Top new questions this week:
|
|
Is Rumkin.com’s password tool a reliable tool for password strength checking? I am asking because: I am getting confusing suggestions: (the password in this example is 777 characters long) D. W.’s …
|
|
As I understood it (probably incorrectly) when a no-PIE binary gets loaded into memory it always has the same absolute base address. This doesn’t make sense to me. Consider the exact same program …
|
|
Let say you have a REST API, which you want to use as the backend for React application. The application supports user login. You use JWT authorization to make that REST API stateless. Now the problem …
|
|
I think that AMD GPUs can be flashed with any modded VBIOS because the GPU doesn’t check for firmware signature. Shouldn’t the secure boot be able to check signature of the AMD GPUs modded VBIOS and …
|
|
I have a webserver and mailserver that I use for fun/learning/breaking. There is only one user who should be logging in; me. I notice in the postfix logs and HIDS alerts I get a lot of SASL failures …
|
|
Running the command nmap -sV -T4 -A x.x.x.x results in 5901/tcp open ssl/vnc-1? |_ssl-date: TLS randomness does not represent time | fingerprint-strings: | GetRequest: | HTTP/1.1 503 …
|
|
I am reading sync.com’s white paper, and two questions arise. Use of the asymmetric key. The white paper states the following. However, I am confused why the asymmetric key is necessary and how it …
|
Greatest hits from previous weeks:
|
|
Why is Ctrl+Alt+Del required at login on certain Windows systems (I have not seen it elsewhere, but contradict me if I’m wrong) before the password can be typed in? From a usability point of view, it’…
|
|
I need to explain SQL injection to someone without technical training or experience. Can you suggest any approaches that have worked well?
|
|
I have some questions regarding IMEI numbers and data and identity theft. While searching online I have found many conflicting answers regarding this topic and would like some clarification if …
|
|
I use LastPass to store and use my passwords, so I do not have duplicate passwords even if I have to register four to five different accounts a day, and the passwords are long. How safe are password …
|
|
If I am using a VPN to connect to Twitter, can an organisation like Anonymous or Lulzec track me and find out my identity?
|
|
There is a new WhatsApp-killer application called Telegram. They said that it’s open source and that it has a more secure encryption. But they store all the messages in their servers and WhatsApp …
|
|
I read the article on Wikipedia describing what a DMZ (demilitarized zone) is on a network, but am still failing to grasp both how it is set up (ie: is it within the main network or sequestered away?) …
|
Can you answer these questions?
|
|
We have a software that sends out invoices by email. As the invoices contain the names of the clients and their addresses we consider the invoice to be sensitive to some degree. Rather than sending …
|
|
I’ve been studying the FIPS 140-3 but I still have questions about how to determine if an authentication protocol is FIPS compliant or not: 1- Is RADIUS over EAP-TLS FIPS 140 compliant? I know that …
|
|
I have an oauth implementation (uses phone number for authentication) which is used across several applications. These applications want to maintain the same identity of the user as the user moves …
|
