Rewinding – 2012

I really like to rewind things. This helps me to understand the mistakes I have made in the past. It proves to be a great learning experience. Frankly speaking, the mistakes I make never ends and I keep getting hurt due to those mistakes. But I guess, that’s how things work. You make mistake, you learn but yeah, I need to start learning from others’ mistakes, not mine. The time is up. haha

Well, 2012 was not that great. Health wise, dad was in bad shape almost whole year. In fact, he is still in bad shape. Financially, cleared good amount of debt. Ended up taking risk again, lost few lakhs, IT department still undecided about my IT refund. CA messed up with the accounts, got surprise of huge tax liability.

Overall, most of the money was spent in the risk I took + the taxes.

Let’s talk about the good things.

Bought another car (I had bought i20 in Dec 2010) for dad / wife; i10. 27″ Apple Display, iPhone 5.

Work: Shifted main focus to BiteBank (B2). Moved all development work of Web1 to B2 (this was done towards the year end). Web1 manages the hosting accounts and passes on all the development work to B2. Prefer this kind of neat setup so I can manage everything from one place.

One of my very good friends, Ashish saved me from making a big mistake. I will always be very thankful to him for this and everything.

Learnings: Learning wise, the year was pretty good. Apart from learning from the mistakes I made; technology wise, the year was pretty good. Learned CodeIgniter myself (I was running away from it since quite sometime). Managed to build a small but fully optimized app. Frankly speaking, there was nothing much to learn. I just had to put different pieces together and that’s about it. But yeah, loved things like Hooks, Caching, extending core controller, model etc..

2013 is going to be really challenging on every front. Technology wise, the year is going to be really exciting. The thing we are working on is mind blowing. I am just waiting for the day it will go live. I am 100% sure that it will be the best product in the field we are working on. This confidence is based on the way we have planned out the things and the way it’s shaping up.

Working on few other interesting things on Android, iOS, APIs and lot more. I won’t be able to reveal it now but will surely provide details once we go public with these products.

Have few ideas in mind, we might start one of the ideas soon.. I am not sure when but let’s hope to start soon. Don’t want anyone else to start on those ideas.

I am sure 2013 is going to be much better than 2012 on every front.

Like always, Not losing the hope.

Good luck to you guys too.

Fighting Cancer, the Danger Word!!

Cancer!! That word is enough to create panic environment around you. That’s what exactly happened when my dad was diagnosed with Cancer. I know, I am not supposed to reveal this but I really don’t care about it. Whole world around me knows about it now. I don’t prefer hiding it anymore.

The purpose of this post to let everyone know different stages of mental trauma everyone goes through and realize everyone that all this trauma could easily be avoided and should be avoided.

Continue Reading →

What is happening India?

Quite depressed with the current state of the country. The girl gets raped in a bus, raped by 6 cruel men. The rape did not satisfy them, so they took help of the iron rod to teach girl a lesson.

The female news reporter of Aaj Tak gets taste of Delhi’s eve teasing. That too live on camera.

In some other part of India, a woman was gang-raped by India Reserve Battalion jawans.

There are endless examples like this. But the point here is, why our country is so silent about it? Why we don’t have strict laws to tackle such issues?

Women should feel most secure in the country but we have exact opposite situation here. Why does this happen? This happens because we have too many loose ends. People know how poor our system and law is, they take advantage of it. The case judgement takes years and the punishment given in the end is good for nothing. There are even cases when rapists (of minor girls) have got pardon from the president of India.

People know that, it’s not so difficult slip away from the eyes of the law. And sadly, that’s the worst sign any country’s legal system should have. Basically, it’s like an alarm, asking you to wake up and change the system, don’t let people take advantage of the system.

So, what could be done about this? I think we should have fast track courts with judgment and punishment should be given within specified time.

Obviously, it’s not possible to move all the cases to fast track courts but government should categorize the cases. Set time frame for each category. Increase number of courts, pay more to civil servants and make sure that they do their job well.

Another major improvement we should do on the punishment front. People say that hanging a person is not the solution and what not. This is actually quite true till certain extent but I would suggest, “pain”, “severe pain” is the solution.

Don’t kill the person, don’t hang him but give him / her exact same amount of pain the other person went through. Show their faces on television, tell the world that if you dare to rape anyone or commit crime, you won’t be spared. And Yeah, no need to wrap this warning in good words. Be stern, be rude and create fear.

I don’t have much to say, already depressed due to the events happening around.

Let’s hope to see a better India before we die.

Death is a Festival!!

Yes, Death is a Festival and I totally mean it. “What is Death?” – this same question comes in my mind whenever I get to know about death of someone I know.

Today, I went to final prayer (Antim Ardas) of someone I knew. Sitting in a Gurudwara, looking at everyone’s faces, trying to make out meaning from Kirtan, which were in the language I have never understood. Saw sad faces, saw careless faces, saw shy faces, saw people busy with their mobile phones, saw kids playing in the corner and also saw one man, sitting at the door, welcoming everyone, his face had a different charm, a smile which would make you feel homely. That man was the closest person to the one who died. I know this must be really hard for him to keep himself calm and composed but that man taught me to smile in the worst circumstances. I never interacted with that man but his expressions told me the whole story and it made me understood the purpose of living and dying.

So, coming back to the subject, Death is a Festival. Why?

In our life, our aim is to achieve happiness in some or other way. Some people get happiness by being rich, some get by going on a holiday or by achieving some goal but all these things are temporary. These are our desires and new desires crop up once we get what we want. We just keep following those desires, we just keep pretending that we are happy. But that’s never true. A living person can only pretend to be happy.

Death is what makes a person happy. Away from the world, away from never ending desires, away from the fights, politics, money, affection.. away from everything.

You get this exact feeling when you are alone.. sitting alone in a peaceful place, a temple or on a holiday, without your cell phone. You get the peace when you keep staring at the ocean waves, keep staring at the mountains, hear the sound of birds chirping, hear the sound of the rain fall..

But everything is gone once we get back to our normal life, you are back at staring at your computer, getting tensed about surviving, worrying about the expenses, worrying about the fights and what not.

But Death.. Death is the End. Death is the fullstop to the past and the start of the journey we have always dreamed of. No cell phone rings, no one to disturb, no one to fight, no one to talk. Just peace and happiness.

And that’s the reason I call it as a Festival. It’s a festival of peace, happiness. We get something what we always try to achieve.

So, let’s not be sad about someone’s death. Yes, I know it hurts a lot but at the same time, we should see that, the person who died is free from all the restrictions we live in. Death is freedom.

Let’s be happy about person who will have a better life than us. Let’s bid farewell to that person with a smile.

Death is a Festival.

Securing Passwords in your Web Application

These days, every other site’s database gets hacked and user login details are made available online. Whatever is happening is pretty sad but it’s really not possible to make ourselves 100% secure and hack proof. But yes, it’s definitely possible to be extra cautious to avoid heavy loss in these kind of situations.

The most important part in the user database is “password hashes”. I think these days, most of the sites have adopted one way encryption. Yeah, there are few large sites who still prefer storing their user passwords in simple text or 2 way encryption format, but let’s not talk about those.

So, coming back to one way encryption. The simple method to do this is by using MD5 hashes or SHA-1 hashes. It’s pretty much secured with no major issues with decryption. Yeah, hashes can be matched with huge list of words in the dictionary (or any collection of words) and this is what generally hackers do.

So, in short, storing passwords in simple MD5 / SHA-1 hashes is not enough too. Say, in case of breach like LinkedIn, the passwords were stored in simple SHA-1 hash, so the hackers compared the hashes with huge list of words and were able to decrypt millions of passwords.

So, how do we prevent something like this in future? Here is how:

Use Salt. You can create one key of say 64 characters and every time a user registers, the password hashes will be merged with the salt and a new hash will be generated with this combination. So, if you use this, all the user passwords will be merged with same salt. It will become impossible to compare the hashes with list of words without the salt hash.
Above method is generally used in recent times but this is what you can do, if you still want to add one more layer of security. At the time of user registration, generate a random salt for that particular user, store salt in the database along with the password. The password hash will now have, hashes of password merged with hashes of the salt. On the top of it, you can merge one more salt value which can be stored in your config file. So, this way, your password will have be unique combination of hashes every time. Yeah, the hackers will get access to your random salt from database (in case of database hack) but it will surely make their life difficult at the time of decryption or comparing with the list of words.
Another thing you can do is, implement any of the above points, create a new table for password & map user IDs to it. So, even if the password table is hacked, the usernames won’t be revealed as both are not in the same table.

I guess, above points should add a decent security layer on your web site / application. Obviously, whatever I have mentioned is not rocket science, your site won’t turn to hack proof if you implement any of the above points or any other methods but it will surely make decryption difficult.

Like always. Suggestions are welcome.