Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Unix server security

  HeartBleed: Inside the heart, what causes the bleeding?

Just after a few weeks since Apple's famous goto fail bug, there is one bug in OpenSSL which catches the attention from the world again. The bug is named HeartBleed, found in OpenSSL library, a famous open source library supporting lots of  SSL/TLS communication among server/client applications. The reason why this bug catches the attentions from the world is it affects almost all sites which are using the affected OpenSSL library, these includes many applications like Nginx server, some v...

   OpenSSL,HeartBleed     2014-04-09 05:47:30

  Apple.com is down

UPDATE : The service is back now! Apple.com is now inaccessible. It shows below "Access denied" message on its official site. It is still unknown why the service is down. And there is no ETA on when the service will be back to normal. From the error message, some people think this happens because Apple uses Akamai's security product and the security policy in place is violated. It's basically a WAF. The big issue is it takes 45 minutes for changes to propagate through Akamai's network. So, you ...

   IPHONE 6S,IPHONE 6S PLUS,APPLE     2015-09-12 00:50:17

  Useful functions to provide secure PHP application

Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...

   PHP,security,SQL Injection,XSS,AJAX     2014-10-30 04:21:59

  What drives the popularity of Node.js?

JavaScript is a programming language which can be used on both front end and back end. Its popularity should mainly be attributed to its power in front end side. While people seem not realize its power in back end until the appearance of Node.js.  Node.js is a server-side software system designed for writing scalable Internet applications, notably web servers. Programs are written on the server side in JavaScript, using event-driven, asynchronous...

   Node.ks,Popularity,NPM     2013-07-24 01:22:58

  Meta tag in HTML header

In server response, we can use response.setHeader() to set the meta information in header of a HTML page. The usage is response.setHeader(name,context); meta is used to simulate the response header of HTTP protocol in HTML page. It should be put between the <head> and </head> tag. 1. <meta name="Generator" content="" > <!--This is to specify the tool which generates this page such as Microsoft FrontPage 4.0 etc --> 2. <meta name="keywords" content=""> <!-- To tel...

   HTTP,meta,HTML,head     2013-05-22 11:34:08

  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

  Let’s Find Out What the Future holds for .Net Technology

Technology is more like an evolution, not a revolution. The disruptive industry seems to be changing day in day out. Due to which tech companies by default have to chase new trends in order to stay ahead of the curve. Now, Microsoft.Net framework has been around since the 1990s! Do you think such refined technology can be considered relevant now? From what I can see, .Net is going through a major transformation. It’s gone largely open source and has been getting modernized so that its wor...

   ASP.NET ,.NET     2018-06-12 05:07:53

  Simple Strategies to Boost Your Android Phone Security

Android is one of the safest operating systems for smartphones and tablets if used correctly. Unfortunately, only a third of Android users use the latest version, and older versions are far more vulnerable than newer ones. Not to mention that many manufacturers take their time when it comes to downloading the latest security patches. A news blog Android Authority ranked the fastest manufacturers in downloading system updates. Here are the results: LG - 78 days Motorola - 88 days HTC - 95 days S...

   ANDROID,DATA SECURITY     2019-02-19 07:36:46

  Android socket programming example

Socket is a kind of interface for different sides t communicate, it usually identified by an IP and a port. There are many server side software on a server and they would provide different service. Each server many create some sockets and bind them to some ports so that clients can listen to. Software on the Internet will exchange data though a bidirectional connection established. Each end of the connection has a socket created. In Java, Socket and ServerSocket are in java.net package, ServerSo...

   Android,Socket,Java     2013-05-11 22:17:16

  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

RECENT