SEARCH KEYWORD -- GIT SECURITY


  Install Kubernetes with minikube and docker on Ubuntu

When someone just wants to play around Kubernetes on its local environment without accessing to Cloud provider resources, one can set Kubernetes up on local environment with minikube with single node mode. This post will provide a simple guideline on how to set up KUbernetes with minikube and docker on Ubuntu. Before all the steps can be started, you may need to first set up kubectl which is a command line tool to operate on Kubernetes resources. Post that, can ensure that docker is installed on...

   KUBERNETES,MINIKUBE,DOCKER,UBUNTU     2021-06-01 05:37:40

  25 worst passwords in 2012

Weak password is a serious security vulnerability, but the majority of network users still use some universal simple character sequences as the password. SplashData recently announced the world's worst password list in 2012.  "password","123456" and "12345678" are still at top places, while others have varying,  some new passwords like  "welcome" "Jesus" "ninja","mustang"and "password1 "are in the list. With the risk of password loss, SplashData CEO Morgan Slain said we hoped netw...

   Password,Security     2012-10-25 12:04:49

  The Risks of Prioritizing Features Over Security in China's EV Industry

In recent years, China's electric vehicle (EV) industry has seen a surge in innovation and growth. Companies like BYD, NIO, XPeng, and Xiaomi have become household names, not just in China but globally. These companies have been at the forefront of integrating cutting-edge technology into their vehicles, often promoting new features such as autonomous driving, advanced infotainment systems, and seamless connectivity. However, this rapid pace of innovation has raised concerns about whether these...

   SECURITY,CHINA,EV CAR     2024-11-20 01:14:18

  Different types of keystore in Java -- PKCS11

PKCS11 keystore is designed for hardware storage modules(HSM). It's an interface to talk to the HSMs. It doesn't actually store any keys but provide a set of classes to communicate with the underlying HSM. The actual keys and certificates are stored on the HSMs. The reason for storing the keys and materials is to ensure security and efficiency. Since the keys are on the HSMs, they are safe to be stolen. All encryption/decryption operations are performed on the HSMs as well, this incre...

   PKCS11,keystore,HSM,Java     2015-01-08 00:39:12

  30 minutes to fix Java vulnerability

On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  Building Security onto Your Mobile Application

Analysts state that more than 75% of the mobile applications will fail the basic security tests in 2015 – Gartner Research. Enterprises that follow the Bring Your Own Device (BYOD) approach and facilitate mobile computing to their employees are susceptible to security threats and other vulnerabilities, unless they implement stringent security measures. In the development or deployment of mobile applications, a business can be severely impacted both financially and otherwise, if they are to...

   Web Application Development Company, iPhone App Development Company     2015-08-21 07:22:32

  Data as code

What is a good command line parser API? A good command line parser should consider below 5 aspects: Support convenient help information generation Support sub commands, for example, git has push,pull,commit sub commands. Support single character option, word option, flag option and option with parameter. Support default option, for example, if no -port is set, set it as 5037 Support usage model, for example, tar's -c and -x is mutually exclusive, they belong to different usage models. Here are...

   Command line,API     2013-08-08 22:40:36

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

RECENT