Collaborate Disseminate
Germany (SAP / Telekom) built a Corona-App. It’s available in the Android Store and the code is on Github.
Is it possible to check if the code on Github matches the code in the Android Store?
Continue reading Is it possible to check if the source code matches the App version? [migrated]
I’m currently creating a small service where users can upload images (just a free time project). The images are either private, public (unlisted) or public (listed).
Now I’m wondering for public unlisted content how long the URL should be… Continue reading How long does a secret URL need to be?
I think bluetooth has an authentication measure. As a user, when I get a new bluetooth keyboard, I have to:
Go to my computer, search for bluetooth devices
Put my keyboard in “pairing mode”
My computer displays some random numbers which … Continue reading Does authentication for USB keyboards exist?
There are a couple of files / tools which provide file-level encryption. I guess PDF and ZIP are probably the most commonly known ones.
I wonder what scenario they actually help with or if it just is a bad solution.
For example, if I wan… Continue reading What is the attack scenario against which encrypted files provide protection?
I use OpenID Connect to let my users login. What could happen if Flasks SECRET_KEY becomes public?
Continue reading What can happen if my Flask SECRET_KEY becomes public?
Every open code repository has security issues. Attackers can use three ways to sneak malware in:
Abuse typos: Create a package with a similar name, but the package is malware
Malware + useful code: The library actually pro… Continue reading Is there a standard way to check if a requirements.txt has potential security issues?
Is there any scientific survey about this?
I could imagine an experiment like this:
100 people provide at least 3 times their signature (e.g. with different pens)
Each of them gets all 3 example signatures of e.g. 2 other people and has… Continue reading How accurate are people at determining the validity of a signature?
A colleague recently searched an apartment in Munich (Germany) and received on message that looked very much like scam:
Extremely nice apartment pictures
Considering the price, location and general impression, rather cheap
… Continue reading How do rental scams with Airbnb work? [on hold]
I recently wanted to see what happens when I change my local time to something obviously wrong. I tried the year 2218, so 200 years in the future. The result: I couldn’t access any website anymore (I didn’t try too many, thou… Continue reading How important is local time for security?
PyPI is a third-party software repository for Python packages. Everybody can upload packages to it (see The Python Package Index (PyPI)).
How does PyPI prevent people from uploading malware?
When I am searching for software, how can I be… Continue reading Which security measures does PyPI and similar third-party software repositories take?