caching – Page 6 – WindowsTechs.com

Why do we need HTTPS for static content? If we can have a checksum at the end signed by the private key, won’t that prove the validity?

Posted on March 12, 2017 by kalyan

This method which I am talking about can improve caching of images, videos, and CSS by the ISP rather than just depending on the browser cache. And it also proves the validity of the sender. Is there any reason why this semi-HTTPs not cons… Continue reading Why do we need HTTPS for static content? If we can have a checksum at the end signed by the private key, won’t that prove the validity?→

Can I use CloudFlare if I want to avoid NSA and FISA secret orders?

Posted on February 17, 2017 by Mikko Rantalainen

We’re running a web service in Europe, secured with TLS and we’re using private keys generated on our private hardware.
We would like to use CloudFlare for DDoS protection and caching reverse proxy.
However, putting my tinfoil hat on, I’m … Continue reading Can I use CloudFlare if I want to avoid NSA and FISA secret orders?→

In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)

Posted on January 16, 2017 by Dereksurfs

There is a growing trend to utilize more In-Memory Storage for a wide variety of use cases from big data analytics (Spark) to faster processing power (MemSQL) to caching (Redis) most frequently accessed data before making a t… Continue reading In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)→

In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)

Posted on January 16, 2017 by Dereksurfs

HTTP Content-Security-Policy Nonce and Caching

Posted on December 2, 2016 by user2687991

Is anyone here able to clarify how caching affects adding a nonce=value to all inline javascript?

If the nonce must be unique and unpredictable, then one would need to disable all server-side (i.e. Varnish, Cloudfront, etc) caching on the… Continue reading HTTP Content-Security-Policy Nonce and Caching→

Principles of cache attacks

Posted on June 5, 2016 by null

There are many scientific publications that deal with cache attacks. Most recently, the CacheBleed attack was published which exploits cache bank conflicts on the Intel Sandy Bridge architecture. Most timing attacks use a similar approach:… Continue reading Principles of cache attacks→

Are webcache pages more secure?

Posted on February 4, 2016 by Craig Fox

Whenever I see a suspicious looking URL I want to go to, I usually just search it up on Google’s webcache and browse the site that way. But I just realized that I never really had evidence to support this kind of habit. Are w… Continue reading Are webcache pages more secure?→