Seeking ideas/advice for security tools [closed]

As you may have read my title. I’m here seeking out any ideas or advice from experts or normal users like me, for an assignment of mine, which I need to create a software/tool that is an improvement over the current tools that are available online or even a completely new software/tool. With regards to any software like Wireshark, autopsy, or even tools like Dirb, gobuster on kali Linux. Do you guys have any issue/complaints with the current software/tool you guys are using?

How much security would s3bubble using AWS DRM Protected Video streaming actually be adding?

As the title says, how much security would s3bubble using AWS DRM Protected Video streaming actually be adding?

I watched s3bubble’s tutorial at https://www.youtube.com/watch?v=bC-tZhlYH8o but I cannot really tell how much safer this makes things. My target audience would be software engineers so assume reasonable technical capability, although the field is not security. Considering the video will still actually play in the browser, how hard is it really to still grab it anyway even if direct download urls will be encrypted. I am not quite getting how this security is applied. Surely they could just reverse engineer the player?

Note simple screen capturing is out of scope.

Are hardware security keys (e.g ones supporting Fido2) “able to protect authentication” even in case of compromised devices?

Correct me if I am wrong, please.

I understand that 2FA (MFA) increases account security in case an attacker obtains a password which might be possible via various ways, e.g. phishing, database breach, brute-force, etc..

However, if the 2FA device is compromised (full system control) which can also be the very same device then 2FA is broken. It’s not as likely as opposed to only using a password but conceptually this is true.

Do hardware security keys protect against compromised devices? I read that the private key cannot be extracted from those devices. I think about protecting my ssh logins with a FIDO2 key. Taking ssh as an example, I would imagine that on a compromised device the ssh handshake and key exchange can be intercepted and the Fido2 key can be used for malicious things.

Additionally: Fido2 protects against phishing by storing the website it is setup to authenticate with. Does FIDO2 and openssh also additionally implement host key verification or doesn’t it matter because FIDO2 with openssh is already asymmetric encryption and thus not vulnerable to MitM attacks?

Programming language designed to prevent security issues from occurring? [closed]

I’m working on creating a new programming language and trying to find that first niche to tailor it to. Would you appreciate a programming language that would make it as easy as possible to encrypt & salt all information stored in databases & files and sent over the network, etc?

I already have it so that it’s as fast as C++ but guaranteed to be memory and thread-safe without the programmer having to think twice about it.

The idea is that you write it quickly and productively and don’t have to think about the security, because it’s already baked into the end product.

What’s the security risk in password recovery attempts

Last days I’ve received multiple password recovery attempts for a WordPress user. The user didn’t initiate these attempts.

I’m blocking the IP’s on the server, but I don’t see what the goal of the attacker is. I checked the mails the user receives, and they contain a valid password reset link (so no phishing attempt).

So I don’t really understand what the attacker is trying to achieve with these password recovery requests. Or are they just checking for vulnerabilities on that page?

Is there any security risk in not setting a maximum password length?

I’m a listener of the podcast "Security Now" where Steve Gibson, a security expert, often claims that there are no reasons to limit the number of characters a user can use in their passwords when they create an account on a website. I have never understood how it is even technically possible to allow an unlimited number of characters and how it could not be exploited to create a sort of buffer overflow.

I found a related question here, but mine is slightly different. The author of the other question explicitly mentions in their description that they understand why setting a maximum length of 100000000 characters would be a problem. I actually want to know why it would be a problem, is it like I have just said because of buffer overflows? But to be vulnerable to a buffer overflow, shouldn’t you have a sort of boundary which you can’t exceed in the first place, and thus if you didn’t limit the number of characters, would you even have this risk? And if you are thinking about starving a computer’s RAM or resources, could even a very large password be a problem?

So, I guess it is possible not to limit the number of characters in a password: all you’d have to do would be to not use the maxlength attribute or not have a password validation function on the server side. Would that be the secure way to do it? And if it is, is there any danger in allowing an unlimited number of characters for your passwords? On the other hand, NIST recommends developers to limit passwords to 256 characters. If they take the time to recommend a limitation, does it mean there has to be one?

How to prevent scrying, Locate Person, teleportation, planeswalking, Locate City, and other intrusions in the name of national security [closed]

I am writing a story set in a modern world where D&D magic works. Now, I also have a Cheyenne Mountain like set of facilities in my world, underground hardened military airbases. Obviously, you don’t want any old bloke to be able to just use the Etherealness spell to waltz in through the walls and steal a nuclear warhead. You also don’t want the enemy war leader to be able to see inside your war room. And teleportation would really be a security disaster. Could the unit’s mages cast Mind Blank on every single one of the 570 staff of the base?

I had a couple ideas, using a multiple castings of or a homebrew larger version of the Forbiddance spell to cover every cubic foot of space inside the mountain and a similar method with Anti-Magic Field around the boundaries. This seems to block anything short of divine intervention, but I was thinking of asking you folks here about ideas as well. Would my idea work? Do you have any suggestions? Perhaps a magic item that could do the protection?

I’m not concerned as to which version the spell/item comes from.

QNAP NAS Security Essentials

My QNAP device is not supported by Debian (OMV). That’s why I am forced to use proprietary QNAP.

How to secure and protect my privacy for a QNAP device? I found a basic guide and wonder what else I can do to protect my privacy and security? Thread is a government agency.

Not mentioned in the guide:

  • Don’t store the encryption passphrase on disk
  • allow only known IP addresses.

enter image description here enter image description here

The only service I exposed is rsyncd in internal network (on demand backup):

enter image description here

How can wkhtmltopdf be used without introducing a security vulnerability?

Background

Per the project website, wkhtmltopdf is a "command line tool to render HTML into PDF using the Qt WebKit rendering engine. It runs entirely "headless" and does not require a display or display service."

The website also states that "Qt 4 (which wkhtmltopdf uses) hasn’t been supported since 2015, the WebKit in it hasn’t been updated since 2012."

And finally, it makes the recommendation "Do not use wkhtmltopdf with any untrusted HTML – be sure to sanitize any user-supplied HTML/JS, otherwise it can lead to complete takeover of the server it is running on!"


Context

My intention is to provide wkhtmltopdf as part of an application to be installed on a Windows computer. This may or may not be relevant to the question.


Qualifiers / Additional Information

  • A flag is provided by wkhtmltopdf to disable JavaScript (–disable-javascript). This question assumes that this flag functions correctly and thus will count all <script> tags as benign. They are of no concern.
  • This question is not related to the invocation of wkhtmltopdf – the source HTML will be provided via a file (not the CLI / STDIN) and the actual command to run wkhtmltopdf has no chance of being vulnerable.
  • Specifically, this question relates to "untrusted HTML" and "sanitize any user-supplied HTML/JS".
  • Any malicious user that is able to send "untrusted" HTML to this application will not receive the resultant PDF back. That PDF will only temporarily exist for the purpose of printing and then be immediately deleted.
  • Even someone with 100% working knowledge of all of the wkhtmltopdf/webkit/qt source code cannot concretely state that they have zero vulnerabilities or how to safeguard against unknown vulnerabilities. This question is not seeking guarantees, just an understanding of the known approaches to compromising this or similar software.

Questions

What is the goal of sanitization in this context? Is the goal to guard against unexpected external resources? (e.g. <iframe>, <img>, <link> tags). Or are there entirely different classes of vulnerabilities that we can’t even safely enumerate? For instance, IE6 could be crashed with a simple line of HTML/CSS… could some buffer overflow exist that causes this old version of WebKit to be vulnerable to code injection?

What method of sanitizing should be employed? Should we whitelist HTML tags/attributes and CSS properties/values? Should we remove all references to external URI protocols (http, https, ftp, etc.)?

Does rendering of images in general provide an attack surface? Perhaps the document contains an inline/data-uri image whose contents are somehow malicious but this cannot reasonably be detected by an application whose scope is to simply trade HTML for a rendered PDF. Do images need to be disabled entirely to safely use wkhtmltopdf?

Does (UEFI) secure boot provide security advantages over TPM measured boot?

Given how UEFI secure boot appears later than TPM, i had assumption that it provides advantages over TPM.

As i read into each, it appears to me that the TPM measurements to each stage would provide about the same level of integrity guarantee as how each secure boot stage verifies the next stage’s signature.

I get how the UEFI secure boot’s key/certificate structure may have management advantages over TPM. However, i have trouble finding security advantages against attackers. Can someone enlightens me if those statements would be valid? Thanks!