📍Location: Burnaby, BC​

Napa on Sale at T&T – A Delicious and Affordable Find! 🥬​

If you're a fan of fresh, flavorful veggies, you'll love this deal I found at T&T! I picked up a beautiful napa cabbage for just 88 cents per pound. It’s hard to find prices this low, especially for high-quality produce, so I couldn’t resist grabbing one. The total came to around $3, and the cabbage was quite large—compare it to the knife in the picture for a sense of the size.

Korean Mandarins on Sale at T&T - A Sweet Surprise​

This week, I stumbled upon a great deal at T&T Supermarket, fresh Korean mandarins on sale. Curious to try them, I picked up four mandarins for just $1.40. Here’s why these juicy fruits have now become one of my favorite snacks!

📍Location: Burnaby, BC​

📍Location: Burnaby, BC​

Buy Smart!

Once upon a time, there was a shopkeeper named Tienty who ran a small store. He was well-known for selling good-quality items at honest prices. One day, a young man walked into his shop and said,

“Sir, I need the cheapest thing you have. I don’t have much money.”

Tienty thought for a moment and handed him an old knife.

“This knife is cheap, but it will break easily. If you still want it, take it.”

The young man, without much thought, bought the knife and left.

A few days later, the young man returned, upset.

“Sir, this knife broke so quickly! It was useless!”

Tienty smiled calmly and said,

“That’s the problem with buying something just because it’s cheap. It’s not worth it. What really matters is finding something that’s both cheap and good. Let me show you.”

He took the young man to the market and showed him sturdy, well-made items that didn’t cost much.

“The value of something isn’t in how little you pay, but in how well it works for you and how long it lasts.”

From that day on, the young man always looked for both quality and price before buying anything. His life became much easier and happier.

This story teaches us an important lesson, It’s not about buying the cheapest thing—it’s about buying something that’s cheap and good. That’s the smart way to shop!

📍Location: Burnaby, BC​

Canada’s Leading Asian Grocery Store​

T&T Supermarket is a popular destination across Canada for those seeking a unique shopping experience with a wide range of Asian groceries and household items. Originally founded by a Taiwanese company, T&T now offers products from China, Japan, Korea, and Southeast Asia. Loved by immigrants and local Canadians alike, it has become a go-to spot for high-quality, diverse Asian goods.

The P-NP problem is an unsolved problem in theoretical computer science regarding whether complexity classes P and NP are equivalent. In brief, it asks whether problems that can be verified quickly can also be solved quickly.

P(Polynomial):​

• Set of problems that can be solved in polynomial time(time that can be expressed by a polynomial, with variables from the algorithm's input) on a deterministic Turing machine

ex) Bubble sort has a polynomial of n(n-1)/2. It is a quadratic polynomial in terms of n.

NP(Non-deterministic Polynomial):​

• Set of Problems that can be solved in polynomial time on a non-deterministic Turing machine
• Set of problems that can be verified in polynomial time.

ex) Subset problem requires only add operation if relying on lucky guess(non-deterministic), but if solved deterministically, it takes 2^n time. It takes exponential time, not polynomial time. As the input size increases, it increases exponentially

NP-hard:​

Hardest NP problem

When all NP problems can be reduced to a problem A in polynomial time, then that A is NP-hard

NP-complete:​

It is an NP-hard problem while also being an NP problem.

Applications​

1. Cryptography:

Security of cryptography often ensured by the complexity of a computational task. if P = NP, Almost all passwords become unsafe. it means that even someone who doesn't know the password can find it in polynomial time. Although the question of what degree polynomial it will be remains, if it becomes a P problem, we can reduce the degree through research, so the current encryption system is easily collapsible.

2. Optimization:
Optimization problems can represent real-world problems like scheduling, routing, and resource allocation. If P = NP, then solving these problems efficiently would lead to significant improvements in industries like transportation, logistics, and finance.

hardware or software-based, that monitors all incoming and outgoing traffic based on a defined set of security rules. It establishes a barrier between secured internal networks and untrusted outside networks, such as the internet. The basic security functions are packet filtering and application proxy

The Need for Firewalls​

• Before firewalls, network security was maintained using Access Control Lists (ACLs) that were located on routers. ACLs are rules that determine whether network access should be allowed or denied to specific IP addresses. However, ACLs cannot determine the type of packet being blocked, nor can they keep threats out of the network on their own. This is why firewalls were created.
• Organizations require access to the internet, but to keep their networks secure, they need a firewall to block unauthorized access.

Set of Security Rules​

• Accept: Allows the traffic.
• Reject: Blocks the traffic and replies with an "unreachable error."
• Drop: Blocks the traffic with no reply.

Generations of Firewalls​

1st Generation (Packet Filtering Firewall):

A packet-filtering firewall makes decisions based on each individual packet.

2nd Generation (Stateful Inspection Firewall):

A stateful inspection firewall can determine the connection state of a packet. It keeps track of the state of network connections traveling across it, such as TCP streams. Filtering decisions are not only based on defined rules but also on the packet's history in the state table.

3rd Generation (Application Layer Firewall):

An application layer firewall can inspect and filter packets on any OSI layer, up to the application layer. It has the ability to block specific content and recognize when certain applications and protocols are being misused.

Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall; each packet has to pass through the proxy. It can allow or block traffic based on predefined rules. It can also be used as a network address translator (NAT).

Next-Generation Firewalls (NGFW)

• NGFWs are being deployed to stop modern security breaches, such as advanced malware and application-layer attacks.
• NGFWs consist of deep packet inspection, application inspection, SSL/SSH inspection, and other functionalities that protect the network from these modern threats.

Firewall filtering​

IP Addresses and Protocols:

Packet filters and stateful inspection firewalls use this type of filtering to limit access to specific services

Application protocol:

This type of filtering is used by a gateway that relays and monitors the exchange of information for specific application protocols.

User Identity:

This is for users who identify themselves with a secure authentication method.

Network Activity:

Manages access based on factors such as the time of the request, the frequency of requests, or other activity patterns.

Firewall Capabilities and Limitations​

Capabilities:

• Establishes a single choke point
• Provides a location for monitoring security events
• Convenient platform for several internet functions
• Can serve as the platform for IPSec

Limitations:

• Cannot protect against attacks that bypass the firewall
• May not fully protect against internal threats
• Improperly secured wireless LAN can be accessed from outside the organization
• Laptops, PDAs, or portable storage devices may be infected outside the corporate network and then used internally

Network Traffic​

Network traffic can be either outgoing or incoming. Firewalls maintain distinct sets of rules for both cases.

Outgoing Traffic:

Egress filtering inspects outgoing network traffic and prevents users on the internal network from accessing the outside network. For example, social networking sites can be blocked in schools. Mostly, outgoing traffic originating from the server itself is allowed to pass, but it's always better to set a rule on outgoing traffic to achieve more security and prevent unwanted communication.

Incoming traffic:

Ingress filtering is a way to protect a network from outside attacks by checking incoming traffic. This traffic is usually one of three types: TCP, UDP or ICMP. Each type has a source and destination address, and TCP and UDP also have port numbers. ICMP uses a different way to identify the purpose of a packet, by using type codes instead of port numbers. The firewall treats incoming traffic differently from other traffic.

Firewall Access Policies​

To plan and use a firewall effectively, you need to make sure it lets through the right kind of traffic. This includes things like address ranges, protocols, applications, and content types. To make this happen, you should use your organization's security risk assessment and policy to create a list of the kinds of traffic you need to support. Then, you can break that list down into more detail to figure out how to filter everything using the right kind of firewall setup.

Firewall policy​

• Default policy: The firewall has to have a default policy because it's hard to cover every rule. The default policy only says what to do (accept, reject, or drop). Here's an example: If the firewall doesn't have a rule for SSH connections to the server, it will follow the default policy. If the default policy is set to accept, any computer outside of your office can establish an SSH connection to the server. Setting the default policy to drop (or reject) is a good practice.
• User control: Controls access to data based on the user's role. This applies to users inside the firewall.
• Service control: Controls access based on the type of service offered by the host. This is based on network address, protocol, and port numbers.
• Direction control: Determines the direction of requests allowed through the firewall. It specifies whether traffic is "inbound" (to the firewall) or "outbound" (from the firewall).

Firewall Actions​

• Accepted: Allowed to enter the network or host through the firewall.
• Denied: Not allowed to enter the other side of the firewall.
• Rejected: Similar to "Denied", but the source is informed about the decision through an ICMP packet.

Firewall Security Features​

Advanced security features provided by certain firewalls:

• Logging
• VPN
• Authentication
• Shielding hosts within the network to prevent attackers from identifying them and using them as a base for prolonged attacks
• Data caching
• Filtering content deemed inappropriate

Types of Firewalls​

1. Host-based Firewalls: Host-based firewalls are software applications or suites of applications installed on each network node. They control each incoming and outgoing packet. Host-based firewalls are needed because network firewalls cannot provide protection inside a trusted network. Host firewalls protect each host from attacks and unauthorized access.

2. Network-based Firewalls: Network firewalls function on the network level, filtering all incoming and outgoing traffic across the network. They protect the internal network by filtering the traffic using rules defined on the firewall. A network firewall might have two or more network interface cards (NICs). A network-based firewall is usually a dedicated system with proprietary software installed.

iptables​

• Linux's built-in firewall
• iptables is the user-space program
• firewall in the kernel called Xtables
• iptables is commonly used to refer to both programs
• iptables [-t filter] -A INPUT <rule> -j <target>

bypassing firewall​

By using vulnerabilities and tunneling, it is possible to bypass a firewall.