Collaborate Disseminate
Assumption a customer is sitting in a public area connected to a public wifi.
Step 1. example.com server sends the following information to trustworthy.external.domain over https:
redirectPath="https://www.example.com/public/endpoint… Continue reading Is encrypting a query parameter within a URI a security best practice?
How smart cards technically store their secrets?
I know smart card is whole computer on chip and it respond only to challenges. I know their software/firmware doesn’t allow (it doesn’t have the feature for that at all) to ever reveal the s… Continue reading How smart cards store their secrets? [duplicate]
Is there a way to prevent a Windows 10/11 system to access/modify/delete data from a secondary linux drive?
I understand I can encrypt the linux drive, but wouldn’t the windows system be still able to see the drive, and a potential malware… Continue reading Preventing Windows from seeing/tampering with linux drive
When sending a request (POST, PUT, etc). I have a security requirement to ensure that the data in the payload has not been tampered with.
In other words I need to know with certainty that the data entered was entered by the user and has no… Continue reading Tactics to ensure payload has not been modified
Suppose I want to print a human readable 10 digit serial using ordinary day today printer but the printer is communal printer and manned. My intention is for the person manning the printer to not read the code.
Initial inputs that i know i… Continue reading Preventing printed data interception using origami or other technique?
I read in the answer here by Marcus that ROM is Tamper-proof.
What is the difference between tamper-proof, tamper protected and tamper-resistant?
Now, there are some re-writable memory (eg. eNVM) that can be configured to have some of … Continue reading Tamper Protected VS. Tamper Proof for write-protected memories
Samsung phones come with a security seal that says you should not buy the phone if it is broken. Is this proof that no one has tampered with the phone?
Is there some way to take off the seal and paste a new one. Perhaps with… Continue reading Is the security seal on samsung phones proof that the phone has not been tampered with?
Hackers can hack the SD memory card micro controller and physical tampering to modify the SD card firmware or hardware.
https://media.ccc.de/v/30C3_-5294-en-_saal_1_-201312291400-_the_exploration_and_exploitation_of_an_sd_me… Continue reading Tamper proof SD card
Say I have some Apache logs that show brute force attempts on a login page. I’ve singled out the IP, and found out who the culprit was. How can I show to a third party that I didn’t makeup the entries in those logs?
Is there… Continue reading Prove log files weren’t tampered with?
What would be the best practices for securing a single-purpose Windows laptop against a determined foreign intelligence agency from tampering with data on the machine? The machine would be used several times per year by two individuals wh… Continue reading Securing a Laptop from a Foreign Intelligence Agency