Collaborate Disseminate
Does wrapping an SSH tunnel with a secondary SSL/TLS layer actually improve the security of the connection?
If not, does doing this make the connection less secure?
Why/ Why not?
Continue reading Does using an SSH tunnel over TLS improve security? [duplicate]
As most people know, it is very easy to modify a webpage’s local cached content (HTML, JS) through Inspect Element or various other means.
This could be probably be stopped through something like dynamically rendered AJAX content on a page… Continue reading Is there any reasonable security reason for an administrator to prevent modification of locally loaded websites?
Is this the case, and if so, is there a technical reason for it?
Maybe “statistically” weak security that leads to PtH vulnerabilities goes hand in hand with weaker hashing functions?
Continue reading Are certain hash types more susceptible to pass-the-hash attacks than others?
Due to malware infections becoming more and more common, antivirus are a growing industry.
But it is common knowledge that polymorphic viruses (that rewrite their own code) are much harder to detect and remove with AVs.
This source, as wel… Continue reading What is the best way to protect from polymorphic viruses?
I’ve heard numerous times that Few CAs offer IP-based SSL/TLS certificates.
This question seems extremely similar, but what the accepted answer says is:
Usual commercial CA won’t accept to encode IP addresses in certificates, in particula… Continue reading Is there a security reason why few CAs offer IP-based SSL/TLS certificates?
At my work, they don’t like different employees having ‘partially matching passwords.’
I had never thought anything of it before, but just now I realised what this means (or might mean.)
When I emailed the IT department, they were more tha… Continue reading Is it secure to block passwords that are too similar to other employees’ old passwords?
Because my child wanted to access certain blocked websites (such as ChatGPT), on his school computer, which runs personal Windows 10, I decided to setup a Ubuntu VM for him.
Websites are blocked by a tool called Blue-Coat Unified agent, wh… Continue reading How can this unelevated tool intercept VM traffic and cause a "blue screen of death" on a personal Windows 10 computer?
It is very common (at least where I am) for routers to come with a WiFi-PSK on the bottom of the router.
And I don’t mean something like Wifi-Link-2G, I mean something random and (cryptographically) secure.
For example, my one came with th… Continue reading Is it safe to keep the (secure and random) PSK provided with your router?
In the interest of security, is it safe to use HTTP (and not HTTPS) on a website where no sensitive information is being transmitted?
On a website that is purely informational, for example, and doesn’t even have the option to make an accou… Continue reading Is it safe to use HTTP if no sensitive information is being transmitted? [duplicate]
I know that basically every modern browser version has a cross-site-scripting blocker for XSSed URLs, as in the type of filter that actually stops a user from visiting the URL, warning them of the malice it might inflict.
But let’s say tha… Continue reading Can URL maskers bypass browser XSS blockers?