Today's Question:  What are you most afraid of as a programmer?        GIVE A SHOUT

  WRITE ARTICLE

 SECURITY


  Is 99.8% Secure Secure?

A group of researchers (Arjen Lenstra and collaborators  from EPFL Lausanne and James Hughes from Palo Alto) published a study, Ron was wrong Whit is right, of new vulnerabilities of cryptosystems. The New York Times picked up the story. Although Lenstra et al discuss several cryptosystems, their results are particularly relevant to those based on RSA. The title mirrors their conviction that cryptosystems based on a single random element have fewe...

1,494 0 0          SECURITY PERCENTAGE SECURITY INDEX


  Should All Web Traffic Be Encrypted?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...

1,765 0 0          SECURITY WEB TRAFFIC HTTPS.ENCRYPTION WIFI


  How key-based cache expiration works

There are only two hard things in Computer Science: cache invalidation and naming things — Phil Karlton Doing cache invalidation by hand is an incredibly frustrating and error-prone process. You’re very likely to forget a spot and let stale data get served. That’s enough to turn most people off russian-doll caching structures, like the one we’re using for Basecamp Next. Thankfully there’s a better way. A much better way. It’s called key-based cache expiration and it works lik...

2,994 0 0          WORK CACHE EXPIRATION KEY-BASE CACHE


  Is Shared Hosting Secure?

Shared hosting is incredibly popular with users who are looking for the cheapest hosting available – the problem is that along with the low price you get poor performance and even more concerning – questionable security. When running on a shared host dozens if not hundreds of other sites are running on the same servers – this means any single security flaw in any of those applications can compromise the entire server. This  dramatically increases the odds of your server being co...

1,733 0 0          SECURITY SHARED HOSTING VIRTUAL HOST DATA SECURITY


  Why is my IP blocked at a website I visit regularly after I changed ISPs?

I just installed a new Express Card with Verizon Broadband wireless last night. Had tons of fun accessing the web from places I usually cannot, (we are in trucking) until I got to my favorite forum. It's a public place I have been to thousands of times, but instead of happily browsing all the daily news events and checking to see if the world blew up yet, I found myself blocked by a big white screen that said YOUR IP ADDRESS HAS BEEN BANNED. What can I do? I can't go to the forum owners to ...

1,615 0 0          SOLUTION ISP IP BLOCK STOPFORUMSPAM


  Microsoft’s “Picture Password”: A Breath Of Fresh Air On The Lock Screen, Of All Places

Remember that feeling you got back when Steve Jobs was unveiling the iPhone, and he did the “slide to unlock” gesture for the first time? I remember the way he said it – “You like that? Want to see it again?” Since then I haven’t seen a lock screen interface that has made me feel that same “how obvious, how elegant!” feeling – until today at the NVIDIA press conference, and later at the Microsoft keynote here at CES. It sounds a little silly...

1,535 0 0          MICROSOFT WINDOWS 8 PICTURE PASSWORD CES


  How to secure an Ubuntu Apache web server

Securing server software is not a straightforward task. Not all of our operating environments are the same, leading to a variety of potential security vulnerabilities. However, using a few basic configuration and security options, you can stay a little ahead of where you want to be. 1. Fail2ban Fail2ban is a Python-based intrusion prevention software that detects and blocks malicious IP addresses from multiple unsuccessful attempts at software logins. In other words, if someone is attempt...

2,744 0 0          CACHE .HTACCESS UNIX SERVER SECURITY LOG


  How does CSDN dare to use plain text as password?

Recently, the China's largest Chinese IT community website named CSDN leaked its user's account information. Later today CSDN made an announcements to its users on their website. The announcement said that some user account information was leaked and the passwords of the accounts were stored as plain text in their database before 2009, and after 2009, they adopted an encryption algorithm to encrypt user password. They urged all users who registered the account before 2009 to change their passwor...

3,349 0 0          SECURITY INFORMATION LEAK CSDN PLAIN TEXT