Have a look at dn42. https://dn42.net/Home
The "malicious" code at the end of the advisory looks like nothing more than a beacon announcing it was installed? edit: get current working directory get username get hostname concatenate the last 3 together…
php-cli scripts normally don't have an execution time limit (or a memory limit?), which makes them ideal for upgrades/database maintenance/cron jobs/etc while being able to reuse code from the application itself one…
The share links look like this https:// send.firefox.com/download/<$file_identifier>/#<$encryption_key> Data after the # in the url should not be sent to the http server by the client. Encryption/decryption is…
part of this can be done with openSSH by setting the banner option in sshd_config. "Banner The contents of the specified file are sent to the remote user before authentication is allowed. If the argument is ``none''…
Would (a) not be a. Cache files are added to when _something causes a request for_ IPFS content The distinction being that "something" is not always a direct action from the user. If content on IPFS (ie a web page?) can…
For anyone wanting to do this, the profile and no-remote command line options[1] may be useful if you want to create shortcuts to launch specific profiles You might also want to consider using a different theme[2] in…
If the attacker has ever seen the headers of a message you sent through fastmails SMTP service they have your public IP (Received from header) and can Dos you directly anyway. They do something similar with their…
After some thought, The only advantage of signing before and after i can think of is without it you are left with the (theoretical?) problem of not knowing if the output from your implementation/version of the utility…
Why is the debate about "compress/encrypt then sign" vs "sign then compress/encrypt"? Is there a non obvious problem with sign then compress/encrypt then sign again? (overcomplicated or unnecessary?)
"Disk drives depend on the head floating on a cushion of air, they are not designed to operate in a vacuum" https://en.wikipedia.org/wiki/Flying_height
Some of the commissions objections are outlined here, does anyone have a better source? http://europa.eu/rapid/press-release_IP-16-1492_en.htm
I have seen several suggestions along the following lines as far back as the original blog post which announced the intention to require extension signing Allow an extension signing certificate to be place in a…
Why are the packages from chocolatey trusted? I am not familiar with chocolatey but the powershell script on https://chocolatey.org/packages/filezilla (click show files) contains the following $url =…
You can also roll back lvm snapshots using the merge option https://access.redhat.com/documentation/en-US/Red_Hat_Enterp...
Have a look at dn42. https://dn42.net/Home
The "malicious" code at the end of the advisory looks like nothing more than a beacon announcing it was installed? edit: get current working directory get username get hostname concatenate the last 3 together…
php-cli scripts normally don't have an execution time limit (or a memory limit?), which makes them ideal for upgrades/database maintenance/cron jobs/etc while being able to reuse code from the application itself one…
The share links look like this https:// send.firefox.com/download/<$file_identifier>/#<$encryption_key> Data after the # in the url should not be sent to the http server by the client. Encryption/decryption is…
part of this can be done with openSSH by setting the banner option in sshd_config. "Banner The contents of the specified file are sent to the remote user before authentication is allowed. If the argument is ``none''…
Would (a) not be a. Cache files are added to when _something causes a request for_ IPFS content The distinction being that "something" is not always a direct action from the user. If content on IPFS (ie a web page?) can…
For anyone wanting to do this, the profile and no-remote command line options[1] may be useful if you want to create shortcuts to launch specific profiles You might also want to consider using a different theme[2] in…
If the attacker has ever seen the headers of a message you sent through fastmails SMTP service they have your public IP (Received from header) and can Dos you directly anyway. They do something similar with their…
After some thought, The only advantage of signing before and after i can think of is without it you are left with the (theoretical?) problem of not knowing if the output from your implementation/version of the utility…
Why is the debate about "compress/encrypt then sign" vs "sign then compress/encrypt"? Is there a non obvious problem with sign then compress/encrypt then sign again? (overcomplicated or unnecessary?)
"Disk drives depend on the head floating on a cushion of air, they are not designed to operate in a vacuum" https://en.wikipedia.org/wiki/Flying_height
Some of the commissions objections are outlined here, does anyone have a better source? http://europa.eu/rapid/press-release_IP-16-1492_en.htm
I have seen several suggestions along the following lines as far back as the original blog post which announced the intention to require extension signing Allow an extension signing certificate to be place in a…
Why are the packages from chocolatey trusted? I am not familiar with chocolatey but the powershell script on https://chocolatey.org/packages/filezilla (click show files) contains the following $url =…
You can also roll back lvm snapshots using the merge option https://access.redhat.com/documentation/en-US/Red_Hat_Enterp...