Geremia – WindowsTechs.com

Why is Telegram’s server-side code closed source?

Posted on April 20, 2024 by Geremia

Why is Telegram’s server-side code closed source, but the client code is open source? Does having closed source servers improve its security?
Telegram FAQ page:

Q: Can I get Telegram’s server-side code?
[…]
By contrast [to the client apps… Continue reading Why is Telegram’s server-side code closed source?→

Convert PGP key to X.509?

Posted on March 6, 2024 by Geremia

Can I convert a PGP key to X.509, using OpenSSL or GNUPG?
Aren’t these only container/wrapper formats?

Continue reading Convert PGP key to X.509?→

IP address leaked in email header?

Posted on August 24, 2020 by Geremia

Can my IP address ever be included in the header of emails I send? Or do email servers never include my IP address in my emails’ headers?

Continue reading IP address leaked in email header?→

Websites that test what IPv6 DNS server I’m using?

Posted on October 11, 2019 by Geremia

I am concerned with DNS hijacking when connected to a DNS server with an IPv6 address.

Is there a website that tests what IPv6 DNS server I’m using?

By “IPv6 DNS server” I do not mean IPv4 DNS servers that resolve IPv6 addr… Continue reading Websites that test what IPv6 DNS server I’m using?→

Why do so many websites use third-party sites for hosting JavaScripts?

Posted on May 8, 2019 by Geremia

Why do so many websites serve JavaScripts from ajax.googleapis.com and other third-party sites? Wouldn’t it be securer for these sites to host these scripts themselves?

Continue reading Why do so many websites use third-party sites for hosting JavaScripts?→

Check if my wireless router in a BSSID or MAC address geolocation database? [on hold]

Posted on May 1, 2019 by Geremia

How can I check if my wireless router is in a BSSID or MAC address geolocation database?

Continue reading Check if my wireless router in a BSSID or MAC address geolocation database? [on hold]→

Does multi-factor authentication make tracking/fingerprinting easier?

Posted on April 20, 2018 by Geremia

Is multi-factor authentication a privacy risk? Does it make tracking/fingerprinting easier?

It was seem so because whoever is accepting the OTP could track and record every OTP request and metadata like time, location, etc.,… Continue reading Does multi-factor authentication make tracking/fingerprinting easier?→

Can PFS be used to prove that a file was transmitted/received at a particular date & time?

Posted on April 20, 2018 by Geremia

Can Perfect Forward Secrecy (PFS) be used to prove that a particular file was transmitted or received at a particular time? If so, how? By keeping records of the entire TLS stream?

Continue reading Can PFS be used to prove that a file was transmitted/received at a particular date & time?→

Why would distributing via Google Play be more secure than distributing APKs?

Posted on May 20, 2017 by Geremia

Why do so many Android developers use Google Play to distribute apps instead of (or in addition to) simply putting the APK on their secure website along with a checksum or signature of it?

Continue reading Why would distributing via Google Play be more secure than distributing APKs?→

2048-bit vs. 4096-bit TLS cert performance difference?

Posted on March 27, 2017 by Geremia

Is there any difference in performance between using, say, a 2048-bit TLS cert compared to a 4096-bit one? If so, how much difference in performance could there be? If not, why use 2040- over 4096-bit TLS certs?

Continue reading 2048-bit vs. 4096-bit TLS cert performance difference?→