If you're in trouble and cannot find an answer to a question which goes beyond Stack Overflow...

If you have a not-so-usual solution for your problems but need to justify it to your boss...

If you like to think on your own rather than blindly follow "common wisdom" and "profound truth"...

...then 'No Bugs' Hare on Soft.ware might be the right place for you.

Your mileage may vary. Batteries not included

Developing secure software is a challenge. Writing really secure software is a real challenge.
Here are the articles which touch different security aspects of software, from “what cipher suites are not to be used with TLS”, to certain more or less novel things under ‘Security Research’ subcategory.

All Musings on Security, page 5:

MMOG. RTT, Input Lag, and How to Mitigate Them

posted January 25, 2016 by "No Bugs" Hare

Quote:	“For fast-paced games, there is one big problem with the flow shown on this diagram, and the name of the problem is “latency” (a.k.a. ‘input lag’)”
Another Quote:	“No, better bandwidth doesn’t necessarily mean better latency”
	[→]

On Cheating, P2P, and [non-]Authoritative Servers from “D&D of MMOG” book

posted November 9, 2015 by "No Bugs" Hare

Abstract:	“Any successful MMOG faces cheaters, and currently authoritative servers is the only way which enables fighting them.”
Quote:	“Two things are infinite: the universe and human stupidity; and I’m not sure about the universe. — Albert Einstein”
	[→]

Addressing the Delayed Message Attack in Wireless IoT Environments

posted September 14, 2015 by "Sergeant Major" Hare

Abstract:	Delayed-Message Attacks can Represent a Real Threat if Left Unchecked
Quote:	“Prevention/mitigation of the Attack is easy, but it needs to be taken into account at the application level.”
	[→]

Client-Plus-Server Password Hashing as a Potential Way to Improve Security Against Brute Force Attacks without Overloading the Server

posted August 10, 2015 by "Sergeant Major" Hare

Abstract:	Client-Side password hashing (in addition to existing server-side hashing) can improve resilience to brute-force attacks.
Quote:	“Even if client-side is 10x slower than server-side, it leaves us with 10x improvement which is certainly a good thing to have”
	[→]

Part VIIb: Security (concluded) of 64 Network DO’s and DON’Ts for Multi-Player Game Developers

posted July 20, 2015 by "No Bugs" Hare

Quote:	“What is practically very important – is to keep all the “unsanitized” data in one place.”
Another Quote:	“What will happen if attacker got the whole database of your users’ passwords?”
	[→]

Part VIIa: Security (TLS/SSL) of 64 Network DO’s and DON’Ts for Multi-Player Game Developers

posted July 13, 2015 by "No Bugs" Hare

Quote:	“Design of secure protocols is a thing which even security professionals have lots of problems with.”
Another Quote:	“In the security field, if you can disable something unused – you SHOULD do it”
	[→]

«Previous Page