Computer science

​One of the popular free version of capturing a website statistic is Google analytics. It is a piece of JavaScript code that is included in the web page and submits this data for analysis by Google. I think this analytics data is being used by Google to at least display ads. I don’t work for Google, so it is my speculation. It is possible to do self-hosted analytics of the user behavior in the website, this way data is not being shared with others.

​Retrieval of all columns from a database table can be done with specifying * (star) symbol. It maybe easy to use * symbol for all database queries, but it is a bad habit, being specific and specifying only specific columns is more efficient and it is good practice.

​Postgres database is another popular open source database. Just like MySQL, it has support for major operating systems.

​MySQL is popular database for Linux based software projects. MySQL is a multi platform software. It is also available for Windows OS. You can see a full list of supported operating systems in the download section of MySQL website. MySQL tables can be of different types. I hope that I will describe these table types later. Another popular database that is used in Linux is Postgres.

​LAMP abbreviation stands for Linux, Apache, MySQL, PHP. These are popular technologies to run interactive web applications and retrieve and store results in the database.

​Log files may contain sensitive information, therefore access to these log files needs to be properly secured and only people that need to access information from log files need to have access to that data.

​If the number of servers is low, then it is possible to check logs in individual machines, but if the number of servers is large, then think of some sort of log aggregation. Access to aggregated logs must be secure, reliable and often it needs to be backed up. It needs to be secured so that only people that need to look at the logs will investigate the events. It needs to be reliable, so that access to these logs will be available when it is needed. Often the log files need to be backed up, so it would be possible to investigate historical events. The duration of historical events need to be determined by company’s lawyer, as long duration of log files may represent a liability.

​Many operating systems offer log rotation, so that the events are only get written to the most recent file.

​Logging of systems activities is a good way to investigate what had happened. Operating systems logs indicate severity ratings of the events. In various systems access to logs will vary. If it a single host or low number of hosts, then it is possible to check logs in individual machines. If number of machines is large, then please think of log aggregation. Aggregated logs must be secure and and access to these log files need to be restricted, as the log files may contain sensitive information.

​Disk errors can be checked in Linux using ‘fsck’ command.

​Before a device can be used in Linux it needs to be mounted. This operation happens automatically in Windows, but not in Linux. A device in Linux is made accessible via ‘mount’ command. An opposite functionality to unmount a device is done via ‘umount’ command. It is true for command line interface, most modern graphical user interfaces (GUI) will automatically mount a media when it becomes available.

​Injection vulnerabilities are types of vulnerabilities where a malicious code is inserted into harmless code. This malicious code can perform several types of harmful activities. I will cover each type of harmful activity separately.

​Tool-assisted code reviews can be a good first step of reviewing code for functionality and absence of general code bugs. Tool-assisted code reviews can be done before a human actually performs code review.

​Code reviews can minimize security risks, because before code is released to production, it will be reviewed by several people. Likelihood that a security related issue will slip through this process will be minimized.

​API stands for Application Programming Interface. API is a way for a programs to exchange data, however API can also be exploited for malicious activities. In order to minimize this from happening OWASP project also lists top 10 API security related issues. This list can be obtained from:  https://owasp.org/www-project-api-security/

​OWASP web site lists top 10 security issues of web development. This list gets periodic reviews, so it stays current and up to date. Developers needs to be familiar with the top 10 security related issues to create secure code for web applications.

​CI/CD stands for Continuous Integration and Continuous Development. Implementation of it greatly improves speed with which software updates are delivered to existing code. It is often done without a human validation of the changes. Verification of code for common security issues needs to be integrated into CI/CD process. Of course some of the security problems may still slip through automated security verification, but implementation of such validation will greatly reduce likelihood of security issues being in code.

​SDLC stands for software development lifecycle. Security needs to be an important part of it. Security needs to integrated in every step of it. Security need not be an afterthought.

​Software developers need to be familiar with security related issues related to code. OWASP top 10 list is good list of common web applications computer related security issues. OWASP list can be found in OWASP’s website  https://owasp.org

​Bug bounty is program to financially reward people for finding computer related security issues. I had never encountered a bug bounty program.

​Vulnerability scans will uncover existing computer related security issues. Security related issues could be incorrect firewall settings, missing software updates, extra software running on hosts. For example a host that is supposed to be a dedicated database server has a web server running in it.

​At the end of the security exercise it is possible to get red and blue team together to discuss tactics.

​Security exercises are a good way to check if you are ready to handle an actual security issue, and to check if you infrastructure is ready to deal with a security incident. People are divided into three teams: red, black and white teams. Red team is a defending team. Black team is trying to exploit weaknesses. White team consists of judges.

Unit tests are piece of code that runs to verify the functionality of the main code is correct. Unit tests have values that are submitted to the function, and it has a value that is expected to be returned by that function. If the return value of that function is different from the value that is expected, then it is an indication of that function had been implemented improperly, or that expected value is incorrect. It is a good practice to tie release of code, when unit tests pass, meaning that this software is coded properly. Along with expected value of unit tests, another value to look at is test coverage. High test coverage means that majority of the code is being tested. Unit tests is a good indication of that the code had been written properly.

A touchpad is common to laptops to act as a computer mouse. It senses movements of a finger and a mouse pointer moves in the same direction as fingers go on a touchpad. A touchpad is usually accommodated with buttons that correspond to left and right mouse button.

​A disk partition is a logical division of a physical disk device. In Windows OS disk partitions have labels C:, D: and so on. In non-Windows operating system disk partitions are labeled as sda1. Where letter “a” points to the first physical device and numerical portion of it points to numerical sequence of a partition.

​If you had used Windows operating system, then one of the things that will be unusual to you is naming of file paths. A file path in Windows starts with a letter of English alphabet, such as C:. However in Linux, BSD, Apple operating systems, beginning of files is denoted with / (forward slash). Here are some of the popular folders in these operating systems. (Please note that Apple OS is based on FreeBSD, but files location maybe different. / - root - beginning of files and folders structure. It is top level directory. /bin - user executable files that are important for OS operations. ls or mv is located in it. /sbin - location of essential executable files for root user. For example reboot file is located in it. /etc - location of configuration files. Please note that most of configuration files will be placed in subdirectories associated with their programs. /lib - shared libraries used by applications that are located in /sbin and /bin directories. /boot - location of boot related...

​There are a number of utilities that will compress files. Why is it needed to so? There are couple of reasons to do so: 1. Compressed files will take less space on disk. 2. Compressed files are easier to transfer over the Internet, because a single file will be transferred and not multiple files.

​A port replicator is a device that allows for common computer ports to be accessed from a single standalone device. In my personal opinion, it has very minimal value.

​Docking stations for laptops enhance connectivity options for a laptop and make a laptop functionality on par with a desktop computer. A docking station for a laptop is a piece of hardware where a laptop is plugged in to and allows for other devices such as a monitor, a keyboard and a mouse to plug in to. Docking stations are inexpensive.

​It is important to have a good attitude for worker who works with computing equipment. After all computing equipment is used by other people and it is important for a person that works with computers to not only know well computer equipment, but also know well how to interact with people. Appearance is an important factor how others think about a person. If a person who is working with computer equipment comes with holes in the pants or clothing that is dirty, then such a person will not be trusted by others. If a person cannot take care of him or herself, then how such a person can take care of computer issues that is experienced by another person.

​A security test can be broken down into four phases: These phases are: initial access, privilege escalation, lateral movement, establishing persistent access. Initial access means using a found vulnerability to gain access to this company network  Privilege escalation means elevating initial privileges. Pivoting or lateral movement means obtaining access to other systems using the initial system. Establishing persistence. It is usually done using some sort of backdoor that makes access to a vulnerable system easy.

​Reconnaissance phase of a penetration test is the initial phase of this test, when information about systems is being gathered. There are two methods of how the I formation can be gathered: passively or actively. Passive reconnaissance means that the administration team of the organization is not providing any details to the penetration test team. Penetration team is on its own to find out details. Active reconnaissance means that administration team will be providing details to the penetration team.

​Rules of engagement of security testing is a written document that defines what needs to be done during or after security assessment. Rules of engagement define the following items/ Timeline of the assessment. What is included in the assessment. How to handle data, once the assessment is complete. The results of the security assessment often contain sensitive data, and it needs to be clearly defined what can be done with the results. This document needs to also include expectations of behavior from the people of the organization against which the security assessment is done. If such a test is detected then should people allow it or block it? Which resources are committed to this test. Legal consequences of the test. Test needs to clearly define what is included in it. How often results of the test needs to be reported? Where the results of the test will be available.

​Bug bounty rewards are usually financial rewards for finding out bugs or vulnerabilities in publicly available software and reporting these issues back to that company.

​There are three types of penetration testing. These types are white-box, black-box and grey-box testing. White-box testing means that test is performed with a full knowledge of people who manage systems. Black-box testing means that there is no knowledge by the personal that manages systems that the security test is being performed. Grey-box testing means that there is a partial knowledge of test that being performed.

​it is important to understand which things represent danger to an attacker and implement theses. This is the list of things that can be implemented. This list can be expanded with other things, but it should give you a good idea what can be implemented: - security cameras - audit of cash register receipts  - theft detectors at doors  - exit alarms at emergency exit doors - burglar alarms

​Penetration testing is a testing of infrastructure and applications to expose weaknesses before an actual attacker can exploit these. Penetration testing results in a report of which weaknesses need to be fixed. Often such a report includes severity of issues that had been found. High severity issues need to be fixed, since they provide greater risks. I am not saying that lower severity issues need not to be addressed, they need to be addressed, but they represent lower risk than high risk issues.

​Encrypting data varies in strength. Even so easy encryption does not use as much CPU resources and more secure encryption methods, such encryption need not be used for encryption of sensitive data such as user names and passwords. If this data is intercepted and decrypted then username and password data will be available to an attacker. Modern encryption such as SSL or SSH provide secure solutions.

​Telnet and FTP protocols do not provide any encryption. Usernames and passwords information there is being transmitted in clear text. Such data can be accessed by monitoring network traffic and credentials can be easily retrieved. Such protocols need to be replaced with secure alternatives. Telnet can be replaced with SSH and FTP can be replaced with SFTP or FTPS. If telnet is in use, then this is an indication that a legacy system is in use, please think of upgrading it to a more modern solution.

​Error messages can provide useful information during development or testing phases of an application. I am thinking of a web application, because it will be used by many users and not the desktop application that is designed to be used by a single person. Web application when moved to production need not to show debugging information, such data can provide additional details to an attacker of how to exploit applications or systems that you have.

Learning mathematics requires patience, it is not a week long process. When a person goes to a school, that person learns about math concepts in early grades, then math advances, and advances more. Studying of math is not done with a school, it goes into a college or university life. Math is a fundamental subject, however math is applied in such a field as computer science. Many white color jobs require good knowledge of computers, and good knowledge of math is a prerequisite for that. Learning math and math related subjects may take years. It is a long process and an adult person needs to realize that. For a young child learning math fundamentals is a natural process. It starts with learning basics, then advances, then advances some more. I encourage people who read this information in my blog, or watch my YouTube videos, to learn math and math related subjects because learning math opens up doors for high paying jobs with good benefits.

​In addition to combining multiple files into a single file, it is possible to compress these files into a single file. Benefit of doing so is reduction in size for storage and for transfer. Different file types will have different compression ratio. Usually text files and documents will have high compression ratio, but music and video files especially if they had been already compressed will have poor compression ratio. Popular compression utilities are Winzip, Winrar, gunzip.

​Multiple files can be combined with tar. Transfer of a single file is easier than transferring multiple files. It is possible to extract combined files into original files. In addition to combining multiple files, it is possible to compress them.

​Lossy compression is reduction in size, but the media is still useable. I say media, because lossy compression is usually applied to media files. Audio, video, image files can be compressed with lossless compression. Lossy compression can be used to reduce size of media mainly for transfer. Lossy compression has compression ratio. High number of compression means high reduction in size at the cost of quantity. The opposite of lossy compression is lossless compression.

​Open TCP ports may cause a security issue. For example a web server may be running in the server where it not supposed to be. System administrators need to know what is going on in the systems. Port scan can reveal open TCP ports.

​User permissions need to be carefully analyzed and only necessary permissions need to be assigned to a user. It may be a temptation to give a user greater control over the system, however this greater control may be exploited. Different users will need different levels of control. Some are power users, and such users will need to have greater control over a system, however some are just regular users, for which greater control over a system is not needed. Please also think of different modes. Most of the computer’s functions don’t require administrative level of access. Only functionality that requires administrative level of access need to be executed with administrative account, however regular activity needs to be performed using regular account. By doing so, level of exposure to harmful activities will be minimized.

​Open network ports provide opportunity for exploitation by an attacker. System administrators or security administrators may understand risks of having open network ports. Such network traffic may be allowed on an internal network, but it is likely that such traffic need to be blocked by the network traffic rules.

​Some systems may come with default accounts that can provide a great risk of a system of being compromised. I had written systems, but it is very well can be applied to applications if they are accessible from the network and provide their own authentication.

​Default settings of either an operating system or an application may cause a security risk. It is needed to review what is being used and enable features that are only needed to support such operations.

​Companies will only support their software for so long, they will release new versions that have different functionality. Older software may go to extended support and then stop getting support at all. In this case a company that runs older software is on its own. One of the examples of it is older version of Windows OS. Microsoft had announced for how long they would support their version of operating system, so it was not a surprise for people who manages that software, they had plenty of time. Older version of Windows OS went to extended support and support for older version of that OS stopped to exist at all. I provided an example of Windows OS, but the same rule applies to Apple OS, Linux, BSD flavors and various applications.

​It is good to manage software that is actively supported, however some of the applications require older versions of operating systems that is no longer supported by the manufacturer. In this case a person that manages that software is that on his or her own. It also applies to the applications and not only to operating systems.

​Most of security related issues can be resolved by installing software patches. For example Microsoft releases patches on monthly schedule. Other operating systems have patches too. Updates are not limited to operating systems. Updates are also available for various software as well. Some of the applications are available with the operating system, and operating system updates are likely to patch these. However it is possible to install software which is not bundled with an operating system, in this case updates for that software need to be checked separately. Please be aware that installing updates may cause breakage of functionality, so installing updates is a sensitive process. Third party tools exist that help to perform analysis and installation of software updates in multiple computers. Installation of patches is one of the core responsibilities of a system administrator. A security administrator may tell a system administrator that a specific patch is missing. Whose responsibil...

​Security scanning reports need not be the only source of security related data. They can be correlated with other sources. Such sources include: Logs. There are different types of logs. Logs will show if there are attempts to exploit a vulnerability, or if that vulnerability is being used. Security logs can be correlated with other logs. Correlation  of logs can be done with help of SIEM tools.

​A security scan can generate report with inaccurate information. Two types of false results can be listed. False positive - is a record that shows that vulnerability is present, however this result is inaccurate. False negative - is a condition where a vulnerability is present, however it is omitted from the security report.

​A human is needed to verify scan results, because security scan results may contain inaccurate information. For example security scan may rely on the version number of a specific software to report that such a software is vulnerable, however version information of a software maybe intentionally changed in the configuration files to provide bogus information.

​A vulnerability will have different levels of exploitation. Some vulnerabilities will be easy to exploit and some will require a lot of effort.

​CCSS score is overall score of a vulnerability impact if such a vulnerability is exploited. Multiple metrics of a vulnerability are added up and divided to get a single score. This single score will show how bad the vulnerability is.

​If a vulnerability is exploited then different levels of impact can be caused by exploiting this vulnerability.

​If a security hole is exploited then availability of such a service may be impacted. A service may suffer very large availability impact or none at all.

​If security hole is exploited, then integrity of the data can be altered. Different security vulnerabilities have different levels of integrity impact.

​Compression of files is reducing files size and grouping many files inside of an archive file. Compression of files uses lossless compression, so it is possible to restore original data from that file archive. There are a number of compression algorithms. Some have better compression than others. Some have greater speed. Please choose compression format and application that fits your needs the best. If you are planning to share files outside your organization, then choosing a popular compression format will ensure that files can be opened by others. Popular compression algorithms are zip in Windows, and tar.gz in Linux, BSD, Mac. Distribution of files over the Internet is usually done in compressed format, because compression will reduce storage needed for files and network bandwidth and time to transmit archived data over the Internet.

​A good tool to scan network ports is nmap. nmap stand for network mapper. nmap has a number of options has its scan will be performed.

​A vulnerability may have a different impact of confidential data to be retrieved if such a vulnerability is successfully exploited. For example if usernames are retrieved,  then such data can leak data about users. If usernames consist of first and last names, then such data will be accessed also.

​A vulnerability may require specific permission of being exploited. For example logging in to a system is required to exploit a vulnerability. It doesn’t mean that such a vulnerability will not need to be fixed, it just means that one more step is required to use it.

​It is common for a vulnerability to get CVSS (CVSS stands for Common Vulnerability Scoring System) rating. CVSS score will tell how bad such a vulnerability is. CVSS has a numerical value associated with a vulnerability, the score ranges from 0 to 10. 0 means minimal impact and 10 means maximum impact. CVSS is the way vulnerabilities can be prioritized. A person that is fixing issues needed to focus on higher CVSS scores first, because such vulnerabilities have potential to cause more harm. It doesn’t mean that vulnerabilities with lower score can be disregarded, they just represent less harm. For example a version of web server maybe known. By itself such information can not be exploited, however knowing a version of a we server can be combined with other vulnerabilities, such as how such a web server can be exploited.

​There are couple of factors that need to be mentioned about vulnerabilities. First one is how easy that vulnerability to exploit. If such a vulnerability is very difficult to exploit then an attacker will need to spend a lot of time and effort to use such a vulnerability. Second factor is the impact. A vulnerability may exist, but what danger it represents if not patched. Some vulnerabilities will provide an attacker with additional information, such as version of a web server that is being used. By itself it is just information only vulnerability, however if this information is contained with other sources, then it can represent more danger. For example an attacker may learn for such a web server can be exploited.

​Web applications is a good way to represent or get an input from users, however web applications also can represent a danger to a company, if such web applications are not properly secured and input from a user is not sanitized. For example it is possible to create a user form that does not sanitize its input. Such a form can be used by a malicious person to craft specially designed URL that has domain name of that website, however upon clicking such a link a user will be taken to a malicious website. A user may think that one website is being browsed, but in reality totally different website is being used.

​Below is the list of commonly used network scanners: Tennable’s Nessus, Qualys, Rapid 7, Open VAS. These are four commonly used network security scanners. This list can be expanded.

​Vulnerability scanning is process of systematic systems scanning for security vulnerabilities or misconfiguration. This scanning needs to be done on periodic basis. It is hard for me to recommend a specific schedule, because if I recommend a schedule and a system is exploited during this time period, then I will be one to blame. For example Microsoft releases their fixes once a month, vulnerability scanners are updated with the new definitions shortly after that, however software fix is not the only source of software security issues. Software can be patched well and at the same time can be misconfigured. Please figure out schedule on your own I don’t want to be responsible for recommending one. I can say that security scanning which is done once every year or even every three months is too long of a time period. Security scanning needs to be done more frequently than that. As far as I know Microsoft also releases out of band security fixes, which do not follow a specific schedule, bu...

​It is a good habit to assign CVSS value to each vulnerability. CVSS stands for Common Vulnerability Scoring System. Each vulnerability has different difficulty to exploit and different harm this vulnerability can cause. Both of these are taken in consideration when CVSS values are assigned.

​False negative is a security related issue that is not reported by the vulnerability scanner. False negatives may be reported by an outdated scanning software, or by performing a security scan of a device which network traffic is filtered by a firewall. False negatives may give a false sense of security. Updating security scanner on periodic basis is a good habit.

​ ​A false positive has a meaning that a vulnerability does not exists, however a scanner reports that this issue exists.

A vulnerability scanner is a software tool, that finds weaknesses in software or configuration.​ It is one of the tasks that need to be performed by a person who performs security scans, that scanning software and scan definitions need to be updated on regular basis. Preferably these updates are applied before the scan is executed. If scanning software is not updated, than incorrect results will be provided, Updating a security scanner will ensure that the latest functionality is being used, and bugs that were found before are fixed. Doing it does not guarantee that new bugs had been introduced. Plugins or scan definitions need to be updated too. Preferably you want to perform a security scans with latest scan definitions, because latest definitions will inform about latest security issues that had been added to the security scanner. Please be aware that latest security definitions may also provide incorrect information. Likely security definitions had been tested well enough that they...

Binary system consist of just two numbers 0 and 1. It is not difficult to perform operations with just 0 and 1, but a computer does it really really fast. 0s and 1s represent a single bit. The word 'bit' stands for binary digit. 0 represents absence of electrical signal, and 1 represents availability of it. With just one variation of 0 or 1 it is possible to represent just two digits. However these 0s and 1s are grouped into sections of more than 1 slot. They can be grouped into sections, 8, 16, 32, 64. Maybe you have heard of 32 bit processing. This is what that term means, that a single character will be represented by 32 bits, or combinations of 0s and 1s. Number of bits also represent how much RAM, or random access memory can be addressed. Early computers were 8 bits. Having group of 8 bits became a norm, this group of 8 bits forms a single byte. Maximum number of variations with 8 bits is 256. YouTube video

If you love math and excel in it, then a job in IT (Information Technology) is likely for you. Pay and benefits are usually good too. There are a number of jobs in IT. I will list just a few common ones: IT Support Specialist, Software Engineer, Cyber Security Analyst, Database Administrator, IT Manager. Managerial jobs require not only good technology skills, but also good people skills. Managerial skills are usually require good experience. Jobs in IT can be found in online jobs board such as LinkedIn, Dice, Monster. YouTube video

PDA is the abbreviation of words Personal Digital Assistant. PDA devices are small factor digital devices that are able to fit in a palm or a pocket. Smart phones largely replaced PDAs. Today's PDAs can be used in warehouses to assist in checking product inventory. YouTube video

​nmap tool is good free tool to scan for open network ports. Some of the network ports will be opened for system to operate. For example it is expected that port 80 or port for HTTP traffic will be opened at the web server. However if this port is opened at a system which does not need to be serving web traffic it may indicate misconfiguration of that system. Having extra ports opened at a system which doesn’t require these may indicate a misconfiguration of that system and higher utilization of that system. It may also indicate malicious activity. nmap tool has several way which scan will be performed and how that scan will be performed. Please refer to the documentation of nmap tool for details. Before scanning of network ports, an explicit permission from the owner of these systems must be received. Otherwise it can be treated as malicious activity, and can even be punished by judicial system. YouTube video

​It is possible to automate commands to execute by placing commands in a script. Syntax of that script will depend on the operating system that is used and the execution environment. For example in Windows OS it is possible to create a .vbs file.  In Linux like operating systems it is possible to create .sh file. YouTube video

​Linux $PATH variable contains locations which can be used to locate files by default. echo $PATH will display which directories are currently set to that variable. Multiple directories can be assigned to $PATH variable with separating each directory location with ; To make this change permanent, or in other words apply this change to be executed every time Linux session starts, then make the change to session start script. The script name will vary on the shell is being used. For example .bashrc script located in the user’s home directory. YouTube video

​it is possible for Linux to remember last few commands that user had entered. Historical commands can be retrieved with the up arrow key. Each pressing of that key will retrieve one more command from the history. If you don’t want any of the commands to be stored in history, then set history size to 0. It can be done with the following command: HISTSIZE=0 It will apply this change to current session only. If this change needs to be applied always when the session is started for a user, then this change needs to be applied to shell startup files. YouTube video

Video games made computers fun and widely adopted, computers could be used not only by adults, but by the teenagers. Video games made computers popular. YouTube video

An operating system MS DOS which was made by Microsoft was text only, more then that, text was only of one size. Now days it is impossible to think of an operating system in a computer as text only. We are used to use our favorite our favorite text processing application, and insert images there, same we can do with presentations. When we browse Internet, than a web site without images will be boring. YouTube video

Cost of a computer was very high when computers were first developed. Only military and research institutions could afford one. Today computers came down in price significantly. Cost of a new computer is around $500 to $2000. Price of a computer will depend on the configuration of a computer that you want to get. If you want to save money on getting a computer, than look at slightly used computer equipment. I don't recommend saving money and getting old computer, because both hardware and software of that computer may be outdated and will not be able to support modern software. YouTube video

​‘set’ command can be used to view values of environment variables. Please be aware that this command will list all of the environment variables that are configured in that system. Environment variables can be filtered using ‘grep’ command to only show specific ones. ‘grep’ command will filter the output and will only display those lines that match grep’s condition. YouTube video

​‘at’ command can be used to schedule jobs to run in future. More flexibility is done using scheduling jobs with cron. YouTube video

​A Linux script can be changed from running in background mode to run in foreground. In order to transfer a script from running in background mode to foreground mode ‘fg’ command is to be used. fg command accepts an id of the process that needs to be moved to foreground. Moving jobs to background is usually done with long running jobs, and moving them to foreground is done to see current state of that job. YouTube video

​By default Linux scripts or applications run in foreground, meaning it is possible to interact with them and see their output. But there maybe a need to execute these in background . It means this script will be executed, however no output will be displayed to a user. It maybe useful to launch a long running process in a background and check the status of it once in a while. Launching a process in background can be done with appending ‘&’ sign after this process. It is possible to use $! to get id of a process that was executed in background. YouTube video

A vacuum tube is a legacy implementation of what transistors do today. Vacuum tubes were bulky and fragile. Connection to vacuum tubes was not reliable. YouTube video

A punch card is a card with number of rows and columns and holes in specific places to store data. Punch cards were early attempt to store data. The problem with punch cards was if they were accidentally dropped, then it was almost impossible to get them back in order. Magnetic tapes were used to replace punch cards. YouTube video

​CRC is the abbreviation of Cycling Redundancy Check. Every TCP packets includes CRC as part of that packet. It is included there to validate if transmission was successful and not altered in any way. If CRC of the packet does not match CRC of the data, then receiving side realizes that there was a transmission error. Confirmation is not sent by the receiving side to the sender if that packet was received. Sender awaits for specific time period and resends that data again. Commonly from 5 to 12 attempts are made to retransmit a TCP packets. Things that may cause high rate of transmission failures are: faulty network cables or faulty network card, electrical interference, for example if network cables are in close proximity with electrical cables, then it may lead to high rate of network transmission errors. Faulty network card may be a cause of network transmission failures. Overloading network equipment may cause high rate of network transmission errors.

​Multiple network cables can be connected together using a network switch device. In a network switch each connection gets its own dedicated network path. Older network devices (I don’t know if it is even possible now days to get one) are called hubs. Hubs share traffic between all the connections.

​MAC or Media Access Control address is the address assigned to a physical network card. This address should be unique. This address typically consists of six groups of two hexadecimal numbers separated by a colon. When two network cards have same MAC address, then MAC address collision happens. I had used computers heavily for 26 years and had never seen MAC address collisions.

​A network card is used to send and receive network traffic by a computer. A home computer and some server computers may have a network functionality that is built in into the motherboard. Standalone network cards usually have better performance than in-board network cards. Standalone network cards may have more than one port for a network connection, where onboard network interface is usually just one. Separate physical connections can be aggregated or bonded together to form a single virtual network interface. YouTube video

​Commonly used are UTP network cables. UTP stands for Unshielded Twisted Pair. Each wire in a network cable has a pair. For example blue has a pair of white and blue. They are twisted with each other, this is why this cable is called a twisted pair cable. Unshielded cable is because there is no shield that protects this cable from electric  magnetic influences. For example coaxial cables have shields that protect them from electric magnetic influences. UTP cables have maximum length for how long a single run of this cable will run. With increased distance electrical signal will degrade. UTP cables also have maximum rated network speed rating. YouTube video

​Seven layer OSI model consists of the following components. I will just list these layers here, later I will be explaining details of each one. 1. Physical  2. Datalink 3. Network  4. Transport  5. Session 6. Presentation 7. Application Please be aware that these layers are theoretical and implementation of them is different. For example TCP protocol that is widely used, only consists of 4 layers. How does this model of 7 layers fits 4 layers of TCP protocol? A single TCP protocol layer may include more than one OSI model layer. Youtube video

If early computers took up a lot of space, then modern computers don't. You may already have a smart phone or thinking to get one. Smart phones are small factor and can do a lot of functionality that computers can do. It is possible to check email using smart phone, watch videos, play video games, solve puzzles, edit documents. This list can be expanded. Smart phones unlike first computers fit in a pocket, and have probably a lot more processing power than early computers did. YouTube video

Richard Stallman had launched GNU project in 1983. GNU abbreviation stands for GNU's Not Unix. One of the goals of GNU's project was to provide computer users with freedom and control over their computing devices. YouTube video Picture is taken from here

Even so a computer can be used for business, a computer also can be used to play video games. Video games made computers fun to use and widely adopted. YouTube video

Now days we enjoy fancy graphics that is provided by an operating system, however it was not always the case. Early operating systems were text only, applications such as early word processors were also text only. Generating graphic requires good processor resources, which were no available back then. YouTube video

Original computers were really-really expensive. Only large organizations were able to afford one. Today the cost of a computer is affordable, and many people can get one. YouTube video

A compiler is a computer program that transforms human readable code into machine code. Different operating systems have different compilers because native operating system's code will depend on the type of operating system which is in use. Microsoft's .NET framework allow human readable code to be transformed to intermediate machine code that can run on multiple operating systems where that framework is installed. Similar to .NET framework are Java applications which are cross-platforms and require Java runtime environment to be present in order to execute that code. YouTube video

Computer science is a field of study of how to use computer algorithms, computer's computations, information science to solve tasks using computers. YouTube video

Original computers were big, really big. It was usual to have a computer that took of several computer racks. One of the largest computers was ENIAC computer, that used 1800 sq.ft. of floor space. Size of the computer did not result in its performance, they were slow. Original computers were using vacuum tubes. Vacuum tubes are very similar to a bulb. Vacuum tubes got replaced by transistors, which allowed to reduce size of computers. YouTube video

​A docking station for a laptop can be used to make laptop computers more stationary and expand number of available connectors. For example a monitor can be directly connected to a docking station, and there is no need to connect a monitor to a laptop. A docking station can support multiple monitors, where a laptop in most cases can only support just one. A docking station can power a laptop, not all of the laptop docking stations have this feature.

​MySQL database has several data types. I will try to explain most common of these, please choose a specific data type that feet your needs. Out of whole numbers data types there are: TINYINT, SMALLINT, MEDIUMINT, INT, BUGINT. There are two data types that hold a list of values. These data types are: ENUM and SET. To keep date data type it is possible to do with the help of DATE data type. DATETIME can be used to store both date and time information. TIMESTAMP data type can be used for the case when this database record was created or updated. The field that has this data type is updated automatically whenever this record is created or updated. CHAR is a data type that holds characters and has specific length. TEXT is a data type that can hold more than a single character. There are several TEXT type definitions, each one with a different number of maximum number of characters. VARCHAR is data type that can hold variable length of characters. VARCHAR data type has a maximum number of c...

​A specific MySQL database can be selected with the help of “use” keyword.

​A new MySQL database can be created using CREATE SCHEMA SQL statement. Please be aware that the newly created database will have default user permissions, and in addition to database a user for that database needs to be created and proper database permissions need to be assigned to that user. MySQL is not case sensitive, so databases can be created with any capitalization of letters, however it is best practice use lower case characters in database names.

​MySQL databases are called schemas. Databases are location to group data tables in one location. Databases can also be used to keep stored procedures. A stored procedure is SQL code that is saved and can be reused again and again.

​MySQL database is the database of choice for PHP. MySQL went through several iterations of development. MySQL database is easy to use and manage. Blogging software Wordpress uses MySQL database as storage engine. MySQL is available as free software. Paid option is also available. Another popular database choice is Postgres. I think that it is very similar to Oracle database. I had very little experience with it. MariaDB is very similar to MySQL, but it my opinion it has better performance.

​Superglobal variables in PHP are accessible from everywhere. Example of PHP superglobal variables are request, cookies, session. I am just giving an example of PHP superglobal variables here. For full list of superglobal variables, please refer to PHP documentation.

​Multidimensional arrays in PHP can have multiple name and values pairs in the same element of an array. It is useful to keep information about that element. For example if that array contains a list of products than one of the elements of that artsy may indicate price of that product and another one will store inventory quantity on hand.

​Associative arrays in PHP use strings as keys for the array elements. It is possible to get all of the keys of that array and all of the values.

​Computer’s electronic components are sensitive to electro static discharge or ESD for short. Many of computer components come in ESD save bag. Static charge can be accumulated by a human that works with computer’s hardware. To prevent ESD discharge that can ruin electronics components, ESD strap needs to be worn by a person who is working with computer’s components. Often people who work with hardware of their computers skip this safety step, because it is an inconvenience to wear ESD strap that has a cable that runs to that computer case, but if it is your business to work with computer’s hardware, then it is an important safety mechanism that will avoid ESD related accidents.

​SATA cables are for data only, so SATA devices need their own power connection. Both SATA data cables and power cables can be plugged in only one way.

​SATA is the abbreviation for Serial Advanced Technology Attachment.  SATA standard is often used in storage disks and optical drives. SATA technology is a replacement for PATA technology. PATA is the abbreviation for Parallel Advanced Technology Attachment. SATA devices have two cables. One cable is for power and another one is for data.

​Lightning port or connector is specific to Apple devices. Devices such as iPhones will use this type of connector. YouTube video

​Display port is not proprietary, and use of this technology doesn’t require royalty payments. YouTube video

​HDMI stands for High Definition Media Interface. It is a way to transmit both video and audio signals. HDMI cables can run for a long distance. HDMI cable length could be 100+ feet long, however with longer distance signal will degrade. HDMI standard is proprietary and requires payment to inventors of HDMI. YouTube video