-
### Finding Description
The application was found to operate weak cryptographic algorithms on sensitive data while exercising the app. These outdated algorithms are often in violation of common compl…
-
This would address a pet peeve of mine concerning Friendica. The project is often touted as "secure", but the threat model is unclear. Secure from whom? One thing is clear is that all the "private" po…
-
It would be great if ECC keys would also be supported instead of just RSA.
-
Denuvo DRM Cracked within a Day of Release https://www.schneier.com/blog/archives/2017/10/denuvo_drm_crac.html
dbosk updated
4 years ago
-
Following https://github.com/gwtproject/gwt/issues/9709 and the PR https://github.com/gwtproject/gwt/pull/9879 to mitigate this by disabling the feature, this issue is to track efforts to make this fe…
-
Looking at all occurrences of 'key' in translations/monero.ts, which I find confusing
"failed to parse secret spend key" - OK, I get that the key for spending should be kept secret
"No view key su…
-
The [ToDo list](https://github.com/randombit/botan/blob/eb8384c1af5ec48d311542f8e8252546d145e8f4/doc/dev_ref/todo.rst) currently lists this for TPM support:
* Better TPM support: NVRAM, PCR measure…
-
Hello,
At my company, we have extremely strict supply chain security requirements. Using a non-Microsoft 3rd party library is unacceptable for our use case. Maintaining our own password hashing imp…
-
As per the [libkmip documentation](https://libkmip.readthedocs.io/en/latest/index.html), supported operations include create, get and destroy keys, and supported object types include symmetric and asy…
-
Currently, Crypto.subtle is a variable that's completely useless. It doesn't expose a usable interface to be able to call any methods that the web cryptography api exposes. There is simply no methods …