Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Microsoft Security

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  So, just what IS the problem with Windows Phone?

Charlie Kindel (who left Microsoft earlier this year after 21 years, most recently as a Windows Phone General Manager), posted today on an “impedance mismatch” between carriers and device manufacturers, and Windows Phone, where those carriers and OEMs are “reluctant” to push Windows Phone, while Google’s Android has taken an approach that “reduces friction with carriers & device manufacturers at the expense of end users”. Kindel seems to be imply...

   Windows Phone,Trend,Weak market,Analysis     2011-12-27 09:11:19

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  Bad code plagues business applications, especially Java ones

A new study examining 365 million lines of code in 745 applications identifies bad coding practices that affect security, performance and uptime, with Java Enterprise Edition applications having the greatest number of problems. Cast Software, which makes tools that automate the analysis of business applications, examined programs written in Java-EE, .NET, ABAP, C, C++, Cobol, Oracle Forms, and Visual Basic, used across a wide range of industries from energy and financial services to IT co...

   Program,Security,Defects,Java     2011-12-09 07:42:51

  Microsoft will drop support of IE8, IE9 and IE10

Microsoft will push the last set of security updates for IE8, IE9 and IE10 next Tuesday(January 12). Thereafter that Microsoft will drop support of these three versions of IE. These are some other old products given up by Microsoft since Windows 7.  IE11 will be the only Internet Explorer supported and Edge will be another star advocated by Microsoft. The good news is you will not get annoying notification from Microsoft anymore to ask you to upgrade your IE. But the bad news users&nb...

   MICROSOFT,IE,NEWS     2016-01-09 07:55:44

  Arrays.equals() vs MessageDigest.isEqual()

Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29

  Create wireless hotspot on your smartphone

It's now very common that you may not get Internet connection in first few days when you move to a new place. And you may have some important things to handle or you may just want to connect to Internet and share with others your new place. If you have a smartphone which has enough mobile data package, then you are on the way to enjoy Internet. Today we will introduce how to create a wireless hotspot on your smartphone with Samsung Galaxy S3 i9300. Step 1 Go to Settings -> More Settings ->...

   Wireless hotspot, Smartphone, Samsung     2013-01-12 23:08:39

  Amazon is a good company but doesn't have the best business model

Public opinion about a company is usually based on its performance. If it performs well, people will praise it, otherwise people will blame it. In 1999, Apple was still a broken apple(Steve Jobs's talent and effort was paid off yet). Public opinion about Apple was the closed model caused Apple's failure. They built hardware themselves, developed software themselves and delivered service themselves, this is certainly not sustainable. But Steve Jobs let everyone see this new model. In order to con...

   Business model,Amazon,Apple, Microsoft     2013-07-02 11:34:45

  One minute to understand earnings report of IT giants in last quarter

According to Sohu IT, if you want to know the operating status of a listed technology company, then the company's quarterly earnings report should not be missed. Now it's time for companies to release earnings report for last quarter, a few large IT giants in United States have announced the previous quarter's earnings. But many ordinary readers are not interested in those professional reports with a lot of finance jargon, so we extracted and summarized some important information from Yahoo, Goo...

   Earnings report,IT giant     2013-04-27 10:05:38

RECENT