Positive and negative aspects of Learning Management Systems


  • Performance evaluation

Positive aspect is participants can evaluate their performance through periodically scheduled assessments like quizzes, tests and review feedbacks through reports and statistical representations like graphs. Negative aspect is someone else can login behalf of the learner and involved in activities conducted by the LMS. So, the evaluation reports may present false details and lecturer may not get the correct progress of the learner.

  • Accessibility

Positive aspect is if we talk about the practical scenario of the real class environment, only few people are attending the class and out of the limited attendance only front desk people are listening to the lecturer. Under such circumstance the best solution is to have a LMS. LMS allows multiple users to access and enrolls in courses at any time anywhere. And it saves our time. Learning materials are same and consistent for every user who has enrolled in a particular course. Administrator or the content writer can easily modify the content because all the materials and contents are hosted in a centralized location. Negative aspect is learners will limit to the content on LMS and rely upon that and become lazy to think beyond. And also they could tend to miss lectures because they know that they can find lecture notes in the LMS even without attending the classes. Their practical knowledge will decrease because the experience has boundaries in a LMS. To increase the accessibility, availability and to reduce concurrency issues, developers have to use higher band width, good servers and latest technologies. In order to that, implementation cost is high and due to that money that educational institutes or companies have to afford in purchasing a LMS is high. Since most of the LMSs are e-learning platforms, internet connection is a must for users.

  • Customization

Positive aspect is participants can create their own profile and manage profile settings and customize their learning environment (eg: arrange courses according to the usage frequency). Without limiting into the sketches on the class whiteboard, lecturers can add visual aids like images, videos in order to the give the content in an effective manner. Lecturer can monitor learner login history and restrict unauthorized access. Negative aspect is if the LMS allows too much of customization, then the users may leads to misuse it and eventually learners will depart from expected learning objectives.

  • Interactive learning

Positive aspect is LMS allows online discussion forums to communicate and exchange knowledge among participants. So, participants are motivated to express their ideas. Peers and lecturers are allowed to give individual comments and feedbacks. This is impossible in a real class environment because lecturers are not approachable in most of the times and learners are de-motivated of asking questions because of the fear of humiliating in front of the class. Negative aspect is most of the times learners are involving in the forum discussions to pretend that they are really engage in, but in actual sense learners just post something to get rid of the task. So, they aren’t achieving the actual objectives of conducting forums. Anyone related to the course can put their ideas into the forums without granting permissions. This will leads to misuse those discussions into bad purposes. So, responsible individual should monitor such kind of activities and prevent them. Online feedbacks will lighten the learner-lecturer relationship and cannot assure that the learner see the feedback during the effective time period.

  • Notification system

Positive aspect is users can get notifications about upcoming events like assignments which have to submit sorted according to the deadline. Users can activate email notification system which is synchronized with the LMS and if so, when they have submitted a certain assignment they will receive a mail stating whether they have submitted it properly or not. And if activate this alert system for forum discussions, users can get notification emails about involvements of the classmates like newly submitted comments or posts for that forum, Likewise LMS can give notifications for most of the processes to update users. Negative aspect is sometimes we activate email notification to get to know about who are commenting in our own post. But the system is unable to retrieve comments related to our post. Instead it gives notifications about all the activities of that forum. It’s wastage of our time and storage of our inbox. Sometimes we will miss important emails if it is placed among those unnecessary notification emails.



How to overcome mobile computing security issues


Nowadays most of the people are engaged in mobile computing. Because of the mass usage and important data being transferred, attackers and intruders are very enthusiastic of accessing mobile computing devices unauthorizedly. So, in mobile computing the vulnerability of being expose to attackers is high. Nobody needs to be vulnerable to the attackers. Nobody needs to give away their private and confidential information to the malicious users. So, it’s really important to maintain a good behavior in usage and follow appropriate security solutions. In my previous blog post (check this link if you are interested https://kumudika.wordpress.com/2017/04/28/vulnerabilities-and-threats-of-mobile-computing/) I have discussed some of the main vulnerabilities and threats of mobile computing. So, in here I’ll discuss about what we shall do as a preventing mechanism.

  • Use a proper anti-malware software or scanning tools and update it regularly
  • Use appropriate authentication methods
  • Encryption for data in transmission(SSL, SSH) and data at rest(database, drive)
  • Beware of vulnerabilities and security threats







  • Use protections for confidentiality threats like shoulder surfing, social engineering, etc
  • Use licensed software and hardware
  • Conduct security checkups regularly
  • Identify vulnerabilities of the existing devices and make appropriate solutions
  • Enforcing proper access rights (authorization)
  • Use strong passwords and do not reveal credentials to unauthorized parties. Do not use personal data like name, birthday as your password or password hints which can be easily guess
  • Do not use same username, password, email for every account because if a hacker new your login credentials of one account, those credentials would be his first guess when he is involving in a Bruce force attack
  • If any website gives you the password back when you ask for the forget password option, do not use that site again. Because it doesn’t use encryption when storing passwords. So, the attackers can hack their database and steal your credentials


  • Lock your devices if your are leaving your device for a while
  • Logout after using personal accounts like social media account
  • Avoid storing sensitive data in the mobile devices (eg: ATM password)
  • Be careful in online transactions and submitting banking details via online
  • Use technologies like native remote lock and find and wipe capabilities in case of theft or loss devices
  • Organize email inbox and be careful about spam messages
  • Read policy statements before installing a software or any other mobile application
  • Maintain software and data backups
  • Double check when installing free mobile application
  • Surf only in secured websites


  • Be careful when clicking links on the websites. Before click, hover on the link and check what is the destination of that link
  • Control wireless network and service connectivity
  • Beware of storage capacity, speed of your own devices. Any irregular pattern might give you a sense of attack because some attackers use your device’s storage/ connection for their malicious purposes
  • Use only properly registered network connections and Access Points


  • Be careful when adding unknown persons into your social media accounts. Fake accounts and pages are one of the way that attackers use to steal your personal information
  • If you have recognized that you are under an attack, quickly inform that to the authorized/responsible parties



Vulnerabilities and threats of mobile computing


Mobile computing is a main part of the daily activities of the modern day people. They use mobile devices to access communication technologies which give the internet facility from anywhere any time. Smartphone, tablets, laptops, mobile data storage devices, music players and GPS are some of the common devices used in mobile computing. Most of the latest trends like e-learning, e-commerce, and e-communication are engaged with mobile computing to increase the efficiency, productivity of the day to day functions. For most of the people, mobile computing is a main part of their lives. So, it’s better to know about the threats and issues related to mobile computing. When we are talking about threats/vulnerabilities, we should concern about the physical device, data, and the communication medium/ the channel.

DOS attacks (Denial of Service)

In here, the attacker’s intention is to prevent actual users accessing the connection/service. In order to do that, attackers create a huge traffic by sending large number of request to the server and server gets busy with giving responses to those requests instead of responding to the actual user’s request.

Eg: If “X” send a probe request to the Access Point (AP) and attacker needs to disrupt. So, the attacker send a new probe request to the AP by using X’s MAC address. Due to that, AP will drop X’s probe request and drop his connection and will response to the attacker’s fake request.

Wormhole attacks

Attackers use the internet connection using a wormhole node and pretend as an Access Point (AP) to a user showing that it is the shortest path for the internet connection. So, the every packet transmitted through the AP can be captured and read by the attacker.


Replay attacks

Attackers spy the conversation between the sender and the receiver and grab the authentication details. Then connect to the infrastructure for a while and re-transmit the content again pretending as the previous sender.


Malicious persons attack to the network connections by pretending as another user (using their IP address)

Traffic analysis

Attackers listen to the traffic flowing of the channel and capture packets and read data. Then they track locations and get access to the personnel information of the targeted users.


In simple terms it says getting illegal access to a conversation as a third party. Data sent from the client to an enterprise server is often unencrypted. So, it leads to eavesdrop on users’ sensitive communications.

High dependency

Most of the software applications and hardware are interconnected synchronized. If a component infected with a malicious attack, then it affects to the other components automatically. So, the likelihood of expose to the risks is high.

Theft and loss

Because of the high usage and the portable size, misplacing mobile devices is a common issue in mobile computing. It may cause data loss and exposes private and confidential data to the unauthorized parties. Most of the mobile applications ask for login credentials when accessing. Because of the ease most of us store credentials and stay logged in for those mobile applications. So, in case of loss or theft, no more we are the owners of our data. Whoever the person gets our device can unauthorizedly access our device.

Malicious software (Malware)

It means any program or an application which can cause harm to the computer device or to the user. Virus, Worm, Trojans, Spyware are some of the examples for malware.

Virus- A computer program which maliciously attached to a genuine program and make duplicates of itself and spread them among other programs and infect them by modifying data of those program files
Worm- A standalone computer program which can make an exact copy of itself and spread among other computers
Trojans- it’s a kind of malware which can use to hack into the computer by giving wrong idea or the impression. Then the attackers can access personal data like passwords, banking information
Spyware- A software which is attached to the genuine software or hidden inside the genuine software without knowing the user in order to steal information of the user

Pull attacks

In here an attacker controls the device as a source of data and obtained data by device itself

Push attacks

Malicious codes which can establish in the mobile device and then gradually reach to other components of the network.


Software Testing

Software testing is a main part of software quality assurance. In software testing we check and evaluate whether the software has obtained and fulfilled specified requirements. Because of human errors, compatibility errors and many other things, it’s usual that existing product is differs from the required one. So, it’s essential to conduct a software testing process in Software Development Life Cycle (SDLC).

In waterfall model, testing is comes after implementation phase. But in incremental models like agile, testing process is conducted after every iteration. And after finishing implementation the end product will be tested again.

Testing methods

White-Box testing

In here the tester or the QA engineer should have to study the source code and gain a thorough knowledge about the functions, logics and the structure of the code. While reading the source code he has to identify what are the units of the code that occur the misbehavior.


Black-Box testing

In here the tester does not have access to the source code and he tests every function by the point of view of the end user. The tester doesn’t need any knowledge about programming languages and implementation.


Grey-Box testing

Tester has a rough idea about the structure and the components of the system but hasn’t a detailed knowledge about the internal logics of the functions. Tester doesn’t have access to the source code but can see the database and other documents relates to designing. So, the Grey-Box testing can be considered as a combination of White-Box testing and Black-Box testing.


Types of testing

There are two main types of software testing.

          1) Manual testing

          2) Automation testing

Manual testing

This is the way how to test the software without any automated testing tool. Quality Assurance engineer or the tester act as the client and uses the software and check whether the functions behave according to the required condition or whether it has any bugs. In here the tester tries the software according to different scenarios or uses different test cases. He writes all the possibilities in test cases and tryout. If the delivery is urgent, he tries at least sufficient amount of test cases.

Here is the basic structure for test cases

Test No

Description Step Expected Response Actual Response Status


Test 1
Test 2
Test 3
Test 4

In Step field we write every possibility of actions/inputs for the function to be tested. In expected response field we write the actual output or the response we expected through that function according to the given inputs. In actual response field we write what we actually get. In status field we write whether that function works or not for the given inputs (by comparing expected and actual responses). If the status is “fail”, we write the error in coding a logic that causes the program to malfunction, in the defect field.

The basic manual testing process is as below.


Unit testing

Break the whole system into small units and each unit holds a separate function. Then test each and every function according to the unit basis providing inputs one at a time.

Integration testing

Then combine those units and check how it works when those units functions collaboratively.

System testing

After integration testing we check whether the system fulfill the requirements in the SRS document for data that similar to real life scenarios.

User acceptance testing

Give the system to sample set of users to experience and let them to check the system for different privileges according to real life scenarios.

Automation testing

This is the way how to test the software with a testing tool or writing scripts. It is a replacement for manual process and increases the efficiency and accuracy of testing process and reduces budget allocated for testing. Automation testing is suits for large scale projects, complex/ urgent projects, and projects with stable requirements. Automation testing process is as mentioned below.


For automation testing we can use testing tools like Selenium, Appium, SilkTest, Cucumber, Test Studio, RSpec, etc.



Cloud Computing

The simple meaning of cloud computing is the process of storing and accessing data and programs on remote servers accessed over a direct internet connection on a pay-per-usage basis, instead of storing them in our computer hard drive.

Cloud Computing

Three types of cloud computing

Private cloudService that is controlled and exclusive to the user. Infrastructure is use to operate a single organization

Public cloud Share resources among community of users. Service providers use the internet to make resources, such as applications and storage, available to the general public, or on a public cloud

Hybrid cloud- Is a combination of both private and public cloud. It enables to move workload between private and public platforms.

Three models of cloud computing

Software as a service (SaaS)- Is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.

Platform as a service (PaaS)- Is a cloud computing model that delivers applications over the Internet. Users only need to log in and start using the platform given by the PaaS provider.

Infrastructure as a service (IaaS)- Is a cloud computing model which provides virtualized computing resources over the Internet. A third-party provider hosts hardware, software, storage, servers and other infrastructure components and make them available to its users.

Advantages of cloud computing

• Reduce cost by minimizing hardware requirements
• Increase collaboration through easy accessibility and visibility
• Automatic software updates and maintenance
• Flexible adoptability to the bandwidth demand
• In cloud computing, data is stored in the cloud. So we can access data without our machines and in if someone has stolen our laptop we can remotely wipe data from it and prevent unauthorized access to our data
• Cloud-based backup and recovery solutions

Disadvantages of cloud computing

• Service provider allows minimal control to the end users
• Switching from one vendor to other may arises compatibility issues
• Service provider may not be able to provide similar service throughout the whole period due to increasing customer amount and it may causes downtimes


Color Theory

In a simple form we can define color as a mixture of various frequencies of light. Number of colors is infinite and out of that human can only see which have 400nm-700nm wave length.

Shades, Tints, Tones

Shades: Colors which are derived by adding black to any hue (pure color)

Tints: Colors which are derived by adding white to any hue

Tones: Colors which are derived by adding gray to any hue

As a simple formula we can say;

Sade + Tint = Tone

Wheel of Color (Color wheel)

It is a tool which visually represents relationships between every hue in a circular manner.

Analog colors: Colors beside a certain color in the color wheel. eg: For Yellow green(light                green); it is green and yellow.

Complementary colors: In the color wheel, the color which is directly in the opposite side of a certain color is called as complementary color. As an example for Purple, it is Yellow and for Yellow, it is Purple.

        Purple <<<>>>>  Yellow


Split complementary colors: Colors besides a complementary color is called as split complementary colors.

For an example if we take Red-orange, split complementary colors are Green and Blue.


Warm colors: Colors which are located in the first half of the color wheel

Cool colors: Colors which are located in the second half of the color wheel

3 Dimensions of colors

  • Hue
  • Saturation (density)
  • Value (lightness and darkness)


This pictu8re shows how the color differs because of the light fell upon the flower in different angles. The side which is directly exposes to the light have the bright side and when the distance between the light and the flower increases, it will gradually get d

Color percentage

By mixing colors in different percentages, we can create new colors.

Color Bit Depth (Color Depth)

It is the number of bits used to indicate the color of a single pixel. Through this we can decide the number of colors a monitor can display.

Color Models

It is a kind of representation of how the colors will be appears on a paper, TV screen or on computer screen. There are number of color models and because of the characteristics of each models, their usage is differ from one to another. So, when we are choosing color model we should check whether it is the most appropriate one for our purpose. In here let’s talk about few models.

RGB [Red, Green, Blue]

This model is good for screen based designs like web applications. It is an Additive model.

CMYK [Cyan, Magenta, Yellow, Key (Black)]

This model is good for printing purposes. If we take a printout of a photograph then we should follow this model. When we use Photoshop and if are hoping to get a printout of our work, we should change the color model before we start our work. This model is a subtractive model.

YUV [Luminance, Chrominance-Red, Chrominance-Blue]

In this model we are not considering about green color because it is embedded within all the three colors. More in Luminance and less in Red and Blue. This model is widely use when creating videos.

HSV [Hue, Saturation, Value]

This model is also called as lab color model. And it is specially used in photography. And also it is use for paintings and high quality graphics. The main advantage of this model is that each of its components is directly related with basic color concepts and it is defined in a way that is similar to how humans recognize colors.