SEARCH KEYWORD -- TLS
HeartBleed: Should C be blamed for the HeartBleed bug?
There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...
C,HeartBleed,Analysis,Code review 2014-04-14 03:52:55
Things to Look for in Microsoft .NET Framework 4.7
The .NET Framework 4.7 is the updated version of the .NET Framework 4.6.2. It can run along with earlier versions of the .NET Framework. On installation it appears as an update for Microsoft Windows under the Installed Updates item in Control Panel. The improvements in the.NET Framework 4.7 includes: High DPI support for Windows Forms applications on Windows 10 Touch support for WPF applications on Windows 10 Enhanced cryptography support Performance improvements .NET Framework Documenta...
ASP.NET, ASP.NET FRAMEWORK 2017-07-18 05:55:20
HeartBleed: Inside the heart, what causes the bleeding?
Just after a few weeks since Apple's famous goto fail bug, there is one bug in OpenSSL which catches the attention from the world again. The bug is named HeartBleed, found in OpenSSL library, a famous open source library supporting lots of SSL/TLS communication among server/client applications. The reason why this bug catches the attentions from the world is it affects almost all sites which are using the affected OpenSSL library, these includes many applications like Nginx server, some v...
OpenSSL,HeartBleed 2014-04-09 05:47:30
OpenLDAP Proxy -- slapd.conf
In the introductory post of OpenLDAP proxy, we mentioned that slapd.conf is the configuration file which tells the slapd service what to do. Apart from this, there is a dynamic way of configuring slapd where the configurations are stored in LDIF database. In the future, LDIF database will be the one for configuring slapd, the old style of slapd.conf is deprecated. The slapd.conf can be converted to LDIF style using the slapdtest command. slapdtest -f /etc/ldap/slapd.conf -F /etc...
OPENLDAP,OPENLDAP PROXY,SLAPD,SLAPD.CONF 2017-10-29 04:01:39
Should All Web Traffic Be Encrypted?
The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...
Web traffic,Security,HTTPS.Encryption,Wifi 2012-02-24 05:02:58
When a CA becomes untrustable
Information security has become a vital part of people's life, especially for those people who spend much time online. Tons of data are being transmitted over the internet every second. These data include user ids, passwords, credit card information etc and some of them are sensitive information which needs secure way to transmit. Hence different protocols have been developed including SSL/TLS to encrypt data transmitted over the internet. The core of these security protocols is the certifi...
APPLE,SECURITY,GOOGLE,MOZILLA,NEWS,WOSIGN 2016-10-01 23:03:44
etcd installation and usage
etcd is an open source and highly available distributed key-value storage system and is commonly used in critical data storage and service discovery and registration use cases. It is focusing on: Simple: well-defined, user-facing API (gRPC) Secure: automatic TLS with optional client cert authentication Fast: benchmarked 10,000 writes/sec Reliable: properly distributed using Raft etcd and Redis both support key-value storage and can be set up in distributed systems. Also Redis supporst more key...
ETCD,TUTORIAL,RAFT,DISTRIBUTED SYSTEM 2021-03-07 03:10:33
Simplify Cloud Data Security: A Deep Dive Into Protecting Sensitive Data in Java
Featuring encryption, anonymization, hashing, and access control Network security incidents occur now and then, mostly caused by data leakage. Data security has aroused widespread concern, and the community keeps working hard on approaches to simplify data security, especially in sensitive data protection. Sensitive data includes but is not limited to personally identifiable information (PII) like names, ID numbers, passport numbers, driver’s license numbers, contact information like addre...
JAVA,SECURITY,ENCRYPTION,DECRYPTION,TOKENIZATION 2023-04-28 21:22:10
Optimization Tricks used by the Lockless Memory Allocator
With the releasing of the Lockless Memory Allocator under the GPL version 3.0 license, we can now discuss more of the optimization tricks used inside it. Many of these are things you wouldn't want to use in normal code. However, when speed is the ultimate goal, sometimes we need to break a few rules and use code that is a little sneaky.The SlabA slab is a well-known technique for allocating fixed size objects. For a given object size, a chunk of memory is divided up into smaller regions of that ...
Optimization,Memory allocation 2011-11-16 08:02:16
RECENT
- Streamlining the Project Invoicing Process: Tools and Strategies
- Performance comparison of string concatenation in Go language
- Why init() is not recommended in Go
- The Role of Coding Skills in Advancing Tech Careers
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- more>>