Hacker News
- What to search for in open source code to be sure there isn't malicious code? https://security.stackexchange.com/questions/192553/what-do-you-search-for-in-open-source-code-to-be-sure-there-isnt-malicious-code 2 comments
- Is password entry being recorded on camera a realistic concern? https://security.stackexchange.com/questions/197250/is-password-entry-being-recorded-on-camera-a-realistic-concern 3 comments
- Police forcing me to install Jingwang spyware app, how to minimize impact? https://security.stackexchange.com/questions/194353/police-forcing-me-to-install-jingwang-spyware-app-how-to-minimize-impact 191 comments
- I was tricked on Facebook into downloading an obfuscated script http://security.stackexchange.com/questions/128254/facebook-tricked-me-into-downloading-an-obfuscated-script 73 comments
- Why Is 'avast Web/Mail Shield Root' Listed as CA for Google.com? (2014) http://security.stackexchange.com/questions/73476/why-is-avast-web-mail-shield-root-listed-as-ca-for-google-com 2 comments
- Banning 'Q' and 'Z' from passwords http://security.stackexchange.com/q/57909/46535 4 comments
- How does SSL work? http://security.stackexchange.com/questions/20803/how-does-ssl-work 27 comments
- Are passwords stored in memory safe? http://security.stackexchange.com/q/29019/10863 83 comments
- Why 256 bit keys are large enough http://security.stackexchange.com/questions/25375/why-not-use-larger-cipher-keys 133 comments
- Even when converting matter to energy, you still can't crack AES-256 http://security.stackexchange.com/questions/14068/why-most-people-use-256-bit-encryption-instead-of-128-bit/19762#19762 2 comments
Lobsters
- Is `sudo` almost useless? https://security.stackexchange.com/questions/232924/is-sudo-almost-useless 34 comments linux , security
- What technical reasons are there to have low maximum password lengths? https://security.stackexchange.com/questions/33470/what-technical-reasons-are-there-to-have-low-maximum-password-lengths 3 comments security
- Openvpn Killswitch, any tips? https://security.stackexchange.com/questions/183177/openvpn-kill-switch-on-linux/183361#183361 7 comments archlinux
- Security implications of stolen .git/objects/ files https://security.stackexchange.com/q/246256/149530 4 comments programming
- how can I sniff traffic between 2 containers from the 3 one using tshark? https://security.stackexchange.com/a/35217 6 comments docker
- I'm not sure what to do with the "mandatory" two-factor authentication Android apps, which I'd like to move away from my phone https://security.stackexchange.com/questions/219982/how-much-of-a-security-issue-discontinued-vendor-security-patches-are-on-android 15 comments linuxhardware
- Conflicting information in Google ToS & Google Safety Center in relation to ads in Gmail https://security.stackexchange.com/questions/214227/conflicting-information-in-google-tos-google-safety-center-in-relation-to-ads 6 comments privacy
- How secure is the Ciphersweet library for searchable encryption, and why is a duplicate entry leak not a problem? https://security.stackexchange.com/q/196833/43688 6 comments netsec
- How secure is the Ciphersweet library for searchable encryption, and why is a duplicate entry leak not a problem? https://security.stackexchange.com/q/196833/43688 11 comments crypto
- VoIP service requires a scanned copy of my passport https://security.stackexchange.com/q/190868/55476 4 comments privacy
- PSA: Hardware acceleration on Firefox may be disabled by default on some distributions. https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern 62 comments linux
- Is there any point to Proton Mail or Tutanota given that I interact with other people who won't use encryption tools? http://security.stackexchange.com/a/30094 5 comments privacy
- Is it dangerous to compile arbitrary C? http://security.stackexchange.com/questions/138881/is-it-dangerous-to-compile-arbitrary-c 18 comments programming
- Disabling the requirement of 'safe' primes in the DH key generation during pivpn setup http://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours 3 comments raspberry_pi
- How do certification authorities store their private root keys? http://security.stackexchange.com/questions/24896/how-do-certification-authorities-store-their-private-root-keys 17 comments crypto
- How does Windows 10 allow Microsoft to spy on you? http://security.stackexchange.com/questions/96713/how-does-windows-10-allow-microsoft-to-spy-on-you 12 comments privacy
- Encryption is classified as ammunition. Why isn't there a call to action so everyone can have access to this technology under Second amendment http://security.stackexchange.com/questions/7727/why-have-export-controls-for-cryptography 10 comments technology
- surveillance - Why did Poitras and Greenwald put their batteries in the fridge? http://security.stackexchange.com/questions/112905/why-did-poitras-and-greenwald-put-their-batteries-in-the-fridge 5 comments privacy
- How a rogue .wmv file abuse DRM to "hijack" Windows Media Player and download malware http://security.stackexchange.com/questions/106188/can-a-rogue-wmv-file-hijack-windows-media-player 27 comments programming
- Anonymous asks on Stack Exchange how to report a security vulnerability about a trusted certificate authority https://security.stackexchange.com/questions/91292/how-do-i-report-a-security-vulnerability-about-a-trusted-certificate-authority 6 comments crypto
- Shellshock explained http://security.stackexchange.com/questions/68122/what-is-a-specific-example-of-how-the-shellshock-bash-bug-could-be-exploited/68130#68130 12 comments programming
- If you "share location" in Firefox, it will reveal your real location even if running device behind VPN. https://security.stackexchange.com/questions/16253/how-does-google-maps-know-where-i-am-when-im-using-a-vpn 74 comments privacy
- Heartbleed PoC - malicious server attacking clients http://security.stackexchange.com/q/55249 63 comments netsec
- Why did Java (JRE) vulnerabilities peak in 2012-2013? https://security.stackexchange.com/questions/55015/why-did-java-jre-vulnerabilities-peak-in-2012-2013 4 comments java
- What technical reasons are there to have low maximum password lengths? http://security.stackexchange.com/q/33470/10939 3 comments netsec
- Why 256 bit symmetric algorithms will always be enough http://security.stackexchange.com/questions/25375/why-not-use-larger-cipher-keys 100 comments technology
- What automated tools (Free or cheap for an independent contractor) would you recommend for static analysis on C# code? http://security.stackexchange.com/q/25031/5360 4 comments netsec
- Google disables OpenSSL compression in Chrome -- likely due to a new SSL exploit described here and to be presented next week http://security.stackexchange.com/a/19914 33 comments netsec
- What should an honest sysadmin do when his boss asks him to create fake log data? http://security.stackexchange.com/questions/11025/what-should-i-do-when-my-boss-asks-me-to-fabricate-audit-log-data 6 comments sysadmin
- How should passwords be stored if they must be recoverable? http://security.stackexchange.com/questions/2997/how-should-passwords-be-stored-if-they-must-be-recoverable 7 comments crypto
Linking pages
- Nick Craver - HTTPS on Stack Overflow: The End of a Long Road https://nickcraver.com/blog/2017/05/22/https-on-stack-overflow/ 221 comments
- How HTTPS Secures Connections: What Every Web Dev Should Know https://blog.hartleybrody.com/https-certificates/ 221 comments
- 50+ Best Free Hacking Tutorials that Makes You Pro Hacker ~ Development Buzz http://development-buzz.blogspot.com/2015/05/50-best-free-hacking-tutorials.html 0 comments