17-reasons-why-exercise-makes-you-happy-infographic

[Infographic] 17 Reasons Why Exercise Makes You Happy

 One of the most frequent promises people make is to get fit by working out more. Exercising regularly is also one of the hardest promises for people to keep – as the experts at TopStretch.com can attest to. Stressful schedules and day-to-day life tends to get in the way of our wellness goals. People kick start their new healthy outlook with good intentions and gym memberships and then abandon them within a month or so.

It turns out that exercising is one of the best commitments you can make for yourself. Most people know that working out helps people lose weight. Did you know that it also provides emotional benefits such as reduced anxiety and a better self-esteem? It can also sharpen your memory and increase energy levels. Exercise is truly good for our bodiesboth inside and out.

If you need motivation to help keep your workout plan on track, check out this infographic to see some of the unexpected benefits of hitting the gym or running trail on a regular basis.

 

’17

deleteme

Things every Java developer must know about Exception handling

Exceptions are one of the most misunderstood (and misused) features of the Java programming language. This article describes the absolute minimum every Java developer must know about exceptions. It assumes that the reader is somewhat familiar with Java.

Historical Perspective

Back in the heyday of the “C” programming language, it was customary to return values such as -1 or NULL from functions to indicate errors. You can easily see why this isn’t a great idea – developers had to check and track possible return values and their meanings: a return value of 2 might indicate “host is down” error in library A, whereas in library B, it could mean “illegal filename”.

Attempts were made to standardize error checking by expecting functions to set a global variable with a defined value.




deleteme

James Gosling and other designers of the language felt that this approach would go against the design goals of Java. They wanted:

  1. a cleaner, robust and portable approach
  2. built in language support for error checking and handling.

Luckily, they didn’t have to look too far. The inspiration for handling errors came from a very fine language of the 60’s: LISP.

Exception Handling

So what is exception handling? It is unconventional but simple concept: if an error is encountered in a program, halt the normal execution and transfer control to a section specified by the programmer. Let’s look at an example:

try {
   f = new File("list.txt"); //Will cause an error if the file is not found...
   f.readLine;
   f.write("another item for the list");
   f.close();
} catch (FileNotFoundException fnfe) { // ... and transfer control to this section on error.
   // Do something with the error: notify user or try reading another location, etc

}





Exceptions are exceptional conditions that violate some kind of a “contract” during program execution. They can be thrown by the language itself (e.g. use a null reference where an object is required) or by the developers of program or API (e.g. passing date in British format instead of American). Some examples of exceptions are:

  • Accessing index outside the bounds of an array
  • Divide by 0
  • Programmer defined contract: Invalid SQL or JSON format

Exceptions disrupt the normal program flow. Instead of executing the next instruction in the sequence, the control is transferred to the Java Virtual Machine (JVM) which tries to find an appropriate exception handler in the program and transfer control to it (hence disrupting the normal program flow).

Checked and Unchecked Exceptions

Before we look at the exception classes in Java, let’s understand the two categories of exceptions in Java:

Checked exceptions – You must check and handle these in your program. For example, if you are using an API that has a method which declares that it could throw a checked exception, you must catch the exception each time you call that method. If you don’t, the compiler will notice and your program will not compile. The designers of the Java wanted to encourage developers to use checked exceptions in situations from which programs may wish to recover: for example, if the host is down, the program may wish to try another address.

Unchecked exceptions on the other hand are not required to be handled or caught in the program. For example, if a method could throw unchecked exceptions, the caller of the method is not required to handle or catch the exceptions.

Remember: Checked exceptions are mild and normally programs wish to recover. They must be caught and this rule is enforced by the compiler. The compiler doesn’t care whether you do or do not catch unchecked exceptions.

Many people find dichotomy between checked and unchecked exceptions confusing and counter-intuitive. Discussing the arguments from both sides are beyond the scope of this post.

Parent of all exception classes: Throwable

All exceptions in Java descend (subclass) from Throwable . It has two direct children:

  1. Exception
  2. Error

Error and its sub-classes are used  for serious errors from which programs are not expected to recover,  i.e. unchecked exception.

Exception and its sub-classes are used for mild errors from which programs may wish to recover, i.e. checked exception. Right? Well, there is a twist. There is just one sub-class which is different, that is, unlike it’s parent the Exception class, it is unchecked. It’s called the RuntimeException.deleteme

Checked exception classes (mostly): Exception

Exception and its sub-classes must be caught and as such they force the programmer to think (and hopefully) deal with the situation. It is a signal that something didn’t go as intended along with some information about what went wrong, and that “someone” should do something about it. (e.g. car’s dashboard indicating that the battery needs service).

According to official documentation:


These are exceptional conditions that a well-written application should anticipate and recover from. For example, suppose an application prompts a user for an input file name,  [..] But sometimes the user supplies the name of a nonexistent file, and the constructor throws java.io.FileNotFoundException. A well-written program will catch this exception and notify the user of the mistake, possibly prompting for a corrected file name.

Source: The Java Tutorials

RuntimeException

RuntimeExceptions are used to indicate programming errors, most commonly violation of some established contract. They make it impossible to continue further execution.

For example, the contract says that the array index mustn’t go past [array_length – 1]. If you do it, bam, you get a RuntimeException. A real world analogy would be pumping diesel into a gasoline car: the unwritten contract says that you must not do it. There are no  signals, just the white smoke before the car comes to a grinding halt after a while. The message: it was your fault and could’ve been prevented by being smarter in the first place.

These are exceptional conditions that are internal to the application, and that the application usually cannot anticipate or recover from. These usually indicate programming bugs, such as logic errors or improper use of an API.

Source: The Java Tutorials

Error

These exceptional circumstances are like “act-of-god” events. Going back to our previous analogy, if a large scale alien invasion were to happen, there is nothing you could do your protect your car, or yourself (unless your last name is Ripley). In Software world, this amounts to the disk dying while you are in the process of reading a file from it. The bottom line is that you should not design your program to handle Errors since something has gone wrong in the grand scheme of things that are beyond your control.

These are exceptional conditions that are external to the application, and that the application usually cannot anticipate or recover from. For example, suppose that an application successfully opens a file for input, but is unable to read the file because of a hardware or system malfunction.

Source: The Java Tutorials

It’s not so black and white

Checked exceptions are often abused in Java. While Java forces developers to catch unchecked exceptions, it cannot force them to handle these exceptions. It’s not hard to find statements like this even in well written programs:

try {
   Object obj = ...
   Set<String> set = ...
   // perform set operations
} catch (Exception e) {
   // do nothing
}

Should you ever catch Runtime Exceptions?

What’s the point of catching RuntimeExceptions if the condition is irrecoverable? After all, if you were catching every possible run-time exception, your program will be cluttered with exception handling code everywhere.

RuntimeExceptions are rare errors that could be prevented by fixing your code in the first place. For example, dividing a number by 0 will generate a run time exception, ArithmeticException. But rather than catching the error, you could modify your program to check the arguments for division function and make sure that the denominator > 0. If it is not, we can halt further execution or even dare to throw a exception of our own: IllegalArgumentException.

In this case, the program got away by verifying the input parameters instead of catching RuntimeExceptions.

So when is it OK for an application to catch RuntimeExceptions?

A while back, I architected a high-performance traffic director with the goal of operating in the proximity of 10,000 transactions per seconds (TPS). The project had a very high availability criteria and one of the requirement was that it “must-never-exit”.

The director performs minimum amount of processing on each transaction before passing it further. Transactions came in two flavours, call them: A and B. We were only interested in transactions of type A. We had a transactions handler to process type A. Naturally, it “choked” run time exceptions when we passed in transactions of type B. The solution? Create a function and pass it every single transaction. If it returned true, we continued to further processing. Otherwise, we simply ignored the transaction, and continued onto the next one.

boolean checkFormat(Transaction t) {
//return true if the t is of type A. false otherwise.
}

This worked well, except…..

… the analysis showed that this function returned false only once a year. The reason, 99.99999999999999% transactions were of type A. Yet, we were subjecting every single transaction to be checked. This does not sound so bad, but due to the nature of transactions, the only way to differentiate was by doing expensive String comparison on various fields.




When this finding was brought to my knowledge, I immediately had the `checkFormat(…)` function removed and instead let the handler do it’s course and throw RuntimeException upon encountering transaction of type, B. When the exception gets thrown once a year, we catch it, log it and move onto the next transaction. The result: improvement in performance, and room to squeeze in additional calculations.

Summary

Exceptions in java are either checked or unchecked. Checked exceptions must be caught in the program otherwise the compiler will complain. While Java encourages developers to follow certain guidelines when it comes to exception handling, there aren’t any hard and fast rules and the rules are often bent.

Source https://10kloc.wordpress.com

keep-this-java-cheat-sheet-on-hand-while-youre-learning-to-code

Keep This Java Cheat Sheet on Hand While You’re Learning to Code

If you’re looking to learn a programming language that’s cross-platform and easily accessible, Java is one of the most practical languages out there. This handy cheat sheet helps you keep track of the basics while you begin to learn.


4dd480fcce8218568fd05aa3909bca56




Java has been around for quite some time and it’s one of the most widely used languages when it comes to web apps, applets, and even some Android app development. This cheat sheet, from Princeton University’s Introduction to Programming in Java course, makes a great reference for the basics you need to know, like structure, input/output, data types, and functions. Check out the the link below to dig a little deeper into Java at Princeton University’s web site.

 

10-common-mistakes-that-java-beginners-often-makes

10 Common Mistakes That Java Beginners Often Makes

Since Java advent in 1995, Java has changed our lives and exceeding the expectations of people. The Sun Microsystem team that worked on the clock to develop this programming language targeted digital television industry. So, Java was too advanced at that time, Java was also perfect for the internet and other applications.

Over the time, Java has spread everywhere and it’s created own special place in programming world. The language is easy to learn but most of people do 10 common mistakes in Java programming.

This list is based upon the study of 250,000 java programming beginners from all over the world by the Data scientists. Using around 37 million compilations, they revealed the most common errors a developer makes during coding in Java.

10 Common Mistakes Every Beginners Java Programmers Makes





Let’s go ahead, here’s is top 10 most common errors made by every beginner Java programmer.

  1. Unbalanced parentheses, curly braces, brackets, and quotation marks, or using these different symbols interchangeably, such as in: while (a == 0].
  2. Invoking methods with wrong arguments or argument types, such asin:get(“abc”).
  3. Control flow can reach end of non-void method without returning, such as in:
1
2
3
4
5
6
7
<em>public int foo(int x)
{
  if (x &lt; 0)
    return 0;
  x += 1;
}
</em>




  1. Confusing the assignment operator (=) with the comparison operator (==), such as in: if (a = b).
  2. Ignoring or discarding the return value of a method with non-void return type, such as in: toString();.
  3. Use of ==instead of .equals to compare strings.
  4. Trying to invoke a non-static method as if it was static, such asin:toString();.
  5. Class claims to implement an interface, but does not implement all the required methods, such as in:class Y implements ActionListener { }.
  6. Invoking the types of parameters when invoking a method, such as in:foo(int x, String s);.
  7. Incorrect semicolon in ifstatements or forand while loops, such as in: if (a==b); return 6;

Source https://techxerl.net/

common-multi-threading-mistakes-in-java

Common Multi-threading Mistakes in Java – Calling run() instead of start()

Writing multi-threaded and concurrent programs is not easy, not even in Java.  Even senior developers, including myself, make mistakes while writing concurrent Java applications. This is also one of the trickiest area of Java programming language, where misconceptions outnumbers concepts. Considering amount of misconception an average Java programmers has about multi-threading and concurrency, I thought to start a new series about common multi-threading mistakes done by Java programmers; what is better way to learn from common real word mistakes. Learning from mistakes has another name Experience, but if you only learn from your mistakes then there is only limited things you can learn, but if you learn from other peoples mistake, you can learn much more in short span of time. Have you ever thought, Why writing multi-threaded code is difficult? IMHO, primarily reason for this is that it multi-threading makes it hard for a code to speak for itself. Programmer read code sequentially to understand how it’s executed, but it is only correct if one and only one thread is executing it. That’s why Single threaded code are easy to read and debug. As soon as two threads comes into picture, It become very difficult to make prediction about how your code behave, especially in the absent of any synchronization rules e.g. rules enforced by Java Memory Model. Without JMM you can not make correct prediction about your code in a multi-threaded environment, because it’s possible for one thread to stop at arbitrary point and another thread at different point. Situation becomes even more tricky if those threads are sharing data between them e.g. in form of objects, a poorly written multi-threaded program can cause deadlock, race condition and responsiveness issues, which will prevent a Java application to fulfil it’s promise. I hope, in this series we can learn from each other’s mistake and take a step forward on writing correct multi-threaded application in Java.

Using Run Instead of Start

I am starting with one of the simplest example, this is very common mistakes by junior programmers and caused by half knowledge. They know that anything written in run() method of Runnable interface or Thread class will execute in another thread, but doesn’t know how to create another thread in JVM.

Consider following code :


class KingKong {

    public static synchronized void main(String[] args) {
        Thread t = new Thread() {
            public void run() {
                kong();
            }
        };

        t.run();
        System.out.print("King");
    }

    public static synchronized void kong() {
        System.out.print("Kong");
    }
}

What Does It Print?
(a) KingKong
(b) KongKing
(c) It varies
(d) Compile time error

We had this question in our Java written test and you will be surprised by the percentage of answers, whopping 50% answers It varies, 10% says compile time error, another 15% picks answer a, KingKong and rest of 25% chooses KongKing. We also ask to write explanation of why they choose a particular answer, just to avoid picking someone who is guessing their way. The 50% developer, who chooses It varies, mentioned that there is no guarantee when a thread will start, so it possible that if main thread finishes first it will print KongKing and if new thread executes before main thread. Wow, what do you say about these developers, seems a decent lot of programmer who knows some part of multi-threading but overlooked critical detail. The next 10% programmer, who chose Compile time error were unsure whether main method can be synchronized or not and thought that compiler will not like. Next 15% says because “King” comes first in code, it will be printed first and “Kong” will be printed later. The Last 25% who chose “KongKing” are the people who got it correct. We were literally disappointed with these numbers because it wasn’t such a difficult of tricky question, but I agree some time it’s difficult to spot a typo and that’s what makes this error very hard to debug.

Why Code Print KongKing and not KingKong?




Common Java Multi-threading Mistakes

Correct answer is “KongKing” and this is because of one typo in code. Intention of this code is to create a multi-threaded program, but because of t.run() it actually turned into a single threaded program. In Java, though it is true that calling Thread.start() will call Runnable.run() method but complete truth is that calling start() actually creates a new thread, and that new thread executes the run() method. If you directly call the run() method then no new thread will be created and the thread which is running the code will go to run() and execute it fist and then comeback to it’s previous point. Like in this case, main thread will execute run() method first, and thus print “Kong” before coming back and printing “King”, that’s why output is “KongKing”. When I quizzed about these to some programmer who were otherwise good but got this answer incorrect insisted that run() will call on new thread because they are calling as t.run() where t is new thread object. So apart from typo, this is the key misconception some Java programmer has. This is even more fundamental in nature because it highlight difference between code and thread. Here definitely run() is called on t, which is a new thread, but the thread which is executing code is not thread t, but main thread. t is not yet started because you have not called the start() method. If you copy past above code in Eclipse IDE and debug it you will see the truth, as shown below.

How to debug Multi-threading Programs in Eclipse

You can see that we have put the breakpoint right at the point where run() method is called i.e. t.run(). When you step Into this method, you will see that main thread is executing run() method and not the new thread. Now if we just changed the t.run() to t.start(), your program will become multi-threaded and a new thread will be created when main thread will execute line t.start(), later run() method will be called in this new thread, here is the screenshot of that.

Difference between Start and Run Method in Java thread

That’s all in first post of my new series of common Java Multi-threading mistakes. Always use start() method to start new threads and make your program multi-threaded, don’t call run() method directly. Compiler doesn’t prevent you but it create subtle bugs. By the way, difference between start() and run() method is also very common question on Java interview. Let me know how do you find this article and don’t forget to share what multi-threading issues you have faced and what lessons you have learned from them. On closing note, I would share one important tip to understand multi-threading better, debug it. Yes debugging will tell you how many threads are currently executing your code, you can see their stack trace, values of variables they are holding and on which lock they are locking. Debugging multi-threaded program is not easy, but once you do it couple of times, you will find it immensely useful.

Source http://javarevisited.blogspot.in/

qq%e6%88%aa%e5%9b%be20161214194950

Mockplus Christmas Sales & Giveaways for Year End – 64% Off

The holidays are really the most wonderful time of year, and this year Mockplus wants to make them as excellent as possible for their beloved customers. As 2016 Christmas comes around the corner, Mockplus is offering up to 64% discount for its annual billing subscriptions from this page, with no promo code required. Furthermore, here is a round-up of bonus deals for folks working on creative projects. Let‘s go and see more detailed information.

Save 64% Off Mockplus on Annual Billing

Giving user experience and happiness the highest priority, Mockplus now decides to give special 64% discount to reward all existing and new customers. On the regular basis, the monthly price of Mockplus Pro version is $29; while through this promotion link, anyone will be able to enjoy the promotion price of $10.5 per month and save more than 220 bucks while purchasing. Note that, this Christmas promotion will start from Dec 14, 2016 and last until Jan 15, 2017.

qq%e6%88%aa%e5%9b%be20161214194950

 

More Offer for Some Other Offers for University & Team,  please check it at here: www.mockplus.com

 

api

Java Tips for Beginners (5): arrays, input&output

Arrays

// declare an array:

int[] numbers = {1,2,3,4,5}

// or

int[] numbers = new int[5];

for (int i = 0; i < 5; i++){

numbers[i] = i+1;

}




// shorthand way to iterate over the contents

for (int n : numbers){

sum = sum + n;

}

 

Input and Output

API for StdDrawapi

 

Color

Color c = new Color(red,green,blue)

white: (255,255,255)

black: (0,0,0)

built-in colors: Color.GREEN, etc.

 

Coordinate system: default  drawing canvas

(0,1)                          (1,1)

 

(0,0)                          (1,0)

 

location of mouse & if mouse is pressed:

double x = StdDraw.mouseX();

double y = StdDraw.mouseY();

boolean isPressed = StdDraw.mousePressed();




if a key is typed & what is the key typed:

boolean isTyped = StdDraw.hasNextKeyTyped();

char got = StdDraw.nextKeyTyped();

 

report every 100 ms:

StdDraw.pause(100);

 

Typical animation loop:

while (true) {

  • StdDraw.clear();
  • Draw stuff
  • StdDraw.show(50);

}

how-to-compile-and-run-java-code-from-a-command-line

How to Compile and Run Java Code from a Command Line

Being spoiled by IDEs and automated building tools I recently realized that I don’t know how to run java code from a command line anymore. After playing a guessing game for an hour trying to compile a simple piece of code that took 5 minutes to write, I thought maybe it’s time to do a little research.how-to-compile-and-run-java-code-from-a-command-line

Task

Lets say we have a fairly standard java project that consists of three top level folders:




/bin – empty folder that will contain compiled .class files

/lib – contains third party .jar files

/src – contains .java source files

Our task would be to compile and launch the project from its root folder. We will use Windows OS as example (on Unix systems the only difference would be path separation symbol – ":" instead of ";").

Compiling Java Code

The first step is compiling plain text .java sources into Java Virtual Machine byte code (.class files). This is done with javac utility that comes with JDK.

Assuming we are at the application root folder trying to compile Application.java file from com.example package that uses lib1.jar and lib2.jar libraries from lib folder to a destination bin folder, compilation command should have the following format:

javac -d bin -sourcepath src -cp lib/lib1.jar;lib/lib2.jar src/com/example/Application.java

As a result bin/com/example/Application.class file should be created. If Application.java uses other classes from the project, they all should be automatically compiled and put into corresponding folders.

Running Java Code





To launch a .class file we just compiled, another JDK utility called java would be needed.

Assuming we are at the application root folder trying to launch Application.class file from com.example package that uses lib1.jar and lib2.jar libraries from lib folder, the launch command should have the following format

java -cp bin;lib/lib1.jar;lib/lib2.jar com.example.Application

Note that we don’t provide a filename here, only an actual class name that java would attempt to find based on provided classpath.

Some Notes About Classpath

Lets say during Application.java compilation a compiler stumbles upon some com.example.Util class. How to find it in the file system? According to Java file naming rules, Util class has to be located somewhere in Util.java file under /com/example/ folder, but where to start searching for this path? Here is where classpath comes into play which sets the starting folder for searching for classes. Classpath can be set in 3 different ways:

  • If no --classpath parameter is passed, CLASSPATH environment variable is used
  • If CLASSPATH environment variable is not found, current folder (".") is used by default
  • If --classpath is explicitly set as a command line parameter, it overrides all other values

The fact that classpath when set overrides default value (current folder) can cause some unexpected results.

For example if we don’t use any third party libraries, only our own com.example.Util class, and try to compile Application.java from the src folder:

javac com/example/Application.java

this would work, but then if we decide to add a third party libarary to the classpath:

javac -cp lib/lib1.jar com/example/Application.java

it would cause an error:


package com.example.Util does not exist

This happens because when we set -cp lib/lib1.jar we override default value for the classpath – current folder. Now a compiler will be looking for all classes only inside that jar file. To fix this we need to explicitly add the current folder to the classpath:

javac -cp .;lib/lib1.jar com/example/Application.java

Source http://www.sergiy.ca/
weight-loss2

7 Sleeping Habits That Makes You Fat

As nations continue to strive with epidemic of obesity, lifestyle changes that can curb anyone’s weight are becoming very important. People realize the link between sedentary lifestyle or poor diet and weight gain. What is still to discover is the link between unhealthy weight and sleeping habits. Below are 7 sleeping habits that makes you obese.

Eating too late

Late night eating or snacking raises body’s insulin levels and in turn causes body to produce less melatonin that leads to poor sleep as well as growth hormone that boosts body’s cells. To avoid this issue, keep 3 hours before bed time snack free.

Exposure To Light

Be it security light out in the street or alarm clock light, it can interfere with release of growth hormone and melatonin which raise cortisol level that is found to be connected with weight gain, particularly around abdomen. To avoid this ensure to sleep in dark room or keep digital devices away

Drinking Late

While you want to keep your body well hydrated, drinking too much before bed can be a problem. It increases the chances to get up in middle of sleep for bathroom run and interrupt your sleep pattern, which in turn, can put you at serious risk to obesity. Stop drinking at least 2 hours before bedtime.

Nighttime Exercise
While sedentary lifestyle isn’t good, exercising too late can also be a problem, because it raises body temperatures as well as suppresses release of melatonin, which lead to sleep problems because of elevated release of hormones such as cortisol and dopamine that are stimulated by activity. Better is to avid heavy exercises at least three hours before sleep.

Late Night Computer Use or Watching TV
Most people unwind at night by watching TV shows or web surfing. As this is tempting means to decompress at end of a long tiring day, it can interfere with good night’s sleep due to stimulating dopamine and cortisol.

Warm Bedroom

When bedroom is too warm, it causes poor sleep. Without cool environment, release of growth hormones and melatonin are disrupted which makes it less likely that body will burn fat during sleep Read More. Ensure that the room must be at around 70 degree Fahrenheit.

Tight-Fitting Clothes
Wearing tight clothes may be an underwear, bra or pajamas is uncomfortable and it can raise body temperature as well as disrupt hormonal patterns and interfere with your sleep. Sleeping nude or wearing light weight loose clothes is best.

9-security-mistakes-every-java-developer-must-avoid

9 Security Mistakes Every Java Developer Must Avoid

Java has come a long way since it was introduced in mid-1995. Its cross-platform characteristics have made it the benchmark when it comes to client-side web programming. But with cybercrime and hackings reaching epidemic levels due to its widespread usage and distribution, the need for secure Java development has become the call of the hour.

A recent Kaspersky lab report mentions Java as the most attacked programming language, with more and more hacking incidents beingreported worldwide. Java’s susceptibility is largely due to its segmentation problem. Not all developers are using the latest version (Java 9), which basically means that the latest security updates are not always applied.

The growing consensus within application security circles is that high code integrity is the best way to make sure applications are robust and immune to the top hacking techniques. The following article contains 9 recommendations loosely based on the OWASP Java project, a comprehensive effort to help Java and J2EE developers produce robust applications.

9 Coding App Sec Malpractices Every Java Developer Must Avoid

AppSec Malpractice 1 – Not Restricting Access to Classes and Variables

A class, method or variable left public in Java is basically an open invitation to the bad guys. Make sure all of these are set to private by default. This automatically improves the robustness of your application code and clogs potential attack avenues. Accessors should be used to limit accessibility and non-private things should be documented clearly.

AppSec Malpractice 2 – Depending on Initialization





Developers should be aware of the fact that constructors are not compulsory to instantiate objects in Java. The existence of alternate methods to allocate non-initialized objects is a security issue that must be taken care of. The ideal solution is to program the classes in a way that the objects verify initialization before performing any action.

This can be achieved by following these steps:

  • All variables should be made private. External code should be able to access these variables only via the secure get and set method.
  • Each object should have the initialized private Boolean variable added to it.
  • All non-constructor methods should be made to verify if the initialized is true before doing anything.
  • If you are implementing static initializers, make sure all static variables are private and use classInitialized. Just like mentioned above, the static initializers (or constructers) must make sure classInitialized is true before doing anything.

AppSec Malpractice 3 – Not Finalizing Classes

Many Java developers forget to make classes (or methods) final. This is a malpractice that can potentially enable the hacker extend the class in a malicious manner. Declaring the class non-public and relying on the package scope restrictions for security can prove to be costly. You must make all classes final and document the unfinalized ones if really needed.

AppSec Malpractice No.4 – Relying on Package Scope

Another problem of medium severity in the Java programming language is the use of packages. These packages assist in the development process as its puts together classes, methods and variables for easy access. But hackers can potentially introduce rogue classes into your package, enabling them to access and modify the data located within it.

Hence, it’s advised to assume packages are not closed and potentially unsecure.

AppSec Malpractice No.5 – Minimize the Usage of Use Inner Classes

There has been a traditional practice of putting all privileged code into inner classes, which has been proven to be insecure. Java byte code basically has no notion of inner classes, which basically provide only a package-level security mechanism. To make matters worse, the inner class gets access to the fields of the outer class even if it’s declared private.

Inner classes reduce the size and complexity of the Java application code, arguably making it less buggy and more efficient. But these classes can be exploited by injecting byte code into the package. The best way to go is not to use inner classes altogether, but if doing so make sure they have been defined as private, just like the outer classes.

AppSec Malpractice No.6 – Hard Coding




One of the most common security blunders committed by Java developers is the hard-coding of sensitive information. This programming error involves the insertion of sensitive passwords, user IDs, PINs and other personal data inside the code. Sensitive information should be stored within a protected directory in the development tree.

AppSec Malpractice No.7 – Allow the Echoing Of Sensitive Data to the UI

The java.io package has no method to ensure the protection of sensitive data. The keytool application that comes by default with the JDK echoes user-input. Java developers should make sure thata fixed char is displayed for all keystrokes (commonly “*”). For example, javax.swing.JPasswordField can be used in Swing GUI applications.

AppSec Malpractice No.8 – Not Paying Attention to Class Cloneability

The cloning mechanism available in Java can enable the hacker to create new instances of the classes you have defined. This can be performed without any constructed execution. Safe Java development is basically the turning of the objects to non-cloneable. This can be achieved with the help of the following piece of code:

appsecmalpractices-1

If you want to go the cloning route, it’s possible to achieve overriding immunity by using the final keyword. The LOC should look like in the snippet below:

appsecmalpractices-2

AppSec Malpractice No.9 – Overdoing of Serialization and Deserialization

Java has a mechanism that enables the serialization of objects (and vice versa). This is usually used to save objects when the Java Virtual machine (JVM) is “turned off”. But it’s an unsafe practice because adversaries can then access the internals of the objects and illegally harvest private/sensitive attributes. The writeobject method can be used to prevent serialization.

appsecmalpractices-3

Developers should not serialize sensitive data, because then it’s out of the control of the Java Virtual Machine (JVM). If there is no workaround, the data should be encrypted.

The same thing applies for deserialization, which is used to construct objects from a stream of bytes. A malicious attacker can try to mimic a legitimate class and use this technique to instantiate an object’s state. A technique, similar to writeobject, is available to prevent deserialization. As shown below, this security method is called readobject.

appsecmalpractices-4

The Secure SDLC & Static Code Analysis (SCA)

Unfortunately, even the securest of development guidelines and rules are not enough to ensure flawless Java application code. Developers’ errors and the numerous changes made to the code during development eventually lead to vulnerabilities and loopholes in the application code. But organizations should be able to detect these as soon as possible.



There are a wide range of application security solutions available in the market today, each offering their unique functionality and advantages. But the ideal solution should provide a comprehensive feature-set with the ability to be integrated into all stages of the Software Development Life Cycle (SDLC), if possible enabling automated testing for optimal results.

Static Code Analysis (SCA), belonging to the Static Application Security Testing (SAST) methodology, is one such solution. The benefits of this technique are many. They include:

  • Creation of a secure SDLC (sSDLC) – With the scanning solution integrated into all stages of the development, application code can be scanned even before the build is achieved. Testing the source code enables the early mitigation of vulnerabilities and significantly speeds up the development process.
  • Versatility – SCA can blend in seamlessly into virtually any development environment and model. This can be the traditional Waterfall methodology or the Continuous Integration (CICD) model.This testing solution is also effective in Agile and DevOps environments, thanks to its fast scanning speeds and accurate results.
  • Optimal mitigation performance – SCA has the unique functionality of showing developers where exactly the detected vulnerability is located within the code, allowing a quick and effective fix. This security solution also scans a wide range of programming and scripting languages with wide framework compatibility.
  • Wide vulnerability coverage – SCA covers a wide range of issues – starting from application layer vulnerabilities all the way to code flaws. Even advanced analysis is available. For example, business logic flaws can be detected by scanning the source code. This gives organizations and developers a comprehensive security solution.
  • Return of Investment (ROI) – To sum it up, early vulnerability detection significantly shortens remediation times and enables faster development. This helps avoid delays and minimizes the need for resource-hogging maintenance procedures. In other words, organizations can save a lot of time and money.

Java application security can be achieved when developers and the security brass work hand in hand and take the steps mentioned above. While developers can and should practice safe coding and produce code with high integrity, CISOs and security officers should implement the right solution to seal off the loopholes and vulnerabilities as early as possible.

Only a proactive approach from all sides involved can help organizations create secure applications.

Source javacodegeeks.com

waterfall-braids-hairstyle-1440x564_c

5 BRAIDED HAIRSTYLES 2017 FOR WOMEN AND GIRLS

When we talk about hair up do or tying the hair, our mind immediately go towards making ponytail or bun. Beautifully done hairstyle with good texture given by braiding makes you look attractive among all. Woman and girls are always worried about their hairstyle. They want to make hairstyle differently and elegantly according to the type of dress they are wearing. There are so many types of braid that you can make for example french braid, fish braid, dutch, waterfall, ladder etc. You can use two types of braid in one hairstyle to add variety. In this article you will find 5 braided hairstyles 2015 for women and girls not only for long hair but also for short hair. These tutorials will help you to style your hair differently at home easily. No matter what your hair type you can style them within few minutes to get ready for party.

Triple Layered Braided Hairstyle


Triple Layered Braided Hairstyle

This is an amazing braided hairstyle in which braid is done in a different way. For this hairstyle brush your hair properly and if your hair are curly make them straight with the help of heat iron. Once your hair are sleek straight, brush them backwards and divide them horizontally into three layers. Tie the other two layers and start making braid of the first layer in such a way that braid moves gradually downwards diagonally. Make the braid of other two layers in the same manner. This will form a beautiful and attractive design that will make you look different from others.

Bun with a French Braid


Bun with a French Braid

This braided hairstyle 2015 for women and girls is elegant and is appropriate for the working ladies. It can be done with formal dressing like with your business suit or party gown. Your hair is straight or wavy it does not matter. You just need long hair and those who do not have long hair can use artificial bun. Brush your hair and bring all the hair forward. Start making french braid from the hair at neck and gradually move upward. Try to keep the braid tight and close to the head. Then by taking rest of hair in the hand at the top of head make a ponytail. Twist the ponytail and wind it around the pony to make a bun. Use hair spray to fix the hairstyle for long.

Crown Braid with Curls

Crown Braid with Curls

This is another pretty style among 5 braided hairstyles 2015 for women and girls. Brush the hair and part them from left side, take section of hair from heavy part and divide this section into further three parts. Cross the right part over the middle bringing middle towards right then bring left part in middle and middle towards left. This will make the three parts intersect each other right in the middle. Move forward, making braid by adding section of hair ahead in the braid. In this way make a braid around the head in the form of crown. Leave rest of the hair open and curl them with the help of heat iron rod or big rollers.

Waterfall Braided Hairstyle

Waterfall Braids Hairstyle

For this hairstyle you need to straight your hair. Apply a good heat resistant cream or serum in the hair then with the help of straightener straight the hair. Part the hair from middle or one side its up to you. Take a small section of hair from the forehead and divide it into three parts. Cross the right part over middle bringing middle towards right and right part in middle then left over middle and middle towards left. After this pass the vertical strand of hair through the braid and repeat the previous procedure. This will make a beautiful waterfall pattern of the hair in weaving style. Secure the braid either at the back of head or braid it up till the end of hair. Keep rest of the hair open and brush them properly for neat look.

Braided Side Buns


Braided Side Buns

Braided side buns look cute especially on teenage girls who want an innocent and sweet look. Detangle all the tangles in the hair by brushing and part the hair right from center into two equal parts. Start making braid on one side and tie the end with hair band then roll the braid around your fingers to make a roll and fix it with the help of bobby pins. Come to the other part, make a braid and roll it to make a side bun. You can further embellish your hairstyle with ribbons or doodles of different colors and also with beads.

These 5 braided hairstyles 2015 for women and girls will help you to style your hair easily at home. Try these braided hairstyles to make yourself look attractive.