John Doe – Page 7 – WindowsTechs.com

Why is it unsafe to send a user their password via SSL encrypted communication rather than always sending a reset link?

Posted on July 29, 2018 by John Doe

I can understand why you wouldn’t want to email someone their password, but on an SSL encrypted web page, I dont understand why websites always require you to reset the password when you’d probably prefer to keep it the same,… Continue reading Why is it unsafe to send a user their password via SSL encrypted communication rather than always sending a reset link?→

How can hackers do a tv signal intrusion?

Posted on June 1, 2018 by John Doe

How can hackers do incidents like the Max Headroom one?

This is related, but it doesn’t answer my question.

Continue reading How can hackers do a tv signal intrusion?→

how does your standard security system work? [on hold]

Posted on April 5, 2018 by John Doe

Do they have lasers motion sensors etc.. more looking for the type of security system you would see in a basic house not rich / well endowed one.

Continue reading how does your standard security system work? [on hold]→

Help with breaking SSL pinning of this app

Posted on March 14, 2018 by John Doe

I need help removing SSL pinning of this original Android app. I’ve tried different techniques like hooking the app with Objection, re-pinning with Frida, using the SSLUnpinning app from the Xposed repo, etc. but nothing seem… Continue reading Help with breaking SSL pinning of this app→

How to decrypt encrypted post data of an Android app?

Posted on March 12, 2018 by John Doe

I’ve seen many Android apps which send encrypted post data, tools like Fiddler and Burp can’t decode that data, is there any other tool or method that can decrypt this obfuscated post data?

For example look at this:

POST /a… Continue reading How to decrypt encrypted post data of an Android app?→

How to identify and decode the following [on hold]

Posted on February 2, 2018 by John Doe

I am completing a challenge, I am stuck on the last level there is a hints.txt file, a keyFile.txt, and a Message.txt file, I decoded the SHA hashes and the NTLM (md5) hash, then I reversed the first string and got the follo… Continue reading How to identify and decode the following [on hold]→

Design for secure offline storage of key with two or more parties by key sharing

Posted on December 31, 2017 by John Doe

Design:

People should be able to store the partial-key in a unobtrusive form but the unobtrusive form should not be used to decrypt sensitive content on its own.

The design should allow to be plausible deniable because the … Continue reading Design for secure offline storage of key with two or more parties by key sharing→

Is there a flaw in this strategy for computing a task in such a way so as to be both provably accurate and provably transparent?

Posted on December 21, 2017 by John Doe

Recently in a discussion about voting system security I suggested that it’s possible to create a system that is:

provably accurate.
provably transparent.

And thus design a machine that’s both reliably accurate and secure … Continue reading Is there a flaw in this strategy for computing a task in such a way so as to be both provably accurate and provably transparent?→

How secure is a password made up of three or four three-letter words?

Posted on October 22, 2017 by John Doe

According to this, a password such as dinwryran is secure against a brute-force attack. Is this true? If not, why?

Continue reading How secure is a password made up of three or four three-letter words?→

I wrote my own honeypot and what I am seeing is beyond what I thought would occur

Posted on September 10, 2017 by John Doe

I wrote my own honeypots, one ftp, telnet, proxy, and http, all in in python except for http (php), after reviewing my logs, I found 40 logs in my telnet honeypot and 0 in every other log folder (ftp, http, proxy), I wrote an… Continue reading I wrote my own honeypot and what I am seeing is beyond what I thought would occur→