Tagged articles

994 articles

Page 8 of 10

Nov 23, 2020 · Information Security

2020’s Most Common Passwords Revealed and How to Build Uncrackable Ones

A NordPass analysis of 275 million passwords uncovered the 2020 top‑200 most used passwords, highlighting why simple strings like “123456” are easily cracked and offering practical advice—including length, complexity, and unique generation techniques—to help users create far stronger, unbreakable passwords.

Information Securitycommon passwordspassword best practices

0 likes · 5 min read

2020’s Most Common Passwords Revealed and How to Build Uncrackable Ones

Python Crawling & Data Mining

Nov 20, 2020 · Information Security

Create a Python ‘Hacker’ Tool: Scan Disks, Delete Files, and Auto‑Shutdown

This article demonstrates how to use Python's os and shutil modules to enumerate system drives, list directory trees, delete files and folders, copy a script to the startup folder, and finally trigger a forced shutdown, illustrating a simple educational hacking tool.

Information SecurityMalware demoOS automation

0 likes · 9 min read

Create a Python ‘Hacker’ Tool: Scan Disks, Delete Files, and Auto‑Shutdown

Programmer DD

Nov 17, 2020 · Information Security

Why Every Enterprise Needs a Bastion Host for Secure Access and Auditing

An in‑depth guide explains what a bastion host is, its 4A design (authentication, authorization, account, audit), core functions, common deployment models, authentication methods, and both commercial and open‑source options, highlighting how it centralizes control, enhances security, and streamlines operational compliance.

Bastion HostInformation Securityaccess control

0 likes · 9 min read

Why Every Enterprise Needs a Bastion Host for Secure Access and Auditing

Laravel Tech Community

Nov 11, 2020 · Information Security

Bitcoin Ransomware Cases and Police Crackdown in China

The article describes how Bitcoin‑based ransomware such as WannaRen encrypts victims' files, the large‑scale attacks on Chinese enterprises and institutions, the police investigations that led to the arrest of the mastermind Ju Mou and his accomplices, and practical advice for preventing such threats.

BitcoinData RecoveryInformation Security

0 likes · 7 min read

Bitcoin Ransomware Cases and Police Crackdown in China

Top Architect

Nov 6, 2020 · Information Security

Security Analysis of the “Le Bao” Fake WeChat App Used for Pornographic Promotion

The report investigates the malicious “Le Bao” application that mimics WeChat, detailing its hidden QR‑code group‑joining mechanism, server‑side communication, payment and gambling integration, and the broader illicit promotion and profit model, while providing forensic traces, source‑code decoding, and mitigation recommendations.

Information Securityapp spoofingmalware analysis

0 likes · 13 min read

Security Analysis of the “Le Bao” Fake WeChat App Used for Pornographic Promotion

Zhengtong Technical Team

Oct 30, 2020 · Information Security

Using Burp Suite for Penetration Testing of the ZhiXin Mobile Application

This article explains how to employ Burp Suite to conduct comprehensive penetration testing on the ZhiXin mobile app, covering setup, proxy configuration, detection of sensitive data leaks, privilege escalation, XSS, and SQL injection vulnerabilities, and provides remediation recommendations.

Burp SuiteInformation Securityapp testing

0 likes · 12 min read

Using Burp Suite for Penetration Testing of the ZhiXin Mobile Application

Efficient Ops

Oct 27, 2020 · Information Security

How to Detect Account Security Threats Using Log Analysis and Alerts

This article explains practical methods for detecting account security threats—such as blacklisted, expired, or abnormal login behaviors—by analyzing Linux and Windows login logs, defining detection rules, and leveraging automated tools to generate timely alerts and reduce security risks.

Incident ResponseInformation SecurityThreat Detection

0 likes · 27 min read

How to Detect Account Security Threats Using Log Analysis and Alerts

Programmer DD

Oct 27, 2020 · Information Security

How a Fake WeChat App ‘LeBao’ Fuels Hidden Porn Networks – A Deep Dive

This report analyzes the malicious “LeBao” application that masquerades as a WeChat‑like chat tool, detailing its covert QR‑code group entry, custom decoding, member‑paid porn livestreams, payment fraud, server tracing, and recommended mitigation measures to curb its illicit operations.

Information Securityapp investigationcybercrime

0 likes · 11 min read

How a Fake WeChat App ‘LeBao’ Fuels Hidden Porn Networks – A Deep Dive

Java Backend Technology

Oct 22, 2020 · Information Security

What Caused the Massive P1 Outage? A Real‑World Security Scanning Bug Uncovered

A sudden P1 incident reset all user passwords, and after a thorough investigation the team discovered that a security‑scanning tool’s weak‑password check repeatedly hit login attempts, triggering a bug that caused the outage, highlighting the critical need for proper incident response and security engineering.

DatabaseIncident ResponseInformation Security

0 likes · 7 min read

What Caused the Massive P1 Outage? A Real‑World Security Scanning Bug Uncovered

Architecture Digest

Oct 17, 2020 · Information Security

Understanding HTTPS: Principles, Encryption, and Security

This article explains why HTTPS has become essential for web security, compares it with HTTP, describes the weaknesses of plain HTTP and hashing algorithms, and details how symmetric and asymmetric encryption together with TLS/SSL certificates secure data transmission over the Internet.

HTTPSInformation SecurityTLS

0 likes · 11 min read

Understanding HTTPS: Principles, Encryption, and Security

JavaEdge

Oct 16, 2020 · Information Security

How OAuth 2.0 Secures Third‑Party Access: From Open Platforms to Authorization Code Flow

This article explains the concept of open platforms, the evolution of OAuth 2.0, its core token‑based authorization mechanism, real‑world analogies, and the step‑by‑step Authorization Code grant flow that lets third‑party apps securely access protected resources.

APIInformation SecurityOAuth 2.0

0 likes · 9 min read

How OAuth 2.0 Secures Third‑Party Access: From Open Platforms to Authorization Code Flow

Full-Stack Internet Architecture

Oct 12, 2020 · Information Security

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

This article provides a comprehensive overview of Cross‑Site Scripting (XSS), explaining its definition, dangers, underlying mechanisms, classification into stored, reflected, and DOM‑based types, common injection vectors, and practical defense strategies, while also addressing common questions and resources for further learning.

Cross-site scriptingDefenseInformation Security

0 likes · 11 min read

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

Programmer DD

Oct 10, 2020 · Information Security

When Search Engines Overstep: Baidu’s 1‑Yuan Liability for Unauthorized Photo Indexing

A Beijing Internet Court case ruled that Baidu must pay nominal damages after failing to remove a user’s ID photo, uploaded to a defunct alumni site, which the search engine indexed and displayed at the top of results, highlighting legal responsibilities for personal data handling.

BaiduInformation Securitylegal case

0 likes · 4 min read

When Search Engines Overstep: Baidu’s 1‑Yuan Liability for Unauthorized Photo Indexing

Liangxu Linux

Oct 8, 2020 · Information Security

How Offline Payment Codes Enable Alipay & WeChat Payments Without Network

This article explains the technical principles behind offline payment codes used by Alipay and WeChat, covering common payment modes, online and offline code schemes, OTP generation, cryptographic algorithms, their advantages, drawbacks, and practical implementation details.

AlipayInformation SecurityOTP

0 likes · 13 min read

How Offline Payment Codes Enable Alipay & WeChat Payments Without Network

Liangxu Linux

Oct 6, 2020 · Information Security

How I Uncovered a Phishing Mooncake Email Using Wireshark, Shodan, and OSINT

During the Mid‑Autumn Festival I received a seemingly harmless mooncake email, suspected it was a phishing test, and then used a virtual machine, network‑capture tools, Shodan, and open‑source intelligence to trace the malicious link back to its source and exposed the underlying infrastructure.

Incident ResponseInformation SecurityNetwork Reconnaissance

0 likes · 4 min read

How I Uncovered a Phishing Mooncake Email Using Wireshark, Shodan, and OSINT

Programmer DD

Sep 28, 2020 · Information Security

Was Windows XP Source Code Leaked? Implications for Modern Security

In 2020, when Windows 7 support ended, a massive leak of Windows XP and Server 2003 source code surfaced online, sparking concerns about potential vulnerabilities and offering a rare research resource for security professionals.

EternalBlueInformation SecurityWindows XP

0 likes · 4 min read

Was Windows XP Source Code Leaked? Implications for Modern Security

Programmer DD

Sep 25, 2020 · Information Security

Misconfigured ElasticSearch Server Exposes Millions of Bing Mobile Users' Data

A misconfigured ElasticSearch server owned by Microsoft leaked millions of Bing mobile app search queries, location data, device IDs and other details, exposing users worldwide to phishing, ransomware and even robbery risks, while Microsoft claims the breach affected only a small amount of non‑identifiable data.

Information Securitybing mobiledata breach

0 likes · 6 min read

Misconfigured ElasticSearch Server Exposes Millions of Bing Mobile Users' Data

ITPUB

Sep 24, 2020 · Information Security

What Happens When Bing’s Mobile Apps Leak Over 6.5 TB of User Data?

A recent investigation revealed that an unsecured server containing more than 6.5 TB of user data from Bing’s iOS, iPadOS, and Android apps was exposed, allowing attackers to harvest nearly 100 million records and launch destructive “Meow” attacks that nearly wiped the Elasticsearch database.

BingElasticsearchInformation Security

0 likes · 6 min read

What Happens When Bing’s Mobile Apps Leak Over 6.5 TB of User Data?

Top Architect

Sep 24, 2020 · Information Security

Case Study: Six-Year Prison Sentence for a Programmer Who Deleted SaaS Data and Its Implications for Data Security

A Shanghai court sentenced programmer He Mou to six years in prison for deliberately deleting all SaaS data of Weimeng, causing an eight‑day outage, over 300 million yuan in losses, and prompting a discussion on on‑premise versus cloud data protection strategies.

Cloud ComputingIncident ResponseInformation Security

0 likes · 9 min read

Case Study: Six-Year Prison Sentence for a Programmer Who Deleted SaaS Data and Its Implications for Data Security

ITPUB

Sep 23, 2020 · Information Security

What the Bing Mobile Data Leak Means for Your Privacy

A massive breach exposed over 6.5 TB of Bing mobile app data—including search queries, location coordinates, device identifiers, and URLs—on an unsecured Elasticsearch server, putting iOS and Android users at risk of fraud, phishing, and physical threats, while highlighting common causes of such leaks.

BingElasticsearchInformation Security

0 likes · 6 min read

What the Bing Mobile Data Leak Means for Your Privacy

OPPO Amber Lab

Sep 22, 2020 · Information Security

Understanding Cryptography: From Basics to Symmetric & Asymmetric Ciphers

This article introduces the fundamentals of cryptography, explaining what passwords are, the difference between encryption and decryption, classifications of cryptographic algorithms such as symmetric, asymmetric, hash functions, and message authentication, and illustrates concepts with examples like RC4 and block cipher modes.

Information Securityasymmetric cipherencryption

0 likes · 5 min read

Understanding Cryptography: From Basics to Symmetric & Asymmetric Ciphers

21CTO

Sep 21, 2020 · Information Security

Why a Programmer Deleted 300M Users' Data – Lessons on Cloud Security

The article recounts the 2020 “delete‑and‑run” incident where a disgruntled employee erased all data from the SaaS platform Weimeng, causing over 300 million users to lose access, a market‑value plunge of over HK$1 billion, and a six‑year prison sentence, while exposing critical flaws in data‑security practices and the risks of insufficient cloud adoption.

Cloud ComputingData SecurityInformation Security

0 likes · 8 min read

Why a Programmer Deleted 300M Users' Data – Lessons on Cloud Security

Architects Research Society

Sep 20, 2020 · Information Security

Introduction to Technical Risk Management

This guide explains what technical risk is, why it matters, and provides a step‑by‑step methodology for assessing, mitigating, and managing technology‑related risks—including lifecycle, compliance, and complexity considerations—to improve cost efficiency, agility, and security across the enterprise.

ComplianceEnterprise ArchitectureIT lifecycle

0 likes · 17 min read

Introduction to Technical Risk Management

WeDoctor Frontend Technology

Sep 15, 2020 · Information Security

How Does HTTPS Secure Your Data? Inside SSL/TLS Handshake Explained

HTTPS combines HTTP with SSL/TLS to protect data through encryption, integrity checks, and authentication, using asymmetric keys during the handshake to negotiate symmetric encryption, digital signatures, certificates, and a secure session, ensuring safe client‑server communication.

HTTPSInformation SecuritySSL

0 likes · 14 min read

How Does HTTPS Secure Your Data? Inside SSL/TLS Handshake Explained

21CTO

Sep 11, 2020 · Information Security

How State‑Backed Hackers Targeted the 2020 US Election: Microsoft’s Findings

Microsoft’s report reveals that Russian and Iranian state‑backed hacker groups have targeted candidates, campaign staff, and consulting firms involved in the 2020 U.S. presidential election, employing phishing and other tactics, but strong defenses have limited successful intrusions.

Cyber EspionageInformation SecurityUS politics

0 likes · 4 min read

How State‑Backed Hackers Targeted the 2020 US Election: Microsoft’s Findings

MaGe Linux Operations

Sep 10, 2020 · Information Security

Why HTTP Is Insecure and How HTTPS Protects Against Man-in-the-Middle Attacks

This article explains the fundamentals of the HTTP protocol, illustrates its vulnerability to man‑in‑the‑middle attacks, and details how HTTPS—through SSL/TLS, asymmetric key exchange, and a trusted CA certificate hierarchy—secures communications by encrypting data and preventing interception and tampering.

HTTPHTTPSInformation Security

0 likes · 9 min read

Why HTTP Is Insecure and How HTTPS Protects Against Man-in-the-Middle Attacks

macrozheng

Sep 8, 2020 · Information Security

How Do Offline Payment Codes Work? Inside the Tech Behind WeChat & Alipay

Even without network connectivity, mobile payment apps like WeChat and Alipay can complete transactions using offline payment codes; this article explains the two common QR payment methods, the online and offline code schemes, the underlying OTP and HMAC‑SHA1 algorithms, and their security trade‑offs.

HMAC-SHA1Information SecurityOTP

0 likes · 13 min read

How Do Offline Payment Codes Work? Inside the Tech Behind WeChat & Alipay

Architect's Tech Stack

Sep 4, 2020 · Information Security

Are Open‑Source Projects on GitHub Subject to U.S. Export Controls?

The article explains that GitHub’s user agreement and the Apache Software Foundation’s policies include U.S. export‑control clauses, but legal experts clarify that publicly available open‑source code without encryption is generally exempt from EAR restrictions, while enterprises may still need licenses for certain uses.

EARExport ControlGitHub

0 likes · 5 min read

Are Open‑Source Projects on GitHub Subject to U.S. Export Controls?

Programmer DD

Aug 30, 2020 · Information Security

Why Plaintext Passwords Are Dangerous and How to Secure Them Properly

Storing passwords in plaintext is insecure; instead, use cryptographic hash functions with proper salting, avoid simple encryption like AES, understand rainbow table attacks, and adopt modern password‑hash algorithms such as Argon2, Bcrypt or Scrypt to protect user credentials against modern threats.

HashingInformation Securitycryptographic hash

0 likes · 13 min read

Why Plaintext Passwords Are Dangerous and How to Secure Them Properly

Programmer DD

Aug 29, 2020 · Information Security

Can the US Really Shut Down Your .cn Domain? Inside DNS Root Server Secrets

After the US announced its “Clean Network” initiative, concerns arose about whether America could block national top‑level domains by controlling the 13 DNS root servers; this article explains DNS fundamentals, the role of root mirrors, historical shutdowns, and how China mitigates such risks.

AnycastChinaDNS

0 likes · 24 min read

Can the US Really Shut Down Your .cn Domain? Inside DNS Root Server Secrets

Java Backend Technology

Aug 16, 2020 · Information Security

How Chinese Police Dismantled a $20M Game Cheat Syndicate

In 2020, Chinese authorities uncovered and busted a nationwide network selling illegal League of Legends cheat software, arresting 21 suspects across 14 provinces, exposing the developers, sales tactics, massive profits, and the legal ramifications under criminal law.

Information SecurityLeague of Legendscybercrime

0 likes · 8 min read

How Chinese Police Dismantled a $20M Game Cheat Syndicate

IT Architects Alliance

Aug 13, 2020 · Information Security

Top 7 Web Vulnerability Scanners: Features, Pros, and How to Use Them

After gathering reconnaissance data in a penetration test, this article reviews seven popular web vulnerability scanners, outlining their core capabilities, typical usage scenarios, and visual screenshots to help security professionals choose the right tool for detecting SQL injection, XSS, file inclusion, and other common web flaws.

Information SecurityWeb Securityawvs

0 likes · 7 min read

Top 7 Web Vulnerability Scanners: Features, Pros, and How to Use Them

Architects Research Society

Aug 12, 2020 · Information Security

12 Best Cybersecurity Practices for 2019

This article outlines twelve essential cybersecurity best practices for 2019, covering biometric security, tiered policies, risk‑based approaches, data backup, IoT protection, multi‑factor authentication, password management, least‑privilege principles, privileged‑user monitoring, third‑party access control, phishing defense, and employee awareness to safeguard sensitive data.

Best PracticesData ProtectionInformation Security

0 likes · 22 min read

12 Best Cybersecurity Practices for 2019

Java Backend Technology

Aug 11, 2020 · Information Security

How to Verify If Your Accounts Were Sold in Data Breaches and Secure Them

This article reviews major 2020 data breach incidents worldwide, shows how to check if your accounts appear on the dark web using HaveIBeenPwned, and offers practical advice on password reuse and recommended password‑manager tools to protect your online identities.

Information SecurityPassword Managementcybersecurity

0 likes · 6 min read

How to Verify If Your Accounts Were Sold in Data Breaches and Secure Them

Architects Research Society

Aug 9, 2020 · Information Security

Understanding Open Source Software Dependency Security Risks and Available Tools

The article explains how the widespread use of third‑party open‑source components creates a large, often overlooked attack surface, describes the fragmented nature of vulnerability information, and reviews a variety of tools that help organizations detect and manage security risks in their software dependencies.

Information SecuritySoftware Securitydependency management

0 likes · 12 min read

Understanding Open Source Software Dependency Security Risks and Available Tools

Programmer DD

Aug 9, 2020 · Information Security

Inside the GPG‑Agentd Malware: How a CentOS Server Was Hijacked and Spread via Redis

A compromised CentOS server was frozen by Alibaba Cloud after malicious outbound traffic; the investigation uncovered a disguised gpg‑agentd process, malicious cron jobs downloading remote scripts, a Redis exploit that injected SSH keys, and mass‑scan tools, illustrating a sophisticated multi‑stage malware infection.

Information Securitycrongpg-agentd

0 likes · 12 min read

Inside the GPG‑Agentd Malware: How a CentOS Server Was Hijacked and Spread via Redis

Laravel Tech Community

Aug 8, 2020 · Information Security

Understanding RBAC Permission Models and Authorization Processes

This article explains the core RBAC0 model and its extensions (RBAC1, RBAC2, RBAC3), discusses user groups, organizations and positions, and outlines manual and approval-based authorization workflows along with a sample database schema for implementing role‑based access control in complex systems.

AuthorizationInformation SecurityPermission Model

0 likes · 10 min read

Understanding RBAC Permission Models and Authorization Processes

21CTO

Aug 8, 2020 · Information Security

What Intel’s 20 GB Source Code Leak Reveals About Firmware Security

On August 6, a Swiss engineer uploaded roughly 20 GB of Intel’s internal firmware source code and confidential documents to a public file‑sharing site, prompting Intel to investigate the breach, deny a backdoor, and attribute the leak to a privileged user of its Resource and Design Center.

Information SecurityIntelfirmware

0 likes · 6 min read

What Intel’s 20 GB Source Code Leak Reveals About Firmware Security

JD Tech Talk

Aug 7, 2020 · Information Security

Fraudar: Graph-Based Fraud Detection in Bipartite Transaction Networks

The article explains how e‑commerce fraud such as fake order brushing can be modeled as a bipartite transaction network and tackled with the Fraudar algorithm, which iteratively removes low‑suspicion nodes using a global suspiciousness metric and priority‑tree structures to uncover dense suspicious sub‑graphs.

Information SecurityUnsupervised Learningbipartite graph

0 likes · 14 min read

Fraudar: Graph-Based Fraud Detection in Bipartite Transaction Networks

Liangxu Linux

Aug 5, 2020 · Information Security

How to Check If Your Accounts Were Sold on the Dark Web and Secure Them

The article lists major 2020 data‑breach incidents worldwide, explains how to use HaveIBeenPwned to discover whether your credentials have been exposed, and offers practical advice on password hygiene and reliable password‑manager tools to protect your online accounts.

Information Securitycybersecuritydata breach

0 likes · 5 min read

How to Check If Your Accounts Were Sold on the Dark Web and Secure Them

IT Architects Alliance

Jul 27, 2020 · Industry Insights

Why Cloud Security Is Booming: Market Trends, Key Players, and Future Outlook

This report examines the rise of cloud security, defining its scope, tracing its evolution from traditional information security, analyzing market dynamics, investment and M&A activity, and evaluating the strategies of cloud providers, specialist vendors, traditional security firms, and large IT companies in the rapidly growing sector.

Cloud ComputingInformation SecurityMarket Trends

0 likes · 39 min read

Why Cloud Security Is Booming: Market Trends, Key Players, and Future Outlook

IT Architects Alliance

Jul 27, 2020 · Information Security

Why ‘No‑Log’ VPNs Are Lying: Inside a 1.2 TB Data Leak of Seven Providers

A recent investigation uncovered a 1.2 TB leak containing personal data of up to 20 million users from seven VPN services that claim to keep no logs, revealing email addresses, passwords, IPs, device details, and connection logs, and prompting urgent security recommendations.

Information SecurityVPNdata breach

0 likes · 4 min read

Why ‘No‑Log’ VPNs Are Lying: Inside a 1.2 TB Data Leak of Seven Providers

Architects Research Society

Jul 27, 2020 · Information Security

What Are Application Security Principles?

Application security principles are language‑agnostic design and implementation guidelines that help reduce the likelihood and impact of threats, providing a systematic way to make secure decisions, derive requirements, and identify potential defects in software systems.

Application SecurityInformation SecuritySoftware Architecture

0 likes · 5 min read

What Are Application Security Principles?

MaGe Linux Operations

Jul 27, 2020 · Information Security

How to Install OpenResty on CentOS and Deploy a Lua‑Based Web Application Firewall

This guide walks you through installing OpenResty—a high‑performance Nginx/Lua web platform—on CentOS, adding a ready‑made Lua WAF module, configuring its various security rules (IP blacklist/whitelist, CC protection, URL, User‑Agent, GET/POST filters), and troubleshooting common issues.

CentOSInformation SecurityLua

0 likes · 20 min read

How to Install OpenResty on CentOS and Deploy a Lua‑Based Web Application Firewall

Architects' Tech Alliance

Jul 26, 2020 · Information Security

The Rise of Cloud Security: Market Trends, Challenges, and Competitive Landscape

Cloud security is emerging as a critical field, driven by rapid cloud adoption, evolving infrastructure, and increasing threats, with major vendors, startups, and traditional security firms competing through innovative SaaS solutions, partnerships, and acquisitions, while market forecasts predict substantial growth in the coming years.

Cloud ComputingInformation SecuritySaaS

0 likes · 37 min read

The Rise of Cloud Security: Market Trends, Challenges, and Competitive Landscape

Alibaba Cloud Developer

Jul 22, 2020 · Frontend Development

How Alibaba’s Data Experience Team Redefines SQL Editing and BI Visualization

This article explores Alibaba's Data Experience Technology team's comprehensive architecture for SQL editors, BI platforms, data visualization, low‑code solutions, heterogeneous rendering, and data security, highlighting design principles, performance optimizations, and future directions across the data lifecycle.

BI platformData visualizationFrontend Development

0 likes · 24 min read

How Alibaba’s Data Experience Team Redefines SQL Editing and BI Visualization

Xueersi Online School Tech Team

Jul 17, 2020 · Information Security

Why HTTPS Is Secure: Encryption, Certificates, and Handshake Explained

This article explains why HTTP is insecure, demonstrates a plain‑text attack using Wireshark, and then details the encryption types, certificate issuance, digital signatures, and the combined asymmetric‑symmetric handshake that make HTTPS a secure protocol for web communication.

HTTPSInformation SecurityTLS

0 likes · 10 min read

Why HTTPS Is Secure: Encryption, Certificates, and Handshake Explained

Efficient Ops

Jul 16, 2020 · Information Security

When Revenge Triggers IT Disasters: Lessons on Employee Dissatisfaction and Security

The article examines how personal grievances have led to tragic events—from a bus driver’s fatal crash to destructive IT incidents—highlighting the need for psychological care, robust security policies, and a DevSecOps mindset to prevent such revenge‑driven catastrophes.

DevSecOpsIT GovernanceIncident Response

0 likes · 5 min read

When Revenge Triggers IT Disasters: Lessons on Employee Dissatisfaction and Security

Open Source Linux

Jul 13, 2020 · Information Security

Demystifying HTTPS: How Encryption and Certificates Secure the Web

This article explains in plain language what HTTPS is, how it encrypts data using symmetric and asymmetric techniques, how it verifies server identity with digital signatures and certificates, and why these mechanisms keep web communications safe from eavesdropping and tampering.

HTTPSInformation SecurityTLS

0 likes · 7 min read

Demystifying HTTPS: How Encryption and Certificates Secure the Web

21CTO

Jul 10, 2020 · Information Security

Why Are ‘Black Hat’ and ‘White Hat’ Terms Under Fire in Cybersecurity?

The article examines the controversy sparked by Google’s VP withdrawing from Black Hat USA 2020 and the push for neutral terminology in cybersecurity, exploring historical origins, community reactions, and recent industry changes toward inclusive language.

Black HatInformation SecurityTerminology

0 likes · 7 min read

Why Are ‘Black Hat’ and ‘White Hat’ Terms Under Fire in Cybersecurity?

Top Architect

Jul 8, 2020 · Information Security

kk-anti-reptile: Spring Boot Anti‑Crawler Component and Integration Guide

The article introduces kk-anti-reptile, a Spring Boot‑based anti‑crawler component that uses servlet filters, Redis, and configurable rule chains (IP and User‑Agent), explains its workflow, shows Maven and property configurations, and provides front‑end Axios interception code for handling 509 responses.

Backend DevelopmentInformation SecurityRedis

0 likes · 6 min read

kk-anti-reptile: Spring Boot Anti‑Crawler Component and Integration Guide

Architects Research Society

Jul 7, 2020 · Information Security

Understanding Cloud Access Security Brokers (CASB): Functions, Benefits, and Deployment Models

A Cloud Access Security Broker (CASB) sits between cloud service consumers and providers to enforce security, compliance, and governance policies, offering visibility, data protection, threat detection, and control over shadow IT, with various deployment modes and integration options for modern cloud environments.

CASBComplianceData Protection

0 likes · 15 min read

Understanding Cloud Access Security Brokers (CASB): Functions, Benefits, and Deployment Models

Java Backend Technology

Jul 5, 2020 · Information Security

Why Constant-Time String Comparison Matters: Preventing Timing Attacks

The article explains how constant‑time string comparison functions work, shows Java and Scala implementations, and demonstrates why such techniques are essential to thwart timing attacks in cryptographic and authentication scenarios.

Information SecurityJavaconstant-time comparison

0 likes · 9 min read

Why Constant-Time String Comparison Matters: Preventing Timing Attacks

Programmer DD

Jul 3, 2020 · Information Security

Why HTTPS Matters: Understanding Symmetric & Asymmetric Encryption

This article explains why HTTPS is essential, compares symmetric and asymmetric encryption, illustrates how encryption keys are securely exchanged, and outlines the three core reasons HTTPS reliably protects data from eavesdropping and man‑in‑the‑middle attacks.

HTTPSInformation SecurityTLS

0 likes · 5 min read

Why HTTPS Matters: Understanding Symmetric & Asymmetric Encryption

Architecture Digest

Jun 27, 2020 · Information Security

Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948): Background, Risk Assessment, Affected Versions, and Mitigation

The article details the high‑severity CVE‑2020‑1948 remote code execution flaw in Apache Dubbo, describing its background, risk rating, affected versions, remediation steps, asset‑mapping data, and a timeline of disclosures to help users protect their Java RPC services.

Apache DubboCVE-2020-1948Information Security

0 likes · 4 min read

Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948): Background, Risk Assessment, Affected Versions, and Mitigation

MaGe Linux Operations

Jun 24, 2020 · Information Security

How to Secure Zabbix Data Transfer with PSK and TLS Encryption

This guide explains why Zabbix data transmission in mixed‑cloud environments requires encryption, describes the TLS/PSK and certificate‑based security options supported since Zabbix 3.0, outlines their limitations, lists compatible encryption libraries, and provides step‑by‑step configuration commands for both GnuTLS and OpenSSL.

Information SecurityPSKTLS

0 likes · 13 min read

How to Secure Zabbix Data Transfer with PSK and TLS Encryption

Sohu Tech Products

Jun 17, 2020 · Information Security

Analyzing and Removing Dead Code and Flower‑Instruction Obfuscation from JavaScript

This tutorial explains how to recognize and eliminate dead code and flower‑instruction obfuscation techniques in JavaScript, walks through using Obfuscator.io to generate heavily mixed code, and demonstrates step‑by‑step static analysis to strip away useless statements, ultimately restoring the original concise logic.

Dead CodeInformation SecurityObfuscation

0 likes · 12 min read

Analyzing and Removing Dead Code and Flower‑Instruction Obfuscation from JavaScript

Architects Research Society

Jun 16, 2020 · Information Security

Information Governance: Roles, Responsibilities, and Key Processes

Information governance is a program that ensures enterprise data accuracy, completeness, consistency, accessibility, and security by establishing business‑driven roles such as a data governance committee, data stewards, and data custodians, and by defining key responsibilities, processes, and metrics for data quality, privacy, and compliance.

Data QualityEnterprise Data ManagementInformation Security

0 likes · 11 min read

Information Governance: Roles, Responsibilities, and Key Processes

Laravel Tech Community

Jun 15, 2020 · Fundamentals

100 Network Fundamentals: Key Concepts and Definitions

This article presents a comprehensive collection of 100 essential networking concepts, covering topics such as links, OSI model layers, backbone, LAN, routers, subnet masks, VPN, NAT, TCP/IP, security measures, cabling, topologies, protocols, and many other foundational terms that every network professional should know.

Information SecurityNetwork fundamentalsOSI model

0 likes · 31 min read

100 Network Fundamentals: Key Concepts and Definitions

Efficient Ops

Jun 10, 2020 · Information Security

Mastering Log Standardization: Boost Security Analytics with Flexible Parsing

This article explains why standardized log parsing is crucial for security analytics, outlines key parsing concepts, compares pre‑ and post‑parsing approaches, discusses flexible custom parsing methods, and offers practical guidance to improve accuracy and efficiency in large‑scale security environments.

Information SecuritySOCcustom parsing

0 likes · 12 min read

Mastering Log Standardization: Boost Security Analytics with Flexible Parsing

Efficient Ops

Jun 4, 2020 · Operations

2020 Ops Insights: Salaries, Cloud Security Rankings, and Market Trends

The article compiles 2020 industry data, revealing programmer salary averages, Alibaba Cloud's second‑place global security rating, DB‑Engines database popularity, IDC's cloud services market growth, Baidu's accelerated cloud center construction, a dip in global Ethernet switch revenue, and China Mobile's massive data‑center investment.

Cloud ComputingInformation SecurityOperations

0 likes · 8 min read

2020 Ops Insights: Salaries, Cloud Security Rankings, and Market Trends

TAL Education Technology

Jun 4, 2020 · Information Security

Data Security Governance: Motivation, Technical Objectives, Classification, and Management Practices

The article explains why data security governance is essential for rapidly growing businesses, outlines technical goals across the data lifecycle, describes data classification and labeling methods, and details approval processes, network security zones, and management controls to protect data throughout its lifecycle.

Data SecurityGovernanceInformation Security

0 likes · 10 min read

Data Security Governance: Motivation, Technical Objectives, Classification, and Management Practices

Python Programming Learning Circle

Jun 3, 2020 · Information Security

Anti‑Crawling Techniques: Server‑Side and Client‑Side Detection Strategies

The article examines why web content needs protection, explains common server‑side header checks, describes client‑side JavaScript fingerprinting and headless‑browser detection methods, and outlines practical anti‑crawling measures such as CAPTCHAs and robots.txt, highlighting the ongoing cat‑and‑mouse game between crawlers and defenders.

CaptchaHTTP header inspectionInformation Security

0 likes · 12 min read

Anti‑Crawling Techniques: Server‑Side and Client‑Side Detection Strategies

Liangxu Linux

Jun 2, 2020 · Information Security

Step-by-Step Guide to Harden CentOS 7.7 Server Security

This article provides a comprehensive, step‑by‑step tutorial for hardening a CentOS 7.7 server, covering complex password creation, password‑policy configuration, PAM strength settings, login‑attempt limits, disabling root SSH access, changing the SSH port, tightening security‑group rules, command‑history limits, log monitoring, and regular data backup procedures.

CentOSInformation SecurityPassword policy

0 likes · 6 min read

Step-by-Step Guide to Harden CentOS 7.7 Server Security

DevOps

Jun 2, 2020 · Information Security

How to Enhance the Security of JumpServer: Best Practices and Recommendations

This article outlines ten essential steps to strengthen JumpServer security, including upgrading the operating system and JumpServer software, updating dependencies, avoiding weak passwords, enabling OS security components, minimizing open ports, securing public access, configuring SSL, enforcing strong passwords, and enabling multi‑factor authentication.

Bastion HostBest PracticesInformation Security

0 likes · 5 min read

How to Enhance the Security of JumpServer: Best Practices and Recommendations

Java Captain

May 31, 2020 · Information Security

Common API Security Practices: Token, Timestamp, Signature, and Duplicate Submission Prevention in Java

This article explains practical API security techniques for protecting data exchange with third‑party systems, covering token generation and storage, timestamp validation to mitigate DoS attacks, MD5‑based request signing with nonce, preventing duplicate submissions using Redis, and illustrates the concepts with comprehensive Java code examples.

API SecurityBackend DevelopmentInformation Security

0 likes · 23 min read

Common API Security Practices: Token, Timestamp, Signature, and Duplicate Submission Prevention in Java

Architecture Digest

May 18, 2020 · Information Security

API Security Practices: Token, Timestamp, Signature, and Replay Protection in Java

This article explains common API security mechanisms such as token, timestamp, signature, and anti‑replay techniques, demonstrates how to prevent duplicate submissions, and provides complete Java Spring Boot code examples including interceptors, Redis configuration, and utility classes for secure API design.

API SecurityInformation SecurityJava

0 likes · 27 min read

API Security Practices: Token, Timestamp, Signature, and Replay Protection in Java

Architects' Tech Alliance

May 16, 2020 · Information Security

Understanding Secure Boot, Trusted Boot, Intel SGX, and ARM TrustZone

This article explains the concepts of secure boot and trusted boot, discusses their limitations on general-purpose devices, and compares the application workflows and security properties of Intel SGX and ARM TrustZone, highlighting practical usage scenarios such as DRM-protected media.

Information SecurityIntel SGXSecure Boot

0 likes · 10 min read

Understanding Secure Boot, Trusted Boot, Intel SGX, and ARM TrustZone

Meituan Technology Team

May 14, 2020 · Information Security

How Meituan Built Zeus: Inside a Scalable Security Rule Engine

This article examines Meituan's custom rule engine Zeus, detailing the security challenges of a massive multi‑service platform, the architectural decisions made to decouple risk logic, the implementation of reusable factors and rule groups, and the ongoing push toward automated, intelligent risk mitigation.

Information SecurityMeituanRule Engine

0 likes · 21 min read

How Meituan Built Zeus: Inside a Scalable Security Rule Engine

Huawei Cloud Developer Alliance

Apr 30, 2020 · Information Security

How to Combine Proxies and Scanners to Cut Web Vulnerability False Positives

This article explores the limitations of traditional web vulnerability scanners and manual testing, proposes a proxy‑based architecture that captures real user requests for centralized analysis, demonstrates a demo implementation using Burp and custom scanners, and reflects on the design's strengths and remaining challenges.

Information SecurityProxyWeb Security

0 likes · 7 min read

How to Combine Proxies and Scanners to Cut Web Vulnerability False Positives

DataFunTalk

Apr 17, 2020 · Artificial Intelligence

Data Privacy and Differential Privacy Techniques for Machine Learning

The article reviews the growing importance of data privacy in machine learning, explains privacy concepts and attack vectors, and details anonymization methods such as k‑anonymity, l‑diversity, t‑closeness, as well as differential privacy techniques and their practical applications.

Data PrivacyInformation Securitydifferential privacy

0 likes · 13 min read

Data Privacy and Differential Privacy Techniques for Machine Learning

ITPUB

Apr 16, 2020 · Information Security

Why the Pandownload Developer Was Arrested and What It Means for Baidu Cloud Users

The article explains the rise of Pandownload as a third‑party Baidu Cloud download tool, its technical basis on Aria2, massive user base and modest profits, the police raid that led to the developer's arrest, and the broader legal and security implications for similar software.

Baidu CloudDownload ToolsInformation Security

0 likes · 7 min read

Why the Pandownload Developer Was Arrested and What It Means for Baidu Cloud Users

Efficient Ops

Mar 31, 2020 · Information Security

Can You Really Destroy Alipay’s Storage? Inside Financial Data Center Redundancy

This article explores the layered redundancy of financial data centers, explaining hot and cold backups, multi‑site architectures, power supply safeguards, fire‑suppression systems, and why simply attacking a single component is unlikely to cripple services like Alipay.

Backup StrategiesData Center SecurityInformation Security

0 likes · 9 min read

Can You Really Destroy Alipay’s Storage? Inside Financial Data Center Redundancy

Full-Stack Internet Architecture

Mar 25, 2020 · Information Security

Understanding Weibo Data Breaches: Credential Stuffing, Database Dumping, and Data Laundering

The article explains the recent Weibo data breach, describing how attackers used credential‑stuffing (撞库), data leakage (漏水), database dumping (拖库) and data laundering (洗库) to obtain millions of user records, the technical steps involved, and the security implications for both users and platforms.

Information SecurityWeibocredential stuffing

0 likes · 6 min read

Understanding Weibo Data Breaches: Credential Stuffing, Database Dumping, and Data Laundering

21CTO

Mar 22, 2020 · Information Security

Fake WeChat App Exposes Security Flaws: From Reverse Engineering to Criminal Conviction

A Chinese court case reveals how a reverse‑engineered, unauthorized WeChat client for feature phones spread illegal ads, compromised encrypted communications, and led to criminal charges for providing tools to infiltrate computer systems, highlighting serious information‑security risks and the legal consequences of software piracy.

ChinaInformation SecurityReverse Engineering

0 likes · 8 min read

Fake WeChat App Exposes Security Flaws: From Reverse Engineering to Criminal Conviction

Efficient Ops

Mar 21, 2020 · Information Security

Why Did Apple Devices Show Certificate Errors on March 20, 2020?

In March 2020, Apple devices displayed security warnings because the HTTPS certificate for appleimap.163.com had expired due to NetEase Mail’s failure to renew it, highlighting how overlooked certificate management can disrupt services and underscoring the need for automated monitoring tools in large organizations.

AppleCertificateInformation Security

0 likes · 4 min read

Why Did Apple Devices Show Certificate Errors on March 20, 2020?

Liangxu Linux

Mar 21, 2020 · Information Security

Why HTTPS Exists: From HTTP’s Flaws to TLS Encryption Explained

This article explains why HTTPS was created to address HTTP’s lack of encryption, authentication, and integrity, describes how TLS/SSL adds security, details the roles of symmetric and asymmetric encryption, hash algorithms, digital certificates, and the full handshake process that secures modern web communication.

HTTPSInformation SecuritySSL

0 likes · 19 min read

Why HTTPS Exists: From HTTP’s Flaws to TLS Encryption Explained

Open Source Linux

Mar 18, 2020 · Information Security

How a Baidu Ops Engineer Was Sentenced for Mining Crypto on 155 Servers

A former Baidu operations engineer illegally mined Bitcoin and Monero using 155 of the company's search servers, earning about 100,000 CNY before being caught, fined, and sentenced to three years in prison, highlighting severe risks of abusing corporate computing resources.

BaiduInformation Securitycryptocurrency

0 likes · 9 min read

How a Baidu Ops Engineer Was Sentenced for Mining Crypto on 155 Servers

21CTO

Mar 17, 2020 · Information Security

When Ops Turn Rogue: Inside Baidu’s 2018 Crypto‑Mining Scandal

A Baidu operations engineer illegally mined cryptocurrency on more than 150 company servers in 2018, netting over 100,000 RMB, was caught, sentenced to three years in prison and a fine, and the case now serves as a stark reminder of insider threats and the need for strict access controls in IT operations.

Information SecurityOperations Riskcrypto mining

0 likes · 7 min read

When Ops Turn Rogue: Inside Baidu’s 2018 Crypto‑Mining Scandal

360 Quality & Efficiency

Mar 10, 2020 · Information Security

Detailed Walkthrough of AES Encryption and Decryption Process with Node.js Implementation

This article provides a step‑by‑step technical guide to the AES encryption and decryption algorithm, covering state matrix construction, key expansion, round operations, final round differences, and practical Node.js code examples for handling padding and common implementation pitfalls.

AESInformation SecurityKey Expansion

0 likes · 9 min read

Detailed Walkthrough of AES Encryption and Decryption Process with Node.js Implementation

Top Architect

Mar 4, 2020 · Information Security

ISO 27001 Security Framework and Building an Enterprise Information Security System

This article explains why enterprises need information security, outlines the core security requirements such as data protection and business continuity, and presents a phased ISO 27001‑based roadmap—including short‑term, medium‑term goals, management policies, network segmentation, third‑party compliance, and budgeting—to establish a comprehensive security architecture.

ComplianceISO 27001Information Security

0 likes · 6 min read

ISO 27001 Security Framework and Building an Enterprise Information Security System

macrozheng

Mar 3, 2020 · Information Security

Exploiting Apache Tomcat AJP File Inclusion (CVE‑2020‑1938) for Remote Code Execution

This article analyzes the high‑severity Apache Tomcat AJP file‑inclusion vulnerability (CVE‑2020‑1938), detailing affected versions, the underlying code flaw, how attackers can read arbitrary files and achieve remote code execution, and provides concrete upgrade recommendations to mitigate the risk.

AJPApache TomcatCVE-2020-1938

0 likes · 7 min read

Exploiting Apache Tomcat AJP File Inclusion (CVE‑2020‑1938) for Remote Code Execution

Tencent Tech

Feb 28, 2020 · Information Security

How to Safeguard Enterprise Data in the Cloud: Practical Strategies

This article explains why data security is vital for businesses, outlines common technical, process and human threats, and provides actionable cloud‑based measures—including backup strategies, snapshot usage, permission management, data classification, and encryption—to protect enterprise data throughout its lifecycle.

Cloud ComputingCloud ServicesData Security

0 likes · 13 min read

How to Safeguard Enterprise Data in the Cloud: Practical Strategies

Youzan Coder

Feb 27, 2020 · Information Security

System Stability and Security Measures in SaaS: Yazan's Approach

Yazan’s SaaS platform maintains 99.99% uptime through robust IaaS infrastructure, dedicated DBA and network teams, while defending against DDoS attacks and data breaches with ISO‑27001 and CSA C*STAR‑aligned security controls, employing multi‑cloud real‑time and cold backups and offering compensation for outage‑related business impacts.

Cloud ComputingDDoS protectionInformation Security

0 likes · 17 min read

System Stability and Security Measures in SaaS: Yazan's Approach

ITPUB

Feb 26, 2020 · Information Security

What We Learned from the Weimeng Data Deletion Disaster: Backup and Permission Strategies

The article analyzes the recent Weimeng database deletion incident, explains why recovery took 36 hours, and provides practical guidance on backup practices, minimal‑privilege management, and cloud‑based disaster recovery to prevent similar data loss in small and large organizations.

Incident ResponseInformation SecurityOperations

0 likes · 9 min read

What We Learned from the Weimeng Data Deletion Disaster: Backup and Permission Strategies

Programmer DD

Feb 26, 2020 · Information Security

Inside the Weimob Data Deletion: Lessons on Permissions and Backup

A malicious insider deleted Weimob's primary and backup databases, prompting a slow recovery effort and highlighting the critical need for stricter permission controls and reliable backup mechanisms to prevent similar incidents.

Data lossIncident ResponseInformation Security

0 likes · 5 min read

Inside the Weimob Data Deletion: Lessons on Permissions and Backup

Ziru Technology

Feb 16, 2020 · Information Security

Mastering Drozer: Step‑by‑Step Android Security Testing Guide

This guide walks through installing Drozer, configuring port forwarding, connecting the console, and using a variety of commands to enumerate packages, activities, content providers, services, and broadcast receivers on Android devices, while also addressing common errors and demonstrating vulnerability scans such as SQL injection and directory traversal.

DrozerInformation Securitymobile security

0 likes · 9 min read

Mastering Drozer: Step‑by‑Step Android Security Testing Guide

ITPUB

Feb 14, 2020 · Information Security

How a Former Tech Director Sabotaged a SaaS Database: A Real‑World InfoSec Case Study

In June 2018, a disgruntled former technical director of a Zhejiang company used retained Alibaba Cloud credentials to delete database indexes and tables, crippling a SaaS platform for over five hours, causing millions in losses, and was later convicted of destroying computer information systems with a suspended sentence.

Alibaba CloudInformation Securitycloud security

0 likes · 8 min read

How a Former Tech Director Sabotaged a SaaS Database: A Real‑World InfoSec Case Study

Efficient Ops

Feb 2, 2020 · Operations

Essential Remote Work Tools and Best Practices for Post‑COVID Productivity

This guide outlines key remote collaboration tools, highlights the advantages and challenges of working from home, and offers practical advice on communication, security, and trust to maintain high productivity during and after the COVID‑19 pandemic.

Information SecurityVideo Conferencingcollaboration tools

0 likes · 8 min read

Essential Remote Work Tools and Best Practices for Post‑COVID Productivity

Python Crawling & Data Mining

Feb 1, 2020 · Information Security

How to Detect Hidden Hotel Cameras with Python and Scapy

This guide shows how to use Python's scapy library to send ARP broadcast packets, collect MAC addresses of devices on a hotel Wi‑Fi network, query their manufacturers, and identify potential hidden cameras, providing a practical method for ensuring hotel security.

ARPInformation SecurityNetwork Scanning

0 likes · 5 min read

How to Detect Hidden Hotel Cameras with Python and Scapy

Efficient Ops

Jan 16, 2020 · Information Security

What Are the Top 10 Cybersecurity Threats Predicted for 2020?

The article outlines ten major 2020 cybersecurity forecasts—including surging ransomware, sophisticated phishing, faster threat detection, expanding attack surfaces, emerging IoT security laws, stricter GDPR enforcement, OT security challenges, and the rise of managed security services—to help organizations prepare for the evolving threat landscape.

2020Information SecurityRansomware

0 likes · 13 min read

What Are the Top 10 Cybersecurity Threats Predicted for 2020?

Python Programming Learning Circle

Jan 7, 2020 · Fundamentals

Which Tech Skills Will Make You Irreplaceable in Today’s Job Market?

In a fiercely competitive internet era, technical professionals must continuously learn across fields such as information security, Python, cloud computing, big data, AI, software testing, IoT, and internet marketing to become the highly sought‑after talent that companies urgently need.

Artificial IntelligenceBig DataCloud Computing

0 likes · 7 min read

Which Tech Skills Will Make You Irreplaceable in Today’s Job Market?

Liangxu Linux

Dec 19, 2019 · Information Security

How a Hacker Hijacked a Mother‑Daughter Chat – What HTTP, TLS, and Encryption Teach Us

Through a narrative of a college student and her mother whose chat is intercepted and altered by a hacker, the article illustrates why plain HTTP is vulnerable, explains the principles of symmetric and asymmetric encryption, TLS/SSL, and how certificates and hybrid encryption secure modern communications.

HTTPHTTPSInformation Security

0 likes · 9 min read

How a Hacker Hijacked a Mother‑Daughter Chat – What HTTP, TLS, and Encryption Teach Us

ITPUB

Dec 13, 2019 · Information Security

Why ElasticSearch Data Breaches Keep Happening: 2.7 B Emails Exposed

A recent ElasticSearch breach exposed 2.7 billion email addresses, one‑billion plain‑text passwords and hundreds of thousands of birth‑certificate copies, highlighting persistent security gaps in cloud‑based search services despite growing corporate safeguards.

ElasticsearchInformation Securitycloud storage

0 likes · 4 min read

Why ElasticSearch Data Breaches Keep Happening: 2.7 B Emails Exposed

IT Architects Alliance

Dec 9, 2019 · Information Security

Why Antivirus Software Is Fading: Market Trends and Future Outlook

The article analyzes the sharp decline of the antivirus software market, citing reduced search interest, Microsoft’s free built‑in Defender, high development costs, shifting user habits toward mobile devices, and offers guidance on when third‑party protection may still be needed.

AntivirusInformation SecurityMicrosoft Defender

0 likes · 10 min read

Why Antivirus Software Is Fading: Market Trends and Future Outlook

21CTO

Dec 3, 2019 · Information Security

When Is Web Scraping Legal? A Developer’s Guide to Chinese Cyber Laws

This article explains the legal boundaries of web crawling in China, covering recent cybersecurity regulations, what makes a crawler illegal or legal, common developer questions, and practical advice to avoid personal‑data violations and criminal liability.

Chinese lawData PrivacyInformation Security

0 likes · 10 min read

When Is Web Scraping Legal? A Developer’s Guide to Chinese Cyber Laws

Programmer DD

Nov 16, 2019 · Information Security

Why HTTPS Needs Both Symmetric and Asymmetric Encryption: A Deep Dive

This article reconstructs the design of HTTPS step by step, explaining why both symmetric and asymmetric encryption are required, how key negotiation works, the role of digital certificates and certificate authorities, and the underlying security concepts that protect client‑server communication.

HTTPSInformation SecurityPublic Key Infrastructure

0 likes · 13 min read

Why HTTPS Needs Both Symmetric and Asymmetric Encryption: A Deep Dive

Architecture Digest

Nov 16, 2019 · Operations

What Happens If Alipay’s Data Centers Are Physically Destroyed? A Deep Dive into Redundancy and Disaster Recovery

The article examines how Alipay’s financial data would survive a physical destruction of its servers by explaining multi‑site data center architectures, hot and cold backups, power redundancy, fire‑suppression systems, and the role of partner banks in data recovery, highlighting the extensive resilience measures in modern financial infrastructures.

AlipayData CenterInformation Security

0 likes · 8 min read

What Happens If Alipay’s Data Centers Are Physically Destroyed? A Deep Dive into Redundancy and Disaster Recovery

Senior Brother's Insights

Nov 14, 2019 · Information Security

Why HTTPS Needs Both Symmetric and Asymmetric Encryption: A Step‑by‑Step Design Walkthrough

This article reconstructs the design of HTTPS by starting from a simple secure chat, explaining why symmetric encryption alone cannot secure web traffic, introducing asymmetric encryption for key exchange, detailing how digital certificates and certificate authorities solve public‑key distribution, and summarizing the TLS handshake process.

HTTPSInformation SecurityTLS

0 likes · 12 min read

Why HTTPS Needs Both Symmetric and Asymmetric Encryption: A Step‑by‑Step Design Walkthrough

360 Tech Engineering

Nov 12, 2019 · Information Security

Improving Product Quality through Code Vulnerability Scanning and Deep Code Search

The article explains why and when to scan product code for vulnerabilities, describes static source‑code and binary scanning methods, introduces deep code‑search techniques, outlines the system architecture and incremental indexing pipeline, and shows how these practices can substantially raise overall product quality.

Code ScanningCode searchInformation Security

0 likes · 13 min read