Formally a consensus protocol must satisfy the following three properties:
- Eventually, every correct process decides some value.
- If all the correct processes proposed the same value "v", then any correct process must decide "v".
- Every correct process must agree on the same value.
"Termination" certifies the protocol is resilient to halting failures. "Agreement" deters any two correct processes from deciding on different values which would break consensus. But what about "Integrity", why is it required? If all correct processes propose "x" but then they all decide "y" (e.g.
f(x) = y), is that a violation of consensus?
My switch is a TP-Link TL-SG105E perfectly function, but I can’t access to it because, it’s like hidden somehow from the network. I used tools like Netdiscover:
netdiscover -I wlp2s0 -r 192.168.0.0/24
nmap -PR 192.168.1.0/24 nmap -SP 192.168.1.0/24
and I tried to find it via open port 80
nmap -p 80 192.168.1.0/24
And many other tests. All of them gave me the same result but not my switch IP or mac address. I’m wondering how it is possible that a fully functional device which previously could identify even the operating system now can’t find it on the network and still work without responding to the ARP ICMP HTTP protocols. It’s not even listed in Router’s DHCP address table. How can it still work? And how can it not be found after scanning the network? And for those who wonder, I hit the reset button and it’s still the same.
Thank you all for your time.
WSN (Wireless sensor networks) are mostly distributed low power computer with the sensing task that rely on limited battery life and therefore are not able to implement full size security protocols. Depending on the kind of network heterogeneous, homogeneous and the environment they will be used in (likeliness of some attack scenarios) the security means used may depend a lot.
The question relates mostly to networks with homogeneous networks w/o internet connection that rely on some coarse distributed base stations or heterogeneous networks with only slightly differing nodes (towards computational power) that allow clusters to some extend but also heavily rely on coarse distributed base stations.
Does anyone have an idea what todays state of the art protocols are for the different kinds of possible attacks? Key distribution methods, Intrusion detection systems, …?
I’m about to buy a new WiFi router tomorrow (probably) & I’m wondering what kind of security features I should choose (Like: AES, WPA2, DMZ, TKIP, SPI, …)
What is the current status of what is considered to be secure?
As I understand it, eg. WPA encryption was cracked MANY years ago, how is it with WPA2? Or AES? I also have an options for AES-128 bit, how is that?
I figuerd that this would be the best place to ask for the current security situation, instead of the old articles Google is offering me from 2011 😮
Thank you for any help.
For your convenience, this is a list of what the store is offering in terms of router security
- 128-bit AES
With Burp Suite we can capture the traffic of protocols like http, https. But i want now monitor the data traffic in urls like chrome://settings
Old IoT devices and some low-power devices are not capable of doing encryption or use week encryption methods like TLSv1.0. What could be the risks of using such devices and unencrypted protocols like HTTP?
I wrote a powershell installation script that passes a line of arguments to a
.jar file through the command line. It comes down to:
- Converting an object into a list of strings
- Concatenating them into a single single string:
- Executing the `java -jar .jar
- Parsing the back into an object inside Java.
Several design choices I face are:
- When I update the list of features, I will have changed the number of options the java parser should convert into the
features property of the installation object. It might be wise to pass an explicit argument that contains the number of features, so that, in the future the script will immediately throw an error, if for some reason I/someone has forgotten to update the number of features that the argument parser should facilitate.
- It feels like a work around of implementing a proper integration. It might be better to store the object as a temporary
configurations.txt file that is read explicitly by the custom java parser.
- Do I prepend every argument value with an
-<argument name> or just hardCode the argument order into the argument order in both in the
.ps1 script, as well as in the
Since this is such a wide range of questions, I was wondering whether:
What are the language-independent argument passing protocols?
I have gotten a number of calls where after I answer (I rarely answer but occasionally a number pops up that could be from a customer) the caller hangs up. I’m assuming it was a robo call (the calls are not just ones from my local area code and exchange.)
I got one of those calls a short time ago and began wondering what information is being sent by my phone to the caller. Almost immediately I got a little freaked out when I wondered if the caller could send spoofed caller ID messages that took advantage of a vulnerability in how my phone handles caller ID data.
I looked into the SDMF and MDMF formats and while they seem straightforward there are always potential holes waiting to be discovered.
I was thinking of malformed packets that could cause a buffer overrun or such like we see on IP links.
So the question is, are there any known hacks where people use a computer to send caller ID messages that open up the phone to attack or causes it to leak information apart from the normal name, address, etc.?
Security protocols such as SSL and HTTPS can encrypt messages with both asymmetric and symmetric encryption.
How are their telecommunication packages arranged? (The parts related to the confidentiality of the message).
A multi-prover interactive proof protocol, as described here, consists of computationally unbound provers $ P_1,P_2,\ldots$ which together convince a polynomial-time verifier $ V$ of some proposition, under the assumption that the provers can’t communicate after some initial setup. Are there practical scenarios in which such a protocol would be useful?
The linked paper gives an example of a user inserting two bank cards into an ATM to prove their identity. I’m skeptical of this use case because:
- It would be difficult to physically ensure fraudulent cards are unable to communicate.
- Single-prover protocols (possibly relying on cryptographic assumptions) have been sufficient for this use case so far.
- The bank cards are not computationally unbounded; presumably the ATM has at least as much computational power as the cards, and could just run the honest verifier algorithm itself.
Note: Point 3 would not apply if, rather than computationally unbound provers, we considered polynomial-time provers with access to a secret. Has that class of protocols been studied?
Note: The study of this class of decision problems may have theoretical value (example) but I’m not asking about that.