-
The latest solutions architecture mentions doing random uploads to a dummy url. The communication is covered by TLS but it can still leak information:
a. Hitting a different code path has a high ch…
-
After creating a PR to prevent a potential timing attacks with the remember token #917, I realized that at least one similar attack vector exists with clearance.
For example [here's how devise sets…
-
Feenicks reports that in turn-based battles, there is an extra one turn delay before on-death attacks happen when dying to poison. This is a significant bug because during the turn the enemy is untarg…
-
This gem does not use a MAC to verify data integrity. This can be problematic if ciphertexts are malleable by an attacker, i.e. an attacker gains access to the database and can perform chosen cipherte…
-
Reduce the number of samples required to decide if there is a time delay or not.
Example of results from another research can be found https://youtu.be/M_AHQ47BRkY?t=2709 (see table with and without …
-
This is as much a question as an issue: are there any plans to add support for ECDSA? The best option in python right now seems to be https://pypi.python.org/pypi/ecdsa which is both quite slow and co…
-
#### Bug description
I just noticed something weird: When fighting Ignus in the crystal room of PST, both actors suddenly freeze after Ignus has launched some of his spells. The game looks fairly res…
-
cookie security lies entirely with protection and randomness of authkey or gsusecustomsalt, as all other aspects are predictable. ( authkey is also predictable from machine state as it is just sha1 of…
-
We can measure the total amount of identifying information from simple APIs, such as `window.screen.height` or `navigator.maxTouchPoints`, by simply querying these properties across our user base.
…
-
**Feature request:**
BGCHANGES / FGCHANGES - Should be at chart level for SSC files (or overridable at chart level). It would be nice to specify timings for these for each chart, like ATTACKS and STO…
ghost updated
3 years ago