How can I verify Keybase's end-to-end encryption between me and a friend?
The premise of end-to-end encryption (E2EE) is that the client is secure and trustworthy, your end devices is secure and trustworthy, but the network and server need not be trusted. You've read all the...
View ArticleHow does Algolia's virtual API keys work?
Algolia allows you to generate virtual/secured API keys from another parent API key but without a call to their servers. A virtual key thus generated on the server side with a defined "scope" (like a...
View ArticleSecure way of sending an email attachment in a user-friendly manner
In the last months I very often was in a position where I needed to send an email attachments with sensitive content to someone whom I didn't know well personally (so that I could talk to them how set...
View ArticleCompare fingerprints of gpg --verify for files download with / without TOR
From my understanding, except we meet the creator of an archive in person and verify the primary key fingerprint, we can never be sure, that the archive we download is really created by the person we...
View ArticlePossible attack vectors for a web site scraper
I’ve written a little utility that, given a web site address, goes and gets some metadata from the site. My ultimate goal here is to use this inside a web site that allows users to enter a site, and...
View ArticleRisks of Long-life Session
Most "big" websites seem to have enormous sessions. From looking through the cookies, Stack Exchange seems to have a one-week rolling session, GitHub has 45 days, and Gmail seems to have a never-ending...
View ArticleCSP is not enforced inside Web Worker
CSP response header is set on the web worker JS file but, it is not enforced by the browser. The CSP is enforced in the Web worker only if the parent document's response header contains the CSP header....
View ArticleDoes the DICOM file header gets lost when transferred over the network?
I am currently investigating the PEDICOM vulnerability CVE-2019-11687 where I am trying to reassemble the P-DATA DICOM fragments from a PCAP. Since the vulnerability takes advantage of writing bytes...
View ArticleWhat are the techniques to detect malware call home/beaconing activities?
It is very common for active malware to "call home" (or beaconing), either to fetch updates and instructions or to send back stolen information.. In an internal network where web access to the Internet...
View ArticleShould we release the security issues we found in our product as CVE or we...
We are a vendor providing a product that is being used in enterprises. We know that those companies having periodic CVE scans on products they are using part of their vulnerability management process....
View ArticleHandlebars.js 4.1.1 Server Side Template Injection exploitation - running...
I'm currently reading the following article and trying to exploit the vulnerability (Handlebars.js 4.1.1 Server Side Template...
View ArticleHide clear SNI when using https
A server with IP address a.b.c.d is hosting multiple SSL websites.When connecting to each website, a proper browser sends a request which include the destination host in an uncrypted clear text known...
View ArticleIs it possible to recover data from a Western Digital TRIM supporting disks...
I have a western digital blue disk, which is one of the SMR variations. I've heard that they support TRIM command. The disk is accidentally quick formatted on Windows 10, and now seems to be all zero....
View ArticleAttacks against unencrypted android phones?
So, I keep reading again and again that one should encrypt his android device.But from an attacker's perspective, what can be done with an unencrypted phone? Can I extract all the files or possibly...
View ArticleDTLS vs direct use of AES. What are the threats unique for direct use of AES...
For regular traffic in mesh network (between Internet of Thing devices) customer decided to use one of two options:DTLS PSK ciphersuite - DTLS based on pre-shared symmetric keyor direct use of AES -...
View ArticleWhat allows meterpreter to migrate processes and how to defend against it?
I mainly use Linux so I'm not well-versed on how Windows and its privileges work. I've recently learned to use Metasploit and meterpreter on Windows boxes.Previous researchThis answer has given an...
View ArticleHow to validate client side safety in a Zero Knowlegde model
What is sometimes called Zero Knowledge, sometimes end to end encryption occurs when a server only processes ciphered data (at least for sensitive data) with a result where a compromise of this server...
View ArticleWhat is the Digests section in cryptsetup
If you run the command cryptsetup luksDump /dev/sda5 (change device to whatever LUKS encrypted device), you will get an output, and at the end there is a section "Digests" which contains something like...
View ArticlePrivacy in P2P vs relayed connections for VoIP
I'm developing some sort of VoIP application for mobile devices for fun. I initially planned to rely on P2P connections only. I didn't want to use a relay server because I thought (1.) there would be a...
View ArticleWhy would hackers attack a DNS with a DoS?
I wake up this morning to a rebooted server. The DNS was running at over 100%. After a little bit of work, I got fail2ban in place to block all of those requests.The requests themselves are valid, jut...
View Article