ear-marked a certain
amount of money vis-a-vis the competition and we took it on
from there. And the rest, as they say, is history.

Continued from page 75...

6. Its time to generate a private key and a self-signed
certificate for your Certificate Authority.
cd /etc/pki/myCA
openssl genrsa out private/my-ca.key des3 2048

Do remember the passphrase you give at this step.

7. Now create your self-signed certificate using the command
shown below:
openssl req new x509 key private/my-ca.key days 365 > my-ca.

This certificate will be distributed to your users.

With this, the process of setting up a Certificate Authority
is complete. Now you can make your self-signed certificate
downloadable by your users through a Web browser. Let us
next check out the process of signing a certificate.
1. First of all, generate a private key using the openssl
genrsa 1024 > mykey.key command.
2. Then create the Certificate Signing Request using the
openssl req new key mykey.key out mycsr.csr command.
3. Now, as the Certificate Authority, sign the certificate using

the openssl ca in mycsr.csr out mycert.crt command.

Your certificate is now ready to be used across multiple
applications including the Web and e-mail. You can view
information regarding this certificate in the /etc/pki/myCA/
newcerts/01.pem file. Also, if you open /etc/pki/myCA/
serial, youll see that its contents have been updated to
2, which is the serial number for the next certificate to be
signed. As a Certificate Authority, you can also revoke a
certificate using the openssl ca revoke /etc/pki/myCA/
newcerts/01.pem command. Here 01.pem id is the file
related to the first certificate that weve created.
So this was a brief overview of how to set up a Certificate
Authority in RHEL5. You can use it for intranet applications
management. And if you want to understand the functionality
behind the Certificate Security, you can explore the cryptography
concepts related to certificates like TLS/SSL handshakes, key
distribution, cryptographic hashes, etc.
By: Vinayak Pandey
The author is a Red Hat Certified Engineer on RHEL6, currently
working as a teradata administrator. He spends his leisure time
exploring open source tools and technologies.

August 2013 | 81

For U & Me


A Peek into Open Source Licences

Open source is the mantra of todays tech world. While its being used in that personal computer
sitting on your desk, it is also being used in the computing systems in NASAs International Space
Station! But merely knowing how to use open source software is no longer enough. Open source
enthusiasts should also be aware of the various open source licences used. This article briefly
touches upon what open source is all about, and scratches the surface of a few popular licences.

t is better to begin with a thorough understanding of the

definition of open source. The Open Source Initiative (OSI)
has set down certain criteria for open source software. Any
software that provides the source code does not automatically
qualify as open source. It should satisfy the following criteria:
It should be available for free distribution.
The source code should be made available free of cost.
Deliberate obfuscated code and intermediate forms of
code like the pre-processor outputs are not allowed.
The licence should allow others to build works derived
from the main project, and the works derived from the main
project should also be distributed under the same licence.
The integrity of the authors source code.
There should be no discrimination against person or a
group. This clause ensures that the code is not restricted
to within a firm, or discriminated based on groups like
developers, designers, etc.
There should be no discrimination against the field
of application.
82 | august 2013

Regarding the distribution of the licence: The rights

attached to the program must apply to all whom the
program is redistributed to without the need to execute
an additional licence by those parties.
The licence must not restrict other software from being
used in the same system.
The software must be technology neutral.
Once the software satisfies all the above criteria it is
called open source. Now, let us explore a few open source
licences that are popular. But before that, let us discuss
copyleft licences. The most popular belief regarding copyleft
is that it is the opposite of copyright laws. But that is not the
exact definition. Copyleft is the practice of using copyright
law to offer the right to distribute copies and modified
versions of a work while requiring that the same rights be
preserved in modified versions of the work. In other words,
copyleft is a general method for making a program (or other
work) free (libre), and requiring all modified and extended
versions of the program to be free as well.


The GNU General Public License is perhaps one of

the most famous of all licences in the FOSS world.
The latest version of GPL is version 3. GPL grants
a wide variety of rights to users. It allows copying,
modifying and distributing the code, provided all the
distributions are also licensed with GPL. If the work is
derived from a GPL project, the derived work has also
to be GPL. This rule is applicable even if the derived
work constitutes only a small part of the main work.
GPL allows users to charge a fee for the software, but
you should provide a copy of the GPL along with your
software. This means that there might be sources other
than you to get work similar to yours.


The Lesser GPL, as the name suggests, is a milder version

of the GPL. It allows derived works to be published under
licences that are not GPL or LGPL. The authors of the
derived work are free to choose their new licence. Only the
LGPL parts source code has to be made available. LGPL
is mainly used for software libraries. So the LGPL code
and the main code of the software remain separate, and the
LGPL part of the source code can be made available.

BSD License

GPL falls under the category called copyleft licences. BSD

or the Berkeley Software Distribution License comes under
another category called permissive licences. This category
has minimal requirements as to how free software should
be distributed. The original BSD was a 4-clause licence that
covered the following aspects:
Redistribution of source code should retain the copyright
and disclaimer notices.
Redistribution of binary should retain the copyright and
disclaimer notices.
All the material used for advertising purposes should
acknowledge the author of the main work.
Names of contributors should not be used for endorsing
the software.
The BSD License now comes in two forms.
1. The New BSD License: This is also known as the
3-clause form. It is similar to the 4-clause form mentioned
earlier but the third clause referring to advertising
materials is omitted.
2. Simplified BSD / FreeBSD License: This is also known
as the 2-clause form. It is similar to the 4-clause form,
but the third and fourth clauses are removed.
A BSD License, unlike the GPL, allows the derivatives
to be proprietary.

Apache License

The Apache License is also considered to be permissive

because it does not require a derivative work of the

For U & Me

software or modifications to the original, to be distributed

using the same licence. It still requires application of
the same licence to all unmodified parts. And in every
licensed file, any original copyright, patent, trademark
and attribution notices in the redistributed code must be
preserved. Also, in every licensed file that is changed,
a notification must be added stating that changes have
been made to that file. The rights once given by the
Apache License cannot then be revoked in future. Another
interesting aspect of the Apache License is that it is
applicable in every country.

Creative Commons License

The CC License comes under another category called public

copyright licences, by which a licensor can grant additional
copyright permissions to licensees. Public copyright licences
do not limit their licensees. The Creative Commons License is
mainly used for design works, art, music, textual material, etc.
A CC License has four basic parts.
1. Attribution: Licensees may copy, distribute, display and
perform the work and make derivative works based on it
only if they give the author or licensor the credits for the
original work.
2. Share alike: Licensees may distribute derivative works
only under a licence identical to the licence that governs
the original work.
3. Non-commercial: Licensees may copy, distribute,
display and perform the work and make derivative works
based on it only for non-commercial purposes.
4. Non-derivative: Licensees may copy, distribute, display
and perform only verbatim copies of the work, not
derivative works based on it.
The open source philosophy and licences are not just
limited to the world of software; there is open source
hardware like Arduino. Wikipedia is an example of
open source content. There is content released under the
Creative Commons License. There are beverages called
open colas, for which the formula for the beverage is not a
closely guarded trade secret. All this stems from the main
idea that knowledge should never be closed but should
always be open.


By: Vineeth Kartha

The author is an electrical and electronics engineer with a great
passion for open source technologies, computer programming
and electronics. When not coding, he loves to do glass
paintings. He can be reached at or at

august 2013 | 83

For U & Me


Network Security: An Exciting

Challenge for Modern-Day IT Admins

Sajan Paul, director,

Systems Engineering,
India & SAARC,
Juniper Networks

Diwakar Dayal, lead,

Security, Borderless
Network Sales,
Cisco India & SAARC

Srikant Vissamsetti,
VP, Network Security
at McAfee India

84 | August 2013

Please throw some light on the latest trends in

network security.

The BYOD practice poses one of the major

threats for IT managers. Can you share what
solutions you offer to deal with this?

The kind of attacks happening in the IT world

today have changed considerably. Two years back,
typically, one would have anti-virus software,
a firewall, IDS/IPL with a static signature and
static policy. But things have evolved quite a bit
because a lot of companies have moved from
proprietary applications or distributed applications
to a centralised application system. In the case of
Web-based client entities, earlier there were thick
applications but now they have moved to thin
applications. The attackers profiles and attack
vectors have changed. From simple malware attacks,
things have moved to an Advanced Persistent Threat.
This is a slow and persistent attack, involving human
interventions and the use of social media.

For dealing with security issues related to BYOD,

we do a kind of device tagging, which means
that we know the profile of the device. Based on
what OS the device runs, we have certain backend
intelligence regarding the kind of heatmap that
should be drawn about the OS' security level. We
profile the users on that basis and apply solutions.
After this comes the authentication of the user. We
check whether a particular user's profile is eligible
for a certain type of message, application or
solution. Based on that, we apply policies. So, the
first level of protection is always established and
IT team has enough control.

The evolution of threats and the responses to them

have changed over a period of time, whether it is a
network-based response or one that is applicationbased. They are primarily driven by the two major
trends of consumerisation and virtualisation. These
two trends have exploded, creating a chaotic world
where things like enterprise mobility are being
driven by the social media, by phenomena like
telepresence and video conferencing, and by the
whole virtualisation wave. This is changing the way
the threats will be tackled in the future. The BYOD
trend is a new challenge that is forcing IT admins to
work on ensuring fool-proof network security.

BYOD is one the most important trends affecting

IT managers. It is resulting in a lot of movement of
the physical computer architecture, which is unlike
what we have known as the central architecture or
central control systemwe are moving to a noncontrolled system. The phenomenon called the
cloud is enabling BYOD. Gone are the days when
a controlled environment meant physical control
over the devices. We are moving to a phase where
'app'ification has come in. Today, the IT admin has
to control the device the end-user is using. The
scenario has evolved and IT admins clearly have
different challenges with BYOD coming in.

Things change constantly when it comes to

security. In the last two years, advanced malware
with targeted attacks have become popular. These
attacks are very erosive because they try to focus
on one enterprise. So detecting them requires
much smarter detection methods. While in the
case of generic attacks, attackers aim to reach
as many users as possible but in these cases,
the damage is much more and IT admins have
to come up with different solutions for these
targeted attacks. One of the popular forms of
attack these days is through social networking.
One can launch threats against users by posting
malicious links, launching malicious files, et al.

A lot of enterprises these days are going the Bring

Your Own Device way with their employees.
BYOD is leading to IT losing control over the
end points. Those who bring their own devices to
office can at any time install a threat, unknowingly,
which is like giving malware free access to your
enterprise. IT admins are no more wary of this
trend. There are solutions which offer IT admins
control even in this situation. Just by installing one
application on the users devices and by giving
them controlled access to data, IT admins can
ensure security.

Overview For U & Me

With technology threats getting more sophisticated than ever, network intrusion prevention is
one of the most challenging tasks for todays IT admins, who have to not only play a defensive
game but also discover and understand the innovative threats coming their way. Diksha P
Gupta from Open Source For You spoke to experts from Juniper Networks, Cisco and McAfee
India to understand their views on how IT admins should be prepared to face the threats
resulting from the current BYOD (bring your own device) trend and the cloud.
The cloud phenomenon is yet another challenge
faced by the IT managers as far as network security
is concerned. Please share some tips on how IT
admins ought to deal with this situation.

What, according to you, constitutes a network

readiness checklist for IT admins?

There are applications that ensure such protection these

days. The IT admins need to ensure that they have control
over whatever devices they are dealing with, in terms of
either pushing a patch to the device users or even pushing
them out of the network. Depending upon the continuity of
the application, we can have a client (a Web-based client
or a downloadable application), which can provide security
against viruses in your device, and will ensure that your
information is secured. IT admins have the full control
of the device this way and know that their network is not

Network readiness, according to me, would be when,

before you roll out a network, you understand whom this
network serves. Barring the telecom sector, a network is a
service that is being given to a business and doesn't yield
any financial results, but is a support function. In that case,
you must understand what business is being supported and
what its key requirements are. Assessing the risk factors
involved in the business is also an important function of an
IT admin. One can draw up a good network plan only on
the basis of these evaluations.

IT admins have to face the challenge of building an

infrastructure, which is conducive, self-defending and
intelligent enough to keep the company's information and
intellectual property secure. The cloud is a challenging
and unavoidable concept. Though the applications are
moving to a non-controlled environment, there are ways
of ensuring security in them as well. IT admins should
identify what data they are sending on the cloud, what
kind of access they can offer and to whom.

The checklist is rather simple and involves just three steps.

The first one is defence, which means any network should
always be defended against external threats. The second
important step is about discovery. The modern day threats
are very smart and there are greater possibilities of breaches
happening, but one can only know about a breach when one
discovers it. So discovering a breach is an important aspect
to curing it. Discovery in this context is the detection of
threats in the network and network behaviour analysis. The
last step is the mitigation of the threat. Earlier, it was more
or less done manually but now this is an automated process.

The cloud is an interesting concept but needs to be

handled with care. What applications are being moved
to the cloud and how they are accessed makes a lot of
difference. A clear idea on these two things can make
the lives of IT admins easier. Resorting to a selfprotecting cloud environment is the first step that an ID
admin can take to ensure security.

One of the most important things in the world of network

security is a firewall. Although they have been around for
a while, upgrading them to next-gen technology is what
every enterprise needs. It offers access control and a higher
level of safety. Beyond firewalls, one also needs network
intrusion prevention solutions and protection against
advanced malware. The challenge with targeted attacks is
that an IT admin cannot keep waiting for it to happen and
then go for a solution. You cannot protect your network
against zero-day, so being well prepared beforehand is a
better idea.

August 2013 | 85

For U & Me


India has immense under-utilised

talent in the cloud security space
Website security is getting increasingly challenging with 'innovative' attacks emerging
every day. But, thankfully, as threats increase, so do the security measures. Diksha P Gupta
from Open Source For You spoke to Ritesh Sarvaiya, CEO,, to understand
the website security scene in India, and the online threats that will affect Indian SMEs and
SMBs. Read on..

Please share some details about what Defencely does

with respect to cloud security?

Modern day attackers can plant a cookie attack, a sniffer,

misleading information or anything that can put visitors or
customers who visit your website, at risk. So, it becomes
extremely important for website managers to be aware of
these constantly evolving threats. It is your responsibility to
make sure that your security parameters are all up to date,
and we at can help you to make your website
secure, as we have done for global technology giants like
Google, Apple, Facebook, PayPal, etc. currently focuses only on Web
applications, penetration testing, and vulnerability reporting
and fixing. The first phase of the company's operations
commenced just three months back. We are primarily
86 | August 2013

focusing on Open Web Application Security Project

methodology. In fact, we provide the industrys early stage
testing services; 80 per cent of our work is in manual Search
and Report mode and 20 per cent via the automated tools.

How do you see the cloud security space evolving

in India?

As far as cloud security in India is concerned, it has

immense scope. India has only about five to 10 recognised
cloud security companies that deal in all kinds of cloud
application testing. Though Indian companies do focus on
cloud security services, this sector, so far, has not been
organised because of Indias cyber laws, which according
to me, are not up to the mark. India has ample talent in this
domain but it is not utilised so far. We aim to utilise these

brains in this niche field and bring them together under
our banner to become the world's biggest cloud security
company. Having said that, I am hopeful that the future of
cloud security in India is pretty bright.

India is going online and there is growing awareness

about security. But are Indians, particularly the SMEs
and the SMBs, aware of the concept of website security?
India is going online at a faster pace than we expected and
there is a lot of scope in that domain as well. Hundreds of
e-commerce start-ups are being launched, which is a clear
indicator of the growth in the online activity of Indians.
Overall, it is a good scenario, but one cannot deny the fact
that growing online activity also increases the threats. We
at are serious about this issue, and we aim
to be involved particularly with SMBs and SMEs to create
awareness about the virtual losses that they may have to
face because of not securing their websites. Let's imagine
a scenario where an e-commerce portal gets compromised
because of some zero day vulnerability, and hackers misuse
the entire database of the portal, including the financial
information and personal details of its buyers. Despite
being technically sound, small and big online companies
overlook the importance of online security. To a lot of online
companies, the term 'hacking' means email or credit card
hacking. But hacking has evolved and is a million dollar
business at present. It is high time that Indian SMBs and
SMEs get aware of such threats and start taking appropriate
Web security measures. Modern day security services are
complete packages of security.

What are the most common vulnerabilities that websites

are exposed to, in the modern day world?

Some of the most common threats to most Web applications are:

(a) Injection vulnerabilities and cross-site scripting: These
are two of the most commonly found vulnerabilities
that can occur in any website or Web application. There
are various forms of injection attacks, including SQL,
operating system, email and LDAP injection, and they all
work by sending malicious data to an application as part
of a command or query.
(b) Cross-site scripting (XSS): These attacks target an
application's users by injecting malicious codeusually
client-side scripting such as JavaScriptinto a Web
application's output. Whenever the compromised output or
page is viewed, the browser executes the code, allowing
an attacker to hijack user sessions, redirect the user to a
malicious site or simply deface the page. XSS attacks are
possible within the contents of a dynamically generated
page whenever an application incorporates user-supplied
data without properly validating or escaping it.
(c) Broken authentication and session management:
Application functions related to authentication and
session management are often not implemented correctly,

For U & Me

"Defencely doesnt limit itself to just

providing cloud security services, but
has a lot more to offer. Timely reporting
of security vulnerabilities is what the
core team at Defencely aims at."
allowing attackers to compromise passwords, keys and
session tokens, or exploit other implementation flaws
to assume other users identities.
(d) Insecure direct object references: A direct object
reference occurs when a developer exposes a reference
to an internal implementation object, such as a file,
directory, or database key. Without an access control
check or other protection, attackers can manipulate
these references to access unauthorised data.
(e) Security misconfiguration: Good security requires
having a secure configuration defined and deployed for
the application, frameworks, application server, Web
server, database server and platform. All these settings
should be defined, implemented and maintained,
as many are not shipped with secure defaults. This
includes keeping all software up to date, including all
code libraries used by the application.
In order to prevent all these threats, developers need to
have specific knowledge of how to code Web applications,
keeping Web vulnerabilities in mind.

Can you share some tips to ensure website security?

It is sad to see websites getting hacked, by and large,

on a daily basis. There are numerous steps to ensure a
website's security. When was the last time you moved
your files from their default locations to new ones?
When was the last time you moulded your HT Access
file, or when was it that you noticed your Web mail
ID generating spam mail? When was the last time you
scanned your website to check if it was affected with any
new online threats? Such factors, among many others,
play a vital role in shaping your website's security. I
guess the best way to get started is to hire an online
security company. There are some companies that dont
charge a lot to trial-level users.

How is Defencely contributing to increasing

awareness about website security?

Defencely doesnt limit itself to just providing cloud

security services, but has a lot more to offer. Timely
reporting of security vulnerabilities is what the core
team at Defencely aims at. Paypals recognition of
Defencely being one of the top 10 cloud security
companies isnt the only achievement of the firm.
Several other giants such as FaceBook, Apple, Zynga,
SoundCloud and iFixit have applauded Defencely for
its dedicated work.
August 2013 | 87

For U & Me


With social media being integrated in the websites,

does that increase the challenges of administering
website security?
Most of the social media websites spend millions of dollars
to keep their security at very high levels, because of which
IT guys do not have to worry about anything specific.

Why do websites get hacked?

Although there are no specific patterns that hackers follow,

there are a few common loopholes that often get exploited.
a) Zero day vulnerabilities: Regardless of whether you have a
blog or own a successful Internet business, how often do
you consult with a cloud penetration services company for
an assessment of your businesss online security? 'Zero
day vulnerabilities are explained as those unattended
website details that were ignored during the development
of the website. Once the website is launched and running,
the owner tends to ignore reallocation of key directory
files and many other sub-domain URLs, a practice that
could be harmful to the businesss integrity.
b) Exploitation is a hackers favourite tool: Seeing todays
cloud security scenario, you should know that many
websites are not actually hacked, but exposed through
exploits. If the website is lacking security because of weak
iFrame modules, improper implementation of user info
security parameters, failure in redirecting users to secure
pages, or the implementation of outdated SSL certificates,
the attacker simply has to misuse that information in
other words, the process is called exploitation.

"If the website is lacking security

because of weak iFrame modules,
improper implementation of user
info security parameters, failure in
redirecting users to secure pages, or
the implementation of outdated SSL
certificates, the attacker simply has to
misuse that informationin other words,
the process is called exploitation."
c) Technically incorrect: The third category actually involves
brute force hacking. We are talking about password cracking,
decryption, fuzzing and sending out information to servers.
Such forms of hacking are most severe and highly dangerous
for any Web business owner. In all scenarios, your best bet is
to consult with a credible security services company to shield
you from such unforeseen incidents in the near future.

QL injection is also one of the major threats to a

website. Does Defencely offer a specific solution to
SQL injection attacks?

Fixing SQL injection is part of the bundled services that we

provide at Once we scan the website with
our high-end scanners, we immediately come to know where
there are higher chances of SQL injection on a client's Web
application; and as a remedy, we patch it immediately, to keep
the client's website secure from this threat.

Hiren Shah,
President, Co-Founder

Hiren Shah is an IT veteran and has over eighteen years of experience with multiple entrepreneurial ventures, investment portfolios and growth-oriented companies. He is actively involved, a leading domain name registrar and a web hosting company helping
various corporates in establishing online presence. He is also involved with, a
remote IT Infrastructure management company which takes care of IT Infrastructure remotely
covering management, migration and monitoring of servers and various other IT start-ups
covering reselling of online web services products.
Hiren's core expertise in dealing with web infrastructure and data centres has helped Defencely
ride the crest of success.

EFY Groups
New Initiative

EB TimEs

This 8-page monthly B2B Newspaper is a resource for traders,

distributors, dealers, and those who head channel business, as it aims to
give an impetus to channel sales
88 | August 2013

Let's Try

Open Gurus

Getting Started with Haskell on Emacs

Emacs is a popular text editor that can be extended and customised. Haskell is a
statically typed, functional programming language. Haskell-mode is an Emacs major
mode that provides support to write and use Haskell programs. This article explains
interesting features and tips on using Haskell-mode with GNU Emacs.

ou can install Haskell-mode using your distribution

package manager. For example, on Fedora you can use:

C-l. It will create a new buffer, load the module in the

current buffer and give a prompt to work with. Consider the
following Square.hs program:

$ sudo yum install emacs-haskell-mode


You can enter Haskell-mode when opening a Haskell

source file that has an extension .hs, or it can be started
within Emacs using:
M-x haskell-mode

On the modeline, you will now see (Haskell)', indicating

that the Haskell mode has been activated. You can enter the
indent mode using:
M-x haskell-indent-mode

The modeline will now show (Haskell Ind).


To load a Haskell source file into the interpreter, use C-c

square :: Int -> int

square x = x * x

Opening a Square.hs file in an Emacs buffer, and running

C-c C-l will produce the following in a new buffer:
GHCi, version 7.0.4: :? for help.
Loading package ghc-prim ... linking ... done.
Loading package integer-gmp ... linking ... done.
Loading package base ... linking ... done.
Prelude> :load "/home/guest/Square.hs"
[1 of 1] Compiling Main ( /home/guest/Square.hs, interpreted
Ok, modules loaded: Main.

If you have multiple buffers opened within Emacs, you

can directly switch from the (Haskell) mode buffer to the
Haskell interpreter using C-c C-z.
August 2013 | 89

Open Gurus

Let's Try


The equal to (=) sign can be inserted, and the function type
can be neatly aligned with the C-c C-= key stroke. If you type
the following function:
volume :: Int -> Int -> Int
volume x

...and keep the cursor after x and type C-c C-=, the equal
to sign is inserted, and the code gets neatly aligned:
volume :: Int -> Int -> Int
volume x =

In the following code snippet, after y , if you hit Return

followed by C-c C-/, a guard symbol is inserted:
max :: (Ord a) => a -> a -> a
max x y

After inserting the second guard in the above example,

the otherwise keyword can be inserted and the code is
aligned using C-c C-o:
max :: (Ord a) => a -> a -> a
max x y
| x > y
= x
| otherwise =

The where clause is produced using C-c C-w. In the

following example, pressing return after r, and using
C-c C-w inserts the where clause:
circleArea :: Float -> Float
circleArea r = pi * r * r

You can insert the type annotation for a function using C-u
C-c C-t. Consider the sphereVolume function:
sphereVolume r = 4 / 3 * pi * r * r * r
where pi = 3.1412

Placing the cursor on sphereVolume and typing C-u

C-c C-t produces the following:
sphereVolume :: Fractional a => a -> a
sphereVolume r = 4 / 3 * pi * r * r * r
where pi = 3.1412


There are a number of shortcut commands that are useful for

indentation. Lets suppose you have the following function
90 | August 2013

with the cursor position indicated by _:

greeting :: String -> String
greeting x = "Hello" ++ x ++

Hitting Tab will take you through the different possible

positions for inserting code. When you press Tab for the first
time, the cursor will move under Hello; if you wish to complete
the string concatenation (++), issue the following code:
greeting :: String -> String
greeting x = "Hello" ++ x ++

Hitting Tab again prepends greeting and the cursor will be

placed under x for you to add another test condition, as follows:
greeting :: String -> String
greeting x = "Hello" ++ x ++
greeting _

Hitting Tab yet again will move the cursor to the first
column if you want to add any text:
greeting :: String -> String
greeting x = "Hello" ++ x ++

As you keep hitting Tab again and again, the above

sequence will repeat. Comments in Haskell begin with - -.
one -- 1
two -- 2
three -- 3
four -- 4
five -- 5
six -- 6
seven -- 7

After marking the above region, use M-x align-regexp

followed by - - for the regexp, and the comments will be aligned:
-- 1
-- 2
three -- 3
-- 4
-- 5
-- 6
seven -- 7

C-c C-. helps align the code neatly. Consider the Area.
hs program:
area :: Int -> Int -> Int
area breadth height = breadth * height

Let's Try
After marking the above program, and using C-c C-., the
code becomes:

Open Gurus

Insert blank line before the code

To know the Haskell-mode version, use M-x haskellversion. As an example:

> quicksort :: Ord a => [a] -> [a]

> quicksort []
= []
> quicksort (p:xs) = (quicksort lesser) ++ [p] ++ (quicksort
> where
lesser = filter (< p) xs
greater = filter (>= p) xs

Using Haskell-mode version v2.8.0,

Insert blank line after the code

C-c C-i on a symbol will prompt for getting information

about the symbol. For example, Show info of (default Int):
lists the following:

The modeline will indicate that you are in the (LitHaskell/

bird) minor mode. The hasktag package needs to be installed to
help generate TAGS file for source files. For example:

data Int

$ hasktags Test.hs

:: Int -> Int -> Int
area breadth height = breadth * height


= GHC.Types.I# GHC.Prim.Int# -- Defined in GHC.Types

Bounded Int -- Defined in GHC.Enum
Enum Int -- Defined in GHC.Enum
Eq Int -- Defined in GHC.Base
Integral Int -- Defined in GHC.Real
Num Int -- Defined in GHC.Num
Ord Int -- Defined in GHC.Base
Read Int -- Defined in GHC.Read
Real Int -- Defined in GHC.Real
Show Int -- Defined in GHC.Show

C-c C-t will obtain the type of the symbol with the
prompt Show type of (default pi):. For example:
pi :: Floating a => a

C-c TAB on a symbol returns its definition at the

interpreter prompt, as follows:
*Main> :info sphereVolume
sphereVolume :: Fractional a => a -> a
-- Defined at /home/guest/Sphere.hs:1:1-12

To find Haddock information for a symbol, you can

use C-c C-d. Searching for Float, for example, opens
up the following file: ///usr/share/doc/ghc/html/libraries/
ghcprim- on Fedora.
To use the Hayoo search engine, you can use M-x haskellhayoo. It will prompt with:
Hayoo query:

The query responses are shown in a browser. Similarly, the

Hoogle engine can be queried using M-x haskell-hoogle. If
you searched for show, it will open the URL http://www. with the search results.
Files ending with .lhs are literate Haskell programs. You can
use the Richard Bird style to separate text and code as follows:

It will create both tags and TAGS files. You can use M-.
in the Haskell buffer to search for a tag.


HLint is a tool that provides suggestions to improve Haskell

programs. C-c C-v helps to run hlint on a buffer. Make sure
you have the tool installed on your system before using it.
For example, running C-c C-v on the above literate quicksort
Haskell program suggests:
-*- mode: compilation; default-directory: "~/" -*Compilation started at Thu Jun 6 21:31:54
hlint QuickSort.lhs
QuickSort.lhs:6:22: Warning: Redundant bracket
(quicksort lesser) ++ [p] ++ (quicksort greater)
Why not:
quicksort lesser ++ [p] ++ (quicksort greater)
QuickSort.lhs:6:44: Warning: Redundant bracket
[p] ++ (quicksort greater)
Why not:
[p] ++ quicksort greater


GNU Emacs.
Haskell mode 2.8.

By: Shakthi Kannan

The author is a free software developer at the Fedora project, and
also a blogger. He co-maintains the Fedora Electronic Lab project.

August 2013 | 91

For U & Me

Let's Try

Learn How to Solve Non-Linear

Equations with Linear Algebra
In this mathematical journey through open source, we solve non-linear equations
using linear algebra in Octave.

hope you found out the vegetable prices from the

vendor, who had various equally priced stacks for
sale at ` 30. Recall: One stack had 4 lemons, 7
cucumbers, and 9 tomatoes. Another had 2 lemons, 5
cucumbers, and 27 tomatoes. And the third had just 9
cucumbers and 15 tomatoes. The prices worked out at
` 2.00 per lemon, ` 2.50 per cucumber, and ` 0.50 per
tomato, computed as follows:
$ octave -qf
octave:1> N = [
> 4 7 9
> 2 5 27
> 0 9 15
> ];
octave:2> inv(N) * [30; 30; 30]
ans =

92 | August 2013

Polynomial solving

Note that this is a linear equation, though in three variables.

How about solving higher order polynomial equations
involving squares, cubes, etc, of the variable? Lets assume
we want a solution for x in x3 + 3x2 + 3x + 1 = 0. Simple!
First define a function for this polynomial. And then use the
function solver fsolve to solve it, as follows:
$ octave -qf
octave:1> function y = f(x)
> y = x^3 + 3*x^2 + 3*x + 1;
> endfunction
octave:2> [x, fval, info] = fsolve(@f, 0)
x = -0.99999
fval = 0
info = 1

This indicates the value of x as -0.99999 -1 as the

solution to the function f(x), yielding a function value of 0,
with info = 1 indicating that the solution has been obtained.
You may verify the answer by calling the function f with
the variable x as f(x) on the Octave prompt. The second

Let's Try
parameter in fsolve() is the initial guess of the solution.

Geometric problem solving

With the power in hand, why not solve more complex

geometric problems? Last time, we found the point of
intersection of two straight lines. How about the intersection
of a straight line and a circle? Let us have the following
straight line and circle, defined in the Cartesian coordinate
system, i.e., the x-y system:
4x + 3y = 24
x2 + y2 = 25

To be able to solve it using fsolve, let's consider the

different variables x and y as fields of a vector X, say
x as X(1), y as X(2). Then, the equations can be rewritten as follows:
4 * X(1) + 3 * X(2) = 24
X(1)^2 + X(2)^2 = 25

and hence could be solved using fsolve as follows:

$ octave -qf
octave:1> function Y = F(X)
> Y(1) = 4 * X(1) + 3 * X(2) - 24;
> Y(2) = X(1)^2 + X(2)^2 - 25;
> endfunction
octave:2> [Y, Fval, info] = fsolve(@F, [0; 0])
warning: matrix singular to machine precision, rcond = 0
warning: attempting to find minimum norm solution
warning: dgelsd: rank deficient 2x2 matrix, rank = 1
Y =

For U & Me

got those back, squared. Then, he offered some of those

flowers in the temple and dipped the remaining flowers
into the second magical pond to get those back, doubled.
Then, he again offered the same number of flowers, as
offered earlier, and dipped the remaining flowers into the
third magical pond to get those back, tripled, which he
took back with him as prasadam. Now, the number of
flowers he took back with him, is same as in each one of
his offerings. Also, what he took back with him is thrice
the number of flowers he came with to the temple. How
many flowers did he come to the temple with?
If you think you have got the Octave code to solve the
above questions, you may email the solution to me at the
mail ID mentioned below. Going forward, we will start to
specifically explore polynomials.

By: Anil Kumar Pugalia

The author, who is a gold medallist from the Indian Institute of
Science, is a hobbyist in open source hardware and software,
with a passion for mathematics. His exploration of mathematics,
in every aspect of life, dates back to the 1990s. Mathematics
and knowledge sharing are two of his many passions. Apart from
that, he experiments with Linux and embedded systems to share
his learning through his weekend workshops. Learn more about
him and his experiments at He can be reached

Fval =


info = 1

So (3, 4) is the point of intersection. This can be verified

by re-substituting the values in the original equations.

Try and solve these

Equipped with this knowledge, here are a couple of teasers

for your brain:
1. Find three numbers, the product of which is 60, the sum
of their squares is 50, and their sum is 12.
2. A sage came to a temple with some flowers and dipped
all of them into the first magical pond of the temple and

August 2013 | 93

For U & Me


We have doubled our customer base

every single year since we started

Shashank Mehrotra,
GM and business head, BigRock

BigRock has recently joined hands with Neustar, a provider

of real-time information and analysis to the Internet,
telecommunications, technology, retail, media and
advertising industries, to promote .biz as the preferred
domain for small businesses in India. As part of this
initiative, BigRock and Neustar have outlined an aggressive
outreach campaign that includes a series of new television
commercials (TVCs), extensive digital outreach, and a
complete online presence for businesses. The online
presence will include a .biz domain name, Web hosting,
hosted email for the .biz domain name and Google
Adwords coupons worth Rs 2500, all of which are integrated
with an easy-to-use interactive website builder priced at
Rs 199. Diksha P Gupta from Open Source For You spoke to
Shashank Mehrotra, GM and business head, BigRock, about
this initiative and the companys growth in India. Excerpts...

: How big is the domain name business in India

these days?

: GoDaddy has set up its Indian arm almost a year back.

How has its presence affected BigRock?

Let me first give you the numbers in terms of the overall

size of the domain name business in India. There are two
types of domain namesone is gTLDs and the other is
ccTLDs. When we try to calculate the size of the domain
name industry, we try and ascertain the number of all the
registrants (an individual who has booked a domain name)
who originate from India. We use that proxy to figure out
the size of the industry. There are no external agencies that
independently audit this but we have a fairly sophisticated
analytics team that looks at this aspect. By our estimates,
there are around 3.2-3.5 million domain names in use by
Indian registrants today.

Before I specifically answer that question, let me tell you how

the industry is actually laid out. This is not a new industry.
Domain names have been booked in India much before
BigRock started. Historically, Directi, which is the parent entity
for BigRock, has been a very strong player in India with over
47 per cent of the market share for over a decade. Directis
Reseller Club, LogicBoxes and BigRock, combine to hold over
50 per cent of the market for domain name registration.
Now coming back to your question about GoDaddy
it has always been present in India, though the company
has physically set up operations in India in the last year.

94 | August 2013

Because it is the largest global brand, consumers are

aware of GoDaddy. What has changed is that it has started
focusing on the Indian market in the last 12 months
or so, but it has always been present. To specifically
answer your question on how we look at itwe welcome
any competition that helps in enhancing the profile of
the business and enhances the industry and education
levels among customers, in general. If you look at the
penetration of domain names amongst Indian users, that
number is still ridiculously low. As I said, we have about
3.5 million domain names. The number of domain names
as a percentage of Internet users is very low, as we have
anywhere between 130-140 million Internet users today.
So, only around 2 per cent of the Internet-accessing
population has a domain name today.
If you look at the ratio of the Internet-using population
vs domain names across other markets like the US, China,
Turkey, Germany, etc, those numbers are much higher.
Out of 100 people who use the Internet in the US, at least
26 or 27 actively translate into domain names. Whereas,
in India, that number is just 2. So, with the growth of
the Internet economy and with the need to get more and
more businesses online, we feel this market is only going
to grow. GoDaddy being physically present here is an
affirmation of this growth in some sense. We have been
here, and we have done a lot of campaigns in promoting
the domain names business. Their being here is an
indication that they agree with us.


: So does that mean there is enough lunch for everyone

to eat and there is no competition, as such?

As far as the competition is concerned, it is clearly

based on how you look at it. We are experiencing the
same situation as in the early days of the telecom boom,
when people werent so concerned about the competition
and were looking at growing the market with different
innovations. We are in that phase of the markets evolution,
and the market could grow faster. I expected the market
to have picked up and started growing at a much faster
pace than it has right now. I think we have been a little bit
delayed. But we predict that the growth will come in the
next 18-24 months.
If I can throw some light on the China story, China has
the largest Internet population globally. It has 400-500 million
people on the Internet, which
means around 40 per cent
of the population is online.
If you look at the growth in
domain names in China, it is
unprecedented. Their market is growing very, very rapidly.
I think they are a couple of years ahead of us and we aim to
reach there as well.
Right now, we are trying to build our products and value
proposition, our communication strategy and other essentials
to establish a strong footing in the market. We are in that
phase and we certainly expect that, some years from now,
there will be a lot of excitement in this space and in the
Internet space as well.

: BigRock recently announced joining hands with

Neustar to promote .biz as the preferred domain for
small businesses in India. Everyone these days is focusing
on the SMB business in India. What are the challenges
involved in bringing Indian SMBs, particularly from Tier 2
and Tier 3 towns of the country, online?
Let me answer this question in two parts. This is something
really important for BigRock and we work on it in a major
way. We spend a lot of time analysing and strategising on this
segment in the country.
The first part of the answer is the current need. Today,
in India, only 10-11 per cent of our population is online.
And clearly that number will only go up in the coming
years, particularly with the mobile revolution. India is doing
over 50,000 smartphone activations every single day. An
increasing number of people are accessing the Internet.
There are multiple models to fulfill that need, but almost
all the economies in the world that are ahead of us in the
curve have shown that businesses are trying to get online
with a Web presence, which includes a website, a domain
name, hosting packages, and a branded email service. Small
businesses are trying to embrace all these services to make
their businesses more credible.

For U & Me

"The basis of the growth is a

combination of strong service,
innovative products, marketing, et
al. We are growing in high double
digits and we are looking forward to
continue doing the same. "
As far as the need factor is concerned, I think we
are at a point where many businesses in India dont feel
the need to be online, which is perfectly fine because
they have an absolutely good sense of where their
markets lie and who is looking for them. But that is
what is fundamentally changing, and it will continue
to change. As more and more
people start looking for goods,
services and products online, I
think that behaviour will start
to change for consumers. As
the need grows, the pull factor will start working in the
industry of domain names, rather than the push factor.
The second part of the answer is that we need to
know the effective way to reach out to the audience. We
have chosen the mechanism of creating some branding
through television and online advertising to reach out to
our consumers.

: How much do you expect Big Rocks domain

business to grow in this FY?

We have doubled our customer base every single year

since we started, and the order books are getting taller
and taller with every passing year. We have been growing
pretty rapidly and we hope to continue doing the same
this year as well. The basis of the growth is a combination
of strong service, innovative products, marketing, et al.
We are growing in high double digits and we are looking
forward to continue doing the same.

: How do you plan to reach out to the IT managers

across the country, apart from advertising?

We have, in the past, reached out to a lot of Web

designers, the systems integrators, the IT consultants,
individually, apart from the advertising that we do.
We have over 10,000 people who have signed on our
affiliate channels. These channels make commissions
every time they sell a BigRock product, of which a
significant number constitutes the website designers,
IT managers and IT consultants. We also have a sales
team that works with IT consultants. Also, we keep
launching new products such as virtual private servers,
Enterprise class email, etc, which are an attraction for
IT managers.

August 2013 | 95

For U & Me


Revamp Your IT Career

as a Cloud Security Expert
Heres a ringside view of some exciting and challenging careers in the cloud security realm.

he advent of the cloud, which was once a niche

concept, has empowered organisations to shift
their focus from maintaining their complex IT
infrastructure back to managing their core business.
The growing trend of cloud adoption across the globe,
irrespective of the size of the organisation, has increased the
importance of cloud security. At a time when a data breach
is the order of the day, organisations need proficient IT
managers who can ensure that data moves between secure
servers to remote devices without any intrusion or breach. If
you are looking for a job in the IT domain or wish to pep up
your otherwise unexciting job in the IT gamut, a career as a
cloud security professional can be a great option.

96 | August 2013

What makes cloud security a challenge is the cumulative

security concerns related to various components, and
since there is no one standard defined for cloud security, it
becomes a more challenging affair. And thats where the role
of a cloud security expert comes into play, feels Dr Rajeev
Papneja, chief operations officer at ESDS Software Solution
Pvt Ltd. The latest trend is the shift from a simple network
security and malware security point of view to a multilayered security approach. Cloud companies providing APIs
are working on making the authentication and access services
robust to mitigate the risks. Next-generation firewalls that
are currently being developed will help organisations to
monitor and manage access based on application usage.

Career For U & Me

Cloud providers will have to work on some kind of
compartmentalisation techniques to make sure that a virtual
machine of one customer cannot be accessed by the virtual
machine of another customer, since both these containers
are on the same hardware and are sharing compute resources
including memory cache. The most important aspect is the
threat from inside the cloud service providers housefrom
employees who can access the information. While proper
SLAs need to be in place for customers, it is more important
to have proper security policies and procedures in place
internally, for cloud service providers to start building
up customer confidence. A good security expert should
understand these basic nuances of the cloud terrain.
A recent report by Gartner stated that the cloud will
increasingly be incorporated into corporate security
endeavours, as 10 per cent of IT data protection offerings will
be available through the cloud by 2015. As the talent pool in
the security landscape shrinks, the demand for professionals
with a sound cloud experience will only grow in the years to
come. Job seekers in traditional IT roles will need to advance
themselves and get cloud-ready if they want to survive in
the market, says Ritesh A Sarvaiya, CEO and founder of
Defencely.Com, a fast-growing cloud security company.
Echoing similar views, Dr Papneja explains, Cloud
security is an additional responsibility that will have to
be borne on the shoulders of the current technologys
soldiers in cloud providing organisations. Truly, I do not
see cloud security as a totally new vertical for professionals
because it really does not replace all the things that are
currently handled by the existing technology group.
Existing employees will have to upgrade their skills from
just being pure IT support professionals to those that
look at everything from a holistic point of view, backed
by knowledge of the various hypervisor architectures
and an understanding of risk management. Certified and
experienced security professionals will be more in demand
in the coming years. We will see the emergence of new job
titles such as cloud specialists, cloud computing architect
and cloud infrastructure architect to replace the traditional
systems architects or specialists. I would not be surprised if,
going forward, we come across a cloud security officer.
Dr Papneja continues, In North America, there is a great
demand for open source experts in the cloud security arena
due to their flexibility and ability to work in any environment.
This trend will catch up here too in the next five years.
So, what are the skill sets that a hiring manager looks for
at the time of recruitment? We generally look for candidates
that have good technical understanding of network security,
knowledge related to architecture of various virtualisation
platforms and open source tools, and a good understanding of
service-oriented architecture, says Dr Papneja.
In todays competitive IT job market, do certifications
in this field help push resumes to the top of the stack?
Certifications will definitely help professionals. One of the

Different roles available in the field

of cloud security
Cloud architects: They help design a good cloud solution
with the right cloud infrastructure based on a clients
requirements. These candidates will generally have sound
knowledge of Platform as a Service, Infrastructure as
a Service and Software as a Service, as well as the
related providers and solutions available in the market.
Cloud developers: These are more like experts in
Platform as a Service offerings, be it public, private or
hybrid. These candidates would be hands-on developers who would understand and know how to design,
develop and deploy products on various platforms.
Cloud security specialists: This role requires a thorough
knowledge of various layers of security and the emerging security models to cater to the needs of the cloud
environment. A part of this role is also complemented by
the role of cloud auditors.
Cloud auditors: These are third party firms that assist
the customers to figure out the level of security that they
should look for while outsourcing their data or applications, and assess the criticality of the applications that
need to be moved to the cloud. They also help customers to be aware about industry regulations and the
cloud providers policy on vulnerability management.
Infrastructure managers: They are responsible
for managing the infrastructure to support the cloud
deployment. These would typically be IT managers with
various skillsa jack-of-all-trades with knowledge of
networking, applications, databases, load balancing, etc.
(Courtesy: Dr Rajeev Papneja)

major reasons is the gap between the supply and demand for
cloud security professionals, which we will start seeing in the
near future. According to IT research companies, by the end
of 2015, more than 50 per cent of medium scale businesses
would be utilising some cloud service or the other, which
means a growing need for cloud security professionals.
Since there are not enough candidates to fill the need and not
enough time to go through some kind of formal academics for
the job, the only way left for them to understand the concept
of cloud security and all that it demands, is to go through the
certification courses offered by cloud providers themselves.
I feel, this is the only assistance they have for transitioning
from their current roles, to taking the next step in their
career, opines Dr Papneja.
So, a career in the cloud security arena can certainly
accelerate your IT career graph and enhance your value in the
recruitment landscape.

By Priyanka Sarkar
The author is a member of the editorial team. She loves to weave
in and out the little nuances of life and scribble her thoughts and
experiences in her personal blog.

August 2013 | 97

For U & Me


HP Launches New Servers for SMBs

The companys new ProLiant servers aim to simplify IT and boost business productivity
for small and mid-sized businesses in India.

MBs in India are the biggest market segment for almost

all IT service providers, including HP. In a bid to offer
cost-effective yet user-friendly IT infrastructure solutions
to SMBs across the country, the company has launched HP
ProLiant servers that help small and mid-sized businesses
(SMBs) accelerate growth by simplifying the deployment,
management and maintenance of their IT infrastructure.
The new HP ProLiant MicroServer Generation 8
(Gen8) aims to provide a simplified set-up, management
and maintenance with HP Smart Technologies. The HP
MicroServer offers centralised,
anywhere, anytime data access to
employees to boost productivity
and collaboration through
data sharing. The size of this
MicroServer is really worth a
mention. It is small and quiet
enough to sit on a desk.
Speaking about the product,
Vikram K, director, ISS Business
Unit, Enterprise Business, HP, said,
SMBs have limited financial and
human resources to invest when
responding to growing customer
demands and evolving business
needs. Smaller enterprises, such
as retail stores, medical practices
and real estate offices need simple,
scalable and cost-effective solutions
to power their businesses. This new
server from HP is good enough for just that purpose.
According to AMI Partners, a global strategy consulting
firm, at least 5.1 million small businesses worldwide will
purchase their first server within the next five years. The data
is based on current buying trends.
According to Vikram, Small and mid-sized businesses
require innovative server solutions that meet their specific
business needs and price points to remain competitive. These
new HP ProLiant servers are easy to use, highly reliable and
cost-effective to maintain, enabling our SMB customers to
boost business performance, save time and cut costs.
Although HP works through channel partners to reach
out to IT managers, the company is also working on a portal
called which will be of great help to IT
managers, enabling them to choose the right IT infrastructure
solutions. Vikram says, This portal should be launched

98 | August 2013

in India very soon. IT managers can come on to the portal

and just fill in the necessary details to determine what the
best IT solutions for their companies are. An IT manager
in a company of 500 employees just needs to mention that
figure to get all the necessary details regarding appropriate
IT solutions, besides being able to get help from our people
anywhere across the country, if required.
The new HP ProLiant MicroServer Gen8 claims to
deliver the reliability, performance and security of a business
server in a whisper-quiet design that is half the size of
most competitive entry-level servers.
The company claims it is an ideal
first server solution for micro and
small businesses, which enables
collaboration through centralised
information and data sharing. It also
enables SMB clients to reduce the
time spent on IT so they can focus on
managing and growing their business.
Designed for organisations with
less than 10 employees, the HP
MicroServer Gen8 shares and secures
critical information in a central server.
It leverages several HP ProLiant
Gen8 server innovations as well as
the HP ProActive Insight architecture,
enabling SMBs to:

Simplify system installation, the

set-up and maintenance with the HP
iLO Management Engine (iLO4) and
HP Intelligent Provisioning, which are embedded in each
server with software and preloaded tools ready to deploy
for simplified management.
Remotely manage the server from anywhere, anytime to
increase productivity while lowering operational costs
with HP Integrated Lights-Out (iLO) Essentials.
Continuously monitor performance with HP Active
Health, which automatically assesses the servers
for optimum health and lowest power consumption,
and accelerates application updates to boost server
performance and improve uptime via HP Smart Update.
Deliver an integrated, converged server and networking
infrastructure solution with the optional, stackable
HP PS1810-8G managed switch, which automatically
discovers, monitors and accelerates the connectivity
performance of both devices.


For U & Me

of the
in India

Venkatesh Swaminathan, country head, the Attachmate group

one are the days when SUSE was known as a distro

used by a group of edgy techies. SUSE is now a
common name, and that has not happened overnight.
A clear strategy, a strong and buzzing community and a super
strong conviction to make it big, have combined to make
SUSE a success story. The distro has spread its wings from
the small desktop space to the wide horizon of the enterprise

SUSE dreamt of making

it big in India and has
succeeded in doing
so, over a period when
people were still
apprehensive about
open source. Read on
to learn how SUSEs
success story unfolded...

world. And it has grown substantially in the process.

According to Venkatesh Swaminathan, country head,
the Attachmate group, SUSE has enjoyed good growth
globally in the last financial year. He says, There was
a growth of 22 per cent at a time when the Linux server
market was forecasted to grow at 18 per cent. So, you can
see that we are growing faster than the market. In India
august 2013 | 99

For U & Me


we saw similar trends. We acquired 25 per cent of

our new customers last year. We saw some aggressive
growth in the enterprise market, where we had some
strategic wins. This year, our focus is to target our
existing customer base in the government sector and
get aggressive in the enterprise and BFSI space, which
our direct sales team will go after. We now have a
dedicated team for sales and pre-sales for every region
that focuses only on SUSE.
Apart from the enterprise space, SUSE is also
banking big on the SME space... and why not, since
India has plenty of them. Swaminathan says, We see
tremendous opportunity in the SME space, where we
will go with our strong partner base. We are running
some interesting incentive schemes for our partners.
I have met many enterprise and SME customers who
have shared their concerns relating to vendor lockin with traditional vendors and thats where open
source technology can help them. We have seen many
successes, with enterprises and SMEs deploying their
mission-critical applications like SAP, real compute,
HPC, etc, on SUSE. Most of the UNIX-to-Linux
migrations in the country, especially for SAP, are
deploying SUSE. We have had some good wins in the
BFSI sector in banks, exchanges, etc, with customers
deploying SUSE for their core banking applications.
Looking at this trend, our first priority is to build a
strong partner community that can get us the scale to
reach out specifically to the SMEs. Next on our list
would be to work with the BFSI sector and get them
to benefit from open source technology, which offers
the right balance between cost and business value, with
security as the core strength. We have always had a
strong hold in the government and the education sector,
built around SUSE desktop, and hence that would be
a huge opportunity. We are already in talks with some
state governments to run this initiative.
India has been a very important market for SUSE
and with the growth the company has had here, over the
years, it will continue to be so. Swaminathan says, With
the recent wins in banking, and among the enterprises
with very large SAP deployments, we foresee very
significant growth in the coming years. As I mentioned
earlier, worldwide, SUSE is growing faster than the
market and this is the case in India too.

Linux: The obvious choice

SUSE is growing for the same reason Linux is. IT

managers across the globe are realising the importance
of open source technology in the context of vendor
lock-in. While working in SUSE, Swaminathan has
noticed that customers are aware of the key benefits
of using Linux, like lower TCO, easy customisation,

100 | august 2013

unique hardware and software requirements, and less

dependence on vendors. He adds, SUSE Linux offers
greater efficiencies but even more important, it helps
customers to be more agile as businesses and reduce
risks. Apart from these evident benefits, what worked
for us was a renewed focus in the Indian market with
a clear Go-To-Market (GTM) strategy to go after the
government, the enterprise, BFSI and the SME markets.
We have solid experience of 20 years in the enterprise
Linux space and I believe that with the right GTM
and marketing efforts we will repeat our growth story.
Our presence in industry events, campaigns targeting
the customer and partner community, and many new
initiatives like partner incentives and attractive bundles
for customers have worked in our favour. Last, but not
the least, is the support and testimonials/references from
our existing customer base, which makes it easy for us
to win new customers.
So for all those who still think that Linux is
not the right choice, think again! The government
being a key influencer when it comes to technology
adoption is the reason SUSE has banked on this sector.
Swaminathan says, One of SUSEs initiatives from
the very beginning in India is to engage on government
projects. The success we have had with many
government agencies and with e-governance initiatives
is a testimony to our efforts to provide an affordable
and sustainable solution to the government. These
solutions anyway affect the common manpeople
like you and me. SUSE has become the only choice on
many government projects in education and in school
initiatives under way across various states. Exposing
schoolgoing children to Linux will only increase
this awareness and, in the coming years, we will see
people asking for desktops/laptops with open source

Success story will continue...

Swaminathan says, I believe we can build on the

immense successes we have had last year. We have to
just replicate and reach out to many more customers
and partners. The company now wants to increase its
presence in the banking segment, specifically to all those
banks that are now on the verge of a hardware refresh.
He clarifies, We want to educate these banks on the
alternatives, and we believe we do have a very strong
value proposition. We are right now focusing on training
our partners to increase our reach.

By: Diksha P Gupta

The author is assistant editor at EFY.


For U & Me

Popular App Launchers

at Your Fingertips
For readers who have not used application launchers, now is the time to try one out. This
article demonstrates the popular app launchers GNOME Do, GNOME Pie and Synapse.
They are more powerful and faster than any built-in search system of an OS, and are
capable of doing a lot more than just launching apps.


n a lazy Sunday afternoon, after eating a rather

heavy lunch, I was getting ready to write yet another
article. I pressed <Ctrl+Spacebar> and a grey window
popped up. I started typing into it and had got only as far as
lib when the familiar icon of LibreOffice Writer came up.
I hit the Enter key and leaned back in my chair, the scene
harmonising with my already indolent mood. Installing
Synapse was a smart move, I thought to myself.
Synapse is a semantic launcher. Ive always felt that
it is an incredibly dry description for an extremely useful
program. Synapse is part of a category of software known
as application launchers. Such software not only allows
you to quickly access your favourite apps but often also
includes powerful search functionality. Call it an over
active imagination, but I always think of app launchers as

obsequious digital ferrets running around uncovering files,

locating apps and placing them all at your fingertips.
Though there is no shortage of application launchers, I
would like to review the three most popular ones GNOME
Do, GNOME Pie and Synapse.


GNOME Do was originally created by David Siegel.

It was inspired by Quicksilver for the Mac OS X and
GNOME Launch Box.
GNOME Pie was created by Simon Schneegans, a
student of computer media science at the Bauhaus University
in Weimar, Germany. He explained his reasons for creating
another application launcher: I realised the trend in
application launchers to be keyboard based. All of them

august 2013 | 101

For U & Me


(GNOME Do, Synapse, Kupfer, Unity's Dash, GNOME

Shell, etc) are mainly focused on keyboard inputI wanted
to create something which could be used with your mouse
only. And so GNOME Pie was born and released to the
public in September 2011.

User interface

GNOME Do is summoned using <Super+Spacebar>

where Super is the Windows (or if youre lucky,
Ubuntu) icon key. GNOME Do has a simple two-pane
user interface (UI). Your typed text and match show
up in one pane while the other pane shows the actions
possible. There is a tiny cross icon in the top left hand
corner for closing Do and an equally tiny icon in the top
right hand corner, which opens a menu that includes the
About Do, Preferences, Donate and Quit options.
The UI is fully customisable; you can choose a theme
and the background colour as well.
GNOME Pie has a unique and intuitive interface. It
is a circular application launcher and can be navigated by
using both the mouse and the keyboard, though using the
mouse is preferable. The UI consists of a central display
circle surrounded by the items. The user can choose from
several themes such as Funky, Glossy and even some
OS-specific themes such as Elementary and Unity. I
found the pie UI concept cute and refreshingthe only
drawback being the lack of icons sometimes. GNOME Pie
also has a notification tray icon, which on being clicked
shows Preferences, About and Quit.
Synapse is best thought of as a floating search bar that
can be activated using <Ctrl+Spacebar>. You type in the
text, and the icon of a matching application will be shown.
You can use the side arrow keys to access filters such as
Documents, Images, and Videos, which help narrow
the search. Synapses UI can also be themed. There are six
themes to choose from, including Do-ish, which turns
Synapse into a perfect GNOME Do clone! Synapse also has
a notification tray icon, which on being clicked shows the
Activate, Preferences and Quit options.

Functionality and ease of use

Launching applications from GNOME Do is fairly

straightforward. Just type in the name and hit Enter.
Searching is equally simple and surprisingly powerful.
The plugins allow Do to search your Tomboy notes,
Firefox bookmarks, Banshee and, of course, your files
and folders. Your search can also include your Google
Calendar events and Google Docs if you provide your
user details to the program. GNOME Do also allows you
to set simple reminders and find word definitions using
GNOME dictionary. These features work well; however,
as I experienced with the Reminder option, users need to
learn how to phrase the command to use these features

102 | august 2013

properly. The syntax, though simple, is not necessarily

obvious and often leads to a Google search or two. Oh,
and did I mention that all the features mentioned so far
are just a small part of the Official Plugins? And that
Official Plugins are roughly half of Community Plugins?
With such powerful add-ons, you can do literally anything
from the comfort of Dos two pane UI.
An innovative twist to GNOME Pie is that it consists
of several pies. For instance, there is an Applications
pie, a Multimedia pie and so on. Each pie has a different
keyboard shortcut. Users can, of course, create their own
pies. Each item in the pie is called a slice, and users
can add their own slices with some basic command line
knowledge. Unlike Do, GNOME Pie does not have a
search function. Though it has some additional features
like being able to control multimedia playback with a
pie, it primarily is an application launcher. This is not
a bad thing since simplicity has its own benefits. Many
users will find GNOME Pie intuitive and useful; however,
power users who want a host of additional features should
probably choose GNOME Do or Synapse.
If youve ever done a Google search before, you can
probably use Synapse. Launching applications and finding
files using Synapse is extremely simple. If youre unhappy
with the primary result, use the down arrow key to show
a list of alternatives. The side arrow keys allow you to
use the filters to narrow your search. Integration with
Zeitgeist makes Synapse very effectiveit managed to
find most of my search queries within seconds. Synapse
also has a decent list of plugins, though they are less in
number compared to Do. Plugins include the ability to
control Banshee and Rhythmbox, search the Web and even
perform some basic calculations. These plugins are not
always easy to use. For instance, figuring out how to use
OpenSearch took some time. However, once you learn
how to use them, the plugins are simply awesome and a
good return on the initial time investment.
All the three programs have the option to automatically
start up at login, circumventing the need for any other
application launcher to start them.
Which application launcher you wish to use ultimately
comes down to personal preference. For users who dont
want too many features and just want to access their
favourite applications, GNOME Pie is hard to beat. It
is easy to configure, looks good and its circular UI is
like a breath of fresh air. For users who would like the
ability to search for files and folders along with launching
applications, Synapse is a good choice. It has a simple
UI and a powerful search, along with a decent number of
plugins. For power users who want to do everything from
their application launcher, GNOME Do with its huge plugin library is perfect.
If I had to recommend an application launcher to

Rating: 4 out of 5
The good
Simple two-pane UI
Largest plug-in library
Powerful search, including content from even Tomboy
The bad
Some plugins are complex to use and require a particular syntax
Lack of notification tray icon
Rating: 3.5 out of 5
The good
Innovative great looking UI
Ability to use both mouse and keyboard for navigation
Many theme options
The bad
Lack of search capabilities
No plug-in library

For U & Me

I don't have a lot of time to work on it at the moment.

With the introduction of Unity, many Ubuntu users have
questioned the need for application launchers. What do you
think? Are app launchers doomed? I would love to hear your
responses at the poll on my blog.
On a more positive note, Simon Schneegans, the creator
of GNOME Pie, is busy working on its successorOpenPie.
According to Schneegans, OpenPie will work on touch
devices. Maybe that will be the future form of application
launchers, just so long as its open source.


By: Tushar Bhargava

The author is a 17-year old college bound-student who loves
Ubuntu and FOSS. He likes to program in Java and C++, and
enjoys writing. Of late, he's been trying his hand at making
Android apps. If you enjoyed this article, subscribe to his blog
at for more such articles.

Rating: 4 out of 5
The good
Simple intuitive UI
Powerful search with full Zeitgeist integration
Decent plug-in library
The bad
Some plugins are complex to use
Only six theme options
And the winner of this Software Showdown isSynapse!

someone without knowing much about the person, I would

suggest Synapse. It provides sufficient features for most
users and its theme-able UI is extremely intuitive.

Epilogue: The end of application launchers?

While researching Synapse for this article, I chanced

upon an interesting post at a site called Tech Drive-in.
It claimed that the launcher was not being maintained any
more. Looking at the projects Launchpad page, I realised
the latest version was about a year old. I asked a question
on the same page but got no answer. I can only hope the
project is being maintained.
Even GNOME Do hasnt been updated in a long time.
Seeing this, a user asked about the projects status. Heres
how Christopher Halse Rogers, the current project lead of
Do, responded, It's not dead, but it is reasonably mature, and

august 2013 | 103

AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks
AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks

A List Of Internet
Service Providers
Aircel | Gurgaon
Aircel Business Solutions offers high performance Internet leased-line services for its customers, for any kind of last
mile connectivity. With monitoring tools to check, measure and monitor the backbone, Aircel allows its customers to
buy the bandwidths as per requirements and deploys the last mile connectivity over Wimax, fibre or P2P radio. Aircel
Business Solutions currently offers the following services like premium Internet bandwidth, shared Internet bandwidth,
Preferred Route Internet and Data Centre Internet to its small business and enterprise customers.

AT&T, India | New Delhi

AT&T is an Internet service provider offering high speed Internet, DSL and broadband. Connecting ones home or
business with the VoIP service from AT&T is easy, as it comes with remarkable voice quality, powerful new features
and comprehensive savings. Business DSL from AT&T offers high-bandwidth Internet access at speeds significantly
faster than dial-up access, but at a fraction of the cost of T1-based access. It also comes with multiple options for
speeds and configurations, and nationwide reach over the AT&T IP backbone.


Bharat Sanchar Nigam Ltd | New Delhi

This is one of the leading Internet service providers with more than 1.7 million subscribers, providing Internet services
branded Sancharnet throughout the country (except in New Delhi and Mumbai). Sancharnet provides free all-India
roaming, and enables its users to access their accounts with the same access code (172233) and user ID from
anywhere in the country. In order to make Internet available throughout the length and breadth of the country, Internet
dhabas are being commissioned at all the block headquarters. BSNL has also started DIAS and account-free Internet
access (CLI based) facilities in a few select cities recently.

Bharti Airtel Ltd | New Delhi

The company is a leading global telecommunications company with operations in 20 countries across Asia and
Africa. Headquartered in New Delhi, the companys product offerings in India include 2G, 3G and 4G wireless
services, mobile commerce, fixed line services, high speed DSL broadband, IPTV, DTH, and enterprise services
including national and international long distance services to carriers. In the rest of the geographies, it offers 2G,
3G wireless services and mobile commerce. The company claims that it had over 269 million customers across
its operations, as of the end of March 2013.

Broadband Pacenet India Pvt Ltd | Mumbai

This is an Internet service provider with a pan-India presence in the seven cities of Mumbai, Delhi, Kolkata, Hyderabad,
Vadodara, Indore, Jaipur, Dhule and Pune. Its services include high-speed Internet broadband services, Internet leased
lines for enterprises and SMEs (both wired and wireless), VoIP, data storage co-location services, audio and video
conferencing, metropolitan security networks, bandwidth on demand, etc.

Hathway Cables and Datacom Ltd | Mumbai

As a leading service provider, Hathway offers a gamut of dedicated broadband solutions at competitive prices with
quality performance and features. It provides cable services in 125 cities while broadband services are provided in
18 cities. The highlights of its services include static IP addresses which can be used for applications like Internet
servers (Web servers, mail servers, FTP servers, etc), secured networks, 24x7 dedicated customer support services,
104 | August 2013

the capability to offer specified bandwidths, affordable high bandwidth designed for businesses that demand
superior performance, and more.

Idea Cellular Ltd | Mumbai

Idea offers a range of high-speed mobile broadband devices including Android-based 3G smartphones, dongles,
etc. Ideas wide portfolio of services for 3G smartphones offers the latest in 3G applications and high-end data
services such as Idea TV, games, social networking, etc, at most affordable prices. Ideas robust pan-India
coverage is built on a network of over 100,000 2G and 3G cell sites, spread across over 55,000 towns in India.

Indusind Media and Communication Ltd (IMCL) | Mumbai

Promoted by the Hinduja Group, IMCL is one of the largest MSO and cable broadband service providers in India.
The companys cable operations are present across key Indian geographies and it offers high-speed cable
broadband services across 11 cities. The company offers high speed Internet services to residential, corporate
and SME customers. For corporate and SME customers, IMCL offers dedicated leased lines to enable them to
send huge amounts of data. IMCL would also be building a comprehensive services framework that can deliver
leading edge voice, video, data and multimedia content services over any broadband or IP-centric network.

AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks
AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks

Mahanagar Telephone Nigam Ltd | Mumbai

Netmagic Solutions | Mumbai

Netmagic Bandwidth Services offers customers the benefits of high-performance network architecture,
ensuring scalability and maximum uptime and availability. The services include reliable 10 MBps/45 MBps
Internet bandwidth through a dedicated leased line, burstability available on premium and advanced plans so
that customers can shift gears and manage heavy traffic, built-in redundancy enabled for businesses through
access to connectivity from multiple service providers, and more.

RailTel Corp of India | New Delhi

RailTels enterprise portfolio includes transmission networks, broadband services, data and Internet services.
RailTels MPLS (Multiprotocol Label Switching) data network provides connectivity that meets the industrys
standards for consistent, secure and reliable data delivery. IP services are extended through carrier Ethernet
access networks at all the RailTel locations, inter-connected to the MPLS-IP CORE network. RailTel provides
port speeds of all granularity, and managed customer traffic. It has set up Internet gateways at Mumbai, Delhi
and Hyderabad, and provides Instantaneous Bandwidth leased lines from RailTel PoPs across the country.
The IBW is sourced from two or more service providers and on different submarine cables to ensure high
availability with low latency.


MTNL is presently offering a wide spectrum of Internet related services from dial-up Internet access to broadband
Internet access servicesin Delhi and Mumbai. Internet related services provided by the company include
pre-paid Internet access services, post-paid Internet Express CLI services, Internet telephony services, and
Internet services via leased lines.

Reliance Communications Infrastructure Ltd | Mumbai

Reliance broadband Internet services are based on dual ring fibre architecture with FTTB (Fiber-to-the-building),
giving exceptional uptime and access speeds. Combined with a wholly-owned 10 GBps data backbone that is
monitored 24x7x365, this gives the customer an extremely reliable service, backed by industry leading service
level agreements (SLAs). Reliance Wirefree Internet offers a superior broadband experience and unmatched
features like capex-free subscription-based services, complete network and PC security solutions, ease of
management for services subscribed to over the Web, and round-the-clock help-desks for support. In short,
it is a one-stop solution for all communication and IT needs.

August 2013 | 105

AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks
AT&T, India
Bharat Sanchar Nigam Ltd
Bharti Airtel Ltd
Broadband Pacenet
India Pvt Ltd
Hathway Cables and
Datacom Ltd
Idea Cellular Ltd
Indusind Media and
Communication Ltd (IMCL)
Mahanagar Telephone
Nigam Ltd
Netmagic Solutions
RailTel Corp of India
Reliance Communications
Infrastructure Ltd
TATA Communications
Tikona Digital Networks

Sify | Chennai
After becoming the first network in India to be IPv6 enabled, the third largest IP VPN services provider in
India, and an industry-defining portal, in 1999, Sify became the first Indian ICT company to be listed on
NASDAQ. Sify broadband offers home broadband plans with speeds from 192 KBps to 1 MBps. It comes
with a contention ratio of less than 30 to deliver consistent browsing speeds. The company has a presence
in more than 200 cities across India, so customers can transfer their Sify broadband connections in case of
relocation. Sify broadband also doubles up as a provider of an array of business enhancement tools such as
website building, domain names, static IP, etc, to empower customers businesses. Subscribers can enjoy a
host of custom solutions, which include uninterrupted connectivity, dedicated speeds, value added features
and 24x7/365 support.

Spectranet | Gurgaon
Spectranet Wireless Broadband eliminates the ugly wiring that usually accompanies a broadband connection.
The service gets delivered effortlesslyor wirelesslyto homes at a low cost. Its services include unlimited
download/upload on all plans, quick installation (within two days), the ability to surf the Internet on Wi-Fi
enabled mobiles, free Internet access at all Spectranet Wi-Fi Zones across the country, hassle-free 24x7
customer support, and numerous value-added services for the entire family.


TATA Communications | Mumbai

Tata Communications can deploy Easy Internet in less than 10 days, managing both the Internet port and local
loop set-up. Backed by best-in-class Service Level Agreements (SLAs), Easy Internet is robust and dependable,
with 99 per cent guaranteed network uptime. Flexible service offerings and additional options include business
class Internet bandwidth available in 256 KBps, 512 KBps, 1 MBps and 2 MBps plans; best-in-class Managed
Security Services with a firewall; Intrusion Detection and Prevention (IDPS) and anti-spam/anti-virus devices; a
choice of routers and additional options: business messaging, management of routers and utilisation reports.
It provides connectivity to over 50 per cent of the Indian market, and its tier-1 IP backbone spans more than
200 countries and territories, providing coverage across five continents.

Tikona Digital Networks | Mumbai

Tikona Digital Networks (TDN) is engaged in building the next generation of wireless broadband services for
home and enterprise customers in India. Tikona Enterprise Solutions offers the following products and services
to businessesdirect to office leased lines with near 100 per cent Internet uptime, with link load balancing and
failover routing; differential accessfor customised bandwidth per user group; secured office Wi-Fi which
allows employees to work from anywhere in the office using devices such as tablets, notebooks, smartphones,
etc; secured boardroom Internetfor easy and secure guest Internet access; high definition (HD) cloud video
conferencing services that come with collaboration features, etc.

Tulip | New Delhi

Tulips corporate Internet access service offers a flexible and scalable solution, providing reliable, highly
available and on-demand bandwidth to customers. It offers tailor-made solutions as per the requirement of
the customers. Its features include dual-stack support (IPv4 plus IPv6)-ready networks, fully meshed DS3/
STM backbone networks, carrier agnostic networks with Internet connectivity from multiple network operators,
no single point of failure and a fully redundant network, last mile access via fibre or radio frequency, a wide
choice of bandwidths ranging from 64 KBps to STMs, multiple interface options (i.e., G.703, V.35 or Ethernet),
industry leading SLAs, and 24/7 monitoring via multiple network operation centres.

106 | August 2013




Mounting the removable devices

automatically at a specified folder

#find dirname ( -iname *.c -o -iname *.cpp )

This trick is for those who deal with many removable

devices, with every device changing its name after you
restart your system.
The solution is to mount devices by using their UUID
(Universally Unique Identifier).
Run the following command:
# blkid

which will show the UUID of devices. Now make an

entry in the /etc/fstab file as shown below:
UUID=41c223418-fbad-4da6-8196-c816df0b7cc8 /rt
defaults,errors=remount-ro 0


and then save and exit the file. Make sure you back
up the original fstab file to avoid any problems.
Now, type:
#mount -a

This will re-read the fstab entries.

This tip can also be applied in case of SAN storage,
where every Logical Unit Number (LUN) needs to be
Rohit Verma,

Finding multiple file types with a single

find command

You can find all the c files or cpp files in a directory

using the find command, as follows:

Rajeev N Sambhu,

How to change a user to a super user

By doing a simple modification in the /etc/passwd

file you can enable a normal user to act as a super user. Let
us see how this can be done. First of all, create a normal
user account sampleuser.
Then edit the file as shown below:
vi /etc/passwd

Change uid=0 in the above line.


Save and exit the file. Now your sampleuser can act as
a super user (root).
Kannan M,

Merge and split PDF files in Ubuntu

Often, there is a need for splitting or merging a PDF

file. Lets look at how to do this in Ubuntu.
Lets use pdftk to play around with PDF files. Open the
terminal and type the following command:
sudo apt-get install pdftk

After successfully installing pdftk, run the following

command to merge PDF files:

#find dirname -iname *.cpp

pdftk 1.pdf 2.pdf 3.pdf cat output merged.pdf

This will return all the cpp files in the directory

If you want to find all the cpp or c files in a directory
using a single command, use:
108 | August 2013

To split PDF files, use the following command:

pdftk 1.pdf cat 1-5 output new.pdf

This will create a file called new.pdf, which will have

only pages 1 to 5 of 1.pdf.
Now let us look at a more complex use of pdftk:
pdftk A=one.pdf B=two.pdf cat A1-7 B1-5 A8 output

which rpm package. So, here is a tip to find out the name
of the package with the help of the yum command. For
this you should have the Yum server configured on your
machine, locally or remotely.
Lets look at the example of the date command:
#yum whatprovides /bin/date

In the above example, we have selected different

pages from different PDF files and merged them into
Neeraj Garg,

How to begin with C programming in


Here is a simple tip that will enlighten newbies on how to

compile their first program using C.
Make sure that you have C compiler installed before
trying out the following steps. Now, create a file abc.c
using any text editor.
Open gedit and enter the following code:
void main()
printf(Hello world\n);

Now save it as abc.c in your home/username folder.

Next, to compile this code, open the terminal and run the
following command:

Loaded plugins: refresh-packagekit,

coreutils-8.4-9.el6.x86_64 : A set of basic GNU tools
: commonly used in shell scripts
: base
Matched from:
: /bin/date
coreutils-8.4-9.el6.x86_64 : A set of basic GNU tools
: commonly used in shell scripts
: installed
Matched from:
: Provides-match: /bin/date

The above output provides you with the actual name of

the package that is installed on your machine.
In case the package is not present on your machine, you
can ask Yum to do the search work for you. For example, I
cant locate the mutt command on my system, so I ran the
following command:
#yum whatprovides */mutt

This will list the number of packages so that you can

actually get the name of the package, as follows:

#gcc abc.c
Loaded plugins: refresh-packagekit,

On successful compilation, you will notice that a file

named a.out has been created. This is the file you will need
to run by typing the following command in the terminal:

5:mutt-1.5.20-2.20091214hg736b6a.el6.x86_64 : A text mode

: mail user
: agent


In case you want to give the executable file your own

name rather than a.out, then you should compile it by
using the -o option, as follows:

: base
Matched from:
: /usr/bin/mutt

Namrata Mapgaonkar,

#gcc abc.c -o hello

where -o stands for the output file name.

Rajnish Kumar,

Know the package behind the command

you run

Often we need to know which command is packed with

Share Your Linux Recipes!

The joy of using Linux is in finding ways to get around
problemstake them head on, defeat them! We invite you
to share your tips and tricks with us for publication in OSFY
so that they can reach a wider audience. Your tips could be
related to administration, programming, troubleshooting or
general tweaking. Submit them at The
sender of each published tip will get a T-shirt.

August 2013 | 109


August 22-23, 2013

30th Sep 4th Oct, 2013

October 17-18, 2013

November 11-13, 2013

November 21-22, 2013

November 20-22, 2013

110 | AUGUST 2013

Name of the eveNt


locatioN & coNtact


Fleming Gulf's 2 Annual

Cloud Computing Summit

The second annual cloud computing summit is bringing back key

CIOs onto a single platform in
order to overcome the general
inertia plaguing the sector.

New Delhi;
Tikenderjit Singh Makkar,
marketing manager, tikenderjit.singh@fleminggulf.
com; Ph:+ 91 20 6727


Interop, New York

Interop New York offers sessions

and networking opportunities open
to all attendees including Vendor
Sessions, Cloud and Virtualization
Theater Sessions, InteropNet tours
and classes and Speed Networking.

Javits Center, New York

Reseller Club Hosting Summit, Gurgaon

This is supposedly Asia's largest gathering for the Internet

industry. Expect to meet some of
the biggest brands from across
the hosting world this October at
Gurgaon, Delhi.

Keenan Thomas, sales
manager; Ph:(+91) 22
3079 7637; keenan.t@


Open Source India

This is the premier open source

conference in Asia targeted at
nurturing and promoting the
open source ecosystem in the

NIMHANS Convention
Center, Bengaluru;
Omar Farooq, assistant
product manager;
Ph: 9958881862;

BYTE Into Big Data Summit

This summit deals with issues

on big data that describe a new
generation of technologies and architectures, designed to economically extract value from very large
volumes of a wide variety of data
by enabling high-velocity capture,
discovery and/or analysis.

Harsha Samtani
Marketing & Co-ordination;; Contact no:

Interop, Mumbai

INTEROP Mumbai is an independently organised conference and

exhibition designed to empower
information technology professionals to make smart business

Bombay Exhibition Center,

Sanket Karode, Dy Marketing Manager, sanket., Ph:
+91 22 61727403


R N I No. DELENG/2012/49440