Most active questions

Suppose I have the privilege to being able to physically meet a person that I want to communicate with beforehand. Suppose the person and I have minimal trust --- it could be the first time we get to ...

I've got multiple OTP managers on my telephone. All of them seem to work with a constant timeout on the one-time passwords that are generated. For instance, the Microsoft authenticator works using a 6-...

There are database services offering access to the database via a HTTPS API, such as Neon and Algolia. This is great for serverless environments, but from a security standpoint, I’m curious if this ...

I was doing a Nmap scan on the public network of the company that I work for. Using the script "-sC" I noticed that the scan showed the certificate, and in particular the SAN section. In ...

Apologies if this is a duplicate, I’m having trouble even to find the right words for it. As far as I am aware, password authentication usually works in a way that the server stores a hash of the ...

Quick Context: I often come across videos where people build apps using SQL database services alongside serverless functions (like AWS Lambda, Vercel, and others) without setting up a VPC to keep the ...

Is there any way to extract a private key from a PEM file without the openssl tool on Windows? Windows MMC won't do the trick as I cannot export to PKCS#12 due to my work laptop security restrictions ...

I have two servers, and I want one to talk to the other. Lets call them alpha and beta, where alpha wants to talk to beta. On alpha, I have created an RSA key pair : private key and public key. I use ...

Canonical, the publishers of Ubuntu, create their own set of security patches for packages in Ububtu's "universe" repository of community-maintained software. They make these patches ...

Tools like Ansible Vault, CNCF SOPS or Chezmoi make it easiy to keep secrets encrypted in version control, so that you can publish the repository, but still use the secrets inside when deploying. This ...

I’m not sure whether this question fits better under AI, Cryptography, or Security. I’ll place it under Security for now, since AI Security has become a new and growing domain. I have developed an ...

I have a TP-Link AX73 router. It was initially released in 2020. This router has VPN server functionality that allows me to connect to my home network when away from home. However, as far as I can ...

I'm trying to solve this ctf challenge: (Category - Misc), Description: "In the neon-soaked streets of Helix City, an underground courier group called the Neon Runners uses glitched billboards ...

RFC 9242 - Intermediate Exchange in the Internet Key Exchange Protocol Version 2 (IKEv2) describes a new IKEv2 exchange type called "IKE_INTERMEDIATE". The purpose of this type is to allow ...

A few years ago, I set up my Yubikey with PGP by following Dr.Duhs Yubikey Guide. I created an offline Certify key / Master key on a live usb distro, and then created the corresponding sub keys (S,A,E)...