Collaborate Disseminate
We’re trying to figure out whether Sonos was doing the right thing, and it’s getting to the point where we need pins, a corkboard, and string. Sonos had been increasing the functionality of its products and ran into a problem as they hit a technical wall. How would they keep …read more
Continue reading Ethics Whiplash as Sonos Tries Every Possible Wrong Way to Handle IoT Right
This is kind of a weird question maybe, so let me explain a little background first that I hope is relevant.
I work as a Developer/Analyst for an organization that operates in a federated model with a central authority, except I’m part of… Continue reading Alternative approaches to letting users identify themselves while maintaining privacy
When “ethical” hackers/pen testers harvest repositories of stolen credentials to then use them in pen testing for paying clients, what ethical boundaries are broken?
If a lazy hacker leaves their captured credentials out on … Continue reading Where is the line drawn for ethical hackers using stolen credentials in their paid services? [closed]
As we close out 2019, we at Security Boulevard wanted to highlight the five most popular articles of the year. Following is the fifth in our weeklong series of the Best of 2019. Privacy. We all know what it is, but in today’s fully connected society c… Continue reading Best of 2019: Privacy: Where Security and Ethics Miss the Mark
Today, I got a phishing email impersonating a large bank. To my surprise, the link in the email pointed at a rather sophisticated phishing website which could potentially result in many victims.
The bank had already been noti… Continue reading Effectiveness and ethics of flooding phishing websites with fake data as a countermeasure
This question concerns both physical and non-physical pentests.
Should I used customers’ accounts to pwn? (Assuming I’m not given an account by the employer/target for the engagement)
I may somehow manage to grab credenti… Continue reading How should I use the target’s customers in penetration tests? [on hold]
I’m currently doing security research on the dangers of using default or well known ‘secrets’ for applications.
To test how big of an issue this actually is, I decided to download local copies of the ‘large’ stack-exchange … Continue reading How ethical is it to publish an (anonymous) password list from real sources
A new massive hack and leak in Germany renews the debate over how to cover and share sensitive stolen data. Continue reading Before Germany’s Massive Hack, We Learned What Not to Do With Sensitive Stolen Information
Today I read about ethical hacking and cracking. I read that ethical hacking is legal but cracking is illegal. The confusion came in my mind when I think that both are same.
So how can we identify it’s illegal hacking or not? Because an … Continue reading What is difference between cracking and ethical hacking?
Is it legal for my employer to turn on my personal phones wifi when I walk into work.
Continue reading Employer viewing my phone while I’m on it at work