Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- GIT SECURITY

  Different types of keystore in Java -- PKCS11

PKCS11 keystore is designed for hardware storage modules(HSM). It's an interface to talk to the HSMs. It doesn't actually store any keys but provide a set of classes to communicate with the underlying HSM. The actual keys and certificates are stored on the HSMs. The reason for storing the keys and materials is to ensure security and efficiency. Since the keys are on the HSMs, they are safe to be stolen. All encryption/decryption operations are performed on the HSMs as well, this incre...

   PKCS11,keystore,HSM,Java     2015-01-08 00:39:12

  Open Source (Almost) Everything

When Chris and I first started working on GitHub in late 2007, we split the work into two parts. Chris worked on the Rails app and I worked on Grit, the first ever Git bindings for Ruby. After six months of development, Grit had become complete enough to power GitHub during our public launch of the site and we were faced with an interesting question:Should we open source Grit or keep it proprietary?Keeping it private would provide a higher hurdle for competing Ruby-based Git hosting sites, givin...

   Open source,Benefits,Popularity,Advertisement,Advantage     2011-11-23 07:58:15

  30 minutes to fix Java vulnerability

On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  Building Security onto Your Mobile Application

Analysts state that more than 75% of the mobile applications will fail the basic security tests in 2015 – Gartner Research. Enterprises that follow the Bring Your Own Device (BYOD) approach and facilitate mobile computing to their employees are susceptible to security threats and other vulnerabilities, unless they implement stringent security measures. In the development or deployment of mobile applications, a business can be severely impacted both financially and otherwise, if they are to...

   Web Application Development Company, iPhone App Development Company     2015-08-21 07:22:32

  Install Kubernetes with minikube and docker on Ubuntu

When someone just wants to play around Kubernetes on its local environment without accessing to Cloud provider resources, one can set Kubernetes up on local environment with minikube with single node mode. This post will provide a simple guideline on how to set up KUbernetes with minikube and docker on Ubuntu. Before all the steps can be started, you may need to first set up kubectl which is a command line tool to operate on Kubernetes resources. Post that, can ensure that docker is installed on...

   KUBERNETES,MINIKUBE,DOCKER,UBUNTU     2021-06-01 05:37:40

  Windows Security Improvements

Traenk is still upset by his recent dive into Windows security.  So much more was promised when the merger of Windows 9x and NT lines was announced, so long ago. I honestly expected better.Long ago, Microsoft announced that it would merge the then NT and Windows 9x lines of products.  Wow!  That means a file access control system, logging, different accounts and filespaces for accounts!  Finally!  We would have a secure version of Windows for our homes!And we do hav...

   Windows,Security,Improvement,Windows NT     2011-09-02 11:54:50

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

RECENT