サクサク読めて、
アプリ限定の機能も多数!
アプリで開く
●はてなブックマークって?
●アプリ・拡張の紹介
●ユーザー登録
●ログイン
●ログアウト
nitoyon
id:nitoyon
●
7,219
ブックマーク
●
-
お気に入り
●
-
お気に入られ
タグ
●すべて
●
.net
(59)
●
0311
(16)
●
2ch
(31)
●
3d
(138)
●
FunctionalLanguage
(13)
●
RFID
(3)
●
TODO
(44)
●
abc
(18)
●
actionscript
(565)
●
ad(117)
●
admin
(10)
●
adobe
(80)
●
adsense
(10)
●
affiliate
(20)
●
aif
(2)
●
air
(101)
●
airsoft
(5)
●
ajax
(88)
●
alchemy
(8)
●
algorithm
(156)
●
amazon
(9)
●
amf
(5)
●
analog
(3)
●
android
(14)
●
animation
(21)
●
aop
(6)
●
apache
(7)
●
api
(85)
●
apple
(44)
●
appliance
(4)
●
aprilfool
(2)
●
ar(4)
●
architecture
(2)
●
art
(106)
●
asdoc
(2)
●
asm
(5)
●
atl
(13)
●
atok
(3)
●
audio
(4)
●
auth
(15)
●
avm
(5)
●
backup
(2)
●
basic
(3)
●
bezier
(7)
●
binary
(36)
●
blender
(4)
●
blog
(96)
●
book
(75)
●
boost
(15)
●
box2d
(18)
●
brush
(4)
●
business
(202)
●
button
(4)
●
c(30)
●
c#
(51)
●
c++
(112)
●
c++0x
(6)
●
calendar
(5)
●
camera
(16)
●
canvas
(16)
●
captcha
(9)
●
capture
(6)
●
career
(9)
●
cgm
(20)
●
chart
(3)
●
cheatsheet
(26)
●
china
(13)
●
chm
(5)
●
chrome
(11)
●
chumby
(3)
●
clock
(3)
●
cloud
(4)
●
cm(4)
●
cms
(9)
●
cocomo
(3)
●
coderepos
(2)
●
coding
(8)
●
color
(45)
●
com
(39)
●
comedy
(8)
●
comet
(13)
●
comic
(11)
●
commented
(9)
●
commercial
(3)
●
communication
(21)
●
compiler
(7)
●
context free
(6)
●
continuation
(5)
●
cook
(17)
●
copyright
(60)
●
cpp
(2)
●
crime
(4)
●
crossbrowser
(18)
●
crossdomain
(8)
●
crypt
(4)
●
csrf
(2)
●
css
(179)
●
css3
(4)
●
csssite
(7)
●
culture
(35)
●
customize
(4)
●
cute
(15)
●
db(50)
●
debug
(83)
●
demo
(3)
●
design
(123)
●
designpattern
(21)
●
dev
(120)
●
diff
(4)
●
django
(2)
●
dlna
(10)
●
dns
(6)
●
document
(3)
●
documentation
(7)
●
domain
(2)
●
dot
(10)
●
dq(14)
●
dvd
(7)
●
e4x
(11)
●
easing
(3)
●
ebook
(5)
●
eclipse
(7)
●
economy
(4)
●
editor
(7)
●
education
(18)
●
effect
(8)
●
elearning
(3)
●
emacs
(10)
●
emoney
(21)
●
encode
(5)
●
english
(28)
●
entertainment
(4)
●
epaper
(5)
●
ero
(39)
●
es3.1
(3)
●
es4
(26)
●
event
(80)
●
excel
(6)
●
experience
(2)
●
externalinterface
(9)
●
facebook
(16)
●
fashion
(3)
●
fastladder
(5)
●
firebug
(32)
●
firefox
(73)
●
fireworks
(2)
●
flash
(297)
●
flash 10
(3)
●
flash10
(19)
●
flash9
(12)
●
flashgame
(7)
●
flashlite
(2)
●
flashsite
(121)
●
flex
(191)
●
flex3
(4)
●
flex4
(7)
●
flexcss
(17)
●
flexsite
(24)
●
flickr
(13)
●
fms
(2)
●
folksonomy
(8)
●
font
(76)
●
food
(36)
●
form
(19)
●
framework
(25)
●
future
(23)
●
gadget
(19)
●
gae
(12)
●
game
(206)
●
gc(10)
●
gears
(16)
●
generator
(19)
●
gfs
(4)
●
gion
(13)
●
gis
(16)
●
git
(46)
●
github
(10)
●
gmail
(12)
●
golang
(2)
●
golf
(4)
●
google
(232)
●
google analytics
(11)
●
google earth
(26)
●
google maps
(96)
●
google wave
(5)
●
google+
(2)
●
gourmet
(2)
●
gpgpu
(2)
●
gpl
(12)
●
gps
(8)
●
graph
(5)
●
graphics
(99)
●
gree
(4)
●
grid
(10)
●
h264
(4)
●
hard
(8)
●
haskell
(19)
●
hatebu
(63)
●
hatena
(112)
●
hatenaworld
(2)
●
hidemaru
(3)
●
highlight
(8)
●
homenetwork
(7)
●
hta
(4)
●
html
(34)
●
html5
(34)
●
http
(11)
●
ic(5)
●
icon
(33)
●
id(12)
●
ide
(6)
●
idea
(108)
●
idol
(3)
●
ie(82)
●
ie10
(2)
●
ie9
(7)
●
igoogle
(4)
●
iis
(4)
●
iknow
(3)
●
illusion
(4)
●
illustrator
(16)
●
im(16)
●
image
(61)
●
image recognition
(14)
●
ime
(4)
●
infocard
(4)
●
information
(2)
●
intel
(7)
●
interactive
(7)
●
interia
(8)
●
internal
(2)
●
interview
(75)
●
ipad
(5)
●
iphone
(44)
●
ipod
(19)
●
ipphone
(2)
●
irc
(5)
●
japanese
(13)
●
java
(35)
●
javascript
(610)
●
javascriptsite
(15)
●
jekyll
(3)
●
jquery
(30)
●
json
(38)
●
kanji
(2)
●
keyboard
(3)
●
kindle
(3)
●
kinect
(2)
●
koshien
(6)
●
kyoto
(55)
●
lang
(9)
●
language
(19)
●
latex
(7)
●
law
(5)
●
ldr
(4)
●
lego
(10)
●
letter
(7)
●
library
(212)
●
license
(32)
●
life
(16)
●
lifehacks
(27)
●
lightroom
(2)
●
linq
(6)
●
linux
(27)
●
lisp
(18)
●
livedoor
(17)
●
load balance
(2)
●
logo
(12)
●
mac
(16)
●
mail
(7)
●
manner
(4)
●
map
(85)
●
mario
(3)
●
mashup
(4)
●
material
(35)
●
math
(39)
●
media
(54)
●
meigen
(2)
●
memcached
(2)
●
metaphor
(17)
●
metro
(4)
●
microformats
(3)
●
mine
(75)
●
mixi
(37)
●
mml
(13)
●
mmo
(2)
●
mobile
(89)
●
money
(13)
●
motionvr
(4)
●
movabletype
(14)
●
movie
(108)
●
ms(182)
●
msx
(6)
●
music
(88)
●
mvc
(8)
●
mvvm
(6)
●
mxml
(2)
●
mysql
(4)
●
naming
(5)
●
nanto_terapad
(2)
●
neta
(356)
●
network
(25)
●
news
(40)
●
ngn
(3)
●
nicoinco
(2)
●
niconico
(85)
●
nintendo
(25)
●
node.js
(12)
●
ntt
(4)
●
oauth
(10)
●
ocr
(3)
●
office
(28)
●
offline
(6)
●
oop
(15)
●
opencv
(3)
●
opensocial
(12)
●
opera
(5)
●
oss
(32)
●
p2p
(35)
●
panorama
(11)
●
paper
(5)
●
parser
(10)
●
particle
(4)
●
particles
(10)
●
patent
(6)
●
pdf
(9)
●
performance
(43)
●
perl
(72)
●
photo
(55)
●
photoshop
(70)
●
php
(52)
●
physics
(39)
●
pipes
(49)
●
pixel
(3)
●
pixel bender
(4)
●
plugin
(24)
●
point
(4)
●
politics
(16)
●
powershell
(5)
●
presentation
(81)
●
print
(4)
●
privacy
(12)
●
probability
(7)
●
processing
(21)
●
product
(66)
●
progression
(2)
●
pv3d
(66)
●
python
(20)
●
question
(2)
●
rails
(17)
●
rakuten
(3)
●
raw
(3)
●
rdp
(2)
●
reading
(42)
●
recruit
(16)
●
refered
(88)
●
reference
(82)
●
regex
(24)
●
responsive
(2)
●
rest
(2)
●
retro
(30)
●
ria
(14)
●
rimo
(2)
●
rootkit
(2)
●
rss
(67)
●
rubik's cube
(3)
●
ruby
(60)
●
safari
(6)
●
sakura
(5)
●
sample
(13)
●
sbm
(41)
●
sbo
(2)
●
scala
(9)
●
scalability
(2)
●
scheme
(7)
●
science
(12)
●
scraping
(11)
●
screen
(6)
●
sdk
(2)
●
search
(78)
●
second life
(6)
●
security
(195)
●
seo
(17)
●
server
(3)
●
shell
(7)
●
shortcut
(17)
●
silverlight
(69)
●
silverlight4
(2)
●
silverlightsite
(4)
●
simple
(15)
●
simulation
(3)
●
skype
(2)
●
smalltalk
(5)
●
sns
(97)
●
soap
(2)
●
social
(9)
●
socialgame
(2)
●
soft
(4)
●
software
(72)
●
sony
(16)
●
sound
(32)
●
source
(3)
●
spam
(13)
●
specification
(17)
●
sports
(6)
●
sql
(11)
●
sqlite
(9)
●
ssd
(4)
●
ssh
(2)
●
sso
(3)
●
stage3d
(3)
●
star
(11)
●
statistics
(41)
●
stl
(5)
●
stock
(12)
●
stopmotion
(2)
●
storage
(7)
●
stream
(3)
●
streetview
(16)
●
study
(35)
●
suit
(8)
●
summary
(77)
●
svg
(4)
●
svn
(4)
●
swf
(6)
●
tablet
(3)
●
tag
(8)
●
tamarin
(15)
●
tax
(4)
●
telecom
(17)
●
template
(18)
●
terminal
(3)
●
test
(37)
●
tetris
(2)
●
thermo
(8)
●
thread
(11)
●
tips
(150)
●
tool
(58)
●
tools
(2)
●
topcoder
(10)
●
translate
(2)
●
travel
(3)
●
tumblr
(2)
●
tutorial
(190)
●
tv(86)
●
tweener
(21)
●
twitter
(128)
●
typography
(19)
●
ui(170)
●
uml
(7)
●
unicode
(21)
●
unity
(5)
●
unix
(5)
●
unread
(66)
●
urlshorten
(2)
●
usability
(6)
●
ustream
(10)
●
v8
(2)
●
vb(2)
●
vector
(7)
●
venture
(5)
●
vi(2)
●
video
(17)
●
viral marketing
(11)
●
vista
(62)
●
visualize
(123)
●
vm(15)
●
vod
(38)
●
voip
(2)
●
vs(57)
●
wafs
(9)
●
wcf
(6)
●
wdk
(4)
●
web
(45)
●
web2.0
(57)
●
webdesign
(134)
●
webgl
(13)
●
webkit
(11)
●
webservice
(283)
●
wedding
(2)
●
widget
(3)
●
wifi
(2)
●
wii
(3)
●
wiki
(14)
●
wikipedia
(4)
●
win32
(51)
●
windows
(52)
●
windows7
(13)
●
windows8
(4)
●
winrt
(5)
●
wireless
(2)
●
wix
(3)
●
wpf
(39)
●
writing
(7)
●
wsh
(18)
●
xaml
(7)
●
xfy
(3)
●
xml
(41)
●
xpath
(10)
●
xsl
(4)
●
xss
(16)
●
yahoo
(67)
●
youtube
(38)
●
zsh
(9)
●
あとで読む
(6)
●
それfla
(6)
●
技術の無駄遣い
(13)
●
業界動向
(3)
●
都道府県
(5)
●
音楽配信
(11)
●
javascript
(610)
●
actionscript
(565)
●
neta
(356)
●
flash
(297)
●
webservice
(283)
●
google
(232)
●
library
(212)
●
game
(206)
●
business
(202)
●
security
(195)
関連タグで絞り込む (4)
●
actionscript
●
ajax
●
flash
●
study
タグの絞り込みを解除
securityとunreadに関するnitoyonのブックマーク (4)
●
104 users
●
tabesugi.net
●テクノロジー
strcmpを使ってパスワードを判定すると、タイミング攻撃 (timing attack) にやられる危険性があることの説明 (約20分)。 まとめ: パスワードなどの文字列を strcmp関数 (およびそれに類する関数) を使って判定すると、 その判定にかかる時間を測定することで、パスワードが推測できてしまう場合がある。 これをタイミング攻撃 (timing attack) という。 この例では、36種類の文字を使った8文字分のパスワードを推測するのに、 通常のしらみつぶしな方法 (bruteforce attack) … 368 = 2821109907456回 の試行が必要なのに対して、 タイミング攻撃を使った方法 … 10000×8 = 80000回 しかかからない。タイミング攻撃を成功させてしまうと、 重要な情報が漏洩してしまう危険性がある。 これを防ぐためには、なるべく実行時間
nitoyon
2010/04/13
●unread
●security
●
4 users
●
docs.google.com
●テクノロジー
XSS Vulnerabilities in Common Shockwave Flash Files Rich Cannings January 2, 2008 Version 4 (updated January 24, 2008) This document is updated at: http://docs.google.com/Doc?docid=ajfxntc4dmsq_14dt57ssdw Summary Critical vulnerabilities exist in a large number of widely u...
nitoyon
2008/01/12
●security
●flash
●unread
●
20 users
●
helpx.adobe.com
●暮らし
Flash Player’s EOL is coming at the end of 2020. See the roadmap for Flash Player and AIR’s EOL: Adobe Flash Player EOL General Information Page The Future of Adobe AIR You can access the archived documents relevant to Flash Runtime even after the Flash EOL date. We are providing access to the archived documents for all the user/developers community to download. These documents are now no longer u
nitoyon
2007/12/06
●unread
●security
●flash
●actionscript
●
6 users
●
www.schneier.com
●テクノロジー
Carmelo Lisciotto • April 2, 2007 4:04 PMThe System Administrators should be the ones concerned. Carmelo Lisciotto Shawn Lauriat • April 2, 2007 5:13 PMThat doesn’t look new, that just looks like a specific usage of the data returned by a XSRF vulnerability, in order to more conveniently capture data the application already exposed in ways itshouldn’t. In other words, itdoesn’t really look lik
nitoyon
2007/04/04
●security
●ajax
●study
●unread
1
お知らせ
ランキング
今週のはてなブックマーク数ランキング︵2024年7月第2週︶
お知らせ
はてなブックマーク透明性レポート︵2024年2月-2024年4月︶
ランキング
今週のはてなブックマーク数ランキング︵2024年7月第1週︶
もっと読む
公式Twitter
●@HatenaBookmark
リリース、障害情報などのサービスのお知らせ
●@hatebu
最新の人気エントリーの配信
処理を実行中です
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
●総合
●一般
●世の中
●政治と経済
●暮らし
●学び
●テクノロジー
●エンタメ
●アニメとゲーム
●おもしろ
●アプリ・拡張機能
●開発ブログ
●ヘルプ
●お問い合わせ
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●公式アカウント
●ホットエントリー
●はてなブログ
●はてなブログPro
●人力検索はてな
●はてなブログ タグ
●はてなニュース
●ソレドコ
Copyright © 2005-2024 Hatena. All Rights Reserved.
設定を変更しましたx
パスワードの判定にstrcmpを使うべきでない理由
XSS Vulnerabilities in Common Shockwave Flash Files
Adobe Flash & Facebook Platform samples | Adobe Developer Connection
JavaScript Hijacking - Schneier on Security