Collaborate Disseminate
I want to code a web app that allows 2 users to send encrypted messages to each other, and I want to maximize security, so I want to minimize the amount of trust I put in my cloud provider (both the database and the server wh… Continue reading Javascript asymmetric password-based encryption
We are trying to install the Anaconda Python build 3.6, but our virus scanner is detecting possible Trojans and other security alerts in the binary.
We find it hard to believe the build is problematic And I’ve seen false … Continue reading VirusTotal detects threats in Pyton Anaconda Build 3.6 – is it Reliable?
We are trying to install the Anaconda Python build 3.6, but our virus scanner is detecting possible Trojans and other security alerts in the binary.
We find it hard to believe the build is problematic And I’ve seen false alerts reporte… Continue reading VirusTotal detects threats in Python Anaconda Build 3.6 – is it Reliable?
We have a situation where I am not finding any documentation on it. We are trying to scale across multiple machines/job by breaking up the keyspace by complexity. Its a 7 char completely random alphanum pwd.
We created a “… Continue reading John the ripper – creating specific rules
I’ve a web site (HTTPS) only allow authenticated users to access. Currently in the web server I grant access allow connection from a VPN gateway.
So all users need to connect to this gateway in order to access the web site.
… Continue reading Replace IPSEC VPN with Shadowsocks, is it secure enough?
I’ve a web site (HTTPS) only allow authenticated users to access. Currently in the web server I grant access allow connection from a VPN gateway.
So all users need to connect to this gateway in order to access the web site.
… Continue reading Replace IPSEC VPN with Shadowsocks, is it secure enough?
I’m accessing Bing (https://www.bing.com) from within China. I got the following information:
How could this happen? HTTPS but not encrypted, and with SSL certificate?
Here is the packet capture using wireshark. Bing’s IP… Continue reading HTTPS but NOT encrypted?
As a developer, I use docker and have a docker server running on my machine. I would expect that docker would not give my user permission to operate on files beyond my user’s current set of permissions. The following example … Continue reading Configuring docker securly on a developer machine
As a developer, I use docker and have a docker server running on my machine. I would expect that docker would not give my user permission to operate on files beyond my user’s current set of permissions. The following example … Continue reading Configuring docker securly on a developer machine
In the design of a backend database, the password field suppose to be hashed using bcrypt.
There are two approaches
password = bcrypt(plain_passsword)
password = bcrypt(sha1(plain_password)), where sha1(plain_password) is … Continue reading Is it useful to hash the password before sending to server for authentication?