Safety first – Belgian eid card login on public websites

Recently I visited “CM Ziekenfonds” website where foreseen the user authentication using Belgian eid card. During login, the popup window appears with request to allow Java applet run in unsafe mode:

eid login javaThus, for secure login I have to lower security settings for Java, knowing that in general the usage of Java applets is not secure at all.

Most of the official Belgian eid cards software is written in Java. The only way for using eid card in the browser is via Java applet. Nowadays, when most of the people using smartphones and tables for browsing Internet this solution becomes really not acceptable.

There is another alternative solution which becomes more and more popular – Itsme: https://www.itsme.be/en. This solution replaces eid card login with smartphone app.

Unfortunately, it doesn’t solve the problem of eid card usage, when it’s really needed, for example for qualified signature of PDF documents.

Advertisements

C# Zip library

After the announcement about closing Codeplex, I moved my C# Zip library to GitHub: https://github.com/perevoznyk/karna-compression

Many of today’s applications require the capability of extracting certain files from a ZIP archive, either onto the hard disk or into memory.

Info-ZIP is an Open Source version of Phil Katz’s “deflate” and “inflate” routines used in his popular file compression program, PKZIP. Info-ZIP code has been incorporated into a number of third-party products as well, both commercial and freeware. It offers two dynamic link libraries: one for zipping, and one for unzipping.

The Info-ZIP DLLs are free to use and distribute, but they are designed to be used in C/C++ projects, so they’re not really .NET-friendly. Also, the Info-ZIP package contains almost no documentation showing how to use the Info-ZIP DLLs.

Therefore, I decided to write a small C# wrapper that provides all the required data types and functions in order to give the possibility to work with the Info-ZIP API.

More information about the Info-ZIP project can be found on Info-ZIP’s home site: www.info-zip.org.

 

ORM Is an Offensive Anti-Pattern

ORM is a terrible anti-pattern that violates all principles of object-oriented programming, tearing objects apart and turning them into dumb and passive data bags. There is no excuse for ORM existence in any application, be it a small web app or an enterprise-size system with thousands of tables and CRUD manipulations on them. What is the alternative? SQL-speaking objects.

Source: ORM Is an Offensive Anti-Pattern – DZone Java