SEARCH KEYWORD -- User base


  All I Know About Certificates -- Clients

 Finally, in last article we’ve covered the responsibilities of CAs, showing that being a CA isn’t simple and has high management costs, explaining why issuing certificates costs money! This article we will cover the client in this chain. Verifying Certificates as a Client For clients, verifying certificates isn’t simple either. Articles introducing TLS handshakes often mention "the server sends back a certificate, and the client verifies it," but in reality, as ...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:24:30

  Go Error Best Practice

Being indulged in Go for quite a while and having implemented web-related programs, grpc interfaces and Operators, I seem to be an advanced beginner now. However, I am still a raw hand in production-environmental debugging, which is cumbersome if done by querying logs or error messages. Imagine the scenario that a full-text search is called when the specific location of the error log is missing. Then what happens when those error logs are not only in one place? Yes, my error logs can no longer h...

   GO ERROR,ERROR HANDLING     2021-10-07 07:38:28

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  MySQL Index Merge Optimization Practices

In production environment databases, it is often seen that some SQL where conditions include: equal condition on a normal index + primary key range query + order by limit Although using a normal index would be more efficient, the system chooses to use index merge instead in some cases. This article explores such index merge situations. Index Merge Official Introduction   The Index Merge access method retrieves rows with multiple range scans and merges their results into one. Generall...

   INDEX MERGE,MYSQL,PRIMARY INDEX,SECONDARY INDEX     2024-09-10 04:52:26

  File upload once again

File upload is one of the oldest operation of web design. After 20 years, it's still has no big change, difficult to handle, lack of interaction and poor user experience. Web developers have thought many methods to improve the experience of uploading file in web apps, they developed various plugins based on different JavaScript libraries. However, because of the difference among different web browsers, there is no common interface which makes these plugins work properly or easily on all web brow...

   Web design, File upload, Asynchronous,HTML5     2012-09-02 11:52:21

  How to play with cross domain request

What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different.  Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js               # Same domainhttp://www.a.com/lab/a.js &nb...

   FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME     2016-11-06 00:48:54

  Breakdown Kubernetes Container Runtime

Keeping on learning Kubernetes piece by piece and having a deeper understanding of its advantages, I am no longer shocked at its rapid development and popularity. Though backed by big companies like Google is undoubtedly the push, its design, features, and convenience are the biggest attraction. Most of all, it disintegrates the monolithic Internet system governance and lifecycle and offers a new management method. Kubernetes is a set of concepts, including various resource types like Pod, Deplo...

   KUBERNETES,CONTAINER     2021-05-15 04:06:48

  Google’s BERT - What changed and what didn’t

Most of us should already be aware that Google has updated their algorithm. The new algorithm is called BERT (Bidirectional Encoder Representations from Transformers) and has made at least a couple of modern-day SEO experts scratching their heads trying to figure out what it means.   The good news is that there have been no major changes enough to make SEO experts change their strategies drastically. This means that all of the linking and keyword researching techniques remain the same and w...

   GOOGLE UPDATE,BERT,GOOGLE ALGORITHM,GOOGLE SEARCH     2019-10-30 05:35:05

  php://input in PHP

When using xml-rpc, server side will get the data from client with php://input method instead of $_POST. Hence today we will discuss php://input. PHP official manual has below explanation to php://input: “php://input allows you to read raw POST data. It is a less memory intensive alternative to $HTTP_RAW_POST_DATA and does not need any special php.ini directives. php://input is not available with enctype=”multipart/form-data”. Here we und...

   php://input, IO, input     2013-02-25 20:43:00

  13 Hours of Crisis: Tracking a GitHub Poisoning Incident

Incident Overview Since 6 PM Beijing Time on December 4, 2024, “ghost repositories” have been appearing on GitHub. These repositories contain no code but include deceptive virus files. That same day, they became the fastest-growing repositories on GitHub in terms of stars. Over 180 fake zombie accounts were spreading the virus, waiting for victims to fall into their trap. A Chinese developer—myself—took notice of all this. After days of probing and searching, I identified...

   GITHUB,POISON,SIMPLEBOT,CHINA     2024-12-06 22:14:25

RECENT