Last month, we discussed logging user submissions to the SEC in our blog post LDC 154. Well, thinking more about this, I realized it was probably not a good idea to not secure the log file. If someone makes a mistake, and files a document they shouldn’t, they could simply alter the log to show different times or users filing the document, and there is no record of it. A malicious user could easily just change what the log says! This is unacceptable and easily within our power to fix. To do so, we’re going to use a common function, the MD5 hash function.
Continue reading "LDC #160: Securing Log Files with MD5" »