Security, broken with a quest for convenience

I feel compelled to write about something I just found out yesterday. It was about a service that CloudFlare proudly touted as an innovation on web security technology — Keyless SSL. It allows CloudFlare, as a CDN provider, to “securely” serve content for the origin, with the origin’s own TLS certificate, but without requiring the origin to give up its private key. At first I was pleasantly surprised. If something can really be done it will with no doubt boost the security and even redefine how CDNs work today. … »

When standard fails us

I guess I have finally lost my patience with C semantics. Although the C programming language is kind of infamous for its lack of memory safety and disastrous type system, I still believed that the programming language still represented intuition well, and given that an appropriate amount of attention is paid, all mistakes can be avoided. Well, turns out it is not the case when it comes to undefined behaviors. … »

Favorite quotes from The Part-time Parliament

The Greek island of Paxos has way too many mysteries, for both archaeologists and computer scientists. When I was first reading Dr. Leslie Lamport’s The Part-time Parliament, which was an epic introduction of a novel consensus protocol designed for distributed systems, I genuinely wondered who that group of archaeologists were and how Dr. Lamport managed to discover such perfect analogies between an ancient democracy and distributed computer systems. To be honest I almost planned my visit to the archaeology department myself. … »

Brute-forcing for a reason

Last week I was assigned the task to brute-force the MD5 hashing function in-order to demonstrate a SQL injection to the following PHP login handler: // escaping username inputs, should be safe in most cases $username = mysql_real_escape_string($_GET['username']); // hashing the password input $password = md5($_GET['password'], true); $query = "SELECT * FROM `users` WHERE username='$username'". " AND password='$password';"; // searching for records $result = mysql_query($query, $dbh); if(mysql_num_rows($result) > 0) { echo "login successful! … »

Installing a newer version of GCC on Ubuntu 64-bit operating systems

Ubuntu released a newer version — version 12.10 after the LTS version of 12.04, which contains the latest version of GNU Compiler Collection (GCC) binaries. Nevertheless, I believe that a majority of people using Ubuntu are with 12.04 or even earlier versions, becasue the compatability problem is a huge headache for the Ubuntu platform sometimes. The latest release of GCC supports the powerful brandnew C++ 11 standard, making curiosity burn I believe for lots of folks. … »

Enabling STL Container Inspection in Eclipse (Ubuntu)

All information in this post was fetched from this link under the Eclipse Wiki. This site is not responsible for the content from external sites/repositories. Programming and debugging is part of life for EECS students here in Michigan, and possibly also applies to anywhere else. Millions of tools have been introduced to make programming easier, and IDEs are just among a portion of them. Visual Studio and XCode by Microsoft and Apple are the two most famous IDEs in the software industry, whereas Eclipse platform reins the open-source world alone. … »

How to use USB/IP on a wireless router to share USB devices

This problem has been around me since last week (yes, only last week), and now I finally got a solution. Alright I forgot to tell you what the problem was… It was about one week ago , I purchased a printer, along with a TP-LINK WR1043ND wireless router. The router is great. It’s fast and the signal is always full anywhere in my apartment (therefore I doubt whether it’s good for my health…) but anyway everything looked just great. … »