Today's Question:  What's your opinion about Alibaba mooncake incident?        GIVE A SHOUT



  A new SSL 3.0 vulnerability named POODLE is released

Today a new SSL v3 security vulnerability is released by Google and it affects all products which is using SSL v3 protocol as this vulnerability is introduced by a design flaw. Google revealed details of the design flaw on Tuesday, and dubbed it POODLE – short for Padding Oracle On Downgraded Legacy Encryption. It is a blunder within the blueprints of SSL 3.0 rather than a software bug, so it affects any product following the protocol – from Google Chrome and Mozilla Firefox to Micro...


  Severe SSL 3.0 vulnerability to be released

According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today. There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries...


  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...


  A completely new approach to surveillance - should you be worried?

Paranoia is not necessarily a bad thing - assuming someone is really out there to get you. True or not, the paranoid have had issues they need to control explode as the internet developed, they also got specific tools to make their secrets (or their life, not everybody has a dark secret) more secure and under control. Unfortunately to them, and to the amazement of science and science fiction fans worldwide, a new way of obtaining secrets has appeared and it’s something very few expected. ...

1,799 0 0          SECURITY

  Generate certificate in Java -- Self signed certificate

This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...

14,702 10 1          JAVA CERTIFICATE X509

  HeartBleed: OpenBSD now starts to clean up OpenSSL

Since the disclosure of HeartBleed bug in OpenSSL, some arguments emerge around the safety of OpenSSL, the largest open source SSL/TLS library used by large number of servers, applications. Some people are even starting to create their own version of SSL library. This includes OpenBSD, a famous Unix like open source operating system. Just a few days after the HeartBleed bug, OpenBSD forked a new branch of OpenSSL and started to clean up the forked branch and plans to merge it to its own cod...

2,378 0 0          HEARTBLEED OPENBSD

  HeartBleed: Inside the heart, what happens to a normal WEB user?

To be brief, our email, IM, facebook etc. are at the risk, so try to minimize the access in these few days. Especially we should try to avoid log into our internet-banking, because we may expose our user id and password. Also later when the service providers fix the bug, we would better to change a new password for all the web accounts that are important to us. Here comes the technical explanation. You might notice before that a lot of websites use URL starting with "https". For example, https:/...

2,767 0 1          ANALYSIS HEARTBLEED

  HeartBleed: Inside the heart, what causes the bleeding?

Just after a few weeks since Apple's famous goto fail bug, there is one bug in OpenSSL which catches the attention from the world again. The bug is named HeartBleed, found in OpenSSL library, a famous open source library supporting lots of  SSL/TLS communication among server/client applications. The reason why this bug catches the attentions from the world is it affects almost all sites which are using the affected OpenSSL library, these includes many applications like Nginx server, some v...

3,568 0 1          OPENSSL HEARTBLEED