Collaborate Disseminate
The RAMBleed vulnerability uses Rowhammer induced bitflips to derive contents of memory that it should not have access to. This works with ECC RAM too. It is definitely scary.
Is this vulnerability even feasible for a real … Continue reading What are the security implications of RAMBleed?
Before we start this, I have paranoia issues (doctor diagnosed, not self-diagnosed) so things might at some points seem like an extremely far reach, but please bear with me.
I bought an AV yesterday (prefer not to name it),… Continue reading Can 3rd party AVs have accessed to my Windows PC and Android phone even after uninstalling and removing them?
I need two devices to communicate in plain sight and I want to know what to ask for. Nothing is secret so no need to encrypt. However, I need the source to be authenticated to prevent bad actors from sending false communicati… Continue reading Is there such a thing as an Authenticated Protocol?
In many cases, I have to add a public API key to my website (or application).
For instance, in order to have an embedded map on a website, one could use google maps, and be required to provide an API key.
I believe this issu… Continue reading What prevents a third party to use public API keys
I live in AZ and Cable One gave me a new ip address in MO, it is messing up my tv programs. They say it may take them up to 4 weeks to change it. Is there any way to speed them up?
Continue reading how long does it take an isp to change an ip address? [on hold]
We are all pretty comfortable with the fact that if ports 80 and 443 are open that these are for http even though some companies block 22 forcing people to repurpose 443 for ssh. So, those instances notwithstanding, does desc… Continue reading do SRV records make a system more vulnerable or expose too much
We are all pretty comfortable with the fact that if ports 80 and 443 are open that these are for http even though some companies block 22 forcing people to repurpose 443 for ssh. So, those instances notwithstanding, does desc… Continue reading do SRV records make a system more vulnerable or expose too much
Is it illegal to find someone’s IP address without them knowing? For example, telling them to test a website for you but the website actually tracks their IP and doesn’t tell them that you tracked their IP.
If I have a secure https://www.foo.com domain, but also have insecure http://a.foo.com and http://b.foo.com domains, is it possible to use an HSTS header with the includeSubDomains option if you only send it on https://www.fo… Continue reading Can I use HSTS with mixed HTTP/HTTPS subdomains?