Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Attack

  Google plans to deprecate FTP URL support in Chrome

Currently people can access FTP list and download resources hosted on FTP servers in Chrome through FTP URLs, but this may not work anymore in the near future. In a post published by Chrome engineers, there is a plan to deprecate FTP support in Chrome version 82. The major motivation for this deprecation is that Chrome doesn't have an encrypted FTP connection support(FTPs), this raises security risk of downloading resources over FTP. Since users can access FTP URLs and download resources, there...

   CHROME 82,CHROME,FTP     2019-08-16 21:35:02

  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  Programming: the benefits of taking a break

This post lists several benefits of taking a break during programming. You work smarter, not harder. Once, I worked really hard on a feature. For two weeks, 12 hours a day, I put in a lot of effort. After those two weeks, I took a break and came up with several ideas that made much of the work unnecessary.You think more clearly. Being tired has a similar effect as being drunk. At the end of a day, I often kid myself that I’ll just get this one thing finished quickly to have a fresh ...

   Programming,Tips,Break,Tired     2011-07-28 09:04:29

  10 notorious computer virus

The history of computer virus is the same as computer history. With more and more powerful computers, virus also are smarter and harder to be detected and killed. They have big impact on data security and system usability. We introduce 10 notorious computer virus in the history. 1. Creeper In 1971, the Creeper virus, an experimental self-replicating program, is written by Bob Thomas at BBN Technologies. Creeper infected DEC PDP-10 computers running the TENEX operating sy...

   Computer virus,History,Security     2013-07-16 21:09:22

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Three Simple Ways to Improve the Security of Your Web App

It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...

   Web app,Security,X-FRAME-OPTIONS,SSL     2011-12-08 10:10:20

  Privacy & Security What Is the Difference?

                       When we discuss the internet today, there are two terms that we frequently here: privacy and security. While you may think that these two terms mean the same thing and are thus interchangeable, this isn’t true. As such, you’ll want to take a moment to learn the difference between these two terms. Understanding the Difference Between Privacy and Security When you open a checking account you share your p...

   SECURITY,PRIVACY,CYBERSECURITY     2018-12-27 00:29:57

  JavaScript Attack/Defend

As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are ...

   JavaScript,Attack,Defend,Security,Cross site     2011-10-13 13:09:11

  Why isn't all internet traffic encrypted?

The biggest problem is that you must be able to verify that you're encrypting to the correct key. Without it, encryption would be practically useless, as anyone could perform a man-in-the-middle attack on the connection and remain undetected.In typical SSL/TLS, as well as other protocols using X.509, this verification is performed by "certification authorities", which are explicitly marked as "trusted" by web browsers and operating systems. Unfortunately, these CAs usual...

   Internet,Traffic,Encryption,Decryption,Security     2011-10-15 15:03:37

  $40 million per year to keep Wikipedia running

Wikipedia is an incredibly frugal and efficient nonprofit organization. It serves half a billion visits per month. But do you know how much it costs to keep this huge website running? According to 2012-13 Wikimedia Foundation Annual Plan, the expected spending is around $40 million. Some may argue that Wikipedia is just a site with "just text", why does it cost so much? Oliver Emberton shared his view. To keep Wikipedia running and serve 500 million visits per month. First, you're going to need ...

   Wikipedia,Spending,Cost     2013-09-24 23:05:10

RECENT