IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [software]

Computer software, or just software, is a collection of computer programs and related data that provides the instructions for telling a computer what to do and how to do it.

227 questions
115
votes
9 answers

Why is Steam so insistent on security?

Is there any particular reason why the Steam application attempts to be so secure? It seems to force you to take more security measures (two-factor authentication, emails confirming all trades, etc) than most banks do. Is this due to the fact that…
Jojodmo
  • 1,012
  • 2
  • 7
  • 10
104
votes
7 answers

Is MD5 considered insecure?

After all these articles circulating online about md5 exploits, I am considering switching to another hash algorithm. As far as I know it's always been the algorithm of choice among numerous DBAs. Is it that much of a benefit to use MD5 instead of…
Tawfik Khalifeh
  • 2,532
  • 6
  • 22
  • 27
55
votes
5 answers

Should security-critical code be reused or rewritten?

Usually, in programming, reusing code is always a better idea than writing your own implementation of an algorithm. If an implementation has been around for a long time and is still used by lots of projects, it is likely to be pretty well designed…
Hadrien G.
  • 795
  • 5
  • 13
46
votes
3 answers

Mars Curiosity Rover Security

Does the software in the Mars Curiosity Rover have any security features built-in? I can't imagine how someone would hack into it, but if the rover does indeed have some protection against malicious hackers, what kind of attacks would it be…
pasawaya
  • 1,027
  • 1
  • 9
  • 12
33
votes
7 answers

Is having Steam installed a security risk?

Speaking to one of our security administrators at work, he insists that Steam is a well understood security risk and it shouldn't be installed on work machines. Saying it's not work related I understand, but is there a genuine security threat from…
Jon Hopkins
  • 812
  • 1
  • 8
  • 7
31
votes
2 answers

Insecure versions of crypt hashes

I read at crackstation not to use these variants of bcrypt* ($1$, $2$, $2a$, $2x$, $3$),but I've used bcrypt ($2a$) in various sensitive implementations recently. Can any security expert clarify why recommending ($2y$, $5$, $6$) instead of ($1$,…
Tawfik Khalifeh
  • 2,532
  • 6
  • 22
  • 27
29
votes
8 answers

Is it safer to use less heard of software than popular software?

Is it good policy to use non-mainstream applications, or does it depend? For example is it better to use a less popular browser, media player or operating system as it is less likely a target for hackers to exploit? On the other hand if it's more…
Celeritas
  • 10,039
  • 22
  • 77
  • 144
26
votes
5 answers

How can a non-admin program cover your entire screen with a window?

This year, since many students are online, College Board (the company that administers AP Exams in the US, along with the SAT) recently released its Digital Testing App. Once installed, and going through a setup, it allows you to go through a test…
StarDust
  • 361
  • 3
  • 5
26
votes
7 answers

Is malware distributed with pirated software actually common?

An often-repeated piece of conventional wisdom goes like the following. Don't download pirated software, they often contain malware. I'm curious to know if there are any hard facts to backup this claim. I've seen plenty of software vendors making…
Alexander O'Mara
  • 8,774
  • 6
  • 34
  • 38
23
votes
6 answers

What reputable site should I download Putty from?

I recently did a Bing search for Putty and can only guess at which distribution is "trusted", contains no malware, or sleuthing code. If you needed to download Putty for a high security Windows installation, where would you get the Binaries from? …
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
17
votes
2 answers

How to decide "I'll trust this software" for closed-source or precompiled software?

I am interested in watching an upcoming webinar that will discuss Puppet on AWS. In order to participate one needs to install a software application. Naturally, I won't do that as I can find enough information about the subject with a few simple…
dotancohen
  • 3,698
  • 3
  • 24
  • 34
17
votes
7 answers

Affordable web application attack tools

I've been using Burp Intruder (part of Burp suite), but in the free edition of Burp Suite the Intruder functionality is Time-throttled. As a student pen tester however, I can't justify the cost of $300 a year for the Burp Suite Professional Edition.…
Peleus
  • 3,827
  • 2
  • 18
  • 20
17
votes
3 answers

What does Blue Coat Unified Agent application do?

I've experienced a crash of the Blue Coat Unified Agent tray application on my business laptop. I was wondering what is the exact purpose of this software, and how is it supposed to help me or the company? I know it provides Web security to remote…
kenorb
  • 799
  • 4
  • 8
  • 27
16
votes
3 answers

Are browser wrappers in software bad for users?

These days I see a lot of browser wrappers in software. For example: when you purchase something in the Steam desktop application and use PayPal, you enter your PayPal security details in a browser frame provided by Steam. when you log in on the…
luttje
  • 163
  • 4
15
votes
5 answers

Is KeePass a good defense against keyloggers?

KeePass is a program in which you can store your password and copy and paste them into websites. Does anyone know if it is safe against key logging software? Does key logging software pick up what you copy/paste?
Jenny
  • 443
  • 1
  • 5
  • 9
1
2 3
15 16