recentpopularlog in

hthief : security   15

How To Spoof PDF Signatures
The blogpost details how PDF works and how signature works on PDF, by incremental saving, allowing the modification of the PDF without changing the previous content.
pdf  security  infosec 
april 2019 by hthief
Introducing Firefox Send, Providing Free File Transfers while Keeping your Personal Information Private - The Mozilla Blog
Firefox Send, send.firefox.com, is a free encrypted file transfer service that allows users to safely and simply share files from any browser.
firefox  security  tools  filesharing 
march 2019 by hthief
HTTPS Everywhere | Electronic Frontier Foundation
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
privacy  security  extension  browser  chrome  firefox 
january 2019 by hthief
privacy/security concerns · Issue #68 · plaid/link
A sanfran fintech company, valued in 2.5b$ provides a payment method that works by injecting a login form to get your bank credentials; which is a terrible idea prone to security risks.
security  infosec 
december 2018 by hthief
Stealing Chrome cookies without a password
Through use of remote debugging and running headless chrome, it is possible to salvage all the user's cookies. Some other insights into prevention, through channel-bound cookies, a feature that is being removed on chrome, also provided
cookies  security  debugging  google  hacking  privacy  chrome  infosec 
december 2018 by hthief
defaultnamehere/cookie_crimes: Read local Chrome cookies without root or decrypting
Read local Chrome cookies without root or decrypting - defaultnamehere/cookie_crimes
cookies  security-tools  tools-helpers  security 
december 2018 by hthief
WICG/change-password-url

Currently, if the user of a password manager would like to change their password on example.com, basically all the password manager can do is load example.com in a browser tab and hope the user can figure out how to update their password themselves.

The goal of this spec is to do the simplest possible thing to improve this situation.
type:specification  security  password 
december 2018 by hthief
Google Container – Get this Extension for 🦊 Firefox (en-US)
Google Container works by isolating your Google identity into a separate container that makes it harder for Google to track your visits to other websites with third-party cookies.
google  privacy  security 
november 2018 by hthief
Sennheiser discloses monumental blunder that cripples HTTPS on PCs and Macs | Ars Technica
The critical HeadSetup vulnerability stems from a self-signed root certificate installed by version 7.3 of the app that kept the private cryptographic key in a format that could be easily extracted. Because the key was identical for all installations of the software, hackers could use the root certificate to generate forged TLS certificates that impersonated any HTTPS website on the Internet. Although the self-signed certificates were blatant forgeries, they will be accepted as authentic on comp...
security  hacking 
november 2018 by hthief
Digital Communications Protocols
A list comparing various messengers according to its security and privacy features.
security  privacy 
october 2018 by hthief

Copy this bookmark:





to read