Collaborate Disseminate
I am developing an VPN app, currently on mobile app part (Flutter). I have done server backend side. Client side code is done too. VPN establishment is based on socket communication: Client sends it its own public key and my Server sends b… Continue reading How to trust clients when they can be reverse-engineered to expose keys/credentials? [duplicate]
The InfoSec team of the client I work with has mandated that any customer-facing application’s backend should not directly access the database for that application. They require we create another internal API that is not public and call th… Continue reading Is creating an internal API within a VPN a recommended practice for securing database access for customer-facing applications?
My router (Unifi UDM-SE) has a honeypot configured which is capturing a scan from the iPhone about twice per day. I would like to figure out which App is doing this. I have followed the instructions on this post (Detecting port scanning ac… Continue reading How can I determine which IOS application on my iPhone is scanning my local network? [migrated]
I am currently employed at a financing company operating in both the USA and Canada. My current task involves exploring alternative methods to validate new credit applications.
Presently, we rely on a one-time SMS message for our new custo… Continue reading Application Validation Methods [closed]
I am currently employed at a financing company operating in both the USA and Canada. My current task involves exploring alternative methods to validate new credit applications.
Presently, we rely on a one-time SMS message for our new custo… Continue reading Application Validation Methods [closed]
I’m building a tool and users will run it by downloading a binary. What I’m considering is good ways to secure this for the user. There’s for me easy ways like "Recommend running this on a new temporary VM without internet access"… Continue reading Increasing trust in a downloaded binary
Consider me the average Linux user. I know the basics of shell scripting and intermediate Python. However, I have very limited knowledge of system admin or security related matters.
Background:
Say that I have a Python application just in … Continue reading Detecting if application connects remotely in linux
I’m working on idea for a project the goal is to allow a user to share their encrypted content with friends while ensuring the server and none friends maintains zero knowledge of the actual content.
Here’s an example structure of a user:
U… Continue reading User-Controlled Encryption in web app. How to Implement Encrypted Content Sharing Among Friends?
I’m working on idea for a project the goal is to allow a user to share their encrypted content with friends while ensuring the server and none friends maintains zero knowledge of the actual content.
Here’s an example structure of a user:
U… Continue reading User-Controlled Encryption in web app. How to Implement Encrypted Content Sharing Among Friends?
I am using the note taking app Color Note (www.colornote.com) on my mobile phone that is using Android 7.1.1 to take some notes (old device). I am not using their cloud sync capability, and my email/any personal accounts aren’t connected t… Continue reading Note Taking App Hacked?