LATEST POST

23 Results tagged on "no cover":

It was her first night, and she could feel the eyes watching.

Prelude I am a social animal, and would prefer to participate in any opportunity I get to interact, learn and share experiences. Whether that be a cafe, or a bar; underground or over the top! Now, recently I got to know about a meetup group 'Writers cafe' in Hong Kong, and voila! I joined them. Yesterday I attended their session for the first time, and I would like to share my work via this...
Read more

DDOS, it's time to turn your toasters off

Most of you are already aware of the fact that half of the internet went down (or slow), when a 'bad-hackers' group weaponized 'millions of insecure IOT devices' to attack a DNS provider. Personally from my browsing habits, I was largely effected by Twitter being dramatically slow while other sites felt little sluggish. Anyways, this brings us to a number of question(s), Should I be surprised? I think NO. We knew this sh*...
Read more

Custom URL Shortner in NodeJS

Recently I wrote an article on Ghost blog integration with a URL shortener (the dirty way). This is in sequence to it but with custom URL shortener running on my own machine. While most of this code is shared from codebyte article, I have enhanced it to serve three purposes, Authenticate using API Key Validate URL(s) or ID(s) for duplicate Response support in JSON or TXT format At present the setup is...
Read more

Image Alignment within Ghost Blog CMS

Its around 2:00 AM, and before I call it a day (a long day), I thought to post a quick blog on custom image alignment in Ghost Blog Platform. Without further ado, as of Sep, 2016 Ghost doesn't support custom image alignments and ruling. It means all images in the blog are aligned default (none) and text breaks around it. Default Alignment It means the images are aligned with the page, and the...
Read more

Custom URL Shortening in Ghost Blog CMS

It's been 2 years and Ghost Blogging Platform is doing well and the downloads are going up. Kudos to the team. While the platform is doing good, we[1] are miles from reaching the point where we have apps, plugins and smooth migrations/ customisation etc. And in this blog I would mention one such thing which I personally like - URL Shortener(s); specially when we share the links over social media. I have...
Read more

Digital Authentication and Password Rules by NIST

Passwords are important and it's no secret that we are bad in finding complex passwords during sign-up processes. The initial idea of OneID, or OAuth is not doing very well for the common user, and therefore people are registering on 100s of websites - commercial, social networks, banks etc. without managing well with password complexities. While the tools to crack 8-10 characters passwords are speeding up the process, people are still resenting to keep...
Read more

Linux Issue with TCP ACK (Part 1)

A flaw in the Linux kernel[1] used since late 2012 allows adversaries to inject malicious traffic, without MITM. In a Wednesday presentation at the USENIX Security Symposium researchers showed that this flaw lies in the Transmission Control Protocol (TCP) used by Linux since late 2012. In their research paper - Off-Path TCP Exploits: Global Rate Limit Considered Dangerous, the researchers document possible use cases, and attack scenarios on how this global limit be...
Read more

Lessons from LinkedIn DB Breach

We are aware that social networking site LinkedIn was breached in June, 2012 and nearly 6 million user credentials were stolen. In May 2016 it's confirmed that nearly 115+ million credentials were stolen, and are now available for sale. So, it's time we revisit what went wrong, and what can we learn from it. First and foremost, there were vulnerabilities (or at-least one) in the web-application and the way it queries the DB was...
Read more