Using PyCrypto with Spring Crypto/Spring Security Default Encoders

Spring Crypto Encryptor Details The Spring Crypto module is amazing. Secure defaults using standard interfaces really make it a pleasure to use, and with it being full tested and vetted, it also gives a develoepr the warm fuzzy feelings of nice Java security implentation. The standard interface is through the class, defined (in version 3.2.0 here (the class API to which this blog post was written in July 2016). Spring Crypto uses AES256 encryption behind the scenes in its out of the box class setup; it's as easy as: In the above code snippet, the password  variable is a passcode, with the salt  variable used to create the AES key. It uses 256 bit encryption with the standard calls (depending on your JRE/Java Cryptography Extension (JCE) Setup, make sure to download the appropriate extension ). The default AESBytesEncryptor setup generates a 256 bit key (32 bytes) from a salted iteration done 1024 times. Another th

The Internets Is Scary Sometimes

Sometimes, you think that you are covered on the internets (all of them!), but then I get an email like this to my primary account:

As a courtesy, we are notifying you that XXXXXX users have found the following accounts for you:

   Flickr tmarthal on Flickr
   Digg tmarthal on Digg
   MySpace birddog on MySpace
   Picasa marthaler on Picasa

If you would like to make these accounts private, please
change the privacy settings on the original network and
XXXXXX will update its search results to reflect your changes.

To find your friends on XXXXXX, signup now.

I removed the company that sent the email, not sure that I want to encourage this type of email and account harvesting.

The point is, that someone, somewhere has correlated my different accounts on my various networks to my single email signon. Someone, somewhere knows my that the articles dugg on digg are associated with the pictures that I post on flikr! So, when I don't post anything, they can check my pictures to find out what I was doing!

They missed twitter, delicious, slashdot, facebook and this blog though! And all of my troll accounts! Thats tood to know that there is some anonymity!


Anonymous said…

Popular posts from this blog

Spring Framework Sample Main Method

My Yahoo! Answers Science Post