Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- TLS

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  Things to Look for in Microsoft .NET Framework 4.7

The .NET Framework 4.7 is the updated version of the .NET Framework 4.6.2.  It can run along with earlier versions of the .NET Framework. On installation it appears as an update for Microsoft Windows under the Installed Updates item in Control Panel. The improvements in the.NET Framework 4.7 includes: High DPI support for Windows Forms applications on Windows 10 Touch support for WPF applications on Windows 10 Enhanced cryptography support Performance improvements .NET Framework Documenta...

   ASP.NET, ASP.NET FRAMEWORK     2017-07-18 05:55:20

  HeartBleed: Inside the heart, what causes the bleeding?

Just after a few weeks since Apple's famous goto fail bug, there is one bug in OpenSSL which catches the attention from the world again. The bug is named HeartBleed, found in OpenSSL library, a famous open source library supporting lots of  SSL/TLS communication among server/client applications. The reason why this bug catches the attentions from the world is it affects almost all sites which are using the affected OpenSSL library, these includes many applications like Nginx server, some v...

   OpenSSL,HeartBleed     2014-04-09 05:47:30

  OpenLDAP Proxy -- slapd.conf

In the introductory post of OpenLDAP proxy, we mentioned that slapd.conf is the configuration file which tells the slapd service what to do.  Apart from this, there is a dynamic way of configuring slapd where the configurations are stored in LDIF database. In the future, LDIF database will be the one for configuring slapd, the old style of slapd.conf is deprecated. The slapd.conf can be converted to LDIF style using the slapdtest command. slapdtest -f /etc/ldap/slapd.conf -F /etc...

   OPENLDAP,OPENLDAP PROXY,SLAPD,SLAPD.CONF     2017-10-29 04:01:39

  Should All Web Traffic Be Encrypted?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...

   Web traffic,Security,HTTPS.Encryption,Wifi     2012-02-24 05:02:58

  When a CA becomes untrustable

Information security has become a vital part of people's life, especially for those people who spend much time online. Tons of data are being transmitted over the internet every second. These data include user ids, passwords, credit card information etc and some of them are sensitive information which needs secure way to transmit. Hence different protocols have been developed including SSL/TLS to encrypt data transmitted over the internet. The core of these security protocols is the certifi...

   APPLE,SECURITY,GOOGLE,MOZILLA,NEWS,WOSIGN     2016-10-01 23:03:44

  etcd installation and usage

etcd is an open source and highly available distributed key-value storage system and is commonly used in critical data storage and service discovery and registration use cases. It is focusing on: Simple: well-defined, user-facing API (gRPC) Secure: automatic TLS with optional client cert authentication Fast: benchmarked 10,000 writes/sec Reliable: properly distributed using Raft etcd and Redis both support key-value storage and can be set up in distributed systems. Also Redis supporst more key...

   ETCD,TUTORIAL,RAFT,DISTRIBUTED SYSTEM     2021-03-07 03:10:33

  Simplify Cloud Data Security: A Deep Dive Into Protecting Sensitive Data in Java

Featuring encryption, anonymization, hashing, and access control Network security incidents occur now and then, mostly caused by data leakage. Data security has aroused widespread concern, and the community keeps working hard on approaches to simplify data security, especially in sensitive data protection. Sensitive data includes but is not limited to personally identifiable information (PII) like names, ID numbers, passport numbers, driver’s license numbers, contact information like addre...

   JAVA,SECURITY,ENCRYPTION,DECRYPTION,TOKENIZATION     2023-04-28 21:22:10

  Optimization Tricks used by the Lockless Memory Allocator

With the releasing of the Lockless Memory Allocator under the GPL version 3.0 license, we can now discuss more of the optimization tricks used inside it. Many of these are things you wouldn't want to use in normal code. However, when speed is the ultimate goal, sometimes we need to break a few rules and use code that is a little sneaky.The SlabA slab is a well-known technique for allocating fixed size objects. For a given object size, a chunk of memory is divided up into smaller regions of that ...

   Optimization,Memory allocation     2011-11-16 08:02:16

RECENT