Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Security index

  Privacy & Security What Is the Difference?

                       When we discuss the internet today, there are two terms that we frequently here: privacy and security. While you may think that these two terms mean the same thing and are thus interchangeable, this isn’t true. As such, you’ll want to take a moment to learn the difference between these two terms. Understanding the Difference Between Privacy and Security When you open a checking account you share your p...

   SECURITY,PRIVACY,CYBERSECURITY     2018-12-27 00:29:57

  Apple.com is down

UPDATE : The service is back now! Apple.com is now inaccessible. It shows below "Access denied" message on its official site. It is still unknown why the service is down. And there is no ETA on when the service will be back to normal. From the error message, some people think this happens because Apple uses Akamai's security product and the security policy in place is violated. It's basically a WAF. The big issue is it takes 45 minutes for changes to propagate through Akamai's network. So, you ...

   IPHONE 6S,IPHONE 6S PLUS,APPLE     2015-09-12 00:50:17

  Introduction to DTLS(Datagram Transport Layer Security)

Secure communication has become a vital requirement on the Internet. Lots of information transferred through the Internet are sensitive data such as financial transactions, medical information, media streaming etc. To ensure security of data transferred on the Internet, a few secure protocols have been designed including SSL/TLS and IPsec. Many large websites in the world have adopted TLS. Apart from SSL/TLS, there is some other protocol designed to be used in special cases. One of them is ...

   JAVA 9,DTLS,TLS,SECURITY     2016-04-02 05:55:36

  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

  Useful functions to provide secure PHP application

Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...

   PHP,security,SQL Injection,XSS,AJAX     2014-10-30 04:21:59

  MySQL index optimization

Problem description: We need to access a very big table which has 40 million records. In the table, id is the primary key and program_id is indexed. When executing a select query: select * from program_access_log where program_id between 1 and 4000 The above query executes very slowly, we thought it was because there were too many records in the table. So we added id in the where condition to limit the search so that each time only half a million records would be read. select * fr...

   MySQL,Index search, Partition     2012-12-26 13:14:20

  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

  Some tricks and tips for using for range in GoLang

GoLang provides two major ways to loop through elements of array, slice and map. They are for and for range. Many people find that for range is very convenient when don't care about the index of the element. In this post, some tricks and tips would be talked about regarding for range. 1. Loop and get pointer of each element Assume there is a code snippet like below which is to get the pointer of each element in an array and create a new array with the corresponding pointer. arr := [2]int{1, 2} r...

   POINTER,FOR LOOP,GOLANG,FOR RANGE     2020-03-08 01:07:00

  Simple Strategies to Boost Your Android Phone Security

Android is one of the safest operating systems for smartphones and tablets if used correctly. Unfortunately, only a third of Android users use the latest version, and older versions are far more vulnerable than newer ones. Not to mention that many manufacturers take their time when it comes to downloading the latest security patches. A news blog Android Authority ranked the fastest manufacturers in downloading system updates. Here are the results: LG - 78 days Motorola - 88 days HTC - 95 days S...

   ANDROID,DATA SECURITY     2019-02-19 07:36:46

  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...

   Java,Certificate chain,Keystore     2014-08-20 03:56:39

RECENT