Comment by R.. GitHub STOP HELPING ICE on Can my ISP censor my internet?
@Gruber: If the user's PC is completely compromised (by having installed backdoor software provided by a malicious party like an ISP wanting to do nefarious things), Tor and/or Tor Browser are running...
View ArticleComment by R.. GitHub STOP HELPING ICE on Is a responsible disclosure for...
@ruakh: It takes confidence/arrogance? No, just experience/knowledge of history.
View ArticleComment by R.. GitHub STOP HELPING ICE on Can a powerful adversary trick ACME...
The CAA record can also mandate use of DNS-01 (disallowing HTTP-01) ACME method, at least if LE has enabled that in production yet. Combined with DNSSEC, this makes it cryptographically impossible for...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for How can we exchange public keys...
One alternative for key distribution is DNS: keys, or rather key fingerprints, published in DNS records, protected by DNSSEC. Two standard examples of this are SSHFP (for SSH host keys) and DANE (for...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for What is the use case for using TLS...
The only use case i can think of is if you have untrusted users on the network...This, but the problem is that you have untrusted users who you don't even know are users on the devices on network. This...
View ArticleWhat portion of recursive (ISP, public, etc.) nameservers validate DNSSEC...
I'm adopting/setting up DNSSEC on my domains for the first time, and curious about the practical benefits I can expect. In theory, regardless of whether client/stub resolvers want checking, recursive...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Is starting an AWS instance with...
Assuming you configure it correctly, not only is it not "significantly insecure"; it's not vulnerable at all short of worldwide-catastrophy-level vulns that are not expected to exist. Seriously, AWS...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for How can we eliminate passwords...
Passwords do need to be eliminated, but all the ideas you've cited as replacements are wrong. Passwords are not expensive to change. But they are prone to weak choices, compromise via reuse, and (most...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Emergency method to erase all data...
The framing of this question is just completely wrong, and I'd go so far as to suggest the question doesn't belong on Security SE but Worldbuilding SE if you're trying to make up a world where it does...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Why is DNS-over-HTTPS such a big...
You're right that their argument makes no sense, but it's not supposed to. It's just supposed to derail DNS-over-HTTPS, which is the approach that is actually taking off because it's less likely to be...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for What is the benefit of having FIPS...
None. Hardware-level disk encryption cannot be validated and thereby cannot be trusted. Being advertised as FIPS makes it even worse. FIPS is all about checking compliance boxes (often ones which force...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Is there any hope of getting my...
Short answer: as others have said, no. However, depending on the iPhone hardware version, iOS version, and any future discovery of weaknesses in the methods they used for generating keys, there is a...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for How does one take advantage of...
I trust my ISPThere's the start of your problem. ISPs performing MITM attacks to modify cleartext http traffic, adding in their own trackers, additional or replacement ads, overage and nonpayment...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Security implications of stolen...
No, you should not be terribly worried, unless you did horrible no-nos like putting credentials in your source tree. So the party who accessed these files saw part of your source history. Big deal....
View ArticleTooling and serialization format for DNSSEC signture chain
I'm looking for a compact, canonical (and possibly but not necessarily human-readable) format for serializing the signature chain for a RRset (or proof that it lies under an insecure delegation) for...
View ArticleHow to validate DNSSEC signatures - zone cuts?
RFC 4035, section 5.3.1 lays out the rules for validating DNSSEC RRSIG records:The RRSIG RR and the RRset MUST have the same owner name and the same class.The RRSIG RR's Signer's Name field MUST be the...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for How does a client know that a DNS...
DNSSEC requires cryptographic proof that a zone is not protected in order to accept unsigned results for it. This takes the form of signed NSEC or NSEC3 records in the parent zone indicating the...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Disadvantages of replacing TCP/IP...
This question might as well be "disadvantages of replacing a watch with a hammer". The two tools have utterly nothing in common and there is no way of using one as the other. The whole post was just...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Do machines without any listening...
In short, no. Using firewalls for this is really a bad practice (a form of treating the network layer as access control, a big Considered Harmful), which inevitably leads to bad things like insecure...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Does CVE-2021-42694 affect only...
"CVE" 2021-42694 does not affect code at all. It affects the systems human beings use to review code and proposed code changes - that is, fancy text editors/IDEs, GitHub pull request and code review...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Can the manufacturer remotely turn...
Whether this is possible depends on whether the manufacturer shipped a backdoor in the product, and if so, whether that backdoor is exposed to them. Backdoors could take either apassive form, listening...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Does client-side data tampering...
I understand that this will allow an attacker to evade Client-side validations.You're thinking of the roles backwards. If you're trying to make software running on an end user's computer enforce some...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Need to leave computer in repair...
For the most part, you can't. If you want to be able to trust that your computer hasn't been tampered with, it needs to remain in your physical custody. I know someone told you this before and you...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Is there any security benefit from...
Not only do these things lack any significant security benefit. One thing that's underappreciated is the strong security disadvantage and imbalance of power it creates against the recipient. They have...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for What is the best way to calculate...
As noted by others, passwords don't individually "have entropy". Entropy is a property of their relationship to a larger distribution of password choices, possibly through a method by which they were...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for ESTABLISHED TCP connections after...
It may be "normal", but it's not okay. At least for Firefox, there is a detailed guide published by Mozilla to disabling all of the huge number of "automatic connections" made for "telemetry" (a...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for What's wrong with the use of a WAF...
A WAF is fundamentally a MITM attack against your own web services. It intercepts, and, in the event that it has a vulnerability, backdoor, poor handling of data transmission or storage, etc., has the...
View ArticleComment by R.. GitHub STOP HELPING ICE on Are Cyrillic characters a real threat?
@EvilSnack: I'm not sure exactly what you mean but it sounds like you haven't thought that through. You can't remap anything based on "intent" because intent is not an input parameter you have access to.
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Will installing a kernel mode...
It depends on what you mean by "compromising" the network. If you want to have as an invariant that "nothing untrusted is connected to the network", such that the network can be trusted, then yes,...
View ArticleComment by R.. GitHub STOP HELPING ICE on Can trusted timestamping be faked...
@chepner: Thermodynamics also doesn't preclude all of the oxygen molecules in the room deciding to hang out in a corner causing you to die, but it's not going to happen.
View ArticleComment by R.. GitHub STOP HELPING ICE on What's wrong with my app...
Tokens should have unlimited lifetime, but should not be sufficient for performing sensitive/destructive actions like deleting account or changing credentials. Forcing a user to enter their password...
View ArticleComment by R.. GitHub STOP HELPING ICE on Is my encryption format secure?
Cryptographic agility is largely seen as a weakness nowadays, in that a party can be tricked into using a cipher or higher level construct with known weaknesses by an attacker. So lack of agility is...
View ArticleComment by R.. GitHub STOP HELPING ICE on What prevents applications from...
This is not the only way. Just using separate privilege domains on the same computer & operating system is also completely valid.
View ArticleComment by R.. GitHub STOP HELPING ICE on What prevents applications from...
This is true - and IMO is the best solution because it does not give up on general purpose computing and user autonomy and possession of their own keys - but in order for it to really have this...
View ArticleComment by R.. GitHub STOP HELPING ICE on My school wants me to download an...
There absolutely does not need to be any further intent to do something nefarious with the information intercepted for it to be malicious. Just the act of undermining privacy of the communication is in...
View ArticleComment by R.. GitHub STOP HELPING ICE on What is the best way to protect...
Like all viruses: by not executing them in privilege domains where they can do harm.
View ArticleAnswer by R.. GitHub STOP HELPING ICE for What prevents a browser from saving...
Nothing does, and this is why you need an extremely high degree of trust in your browser as well as any other system components (operating system, input methods, etc.) that have access to your inputs...
View ArticleComment by R.. GitHub STOP HELPING ICE on Is using `crypt` in PostgreSQL for...
The = operator is not constant-time, but I don't see any reason that's relevant in this context. Assuming the attacker does not have access to the salt, knowing how many bytes of the computed hash...
View ArticleAnswer by R.. GitHub STOP HELPING ICE for Keyboard isolation in Android
Android's permission system supposedly gives you the power to sandbox a keyboard application so that it cannot exfiltrate data, but the Android UI does not give you access to the full permissions...
View Article