Computer Security
Problem: There is no way to show SSL certificate in Safari on iOS. Reason: It seems to be by design. Solution: Use Chrome for iOS. Note: You can view SSL certificate on https://www.digicert.com/help or other SSL diagnostics services, only …
(A) Use "netsh trace" command pros: You can use it in isolated network. cons: You should convert the captured file with Microsoft Message Analyzer if you want to see packets with Wireshark. (You can also view the packets with Microsoft Mes…
Context When you try to attack to OAuth2 Authorization Code Flow with CSRF (See RFC 6749 "10.12. Cross-Site Request Forgery"), you have to pause before redirect in order to get redirection URI, because the redirection URI is unique and wil…
In Japan, so many companies have their own security policy like "When you send email with attachments, you must zip all the attachments with password, and send the password in another email". Some say this policy is pointless, but on the o…
Purpose of account lockout These are some purpose for account lockout, such as: Detect login attempts 1 Example: Logging 2 Slow down login attempts Example: Duration-based lockout, scrypt, Argon2 Interrupt login attempts Example: Requires …