Highest Voted Questions - IT Security Stack Exchange

57

votes

2 answers

What are the main advantages of using LibreSSL versus OpenSSL

What are the main advantages of using LibreSSL vs OpenSSL? As I understood LibreSSL is a fork of OpenSSL: LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and…

tls webserver openssl configuration

asked Feb 02 '16 at 16:59

Wilt

873
1
9
13

57

votes

5 answers

Can I determine if my computer has a key logger installed?

A friend of mine just started a job at a security sensitive company. They've provided him with a laptop with Windows XP Professional installed. He's heard a rumor from other employees that the laptops may have key loggers installed. Is there any way…

windows keyloggers

asked Jan 27 '12 at 15:15

Plutor

671
1
5
4

57

votes

4 answers

Reusing Private/Public Keys

I have accounts on several third party sites - Bitbucket, Bluehost, etc. From what I've gathered, it is common practice to use one key pair for all [id_rsa, id_rsa.pub], but only to give out the public key Is that the correct usage, or is it…

ssh

asked Dec 29 '11 at 09:38

SamGoody

681
1
5
5

56

votes

2 answers

In CitizenFour, what was Edward Snowden mitigating with a head blanket?

A scene in the documentary CitizenFour showed Snowden using a blanket to cover his head and the laptop screen. When asked by Greenwald about this, he answered affirmatively, but I couldn't really understand what Greenwald meant/said. What was…

privacy

asked Feb 23 '15 at 21:34

Mars

1,843
3
16
22

56

votes

2 answers

What are the risks of self signing a certificate for SSL

Let's say I sign a SSL certificate for myself, and I'm not using a certified CA. What are the risks and/or threats of doing it?

cryptography tls certificates public-key-infrastructure

asked Oct 13 '11 at 18:06

Timo Willemsen

808
1
7
8

56

votes

5 answers

What is the difference between authenticity and non-repudiation?

I'm new to infosec and doing some reading. Not surprisingly one starting point was wikipedia. In this article, authenticity and non-repudiation are listed as 2 separate 'Basic concepts'. My understanding is that you cannot achieve non-repudiation by…

authentication non-repudiation

asked Aug 31 '11 at 10:59

Max

662
1
6
8

56

votes

8 answers

Should I get an antivirus for my Mac?

There are some people saying that people should use an antivirus software on Mac. And there are thousands of people claiming that Macs don't get viruses (under this term I mean spyware / malware as well), some even say that it's just a trick from…

virus antivirus macos spyware

asked Jul 10 '14 at 06:30

gen

1,680
3
18
18

56

votes

7 answers

How to explain buffer overflow to a layman

Every once in a while (when I think out loud and people overhear me) I am forced to explain what a buffer overflow is. Because I can't really think of a good metaphor, I end up spending about 10 minutes explaining how (vulnerable) programs work and…

buffer-overflow

asked Mar 21 '14 at 23:57

KnightOfNi

2,267
3
19
23

56

votes

2 answers

Why is the Access-Control-Allow-Origin header necessary?

I understand the purpose of the Access-Control-Allow-Credentials header, but can't see what problem the Access-Control-Allow-Origin header solves. More precisely, it's easy to see how, if cross-domain AJAX requests with credentials were permitted by…

http csrf same-origin-policy cors

asked Oct 10 '13 at 17:11

Mark Amery

1,797
2
13
21

56

votes

8 answers

How reliable is a write protection switch on a USB flash drive?

I'm currently using a USB flash drive with a live distribution. At times I would plug it into terminals I cannot trust. My threat model here is solely the risk of unauthorized modifications to the live distribution image on the flash drive.…

hardware usb-drive

asked Jun 01 '11 at 22:29

Karol J. Piczak

1,155
2
9
15

56

votes

2 answers

What do the dots and pluses mean when OpenSSL generates keys?

When OpenSSL generates keys you'll always see a series of periods/dots (.) and pluses (+). openssl dhparam -text -noout -outform PEM -5…

openssl

asked Sep 09 '13 at 00:46

Evan Carroll

2,547
4
23
35

56

votes

3 answers

What is the real function and use of a DMZ on a network?

I read the article on Wikipedia describing what a DMZ (demilitarized zone) is on a network, but am still failing to grasp both how it is set up (ie: is it within the main network or sequestered away?) and what its benefits and uses are. Can anyone…

network

asked May 08 '11 at 18:53

Naftuli Kay

6,745
9
47
76

56

votes

5 answers

IMG tag vulnerability

Is it safe to display images from arbitrary domains? I.e. let's say I have an image on my page:

What if image.gif will return some js attack vector, but not the image? Is there any known vectors? I've tried…

web-browser xss known-vulnerabilities file-upload chrome

asked May 24 '13 at 23:12

Paul Podlipensky

2,837
4
22
25

56

votes

5 answers

Are phone calls on a GSM network encrypted?

When I make a call on my cellphone (on a GSM network), is it encrypted?

encryption phone gsm

asked May 05 '13 at 00:43

Ram Rachum

1,998
2
19
20

56

votes

17 answers

Can we still provide confidentiality when cryptography is outlawed?

In certain jurisdictions, use of cryptography by the private sector is limited: e.g. there are reports that in the UAE and other countries not all of the encryption capabilities of the BlackBerry are permitted. Similarly, in the 1990s the U.S.…

cryptography encryption legal government

asked Apr 19 '11 at 09:41

user185

Most Popular