Pages: 1

Designing a user-orientated permission system

System permissions are important. Defining what people can and can't do with your application is a significant part of security.

There are two perspectives I tend to care about with permissioning. The first is user-orientated and the second is data-orientated. In this article I will talk about designing a user-orientated permission system.

For the purposes of this post a permission will be considered a boolean value that represents whether a person can or can't perform an operation. In other systems you might go as far as to consider the extent to which they have permission which ends up working like a priority based permissiong system. This is only really useful in my opinion if you've an operation two people can perform at once and you wish to provide a fine grained hints to the system as to who should have the operation performed first. It's something to consider but usually unnecessary and out of the scope of this article.

...

Read more

There is 1 comment on this post.

User Authentication With Django

Introduction

This article will teach you how to authenticate users with Django in a simple, quick, and secure manner. You'll also learn how to require authentication on certain pages of your website, and how to gracefully handle login and logout functionality.

The target audience is people who have had minimal experience with Django, and are aware of how Django works in a basic manner.

...

Read more

There are 13 comments on this post.

Setting up synergy auto-start securely

Synergy is a popular application for sharing a keyboard and mouse between multiple computers on multiple operating systems using your network. One of it's biggest flaws is that the underlying protocol is unencrypted. This means that people could potentially read what you type remotely. This article describes a method for setting up an encryption layer for Unix-like and Windows machines as well as automatically starting Synergy on system boot-up without user-prompts.

While I have no doubt there are several articles on this subject elsewhere, I'm going to give you a walk through from my point of view about how you can set up synergy across multiple Windows and Unix-like systems securely.

This walk through will be divided into two parts. First will be Unix-like setup and the second part will be Windows setup.

...

Read more

There is 1 comment on this post.

Super simple (common) php hax for dummies.

What follows is a repost of my first article on nulldigital.net, on the 10th of May 2006. A long time ago, when I was all innocent! Good times. The original article as been modified slightly as I sounded like such a git back then. I know it's slightly simple for this site but since nulldigital.net is closing I want to repost the articles from there to neverfear.org. So lets get started..

...

Read more

There is 1 comment on this post.

Using ICMP tunneling to steal Internet

Introduction

The scenario is you are without Internet connectivity anywhere. You have found either an open wireless access pointed or perhaps you're staying in a hotel which permits rented Internet via services like

Spectrum Interactive (previously known as UKExplorer). You make the connection, whether its physically connecting the Ethernet cables, or instructing you're wireless adapter to lock onto the radio signal. You are prompted with some sort of authorisation page when you open a browser. You don't have access to it, so what do you do?

...

Read more

There are 13 comments on this post.

Secure website-authentication using GPG keys

Overview

Currently, most websites log you in the same way: You enter a username and password, the web-server hashes the password (generally via MD5(), or SHA1()). This hash is then compared to the one stored in a database - if it matches, the user knows the original password, so it logs them in.

This method has numerous problems, such as the password being sent unencrypted to the web-server, and the fact many users reuse passwords, if an intruder works out a users password (though any means), there is a good chance they can log into the same users email account, online banking etc etc..

The whole username/password login method has many flaws, most are down to the fact most people struggle to remember a single 5-6 character password, let alone multiple random messy looking passwords such as "Xm2K?pdT&av", as most "good password guides" suggest.

...

Read more

There are 10 comments on this post.

Pages: 1

Powered by Debian, Guinness, and excessive quantities of caffeine and sugar.