Top 10 List of Week 02

1. SHA256 online hash function
   If you’ve read my previous list in Week 01, you know I love interactivity and practice as it is proven to be a more effective way to learn rather than just memorizing. This tool converts your input into SHA256 encription with live auto updates. One of the interesting new things that I’ve learned from this website is that the length of the encrypted message doesn’t change. Not only that, you can also change to other different hash functions such as SHA512 and SHA384.

2. Difference between Private key and Public key
   For some, this might sound as something mysterious, but it’s actually not. GeeksforGeeks is notorious for it’s widespread and detailed information around computer science topics. This article is concise, explains the difference between a private and public key. In short, private key, as it is named, should not be exposed to the public. It is symmetrical because it is the secret key which you can encrypt and decrypt messages, where as the public key is assymmetrical, meaning that you can encrypt a message but not decrypt it. For more information on asymmetric encryption, please check out my next article up on the list.

3. What is Asymmetric Encryption? Understand with Simple Examples
   My way of learning is top-bottom, meaning I like to learn something by doing it first, then learning what I just did in a more detailed way. Elon musk explained it best where he describes using tools to solve a problem, rather than learning each tools in such a detailed manner, but not really having that connection with the tool and problem. Following the previous article, we’re now going to go on a deeper dive about asymmetric encryption, which is how public and private keys work.
   I love this article as it is light on the theoretical side, has great explanations, plus has illustrations if that’s how you like to learn.

4. 101 Bash Commands and Tips for Beginners to Experts
   If there is a buku rumus jitu such as one for preparing SBMPTN exams, this is the one, but for bash commands. It is a bit lengthy, but that’s it’s strong point and it is not meant for a single sitting read. This article is also structured very well, starting out with single commands and explaining while giving code examples starting ranging from commands such as touch to making environment variables. The juicy part of the article is at the section of bash scripts, where you get to see all these different commands come together as you get a little more confident in reading, and possibly make one of your own .sh file for your daily needs.

5. How to customize .bashrc to configure command prompt?
   As the command prompt that we’ll be using every time we use the VirtualBox on debian guest, it is a great idea to know more on how bash, the command prompt, works. I love stackexchange / stackoverflow articles as it is amati, tiru, modifikasi at it’s finest. This thread has many solutions that you can copy and paste onto you .bashrc file to make your Operating Systems experience a little more exciting. You can add aliases to reduce boilerplate on commands you typically have to type verbosely on a regular basis. You can also change the promp text color, for example from the hacker-looking green into pink (which I personally love). Also to finish it off, dont forget to run source .bashrc for the changes to take effect.

6. Commonly Asked Operating Systems Interview Questions | Set 1
   Now let’s take a step back and look at Operating Systems at a higher level. Because I have a technical interview this Friday, I think it’s a great idea to look at common interview questions regarding Operating Systems. GeeksforGeeks is my favorite place to grind any topic that I feel that I need to take a deeper dive into. Here is my summary upon reading this article:
   • What is a Thread? What are the differences between process and thread? A thread is a single sequence stream within a process, sometimes called a lightweight process. Threads are used to improve applications using concurrency.
   • What are the benefits of multithreaded programming? Enables resource sharing, jobs can be distributed rather than abusing a single thread.
   • What is deadlock? Deadlock occurs when two or more processes each hold a resource and wait for other resources held by another process but none actually finish executing.
   • What is starvation? Starvation occurs when high priority processes keep executing while low priority ones get blocked for a certain amount of time. These are highly important topics that might land you your dream job, so make sure to read these when you have the time!
7. Lock, mutex, semaphore… what’s the difference?
   Another important interview question that has come up alot, specifically in backend interviews. I feel like this the right time for me to take a deeper dive on Lock, Mutex, and Semaphore and having a better understanding of concurrency, threads, and processes in general. If you’ve read my top 10 compilation before, I’ve stated that I love stackoverflow threads, as it’s concise, written by developers for developers, and you can discern between the good answers from the bad ones as you can see every post’s upvote rank.
   • Lock allows only one active thread to enter a part that’s locked. The non-selected threads are put to sleep.
   • Mutex is similar to Lock, but allows sharing between multiple processes.
   • Semaphore is similar to Mutex but not actually. It allows ‘N’ number of threads to enter. Semaphore is signaling mechanism (“I am done, you can carry on” kind of signal).
8. Mutex vs Semaphore
   From reading the previous number in the list, you might think that Mutex and Semaphores are very similar, but they are actually different. I found a great quote from the previous article: “The correct use of a semaphore is for signaling from one task to another. A mutex is meant to be taken and released, always in that order, by each task that uses the shared resource it protects. By contrast, tasks that use semaphores either signal or wait—not both.”
   • Mutex is a locking mechanism used to synchronize access to a resource.
   • On the other hand, Semaphore is a signaling mechanism which an Interrupt Service Routine (ISR) signals for the task to wake up.

9. SHA-1 checksums
   Now back to non interview OS topics. If you’re confused when sir does a SHA1 cheksum, then you’re not alone. This link is very very short, which I love because it’s concise but also explains it with examples, things even long articles sometimes do not have. From my understanding, SHA-1 sums provide an assurance that the document you’ve just donwloaded is, in fact, the original AND unmodified document. Simply write sha1sum -b <filename> to compare the result with the published value.

10. The Moonpig Bug: How 3,000,000 Customers’ Details Were Exposed
    After a long journey, we’ve finally reached the final link in this week’s top 10, and there’s no better way to end it with a Tom Scott video. This video is related with this week’s topic, Security, specifically the Moonpig Bug. Essentially, when you login, you’ll get a token which can identify that you are, indeed, the person who just logged in. Except, the engineer’s did a big oopsie where the token is the user’s customer ID. Sure, you might think that finding a specific user id might be hard as it is usually uuid type, except that the engineers did another oopsie, making the user id sequential. This means i can simply get any user id by just playing with random numbers! This all amde it possible for anyone to log in as anyone, as long as they can guess their user id, which is a simple range of number guess between 0 and the number of users that have registered on that site.
    So what to learn from this horrible bug? GSGS on best practices when implementing data table ID’s and also, don’t use a user’s ID as a login token.