Word of the day...
👇👇👇
Zero-Latency Enterprise (ZLE)
Zero-latency enterprise (ZLE) is any strategy that exploits the immediate exchange of information across technical and organizational boundaries to achieve business benefit. For example, technical boundaries exist between different operating systems, database management systems and programming languages. “Immediate” implies being fast enough to bring all of the business benefits that simultaneous knowledge can potentially achieve. Latency cannot literally be zero in any real system because computers need time to “think.”
👇👇👇
Zero-Latency Enterprise (ZLE)
Zero-latency enterprise (ZLE) is any strategy that exploits the immediate exchange of information across technical and organizational boundaries to achieve business benefit. For example, technical boundaries exist between different operating systems, database management systems and programming languages. “Immediate” implies being fast enough to bring all of the business benefits that simultaneous knowledge can potentially achieve. Latency cannot literally be zero in any real system because computers need time to “think.”
وایت پیپر بیت کوین نوشته شده توسط ساتوشی ناکاموتو در سال ۲۰۰۸ - میهن بلاکچین
https://mihanblockchain.com/bitcoin-whitepaper/
https://mihanblockchain.com/bitcoin-whitepaper/
میهن بلاکچین
وایت پیپر بیت کوین نوشته شده توسط ساتوشی ناکاموتو در سال ۲۰۰۸ - میهن بلاکچین
در این مقاله وایت پیپر بیت کوین را به فارسی برگرداندهایم. این وایت پیپر خلاصهای از نحوه عملکرد شبکه بلاکچین بیت کوین را توضیح میدهد.
Forwarded from جادی، کیبورد آزاد - Jadi
jadi-net_radio-geek_094_bitcoin-for-all.mp3
28.2 MB
تو #رادیوگیک این شماره می ریم سراغ بلاک چین، سالها قبل در رویای فریدمن از رمزپولها حرف زدیم و بعدش در شماره ای به یاد اشکان، از مفهوم بلاک چین گفتیم. حالا مفصل از بیت کوین می گیم. اینکه چیه، چطوریه، از کجا میاد، مساله اش چیه، ربطش به محیط زیست چیه و ..
لینک در وبلاگ: https://jadi.net/2019/07/radiogeek-094-bitcoin-for-all/
کانال @jadinet
لینک در وبلاگ: https://jadi.net/2019/07/radiogeek-094-bitcoin-for-all/
کانال @jadinet
پادکست عالی از جادی در خصوص بیتکوین👆
سلام، دوستان اگر کسی دروپالکار ماهری هست یا میشناسه، برای انجام کاری، لطفا یه پیامی به من بفرسته
Forwarded from Hadi
سهم استفاده کلاینتها از سیستمهای عامل👆
Long password denial of service
By sending a very long password (1.000.000 characters) it's possible to cause a denial a service attack on the server. This may lead to the website becoming unavailable or unresponsive. Usually this problem is caused by a vulnerable password hashing implementation. When a long password is sent, the password hashing process will result in CPU and memory exhaustion.
By sending a very long password (1.000.000 characters) it's possible to cause a denial a service attack on the server. This may lead to the website becoming unavailable or unresponsive. Usually this problem is caused by a vulnerable password hashing implementation. When a long password is sent, the password hashing process will result in CPU and memory exhaustion.
Word of the day...
👇👇👇
Session Management is a process by which a server maintains the state of an entity interacting with it. This is required for a server to remember how to react to subsequent requests throughout a transaction. Sessions are maintained on the server by a session identifier which can be passed back and forward between the client and server when transmitting and receiving requests. Sessions should be unique per user and computationally very difficult to predict.
👇👇👇
Session Management is a process by which a server maintains the state of an entity interacting with it. This is required for a server to remember how to react to subsequent requests throughout a transaction. Sessions are maintained on the server by a session identifier which can be passed back and forward between the client and server when transmitting and receiving requests. Sessions should be unique per user and computationally very difficult to predict.
MIT's Time-Sharing Computer, considered to be the first computer system to use passwords👆👆
Word of the day...
👇👇👇
Forced browsing
Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the application, but are still accessible.
An attacker can use Brute Force techniques to search for unlinked contents in the domain directory, such as temporary directories and files, and old backup and configuration files
👇👇👇
Forced browsing
Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the application, but are still accessible.
An attacker can use Brute Force techniques to search for unlinked contents in the domain directory, such as temporary directories and files, and old backup and configuration files
Developing a Secure Web Application Using OWASP Guidelines
👇👇👇
👇👇👇
Word of the day...
👇👇👇
Clickjacking
Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.
Ex.
One of the most notorious examples of Clickjacking was an attack against the Adobe Flash plugin settings page. By loading this page into an invisible iframe, an attacker could trick a user into altering the security settings of Flash, giving permission for any Flash animation to utilize the computer's microphone and camera.
👇👇👇
Clickjacking
Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.
Ex.
One of the most notorious examples of Clickjacking was an attack against the Adobe Flash plugin settings page. By loading this page into an invisible iframe, an attacker could trick a user into altering the security settings of Flash, giving permission for any Flash animation to utilize the computer's microphone and camera.
Defending against Clickjacking
There are two main ways to prevent clickjacking:
Sending the proper Content Security Policy (CSP) frame-ancestors directive response headers that instruct the browser to not allow framing from other domains. (This replaces the older X-Frame-Options HTTP headers.)
Employing defensive code in the UI to ensure that the current frame is the most top level window
There are two main ways to prevent clickjacking:
Sending the proper Content Security Policy (CSP) frame-ancestors directive response headers that instruct the browser to not allow framing from other domains. (This replaces the older X-Frame-Options HTTP headers.)
Employing defensive code in the UI to ensure that the current frame is the most top level window