A blog about tech, programming, security, and various other subjects.




Found 21 results for your search query or tag selection. Clear search.
Encrypting passwords  Tags: security, webdevelopment, programming, websites.
It's so easy to bash Adobe for encrypting passwords instead of hashing them. The entire security community did, and of course they were right. Encryption is by definition reversible, so it was stupid of Adobe to encrypt passwords instead of hashing them, right? Right?

Or maybe not. As time passes and not a single password from an Adobe user has been leaked, aside from the ones solved in crossword puzzles, I was starting to doubt our judgment.
Searching 10GB of data As A Service - lessons learned  Tags: programming, webdevelopment, databases.
The day before yesterday I launched a service where you can check whether you were included in the Adobe accounts hack. I had the file, it could be grepped for stuff in about 30 seconds, and I thought "hey, others might want to do this too". And so I started coding.

My parents would be home soon and we'd go out for dinner, but I wanted it done. With the Linkedin breach someone else put up the same service so it doesn't seem to be an uncommon thing to do. Since I didn't want anyone to steal my idea before I could get it done (and my work would be wasted), I was kind of on a schedule.
Cookieless cookies  Tags: webdevelopment, privacy.
I've made a little one-page project about tracking users using ETag headers instead of cookies. It's not new, but many websites employ this while nobody knows about it.

The page pretty much speaks for itself, so here it is:

http://lucb1e.com/rp/cookielesscookies/
What is XSS and how to protect your website  Tags: webdevelopment, security, programming.
Alternative title: How do XSS attacks work and how can you exploit it.
To secure things you must know how they work, right? ;) The post mainly focuses on how it works and how to protect your website though, so let's dive right into it.

First of all, XSS means cross-site scripting. The name is a bit misleading since it isn't necessarily cross-site, it's basically just inserting scripts at places where other users will unknowingly trigger them to run.
PHP's in_array is slow - this works faster  Tags: programming, webdevelopment.
I think this is best explained by example, so here's a simple script to load a file into the memory, removing duplicate lines:
<?php
    $handle = fopen("myfile.txt", "r");
    $lines = array();
    while ($line = fgets($handle))
        if (!in_array($line, $lines))
            $lines[] = $line;
    
    fclose($handle);


This works fine if you don't mind waiting for a minute or ten until it did all the millions of lines. If you're like me, you will probably want to make it run in under thirty seconds.


Next page / Older posts
 
lucb1e.com

Circle on Google+
Follow at Twitter


Tagcloud:
AI apps chat computers databases datetime e-mail hardware keyboard keyboards lol me music my blog my server networking nostalgia other privacy programming randomthought real life school security social networks software spam tutorials webdevelopment webhosting websites Windows writing
Contact Me (test)