Collaborate Disseminate
I realise this borders on sci-fi, but there’s been some interesting demonstrations regarding security of various satellites.
What would be required to hack a satellite (in general terms, any hack really)? Are they all basic… Continue reading What would one need to do in order to hijack a satellite?
Browsing over this site, many forums, online articles, there’s always one specific way we’re suggesting to store a password hash:
function (salt, pass) {
return ( StrongHash(salt + pass) );
}
But why this exact way? Why aren’t we sug… Continue reading Why is it always `HASH( salt + password )` that we recommend?
Lets say I want to create a cookie for a user. Would simply generating a 1024 bit string by using /dev/urandom, and checking if it already exists (looping until I get a unique one) suffice?
Should I be generating the key bas… Continue reading Is a rand from /dev/urandom secure for a login key?
Lets say I want to create a cookie for a user. Would simply generating a 1024 bit string by using /dev/urandom, and checking if it already exists (looping until I get a unique one) suffice?
Should I be generating the key bas… Continue reading Is a rand from /dev/urandom secure for a login key?
For instance, lets look at a common login system for a website
HTTPS connection is made
User submits credentials via POST
Server-side code hashes the password and looks if it matches the user name
Session is initialized, an… Continue reading Why do some people really hate security via client-side?