Nov 27, 2020

SSL/TLS certificate verification flow

Recently, I set up a simple RESTful APIs service. To enhance the speed of distribution and provide a better load balance for my micro-service, I put it behind Route53 and Cloudfront. But when I tested using PostMan, I was caught off-guard by a simple error.

Read more  

  Mar 26, 2020

Dynamically add request signature using Postman

Backend Services enhance its application’s security by various methods and one of trending technique is Request Signing. It’s crucial to verify that your requests are not tampered with during transport, and this is achieved by signing the requests with a predefined signature provided by Clients.

Read more  

  Mar 08, 2020

RxJava vs Reactor

It’s important to define the technical ladder for employees, especially in an internet company. It will help unify the title of the position, clarify the corresponding relationship between job title and its responsibilities, adapt to the needs of the internationalization and the technical advancement of the whole company. This specification is specially formulated based on those requirements.

Read more  

  Oct 08, 2019

Pick a license. Any license.

Read more  

  Oct 03, 2019

How a double-free bug in WhatsApp turns to RCE

Disclaimer: A double-free vulnerability that phamhongnhat discovered in WhatsApp for Android. This is just an archive of that interesting blogpost.

Read more