SEARCH KEYWORD -- code security
Chrome to block mixed content downloads in version 86
Google has announced its plan to block mixed content downloads in Chrome in February 2020 and now the day to block mixed content downloads is coming soon as we are nearing October when Chrome 86 is supposed to be released. What is mixed content downloads? According to Google, it is non-HTTPS downloads started on secure pages. For example, if you access a page called https://example.com/download, and in this page, there is a download link to http://download.example.com/something, ...
CHROME,MIXED CONTENT DOWNLOADS 2020-09-18 21:10:53
Using Java keytool programmatically
Java provides a command line tool to access and operate different keystore which store keys and certificates. This tool is named keytool and is located at \bin. On command line, you can issue below command to generate a keystore named mytest.jks which contains a private key and certificate chain. keytool -genkeypair -alias mykey -keyalg RSA -sigalg SHA256withRSA -dname CN=Java -storetype JKS -keypass password -keystore mytest.jks -storepass password Sometimes, in testing purpose, w...
Web Security: In-Depth Explanation of X-XSS-Protection
What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...
X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP 2023-11-29 01:48:40
Arrays.equals() vs MessageDigest.isEqual()
Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...
Arrays.equal(),MessageDigest.isEqual(),Java,Security 2015-05-14 22:03:29
Access control in Java -- doPrivileged
Previously we have introduced how Java performs permission check to protect resource access. What if sometimes we need to give some class the temporary access to some resource which it initially doesn't have? AccessController provides six doPrivileged methods to fulfill this requirement. These six methods have below signatures : static T doPrivileged(PrivilegedAction action)static T doPrivileged(PrivilegedAction action, AccessControlContext context)static T doPrivileged(PrivilegedExceptionA...
JAVA,SECURITY,DOPRIVILEGED 2016-03-08 05:46:42
Create wireless hotspot on your smartphone
It's now very common that you may not get Internet connection in first few days when you move to a new place. And you may have some important things to handle or you may just want to connect to Internet and share with others your new place. If you have a smartphone which has enough mobile data package, then you are on the way to enjoy Internet. Today we will introduce how to create a wireless hotspot on your smartphone with Samsung Galaxy S3 i9300. Step 1 Go to Settings -> More Settings ->...
Wireless hotspot, Smartphone, Samsung 2013-01-12 23:08:39
Create temp file in Bash using mktemp and trap
When working on Linux Bash, sometimes there is need to create temporary file. A common way of creating temp file on Linux is creating some file in /tmp directory. However there is security risk when creating temp file in /tmp directory. This post will show how to securely create temp file in Linux Bash. When creating file in /tmp directory, there are some security risks. This directory can be accessed by any user on the system, any user can write data into this directory as well. The files creat...
Simple Strategies to Boost Your Android Phone Security
Android is one of the safest operating systems for smartphones and tablets if used correctly. Unfortunately, only a third of Android users use the latest version, and older versions are far more vulnerable than newer ones. Not to mention that many manufacturers take their time when it comes to downloading the latest security patches. A news blog Android Authority ranked the fastest manufacturers in downloading system updates. Here are the results: LG - 78 days Motorola - 88 days HTC - 95 days S...
ANDROID,DATA SECURITY 2019-02-19 07:36:46
Different types of keystore in Java -- DKS
Domain KeyStore(DKS) is a keystore of keystore. It abstracts a collection of keystores that are presented as a single logical keystore. Itself is actually not a keystore. This new keystore type is introduced in Java 8. There is a new class DomainLoadStoreParameter which closely relates to DKS. To load different keystores into the single logical keystore, some configuration is needed. Here is the format of the configuration for grouping different keystores. domain [ ...] { keystore [ ....
Google open sources its Collaborative IDE
July 9, 2012 news, Google engineer Scott Blum published an article on Google+ which revealed that Google would open source the Collaborative IDE. The project was named "Collide" (collaborative IDE), which is a Web collaborative code editor. Google hopes that Collide can serve as a catalyst for improving the state of web-based IDEs.Caution Collide does not have any proper auth, SSL support, or user account management just yet. Please consider that fact when running instances that expose important...
Google,Open source,Collide IDE 2012-07-09 10:55:20
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>