Collaborate Disseminate
Just wondering how this one affects the privacy and security because it breaks a lot of sites displaying images for example.
Continue reading What is ScriptSafe’s "Client Rectangles" and what information does it leak?
I’m trying to find out which techniques, languages or plugins are being used by websites to extract information about a users platform, such as OS or CPU type. After researching, I realised that there are maybe two ways:
Fr… Continue reading How does websites know my OS, CPU, screen resolution, etc? [on hold]
Is multi-factor authentication a privacy risk? Does it make tracking/fingerprinting easier?
It was seem so because whoever is accepting the OTP could track and record every OTP request and metadata like time, location, etc.,… Continue reading Does multi-factor authentication make tracking/fingerprinting easier?
Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you don’t know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text — the classic canary trap.
Here’s a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, …read more
Continue reading Hide Secret Messages In Plain Sight With Zero-Width Characters
I wanted to sign in Telegram on my iPod Touch running iOS 11 with another account.
I deleted the app and install it again. On the sign up screen Telegram filled the phone number field with the number I was using 5 minutes be… Continue reading How can Telegram find my phone number on iOS 11 after uninstall?
What I’m trying to achieve is a confirmation of transaction (not payment) with a fingerprint sensor. Pretty much like Google does in its Play store:
Chose a product, click pay
Approve your choice with a fingerprint scan
W… Continue reading How reliable is using Fingerprint sensor (iPhone/Android) for identity approval?
I have a collection of nmap subject fingerprints (described here), but have updated my local (private) reference fingerprint database since they were collected. Is there any existing way to re-match these subject fingerprints… Continue reading Re-run nmap OS fingerprint match with existing subject fingerprint
I have a web application URL and I am interested to know which JBOSS version it is running behind. How can I check that? Is it possible to check with curl?
I was going through one of the articles on camera fingerprinting that says that
using most basic Instagram or Snapchat filters will not get rid of the
camera fingerprint. However, changing the resolution, which most
s… Continue reading Digital Camera Fingerprinting via Instagram and Snapchat
Setting up an AWS instance with the instructions here, I create a public/private keypair. I understand the public key fingerprint is usually just a hash of the public key.
However, the instructions here show that you can con… Continue reading How does a keypair fingerprint work?