Blog: Terse Systems

211 blogs updated: 66 min. ago
Redefining java.lang.System with Byte Buddy
The previous post talked about using Java's SecurityManager to prevent attackers from gaining access to sensitive resources. This is complic...
19-01-2016 20:56:20 Terse Systems Advanced
Sandbox Experiment
TL;DR: Most implementations using SecurityManager as a sandbox mechanism can be circumvented. Either declare a security policy as a system p...
30-12-2015 02:12:15 Terse Systems Advanced
Closing the Open Door of Java Object Serialization
TL;DR This is a long blog post, so please read carefully and all the way through before you come up with objections as to why it s not so se...
23-12-2015 20:54:27 Terse Systems Advanced
The Right Way to Use SecureRandom
How do you generate a secure random number in JDK 1.8? It depends. The default: 1 2 3 SecureRandom random = new SecureRandom(); byte[] value...
23-12-2015 14:09:26 Terse Systems Advanced
An Easy Way to Secure Java Applications
One of the things that stands out in the Java Serialization exploit is that once a server side Java application is compromised, the next ste...
23-12-2015 07:52:43 Terse Systems Advanced

© Jiri Pinkas | this project on GitHub | related: JavaVids | Maven Central Repository Search | Java školení | Top SQL Blogs | monitored using: sitemonitoring

Top Java Blogs is a Java blog aggregator (with English-written blogs only) focused on Java SE, Java EE, Spring Framework and Hibernate.