## Core Concept #4 – Concurrency

Let’s say you work as a secretary in company A. You have to answer phone calls, arrange meetings, typing documents, etc. You always have to switch back and forth between your tasks based on priority. Every time the phone rings, you have to stop whatever task you are working on.

Concurrency is a property of programs and systems that allow tasks to run in overlapping time periods.

### 4.1 – Parallelism

Eventually, you can’t cope with your job because there’s too much data entry tasks. You complain to your boss and he happily hires a data entry clerk to handle your data entry tasks.

Parallelism allows 2 or more tasks to run at the same time, provided that the machine hasmultiprocessing capability.

However, the implementation of concurrency concepts also introduces more potential problems such as race condition.

### 4.2 – Race Condition

This is what will happen if you allow concurrent transactions in a banking system and race condition isn’t handled:

• You have \$1000 in your bank account.
• Someone transfers \$500 to you and you withdraw \$300 from ATM.
• Imagine both transactions are performed at the same time, both transactions will see \$1000 as your current balance.
• Now, transaction A adds \$500 to your account and you have \$1500. However, transaction B also sees \$1000 as your current balance and it completes a millisecond later, it deducts \$300 from \$1000 and updates your account balance as \$700.
• You now have \$700 instead of \$1200 because transaction B overwrites transaction A.
• This happens because the banking system isn’t aware of other ongoing transactions.

So, what can you do to handle the above situation? One really simple way is mutual exclusion.

### 4.3 – Mutual Exclusion (Mutex)

Now, whenever there’s an ongoing transaction, the system will lock the account(s) involved in the transaction.

This time, the moment when transaction A occurs, your account is locked. You can’t withdraw money from ATM. It unlocks only when transaction A completes.

So mutual exclusion solves the problem right? Yes, but nobody wants to get rejected by the ATM every time there’s an ongoing transaction.

Let’s modify the solution a little bit.

### 4.4 – Semaphore

#### 4.4.1 – Binary Semaphore

Now, let’s set different priority levels for different types of transactions. Say cash withdrawal request has a higher priority than bank transfer. When you withdraw money from ATM, transaction A (the bank transfer) will stop and allow transaction B to carry on first because it has higher priority. It will resume after transaction B is completed.

#### 4.4.2 – Counting Semaphore

Binary semaphore is simple. 1 = ongoing transaction. 0 = waiting. On the other hand, counting semaphore allows more than 1 process running at the same time.

Let’s say you’re a locker room manager for a spa. There are 30 lockers. You have to keep track of the number of keys you have each time you receive or hand out a key, but you don’t exactly know who they are. If all lockers are full, others have to queue up. Whenever someone is done, he/she will hand over the key to the first person in the queue.

Deadlock is another common issue in concurrency system.

Let’s use the same banking system analogy with a different scenario. Just keep in mind that access to a bank account is locked whenever there’s an ongoing transaction.

• Peter transfer \$1000 to you (transaction A) and you transfer \$500 to him at the same time (transaction B).
• Transaction A locks Peter’s account and deducts \$1000 from Peter’s account.
• Transaction B locks your account and deducts \$500 from your account.
• Then, transaction A tries access your account to add the \$1000 from Peter.
• At the same time, transaction B also tries to add your \$500 to Peter’s account.

However, since both transactions aren’t completed, both can’t access the locked accounts. Both wait for each other to complete. Deadlock.

Here’s a real life example:

Boy: Let her approach me first.
Girl: Let him approach me first.
*And there dies a budding love story*

## Core Concept #5 – Computer Security

### 5.1 – Computer Hacking

Hacking is similar to breaking into a house. Here are some of the popular hacking techniques:

#### 5.1.1 – Brute-force Attack

Try hundreds and thousands of different keys. An experienced burglar will try the most commonly used keys first.

A brute-force attack tries every possible passwords, and usually starts by guessing commonly used passwords like “123456”, “abcdef”, etc.

#### 5.1.2 – Social Engineering

A couple just moved in next door. They are really nice and helpful. They often invite you over for dinner. One day, you mentioned that you are going for a two-week vacation soon. They happily offered to take care of your dog. You left a spare key for them. Since then, you have not heard any news about them.

Social engineering is tricking users into revealing their private information.

#### 5.1.3 – Security Exploit

A burglar checks every possible entries to find the easiest way (weakness) to get in. Maybe your second-floor windows is left open, who knows?

#### 5.1.4 – Trojan Horse

A burglar pretends to be a plumber and you unlock the door for him. He fixes your leaking pipe and everything looks perfectly normal. After he left, you discovered that your jewelry is missing.

A trojan horse is malware program that pretends to be useful or helpful and runs malicious code in thebackground.

#### 5.1.5 – Rootkit

Your door lock is jammed and you call a locksmith. He fixes your door lock and secretly duplicates another key.

A rootkit gains administrator or root access of a computer through various ways like social engineering, then disguise as necessary files that is hard to detect by antivirus software.

#### 5.1.6 – Distributed Denial-of-service Attack (DDoS)

Here’s a bookshop analogy.

Imagine 100 people visit your little bookshop at the same time. Your bookshop is occupied and others can’t come in. You can’t ask any of them to leave because they don’t seem to be coming in groups. They probably don’t know each other at all. Most of them seem to be genuinely interested to buy books. Some even ask you where are the book shelved. Someone at the counter just pay you in pennies.

People keep coming in and out for hours. All of them look perfectly normal. At the end of the day, you’ve only made one book sale. Remember the guy who pay you in pennies?

DDoS attempts to bring a site or service down by flooding it with visitors.

IPViking, a live cyber-attack monitoring site/Imgur

### 5.2 – Cryptography

Cryptography is the study and application of secure communication. Here are 2 of the most widely used cryptographic protocols:

#### 5.2.1 – Symmetric cryptography

Say Alice and Bob want to send each other stuff. To make sure nobody can see their stuff, they lock it with a box. They make 2 identical (symmetric) keys for the lock and meet up to share the keys beforehand.

#### 5.2.2 – Asymmetric cryptography

Sharing identical keys works fine among 2 people. What if Alice want to exchange stuff with another guy named Carl, and Alice doesn’t want anybody to see their stuff too? Alice can’t use the same lock and key that she shared with Bob, else Bob can unlock the box easily!

Of course Alice can share a completely new and different lock and key with Carl, but what if Alice wants to exchange stuff with 10 different people? She will need to keep and manage 10 different keys!

So Alice come out with a brilliant solution. Now, she only maintains one key (private key). She distribute the same padlocks (public key) to her friends. Anyone can close the padlocks (encrypt), but only she has the key to open (decrypt) them. Now, anyone can send stuff to Alice using the padlock she distributed, and Alice no longer have to manage different keys for different people.

If Alice wants to send something to Carl, she will ask for Carl’s padlock (public key) so that she can use it to lock (encrypt) her stuff and send it to Carl.

The basic principle is: everyone has their own private key to decrypt message, and they will provide senders their own public key for message encryption.

On the next page: Software Development