Collaborate Disseminate
When I’m visiting a website on the public internet, the website can cause my browser to send requests to a local IP address (such as 10.0.0.1). This can be used to attack internal web sites, e.g., through
CSRF attacks.
Why do browsers all… Continue reading Why do browsers allow public websites to attack intranet sites?
I’ve been learning about UEFI Secure Boot, which attempts to prevent “bootkits” by locking down the boot process so that only signed bootloaders and kernels can be loaded.
Hibernation seems like a major attack vector. Hiber… Continue reading How is hibernation supported, on machines with UEFI Secure Boot?
One of the features support by modern processes and Trusted Platform Modules is “dynamic chain of trust” (also known under the acronym DRTM, for dynamic root of trust measurement). This allows loading a critical piece of sof… Continue reading Does "late launch"/"dynamic chain of trust" allow remote attestation?
Some PCs come with a TPM. One of the nifty capabilities of TPMs is the ability to perform remote attestation. Remote attestation allows your computer to tell a third computer what software your computer is currently running — and this s… Continue reading Does any tablet support remote attestation?
What are the security risks with JSONP? Is using JSONP in a new web application reasonable, from a security perspective, or is it better to use a different method for cross-origin web mashups?
If using JSONP is reasonable, … Continue reading Security risks with JSONP?
Many of you may have seen How Apple and Amazon Security Flaws Led to My Epic Hacking, where a Wired reporter’s Amazon, Apple, Gmail, and Twitter accounts were successfully hacked. The hacker followed an elaborate sequence of… Continue reading Password resets – what practices should web services follow?
When setting up a server, what configuration changes do I need to make sure that all of the software uses /dev/urandom instead of /dev/random?
Some servers don’t have much entropy in the entropy pool (e.g., VPSs). If a software component… Continue reading What do I need to configure, to make sure my software uses /dev/urandom?
What are the security risks of scanning a QR code from an untrusted source?
If the QR code was constructed by an attacker, what can the attacker do to me? Do widely used QR scanners have any known vulnerabilities? What information can b… Continue reading Security risks of scanning an unknown QR code
Can anyone suggest good resources to learn about vulnerabilities in and attacks on web sites, in a hands-on way, for someone with limited programming experience?
Continue reading Best resources to learn web security attacks? [closed]
Most modern browsers support "private browsing mode" (also known in Chrome as "Incognito mode"), where the browser does not save any information to disk about your browsing while in this mode.
In modern browsers, can a … Continue reading Can web sites detect whether you are using private browsing mode?