Do frequently crashing programs pose a bigger security threat than stable programs?

If I have an app that’s frequently and randomly crashing, will it impose a bigger security threat (e.g: possible attack vector) than apps that are stable? Or are both apps equally protected from such attacks by the kernel and firmware?
Of … Continue reading Do frequently crashing programs pose a bigger security threat than stable programs?

Protection against user session attacks (hijack, replay, tampering, CSRF, XSS…)

We develop a website in JAMStack, all URLs are static HTML page, and each interaction with the server are made by a fetch call on our REST API (micro-services).
When a user sign in, we want to proposes an option to permit them to stay conn… Continue reading Protection against user session attacks (hijack, replay, tampering, CSRF, XSS…)

What are the security issues of being able to put anything into a website’s URL and generate a 200 status code?

If I have a website where a user can add any string into the URL after the domain and have it return a 200 status code rather than 404, what are the security implications?
Is this something that can be exploited by hackers?

Continue reading What are the security issues of being able to put anything into a website’s URL and generate a 200 status code?

Do devices that listen for wake words wright the detection samples to memory, if only briefly?

For devices that use wake words for voice assistants, like phones, smart watches, and smart speakers, the audio has to be a constant stream for these devices to compare to the properties of the wake word.
My question is do they record thes… Continue reading Do devices that listen for wake words wright the detection samples to memory, if only briefly?