Information Security Weekly Newsletter - Wednesday, March 30, 2016

Top new questions this week: Is there a threshold for a password so long it doesn't get any more secure or even becomes insecure? I always hear "A long password is good, a longer password is better". But is there such a thing as a "Password is so long it is becoming unsafe" or "Password is long enough, making it longer won't ... passwords hash password-cracking   asked by Mindwin 75 votes answered by paj28 71 votes Can the ransomware encryption key be derived from comparing encrypted and unencrypted files? A firm has 10 million files, all ransomware encrypted, but the firm has all of those 10 million files backed up, and almost all of them have not changed. Would comparing all of those files against ... ransomware   asked by David Scott 41 votes answered by GdD 41 votes How did FBI/DoJ retrieve the data stored on the encrypted iPhone? Quote from The New York Times: The Justice Department said Monday that it had found a way to unlock an iPhone without help from Apple, allowing the agency to withdraw its legal effort to ... legal iphone   asked by НЛО 27 votes answered by Chris 19 votes Does username length/complexity positively impact security? Is having a longer/more complex username considered more secure than using a shorter/basic one? Would the uniqueness of a username positively impact security? This is assuming that adversaries ... authentication password-policy obscurity user-names   asked by user389823 25 votes answered by Peter Green 65 votes Can I get malware on my phone, if my phone is tethered to my laptop downloading torrents? I used a dongle before getting a phone, but now use my phone as a hotspot. I don't want my phone to get malware or viruses. Can my phone get viruses if I use it as a hotspot while downloading ... smartphone hotspot   asked by user105748 24 votes answered by André Borie 63 votes Listening to phone calls as user profiling for marketing I had a landline phone call about xyz with an xyz-expert (also on landline) for about an hour, for the first time. After couple of days I started getting suggested links on websites as an ad exactly ... privacy phone user-tracking smartphone   asked by zx8754 23 votes answered by Philipp 29 votes Can javascript execution from address bar cause any harm to client's machine? Given the fact that modern browsers these days prohibit JavaScript from having access to any resources on the client's machine, does JavaScript execution from the address bar pose any threat at all to ... web-browser javascript url   asked by gurvinder372 20 votes answered by Cristian Dobre 26 votes Greatest hits from previous weeks: HTTPS icon red and crossed out - Chrome browser What does it actually mean when the HTTPS icon is red and crossed out in Chrome? Does this mean that the site is vulnerable to a Man in the Middle Attack? Is it safe or not? tls web-browser chrome   asked by Michal Koczwara 6 votes answered by gowenfawr 6 votes How to detect if files were saved or copied to a USB drive? How can I find out if files from my computer were written/copied/moved to a USB storage device? I want to know if there is a solution that would work in a system that has not got any ... windows forensics usb-drive   asked by Saladin 4 votes answered by Rory Alsop 8 votes Can you answer these? What is leaked about devices connected to iOS personal hotspot? This is the scenario: 1) I set up a personal hotspot using my iPhone 4S running iOS 5 (we call this device A) 2) I connect a mobile device (e.g. a smartphone) using WiFi to have it use the hotspot ... ios hotspot   asked by lhansen 1 vote How to acquire the RSACryptoServiceProvider from the existing key container? The Key containers of "Microsoft Base Smart Card Crypto Provider" are enumerated by setting PP_ENUMCONTAINERS flag for the function CryptGetProvParam(). The enumerated key containers are set to the ... cryptography .net   asked by user5271376 1 vote What are active research topics in SSL/TLS? I don't know whether it is right to ask a question here for my MTech dissertation. I thought there is no good place in the world where I can find security experts like here. I am interested in doing ... tls cryptography protocols research   asked by prakharjain 1 vote

Subscribe to more Stack Exchange newsletters Unsubscribe from this newsletter or change your email preferences by visiting your subscriptions page on stackexchange.com. Questions? Comments? Let us know on our feedback site. If you no longer want to receive mail from Stack Exchange, unsubscribe from all stackexchange.com emails. Stack Exchange, Inc. 110 William St, 28th Floor, NY NY 10038 <3