Everyone who uses Linux (or some Unix) knows the normal file permissions that are administered with chmod, at least to some extent. It is worth noting, what permissions of a file and the underlying directory mean. In order to read the file, one needs read rights for the file and also read and executable rights …
Kategorie-Archive: Security
Certificates
We have been using the term „certificates“ for a long time for files that are used to encrypt or sign data or to prove identity. Now „certificates“ have become something that we use in our daily life to show that we are vaccinated or tested against Covid-19. Because they are provided as QR-codes and people …
Electronic Vaccination Certificates
It is becoming increasingly important to have a way to easily prove being vaccinated against Covid-19 in a way that works at least throughout Europe. This can be a piece of paper and it can be an app. People are very concerned about faking the certificate. This can happen and it is of course a …
Processes
We all encounter once in a while people in the teams who really love processes. Now processes are a good thing, because they can help us to work, clarify certain things and improve efficiency. There are even processes that are absolutely mandatory, for security reasons, for example. It should be carefully chosen where to impose …
JSON instead of Java Serialization: The solution?
We start recognizing that Serialization is not such a good idea. It is cool and can really work on a wide range of objects, even including complex and cyclic reference graphs. And it was essential for some older Java frameworks like EJB and RMI, which allowed remote access to Java objects and classes. But it …
„JSON instead of Java Serialization: The solution?“ weiterlesen
Devoxx UA and Devoxx BE 2019
In 2019 I visited Devoxx UA in Kiev and Devoxx BE in Antwerp. Traveling was actually a little story by itself, so for now we can just assume that I magically was at the locations of DevoxxUA and DevoxxBE. In Kiew I attended the following talks: Probabilistic data structures in nutshell (in Ukrainian) [Oleksandra Kulyk] …
Can hashCodes impose a security risk?
This may come as a surprise, but attackers can assume that software is running in one of the common languages with their standard library. This calculates the hashcode of a string in a predictable way. For that reason it is possible, to create a large number of entries that result in strings having the same …
www.it-sky-consulting.com now https only
I have converted my company site www.it-sky-consulting.com to always use https. This is something all sites should do in the next few months.
Weird blackmailing via email from „Hacker“
I got a few emails, that looked like this (see at the button). I replaced all references to myself with xxxx. The source of the email indicates, that a mailserver „nmail.brlp.in“ has been used for this. The fact, that the email seems to come from my own mail address is not a proof that this …
Encryption of Disks
Today we should use encryption of disks for many situations. I recommend at least encrypting disks of portable computers that contain the home directory and portable USB disks. They can easily get stolen or lost and it is better if the thief does not have easy access to the content. We should even consider encrypting …