I’m working on an iOS app whose login system does not seem entirely secure but I don’t know enough to be sure.
Skipping account creation, the first time the user logs in they send their user and hashed pass to the server to acquire a toke…
I often download files either using my browser or by torrenting. Few times, I encountered an attack where the torrented file was called something like movie.mp4.lnk and the target was set to run a powershell script using cmd.exe /c “powers…
I have just configured my Windows 10 desktop PC at home to automatically log into my Windows 10 user account that my Microsoft account is linked to on startup. My desktop is in my bedroom upstairs and I trust my parents who I live with to …
There are a number of US Department of Defense (DoD) websites that I need to access on a regular basis (e.g., https://ataaps.csd.disa.mil/ and https://web.mail.mil) that Firefox issues a Warning: Potential Security Risk Ahead with error co…
Given the plethora of random password generators (RPG) available, I’d like to do some black box testing on some.
Let’s take https://passwordsgenerator.net/ for example. Assuming the whole generator is a black box with 0 information about …
I’ve been thinking about P2P systems using asymmetric keys and wondering if there is anyway to recover an identity in the event it was compromised using some kind of web-of-trust.
This seems to be a large issue compared to a regular syst…
