Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- DATA SECURITY

  Apple.com is down

UPDATE : The service is back now! Apple.com is now inaccessible. It shows below "Access denied" message on its official site. It is still unknown why the service is down. And there is no ETA on when the service will be back to normal. From the error message, some people think this happens because Apple uses Akamai's security product and the security policy in place is violated. It's basically a WAF. The big issue is it takes 45 minutes for changes to propagate through Akamai's network. So, you ...

   IPHONE 6S,IPHONE 6S PLUS,APPLE     2015-09-12 00:50:17

  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

  Generate certificate in Java -- Self signed certificate

This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...

   Java,Certificate,X509     2014-07-30 07:42:18

  Android and Security

The last year has been a phenomenal one for the Android ecosystem. Device activations grew 250% year-on-year, and the total number of app downloads from Android Market topped 11 billion. As the platform continues to grow, we’re focused on bringing you the best new features and innovations - including in security.Adding a new layer to Android securityToday we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market ...

   Android,Security,Android Apps,App market,Bouncer     2012-02-03 08:03:51

  How to Prevent a Data Breach: Guide For Businesses

The consequences of a data breach are nothing to joke about. From reputation damage to regulatory fines, it is a disaster for any business. So you should always strive to do your best to prevent it. But with so many steps to take, where do you even begin? Businesses of all shapes and sizes should follow this 8-step approach: 1. Outline Your Assets Your assets, whether digital or physical, should always remain in your sight. It should be the very first step you take. Picture anything that might r...

   DATA SECURITY     2020-03-04 08:16:44

  Mobile devices are facing new threats

More and more companies allow employees to use smartphones and tablet PCs in workplace, but they are facing a new potential threat - malware embedded in games and applications.Dan Hoffman, network security company Juniper Networks mobile security director, said the application store is quickly becoming the main delivery mechanism of infected applications. Consumers purchase applications for their equipments through an online application store.As the consumers are free to download applicatio...

   Mobile device,Data security,Malicious software     2012-04-05 13:00:57

  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...

   Java,Certificate chain,Keystore     2014-08-20 03:56:39

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  Top 10 PHP Best Security Practices for Sys Admins

PHP is widely used for various of web development. However, misconfigured server-side scripting would create all sorts of problem. And here are php security best practices that you should aware when configuring PHP securely. Nowadays most of the web servers are operated under Linux environment (like: Ubuntu, Debian...etc). Hence, in the following article, I am going to use list top 10 ways to enhance PHP Security Best Practices under Linux environment. My sample setup for PHP Security Tips: D...

   PHP,code security,System admin,Advice,Best practice     2012-02-01 00:04:37

  How Technology Can Prevent Casino Cheating

Cheating has been around as long as gambling itself, which is surely since the dawn on of time. Cheating in casinos, both land based and online, can prove a huge problem, not only for those playing against the cheater, but for the individual casino operators, as well as the industry in its entirety. Preventing cheating makes casino play fairer for all involved, both operators and their clients.Fortunately, in today's day and age, we have excellent, highly developed technology that can assist cas...

   Technology,Casino     2015-07-13 02:52:44

RECENT