Evolution of Embedded Systems

Embedded systems evolved with general-purpose computer systems. They were at the forefront of the use and justification of computer products, the closest to the field. This is where the theories are making or breaking. In the past, most of the embedded research and development was identified with real-time systems and industrial settings, but things have been changing since. With wider deployment of computers, the need for embedded systems has increased. We can recognize this in almost any facet of our lives: embedded systems are in most house appliances, cars, electrical devices, and industrial devices and tools. This seems to be a long-lasting trend in front of us, of the same or larger impact and disruption than the appearance of the Web. Being widespread poses some hard requirements on embedded systems. They must be as reliable and robust as other house appliances; as easy to use and as available; connected with other devices, requiring adherence to standards of some kind; and low cost—consequently their development will be defined on a strictly economical basis.

Some of the earlier requirements might not be as relevant in the embedded space. The requirements might have to adjust, making trade-offs, such as size versus flexibility, robustness versus richness of functionality, and power consumption versus performance. The producers of the particular systems will define the exact trade-offs, resulting in a fractured market. Every producer has system software of some kind, typically home-brewed or adapted from one of the many embedded operating systems. The impact of the many embedded systems produced reflects on the minimization of the software cost. If there are a million embedded systems produced, each one of them worth a few tens of dollars, it is unacceptable that the cost of software is of any significance. The cost in this space is largely dominated by hardware and the savings for hardware are also extremely strict. Because there are potentially numerous versions and variations of embedded systems, the compensability of hardware and software is of extreme importance. Connecting embedded devices will extend the scalability limits of today’s systems even beyond the Internet’s global scale. One user can have hundreds and thousands of embedded devices, disrupting traditional networking and, in particular, addressing techniques. Furthermore, it would not be possible or economically viable to connect all these devices by traditional wired technologies; therefore, wireless will become an attractive alternative, opening up new research and development areas.

What are the other long-term trends and impacts of this technology turn? What other implications does it pose to the current computer science and technology? This and other questions are addressed by six renowned researchers in this field. With this last department issue, we thank you for traveling with us through the trend wars in the past year.

Source: www.hpl.hp.com

How to prepare for the perfect job interview

Below are the Q & A section answered by Amit Bansal, CEO PurpleLeap

chandokraj asked, A common question I`ve encountered is ” What do your subordinates would say about say, if asked “. What shud be the best answer?

Amit Bansal answers, This is another way of asking your strengths and weaknesses and how you take feedback from others.


TR asked, Hi Amit, I left an organization 3 years back as I was not promoted. I was not promoted because my appraisal ratings were not good. Now, after 3 years, I have received interview call from same organization for a requirement at next level. I am not sure how to respond to questions in interview “why you left us 3 years back? why are you joining us now?”
Amit Bansal answers, Have you initiated to apply for the company or they have asked you to come back? If they are asking you to come back then you can tell the reason why you left the organization and why you want to join back. But if you have applied for that job, you need to ask yourself why you are looking at returning to the same company even after your appraisal was not good the last time you were with them.


Vidya asked, Many times interview ask about information about projects from the last organization. How to answer this questions as if somebody may not want to disclose this information ?
Amit Bansal answers, Do not give specific details. In fact you can let your interviewer know that you will not be able to share some confidential information. I am sure any good company will appreciate your attitude.


Akshay asked, Hello Sir, If the Interviewer ask a specific question like, what are the development needs which your superiors advised.? How to handle this…Obiviously there are negative things which we dont want to highlight…In this case how to handle the scenario? Please Advice
Amit Bansal answers, This question is asked to check your ability to learn from your mistakes and accept your shortcomings positively with an action plan to work on them. There is nothing wrong in talking about your negative areas. We all have a few.


georcy asked, Is it advisable to get the CV written by a professional to get a advantage over others
Amit Bansal answers, You are the expert for writing your own resume.


Nisharani123 asked, What will be the perfect answer if any interviewer asked”Why you are planning to quit your present job”
Amit Bansal answers, Please check other replies. I have already responded to this question.


Ganesh asked, Hi Amit.. How should I do background research on the company, should I be humble in the interview or should I boast about my qualities? What are the strict no-nos when it comes to face to face interview?
Amit Bansal answers, Always highlight areas which will match your capability to the job requirements. So boasting will help only to a certain extent.


abcdedg asked, Hi Amit, In some interviews, i observed that the interviewer is going out of the requirement scope for technical things. How to over come this.
Amit Bansal answers, Just testing the depth of your knowledge. Please remember you need not know everything but you must know everything you have mentioned on your resume and required as per the job profile. Interviewers just push boundaries sometimes.


123 asked, Sir what i have to do if i dont have any idea about the ask question should i say no straight or should i try to coniviece in other manner
Amit Bansal answers, Well it’s a good idea to say you can find out about the answer if you are given an opportunity rather than giving a wrong answer.


ravikirank asked, in my last interview i told the interviewer that i acheived only 60% of the target because of some circumastances this year. he applied the same to his organization says they can’t take the reasons what i mentioned in the interview for non acheivement in thier organization if i supposed to work the same circumstances in the new organization. even though i make it to the final interview by this i think they didn’t consider my candidature. would like to should only lie in the interviews to get recruited and how this can be overcome.
Amit Bansal answers, A very genuine query Ravi. Appreciate you asking this question. When you are offering reasons for not being able to achieve your targets you must also talk about the root cause analysis you may have done for the failure. You must also highlight your learning from that situation and how you could have done things differently to achieve the targets. The point here is not whether you will be able to achieve the targets with an improved plan or after doing the root cause analysis. But it highlights your ability to learn from your mistakes and a constant urge to achieve.


rishi asked, what is the prefect reply to question”why do you want to leave the job.”
Amit Bansal answers, The perfect reply is a genuine reason of why you are leaving your current job. Most companies only want to check your commitment level when they ask this question. If you were not leaving your current job you would not be able to join them. And the reason they are interviewing you is because they want you to join. So don’t panic, this question doesn’t mean they want to reject your candidature. They just want an affirmation of your commitment.


Sally asked, Amit, I presently have 5 years experience in the industry I am currently working in. My present organization (I wouldn’t want to name them) is very reluctant to let their employees go, and even if somebody leaves, then if their prospective employers were to call back for a reference they usually say something not very helpful. This has made me apprehensive about leaving this job, but I don’t want to continue here either. Do you have a solution to my dilemna?
Amit Bansal answers, It’s a good idea to collect some positive feedback documented over emails or in the form of certifications your company may have given you during the time of your service. Present them during the interview or attach them as references when you submit your details to the HR of the new organization. I guess then it wouldn’t matter if verbally they don’t have anything good to say about you.


rishi asked, hi i gave an interview three days back,should i call them and ask about the result.
Amit Bansal answers, Wait for a week before you call.


Vidya asked, Hello Sir, How much percent of hike we should ask at the time interview ? Is there any ground rule which we normally have to follow to get best offer ?
Amit Bansal answers, First thing is we should not ask for a hike at the time of the interview. If you are asked specifically to quote a figure then you need to know the industry ratio. It ranges from 10% to 30% across different industries.


Damodar asked, Hi Amit, Is there any particular etiquette to follow for a telephone interview?
Amit Bansal answers, Basic telephone etiquette include finding a quiet place to speak and ensuring your phone volume is loud enough for both parties to hear properly. Do not chew while you speak and it’s a good idea to smile while talking as that will reflect confidence in your voice. You must keep your resume in front of you while talking with the interviewer. Try to sit at one place and speak rather than walking and talking.


vinod asked, I am called for interview at Big Recruitment firm in few days the want to interview me before shortlisting for final candidate for their client. What would be the reason for such face to face interview with firm and how I should be prepared for it?
Amit Bansal answers, Well this is a shortlisting procedure and very clearly it will be an elimination round. Please be thoroughly prepared for the interview and do look at the job profile before you go. Ensure you highlight your skills, knowledge and attitude which match the job profile.


Suraj asked, Hi Amit, When an interviewer asks please tell me about yourself, I often wonder what they want to hear, since my resume is already in front of them.
Amit Bansal answers, When the interviewer asks you about yourself, they want you to be able to articulate your thoughts which means your ability to communicate and secondly they want to know how well you can sell yourself. It’s really a sales pitch to sell yourself. And whatever facts you give should match with what you have written in the resume. However, you can go ahead an give extra details which you may not have mentioned on your resume.


SaketS asked, What is a good answer to the question ‘Where do you see yourself 5 years from now”
Amit Bansal answers, The interviewer is really trying to know if you have a mindset to grow and achieve new things in life. They are also looking at your ability to plan a career and how your plan will fit with the plan of the organization. So any answer is good as long as it addresses the basic questions interviewer has on mind.


nagesh asked, if some body approach us for overseas job vacancies what kind of precautions need to be taken, i mean to say what are the dos & don’t
Amit Bansal answers, You must take all details of the employer and the employment. You must then go ahead and do your own research to find out how genuine the profile and the company is before you decide to go for it.

***************************************

Chat Date: April 25, 2012

Source: http://www.rediff.com

Introduction to UML

Booch’s definition of UML is a graphical language for visualizing, constructing, and documenting the artifacts of a software intensive system . It is a language that captures the object-oriented model. Some of the items this model stresses are data encapsulation, information hiding, and inheritance. UML has mainly been targeted for software projects where it has met the most success. UML’s intent is to capture the object-oriented (OO) model, and many OO practitioners have praised this model. We
also hope to reap some of the OO benefits, and believe we are not limited by the software nature of UML. We believe in philosophy that software and hardware can be abstracted away so we do not see UML’s software nature as a big hindrance. We also hope to use object-oriented properties to ultimately promote reuse. Actually there already exists an object-oriented language for protocols called SDL. SDL is more formal with its communication, assumptions, and it is a Formal Description Technique (FDT). SDL is based on an extended finite state machines (EFSM) framework that have asynchronous processes with zero-delay intra-process signals  and unbounded delay between process blocks. We see UML not as a replacement for SDL but as a front-end for it. SDL was not at the right level of abstraction to begin designing protocols so we had hoped UML could remedy this. UML is really very general (and
still incomplete) but this gives us freedom to explore structures without worrying too much about the details.
Thus the main focus of this paper is the exploration of next generation protocol structure, but first let us finish describing the semantics of UML UML is still under development and is mainly a notation rather than a formal language right now. UML does not clearly define the communication between objects very rigidly. It uses the notion of message passing, but they can be rendezvous or unsynchronized or different shades of both. Also the existence of queue is implied but the exact type is not specified. Each object in a UML diagram has a class which generalizes that object, and within the class there is a state diagram that describes the behavior. These state diagrams are very much like Harel’s STATEMATE for statecharts [HN96]. UML allows states to be hierarchical, concurrent, and nondeterministic defined by {name, entry/exit actions, internal transition, substates, deferred events}. State transitions are defined
by {source state, event trigger, guard condition (on event trigger), action (atomic, local object only), target state}. States are reactive, but not synchronous and process that occur on transitions or in states have some unknown bounded delay. Actually UML carries no notion of any time, real or abstract. All this expressive power tends to causes trouble in completely specifying a system for the real-time systems.
Its practitioners have recognized these problems and have added some constraints to synthesize usable code. These constraints include fully deterministic state machines and some partial ordering of signals . However, it is not our intent to construct some underlying MoC for UML. We use UML as tool to visualize object-oriented protocol structures, and in this aspect we found it useful. The message sequence charts helped to describe dynamic behavior, state charts helped describe some internal behavior, class diagrams helped describe the structure.

Source: Internet

Embedded Communication-Introduction

Communication is essential to achieving a dependable distributed embedded system. Designers of these systems are faced with several challenges in specifying the communication network. Complex systems usually require some sort of shared media network. In this environment, the designer must recognize the fundamental trade-off that exists between the efficiency and the predictability of the network. Given this trade-off, the designer must evaluate and select the communication network. Particular attention must be given to the protocols, which determine much of the network behavior. Finally, many error detection methods are available which are necessary to build a reliable communication system.

Most historical communication systems can be considered to be “embedded” at least from one perspective: they have a very narrowly defined task. They are not designed for general purpose communication. For instance telephones were conceived for only for the purpose of voice transmission. However, this fact has been changing in recent years with the design of integrated services networks. These networks are designed to carry different types of communication including voice, data and video signals. Even systems with a single original purpose like telephony have been exploited for the transfer of other traffic, like data transfer for computers. Another development that has increased interest in general purpose communication is the internet. Once computers across the world began to be connected, the problem of incompatible networks became apparent. The OSI (Open Systems Interconnection) Reference Model was developed in an attempt to solve this compatibility problem. This model divides the communication system into seven layers which provide varying levels of service. The layers were intended to provide standard interfaces and services, so that various protocols, machines and network types could coexist.

Despite the spread of general purpose networking ideas, there are still many closed systems which have very specific purposes. In this environment, a simple and efficient protocol can be enforced without the danger of incompatibilities. An example is the network of devices in a modern automobile that communicate over a network. From the perspective of the author these narrowly defined closed systems are considered embedded communication systems. Even in these embedded systems, there is increasing interest in the connection of embedded systems to larger networks for status monitoring purposes. Just as the embedded systems have borrowed communication protocols and technology from larger communication systems, they are likely to borrow the many of the interconnection and standardization ideas in the near future.

The majority of embedded communication systems can be classified as either point-to-point networks (data links) or shared media networks (data highways). It is important to understand the trade-off between these two types of systems. In point-to-point networks, each node of the system is connected to every other node. These systems are simple and reliable. Reliability is high since correct transmission between two nodes only depends on a single transmitter and receiver. Since each link is dedicated to communication between two nodes, it is easy to meet real-time deadlines without any sophisticated scheduling mechanism. In shared media systems all nodes are connected together using a ring or bus topology. The primary motivation for shared media is the reduction in wiring (and thus cost). These networks are easily extendable without adding any new data ports to individual nodes. Limited new cabling is required.

The price for scalability and reduced cost of a shared media network is the complexity that must be added to the network protocol. Some means must be added to arbitrate for access to the shared media. The remaining discussion in this paper applies mainly to shared media embedded communication systems.

Source: Internet

Walmart to hire 100 more Indian developers

Walmart Stores plans to hire 100 more software developers in India for its e-commerce platform.

The new platform is designed to connect Walmart’s digital and physical properties worldwide giving customers and suppliers a seamless way to interact and shop across any device or store anywhere in the world.

The company is looking to recruit engineering talent in the areas of high scale computing, network infrastructure, systems administration and big data.

@WalmartLabs, a unit of Walmart Global e-commerce, is the company’s hub for creating platforms and products around social and mobile commerce, and is expanding its operations here.

Over the last five months, @WalmartLabs has been building its India operations with a focus on social and digital technology. It has hired 20 developers of the initial targeted 100.

Company officials said the developers’ headcount here is planned to go to 200, including the additional 100 hiring, by the end of the current calendar year.

“In the past few months, @WalmartLabs India has attracted best-of-class talent into the group”, Jeremy King, Senior Vice-President and Chief Technology Officer of Walmart Global e-Commerce, told a press conference here.

“As we expand our operations, we look forward to adding to this base to create a team whose focus is to build products that matter to millions of customers around the globe”, he said.

Walmart Global e-Commerce Senior Vice President Anand Rajaraman, said @WalmartLabs support the retail chain’s global strategy of anytime, anywhere access where millions of customers can discover, research and shop for products through mobile devices, online or at physical stores.

Source: Internet

Performance appraisal – do’s and don’ts

Employee performance appraisals are considered important in order to provide information about the employee’s performance. This information helps the management in taking decisions regarding salary hikes, promotions, confirmations, transfers, and demotions. Apart from this, employee performance appraisals provide feedback information about the level of achievement and behavior of employees. The appraisal process also helps to assess the performance of the employees, rectify performance deficiencies, and set new standards of work if required.

This exercise plays a crucial role in providing information that helps to counsel employees. The information helps to identify deficiency in employees regarding skill and knowledge, determine training and developmental needs, recommend means for employee growth, and give suggestions for correcting placement. The performance appraisal form becomes a permanent record that has an impact on your career not only in the same organization, but may also be used as reference if requested by a future employer.

Below are the Q&A answered by Amit Bansal, CEO PurpleLeap

********************

Mahesh asked, How tp prepare yourself for the next position which you are looking for ?
Amit Bansal answers, Ensuring you meet the eligibility criteria is the first important thing. Next thing is to look at your own competencies and identify gaps. Apart from that you may have to look at other specific competencies that are required to fulfill the new opportunity.


Shirish asked, I had joined a company exactly on 10th Apr 2011 and got confirmation after six month. Now we had appraisal from 1st April 2012, they tell me that since I have 10 days short for one year completion, hence I am not eligible for the appraisal. Is is correct
Amit Bansal answers, That’s unfortunate, however that is right. You are 10 days short of the cut off.


Brahma asked, Why do companies insist on normalization ?
Amit Bansal answers, Normalization ensure objectivity in the performance appraisal system. It’s a very effective system for appraisal.


Abhijit asked, Most of the time, the appraiser talks about non achievements than achievements to lower the rating, how to avoid that because my appraisal will be done based on what I have achieved.
Amit Bansal answers, It’s your onus to ensure that during the appraisal meeting you have relevant documents and proofs for your performance. And when it’s your turn to talk about your achievements you must highlight each of them with enough evidences. However, if you do not agree with the points of non performance, you can offer your rebuttle during the review meeting with evidences.


kamal asked, sir it had been 7 months in my first company and my salary is very less should i ask my boss for increment please suggest???
Amit Bansal answers, If your company follows the annual appraisal cycle then you will have to wait till you complete one year with your organization before asking for a raise.


AppraiseeABC asked, My supervisor agrees that he messed up my appraisal. But he cannot change it due to strict policies by HR. How do I handle a situation like this, as I feel quite demotivated?
Amit Bansal answers, If you have an email or document which states the reason why the supervisor did not do your appraisal correctly, then you can raise this issue with the HR and request them to review the appraisal. As I had mentioned earlier, most HR’s have a policy where a review request for appraisal can be initiated.


Raju asked, Hello Amit, i have done appraisal for my team but my management asked me to review the same again and send it. i have done the best as a boss, but the management asks to cut down. pls comment
Amit Bansal answers, I can understand your situation, however force fit is a normal process during appraisal process. You may want to assess your management’s perspective to do this objectively and complete justice towards each member of your team.


Rajesh asked, If an existing tenured employee has completed 2 yrs. with an org’n and its been only an year since you have joined, being at the same level though your performance has been superior, can you demand for a promotion..
Amit Bansal answers, There is no harm in suggesting for promotion based on specific areas of exceptional performance. However, it completely depends on the appraisal process and HR policies if you will be offered that promotion.


Puneet asked, There is one more question which I often try to answer by myself. when my boss & my subordinate (whose performance is my base) is performing “Excellent” how I performed only on “Good”?
Amit Bansal answers, Request you to look at your KRAs to assess the difference. The dependency on someone else’s performance is only limited. Areas like initiatives, self-development etc are completely based on your own performance.


Employee asked, How to ask for a promotion during the appraisal talk?
Amit Bansal answers, During all appraisal meetings, future expectations are talked about. That would be an appropriate time to express your desire for a promotion.


Rajesh asked, Inspite of the year’s achievements accomplished and the same written in the appraisal sheet, if an individual is not able to express the same during the meeting should this have any effect on the rating…
Amit Bansal answers, Besides what is written in your appraisal document, it’s important to be able to highlight your key accomplishments during the review meeting. It’s very similar to interviews. You are selling yourself yet again based on your performance during the past quarter or year whichever is applicable. Therefore, the ability to express it to your supervisor is equally important.


Santosh asked, My manager has given 4.5 rating out of 5, he says he can give good hike or promotion, but not the both. Promotion may get 3% hike, where as just the hike would be 12% on current CTC. How to handle this situation?
Amit Bansal answers, Well if it was about numbers I think you would choose the hike and give away the promotion. However, I would like you to consider each opportunity objectively without comparison. Maybe the promotion will bring opportunities for you which you have been waiting for. However if that doesn’t look too great then off course you should go with the hike. As I said, look each of them objectively without comparing.


Eshwar asked, Can performance appraisals be used for motivating the employees
Amit Bansal answers, Performance appraisal is a key system within the HR to motivate employees.


paramkaur asked, do you agree that self-assessment practices should be encouraged by organisations to make the assessment perfect?
Amit Bansal answers, Now a days, self assessment has become a norm. I barely hear of organizations who do not follow this system in they appraisal practice. It’s a fair means of assessment and gives a lot of opportunity for any employee to highlight their achievements.


ajk asked, Can you reject a rating given by boss if not satisfied or escalate it to higher levels?
Amit Bansal answers, Absolutely you can. You can escalate it to the HR and they can organize for a review process based on the organization’s HR policies.


chanchal asked, What are the mandatory question to be asked on peformence appraisal
Amit Bansal answers, Mandatory questions an appraise can ask or questions a supervisor should ask? I am not sure if I have understood your question.


deepak asked, what is the expected hike this year for Middle level management resources?
Amit Bansal answers, Different industries have different criteria for appraisal in the compensation. Your organization’s HR can give you a better perspective on that.


Krishnagopal asked, Does Performance appraisal reveal any truth or this is just the relation one has with his boss?
Amit Bansal answers, Performance appraisals talk about not just an employee’s overall productivity at work however in many organizations professional interpersonal relationships hold a great importance in the KRAs. However do not mistake it for only maintaining cordial relationships with your boss. It’s about your inter departmental relationships and relationship with your team members as well.


paramkaur asked, which parameter has maximum weightage in the performance appraisal, generally?
Amit Bansal answers, If your organization has assigned weights to your KRAs then it depends on what each of these KRAs hold for you in terms of weightage. It totally depends on your organization’s method of performance appraisal.

********************

Chat date: April 18, 2012

Source: http://www.rediff.com

 

What is ATM?

ATM is a connection-oriented, unreliable (does not acknowledge the receipt of cells sent), virtual circuit packet switching technology.

The cost of maintaining separate, specialized networks for computer, voice, and video is high. To reduce networking costs, ATM enables integration of all of these services on a single network and the combination of existing networks into a single infrastructure. In particular, Windows operating systems provide rich connectivity using Asynchronous Transfer Mode (ATM) while maintaining support for legacy systems.

To support ATM, Network Driver Interface Specification (NDIS) has been updated with ATM commands. Because many applications do not yet use ATM services, Windows Server 2003 includes support for LAN Emulation (LANE) for LAN applications, such as Ethernet. Similarly, IP over ATM support has been added, eliminating the additional header cost of LAN packets. Winsock 2.0 native ATM has also been added to support the many applications that use Windows Sockets (Winsock).

Unlike most connectionless networking protocols, ATM is a deterministic networking system — it provides predictable, guaranteed quality of service. From end to end, every component in an ATM network provides a high level of control. ATM technology includes:

  • Scalable performance. ATM can send data across a network quickly and accurately, regardless of the size of the network. ATM works well on both very low and very high-speed media.
  • Flexible, guaranteed Quality of Service (QoS). ATM allows the accuracy and speed of data transfer to be specified by the client. This feature distinguishes ATM from other high-speed LAN technologies such as gigabit Ethernet. The QoS feature of ATM also supports time dependent (or isochronous) traffic. Traffic management at the hardware level ensures that quality service exists end-to-end. Each virtual circuit in an ATM network is unaffected by traffic on other virtual circuits. Small packet size and a simple header structure ensure that switching is done quickly and that delays due to high traffic are minimized.
  • Unobstructed speed. ATM imposes no architectural speed limitations. Its pre-negotiated virtual circuits, fixed-length cells, message segmentation and re-assembly in hardware, and hardware-level switching all help support extremely fast forwarding of data.
  • Integration of different traffic types. ATM supports integration of voice, video, and data services on a single network. ATM over Asymmetric Digital Subscriber Line (ADSL) enables residential access to these services.
Source: Internet

Sony launches Android-powered wristwatch

SAN FRANCISCO: Sony has released an Internet-linked wristwatch powered by Google-backed Android software.

SmartWatch gets online by connecting wirelessly to a wearer’s Android smartphone using Bluetooth technology, according to Sony.

The high-tech timepiece reminiscent of one worn by classic comic strip detective Dick Tracy was priced at $150, available online and at Sony stores.

“SmartWatch provides access to live content and entertainment on the go,” said Sony Mobile Communications customer unit president Paul Hamnett, who billed it as the first in a series of gadgets to “expand the smartphone’s reach.”

SmartWatch can switch from displaying time to acting as a touchscreen interface for smartphone information.

Vibrations or alerts flashed on the 1.3-inch (3.3-centimeter) screen can signal incoming calls and wearers can glance at their wrists to peruse email or text messages as well as Facebook or Twitter updates by friends.

Mini-applications tailored to add features to SmartWatch devices were available at the Google Play online shop, according to Sony.

Source: The Times of India

Ethical Hacking: an intoduction

We all know that hackers are constantly trying to steal private information by getting into the victim’s system, either by exploiting the software installed in the system or by some other means. According to one stat, more than 60 percent of Adobe Reader users are have unpatched versions, leaving them vulnerable to attacks. By performing routine updates for their software, consumers can protect themselves, patching known vulnerabilities and therefore greatly reducing the chance of getting hacked.

Commonly used software, such as MS Office, Adobe Flash and PDF reader (as well as the browsers themselves) are the major targets for exploits if left unpatched. In the past, fake patches for Firefox, IE, etc. displayed messages informing users that updated versions for a plugin or the browser were available, prompting the user to update their software. For example, the page will tell the user that updating their Flash version is critical.  Once the user clicks the fake update, it will download malicious content (like, for example, the Zeus Trojan) to the victim’s computer, as well as perhaps a rogue anti-virus, asking the user to pay in order to remove the infections. Similar attacks have been done in the past for various browsers, too.

Normally, if there is an update for the Firefox browser, the update notifications are displayed as popups rather than webpages. A better way to check for any update in Firefox is go to the Help optionàselect “about Firefox.” If the browser needs an update, it will display something that says “apply update.”

Most people avoid updating since it can be annoying at times. But if we are handling sensitive information in our systems, then updating and patching up the important software should be of high priority.

When you think about it, how many people are really cautious about the updates, the type of update or the link from where they are downloading and installing the update? Obviously, there are very few people that are really cautious and vigilant about updates, therefore making the success rates for those exploiting the users high. One effective way of exploiting users is by using tools like EvilGrade.

About EvilGrade:

EvilGrade is a framework which the exploits weaknesses in the auto-update services of multiple common software packages and the attack performed by this framework is one of the best example for client exploitation. This framework tricks the service into believing there is a signed update available for the product, thus prompting the user to install the upgrade where the upgrade is the attacker’s payload. This type of attack is a bit difficult for a normal user to detect since they don’t see anything suspicious and the upgrade looks legitimate.

We can use this framework with the combination of DNS spoofing or Man-in-the-middle attack in order to spoof the software upgrade. This therefore tricks the victim into downloading the upgrade, thereby executing our malicious arbitrary code.

The EvilGrade supports various famous software like Notepad, iTunes, Java plug-in, WinZip, Winamp, DAP, OpenOffices, LinkedIn, Speedbit, etc.

Evilgrade takes the advantage of various applications because most of these verify neither the update contents nor the master update server. Basically, in this type of attack, the attacker seeks to modify the DNS traffic of the victim and return them to some other ip address controlled by the attacker.

Source: www.ethicalhacking.com/

Components of an Embedded System

An embedded system has three main components : Hardware, Software and time
operating system
i) Hardware

• Power Supply
• Processor
• Memory
• Timers
• Serial communication ports
• Output/Output circuits
• System application specific circuits

ii) Software: The application software is required to perform the series of tasks.
An embedded system has software designed to keep in view of three constraints:
• Availability of System Memory
• Availability of processor speed
• The need to limit power dissipation when running the system continuously in
cycles of wait for events, run , stop and wake up.
iii)  Real Time Operating System: (RTOS) It supervises the application software
and provides a mechanism to let the processor run a process as per scheduling and
do the switching from one process (task) to another process.

Source: Internet