For questions relating to cryptography and computer security.
10
votes
5answers
263 views
What are unique aspects of a software Lifecycle of an attack/tool on a software vulnerability?
At my local university, there is a small student computing club of about 20 students. The club has several small teams with specific areas of focus, such as mobile development, robotics, game ...
-4
votes
0answers
68 views
What is the career path for a software developer/ programmer? [closed]
I've been working as a programmer for a few months and I often study CCNA , CISSP for future.
Besides simple coding I was working on specs, designing applications, and all those around-like things.
...
4
votes
4answers
96 views
System that splits passwords across two servers
I stumbled upon this news article on BBC,
RSA splits passwords in two to foil hackers' attacks
tl;dr - a (randomized) password is split in half and is stored across two separate servers, to foil ...
-2
votes
3answers
78 views
What is the Best Practice for creating a secure login in a client - server appllication?
It's been a while I have been thinking on what could be the best scenario for creating a secure login in a client-server application running on internet or any other networks ! So I became with the ...
2
votes
2answers
30 views
Resources on securing domain models? [closed]
I'm have good resources on both security, domain modelling, and architecture patterns. I've noticed a distinct lack of any suggestion of how and where to integrate security into the systems I build. I ...
0
votes
2answers
62 views
Drop in service for account management, authentication, identity?
I'm building an Android app and associated set of web services for uploading/downloading data. I need a basic (no frills) solution for account management (register, login, logout, verify ...
2
votes
1answer
84 views
How secure (or insecure) is it to install Node packages globally?
Should I be concerned with security when installing Node packages globally? Why or why not?
8
votes
2answers
301 views
Would I be able to use code hosting services to host malware code?
Let me start by saying that I am a computer security researcher. Part of my job is to create malware to deploy on a controlled environment in order to study or evaluate several aspects of computer ...
8
votes
4answers
231 views
Avoiding “double” subscriptions
I am working on a website that requires a bit of marketing; let me explain.
This website is offering a single, say, iTunes 50$ voucher to a lucky winner.
To be entered in the draw, you need to ...
3
votes
3answers
214 views
What is the best policy for allowing clients to change email?
We are developing a web application with a fairly standard registration process which requires a client/user to verify their email address before they are allowed to use the site. The site also ...
2
votes
1answer
245 views
Why is iOS “jailbreaking” CPU specific?
Recently, iOS 6 was "jailbroken" but only on the Apple A4 CPU.
Why is the "jailbreaking" process specific to a CPU?
From Wikipedia:
... "iOS jailbreaking is the process of removing the ...
5
votes
3answers
199 views
Learning about security and finding exploits [closed]
First things first: I have absolutely no interest in learning how to crack systems for personal enrichment, hurting other people or doing anything remotely malicious.
I understand the basis of many ...
2
votes
1answer
73 views
Should I be using a JavaScript SPA designed when security is important
I asked something kind of similar on stackoverflow with a particular piece of code however I want to try to ask this in a broader sense.
So I have this web application that I have started to write in ...
5
votes
1answer
121 views
Development-led security vs administration-led security in a software product?
There are cases where you have the opportunity, as a developer, to enforce stricter security features and protections on a software, though they could very well be managed at an environmental level ...
2
votes
1answer
119 views
Does the deprecation of mysql_* functions in PHP carry over to other Databases(MSSQL)?
I'm not talking about MySQL, I'm talking about Microsoft SQL Server
I've been aware of PDO for quite some time now, standard mysql functions are dangerous and should be avoided.
...
