xcodalambda

I/O allows a user to interact with systems as data flows through an application from system to disk. The MIPSpro™ Fortran 90 Programmer's I/O Guide addresses the significance of optimizing I/O to improve the user experience, “Although I/O performance is one of the strengths of supercomputers, speeding up the I/O in a program is an often neglected area of optimization. A small optimization effort can often produce a surprisingly large gain” (2002). It suggests that small optimizations, such as implementing efficient libraries significantly reduce overhead and improve data transfer within an application. Small optimizations significantly improve execution and application response time. Caching reduces the need for recurrent file reads. Managed libraries implement a bufa layer for asynchronous I/O buffering that improves wait times and CPU computation and a cachea layer dictates the number of pages stored in the buffer and cache page size to improve the I/O performance of the user rec...

In December 2020, FireEye Cybersecurity Firm informed SolarWinds of a malicious trojan detected in an already distributed Orion software update that affected numerous customers and partner organizations. The following year the Senate Homeland Security and Governmental Affairs Committee released a response on mitigating the remote supply chain attack, and NSA, CISA, and the FBI identified the Russian Foreign Intelligence Service as the attacker (U.S. Government Accountability Office, 2021). This case not only highlights a need for a detailed, effective incident response plan but it acknowledges the importance of a federal response to protecting sensitive data from foreign attack. An effective incident response plan could have significantly reduced the effect of the attack over time. By segmenting the network, alerting and resetting user account credentials, and responding to detailed logging reports, SolarWinds could have significantly reduced the effect of the attack (Lee et al., 2021)...

It’s commonly said in the industry that software engineers must be continuous learners for life to be successful. When first starting out, balancing efficient time management skills and in-depth analysis for problem-solving often pushes a software developer to learn where to cut corners and where to invest their time. In a struggling economy where software developers struggle to find consistent employment that goes beyond the two-to-four-year contract, nuanced details become hot topics among developers struggling to always put their best foot forward. The programming language you choose to write in or adherence to the current industry trend routinely becomes a measure of a developer’s experience and credibility. As an industry, we should embrace all available tools to move past our former limitations; however, generative AI and adherence to industry trends should never replace the act of building a true logical understanding of code. With one simple question, Google Bard weighs in on t...

Learning how different delete functions operate with different algorithms can show software engineers that the way they write their code can influence the performance of their program. For example, focusing on developing an efficient hash table improves the performance of the program; however, a software engineer must know which algorithm to focus on by studying them. Focusing on the delete functions will not improve this program; however, focusing on an efficient hashing algorithm will. As a software engineer, you must learn where to spend your time because time is money. Because there are different ways of removing an item from an array in Python, we would need to look at each one to understand how Python deletes an item from a list. It’s important to know that the delete function does not affect the time complexity of the hash table, except for in one rare circumstance. When the hash table has only one bucket, the delete function determines the time complexity. This is not the case ...

In modern applications, multi-threading allows applications to perform complex computations, such as in data analytics, machine learning, and real-time processing, quickly and efficiently. Multi-core processors allow multiple threads to be executed on different cores at the same time, significantly improving application performance. In a Single Thread Process, the code, data, and files in the Process Control Block are shared by a single thread. The program consists of one register to store the data, one program counter to store the address of the next instruction to be executed, and one stack to store the temporary data that will be executed next. In a Multi-threading Process, the code, data, and files in the Process Control Block are shared by multiple threads. Each thread has its own register, program counter, and stack. Multi-threading affects software application design and development by improving performance as applications are able to run subprocesses. In a single-threaded appli...

While security vulnerabilities evolve, secure coding practices aim to protect users and reduce organizational liability. OWASP offers a list of secure coding practices to guide software developers to adopt a security-first mindset that prepares software developers to write secure code that considers application security risks from their first line of code. The Cross-Site Scripting Injection Vulnerability allows malicious hackers to inject and execute harmful scripts on a user’s browser.  Three real-world examples of harmful data breaches caused by Cross-Site Scripting Injection Vulnerabilities are the British Airways data breach in 2018, the Fortnite data breach in 2019, and the eBay data breach in 2016 (Anderson, 2023).   Because of the widespread effects of this security vulnerability, in the React framework, the React DOM escapes any values in JSX before rendering them in the React DOM. While React, by nature, protects applications from malicious Cross-Site Scripting In...

The Open Web Application Security Project (OWASP) offers 24 security best practices to improve the security posture of an application through implementing strong access controls to encourage secure coding best practices. OWASP further includes vulnerability-specific prevention sheets to aid software developers in developing a security-first mindset in their coding practices. Three common vulnerabilities discussed in the OWASP security best practices that I consider important in preventing broken access control include Insecure Direct Object Reference, Missing Function Level Access Control, and Cross-Site Request Forgery.  Insecure Direct Object Reference . An Insecure Direct Object Reference allows a malicious attacker to modify a user profile URL or POST body to gain access to another user’s information by modifying the user ID. Implementing data layer access controls helps protect web applications by only allowing authorized users to access data objects. By verifying that the use...

FISMA Compliance Overview FISMA provides a relevant major law that influences an organization’s decision to form a CSIRT. In order to work with federal agencies, organizations must be FISMA compliant. FISMA requires federal agencies to develop, document, and implement an information security and protection program. Common security frameworks, such as NIST SP 800-53 and ISO 27002, recommend the formation of a CSIRT as a security best practice for FISMA compliance. FISMA compliance requires organizations to continuously monitor their networks and their third-party networks to ensure they can adequately respond to a security incident. I believe FISMA exists to provide a small safeguard for consumer protection and privacy. While businesses undeniably grow in a free market and some flexibility should exist for small businesses, all businesses should be held accountable for protecting user information and reducing the risk of cybercrime and cyberwar. Compliance with FISMA should be mandatory...

CPU Scheduler Overview  Because processes must share CPU resources, two CPU scheduling processes determine which processes in the queue will receive CPU resources next and if processes will swap CPU before completing as they wait for other necessary components before they can complete. In Preemptive Scheduling, the CPU scheduler runs in the background and identifies the process that will next receive CPU resources. Similar to a load balancer, as processes run and complete, the dispatcher receives instructions from the CPU scheduler and allocates the CPU to the selected process. Because processes must share CPU resources, the dispatcher constantly allocates, deallocates, and reallocates the CPU between prioritized active and idle processes based on the instructions from the CPU scheduler. Background Information In Non-pre-emptive Scheduling, the operating system allocates resources based on instructions it receives from the active processes.   Preemptive Scheduling. While ...

In today’s interconnected world, cybersecurity plays an indispensable role in safeguarding sensitive information, ensuring business continuity for users, and protecting the trust of stakeholders. To effectively protect against damaging cyber security threats, organizations must implement comprehensive security measures that anticipate and adapt to the frequent, sophisticated, and ever-evolving cybersecurity risks that affect modern organizations today. Background Information A well-defined and comprehensive Computer Security Incident Response plan empowers an organization's teams to respond immediately and effectively as a united front to resolve risky security incidents. By establishing a well-defined plan upfront, organizations increase security measures and build trust with customers and stakeholders. Financial Savings and Cost Mitigation . Developing an effective CSIR plan may seem like an overwhelming and expensive process, but I’m here to walk you through the safe, system...

  An operating system chooses specific memory management techniques in different computing environments or use cases by assessing the different patterns of a program. Non-contiguous memory allocation distributed through memory management techniques such as paging, segmentation, and virtual memory enabled modern systems to switch between tasks and manage memory for multiple processes to run at once. Before non-contiguous memory allocation, single-task systems used contiguous memory allocation where each process had to be loaded into an individual block of memory, and tasks could not run simultaneously. Background Information Paging in static loading works with predefined resources where the computer system knows how much space will be required ahead of time. It allocates a fixed amount of space in the memory. Segmentation in dynamic loading allows for organization when resource requirements can not be determined until run-time. It allocates dynamic space that includes blank space in...