Questions tagged [synchronization]
27 questions
77
votes
13 answers
Should I allow browsers to remember my passwords and synchronize them?
I wonder, how wise is it to allow Chrome and Firefox to a) remember the passwords b) synchronize them? My gut tells me that if it's not man in the middle who can intercept them, but Google and Mozilla themselves can see them on their servers or with…
Incerteza
- 2,177
- 3
- 15
- 22
21
votes
9 answers
Keep encrypted files in sync on a cloud service, without having to upload an entire encrypted volume each time
Situation:
User has several folders worth of GBs which they want to keep in
sync on a cloud service (for example Mega or Dropbox) in an encrypted form;
User does not want to sync a single encrypted volume, because this
would mean, obviously,…
nico
- 341
- 1
- 2
- 9
16
votes
3 answers
1Password for team how secure it is?
I would like to ask you opinion about how secure is the 1Passowrd for Teams.
For someone who doesn't know how 1Password - Personal use - works here a summary:
You create a master password (hard to bruteforce it) and you encrypt all you other…
Greg
- 317
- 2
- 5
6
votes
3 answers
Should I delete locally synced data if the user can't log in?
I'm building a Mac app that syncs the user's documents down from a third-party cloud service. When you set it up, it will sync all your documents down to the local hard disc, at which point you can access it in Finder.
For the purpose of this…
Kartick Vaddadi
- 163
- 4
5
votes
0 answers
How did ntpd get patched to prevent NTP time synchronization attacks?
I recently tested the NTP Time Synchronization Attack as described and demonstrated by Jose Selvi in 2015.
Basically, the attack was mostly used to send the victim's clock in the future, so the already cached HTTP Strict Transport Security entry…
programings
- 751
- 1
- 8
- 14
4
votes
0 answers
Is it a good idea to store TOTP tokens in a (synchronised) password safe?
Bitwarden (as an example) allows you to store your TOTP tokens in it. That is: you can use the mobile app to scan the QR code that (e.g.) Amazon AWS gives you, and then it'll generate TOTP codes.
So far, so exactly the same as Google Authenticator…
Roger Lipscombe
- 2,307
- 3
- 14
- 20
4
votes
1 answer
How do I use google drive local folder with auto sync while protecting myself from ransomware?
Background
So I have my Google Drive 1TB account. Obviously, I'm using Drive to have a backup for all my precious files.
I used to have a local Drive folder with auto sync on my PC. It was very convenient to sync folders and files…
idanshmu
- 141
- 3
4
votes
4 answers
Can Chrome sync be infected?
Can Chrome sync be infected by malware? I cannot imagine how, but a particular unproven example that comes in mind is to change the "preferences", so that a malicious proxy server is added.
Another one might be to add some malicious web page…
pgmank
- 415
- 6
- 13
3
votes
0 answers
Could an attack on time synchronization with a Galileo Satellite be used to spoof navigation messages with TESLA-based authentication?
I read about an attack on the TESLA protocol which will be used in Galileo's navigation message authentication (Full article can be found here: https://doi.org/10.1007/978-3-319-49806-5_1)
Basically, an attacker delays all messages to make the…
Dennis
- 31
- 1
3
votes
1 answer
Sharing the UUIDs of my Linux partitions
I currently started using a Debian 9 server for my day-to-day tests.
Because most of the time the system ends destroyed in my hands, I was thinking about doing a backup of my fstab and smb.conf on a public GitHub repo and use them on my system after…
Lemon
- 133
- 7
3
votes
0 answers
Does Apple have access to the cryptographic keys to decrypt Safari Sync Data?
I was reading over iOS's security guide, and it is unclear to me whether Apple can accessed synced Safari data. For example, if Apple received a FISA Order for all information on iCloud on all customers, would they have the ability to reveal a…
user115400
3
votes
1 answer
When using Dropbox to sync Keepass db, is it ok to open it in synced folder?
I'm going to be storing a Keepass 2 database file (.kdbx) in a local folder that's synced by Dropbox. Is it safe to use Keepass to open the database directly considering everything in the folder is synced?
For example, if I have Dropbox syncing…
Celeritas
- 10,039
- 22
- 77
- 144
2
votes
1 answer
Question about ipsec prevent SYN flooding attack
how IPSec prevents SYN flooding attacks Like if A is sending packets to B using IPsec. Suppose B’s TCP ack gets lost, and A’s TCP retransmits the packet since it assumes the packet was lost. Will B’s IPsec implementation notice that the packet is a…
aaaabel
- 21
- 2
2
votes
1 answer
Is it possible to guarantee a transaction between two peers against interruption exploits?
Let's take an egregious example of this:
Alice and Bob want to clone a Pokemon.
They set up a trade between their console devices. Alice's device sends a copy of the data to Bob's device, then Bob's device sends a copy of theirs to Alice. As each…
Searinox
- 51
- 2
2
votes
1 answer
SYN Flood from fixed spoof IP but receive only one packet
I'm generating a network flood with a lot of packets coming from one fixed IP+port pair (in this example, 1.2.3.4:2003). Why do I only see one SYN_RECV'd packet in netstat on the victim machine?
xfr1end
- 21
- 1