My Blog Space

I Would Love To Share My Personal Experiences , My Knowledge , Cool Things That I Found and Stuffs That I Interest With You All. This Is Personal Blog You All Are Welcome Here.I Post Whatever I Like To Share With The Community Specially Science,Computer Tricks,Networking,Guitar Chords,Hiking,Camping,Travelling and Many More Interesting Stuffs.Hope My Blog Will Help You Somehow..

Wednesday, January 4, 2023

https://www.tech-house.com/wp-content/uploads/2021/09/2021-09-Microchip-Blog-Image-1.png

Microchips are tiny electronic devices that power everything from smartphones to computers to automobiles. They are made up of billions of transistors. These tiny electronic switches can be turned on or off to represent the ones and zeros of digital data. The more transistors a microchip has, the more powerful it is.


For decades, the size of transistors has been steadily shrinking, a trend known as Moore's Law. (Moore's Law, named after Intel co-founder Gordon Moore. He predicted in 1965 that the number of transistors on a microchip would double approximately every two years, leading to exponential improvements in the performance and efficiency of microchips. ) This has allowed the creation of increasingly powerful microchips that are smaller, faster, and more energy efficient. However, there is a physical limit to how tiny transistors can get, and we are approaching that limit with current technology.


The graph depicts Moore's law.
https://www.tf.uni-kiel.de/matwis/amat/semitech_en/kap_5/backbone/r5_3_1.html


One nanometer (nm) is one billionth of a meter. It is currently the smallest scale at which transistors can be reliably produced. While there have been efforts to push the limits of transistor size even smaller, such as using exotic materials like graphene, it has proven to be very difficult to produce functional transistors at the 1nm scale. So far, the smallest architecture we have achieved is 5nm, which tech giants like TSMC and Samsung recently announced.


There are several reasons why producing transistors at the 1nm scale is challenging. One is the challenge of creating and manipulating materials on a small scale. Another is the issue of quantum tunneling, in which electrons can "leak" through the barriers that are meant to contain them within a transistor. This can lead to transistors that are less reliable and require more power to operate.


Despite the challenges, tech giants like Intel, TSMC, and Samsung are among the companies that are actively researching and developing smaller transistor architectures. In recent news, TSMC has announced plans to start manufacturing 4nm chips by 2024 after completing their new manufacturing plant in Arizona. They are exploring various approaches, including the use of new materials and designs and ways to build multi-level microchips that can pack more transistors into a smaller area.


Apple, one of the world's leading technology companies, has also made strides in the microchip market with its M1 and M2 chips. The M1 chip, released in 2020, features a 5nm architecture and has received widespread acclaim for its performance and efficiency. The M2 chip, released on June 24, 2022, is made with TSMC's "Enhanced 5-nanometer technology" N5P process and contains 20 billion transistors, a 25% increase from the M1. Apple claims CPU improvements of up to 18% and GPU improvements of up to 35% compared to the M1. M2 is the second generation of ARM architecture intended for Apple's Mac computers after switching from Intel Core to Apple silicon, succeeding the M1.


Comparison of Apple M1 & M2 Chips
https://9to5mac.com/2022/06/07/m1-versus-m2-chip/



In conclusion, while it may be technically possible to produce microchips with 1nm architecture, it is currently not feasible with current technology. So far, the smallest architecture we have achieved is 5nm, which tech giants like TSMC and Samsung recently announced. Companies like TSMC are already working on the next generation of smaller microchips. Apple is also pushing the boundaries with its M1 and M2 chips. However, that doesn't mean that the advancement of microchips has come to a halt. There are still many ways we can improve these important devices' performance and efficiency, even if we can only shrink them down a little further.

Saturday, December 31, 2022


These tokens are used in the OAuth 2.0 authorization framework, which provides a secure and standard way for clients to access protected resources on the server. These tokens are used to authenticate users and authorize access to protected resources in your API or application.


Access Token


An access token is a JSON Web Token (JWT) issued by the service after successful authentication. It allows a client to access protected resources on the server. Access tokens typically have a short lifespan (e.g., one hour) and must be refreshed after they expire using a refresh token.


Refresh Token


A refresh token is a JWT issued by the service and an access token after successful authentication. It allows a client to obtain a new access token without requiring the user to re-authenticate. Refresh tokens typically have a longer lifespan (e.g., one week) and can be used to obtain multiple access tokens over time.

ID Token

An ID token is a JWT issued by the service after successful authentication. It contains information about the authenticated user, such as their username and attributes. ID tokens can be used to get user information or to implement additional security measures.

Where to store these tokens? 

There are several options for storing access, refresh, and ID tokens in your application. Here are a few common approaches:

Cookie storage

One option is to store the tokens in a secure cookie on the client. This allows the tokens to be persisted across multiple requests and can be convenient for single-page applications (SPAs) or other client-side applications. However, this approach requires the tokens to be sent with every request, which may only be suitable for some use cases.

Local storage

Another option is to store the tokens in the browser's local storage. This allows the tokens to be persisted across multiple requests. Still, they are only accessible from the same browser and device. This approach is suitable for SPAs or other client-side applications. Still, it may not be suitable for applications that support multiple devices or platforms.

Server-side storage

A third option is to store the tokens on the server, in a database or other persistent storage system. This allows the tokens to be shared across multiple clients and devices. Still, it requires the server to manage the storage and retrieval of the tokens. This approach is suitable for APIs or other server-side applications that need to support multiple clients or devices.

Which option you choose will depend on your application's needs and your use case's security requirements. It's essential to choose an appropriate secure storage mechanism that can meet your users' needs.

Where are to store Refresh Tokens?

It is generally not considered a good security practice to store refresh tokens in client-side storage, such as session or local storage. This is because refresh tokens are intended to have a longer lifespan than access tokens and can be used to obtain multiple access tokens over time. Suppose a refresh token is stored in client-side storage, and an attacker can access it. In that case, they could use it to obtain unauthorized access to the protected resources on the server.

It is generally recommended to store refresh tokens on the server, in a database, or in other persistent storage systems to improve security. This allows the refresh tokens to be managed and controlled by the server. It prevents them from being accessed by unauthorized clients.
Suppose you store refresh tokens on the client. In that case, it is vital to use a secure storage mechanism that is not easily accessible to attackers. One option is to use an HTTP-only cookie, which can only be accessed by the server and not by client-side JavaScript. This can help to prevent attackers from accessing the refresh token through cross-site scripting (XSS) attacks or other client-side vulnerabilities.

Where are to store Access Tokens?

It is generally recommended to store the access token in a secure storage mechanism that is easily accessible to the client-side code. This allows the access token to be used to make authenticated requests to the server and access protected resources.
One option for storing the access token is to use a library like react-cookie or js-cookie, which allows you to set and get cookies in a React application quickly. You can set a secure, HTTP-only cookie with the access token when the user logs in and then retrieve the cookie on subsequent requests to make authenticated requests to the server.

Another option is to use the localStorage or sessionStorage APIs to store the access token in the browser's local or session storage. This allows the access token to be persisted across multiple requests and can be convenient for single-page applications (SPAs) or other client-side applications. However, it is essential to be aware that the local storage and sessionStorage APIs are vulnerable to cross-site scripting (XSS) attacks, so it is essential to use them with caution and to sanitize any user input properly.

Where are to store ID Tokens?

It is not recommended to store Refresh Tokens or ID tokens in the front end of your application. These tokens contain sensitive information and may be used to grant additional privileges. Instead, storing these tokens on the server, in a database, or in another persistent storage system is generally recommended.

Tuesday, January 29, 2019


This Song Viraga Ragaya, which is Another Great Piece of Sinhala Music, is Combined with a Combination of Both Visharada Amarasiri Peiris and Amal Perera. The Song is made up of Prof. Bandula Nanayakkarawasam's Lyrics, Suresh Malliyadde's Music and Video by Thisara Imbulana. Here I have Arranged the Guitar Chords For This Marvelous Song. Their May Have Some Errors. Well Discuss in The Comment Section.

Song : Viraga Ragaya
Artist : Amal Perera & Amarasiri Peris
Key : Am
Beat : 3/4


Am                                             Dm
à·€ිරාග රාගය අතරේ තනි à·€ූ ආලය
G                  F                  Dm           Am
à·€ිරාම දෙයි එක් හදකට උදා පරාජය
Am                             C               Dm    G
à·€ිරාග රාගය අතරේ තනි à·€ූ ආලය
G                   F                  E               Am
දුරලයි තනිකම ලබමින් මගේ සරාගය


Am
ඔබ අඩවන් නෙතු කරමින් ඈ නතු
                                                                G
ඇගේ පහන් ලොà·€ ඈ මනසින් බිඳහල දා
F   Em        Am
ඈ මුකුලිත à·€ූà·€ා
Am
කර ගනු ඈ සතු නොරිà·ƒි ඔබේ à·ƒිතු
                                            Em                   G
ඈතින් ඔබෙ මුණිවර මනසින් පෙම්කළ දා
Am     G      Am  
ඈ අසරණ à·€ූà·€ා


Am      
නුරා එගිනි දළු ඈ දවමින් ගෙතු
Am                                                      G    F
සලෙල ගීතයට ඈ තනුවක් කර ගත් දා
F              Em       Am
ඈ ලොà·€ අහිමි à·€ුණා
Am
ඔබේ මිලින ගති ඇයට නොà·€ේ රුති
                                              E                G
පෙමින් තොරව ඇගේ දිà·€ිය කතරක් à·€ූදා
Am    G          Am
ඈ මවෙතට ආවා

Monday, January 14, 2019

Uploaded From (https://i.ytimg.com/vi/zv2SiwkJTAw/maxresdefault.jpg)

Guitar Chords For Another Beautiful Song Naadagam Geeya Hope You'll Enjoy Playing.If There Are Errors in The Chords Just Let Me Know On the Comments.Feel Free to Add Any Corrections.

Song   : Naadagam Geeya
Artist   : Ridma Weerawardane
Music  : Charitha Attalage
Key     : C#
Beat    : 4/4

Chorus
F#                            B         C#        B       C#              F#
à·„ෙට නාඩගමේ මං රජාට අඳිනවා අජාසත්ත නාමෙන්
 Ab                           B                            C#                      F#
මුà·…ු ගමේම අඟනුන් මට වහ à·€ැටෙනවා බලාපල්ලා බොරුනම් ... //


Verse 1
F#                                               B                       C#
දමා කඩුක්කන් ඔටුනු නළල්පටි කඩුà·€ කරකවා සබයට එන à·„ැටි
F#                                               B                       C#
දමා කඩුක්කන් ඔටුනු නළල්පටි කඩුà·€ කරකවා සබයට එන à·„ැටි
Ab    F#      B                         C#                       F#
බලා à·„ිඳින අඟනුන් සත්තයි ආලේ බඳියි රහසින් ආ....
Ab    F#      B             C#                    F#
බලා à·„ිඳින අඟනුන්.... ආලේ බඳියි රහසින්

Verse 2
F#                                                B                    C#
පවර අජාසත් නිරිඳුන් මම à·€ෙමි පියා නසා රජ කම අරගන්නෙමි
F#                                                B                   C#
පවර අජාසත් නිරිඳුන් මම à·€ෙමි පියා නසා රජ කම අරගන්නෙමි
Ab     F#       B                   C#                    F#
කියා එද්දි අද මං සත්තයි ආලේ බඳී අඟනුන් ආ....
Ab     F#       B        C#                 F#
කියා එද්දි අද මං.... ආලේ බඳී අඟනුන්



Wednesday, October 24, 2018

Cryptography & Information Security


When we talk about information security, cryptography acts main role. There won’t be any information security without cryptography. They both bond to each other unbreakable. Let’s get in to the topic lets discuss how cryptography works.

What is Cryptography? 

Sometimes you may never heard of cryptography. But sure, you may have heard about encrypting and decryption. Well these are the key features of cryptography. Cryptography is a mechanism which converting ordinary plain text into an unreadable form of text and vice-versa. Basic task in cryptography is to enable users to communicate securely over an insecure channel in a way that guarantees their transmission's privacy.


How Cryptography Works? 

To get cryptography into work we need a cryptographic algorithm. Cryptographic algorithm is simply a mathematical function (but it is not a simple function) that converts a plain text into a cipher text and vice-versa. This conversion from plain text to cipher text is called encryption, and reverse process is called decryption.
Example of encrypting a word
Plain text : cat
Cipher text : 13111201

Now how to convert this cipher text into the plain text again? To do this you need to find the key that I used to encrypt this text.
            
            Key: I have used 1 to separate letters, and letter positions in the alphabet to represent the                      letter.
           
            Now you know the key to decrypt the cipher text, you can now read the message.

Let’s come to the real world. Generally, we use two different methods for do this cryptography process.

1.Secret Key Cryptography (Symmetric Key Cryptography) (Private Key Cryptography)

In here we use a same key to encrypt and decrypt the message.


After sending an encrypted message to another end. The sender must send its private key to the other end unless receiver cannot decrypt the message. There occurs a key distributing problem. That if we send the key in the same channel where the message is sent. Then a hacker or an exploiter can get our both message and the key. Therefore, our message is vulnerable. This is the biggest problem in secret key cryptography. To overcome this issue, we must use a trusted third party to distribute the key or we can pre-shared the key and keep it secret between two parties. Verisign is a popular key distributing service. When data is not going anywhere this method is very efficient. However, this is quite expensive when transmitting data due the key distribute problem. This problem is solved in the public key cryptography. AES (advance encryption standard), DES (data encryption standard) are popular algorithms for secret key cryptography.

2.Public Key Cryptography (Asymmetric Key Cryptography)


The main problem in symmetric key cryptography was solved by public key cryptography. This method was introduced by Whitfield Diffie and Martin Hellman in 1975. This is also known as asymmetric key cryptography for the reason of using two keys to do the cryptographic process. OK let’s discuss how this works. There are two keys, one is public key, and another one is private key. You publish your public key to the world while keeping your private key secret. Now anyone with your public key can encrypt and send a message that can only be decrypted by using your private key. And in the same way when you have someone’s public key you can encrypt a message that can only be decrypted by his/her private key. By this way we don’t need to send our keys anywhere. We don’t get the key distribution problem here. RSA (Ron Rivest, Adi Shamir, and Leonard Adleman name for its inventors), Elgamal (named for its inventor, Taher Elgamal), Diffie-Hellman (named for its inventors) are some famous public key cryptographic algorithms all are named behalf of their inventors.



Tuesday, October 16, 2018

SPECTRE AND MELTDOWN

What Is Spectre and Meltdown?

Spectre and Meltdown are two vulnerabilities that affects nearly every computer chip which manufactured in the last 20 years of time. On 1st of June 2017 researchers working on Google Project Zero has discovers these 2 major security flaws in modern processers. This came to topic early this year at the Consumer Electronics Show 2018. A technique called Speculative Execution which is widely used to boost the performance of modern processors has caused these bugs.

What Is Speculative Execution?

This is a technique which is widely used in modern processors to enhance their performance in a massive level. What this does is, it predicts what will user do next in the future and  processes these data. And these processed data will be kept in the CPU s cache for quick access. If user execute the predicted instruction then CPU can respond fast because data is already processed. Due to this technique, work is done before it is known whether it is actually needed. This is the vulnerability that Spectre and Meltdown tries to exploit.

Meltdown

Operating system stores sensitive information in a protected area on the main memory. So, the CPU makes sure that the no program allowed to read data from this area of the memory, except the operating system. But when speculative takes place these laws does not enforces, and that leaves a space for exploits.
Let’s take an example:
               Now imagine user’s login details are stored in the protected memory. There is a program which requests that memory from CPU, but CPU won’t allow this operation to happen. But here program tricks the CPU in another way lets take a piece of code

          If (user’s password’s first letter==’C’) 
             {
                  Load something, imagine it is pic.jpg;
             }

Now processor would check the condition but it won’t allow the program to run it. but speculative execution will check the condition and do the rest of the code. Because it does not check whether program is allowed or not it processes the next instruction and stores in the cache. But it won’t let the program to know it because program cannot access the protected memory. Now the program does the tricky part it tries to load the same file pic.jpg and measures the time that it takes if the time is significantly low then that means that pic.jpg is already loaded and it is in cache. That means the condition of the above code is true. Otherwise speculative execution won’t load the pic.jpg to the cache. Like that a hacker can steal sensitive information from our PC. This is called as Meltdown.

Spectre

This is also a vulnerability which can be exploited to get any data not only from protected memory but also in program’s memory space. There is a technique called branch prediction in CPU which is used to understand patterns in executing instructions.

Let’s take an example:

Imaging that most of the time you go to My Computer you open disk D. Now CPU tracks this activity and next time you go to My Computer CPU will process the data in disk D and stores them in the cache to provide fast access to disk D when you open it. Now at this time you don’t go to disk D therefore those processed data are thrown to an unprotected cache. So, a hacker can access this data by using a side channel attack. This Spectre vulnerability is hard to overcome this is a hardware level vulnerability to overcome this whole architecture should have to be changed.

Stay Safe

Main reason for these vulnerabilities is Speculative Execution. But it boosts the CPU performance by a massive level. So, removing speculative execution is not a best action. But now most of hardware manufactures and Operating System Developers have released security updates and patches for these issues. But we cannot tell how effective those software solutions for these hardware level problems. But something is better than nothing. In the future hardware manufactures will design their micro processors to minimize these threats. AMD are already protected from these threats. Because they do not let speculative execution with protected memory. 

Monday, August 27, 2018

"Bro Can You Hack That Facebook Account for Me?"



This question had been asked from me many times by my friends.. But can we actually do that? Can we hack Facebook ?NOOOOOOOOOOOOOOOOOOOOOOOO....(It would be extremely difficult thing to do..)

Why hack whole Facebook when you need only one specific one.But the thing is if you want to get into someones account you have no any other way unless get its username and password.But Even when you have its login details you cannot login to someones account if they have activated two factor authentication. Facebook has provided many security features to our accounts. But the thing is many of user does not use them to protect their accounts. So anyone with a slight knowledge in HTML and PHP can easily flatter you to get your login details.

There was a recent phishing attack that many users get caught.
It saying that video of you is in Facebook to view that video they asks your login credential.When you give your credentials it does not go to the Facebook ,it goes to the attacker.There it can log into your account and spread the message.







Look Carefully the Address is not related to Facebook and also that enter button text is also wrong "Entrar"


Lets See How To Design Something Like This..
 To Do This You Should Have a slight knowledge in

  • HTML/CSS
  • PHP
  • Social Engineering Skills(To Trick Your Victim
Here is an example done by me.(Do Not Enter Your Login Details)
(Note : When I was designing this there was singing context and a online voting system for that on a university called SLIIT therefore I made that webpage as SLIT Vote Context. Take It easy..)

First You Have To Design The Front End Of Your Fake Web Page..You Have To Do This Very Carefully You Have To Design This Look Very Professional.Unless Victim will Suspect The Web Page and Refuse To Enter Its Login Details..




That Is How I Designed(It Is Not So Good..Try To Do It Better)

I've attached the html codes for the page.You Can Download It Here If You Want.

After That You Have To Make The PHP Part.This is the most important part.You Have To Get Those Login Details From That HTML Forms and save them in a text file.

You Can Get The Php Codes Here.
(Note You Cannot Run php in a normal environment you need a server environment to run php files.Better Install WAMP OR XAMP and run those files in localhost.)

Now You Have To Find  A Web Host To Deploy Your Site.There Are Plenty of free web hosting services. My Favorite is 000webhost It is very clean and easy to operate.
Create a Free account and  upload the files to the host.Then It Will Give You a Web Address By Using You Can Deploy The Attack.The text file which records the login details of users will be stored in the host's storage.You can access it any time and see who have given you their accounts..Even You Get Someones Login Details You Cannot Access Their Accounts If They Have Enabled Two Factor Authentication..

Here Is The Link To Complete Project.

Note This Is Only For Your Knowledge...

Saturday, August 18, 2018










I have searched all the web to find the chords to this song. I couldn't find anything satisfying. Thereofre I decided to make my own chords to this song(with the help of few sites).Here I post it,it may have some faults in correct them in comment section.Hope you enjoy it...


F#m   A   E   D 


F#m
Oyaa windapu dukak hinawela inna
A
Mata vinadi thunai giye oyaa andawanna
E
wachana thunai oona randu wenna
D
oya rawatuna poddak hithala balanna
    F#m
oya,hamadeema kara mawa sathutin thiyanna
A E
mama hadema kale oya andawala ridanna
D
eeth oya dakapu palaweni dawase indan heena mauue ekata nidiyanna
F#m
sindu kolawala liuue
D
mama kiuue eewa oyata kiyala
A     E
hitha yata hitiye oya witarai,oya witarai hinaune mama hinda
F#m
lan une riddanna neme
     D
passe aapahu ganna hithan mama hitha dunne
A
oya thaamath eka tana eeka neme prashne
E
oya dangakaranawa mage hitha asse


F#m    A
mal ihiruna
E D
mulu lokaya neth yomalaa
F#m      A    E    D
maa thaniwela ada danduwam labami maa
    F#m A        E
kandulu gaane watune aage sonduru handa aa
  D
nihanda keruwa
F#m   A
lowama dutu aa sayan gatha wuu
     E D
anduru seeya milina keruwa..


F#m
sinhawa uduru gaththa, oya
E
sellamakata patala gaththa
A
jeewithe udura gaththa
D
sellakkaarayaa mamai...//


F#m
saththai tibba mata podi kakkumak
A
thithtahi mata mee jeewithayak
E
oya paanen liuuath ape kathaawa
D
mama pansalen liuue makanna hithana
F#m
sudu gaume rathu lakune
A
jeewithe dunnath oya mata sathutin
E
aadara binduwak thibe naa
D
mage eka lee binduwakawath oyaage naame
F#m
oya windeuua mama winda
A
jeewithe kalu una mama hinda
E
kiuua rata wate hapankam
       D
watakaran mithuran mage hathuran karan mata danduwan

F#m
api apitamam gathu pinthure
A        E
gilihunu ratatatama mage athe siduren kaamareka ada kaluware
      D
mama udura gaththe numbe jeewithe



F#m    A
mal ihiruna
E D
mulu lokaya neth yomalaa
F#m      A    E    D
maa thaniwela ada danduwam labami maa
    F#m A        E
kandulu gaane watune aage sonduru handa aa
  D
nihanda keruwa
F#m   A
lowama dutu aa sayan gatha wuu
     E D
anduru seeya milina keruwa..
C#m
sinawa uduru gaththa
E
sellamakata patala gaththa
A
jeewithe udura gaththa
Ab/Abm
sellakkaarayaa numbai...//


F#m
sinhawa uduru gaththa, oya
A
sellamakata patala gaththa
E
jeewithe udura gaththa
D
sellakkaarayaa mamai...//


F#m    
kandulu gaane watune
    A
aage sonduru handa
E D
aa nihanda keruwa
F#m    A
lowama dutu aa sayan gatha wuu
   E   D
anduru seeya milina keruwa..

F#m A   E D  

Saturday, February 3, 2018


I have searched through all the web to find the chords to this heart touching song. I couldn't find anything matching. So I decided to make my own chords to this song.Here I post it, may have some faults in chords comment them..Hope you enjoy it...


Song   -Mathakayan Hitha Parawai (A Level Movie Theme Song)
Artist  - Nadeemal Perera
Beat    - 4/4
Key     - Am

Intro
Am         Dm
G             C
F              Dm
E7           Am

Chorus
Am                Dm
Mathakayan hitha parawai
G                   C
wasanthe kohedo gihin
F                              Dm
jeewithe thenaka nawathila
E                    Am
meki yai piya satahan
    E
Paasalen


Interlude
Am         Dm
G             C
F              Dm
E7           Am


Verse1
Am                                E
senahasak naawidin awidin giya
F                      G                  C              
mudu wadan mathaken gilihi giya
E              A             Dm             
hasarella sulage dewati giyawe
G                   Ab           C           
bindunu sitha paaruna rahase
   E
Aayemath


Interlude
Am         Dm
G             C
F              Dm
E7           Am/G/F


Verse2
Am                                         E
wasanthaya horahin asalin giya
F              G                 C                        
raathriya digu wi bondawi giya
E                    A                 Dm
matama ma athaheri noheri giyawe
G             Ab          C
paluwe thani una mathake
   E
Aayemath…

Chorus…


Sunday, October 13, 2013

Some Windows Users Don't Know How To Enable Hibernate Feature. This Simple Tool Will Help You In It.

Hibernating feature is very useful in windows operating systems. It helps to save current season on shutdown. But in some windows operating systems hibernating feature is hibernated so I found this for you .

Download


or