Which of these devices might slow down processor?

I have test question.

Which devices inside processor are used to speed up work indirectly i.e. program isn’t executing a code for that device?

Possible answers: DRAM | Cache | Pipeline | GPU | RAM | ARM | Stack | FPU

I think we can immediately say, that DRAM, GPU, & RAM is wrong picks, because they are not inside cpu – they are different parts of computer. Also stack is inside RAM, not CPU. So left answers are cache, pipeline, arm & fpu? Also not sure about floating point number.

Using Diffie-Hellman exchange on low power IoT devices

I have almost 0 knowledge of IoT, their protocols and usual device constraints. I had a discussion today with someone that has a fair amount of IoT experience and we were discussing some security related issues and the establishment of a shared key came up. I assumed that Diffie-Hellman would be used but this person seemed to not be familiar with the method and based on their knowledge for low power devices, the keys are actually preloaded inside.

  1. Is this true?
  2. Is the power consumption for a secure DH exchange too high to use on low power IoT devices?
  3. What role does Ephemeral Diffie–Hellman Over COSE (EDHOC) play in this case? Is it a good alternative or still problematic?

What are the chances that authorities spy people’s devices?

I wanted to figure out whether authorities can potentially, not in terms of whether they are allowed to, spy people’s smartphones activities such as e-amail, whatsapp chats, and so on. I don’t mean the FBi or NSA techniques used to catch dangerous people or whoever is highly harmful to the society, but I mean whether simple police stuff could possibly spy, for example, small drug dealers phones in order to dismantle their plans and so forth.

Security of using DHCP and non-stanard ports for medical devices

I recently came across this comment written in a journal article.

“Lastly, medical apparatus are expected to use Dynamic Host Configuration Protocol (DHCP) for the allocation of their IP addresses and even worst [sic] use non-standard ports for their communication creating an unstable environment of information that is hard to address”

Can some explain why DHCP and non-standard ports are considered so risky?

Trusted CA SSL certificates and embedded devices

There is an embedded device which should connect to the server over HTTPS and MQTTS. A server certificate is issued by a trusted CA (for example, Let’s Encrypt). But there is a problem with server certificate verification on the client side because the device doesn’t know about trusted CA’s.

So I have a few options:

  1. Put a DST Root CA X3 root certificate (LE root cert) into the device and check against it;

  2. Make a self-signed root certificate and put it into the device;

  3. Public key pinning.

The first approach doesn’t work because the DST Root CA X3 will expire next year. Furthermore, Let’s encrypt may change their root certificate at any time and we can’t guarantee that newly issued certificates will be signed by the same one.

The second way makes my HTTPS server not trusted for other clients like web browsers.

What about using multiple certificates at the same time? Is it possible? If I’m not mistaken Nginx server supports it, but I’m not sure it works in the way I guess: if the first certificate (e.g. Let’s Encrypt) verification fails a server would give a fallback certificate (e.g. self-signed) to the client. Even if so not all servers support this.

The third way is to put my server public key hash into the firmware. In this case I can use any CA in future (am I right?). The only thing I should be careful about is always using the same keys when generating CSR.

Which way is better? Or are there any other solutions for my problem?

In my layout 2 columns on small devices

Hello,
Could you please look at design of
http://vtasks.my-demo-apps.tk/
site

In my vue/cli 4 / Bootstrap 4.3 app I make listing of tasks in 1 column on small devices(ipad-s)
and 2 columns on big devices, like :

<div class="row " v-show="tasks.length && is_page_loaded"> <div v-for="(nextActiveTask, index) in tasks" :key="nextActiveTask.id" class="col-sm-12 col-md-6 p-2 m-0"> <task-list-item :currentLoggedUser="currentLoggedUser" :nextActiveTask="nextActiveTask" :index="index"...
HTML:

In my layout 2 columns on small devices

Proper vulnerability scan on LAN devices (nmap)

I’m playing around with nmap sometimes to understand and remember different parameters. I would like to scan devices on my LAN for vulnerabilities. Something like:

$ nmap -sU --script vuln 192.168.52.0/24 -v

I got pretty much accurate information about devices and vulnerabilities on my LAN in stdout, but its not pretty readable so my question is: what is a good manner to perform a representative vulnerability scan on the local network (192.168.52.0/24)? I was thinking about -oX, and I am curious to different new manners.

Regards, Lajos.