Security For Developers

Recently during an interview, I was asked a question about how much I know about security. At first, I paused for a few seconds because honestly, I didn’t know how to answer the question. Eventually, I answered as a developer I am making sure I am doing this, doing that, and following these best practices! After my interview, I was telling myself that I should know about the security best practices for developers and engineers....

Aug 11, 2020 · 8 min · Milad Irannejad

OAuth 2.0 and OpenID Connect

TL;DR OAuth 2.0 OAuth 2.0 is used for authorization. Terminology: Roles: Client: the application that wants to access the data. Confidential Clients: the clients with the ability to maintain the confidentiality of the client_secret. Public Clients: the clients that cannot maintain the confidentiality of the client_secret. Resource Owner: the user who owns the data. Resource Server: the system that authorizes access to the data....

Mar 26, 2020 · 2 min · Milad Irannejad

How Uber, Facebook, and Netflix Do SSH

TL;DR A study shows there is a cybersecurity attack every 39 seconds. In a typical SSH protocol: the server trusts the client if the client’s public key is listed as authorized, and the client trusts the server’s public key on first use (TOFU). The trust on first use (TOFU) approach delegates the trust to the clients and leave them vulnerable to man-in-the-middle attacks. One solution to fix this is using SSH certificates and SSH certificate authorities (CA)....

Aug 8, 2019 · 1 min · Milad Irannejad

gVisor: Building and Battle Testing a Userspace OS in Go

TL;DR A container is a package format and a content addressable bundle of content addressable layers! namespaces and cgroups are two key features of Linux kernel enabling containerization. Containers running on a host share a single Linux kernel! (a singler scheduler, a single memory manager, and so on) The Linux kernel has so many known and unknown bugs! Sandboxes are a way of getting an extra layer of isolation for containers....

May 19, 2019 · 1 min · Milad Irannejad