Highest Voted 'security' Questions - Computer Science Stack Exchange

53

votes

6 answers

Keeping a String Secret in (Open) Source Code

I have finished developing an app for Android and intend to publish it with GPL -- I want it to be open source. However, the nature of the application (a game) is that it asks riddles and has the answers coded into the string resource. I can't…

arrays security

asked Oct 05 '14 at 23:38

Nevermore

667
1
5
9

22

votes

2 answers

How does an operating system create entropy for random seeds?

On Linux, the files /dev/random and /dev/urandom files are the blocking and non-blocking (respectively) sources of pseudo-random bytes. They can be read as normal files: $ hexdump /dev/random 0000000 28eb d9e7 44bb 1ac9 d06f b943 f904 8ffa 0000010…

operating-systems cryptography randomness security entropy

asked Aug 25 '14 at 15:15

Adam Matan

427
4
7

18

votes

13 answers

Why do we need full-fledged workstations running massive OSes with massive software?

I've grown up with computers. While watching old computer TV programmes and documentaries and reading the news about constant issues with these modern systems -- everything from the sheer amount of change/bloat/costs to all the security and privacy…

optimization operating-systems security user-interface

asked Dec 14 '19 at 04:47

Confused Computeruser

221
2
3

14

votes

9 answers

Do passwords need a max length?

I understand that password storage generally uses hashing for security due to it being irreversible and that the stored hash is just compared to the hash of the password inputed by a user attempting to log in. As hashes are fixed length, does that…

hash hashing security authentication

asked Jul 25 '23 at 20:24

Ethan

241
2
3

12

votes

2 answers

How does a wifi password encrypt data using WEP and WPA?

How does the password that we enter (to connect to a wireless network) encrypt the data on the wireless network? Through my reading I am not sure if the password that we enter is the same as the passphrase. If that is right then how can the…

cryptography computer-networks encryption security

asked Mar 23 '12 at 19:41

MR.NASS

321
1
3
6

11

votes

1 answer

How does Stack Inspection work?

This is precursor to my other, more advanced question about Stack Inspection. Stack Inspection is a security mechanism introduced in the JVM to deal with running code originating from locations having different levels of trust. This is question aims…

terminology security stack-inspection

asked Mar 26 '12 at 11:59

Dave Clarke

20,345
4
70
114

10

votes

2 answers

Can you prevent a man in the middle from reading the message?

I have heard about all these Man-In-The-Middle Attack preventions and I am wondering, how this can possibly work if the man in the middle only listens to your stream and does not want to change the message itself. Can the man in the middle not just…

cryptography security

asked Feb 23 '19 at 11:06

TVSuchty

287
1
10

9

votes

1 answer

What is oblivious RAM and how does it work?

Could anybody explain me what exactly oblivious RAM is? I found the following explanation which makes it kind of clear to me, but I would like to get a sense of the technical aspects: Encryption is not always enough to ensure privacy. If an…

terminology computer-architecture security memory-hardware memory-access

asked Nov 25 '14 at 14:06

Merlijn

91
1
3

9

votes

5 answers

Would it ever be possible for computer viruses to evolve new "genes" to allow them to perform their job?

As an A-level Biology student, I have thought a lot about the links with Biology and Computer Science, and something that often comes to mind are the links between Immunology and Computer Security/Viruses. For example, I (through reading about how…

security evolutionary-computing

asked Jun 25 '14 at 21:26

J_mie6

285
2
7

9

votes

6 answers

Could program verification techniques prevent bugs of the genre of Heartbleed from occurring?

On the matter of the Heartbleed bug, Bruce Schneier wrote in his Crypto-Gram of 15th April: '"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.' I read several years ago that a kernel of a certain operating system has been…

cryptography correctness-proof security software-verification program-correctness

asked Apr 15 '14 at 14:30

Mok-Kong Shen

535
4
11

9

votes

3 answers

What is the branch of Computer Science that studies how Anti Virus programs work?

It is a trivial exercise in finite automata to show that there is no algorithm that can detect all the viruses, yet there are many software companies selling Anti Virus Software. Is there any part of CS that deals with Viruses and Anti Viruses ? PS…

reference-request security

asked May 28 '12 at 13:18

jimjim

213
1
8

9

votes

1 answer

Is WPA2 with pre-shared key an example of a zero-knowledge proof?

When setting up an access point and selecting WPA2, one must manually enter a pre-shared key (a password), PSK, into both the AP and the STA. Both parties, AP and STA, must authenticate each other. But they have to do so without revealing the PSK.…

cryptography security authentication

asked May 04 '12 at 22:22

Maiken Holm

8

votes

2 answers

Limitations of Stack Inspection

This is a follow up to the How does Stack Inspection work? that explores the notion in more detail Stack inspection is a mechanism for ensuring security in the context of the JVM and CLR virtual machines when externally downloaded code modules of…

security stack-inspection

asked Mar 26 '12 at 10:33

Dave Clarke

20,345
4
70
114

8

votes

2 answers

Running an algorithm on data remotely and ensuring answer has not been tampered with

I´ve been thinking about this particular computing/crypto/database problem for years and I just want to know if there are already solutions to it. To be honest I don´t even know what field this problem belongs to exactly. In a nutshell: person A has…

cryptography security protocols encryption

asked Oct 15 '15 at 20:53

Robin A

81
4

8

votes

3 answers

Key secrecy vs Algorithm secrecy

it's a well known statement that "Cryptographic security must rely on a secret key instead of a secret algorithm." I would like to ask about some details about it. And which are their differences? I see the obvious thing that for a multi user…

cryptography security encryption

asked May 11 '12 at 17:57

Hernan_eche

723
1
7
23

Questions tagged [security]