Today's Question:  What's your opinion about Alibaba mooncake incident?        GIVE A SHOUT

SEARCH KEYWORD -- security



  Generate certificate in Java -- Certificate chain


In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52


  Bad code plagues business applications, especially Java ones


A new study examining 365 million lines of code in 745 applications identifies bad coding practices that affect security, performance and uptime, with Java Enterprise Edition applications having the greatest number of problems. Cast Software, which makes tools that automate the analysis of business applications, examined programs written in Java-EE, .NET, ABAP, C, C++, Cobol, Oracle Forms, and Visual Basic, used across a wide range of industries from energy and financial services to IT co...

   Program,Security,Defects,Java     2011-12-09 07:42:51


  Arrays.equals() vs MessageDigest.isEqual()


Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29


  Create wireless hotspot on your smartphone


It's now very common that you may not get Internet connection in first few days when you move to a new place. And you may have some important things to handle or you may just want to connect to Internet and share with others your new place. If you have a smartphone which has enough mobile data package, then you are on the way to enjoy Internet. Today we will introduce how to create a wireless hotspot on your smartphone with Samsung Galaxy S3 i9300. Step 1 Go to Settings -> More Settings ->...

   Wireless hotspot, Smartphone, Samsung     2013-01-12 23:08:39


  Oracle released an urgent Java patch


On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59


  Java Cipher encryption/decryption example


In Java, Cipher is the API for doing data encryption/decryption. Many cryptographic algorithms such as AES, DES, RC4 etc can be specified when creating Cipher instance. The Cipher instance calls the underlying algorithm specific implementation to do the actual encryption/decryption.  Before doing the encryption/decryption, a key needs to be created and it will be used to do the encryption/decryption. A sample program for performing all these is : import java.security.Key; import javax.cryp...

   Java, Java Security, Cipher, Example, Sample     2015-08-14 07:07:10


  Access control in Java -- Permission check order


Previously we showed you how to turn on SecurityManager in Java. After SecurityManager is turned on, a series of permission checks will be applied on the code you are calling in your application to protect some resources against malicious access such as files, sockets etc. To perform these permission checks, a set of Permissions will be created and checked using the AccessController. The AccessController has three purposes : To decide whether an access to a critical system resource is to be all...

   JAVA,SECURITY,ACCESSCONTROLLER     2016-03-07 04:17:40


  Apple.com is down


UPDATE : The service is back now! Apple.com is now inaccessible. It shows below "Access denied" message on its official site. It is still unknown why the service is down. And there is no ETA on when the service will be back to normal. From the error message, some people think this happens because Apple uses Akamai's security product and the security policy in place is violated. It's basically a WAF. The big issue is it takes 45 minutes for changes to propagate through Akamai's network. So, you ...

   IPHONE 6S,IPHONE 6S PLUS,APPLE     2015-09-12 00:50:17


  Introduction to DTLS(Datagram Transport Layer Security)


Secure communication has become a vital requirement on the Internet. Lots of information transferred through the Internet are sensitive data such as financial transactions, medical information, media streaming etc. To ensure security of data transferred on the Internet, a few secure protocols have been designed including SSL/TLS and IPsec. Many large websites in the world have adopted TLS. Apart from SSL/TLS, there is some other protocol designed to be used in special cases. One of them is ...

   JAVA 9,DTLS,TLS,SECURITY     2016-04-02 05:55:36


  Useful functions to provide secure PHP application


Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...

   PHP,security,SQL Injection,XSS,AJAX     2014-10-30 04:21:59