Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- INTERNET SECURITY

  Three Simple Ways to Improve the Security of Your Web App

It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...

   Web app,Security,X-FRAME-OPTIONS,SSL     2011-12-08 10:10:20

  A Chinese Programmer Accused of Circumventing Great Firewall Faces Confiscation of RMB 1.05 Million

Recently, a programmer posted an article on Weibo claiming that he was working for an overseas company while accessing the international internet. He was subsequently accused by the Shuangqiao Public Security Sub-bureau in Chengde, Hebei of "illegally establishing and using non-official channels for international networking" and received an administrative penalty of a fine of RMB 200 and the confiscation of "illegal gains" totaling RMB 1.05 million. This is the most severe punishment reported s...

   GITHUB,CHINESE     2023-09-25 07:57:58

  Different types of keystore in Java -- Windows-MY

Windows-MY is a type of keystore on Windows which is managed by the Windows operating system. It stores the user keys and certificates which can be used to perform cryptographic operations such as signature verification, data encryption etc. Since it's a kind of native keystore, Java doesn't have a general API to access it. To help Java applications access the keys and certificates stored in Windows-MY keystore, Java provides a separate API -- SunMSCAPI. The SunMSCAPI provider is ...

   JAVA,KEYSTORE,WINDOWS-MY,SUNMSCAPI     2016-01-09 05:45:59

  Should All Web Traffic Be Encrypted?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...

   Web traffic,Security,HTTPS.Encryption,Wifi     2012-02-24 05:02:58

  HTML Site vs. WordPress Theme: Which one is better?

Are you looking for a perfect platform to set up your website? Then, there might be a close competition between the simple HTML and the WordPress platform. In this blog post, we will try to explore some points that will help you in making the right decision. Let us overview at some advantages grasped by HTML and WordPress. 1. Security of a website It has been discovered that the website running on WordPress is more vulnerable to security threats and hackers. As we know, WordPress is open source...

   WORDPRESS,WORDPRESS BENEFITS,HTML TO WP CONVERSION,HTML TO WORDPRESS,HTML WEBSITE     2015-10-24 07:36:54

  Open source code libraries suffer from vulnerabilities

A study of how 31 popular open source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. The study was undertaken by Aspect Security, which evaluates software for vulnerabilities, with Sonatype, a firm that provides a central repository housing more than 300,000 libraries for downloading open source components and gets 4 billion requests pe...

   Open source,Security,Vulnerability     2012-03-28 06:10:19

  Sorry, I don't want to download your fucking app

You should not claim yourself as a mobile Internet service provider if your product doesn't have an App nowadays. The topic cannot get away from App when we talk on bus, restaurant. Recently it becomes a little bit quiet, but the app wind does not seem to stop, it seems every website may have an App. According to data released by Apple a couple of days ago, its application store app downloads already exceeded 50 billion. However some people are not happy with this.Some people created a blog ...

   App,Update,Force download     2013-05-19 02:50:02

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  Full disk encryption is too good, says US intelligence agency

You might be shocked to learn this, but when a quivering-lipped Chloe from 24 cracks the encryption on a terrorist’s hard drive in 30 seconds, the TV show is faking it. “So what? It’s just a TV show.” Well, yes, but it turns out that real federal intelligence agencies, like the FBI, CIA, and NSA, also have a problem cracking encrypted hard disks — and according to a new research paper, this is a serious risk to national security.The study...

   FDE,Full disk encryption,Crack,Difficulty     2011-11-19 01:55:17

  Signature sign/verification demo in Java

Digital signature is commonly used in areas where data authentication and integrity are required. It is extremely important to have signature while transferring sensitive data from one peer to other peers through network since there might be malicious applications or man-in-the-middle attacks which may alter the data along the way. Java provides some APIs to generate and verify digital signature. One important class is Signature.  When generating the signature, a private key needs to be pa...

   SECURITY,JAVA,SIGNATURE     2015-11-21 09:48:12

RECENT