Cloud Insidr

Cybersecurity in the Age of the Machine

Join us on Twitter: @CloudInsidr

Home Archives for Uncategorized
The crypto revolution: an interview with Professor Emin Gün Sirer and Dr. Ittay Eyal about Bitcoin, the blockchain, and FinTech innovation

Leave a Comment

The crypto revolution: an interview with Professor Emin Gün Sirer and Dr. Ittay Eyal about Bitcoin, the blockchain, and FinTech innovation

In a research paper titled “Majority is not Enough: Bitcoin Mining is Vulnerable“, Professor Emin Gün Sirer and Dr. Ittay Eyal of the Department of Computer Science at Cornell University, revealed the Selfish Mining attack on Bitcoin’s blockchain back in 2014.

In this interview, Professor Sirer and Dr. Ittay Eyal demystify Bitcoin and other crypto currencies and provide a first glimpse into the blockchain revolution.

The interview was conducted by Anna E Kobylinska with contribution by Filipe Martins.

[Read more…]

How to Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks

3 Comments

How to Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks

[Updated 2019-03-17] Are you wondering why some JavaScript code from external domains simply won’t execute on your website? The reason could be as simple as an overly restrictive Content Security Policy (CSP for short). This article explains how you can create a Content Security Policy that’s both protective and functional. It will help you to secure your web server from some types of cross-site request forgery (XSRF/CSRF/XFS), clickjacking and other code injection attacks.

[Read more…]

How to Set up ip2nation: Geotargeting Made Easy for the Amazon Link Affiliate Plug-in and Your Server-Side Scripts

Leave a Comment

How to Set up ip2nation: Geotargeting Made Easy for the Amazon Link Affiliate Plug-in and Your Server-Side Scripts

The Amazon Link plug-in for WordPress implements geotargeting based on ip2nation, a free geotargeting library from Per Gustafsson Consulting (available here). If you are wondering what you need to do in order to integrate the Amazon Link affiliate plug-in for WordPress (seing how a separate installation plugin for WordPress is two years old as of this writing, and counting), here is a quick howto for those who can access their websites’ MySQL or MariaDB database servers.

[Read more…]

RegEx Bliss: Set Up URL Redirects in NGINX Using Regular Expressions without Rewrites

7 Comments

RegEx Bliss: Set Up URL Redirects in NGINX Using Regular Expressions without Rewrites

There are two major no-nos when it comes to writing NGINX redirects:

  • thou shalt not use if statements (that’s a major no-no);
  • thought shalt not use rewrites (they are a waste of resources, as in “slow” and “expensive”).

Instead, use ol’ good location blocks. But what if you have plenty of URIs to redirect? How do you deploy RegEx magic with NGINX? Easy.

[Read more…]

Tip of The Day: Test Your Web Server’s Crypto Prowess for TLS, Diffie-Hellman, and more

1 Comment

Tip of The Day: Test Your Web Server’s Crypto Prowess for TLS, Diffie-Hellman, and more

Are you concerned about the security of data transmissions in which your web server participates day in and day out? Passwords, user names, credit card numbers, and other sensitive private communications on the Internet can easily be compromised unless you actively take precautionary measures and preempt the most common exploits by means of modern cryptography. Your users trust that you will protect them. The only question is: how do you measure success?

[Read more…]