Collaborate Disseminate
Does the GNU GUIX package manager in require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get packages must be cryptographically verified because the repo’s man… Continue reading Does GUIX provide cryptographic authentication and integrity validation?
Does Node.js’s npm package manager cryptographically validate its payload’s authentication and integrity for all packages after downloading them and before installing them?
I see a lot of guides providing installation instructions with ste… Continue reading Does Node.js’s npm provide cryptographic authentication and integrity validation?
Is PSD2’s Strong Customer Authentication requirement possible to satisfy with secure 2FA solutions, such as TOTP and WebAuthn?
For the purposes of this question, I’m classifying all systems where an OTP has to be transmitted as "insec… Continue reading Is 3DS compatible with secure 2FA technologies? (TOTP, WebAuthn)
What can I do to fix the CloudFlare "Checking if the site connection is secure" infinite loop?
I’m tying to load a website. The very first GET gets sent to an interstitial page run by Cloudflare that says
Checking if the site co… Continue reading Cloudflare infinte loop (Checking if the site connection is secure) [migrated]
Do PCRs (Platform Configuration Registers) on TPMs (Trusted Platform Modules) retain their data on reboot?
I’m trying to find out if all (or some) of the PCRs on a TPM are volatile (will loose their memory on power loss) or nonvolatile (wi… Continue reading Are TPM PCRs volatile, non-volatile, or both?
What was the first processor that Intel released that supported Boot Guard?
Intel Boot Guard provides mechanisms to authenticate the firmware on the system at boot-time. Unfortunately, I could find very little information about the history… Continue reading When did Intel release Boot Guard? [closed]
Does Firefox’s built-in installer for addons/extensions validate its payload’s authentication and integrity for all files it downloads before actually installing them?
I avoid in-app updates because, more often than not, developers do not … Continue reading Does Firefox’s addon/extension installer provide cryptographic authentication and integrity validation?
Does the flatpak package manager in Fedora-based systems require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get packages must be cryptographically verified be… Continue reading Does flatpak enforce cryptographic authentication and integrity validation by default for all packages? (fedora)
Does the yum package manager in CentOS/RHEL-based systems require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get packages must be cryptographically verified b… Continue reading Does yum enforce cryptographic authentication and integrity validation by default for all packages? (CentOS, RHEL)
Does rust’s cargo package manager cryptographically validate its payload’s authentication and integrity for all packages after downloading them and before installing them?
I see a lot of guides providing installation instructions with step… Continue reading Does rust’s Cargo provide cryptographic authentication and integrity validation?