Green Computing


In simple terms Green Computing means the usage of computer devices and their resources in an environmentally friendly manner. It’s a combination of Green Design, Green Manufacturing, Green Use, and Green Disposal. It’s also known as Green Information Technology (Green IT). Since the main aim is to reduce the bad impact upon environment, there are many other advantages for all the entities who are gained with the process. So, let’s see what the main advantages of Green Computing are.


  • Reduce environmental pollution by lowering the emission of Greenhouse Gases (GHG) like Carbon Dioxide, bulk disposal of e-waste, fossil fuel used in power plants and transportation                                                                                                                 Some of the harmful elements including in e-waste

Lead  ,  Tin  ,  Copper

Silicon  ,  Carbon  ,  Iron

Aluminum  ,  Cadmium  ,  Mercury


  • Increase the durability of hardware devices
  • Reduce energy consumption and lower energy cost
  • Improve the operational efficiency
  • Save rare raw materials which are needed to manufacture new devices
  • Lower the overall cost
  • Ability to maintain a healthy environment for employees
  • Ability to easily compliance with the required standards
  • Enhance company reputation as an environmental friendly organization
  • Self-satisfaction and a pride to the company employees of being upholding a social responsibility







  • Initial cost of being Green might be costly. And also maintenance cost is high
  • It’s hard to adapt to the rapid changes of technology
  • Some devices might not work properly under Green computing process
  • Green computing is still not a fully finalized concept. So, implementing it has a probability of occurring risks

How to go Green

  • Recycle computer equipment
  • Use energy efficient hardware (Eg: Use LED monitors instead of LCD and CRT)
  • Maintain best practices of using computer devices in day to day activities (Eg: Turn off the computer when not using it, use power saver mode as a regular practice)
  • Go for Virtualization. Means, running number of logical computer systems on one set of physical hardware
  • Use Telecommunication systems
  • Engage with Cloud Computing
  • Reduce energy consumption by proper usage of resources (Eg: Use an automatic power – down system)
  • Use natural cooling systems
  • Reduce paper waste (Eg: print only if needed, use soft copies instead of hard copies)
  • Buy recycled paper
  • Buy green products
  • Increase awareness about Green computing concept and its advantages




Heuristic Evaluation

Usability problems is a common issue that UI designers, developers, users have to face and a bad design affects to the end user satisfaction directly. So, to overcome that, UI evaluators should follow an inspection method before designing phase or after development phase. Heuristic evaluation is one of those inspection methods. In here evaluators check whether the user interfaces covers the required usability principles and some of the beneficiary facts of this method is that it can conducts at the very beginning of the designing phase and user testing is not required. If there are many heuristics introduced in usability inspection, Jakob Nielsen’s one is the mostly used collection. According to the book “Usability Engineering” published by Jakob Nielsen, he has identified 10 heuristics as below.

  1. Visibility of system status
  2. Match between system and the real world
  3. User control and freedom
  4. Consistency and standards
  5. Error prevention
  6. Recognition rather than recall
  7. Flexibility and efficiency of use
  8. Aesthetic and minimalist design
  9. Help users recognize, diagnose, and recover from errors
  10. Help and documentation

Let’s consider each of them separately.

Visibility of system status

The system should always keep users informed about what is going on, through appropriate feedback within reasonable time.

Otherwise users may not know what’s going on or whether they have done the task correctly or how much of time that they have to wait in order to proceed. Or else users may confuse without knowing the process going on inside the system. It’s not necessary to display the remaining time duration for all the tasks but if it takes more than few seconds it’s better to state the waiting time. Some of the common techniques designers use to display system status are loading spinners, progress bars.


Match between system and the real world

The system should speak the users’ language, with words, phrases and concepts familiar to the user, rather than system-oriented terms. Follow real-world conventions, making information appear in a natural and logical order.

Normally, people quickly recognizes things which are familiar with day to day objects. If we put a folder icon to represent a document, users get the hint that what we are presenting is a document. If we put a dustbin to represent deleted items then users will know that refers to send trash or unwanted stuff. Likewise we can use command phrases that are similar to real world. We can use ‘Open’ to enter into a new view and we can use ‘Exit’ to get out of that view.


User control and freedom

Users often choose system functions by mistake and will need a clearly marked “emergency exit” to leave the unwanted state without having to go through an extended dialogue. Support undo and redo.

Making mistakes is a common characteristic of human nature. So, a good design should always has a functionality to roll back the changes to prevent getting things worst. Below image shows the message which gives by the Gmail when the user delete a received email. That email won’t be deleted permanently until 30 days and Gmail also allows to undo the deleting process.


Consistency and standards

Users should not have to wonder whether different words, situations, or actions mean the same thing. Follow platform conventions.

It’s easy to understand if all the interfaces follows a standard format. If an interface follows a totally different format rather than the other interfaces then users have to put an extra effort to understand that interface. But also interfaces should emphasize differences while maintaining consistency. Most of the times people do things as a habit. If we put a button in a particular interface and put the very same button with a totally contrast  functionality like first one is for Save and second one is for Exit, most probably users hit Exit button by mistakenly even though they need to save the stuff. To avoid those unintentional mistakes, the designers should maintain a proper format keeping standards.

Microsoft Office Package maintains a unique interface structure, so the users can easily get familiar with the tasks with less effort.




Error prevention

Even better than good error messages is a careful design which prevents a problem from occurring in the first place. Either eliminate error-prone conditions or check for them and present users with a confirmation option before they commit to the action.

‘Parking at your own risk’ is a common signing board that we have all seen in front of most of the supermarkets. Like that a good error message should advice the users about the impact or the result of their action and request the confirmation.

Below image is a good example which supports the above fact.


Below is the message which gives by Microsoft Excel when a user try to close the window without saving changes.


Login or Signup interface is the initial and relatively easiest step of a process. If the users cannot login to the system, then there’s nothing to talk about the rest of the system. Of that login stage, username and the password is the most important facts. So, the interface should enriched with a proper guidance to the users. According to the below example, when a user try to type the password a message displays the criteria of a valid password and line by line it shows the validity and invalidity, preventing occurring an error.


Recognition rather than recall

Minimize the user’s memory load by making objects, actions, and options visible. The user should not have to remember information from one part of the dialogue to another. Instructions for use of the system should be visible or easily retrievable whenever appropriate.

For an example it’s better to display a suggestion list while typing a term in order to easily approach and avoid typing long phrases.


Flexibility and efficiency of use

Accelerators — unseen by the novice user — may often speed up the interaction for the expert user such that the system can cater to both inexperienced and experienced users. Allow users to tailor frequent actions.

For regular, experienced users we can allow short cut keys to proceed tasks without going to a full ride again and again. And also there’s no need to display all the advanced features to novice users until they are thorough with given few features. And give the opportunity to frequent users to experience more features as their desire.

Below image is an example to a design which allows shortcut keys.


Below image shows that we can display frequently or most commonly used actions in an easily accessible place. So, the users can use those features with less time.


Aesthetic and minimalist design

Dialogues should not contain information which is irrelevant or rarely needed. Every extra unit of information in a dialogue competes with the relevant units of information and diminishes their relative visibility.

In our language, a design should be Short and Sweet. The more and more we try to push things into the interface, it’s getting more and more complicated. As much as it is simple, users can easily grab the idea. Long phrases takes times to read and users are getting bored and misses the important facts.



Help users recognize, diagnose, and recover from errors

Error messages should be expressed in plain language (no codes), precisely indicate the problem, and constructively suggest a solution.

We cannot expect that all the users are subject experts or technical experts. There might be a knowledge gap between users and designers. So, a good design should be able to reach to different users with different knowledge capacities. So, error messages should not contains high technical terms or complicated instructions. It should simply state the problem and a possible solution.

Below one is an example to a good design. It simply state the requirements.


Below images shows a bad design. User has to go through lots of complicated terms in order to find out the error.


Help and documentation

Even though it is better if the system can be used without documentation, it may be necessary to provide help and documentation. Any such information should be easy to search, focused on the user’s task, list concrete steps to be carried out, and not be too large.

Below images displays that the Cloud9 allows various types of help options for their users.


Below one is the help option provided by the google.




Tor Network

Tor browser is a free and open source software which runs on Linux/Unix, Windows, Mac and Android operating systems and allows users to browse internet and communicate via internet preserving their anonymity with the intention of increase user freedom and decrease the possibility of being monitored by external parties and exposure of confidential and sensitive data to unauthorized persons. So. Most of the people use Tor network in order to protect their privacy while using internet, avoid being monitored or eavesdropping, avoid censorship, etc. Tor is like nuclear power. Some people use it to generate power and some people use it for malicious purposes like war. Likewise there are people who use Tor for bad purposes as well as with good intention. People like terrorists, criminals, hackers, drug dealers, gun dealers, child pornographers, illegal vendors who are involving in black market use Tor for illegal activities.


The main concept behind Tor network is Onion routing. So, before we learn about Tor network it’s better to have quick look at what is Onion routing. Onion is a data structure which covers and hide the original message with number of encrypted layers until it comes to the destination. So, Onion routing means encrypt application layer of a communication protocol stack, nested by following that onion data structure. The encrypted message (including the starting location IP address) passes through several number of network nodes called Onion routers. Those routers are randomly selected and the message passes through a path which is not predefined. Those routers in the middle know only the IP addresses of the routers which are located besides in the path. So, the anonymity of the source is protected. When the encrypted message comes to the first router, it decrypts one layer of the message and pass it to the next router to decrypt the next layer. Likewise the message passes through number of routers until it fully transform to the original message and then pass it to the destination point.

Tor network


  • Encryption is only applicable inside the Tor network. It doesn’t encrypt data outside the network. So, it’s easy to monitor data traffic at the end point of the network
  • Browsing speed decreases because message has to pass several number of routers before reach to the expected destination
  • Tor cannot prevent traffic confirmation
  • Increase illegal activities like conducting law against political acts, accessing censored information with illegal privileges, supporting and protecting most wanted criminals
  • Even though Tor preserves privacy of the users, it let outer world to know that you are using Tor. So, the risk of being considered as a criminal is high and authorities may put a spy eye on you even though you use Tor network for good purposes
  • There are some websites which prevent Tor users accessing their content and special features

Even though Tor network protects your anonymity, as a user you have to follow some best practices in order to experience the real advantage of Tor. As in many other browsers there’s a risk of leaking user identity from screen resolution. So, from the very beginning of the usage, Tor users are advised not to maximize the browser window. And also it’s better to use Linux Operating systems instead of Windows Operating systems when using Tor network. Because, we cannot assure the privacy even though we use Tor browser because of the security issues in Windows systems. If an intruder attacks to the operating system from a system vulnerability, then no more secured your anonymity even though you use Tor browser. So, it’s essential to ensure the back ground work like regularly updating operating system and Tor browser to benefit the Tor services. And also Google is not the best search engine for Tor users because of the data tracking done by the Google. And also avoid HTTP and use HTTPS to ensure the security. For more security it’s better to avoid using technologies like Java, JavaScript, VBScripts, Adobe Flash since those technologies may create loopholes to intruders to peek into our network to track browsing data and keep cookies.

Tor interface


Positive and negative aspects of Learning Management Systems


  • Performance evaluation

Positive aspect is participants can evaluate their performance through periodically scheduled assessments like quizzes, tests and review feedbacks through reports and statistical representations like graphs. Negative aspect is someone else can login behalf of the learner and involved in activities conducted by the LMS. So, the evaluation reports may present false details and lecturer may not get the correct progress of the learner.

  • Accessibility

Positive aspect is if we talk about the practical scenario of the real class environment, only few people are attending the class and out of the limited attendance only front desk people are listening to the lecturer. Under such circumstance the best solution is to have a LMS. LMS allows multiple users to access and enrolls in courses at any time anywhere. And it saves our time. Learning materials are same and consistent for every user who has enrolled in a particular course. Administrator or the content writer can easily modify the content because all the materials and contents are hosted in a centralized location. Negative aspect is learners will limit to the content on LMS and rely upon that and become lazy to think beyond. And also they could tend to miss lectures because they know that they can find lecture notes in the LMS even without attending the classes. Their practical knowledge will decrease because the experience has boundaries in a LMS. To increase the accessibility, availability and to reduce concurrency issues, developers have to use higher band width, good servers and latest technologies. In order to that, implementation cost is high and due to that money that educational institutes or companies have to afford in purchasing a LMS is high. Since most of the LMSs are e-learning platforms, internet connection is a must for users.

  • Customization

Positive aspect is participants can create their own profile and manage profile settings and customize their learning environment (eg: arrange courses according to the usage frequency). Without limiting into the sketches on the class whiteboard, lecturers can add visual aids like images, videos in order to the give the content in an effective manner. Lecturer can monitor learner login history and restrict unauthorized access. Negative aspect is if the LMS allows too much of customization, then the users may leads to misuse it and eventually learners will depart from expected learning objectives.

  • Interactive learning

Positive aspect is LMS allows online discussion forums to communicate and exchange knowledge among participants. So, participants are motivated to express their ideas. Peers and lecturers are allowed to give individual comments and feedbacks. This is impossible in a real class environment because lecturers are not approachable in most of the times and learners are de-motivated of asking questions because of the fear of humiliating in front of the class. Negative aspect is most of the times learners are involving in the forum discussions to pretend that they are really engage in, but in actual sense learners just post something to get rid of the task. So, they aren’t achieving the actual objectives of conducting forums. Anyone related to the course can put their ideas into the forums without granting permissions. This will leads to misuse those discussions into bad purposes. So, responsible individual should monitor such kind of activities and prevent them. Online feedbacks will lighten the learner-lecturer relationship and cannot assure that the learner see the feedback during the effective time period.

  • Notification system

Positive aspect is users can get notifications about upcoming events like assignments which have to submit sorted according to the deadline. Users can activate email notification system which is synchronized with the LMS and if so, when they have submitted a certain assignment they will receive a mail stating whether they have submitted it properly or not. And if activate this alert system for forum discussions, users can get notification emails about involvements of the classmates like newly submitted comments or posts for that forum, Likewise LMS can give notifications for most of the processes to update users. Negative aspect is sometimes we activate email notification to get to know about who are commenting in our own post. But the system is unable to retrieve comments related to our post. Instead it gives notifications about all the activities of that forum. It’s wastage of our time and storage of our inbox. Sometimes we will miss important emails if it is placed among those unnecessary notification emails.



How to overcome mobile computing security issues


Nowadays most of the people are engaged in mobile computing. Because of the mass usage and important data being transferred, attackers and intruders are very enthusiastic of accessing mobile computing devices unauthorizedly. So, in mobile computing the vulnerability of being expose to attackers is high. Nobody needs to be vulnerable to the attackers. Nobody needs to give away their private and confidential information to the malicious users. So, it’s really important to maintain a good behavior in usage and follow appropriate security solutions. In my previous blog post (check this link if you are interested I have discussed some of the main vulnerabilities and threats of mobile computing. So, in here I’ll discuss about what we shall do as a preventing mechanism.

  • Use a proper anti-malware software or scanning tools and update it regularly
  • Use appropriate authentication methods
  • Encryption for data in transmission(SSL, SSH) and data at rest(database, drive)
  • Beware of vulnerabilities and security threats







  • Use protections for confidentiality threats like shoulder surfing, social engineering, etc
  • Use licensed software and hardware
  • Conduct security checkups regularly
  • Identify vulnerabilities of the existing devices and make appropriate solutions
  • Enforcing proper access rights (authorization)
  • Use strong passwords and do not reveal credentials to unauthorized parties. Do not use personal data like name, birthday as your password or password hints which can be easily guess
  • Do not use same username, password, email for every account because if a hacker new your login credentials of one account, those credentials would be his first guess when he is involving in a Bruce force attack
  • If any website gives you the password back when you ask for the forget password option, do not use that site again. Because it doesn’t use encryption when storing passwords. So, the attackers can hack their database and steal your credentials


  • Lock your devices if your are leaving your device for a while
  • Logout after using personal accounts like social media account
  • Avoid storing sensitive data in the mobile devices (eg: ATM password)
  • Be careful in online transactions and submitting banking details via online
  • Use technologies like native remote lock and find and wipe capabilities in case of theft or loss devices
  • Organize email inbox and be careful about spam messages
  • Read policy statements before installing a software or any other mobile application
  • Maintain software and data backups
  • Double check when installing free mobile application
  • Surf only in secured websites


  • Be careful when clicking links on the websites. Before click, hover on the link and check what is the destination of that link
  • Control wireless network and service connectivity
  • Beware of storage capacity, speed of your own devices. Any irregular pattern might give you a sense of attack because some attackers use your device’s storage/ connection for their malicious purposes
  • Use only properly registered network connections and Access Points


  • Be careful when adding unknown persons into your social media accounts. Fake accounts and pages are one of the way that attackers use to steal your personal information
  • If you have recognized that you are under an attack, quickly inform that to the authorized/responsible parties



Vulnerabilities and threats of mobile computing


Mobile computing is a main part of the daily activities of the modern day people. They use mobile devices to access communication technologies which give the internet facility from anywhere any time. Smartphone, tablets, laptops, mobile data storage devices, music players and GPS are some of the common devices used in mobile computing. Most of the latest trends like e-learning, e-commerce, and e-communication are engaged with mobile computing to increase the efficiency, productivity of the day to day functions. For most of the people, mobile computing is a main part of their lives. So, it’s better to know about the threats and issues related to mobile computing. When we are talking about threats/vulnerabilities, we should concern about the physical device, data, and the communication medium/ the channel.

DOS attacks (Denial of Service)

In here, the attacker’s intention is to prevent actual users accessing the connection/service. In order to do that, attackers create a huge traffic by sending large number of request to the server and server gets busy with giving responses to those requests instead of responding to the actual user’s request.

Eg: If “X” send a probe request to the Access Point (AP) and attacker needs to disrupt. So, the attacker send a new probe request to the AP by using X’s MAC address. Due to that, AP will drop X’s probe request and drop his connection and will response to the attacker’s fake request.

Wormhole attacks

Attackers use the internet connection using a wormhole node and pretend as an Access Point (AP) to a user showing that it is the shortest path for the internet connection. So, the every packet transmitted through the AP can be captured and read by the attacker.


Replay attacks

Attackers spy the conversation between the sender and the receiver and grab the authentication details. Then connect to the infrastructure for a while and re-transmit the content again pretending as the previous sender.


Malicious persons attack to the network connections by pretending as another user (using their IP address)

Traffic analysis

Attackers listen to the traffic flowing of the channel and capture packets and read data. Then they track locations and get access to the personnel information of the targeted users.


In simple terms it says getting illegal access to a conversation as a third party. Data sent from the client to an enterprise server is often unencrypted. So, it leads to eavesdrop on users’ sensitive communications.

High dependency

Most of the software applications and hardware are interconnected synchronized. If a component infected with a malicious attack, then it affects to the other components automatically. So, the likelihood of expose to the risks is high.

Theft and loss

Because of the high usage and the portable size, misplacing mobile devices is a common issue in mobile computing. It may cause data loss and exposes private and confidential data to the unauthorized parties. Most of the mobile applications ask for login credentials when accessing. Because of the ease most of us store credentials and stay logged in for those mobile applications. So, in case of loss or theft, no more we are the owners of our data. Whoever the person gets our device can unauthorizedly access our device.

Malicious software (Malware)

It means any program or an application which can cause harm to the computer device or to the user. Virus, Worm, Trojans, Spyware are some of the examples for malware.

Virus- A computer program which maliciously attached to a genuine program and make duplicates of itself and spread them among other programs and infect them by modifying data of those program files
Worm- A standalone computer program which can make an exact copy of itself and spread among other computers
Trojans- it’s a kind of malware which can use to hack into the computer by giving wrong idea or the impression. Then the attackers can access personal data like passwords, banking information
Spyware- A software which is attached to the genuine software or hidden inside the genuine software without knowing the user in order to steal information of the user

Pull attacks

In here an attacker controls the device as a source of data and obtained data by device itself

Push attacks

Malicious codes which can establish in the mobile device and then gradually reach to other components of the network.


Software Testing

Software testing is a main part of software quality assurance. In software testing we check and evaluate whether the software has obtained and fulfilled specified requirements. Because of human errors, compatibility errors and many other things, it’s usual that existing product is differs from the required one. So, it’s essential to conduct a software testing process in Software Development Life Cycle (SDLC).

In waterfall model, testing is comes after implementation phase. But in incremental models like agile, testing process is conducted after every iteration. And after finishing implementation the end product will be tested again.

Testing methods

White-Box testing

In here the tester or the QA engineer should have to study the source code and gain a thorough knowledge about the functions, logics and the structure of the code. While reading the source code he has to identify what are the units of the code that occur the misbehavior.


Black-Box testing

In here the tester does not have access to the source code and he tests every function by the point of view of the end user. The tester doesn’t need any knowledge about programming languages and implementation.


Grey-Box testing

Tester has a rough idea about the structure and the components of the system but hasn’t a detailed knowledge about the internal logics of the functions. Tester doesn’t have access to the source code but can see the database and other documents relates to designing. So, the Grey-Box testing can be considered as a combination of White-Box testing and Black-Box testing.


Types of testing

There are two main types of software testing.

          1) Manual testing

          2) Automation testing

Manual testing

This is the way how to test the software without any automated testing tool. Quality Assurance engineer or the tester act as the client and uses the software and check whether the functions behave according to the required condition or whether it has any bugs. In here the tester tries the software according to different scenarios or uses different test cases. He writes all the possibilities in test cases and tryout. If the delivery is urgent, he tries at least sufficient amount of test cases.

Here is the basic structure for test cases

Test No

Description Step Expected Response Actual Response Status


Test 1
Test 2
Test 3
Test 4

In Step field we write every possibility of actions/inputs for the function to be tested. In expected response field we write the actual output or the response we expected through that function according to the given inputs. In actual response field we write what we actually get. In status field we write whether that function works or not for the given inputs (by comparing expected and actual responses). If the status is “fail”, we write the error in coding a logic that causes the program to malfunction, in the defect field.

The basic manual testing process is as below.


Unit testing

Break the whole system into small units and each unit holds a separate function. Then test each and every function according to the unit basis providing inputs one at a time.

Integration testing

Then combine those units and check how it works when those units functions collaboratively.

System testing

After integration testing we check whether the system fulfill the requirements in the SRS document for data that similar to real life scenarios.

User acceptance testing

Give the system to sample set of users to experience and let them to check the system for different privileges according to real life scenarios.

Automation testing

This is the way how to test the software with a testing tool or writing scripts. It is a replacement for manual process and increases the efficiency and accuracy of testing process and reduces budget allocated for testing. Automation testing is suits for large scale projects, complex/ urgent projects, and projects with stable requirements. Automation testing process is as mentioned below.


For automation testing we can use testing tools like Selenium, Appium, SilkTest, Cucumber, Test Studio, RSpec, etc.