security | Ivanovo

An art of hiding secret message into another innocent looking message is called steganography and it is an old discipline, where techniques like invisible ink, micro dots have been used. With rise of digital technologies new possibilities for stenography appeared and attracted interest of computer scientists and fans. Common approach is to hide secret information into multimedia files – pictures, music, videos …. Main advantages here are omnipresence of media today, significant size of media file, so there is enough space for additional information and the nature of the media format, which often enables to hide information in very clever way( if you change last bit of color information for a pixel in an image it is unidentifiable by human eye). But we can also hide secret messages in regular text, especially if we are using Unicode text encoding (which is now very common).

Continue reading Hiding Secret Message in Unicode Text →

When you bring your web application live, you can expected various types of attacks – one could be a brute force scanning of possible logins. As a standard mean of prevention against such types of attacks login should be temporarily disabled after some number of unsuccessful attempts. For Django nice package called django-lockout exists.

Main advantage of this package is that it keeps history of unsuccessful login attempts in memory (using Django cache system), so checks are very quick. django-lockout is fairly easy to implement, however I’ve found one issue, when it is used together with django admin site.

Continue reading Protecting Django Application Against Brute Force Password Guessing →

My Digital Bits And Pieces