Java – Status Reporter released

I attempted my first release of an open source project today. The application is called Status Reporter and I have some summary information about the application here.

I wrote it because I wanted to keep track of my time at work. I used my home computer and my time to write the application. It took a bit, and I was a bit uncomfortable at first releasing the code for others to see. I’m my own worst critic. Hopefully, others find it useful and are able to track their time in a slightly more efficient manner.

Enjoy!

Java – why use interfaces?

An interface is a way to describe how to interact with a class that implements defined methods. An interface only defines how to interact with an interface or class that implements the interface, not the actual implementation. In other words, an interface exposes what behaviors will be available, not how the behavior is carried out. In the real world, all cars have horns, but each car’s horn may have a distinct volume, pitch, sound, and duration. The interface for each car may be the same (pressing the center of the steering wheel), but the sound produced by each car (the implementation) is different. This allows any driver to know how to use any car horn, not how the sound is produced by the internals of the car.

Continue reading Java – why use interfaces?

Reason for salting password hash (or, why “season” the password?)

I recently decide to start re-learning PHP, and started with building in a security framework for the application I’m developing. In my search for how to implement password authentication in PHP, I started to notice that many still neglect “salting” the password at rest. In other words, many believe that creating an MD5 hash of the password is enough. This is simply not the case. The whole reason for salting a password is to create randomness in the password hashes created.
Continue reading Reason for salting password hash (or, why “season” the password?)

Information Security – Protecting yourself online (or, don’t accept candy from strangers)

I was told as a child to never accept candy from strangers, It’s no different as an adult. Emails, phone calls, and fliers, that offer deals that are just too good to be true are nothing more than adult candy. In this posting, I offer tips on how to stay safe while performing that one task that everyone does during the holiday season (and possibly year-round) – shopping. The article is lengthy, but hopefully it empowers you to be more aware of the attacks present online, and in “real life”, and how to better reduce the risks associated with online shopping.

Continue reading Information Security – Protecting yourself online (or, don’t accept candy from strangers)

Information Security – Unmaintainable code (it doesn’t just make your eyes hurt)

In my travels through the Internet, I found the , Java Coding Standards and wanted to highlight one portion as a concern for application security. The standards (specifically section 3) make me think back to my earlier days of code development. One person I worked with actually said to me after reviewing my code, “This makes my eyes hurt.” Now, as time has passed and my ability to code to standard has improved, I now get complements from the same person who’s eyes had hurt years ago after looking at my code.

Continue reading Information Security – Unmaintainable code (it doesn’t just make your eyes hurt)

Information Security – what is PII? (It’s not something you eat)

PII (personally identifiable information) is data, when associated with other data, identifies information associated with a single person. Some obvious data associated with a single person include a full name, Social Security Number, driver’s license number, birthday, and birthplace.

Continue reading Information Security – what is PII? (It’s not something you eat)

Helping Those Help Themselves