SEARCH KEYWORD -- Server security


  25 worst passwords in 2012

Weak password is a serious security vulnerability, but the majority of network users still use some universal simple character sequences as the password. SplashData recently announced the world's worst password list in 2012.  "password","123456" and "12345678" are still at top places, while others have varying,  some new passwords like  "welcome" "Jesus" "ninja","mustang"and "password1 "are in the list. With the risk of password loss, SplashData CEO Morgan Slain said we hoped netw...

   Password,Security     2012-10-25 12:04:49

  How long does the heuristic cache of the browser actually cache?

Heuristic cache Heuristic caching is the default behavior of browser caching (i.e., for responses without Cache-Control), which is not simply "not caching", but implicitly caching based on the so-called "heuristic cache". HTTP is designed to cache as much as possible, so even if Cache-Control is not specified, the response will be stored and reused if certain conditions are met. This is called heuristic caching. HTTP/1.1 200 OK Content-Type: text/html Content-Length: 1024 Date: Tue, 22 Feb 2022 ...

   HEURISTIC CACHE,WEB DESIGN     2023-05-26 08:40:13

  Install both 32 bit and 64 bit WAMP server

WAMP server is a platform tool for serving PHP applications on Windows. It includes a combination of Apache, MySQL and PHP service which can help developers test or run PHP applications with minimal setup. Sometimes one would first have a 32 bit version of WAMP installed and a few applications have been configured. But later s/he would mistakenly installed a 64 bit version of WAMP and somehow the 32 bit version configuration is overwritten. This causes a problem where the old applications config...

   PHP,WAMP,64 BIT,32 BIT,MULTIPLE VERSION     2017-03-18 01:14:21

  WireGuard VPN Troubleshooting

When you are working as a network/cluster admin for you team to config the WireGuard VPN for other members, you may meet some of the problems below and these are the solution you can try to fix them. ----------------------------------------------------------------------------------------------------------- Problem [1]: The WireGuard handshake request send from the client can be received from the server but the server's response was blocked at some where so the client can not receive serv...

   WIREGUARD,VPN,TROUBLESHOOTING     2021-12-14 09:17:46

  The Risks of Prioritizing Features Over Security in China's EV Industry

In recent years, China's electric vehicle (EV) industry has seen a surge in innovation and growth. Companies like BYD, NIO, XPeng, and Xiaomi have become household names, not just in China but globally. These companies have been at the forefront of integrating cutting-edge technology into their vehicles, often promoting new features such as autonomous driving, advanced infotainment systems, and seamless connectivity. However, this rapid pace of innovation has raised concerns about whether these...

   SECURITY,CHINA,EV CAR     2024-11-20 01:14:18

  Content based HTTP Cache

Browsers may cache the webpages we visited, when user types a URL on the address bar, the browser may cache the webpage returned from server while displaying it. If there is no update on the webpage, then next time when the browser requests the same page, it will not download the page again, instead it will load the cached page. If the website explicitly specify that the page is updated, then the browser will download the page again from the server. What's HTTP Cache? You may be familiar with th...

   HTTP Cache,Web crawler     2013-05-24 05:12:59

  Different types of keystore in Java -- PKCS11

PKCS11 keystore is designed for hardware storage modules(HSM). It's an interface to talk to the HSMs. It doesn't actually store any keys but provide a set of classes to communicate with the underlying HSM. The actual keys and certificates are stored on the HSMs. The reason for storing the keys and materials is to ensure security and efficiency. Since the keys are on the HSMs, they are safe to be stolen. All encryption/decryption operations are performed on the HSMs as well, this incre...

   PKCS11,keystore,HSM,Java     2015-01-08 00:39:12

  30 minutes to fix Java vulnerability

On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43

  PHP Apache MySQL Set-up Note

With the emergence of WAMP, LAMP, PHP developers are liberated from the tedious work of setting up PHP environment. Since PHP, Apache and MySQL are so tightly bundled, WAMP and LAMP provide a setp solution for setting up a PHP environment which includes the programming programming environment, server and database. But for a PHP who wants to learn more, you have to try to set the PHP environment yourself by installing PHP, Apache and MySQL manually and configuring them. Below is a simple note on ...

   PHP,Apache,MySQL     2014-04-07 01:56:43

  How to play with cross domain request

What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different.  Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js               # Same domainhttp://www.a.com/lab/a.js &nb...

   FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME     2016-11-06 00:48:54

RECENT