Questions tagged [international]
31 questions
44
votes
5 answers
Is blocking a country's access to a website a good measure to avoid hackers from that country?
I am located in Venezuela right now, and for the whole weekend have been unable to access grubhub.com and seamless.com.
Finally, I tried using the Tor Browser and got access. The same thing happened in January when I tried to access the police…
Luis Arriojas
- 548
- 1
- 4
- 9
17
votes
4 answers
Best way to report a foreigner attacker's ip to authorities?
I have been under attack last week and I was able to trace down the attacker and get his IP address. The attacker was located in Germany but I live out of Europe?
From your experience what is the best way to report an international cyber crime? is…
HEX
- 521
- 2
- 4
- 11
12
votes
5 answers
password complexity policy for non "English" passwords
In an internationalized application, what is the best practice for a policy on complexity of passwords? I am not having luck searching for the answer. Wikipedia lists these items for password policy:
the use of both upper- and lower-case letters…
Kevin Hakanson
- 491
- 1
- 5
- 13
11
votes
3 answers
White list or black list sanitation for international input?
There seem to be so many ways to create nefarious input that white-listing what input is good usually feels like the safer, simpler option.
For instance, one can fairly easily craft a white list regex that includes good things [a-zA-Z0-9], but…
jaketrent
- 213
- 2
- 6
10
votes
2 answers
Why do so many cracking attempts originate from China?
I recently put a Linux server online and it didn't take long until I had the first attempts to brute-force the SSH login. It's not that I am worried about that - I trust the security of my server. But just out of boredom I looked up some of the…
Philipp
- 48,867
- 8
- 127
- 157
10
votes
3 answers
Encryption-Laws in Iran
According to this article Iran has criminalized the usage of encryption and VPNs.
According to this blog post it is still possible to use SSH tunnels in Iran.
For me SSH is encryption and thus forbidden in the Iran, but I wonder how online banking,…
Baarn
- 248
- 4
- 15
8
votes
3 answers
What is the equivalent European organization of NIST, especially in the Security Computer Division?
What is the European counterpart organization to USA's NIST?
I want to check the European best practices and guidelines on computer security.
Does anyone know if this organization exists, and if there are available publications?
I need to check…
boos
- 1,066
- 2
- 10
- 21
7
votes
2 answers
What are the compliance requirements or standards for a non-US firm hosting personal data in the US?
I work for a head hunting company with offices in Canada and Asia. We migrated our custom built CRM system from our own servers hosted in Japan to an Amazon hosting service meaning that all our data is now held on Amazon servers in the US.
Data…
Nicholas Adams
- 179
- 1
7
votes
3 answers
What can a web application developer do to protect user information from powerful adversaries like the NSA or China
Some well funded intelligence services with potentially untrustworthy employees intercept and store encrypted data for years, in hopes of cracking it with future technology. What can I do to make this more difficult for them, and how can I limit the…
Dan Ross
- 195
- 5
6
votes
2 answers
Why is HTTPS seemingly so infrequently used internationally (Asia)?
I've recently had the privilege of doing some traveling internationally, and I noticed that (particularly in Asia) HTTPS is very infrequently used, even on government and educational websites where users login and provide sensitive information. I…
Funktr0n
- 161
- 2
6
votes
2 answers
What risk do International Domain Names (IDN) pose?
I understand that IDN's are basically a GUI display change for domains that have a prefix of "xn--".
What should I advise companies do in regards to these domains?
For example, should companies actively seek out and register domains in alternative…
makerofthings7
- 50,090
- 54
- 250
- 536
6
votes
5 answers
Encryption laws in India -- is it allowed to use ssh and VPN?
I have a very similar question to the one asked here (regarding Iran). However, I would like to use ssh and vpn while being in India. I found already this survey of cryptographic laws but I don't understand the implications for ssh and VPN.…
Mike
- 63
- 1
- 3
3
votes
1 answer
What lawful interception standards are used outside Europe?
In Europe European Telecommunications Standards Institute (ETSI) define the standard requirements to handle a lawful interception.
It's define all from the terminology and definition to the technical encoding of the payload that will be intercepted…
boos
- 1,066
- 2
- 10
- 21
3
votes
2 answers
What International laws should one in the InfoSec industry we be aware of?
What InfoSec regulations should one be aware of when dealing with 'live' cross-border communications, or the offline transport of information?
makerofthings7
- 50,090
- 54
- 250
- 536
3
votes
1 answer
Will PGP signed email be blocked in China?
I generally sign all of my outgoing email with PGP. I don't usually encrypt it because most people I send mail to don't have a public key. Anyway, if I send an unencrypted message with a PGP signature to someone in China, will it get blocked or get…
Jason
- 1,319
- 10
- 17