java – Page 5 – WindowsTechs.com

Hackaday Links: March 10, 2024

Posted on March 10, 2024 by Dan Maloney

We all know that we’re living in a surveillance state that would make Orwell himself shake his head, but it looks like at least one company in this space has …read more Continue reading Hackaday Links: March 10, 2024→

White House Recommends Memory-Safe Programming Languages and Security-by-Design

Posted on March 4, 2024 by Megan Crouse

A new report promotes preventing cyberattacks by using memory-safe languages and the development of software safety standards. Continue reading White House Recommends Memory-Safe Programming Languages and Security-by-Design→

Should Maven Central artifacts containing known vulnerable artifacts be reported?

Posted on March 3, 2024 by Cornul11

I have developed a tool that can find Maven Central JAR artifacts that contain classes from known vulnerable JAR artifacts. This includes but is not limited to fat (uber) JARs, JAR bundles, and artifacts tagged with the -all identifier.
In… Continue reading Should Maven Central artifacts containing known vulnerable artifacts be reported?→

Does men in the middle is possible with this code : AES/CBC with HMAC? [closed]

Posted on January 18, 2024 by b210205

public static byte[] encrypt(String message, String password) throws Exception {
SecureRandom rand = new SecureRandom();

try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
try (DataOutputSt… Continue reading Does men in the middle is possible with this code : AES/CBC with HMAC? [closed]→

TIOBE Index News (January 2024): Programming Language of 2023 Goes to C#

Posted on January 16, 2024 by Megan Crouse

Keep an eye on Dart and TypeScript in 2024, TIOBE Software CEO Paul Jansen suggests. Continue reading TIOBE Index News (January 2024): Programming Language of 2023 Goes to C#→

Google Login with idToken and JWT (Java)

Posted on January 15, 2024 by Lucas Basquerotto

We are integrating Google login in our app and we intend to use the idToken for authentication. We are already sending the idToken from the app to the back-end server, and intend to verify the token as explained at:
https://developers.goog… Continue reading Google Login with idToken and JWT (Java)→

Are deserialization attacks possible when unmarshalling user input to non-vulnerable types using the JAXB unmarshaller?

Posted on January 10, 2024 by Beurtschipper

Are deserialization attacks possible when unmarshalling user input to non-vulnerable types using the JAXB unmarshaller?
We all know that deserializing user input to arbitrary types in Java leaves an application open to deserialization atta… Continue reading Are deserialization attacks possible when unmarshalling user input to non-vulnerable types using the JAXB unmarshaller?→

Hook into Client-Side TLS-Handshake of Java

Posted on December 27, 2023 by Harbincoder

In a mTLS(2-way-TLS)-Setup, my client is not able to access the client private key directly, bit only the public key. However it is able to generate a valid signature for any input challenge(produced with the right private key) by calling … Continue reading Hook into Client-Side TLS-Handshake of Java→

Detect Java Method hooking in Android [migrated]

Posted on December 12, 2023 by localacct

Is there a way to write code to inspect Java methods’ bytecodes for signs of hooking (perhaps a branch to a different function etc)?
I want to be able to inspect either system classes or my own application’s classes for signs of hooking.
I… Continue reading Detect Java Method hooking in Android [migrated]→

TIOBE Index News (December 2023): Smaller Programming Languages Are Rising in Popularity

Posted on December 11, 2023 by Megan Crouse

The rise of smaller languages may be due to the number of programmers increasing or to search engine ranking algorithms changing. Continue reading TIOBE Index News (December 2023): Smaller Programming Languages Are Rising in Popularity→