-
Side-channel attacks are a category of security threats that exploit information unintentionally leaked through computing systems' physical operation. Unlike direct attacks focusing on software or net…
-
### Description
[CWE-307: Improper Restriction of Excessive Authentication Attempts](https://cwe.mitre.org/data/definitions/307.html)
An attacker can easily utilize `Plogin` to ***Brute Force*** a v…
-
-
@thisismissem on [FediDevs Matrix](https://matrix.to/#/!uHqAjmOtrLtidOiczC:matrix.org/$gP_zRwMROUZuEus-xUCSufdzWvWow-EPeQizWWUn2OQ?via=matrix.org&via=mozilla.org&via=gemeinsam.jetzt):
> The number …
-
[ Began writing up some notes on this ~ Dec 3, 2021: ]
Can we allow voters to submit their votes, and have strong cryptographic confirmation that it was received, without ever revealing the links b…
-
Is RKA security something we may want to include in the security properties?
Relevant paper: https://eprint.iacr.org/2022/140
-
SSRF (Server Side Request Forgery) vulnerability allows an attacker to change a parameter used on the Node.js application to create or control requests from the vulnerable server.
This introduces a…
-
-
Hi,
Unless I'm missing something I don't think there is any response compression in the FHIR server. Are there plans to support this?
Thanks,
Reuben
-
This is a big task, I'm just listing here what is on top of my head:
1 - include Captcha when adding new addresses, what about when looking up addresses?
2 - we may need to verify emails, but how???
3…