Menu

Tagged In security :

Connecting to an FTPS Server with SSL Session Reuse in Java 7 and 8

June 10, 2016

“Good programmers write good code… Great programmers reuse great code.”  Or so I told myself as I snagged an Apache Commons class to connect to a new vendor’s FTPS server.  Several hours of debugging later, however, I realized to my dismay that the omnipotent Apache Commons did not support a major security feature required by most modern FTPS servers.  This post outlines my process… Read more

Security Notice on CCS / CVE-2014-0224

June 06, 2014

On June 5 another vulnerability in OpenSSL, ChangeCipherSpec (CCS) Injection Vulnerability, was announced. Released as CVE-2014-0224, the advisory warns that nearly all versions of OpenSSL are vulnerable to man-in-the-middle (MITM) attacks. After learning about the CVE-2014-0224 vulnerability, the Wealthfront team immediately deployed an updated OpenSSL library on all customer-facing servers. Further Resources for ChangeCipherSpec Help… Read more

Security Notice on Heartbleed / CVE-2014-0160

April 09, 2014

The Internet community learned on April 7 about the OpenSSL vulnerability CVE-2014-0160, known colloquially as Heartbleed. Many security professionals remember similar vulnerabilities in SSH, BIND, and Sendmail that pried open large chunks of the Internet Infrastructure. Heartbleed is a similar type of vulnerability, as detailed on the Heartbleed website. We join financial institutions across the… Read more

Belt and Suspenders: Safety and Trust in a Distributed System

May 02, 2012

Wealthfront is built on a traditional service-oriented architecture: requests from web browsers are dispatched to a cluster of Rails instances, which will in turn query back-end services. As a single page load might trigger tens of internal remote calls, it quickly becomes difficult to understand why a back-end service was called, who initiated the call,… Read more

Ode to Textual Identifiers

March 18, 2011

Entities of a domain model are distinct from all other objects in their longevity. These objects are typically stored in a database, or a similar form of long-term storage, and need portable identifiers which can shared within a system, and beyond. Identifiers are essentially “handles to entities”, which can be passed around, in the same… Read more

Encrypting using gpg from Java

February 23, 2011

Recently, we worked with a third-party that had trouble reading files encrypted using the Bouncy Castle’s OpenPGP implementation. We ended up deciding to rely directly on the GNU Privacy Guard’s OpenPGP implementation. As I didn’t find any working example on the web, I figured that the following piece of code might end up being useful… Read more

Interested in what you see here?

Join our team

This blog is powered by Wealthfront Corporation (formerly known as Wealthfront Inc.). The information contained in this blog is provided for general informational purposes, and should not be construed as investment advice. Any links provided to other server sites are offered as a matter of convenience and are not intended to imply that Wealthfront Corporation endorses, sponsors, promotes and/or is affiliated with the owners of or participants in those sites, or endorses any information contained on those sites, unless expressly stated otherwise.

Wealthfront Corporation may from time to time publish content in this blog and/or on this site that has been created by affiliated or unaffiliated contributors. These contributors may include Wealthfront employees, other financial advisors, third-party authors who are paid a fee by Wealthfront, or other parties. Unless otherwise noted, the content of such posts does not necessarily represent the actual views or opinions of Wealthfront or any of its officers, directors, or employees. The opinions expressed by guest bloggers and/or blog interviewees are strictly their own and do not necessarily represent those of Wealthfront Corporation.

© 2024 Wealthfront Corporation. All rights reserved. Please read important legal disclosures about this blog.