compression – WindowsTechs.com

Is an API vulnerable to BREACH if HTTP compression is only enabled for endpoints that are authenticated using bearer tokens?

Posted on October 16, 2024 by Joseph

Let’s assume an API returns sensitive information (e.g. medical or financial) to authenticated users only.
In some circumstances responses may include information the user supplied in the request (e.g. if the user updates some text propert… Continue reading Is an API vulnerable to BREACH if HTTP compression is only enabled for endpoints that are authenticated using bearer tokens?→

HTTPs compression, CSRF and mobile apps

Posted on August 12, 2024 by JohanShogun

I have a backend for a mobile application that has to serve large JSON responses from time to time, the transfer would be greatly helped by enabling compression, especially when the user has bad coverage.
Googling it seems like enabling co… Continue reading HTTPs compression, CSRF and mobile apps→

Your Text Needs More JPEG

Posted on March 20, 2024 by Bryan Cockfield

We’ve all been victims of bad memes on the Internet, but they’re not all just bad jokes gone wrong. Some are simply bad as a result of being copies-of-copies, as …read more Continue reading Your Text Needs More JPEG→

How does malware work when compressed?

Posted on February 1, 2024 by ReaLiTy-UnFatHom

I have read up on compressed folders of file types such as .zip, .rar and .7zip being the malicious file itself (excluding cases such as an .exe file being disguised as a .zip file etc…), only requiring the user to open the file in their… Continue reading How does malware work when compressed?→

WinZip AE-2 for small files and AE-1 for larger – how small/how large for each? [closed]

Posted on January 4, 2024 by Michal Charemza

I’m adding password protection/encryption support to a Python package that makes ZIP files (https://github.com/uktrade/stream-zip). I’m opting to not add ZipCrypto support, but instead add WinZip-style AES
From https://www.winzip.com/en/su… Continue reading WinZip AE-2 for small files and AE-1 for larger – how small/how large for each? [closed]→

G-code Goes Binary with Proposed New Format

Posted on November 29, 2023 by Donald Papp

G-code is effective, easily edited, and nearly ubiquitous when it comes to anything CNC. The format has many strengths, but space efficiency isn’t one of them. In fact, when it …read more Continue reading G-code Goes Binary with Proposed New Format→

Text Compression Gets Weirdly Efficient With LLMs

Posted on August 27, 2023 by Donald Papp

It used to be that memory and storage space were so precious and so limited of a resource that handling nontrivial amounts of text was a serious problem. Text compression …read more Continue reading Text Compression Gets Weirdly Efficient With LLMs→

Explore FFmpeg From the Comfort of your Browser

Posted on August 27, 2023 by Tom Nardi

If you’re looking to manipulate video, FFmpeg is one of the most powerful tools out there. But with this power comes a considerable degree of complexity, and a learning curve …read more Continue reading Explore FFmpeg From the Comfort of your Browser→

Can you unzip multiple password protected compressed files at once?

Posted on May 23, 2023 by Jason

Is that possible in winrar or other application? If not, is there a way to bulk unzip all the files at once without having to input password? Thanks.

Continue reading Can you unzip multiple password protected compressed files at once?→

Fuzzy hash of a file

Posted on May 19, 2023 by Moooz

Could someone please explain this to me: When you use a fuzzy hash algorithm (ssdeep, tlsh, sdhash… or any other) to calculate the hash value of a file, does it calculate the hash based on the whole file (e.g. a PDF file consists of a tr… Continue reading Fuzzy hash of a file→