Collaborate Disseminate
Here are steps to setup a Google login button on a web client:
https://developers.google.com/identity/sign-in/web/sign-in
When click on the Google login button this pops up:
All the interactions are between the IDP (Googl… Continue reading Google login button – what prevents an rogue app from stealing a token?
I received the following message from my bank:
Be careful when using wireless networks. Some wifi networks are unsecure, meaning that they may allow someone else to access information or files stored on your device. When … Continue reading Are these claims about public WiFi accurate?
I’m wondering if there’s any reason to implement a username/password with 2FA or, from the user’s perspective, just settle with a username/2FA code. I’m trying to seek a healthy balance between the ease of a sign in process a… Continue reading Two factor authentication vs. user experience
I would like to scan some directories on my local filesystem for suspicious (eg. obfuscated, system-calls, create-method calls, strange file names, etc.) PHP files.
Is there a known tool or script or anything like that (pref… Continue reading How to scan filesystem for suspicious PHP files? [on hold]
I’m setting up a small company (~3 employees) but having about 10 High-End PCs and maybe also open Wlan for guests. The later probably within a separated LAN.
How to provide this Wlan for guests so that guests are not able t… Continue reading How to protect a small company?
I am facilitating an management system project in intranet environment(but with internet access for many domain users) for printing barcode labels from a web interface.
1.
The current method our vendor employed is to launch a local bar c… Continue reading Securely launch local application from IE?
I’ve found a strange hostname in my dhcpd.leases file and I’m wondering what steps I should take in response.
I have a simple home network: my modem is plugged into a router running OpenBSD 6.0, and a laptop and an old Netge… Continue reading How should I respond to an unrecognized client in my DHCP logs?
Small threat models are relatively easy to build but building and maintaining a threat model that contains a few dozen components becomes difficult pretty quickly.
What tools do you use to collaborate across teams to build … Continue reading How do you scale threat modeling?
Firstly, I am not sure if this is the correct forum to be asking this question so I apologise if not. What I would like to know is, what do VPN browser plug-ins (such as zenmate) actually do and how secure are they?
I understand that the… Continue reading What do browser VPNs actually do?
If a user download commercial software through the official, corresponding website, but use a product key which you did not legitimately purchase (e.g. websites that offer a list of product keys for free), does that harm anything other tha… Continue reading Can ‘cracked’ product keys harm the user in any way?