HOW EMERGING TECHNOLOGIES LIKE IOT (INTERNET OF THINGS) INTRODUCES PRIVACY RISKS AND WHAT STRATEGIES CAN COMPANIES ADOPT TO MINIMISE THESE PRIVACY RISKS?

HOW EMERGING TECHNOLOGIES LIKE IOT (INTERNET OF THINGS) INTRODUCES PRIVACY RISKS AND WHAT STRATEGIES CAN COMPANIES ADOPT TO MINIMISE THESE PRIVACY RISKS?

 

INTRODUCTION TO IOT

The term Internet of Things (IoT) generally refers to scenarios where network connectivity and computing capability extends to objects, sensors and everyday items not normally considered computers, allowing these devices to generate, exchange and consume data with minimal human intervention.
The Internet of Things (IoT) is an emerging topic of technical, social, and economic significance. Consumer products, durable goods, cars and trucks, industrial and utility components, sensors, and other everyday objects are being combined with Internet connectivity and powerful data analytic capabilities that promise to transform the way we work, live, and play.

Projections for the impact of IoT on the Internet and economy are impressive, with some anticipating as many as 100 billion connected IoT devices and a global economic impact of more than $11 trillion by 2025.

At the same time, the Internet of Things raises significant challenges that could stand in the way of realizing its potential benefits. Attention-grabbing headlines about the hacking of Internet-connected devices, surveillance concerns, and privacy fears have already captured public attention.

Technical challenges remain and new policy, legal and development challenges are emerging.

WHAT IS PRIVACY?

When something is private to a person, it usually means that something is inherently special or sensitive to them. The domain of privacy partially overlaps with security, which can include the concepts of appropriate use and protection of information.

Privacy may also take the form of bodily integrity. The right not to be subjected to unsanctioned invasions of privacy by the government, corporations, or individuals is part of many countries’ privacy laws, and in some cases, constitutions.

Information privacy is the right to have some control over how your personal information is collected and used.

HOW DO MODERN TECHNOLOGIES INTRODUCE PRIVACY RISKS?

As individuals will have their daily activities and behaviours measured, recorded and analyzed, there is a pressing need for developers and policy-makers to turn their minds to informing consumers and citizens as to who collects what kind of personal information, how it is then stored, used and disclosed to whom and for what purposes.

Privacy principles dictate that users should be able to keep control of their data as well as to be able to opt-out of the “smart” environment without incurring negative consequences. How will this unfold, and will traditional privacy principles be addressed?

Before we too readily endorse smart devices and sensors that can send information about many personal aspects of our daily lives into the cloud, it is essential to have an informed discussion about the implications of the Internet of Things and to plan the integration of privacy principles and safeguards into the conception and implementation of the many smart environment components.

Information collected by sensors within objects that are connected can yield a tremendous amount of data that can be combined, analyzed and acted upon, all potentially without adequate accountability, transparency, security or meaningful consent.

 

  • IDENTIFIABILITY OF INTERNET OF THINGS DATA

In some instances, device tracking is said to involve aggregate, anonymized, or de-identified information. Broadly speaking, aggregate information can be thought of as “compiled or statistical information that is not personally identifiable.” Even aggregate information, however, could lead to an identifiable individual, as research has shown.

While some have argued that the information at issue in the Internet of Things environment is anonymous or pseudonym zed, there are difficulties with anonymizing information in this context. As the Article 29 Working Party (US-based Law on Technology) has noted, even pseudonym zed, or anonymized data, may have to be considered personal information.

While tracking in the Internet of Things involves the tracking of a device, the motivation is to understand the behaviour of the individual behind the device. Indeed, value is derived from rich information about the individual, their activities, their movements, and their preferences. When inferences are made about the owner of a device, it raises the question of whether it is the device being tracked or the individual.

A report from the European Commission found that objects in the Internet of Things can become like extensions to the human body and mind with enhancements such as embedded intelligence and knowledge.

In addition, long-term patterns of location data attributed to a particular device can potentially reveal information about where a device is located at certain times of the day or night, which could potentially identify work or home locations.

  • ACCOUNTABILITY IN THE LAND OF MACHINES

Accountability is a key principle in privacy law. To be accountable, an organization needs to be able to demonstrate what it is doing, and what it has done, with personal information and explain why. This may be easier said than done in the Internet of Things environment where there is a multitude of stakeholders, such as device manufacturers, social platforms, third-party applications and others.

Some of these players may collect, use or disclose data, and can have a greater or lesser role in its protection at various points, though where to draw the line between them can be challenging at the best of times. For example, who is ultimately responsible for the data which the smart meter broadcasts?

The homeowner who benefits from using the device, the manufacturers or power company that provided it, the third-party company storing the data, the data processor who crunches the numbers, all of the above, or some combination thereof? And to whom would a privacy-sensitive consumer complain? Should privacy be breached, where do the responsibility of one party end and another begin?

Mapping dynamic data flows and setting out the responsibilities and relationships between various actors could help clarify how information flows among the parties and can help inform the basis of an organization’s privacy management program.

In the case of “machine-made” decisions, developers and owners of the underlying algorithms, systems and products may find it even more challenging to demonstrate accountability.

In addition to this vexing issue, the legal and ethical responsibilities in the case of errors or accidents are far from clear. The scope of privacy management programs and the level of accountability organizations are expected to demonstrate, will be complex in the Internet of Things environment.

  • HE SAID, SHE SAID, IT SAID: ACCESS AND CORRECTION RIGHTS

Access and correction rights are squarely related to accountability and transparency. How will an individual know to ask for their information and challenge its accuracy, if they never become aware that it was ever collected? Similarly, how will individuals determine what organization they should seek out to gain access to and, where necessary, correct their personal information?

Canada’s privacy laws in both the public and private sectors are heavily reliant on the complaint process as a mechanism for helping individuals challenge organizational decisions made about them. This model works well when there is an obvious organization to contact or a list of information banks, but breaks down when the collecting organization is difficult to pinpoint.

What would be an effective way to map dynamic data flows and make them explicit and transparent for all to see so that individuals could more meaningfully exercise their access and correction rights?

WHAT IS ETHICS?

Ethics is based on well-founded standards of right and wrong that prescribe what humans ought to do, usually in terms of rights, obligations, benefits to society, fairness, or specific virtues.

WHAT ARE APPLICABLE ETHICAL NORMS?

Applicable ethical norms which can act as guidelines, as well as instruments of measurement, must be formulated to address these ethical issues. The following forms can be distinguished: truth, freedom and human rights.

HOW ETHICS ARE RELATED TO PRIVACY ISSUES?

Fig: How are Ethics related to the Privacy Risks?

As per the above-mentioned definitions, morals and ethics refer to social behaviour standards in the IoT field. Most of the ethical debates are about property rights, accessibility, private use of information.  Ethical behaviour requires enforcing the following:

1.      Privacy of Information

2.      Access to Information

3.      Integrity of the information

It follows that ethical issues in the IoT field have appeared, such as:

  • Author Identification:

The correct identification of the author of the data collected in a typical IoT system will be hard to determine. There is also a concern about using the data without the patient’s permission.

  • Public and Private borderline:

IoT omnipresence will make the borderlines between private and public life virtually transparent, in the absence of defined boundaries for user’s information.

  •  Peoples’ life attacks: 

Hackers or virus attacks in typical computer systems may cause either data loss or physical loss of the computer system. In the IoT attacks, the loss will not stop at this point, it will exceed to the point that it will directly affect people’s lives.

For example, if an attacker can log into a typical IoT medical application, a small change in a patient’s information may result in the wrong medication, which will affect the patient’s life.

HOW CAN COMPANIES MITIGATE PRIVACY RISKS?

Companies can take these five steps to prepare for the introduction of IoT-based systems to ensure the security risks do not outweigh the business benefits.

1.    Encrypt Data

Regulations like Payment Card Industry Data Security Standard (PCI DSS) and the updated Markets in Financial Instruments Directive (MiFID II) recommend that all digital data transmitted over the internet should be encrypted, which means that if someone manages to access sensitive data, they won’t be able to read it.

Organizations should consider encrypting data using firewalls to protect IoT web applications, wireless protocols with built-in encryption and the Secure sockets layer networking protocol (SSL) for online tools.

2.    Improve Data Authentication Processes

Often, the most significant issues with IoT security are not linked to the devices or tools themselves, but to the passwords and authentication methods that employees use to access their accounts.

Improving Authentication processes can be one of the best mitigating factors.

3.    Manage Software and Hardware

Security for IoT needs to be implemented on multiple levels. From a hardware perspective, it is important to store devices securely by keeping them locked away, for example, and limiting the number of employees that can access them.

From a software perspective, organizations need to remember that IoT implementations need to be upgraded over time. 

4.    Isolate IoT devices

For the safety of enterprise networks and personal information, it is often a good idea to isolate IoT devices. “This means that if someone hacks into an IoT device, they won’t necessarily be able to access the entire business technology stack and related personal information.”

Some of the underlying architecture models available for IoT implementations include:

  • Device to device: The IoT applications in the same network connectivity via protocols such as Bluetooth.
  • Device to cloud: The IoT devices in an enterprise network connect directly to the cloud and transfer data accordingly.
  • Device to gateway: IoT devices relate to a digital system through a portal, translating protocols, filtering data, and encrypting information at the same time.

Most of the security practices involve taking a multi-layered approach to protecting connections and devices.

5.    Invest in mobile monitoring

By far, one of the most effective IoT security services that any business can invest in is mobile device monitoring. “While end-to-end encryption and soiled networks are essential, there’s nothing more crucial than knowing the current status of all your IoT devices in real-time.

CONCLUSION

As individuals’ activities and behaviours are measured, recorded and analyzed, there is a pressing need for developers and policy-makers to turn their minds to informing consumers and citizens as to who collects what kind of personal information, how it is then stored, used and disclosed to whom and for what purposes.

If transparency concerning tracking by devices in the world of the Internet of Things is significant for our relationship with the private sector, it is equally important in our relationship with the government.

It should not be surprising that the richness of information gleaned from the Internet of Things collected for commercial purposes might attract the interest of law enforcement agencies and governments.

Technological development in the context of the Internet of Things has not been matched by an equivalent evolution of overarching privacy governance models.

Not much consideration has been given as of yet to the many privacy implications of having an extraordinary amount of data points that could be collected, aggregated across devices and analyzed not only by the device owners but also by other third parties unknown to the individual.

One key challenge is that, as these technologies become ubiquitous, we may have little or no warning or awareness that they are even in place; they simply become part of the backdrop of our daily lives.

How, then, can citizens who may or may not want to use this technology ensure that someone is held accountable for its use? How will they be able to challenge how the information is used, and how will they be able to give any kind of meaningful consent?

The full impact of the Internet of Things on our privacy may become more evident when its capabilities are combined with other innovations shaping our world today that track not only our activities, movements, behaviours and preferences but our emotions and our thoughts.

Time to Fasten our Seatbelts!

Time to Fasten our Seatbelts!

No, this time we aren’t traveling to places, nor are we going for a roller coaster ride. Actually, some guests are planning to travel to our place and we are the ones who need to fasten our seatbelts. Confusing enough? Okay, let me explain what that really means!

Hackers, not those actors in a science fiction movie who are pinging google.com in the name of hacking, but real life artists who are actually capable of changing the shape of the whole world in a good way but many times in a BAD way too. A good hacker i.e. an ethical hacker or a white hat hacker scans for vulnerabilities in a system and tells us about the countermeasures we can apply to strengthen our system’s defense. While a bad hacker or a black hat hacker just exploits them to gain access of our credentials, to modify our system or to deny us from utilizing our resources. But don’t get confused, any hacker can change their hat from black to white or vice versa depending upon what they fancy.

In a developing country like Nepal, though a number of people are using internet, they are either unaware or hesitant about the cyber security threats that surrounds them. From the governmental level to the public level, the measures have barely been taken to address this. The poor digital access and political instability adds to the misery of the country’s vulnerable cyber system. The Nepal Telecommunications Authority just passed the “Cyber Security Byelaw, 2020”. However, this cyber law is so young that even if someone breaches your system, the government can do very little in terms of enforcing the legal policies to help you out. So, to all the readers out there, I would suggest you to enforce your own cyber security policies to help yourself which can be done overnight unlike trying to enforce the government’s policies. How to enforce your policies? C’mon, give an hour to surf the internet on how-to and you’ll get bunch of good advices.

The black hat hackers around the world have become so dangerous that it doesn’t even take them a day to destroy the whole cyber system of a technologically underdeveloped country like Nepal. We have witnessed cyberwars breaking out between countries time and again, e.g. Russia’s manipulation of social media to sway Western elections, most notably the 2016 US presidential election. Recently, we even noticed a tiny cyber war between Nepali and Indian hackers who were there to show off their hacking skills by publicizing credentials of governmental websites. These are just the small alarms of potential cyberwars that might take place in the near future. But unlike Russia, USA, or China, we don’t have a cyber-army to protect our country. Nepalese media accumulating four or five bug hunters and saying these are the cyber army of Nepal is a funny yet one of the most serious topics that is yet to be discussed. No disrespect to those fours or fives, but this just shows the quantity that we lack in case of man power to protect our country from any sort of possible cyber security threats.

So, when are we going to prepare for the potential calamity that we might face in the near future? It’s time to think the broader way. It is not just about the cyber wars, or the sensitive information being breached. It is about the competitiveness of the country in the technological battlefield. It’s still not too late to take the right steps to make the country and its technological masterminds competent. The right steps to be taken by the concerned authorities may be:

  • Enforcing the cyber law in thwarting cybercrimes.
  • Encouraging youth to get involved in learning cyber defense skills i.e. HACKING skills.
  • Maintaining political and institutional stability to ensure stable and efficient governance.
  • Accumulating the existing ethical hackers and giving them advanced training to sharpen their skillset.
  • •        Encouraging the public to take smallest of steps towards keeping their credentials secure.
  • Sharing the information regarding cyber-attacks and potential threats through communication lines in a frequent manner.
  • Being up to date with the system.

It is not just the government or the IT professionals who needs to be ready to fight against the cyber threats, but, also the general public as well. One should know that little problems could eventually create bigger ones if no one takes an initiative to correct them. So, why shouldn’t we try to avoid these problems? Why not try to keep things secure from the microscopic levels? Why not fasten our seatbelts tighter and get ready to enjoy the ride of a cyber-highway without having to be much concerned about the hacker hurdles?      

So, Let’s go!

Article by:

Hritik Thapa

Computer Engineering

II/II

IP spoofing

IP spoofing

Various organizations are facing different types of cyber-attacks these days which have a serious negative impact on the proper functioning of those companies. And Spoofing is one of them. Spoofing is the act of disguising itself as someone known in the network. Spoofing can be applied to emails, phone calls, websites, and even IP addresses. IP spoofing creates IP packets and sends them in the network by modifying the source IP address in order to hide the identity of the sender or for impersonating another computer system or even both.

The primary way of communicating in the network is actually by sending and receiving the packets. The IP packet consists of header and payload (i.e. body). The header of the IP packet consists of the IP version, source IP address, and destination IP address while the payload consists of the actual information to be sent. The source IP address is the address of the sender and the destination IP address is the address of the receiver. In order to communicate, the sender sends the packet to the destination computer and receives the response after the receiver has received the packets. These packets are spoofed by forging the source IP address.

The attackers uses IP spoofing to overwhelm the computer services with packets of data ultimately shutting them down. There are mainly two ways to overload the traffic of the target computer using IP spoofing. The first one is to flood the selected target with the packet from multiple spoofed addresses by sending victim tons of data making them unable to handle. This is a direct method of IP spoofing. The second method is an indirect one. Here the packets are sent to many different recipients on the network using the spoofed IP address. The attacker disguises to be the target computer and send packets to other devices. Since the spoofed packets appear to be from the target’s computer, all the responses are sent to the target’s computer causing floods of packets on the target’s computer.

Illustration of the concept

The received spoofed packets appear to be from a legitimate source. In some of the networks, trust relationships are in place between machines and internal systems. In this type of network, IP addresses are used to verify machine identities to access the systems rather than user login. This type of authentication is known as IP address-based authentication. The IP spoofing method is used by attackers sometimes to bypass IP address-based authentication. There are several types of attacks that are launched through IP spoofing. Blind spoofing, Non-blind spoofing, DDoS attacks, man-in the middle attacks are some examples.

Illustration of the concept

Spoofed packets are difficult to be detected as the source IP address seems to be authorized. But there are various preventive measures that can reduce the possibility of IP spoofing. Key-based authentication should be used rather than IP address-based authentication. This will reduce the risk of spoofing. If possible, configuring routers and switches to reject packets originating from outside the local networks but claiming to originate from within will not allow the spoofed packets to enter the network.

IP spoofing is a cyber-attack that shuts down the target’s computer by flooding it with tons of spoofed packets. The attackers will have unauthorized access over the computers and networks, and in certain cases, IP spoofing may have negative impacts on the business and economy of some organizations where computers are responsible to provide services. However, IP spoofing is not always considered to be illegal. Sometimes VPN service is used or IP address is changed in order to browse the internet safely. But IP spoofing will be illegal if it is used to harm others or someone pretends to be someone else and commits cybercrime.

Article by:

Shreya Shrestha

CS-2nd year

Batch-2018

SELFIE WITH BLACKHOLE USING COMPUTER SCIENCE

Black holes are one of the most amazing and intriguing things that we can find in our entire universe. You might be curious to know its attributes. In short, black holes are the last state of a massive star, in which the core collapses within itself due to immense gravity to form a funnel in space-time, which never ends. 

This guy sounds awesome — let us get a picture of it! Well, not so fast. No particle or even electromagnetic radiation such as light can escape from it, which makes it impossible to observe.

Despite such traits, this bad boy leaves traces of a ring of light of hot plasma zipping around it, which reveals the black hole’s event horizon. Einstein’s equation predicts the shape and size of this ring, and acquiring its picture will help to verify that those equations holds the extremist of the conditions in the universe. Now, without further ado, let’s get the picture of the traceable sides of a black hole.
Again, hold your horses! Black holes are so far away from us that these rings will appear astronomically small from the earth. It’s like taking a picture of an orange on the surface of the moon. 

We have an equation:

smallest size = wavelength/telescope size

The equation says, “In order to see smaller objects we need to make our telescope bigger and bigger”. Again, even with the assistance of the most powerful telescope on earth, we cannot reach close to it. For reference, Figure: 1 is the highest resolution image ever taken of the moon, and it contains roughly 13000 pixels. However, you can nearly fit 1.5 million of those balls of vitamin C in a single pixel. So, how big of a telescope do we need to see an orange on the moon’s surface? The answer is 510.1 million km squared. You guessed it right! It’s the size of the earth! It is almost impossible to create such a thing unless you are a green guy with a UFO.

Figure 1: Highest Resolution photograph of Moon

What can we do? It turns out that we can use the magic of computers to create a computational telescope that is the size of the earth, just to take the picture. To do so, we will scatter some powerful telescopes around the globe and synchronize each of them with precise atomic clocks. These telescopes will work together to freeze lights at those instances to collect terabytes of data simultaneously (remember those atomic clocks). To make it more elegant, imagine the earth as a large spinning disco ball as in Figure 2. Now, imagine those telescopes are the individual mirrors like those disco balls, which collects light individually and then combines it to create a full picture. Though covering the whole planet with those mirrors is difficult, but, we can fill them in little spaces and use earth’s rotation to observe different parts of the image. Despite those clever tricks, there will still be gaps in the image; however, we can solve this problem by using advanced algorithms to fill those gaps.

Figure 2: Disco Ball Analogy

Did we take its picture yet?

Well technically speaking, the answer to this question is a big yes and even a big no! We can only see some samples, but there is an infinite number of possible images that are consistent with our results. Now, this is where computer science shines! We can create algorithms that can find the most reasonable image fitting our results. Those algorithms can be considered as a forensic artist who creates the face of the criminals using descriptions. The algorithm ranks the possible images and chooses the most likely image. But here’s the bummer — we have never seen black holes before. What should we assume about the structures of the black holes? We could take a little help from Einstein’s equations, but we still want the picture of what is really happening! If we relied upon Einstein too much then we will get a biased result. In other words, we would like the option open for a giant alien Vacuum cleaner to exist inside a black hole. One way to solve this problem is to impose the features of different kinds of images and see if we get the same results each time. It’s like giving the same description to different sketch artists around the globe, and if all of them produce similar faces then we can be more confident that there are no biasness. Finally, (the drum roll please!) we can complete this puzzle by putting together all of those pieces and obtaining the picture of the bad boy of the universe.

If you are planning to make a run for the Nobel Prize using this ingenious technique, then you are a bit late. On 10th April 2019, a group of dedicated astronomers, physicists, mathematicians, and engineers of Event Horizon Telescope revealed the first-ever picture of a black hole (Messier-87). Similarly, Katherine L. Bouman, a graduate-level computer science student at MIT, was credited for the development of such a powerful algorithm. Without her immense contribution, achieving this milestone would not be possible.

Figure 3: Katherine L. Bouman

Bibliography: Event Horizon Telescope, TED

Images: NASA, Event Horizon Telescope, Google images

Article by
Anurag Timilsina

Computer Engineering 1st year

KU as Hogwarts and Computing as Wizardry

KU as Hogwarts and Computing as Wizardry

If coders were wizards, their coding skills would be their wands and their codes would be the spells they cast. The magic here would be their creations!

Being the student of DoCSE here at KU, hovering around this ‘if’, we could say that we chose KU to be our Hogwarts to learn the magic of the computing world. If KU was my Hogwarts, I would find Platform 9 3/4s at Ratna Park as my King’s Cross Station

Where would you find your Platform 9 3/4s?

I have often wondered if a huge black dog that shows up at KU was an Animagus, Sirius Black and the pigeons that show up all the time at the top of our block if you have noticed, were our version of owls. But, thank god, I have not encountered any Peter Pettigrew as any of my friend’s pet or any Moaning Myrtle in the bathroom.

For many of us in the first semester, COMP 101(C Programming Language) would definitely be the Defense Against The Dark Arts, the most interesting one and in the second semester, PHYS 102 (the one with gradients, curl and divergence) would definitely be the Potions, the toughest one. Metaphorically, for me and my classmates, Manoj Sir, who taught us C, would be Professor Lupin and Ganesh Sir, who taught us Physics would be Professor Snape

What about you people?

You know, what would be more interesting with this ‘if’? Our block 9 could be the Hogwarts Castle and could have The Chamber of Secrets. And who knows, one of us could speak Parseltongue with the snakes we keep seeing while chilling at the fountain near our block. The KU canteen could be the Great Hall, where we dined together. The administration block could be the Shrieking Shack of KU. That way, Harry Potter would get to know his godfather in the KU corner. Moreover, IT Meet could be our Quidditch Cup and IT Park our battlefield
Competing teams, you better work hard if you want to grab a Snitch!

Sadly, having an Invisibility Cloak or a Marauder’s Map is quite impossible in our world. And what’s worse is that the dementors would try to suck happiness from our soul at the times of pressure due to assignments and exams. 
So, wizards, be prepared with your Patronus Charm!

Being a potterhead, I can go on and on about this imaginary wizard world at KU, and those of you who could relate, may want to add some of your imaginations too, here. However, this needs an end; an end that we can learn something valuable from. So, in order to wrap this article up in the most serious and inspirational way possible, I want to emphasize on two major things. First, there is no Sorting Hat in our world. We must recognize our strengths on our own. Second, as I said earlier, our skills are our wands, but, unlike in Harry Potter’s world, neither some Ollivander will be making any wands for us, nor those wands would choose any metaphorical wizard of a real world. Instead, we must choose and build our own wands, our own set of skills.

Finally, as a believer of magic in this real world, only one thing remains to be said, ‘Explore the magic in you, and be the wizard you have always wanted to become!’


PRANIMA KANSAKAR
CE- II/II

Khalti Payment Gateway Integration With Django

Khalti Payment Gateway Integration With Django

I was currently asked to implement a back-end feature which was payment verification of the Khalti payment gateway in an API. I did not find enough resources with clear information except for Khalti Docs which helped me understand the basic and logical concepts of integrating Khalti into Web apps. So, I learned and created a reusable Django app named django-khalti  to make it very easy for all of us to integrate Khalti into our Django project.

In this post, I will show you how easy it is to implement Khalti Payment Gateway with Django. I presume the reader knows python, basic Django and API. I will be using the Django Rest Framework and django-khalti to demonstrate the implementation. Integrating Khalti Payment to your Django project requires following steps:

  • First, create a merchant account at Khalti Payment Gateway and get your test secret API keys.
  • Then create payment at the front-end of your application through SDKs provided by Khalti Docs.
    SDKs available are:
    Web SDK
    Android SDK
    iOS SDK
  • These SDKs provide this type of response on success:
    { “idx”: “8xmeJnNXfoVjCvGcZiiGe7”,
    “amount”: 1000,
    “mobile”: “98XXXXX969”,
    “product_identity”: “1234567890”,
    “product_name”: “Dragon”,
    “product_url”: “http://gameofthrones.wikia.com/wiki/Dragons“, “token”:“QUao9cqFzxPgvWJNi9aKac”
    }
  • Now, pass the amount and token data responded by Khalti SDK on step 3 to our API, which we will create using Django REST framework and django-khalti in this tutorial, in order to verify the payment.

So, let’s get started with the tutorial.

django-khalti is a Django app based on Django REST framework to conduct server-based payment verification of Khalti payment gateway. For each payment, it can verify and return status of payment through transaction token and paid amount.

  • Install the django-khalti and Django REST framework like this:
pip install djangorestframework 
pip install django-khalti
  • Add “django-khalti” and “djangorestframework” to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [
 …
‘rest_framework’,
‘khalti’,
]
  • Include the django-khalti URLconf in your project urls.py like this:
path(‘khalti/’, include(‘khalti.urls’)),
  • Add Khalti Merchant API key and Verify URL in your settings.py:
KHALTI_SECRET_KEY = “<your api key>” 
KHALTI_VERIFY_URL = “https://khalti.com/api/v2/payment/verify/"
  • Test your endpoints like this:
POST: /khalti/verifypayment/
body:{
    'token':<transaction token>,
    'amount':<transaction amount>
}
  • You will get responses like this:
On Success:
    {
        'status':True,
        'details':{
                      "idx": "8xmeJnNXfoVjCvGcZiiGe7",
                      "type": {
                        "idx": "e476BL6jt9kgagEmsakyTL",
                        "name": "Wallet payment"
                      },
                      "state": {
                        "idx": "DhvMj9hdRufLqkP8ZY4d8g",
                        "name": "Completed",
                        "template": "is complete"
                      },
                      "amount": 1000,
                      "fee_amount": 30,
                      "refunded": false,
                      "created_on": "2018-20T14:48:08.867125+05:45",
                      "ebanker": null,
                      "user": {
                        "idx": "cCaPkRPQGn5D8StkiqqMJg",
                        "name": "Test User",
                        "mobile": "98XXXXXXX9"
                      },
                      "merchant": {
                        "idx": "UM75Gm2gWmZvA4TPwkwZye",
                        "name": "Test Merchant",
                        "mobile": "testmerchant@khalti.com"
                      }
                }
    }

On Error:
    {
        'status':False,
        'details':{'token': ['Invalid token.']}
    }

That’s all. It’s this easy to integrate Khalti payment gateway into your Django application.

Aashish Dhakal,
CE III/I,
Kathmandu University

Are you Alive?

Are you Alive?

The topic is creepy and that’s why you are here. Perhaps you could answer it or can you? It’s the most reasonable existential question that should bother you, instead of facing an existential crisis just by looking at those messages your crush didn’t even bother to open up. The question itself is doing a great job by striking right in your self-esteem, perhaps even cursing me for being such a jerk who now questions your existence.

‘O boy, that’s an obvious thing right there, isn’t it? Come on now, what are you telling me, that I ain’t alive? that I breathe and my heart beats, and I fulfill every point that a grade five science textbook describes,” What living things do” and there you are, questioning that very thing. That’s completely a nonsensical question.’

I recall the TV ad for soap Cinthol. And guess what, the tagline was cool, ”Alive is Awesome”. Oh, all frustrated and depressed guys could sue Cinthol. Not everyone’s life is joyful. Voila! You should try that soap. Perhaps it might make you awesome. Nonetheless, there is no such lie in soap that could neutralize the boring and pitiful lives most of us are having. ‘Hold on! I am not having a pitiful life. How dare you say that?’ Well, ask yourself. We all are organic machines programmed with intelligence. We are routined with contemporary civilization. You and I follow the very thing like most of our colleagues in this earthly office, let’s forget about those in ISS. Not that ISS, International Space Station, you fool. They abandoned us to live in these noises, so let’s not include them.

The routine is obvious. You are conceived and born, even if you didn’t ask for it. That’s the way it is with gods, I guess. You eat, you survive and then you die. That hasn’t changed for millions of years. Modern Humans have a lot to worry about between these events. The worries for food, predators, and shelter are replaced by enormous psychological titanosaurs. You crave dollars, power, fame, career, sex, knowledge, and rush every day to achieve something more. You don’t work for your satisfaction, instead, you work for money, power, and career. You don’t study for knowledge, but for the sake of accomplishments. I am no different, either.

There is always someone whom you idealize and wish your life was as good as his. ‘That’s right. I want a life like Richie Rich, Sexiest Sexy, highly Famous, Trumpet Trump, or Happiest Happy.’ Let’s not hop into fantasies right now. Let’s talk about someone closer not whom you want to be but envy his super chilling chills. What about the lazy neighbor’s son who according to you is the most chill man alive. He doesn’t study, doesn’t do any work. He eats, sleeps, and spends his days like, there is nothing to worry about. He is Lord Shiva with heavenly psychedelics. He is Jesus with Mark Manson’s Books instead of the Holy Bible. He is Buddha with no care for enlightenment. He is Allah with pervert Mohammad instead of prophet Mohammad. In nutshell, he lives.

But does he? His mind is a battlefield worse than Pearl Harbour. His life is joyous to others but a nightmare to him. In between the false relaxation, the questions ‘What am I doing with my life? Who am I?’ haunts his subconscious mind. In one way or another, we all have asked ourselves such questions with piles of self-doubt and reason for unhappiness. Even if you are following everything Manson said-“I ain’t giving no fucks. Well, What is it? Is it, you not being the ideal lover or an ideal child or an ideal parent or ideal whatever?” Is it the will or pressure to achieve polished stature in society than your friend over there? Is it the will or pressure to be an outstanding and lustrous man in the crowd? Everyone knows there is competition everywhere. Whether it’s with the animals or between us humans for adaptation. You survive to impress others.

Amygdala is responsible for multiple emotional responses, like love, fear, anger, and sexual desire. The evolution of the amygdala in humans is one of the reasons we are called social animals: by ourselves. Society is cool. Biological parents are emotionally attached to their offspring. You love your crush and you hate that ill-minded moron. Thanks to Amygdala. But it is due to such parts of our brain that we need therapists to listen to us while we break down our brain in their cozy couch. Americans are ahead of civilization so the therapeutic business is booming there. An underdeveloped country like us is so far in the chain that most of us don’t even know that the worries in our head and our sleepless nights could be cured in those magical couches. There is a great prospect in therapeutic business as long as people realize something is wrong in the amygdala. God, I should have approached Psychology instead of Engineering in school.

I think the Stone age was better than today. Just worry about fire, food, and the claws and sharp teeth of predators and enjoy the metabolism. But then, who would question life?. The question is not some personalizing self-enriching question as productivity writers would creatively misplace them in their fancy books. What counts as being alive? Being happy? Well, that could be a point but dopamine and serotonin injected in an organic robot wouldn’t make it more alive than us. What is it that makes us humans human? If being alive is just to perform biological acts, then we are no better than a louse connected to a powerful microprocessor. Do you really think you are alive? Do you think that you were alive the moment your soulmate kissed you? Did you feel alive when you became the reason for tears of joy in the eyes of the people who matter the most to you? Did you feel breathing when you reached the top after hours of hiking? What about the moment when you excreted after holding it for too long? And there are certainly many such instances when you really feel the breath, the heart’s pumps, and the simple existence in the vast voids of nothingness. Those instances were very momentary and played a crucial role in reminding our processors that this very instance of our time is not as alive as those instances. Alright then, is it those beautiful memories that we cherish, and such moments of true joy make us alive? Is it only the good things that trigger your life? Does your existence solely depend upon those sparks of lifeless electrons that make you feel good? Is being alive nothing but ‘not being alive’? What is alive? I will leave you with the very question that dragged you in this pitiful article.

Why ache your head when you can binge-watch resting on the cozy couch and who cares about the existence? Why should I give my opinion or anything at all? If these questions are popping up in your head then congrats buddy, the doomsday clock is ticking and the existential crisis that you easily left undealt in the corner of your brain, right beneath the comfort zone, needs to be excavated. You could let those hormones fool you and rely totally on gods, or you could dig up the grave while there is still time and pave your way to the afterlife and beyond. There are many things to question and time is relative, you may say.

Let’s not put this aside again and think about it cause it’s your life at stake. Question yourself: Are You Alive? Where do you stand in this vast universe? Is death even real if you’re not alive in the first place? Why are you ‘YOU’? Let us be our own Buddha.

Sagar Paudel,
CE II/I,
Kathmandu University

Thought-provoking questions about the Future of Technology raised by Movies

Thought-provoking questions about the Future of Technology raised by Movies

In the distant future, the interactions between human and computer may be vastly different than it is now. With the emergence of technology such as Artificial Intelligence (AI) and cloud computing, the world will not be the same again. In this article, the term AI is an artistic representation of AI, which is to say they are conscious and ever learning as humans. The following are some movies that portray the future and trigger the brain to raise questions about future technology.

Movies such as Her, Blade Runner, and the episode ‘San Junipero’ of the TV series Black Mirror have tried to imagine the future artistically and show a representation of how the story of humans and tech may turn out to be. They each have their own version of the future, ranging from optimistic and joyous to dark and gritty. These are all fictitious stories, and the future may not be the one portrayed in these stories.

In the movie Her, the protagonist falls in love with an AI and vice versa. They do not have a conventional relationship and thus face many problems. This idea of interconnection between AI and human is of noble emergence in itself and raises many questions. Is AI even capable of growing human emotions? Will they ever do in the future? Can we actually program emotions into lines of code?

The movie Blade Runner has many thought-provoking ideas as well. In the movie, the protagonist and his significant other are not human. They also share the feeling that their relationship is not the same as a normal human relationship. In the future, we may have to consider AI rights and to what level do these rights come to. Are AI rights equal to human rights? Do they have the right to love or reproduce? Or do they have the fundamental right to exist like humans?

‘San Junipero’ deals with a technology that allows the human mind to be uploaded to a cloud where people can choose to be in. The people in the cloud do not have a body due to various reasons such as diseases or disabilities, and the only physical space they occupy is a storage device. Now, with this technology, the difference between an AI and a human is blurred even further. Both of them do not have physical bodies and exist only electronically. Are they human anymore? Do they retain the rights they had as humans?

I do not know the answers to these questions, only time will tell if these works of fiction become a reality or not. Regardless, these are important questions people have to ask while developing technology if they are to be anywhere close to these works of fiction.

Ayush Bajracharya,
CS II/I,
Kathmandu University