Google Docs API: Client Login with PHP and Curl A few days ago I started looking deeper into the Google Code APIs and threw a few experiments using the Google Documents List Data API. Unfortunately, the only library they have for the third version of their protocol is written in Java. There is a PHP wrapper for the first version of the protocol, but it totally depends on the Zend Framework. Here’s a little code snippet for logging into a Google Docs account (writely) using ClientLogin with Curl and PHP. How to Change Your Browser’s User Agent Without Installing Any Extensions All popular browsers offer build-in user agent switchers, so you can change your user agent without installing any extensions. Google Chrome and Internet Explorer both include user agent switchers in their developer tools, while Firefox offers an about:config option. Websites identify browsers by their user agents. Modify a browser’s user agent and it will appear as a different browser – or even a browser running on another device, such as a smartphone or tablet.
Detect and replace vulnerable SSH keys on Debian As many of my readers no doubt already know, Debian GNU/Linux recently had some cryptographic vulnerability problems. By far, the most common effect of this on users of Debian will be the existence of weak cryptographic keys for OpenSSH. If you have SSH keys generated by OpenSSH on Debian or a Debian-derived system such as Ubuntu since the introduction of the Etch release, you are at risk, and should probably generate new SSH keys. As many of my readers no doubt already know, Debian GNU/Linux recently had some cryptographic vulnerability problems. By far, the most common effect of this on users of Debian will be the existence of weak cryptographic keys for OpenSSH. If you have SSH keys generated by OpenSSH on Debian or a Debian-derived system such as Ubuntu since the introduction of the Etch release, you are at risk, and should probably generate new SSH keys.
Main NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption. NGINX is one of a handful of servers written to address the C10K problem. Unlike traditional servers, NGINX doesn’t rely on threads to handle requests. Instead it uses a much more scalable event-driven (asynchronous) architecture. Best Chrome Extensions On this page, you will find the best Chrome extensions for all your browsing needs. Using the right Chrome extensions can completely transform your online experience, and make your time on the Internet much more productive and interesting. We’ve made the effort to categorize the extensions and chose only those we believe to be the best ones and which will most likely be useful to you. A perfect tool for students/researchers and one of the best Chrome extensions for organization. Diigo lets you highlight, share and save web pages. Read selected content both online and offline.
Ghostery, Inc. Ghosterians! We have a new release ready for the masses. We found a few issues and made some updates. SSLkeys Translation(s): English - Español In Debian Security Advisory 1571, also known as CVE-2008-0166 (New openssl packages fix predictable random number generator), the Debian Security Team disclosed a vulnerability in the openssl package that makes many cryptographic keys that are used for authentication (e.g. through SSH) or signing (e.g. web server certificates) potentially vulnerable. The scope of the problem includes: weak keys for both clients and servers (see section "Identifying Weak Keys below") all key types that were generated using openssl (this includes RSA and DSA keys) compromise of other keys or passwords that were transmitted over an encrypted link that was set up using weak keys.
HTML5 video issues on the iPad and how to solve them I’ve been delaying this post since I wrote a rant about the iPad. The delay is mainly because I never found time to create sample files or record screencasts showing the bugs so I decided to publish it without any working examples since I don’t think I will have enough time or patience to isolate the problems and document it anytime soon, so you will have to believe that what I’m saying “is true” and that the bugs exist… Think of it as a reference in case you have any of those issues and not as a definitive way of making those things work, some bugs are only present on older versions of iOS and may not be easy to replicate. I’m sure I will leave a lot of important stuff behind but at least I’ll try to cover some bugs and how I solved them. I will try to be brief.
HTTPS HTTPS ("HTTP over TLS",[1][2] "HTTP over SSL",[3] or "HTTP Secure"[4][5]) is a communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in and of itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL or TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications. The main motivation for HTTPS is to provide authentication of the visited website and prevent wiretapping and man-in-the-middle attacks. In its popular deployment on the internet, HTTPS provides authentication of the website and associated web server that one is communicating with, which protects against man-in-the-middle attacks. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems. §Overview[edit]
How Cybercrime Exploits Digital Certificates What is a digital certificate? The digital certificate is a critical component of a public key infrastructure. It is an electronic document that associates the individual identity of a person to the public key associated with it. A certificate can then be associated with a natural person, a private company or a web service as a portal. The certificate is issued by an organization, dubbed Certification Authority (or CA), recognized as “trusted” by the parties involved, and is used ordinarily for the operations of public key cryptography.
Guide to CSS support in email Version history 14 November 2017 Outlook.com and the Outlook iOS app added support for CSS background images and some related properties, as well as certain Flexbox and Grid properties. Also added iOS 11 Mail to the guide, with no noticeable differences from iOS 10. 22 September 2017 TrueCrypt, the final release, archive Yes . . . TrueCrypt is still safe to use. Google is generating a false-positive alert Stuxnet & Duqu, update on cyber weapons usage - Security AffairsSecurity Affairs We all know about the malware Stuxnet and Duqu considered unanimously the first examples of cyber weapon developed by a government to silent attacks critical enemy infrastructures. We have wrote a lot on the topic, we have followed with attention the excellent analysis made by experts of the sector such as Ralph Langner and the researchers of the Kaspersky and Symantec security firms; during last days new updates have been published on the web regarding the two agents trying to explain their status and the mode used to spread them behind the enemy line. Let’s start with the update on the Stuxnet virus that was implanted to damage Iran’s nuclear program. News of the days is that the operation was conducted by Israeli agents with the collaboration of Iranian spy, who used a corrupt “memory stick.32,” to sabotage the nuclear plant of Natanz infecting machines there according the declarations of a former and serving U.S. intelligence officials. The report of from Isssource.com says: