current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help

All Questions

0
votes
1answer
9 views

If a website has a 5 second time delay before showing the login form, is that likely a security measure?

The JP Morgan Chase homepage has a 5 second delay before login form appears. If you refresh the delay is always there. If you fail to input a proper password, the failed login page has no such delay ...
0
votes
0answers
4 views

how to assess mobile device managment containers

Ive read a lot about container ( mostly docker) technology and its limitations in terms of security. I note that MDM/MAM solutions use containers to secure enterprise data. The idea being that the ...
0
votes
0answers
19 views

Securing online javascript execution

Recently, I decided to start working on an online PAC file evaluator. Currently, I just use pacparser, which calls out to SpiderMonkey, to parse the PAC file and return a result or error. Eventually I ...
0
votes
0answers
10 views

What security precaution would justify Apple's non-synchronization of certificate keys?

The Apple keychain on iOS and OS X both synchronize passwords via iCloud. The following document describes that only passwords are synched, and not certificates and private keys. Is there any reason ...
0
votes
0answers
8 views

Kali for RPi 3: exploitdb update hangs and does nothing

I have a serious problem in my Kali for Raspberry Pi 3. I've followed video on YouTube to expand Kali and install full version. I've started the process, and after about 4 hours, it has frozen and did ...
1
vote
0answers
22 views

What possible security flaws might sit behind this Pokerstars' password update message?

I tried to update my Pokerstars' account password today and I was presented with the following error: My question is, what security vulnerabilities might be behind the "Your password must start with ...
0
votes
0answers
2 views

IoT design security audit

We're working on the design of an IoT product for one of our clients. We've come up with a general security scheme (no code has been written yet) and our client would like us to have it audited by an ...
0
votes
1answer
17 views

Can malware be transferred from an Android device to a Desktop computer?

I am curious if it's possible for Malware to be transferred from an Android device to a Desktop Computer. In my situation I had detected malware on my android device via Lookout, and promptly deleted ...
1
vote
3answers
40 views

Can I spoof email?

I mean, if I would have my own SMTP (also, is it just about money or are there some limitations to running my own SMTP server?) and would just completely made up the mail (headers, spoofed IPs and ...
1
vote
1answer
25 views

Is it a good idea to deprecate support for some insecure clients on a website?

I have a scenario where a secure website with an A ssllabs overall rating is getting some warnings due to a lack of support for non-SNI browsers. Android 2.3.7 Incorrect certificate because this ...
1
vote
1answer
23 views

Hashing algorithm where re-identification is impossible?

I´m trying to anonymize an message-thread id to prevent re-identification even with full access to the source database. I need consistency when processing, so that multiple instances of say "100" ...
0
votes
0answers
32 views

Would I create a WiFi honeypot by setting up a fake network with a generic name like “linksys”?

On this page Apple says the following: SSID (Service Set Identifier—Wi-Fi network name) The SSID, or network name, identifies your Wi-Fi network to users and other Wi-Fi devices. It is case ...
-1
votes
1answer
20 views

How to bypass port filtering on open WiFi? [on hold]

Recently I got a new job. We have got Free WiFi here, it is very fast and it works perfecty. Sad thing is that there is a firewall on router (I think) that blocks all ports except HTTP (80) and HTTPS (...
0
votes
0answers
9 views

MSFvenom format specifier

In msfvenom, what does it mean exactly when I specify the format to C or Python? And what is the format 'raw' for? I know, when the format is psh-cmd it runs in the command prompt, and when it is exe ...
0
votes
0answers
23 views

Javascript that decrypts a string in the browser, when you enter the AES key/iv?

I have an application that displays messages to users. A message is retrieved through an API and stored encrypted on my server. When a user logs in his messages are decrypted and displayed in the ...

15 30 50 per page
1 2 3 4 5 2226