Wadih M. – WindowsTechs.com

Is asking users to enrol in SMS 2FA when they already have an authenticator good security practise?

Posted on October 18, 2022 by Wadih M.

I already have an authenticator for Amazon AWS, and I’m being regularly asked to add an SMS 2FA as well.
If I add SMS MFA, will I become vulnerable to sim-swapping attacks on that MFA?
Same thing with many other services, I already have au… Continue reading Is asking users to enrol in SMS 2FA when they already have an authenticator good security practise?→

How are vulnerabilities like PrintNightmare CVE-2021-34527 discovered?

Posted on July 3, 2021 by Wadih M.

Regarding the newly discovered vulnerability PrintNightmare CVE-2021-34527 that has existed for years without being discovered, currently affecting almost all versions of Windows, server and workstation alike, and for which there is no pat… Continue reading How are vulnerabilities like PrintNightmare CVE-2021-34527 discovered?→

TunnelBear DNS Queries visible in Wireshark

Posted on July 9, 2017 by Wadih M.

I’m using a VPN provider in occurance TunnelBear and decided today to run Wireshark in parallel and found out that DNS resolutions are happening un-encrypted using OS default name resolution, e.g. through the DNS server IP ad… Continue reading TunnelBear DNS Queries visible in Wireshark→

Can a WannaCry infection via zero day vector be blocked by an antivirus?

Posted on June 27, 2017 by Wadih M.

We know that an AV would be able to stop a WannaCry executable that can be found in an attack email/file just before double-clicking.

However would an anti-virus be able to block against a WannaCry infection coming through … Continue reading Can a WannaCry infection via zero day vector be blocked by an antivirus?→

Is maintaining multiple keypairs for different services worth the effort?

Posted on March 23, 2017 by Wadih M.

Assume a machine with id_rsa and id_rsa.pub.

The machine has to authenticate to multiple services via keypair.

The first service for example is password-less ssh access to another machine by copying the public key to the … Continue reading Is maintaining multiple keypairs for different services worth the effort?→

Is Bluetooth a secure protocol?

Posted on March 4, 2017 by Wadih M.

I constantly get bluetooth patches in Windows 10.

However I see no new features, bluetooth is just bluetooth, how many possible patches do they need to push to reach a mature protocol. There’s no UI, there’s no innovation, i… Continue reading Is Bluetooth a secure protocol?→

Storing user credentials in local file or database

Posted on January 31, 2017 by Wadih M.

I’m designing a webapp from ground up.

From a security standpoint, assuming in both cases I will be hashing with a salt, a peper and a proper hashing algorithm.

Am I better off storing the user credentials in a database t… Continue reading Storing user credentials in local file or database→

Unencrypted passwords in a system considered a vulnerability?

Posted on January 29, 2017 by Wadih M.

Few considerations regarding what to call a vulnerability:

An unencrypted password database (think yes)
An unsalted hashed password database (unsure)
A salted and hashed password database (tend to think no)
An encrypted… Continue reading Unencrypted passwords in a system considered a vulnerability?→

Risks of encryption keys contained in a memory dump after a crash?

Posted on July 31, 2016 by Wadih M.

Assuming a full disk encrypted system where non-volatile storage is encrypted.

While the system is running, in case of a crash and memory dump, e.g. plugging a USB drive causing an IRQL_NOT_LESS_OR_EQUAL error, what are the risks that the… Continue reading Risks of encryption keys contained in a memory dump after a crash?→