Collaborate Disseminate
While these VPNs can work inside of China, I wonder how private and secure they are since China is known for its great firewall, like most technically advanced countries. Are these methods working? Because China can "see through the t… Continue reading Can China decrypt SSL as soon as people using their ISP?
Is there any examples of android malware that can survive a factory reset and a flash?
If so how does it work exactly in detail please?
(other than Pegasus of course) thinking of a malware known before 2019
(installed from any browser allo… Continue reading Android girlfriend malware
I seek protection against MITM & snooping of VPN or Tor proxy traffic on public WiFi.
So, what are the different security impacts of each of these 2 solutions:
Using a VPN (like Proton VPN) to connect to the internet while using publi… Continue reading What is the difference between a VPN and a Tor Socks proxy on public wifi?
Do I need to change anything within network manager or even use some sort of IPtable entry or is this already preset from Openvpn Client to say a third party VPN server for example I use proton
I need to be absolutely sure about this Im go… Continue reading is Openvpn Client? already in Network Isolation mode standard settings (Linux) [closed]
I understand that in a non-authenticated Diffie-Hellman setup, a man-in-the-middle attack can occur. Now i’m curious about the feasibility of the following scenario:
Let’s assume a situation where www.example.com exclusively supports authe… Continue reading Evading authenticated diffie hellman with MITM
Sorry for the basic question, I’m still wrapping my head around the ins and outs of SSL and asymmetric encryption. In order to better test my understanding, I was considering the following thought experiment:
Given a CA is responsible for … Continue reading Could a trusted CA pretend to be me and run a MITM? [duplicate]
I have hosted an api on an AWS Windows server, imported ssl certificates from a known CA, and made https mandatory.
Then built a client app that is an executable, then pinned the public key hash for all requests from this app to the server… Continue reading Is Certificate Pinning safe and worthwhile for an API server that will only accept requests from an android application?
I’m researching about PPP (Point to Point protocol) and it’s security aspects.
While exploring PPP Authentication I’ve noticed possibility for security downgrade attack. Generally authentication procedure looks as follows:
Client starts … Continue reading MS-CHAPv2 Auth protocol downgrade
Historically, whenever I logged in I got a standard looking text from "Facebook" stating my login code.
As of this morning, when I attempt to log in, I get a fake looking text from a random phone number. The word "Face"… Continue reading Every time I log into Facebook, the SMS based 2FA code appears to get intercepted (UK)
I was wondering if we push our DNS over the VPN and basically let them do DNS resolution, is it possible to perform DNS poisoning and man in the middle attack on us?
I know browsers check certificates but is there any other security layer … Continue reading can a VPN provider do DNS poisoning?