Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Security

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  Bad code plagues business applications, especially Java ones

A new study examining 365 million lines of code in 745 applications identifies bad coding practices that affect security, performance and uptime, with Java Enterprise Edition applications having the greatest number of problems. Cast Software, which makes tools that automate the analysis of business applications, examined programs written in Java-EE, .NET, ABAP, C, C++, Cobol, Oracle Forms, and Visual Basic, used across a wide range of industries from energy and financial services to IT co...

   Program,Security,Defects,Java     2011-12-09 07:42:51

  Arrays.equals() vs MessageDigest.isEqual()

Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29

  Create wireless hotspot on your smartphone

It's now very common that you may not get Internet connection in first few days when you move to a new place. And you may have some important things to handle or you may just want to connect to Internet and share with others your new place. If you have a smartphone which has enough mobile data package, then you are on the way to enjoy Internet. Today we will introduce how to create a wireless hotspot on your smartphone with Samsung Galaxy S3 i9300. Step 1 Go to Settings -> More Settings ->...

   Wireless hotspot, Smartphone, Samsung     2013-01-12 23:08:39

  Generate signed certificate from CSR in Java

In our previous tutorial, we have explained how to generate CSR which can be sent to CA for generating a signed certificate. In this tutorial, we will explain how to generate the signed certificate from CSR in Java. We will not use an actual CA but a self-signed certificate to act as a CA certificate. Since the CSR contains the subject information where a certificate needs to be generated and signed for. The key here is to extract the subject information from the CSR and then set it as the subje...

   JAVA,CSR,SIGN CERTIFICATE     2020-10-24 07:03:17

  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  Java Cipher encryption/decryption example

In Java, Cipher is the API for doing data encryption/decryption. Many cryptographic algorithms such as AES, DES, RC4 etc can be specified when creating Cipher instance. The Cipher instance calls the underlying algorithm specific implementation to do the actual encryption/decryption.  Before doing the encryption/decryption, a key needs to be created and it will be used to do the encryption/decryption. A sample program for performing all these is : import java.security.Key; import javax.cryp...

   Java, Java Security, Cipher, Example, Sample     2015-08-14 07:07:10

  Top 3 Cybersecurity Trends to Watch Out for Today

One trend in cybersecurity that never changes is that it’s getting more important with every passing year. According to statistics, the number of cyberattacks and severity of the losses they incur are growing at an alarming rate. Every day about 24,000 of malicious mobile apps get blocked yet more pop up overnight. For a business today cybersecurity isn’t an option, it’s a necessary measure one needs to invest in heavily. And it’s essential to follow the trends and develo...

   SECURITY,CYBER SECURITY     2019-05-14 09:03:24

  Access control in Java -- Permission check order

Previously we showed you how to turn on SecurityManager in Java. After SecurityManager is turned on, a series of permission checks will be applied on the code you are calling in your application to protect some resources against malicious access such as files, sockets etc. To perform these permission checks, a set of Permissions will be created and checked using the AccessController. The AccessController has three purposes : To decide whether an access to a critical system resource is to be all...

   JAVA,SECURITY,ACCESSCONTROLLER     2016-03-07 04:17:40

RECENT