Collaborate Disseminate
I was reading about how Tor works. There is says that if the attacker is able to see both ends of the communication channel then Tor fails (and other anonymous networks too).
How and why does this attack work?
Continue reading How do traffic correlation attacks against Tor users work?
I am writing an app that requires multiple levels of users, where one user is an administrator and adds slave users.
I can’t really seem to find a way to allow access to the slave users safely. Emailing a password is unsafe … Continue reading Allowing access to a programmatically created user without compromising security?
I am writing an app that requires multiple levels of users, where one user is an administrator and adds slave users.
I can’t really seem to find a way to allow access to the slave users safely. Emailing a password is unsafe … Continue reading Allowing access to a programmatically created user without compromising security?
I have read a lot on the topic of enforcing end-user security training, such as how to spot a phishing email for example. Even enforced training, such as conferences or videos that the end-user must watch can easily be neglec… Continue reading Efficiency of end-user training
A ZKP allows proof of knowing the answer to a secret, without actually disclosing what that answer is.
Is there any analogy that can help people put this concept into everyday practice? A “lie to children” example is sufficient.
For exa… Continue reading How can I explain "zero knowledge proof" to an end user?
Apart from the conventional email phishing tests, what other security Key Performance Indicators can be used to measure end user security awareness in an Organization?
Looking at the SANS critical security control #9: