Questions tagged [desktop]
The desktop tag has no summary.
68 questions
2
votes
2
answers
149
views
How meaningful are SPECTRE mitigations on single user desktops and workstations if the installed software is trusted?
What prompts this question is why some Spectre mitigations are considered meaningful on single user workstations or desktops.
When a piece of software is trusted by the admin or a user to run on a ...
- 135
0
votes
1
answer
234
views
Connecting my Windows desktop JavaFX app to my external server by VPN or Wireguard
I have a desktop application with JavaFX and I need to connect it to the server in a safer way. Right now, the program connects by mysql and FTP without TLS.
I've thought to connect it by VPN, but the ...
- 1
1
vote
1
answer
286
views
What "indicators of compromise" are there that end users can diagnose themselves?
I'm responsible for the IT security of a small (~5 users) office, and I'm preparing training materials for our users.
Obviously, the first step my users should do if anything seems suspicious is to ...
- 3,950
3
votes
1
answer
642
views
How to design a desktop application that has access to a database via LAN?
As part of a project for school I've been tasked with designing a secure application that should be able to upload and download files from a database. I have very little experience in the area of ...
- 31
1
vote
1
answer
728
views
How can I share web-platform credentials across multiple desktop apps on Windows?
I have two desktop apps, each authenticate against our server using OIDC in order to call our web api. Currently the users need to login independently in each application.
I noticed when using ...
- 113
-1
votes
1
answer
1k
views
Difference between the telegram (win1) desktop app and web interface when it is "managed by your organization"?
Sometime ago I was told by our cyber department that Telegram desktop app is not "safe" as it allows silent installation of programs (first I heard about it, and they could not back it by ...
1
vote
2
answers
4k
views
Are bandwidth sharing apps such as peer2profit, IPRoyal and PacketStream risky?
Apps like peer2profit, IPRoyal and PacketStream allow you to sell your unused internet bandwidth to others for passive income. Supposedly you could earn about 30 to 75 dollars a month from using these ...
- 155
0
votes
0
answers
297
views
How to store user entered credentials in CLI application?
I am working on a CLI application which gets an API key from the user and use it to authenticate to a cloud application. Once the user authenticated, I want to store the API key somewhere securely so ...
- 1
1
vote
0
answers
148
views
Vulnerability scanners for .efi files
I have an .efi file with some hardware diagnostic tool like Memtest and I need to provide a security assessment for it. I am wondering, if there are any automated scanners, that can scan .efi files ...
1
vote
1
answer
173
views
Security for a Windows application running in a corporate network
I know security is pretty important for the web application, but what about windows applications running in a corporate environment, network, not accessible from outside.
Do we need to treat security ...
- 111
2
votes
3
answers
2k
views
Application to detect SSL certificate fingerprint differences
My project is to find out how to detect HTTPS interception/mitm and create some sort of application using detection techniques. One of the ways I was thinking of is a active desktop application to ...
- 452
0
votes
1
answer
529
views
Python desktop application: storing cloud database passwords
I am currently building a Python desktop application in PyQt/PySide which will be compiled to .exe. I am planning to use the Azure SQL database and a remote file storage (like S3).
An issue arises ...
2
votes
0
answers
304
views
Authentication in Desktop App
I'm reading the OWASP Authentication Cheat Sheet, but it obviously is focused only on web browser. I'm searching for something similar for a desktop app.
I want users to login to a desktop app. The ...
- 33
0
votes
2
answers
322
views
Prevent users from easily changing the backend API URL of a desktop application
Is it considered a good security practice to prevent users from easily changing the backend URL of a desktop application that connects to a backend server with an SSL protected HTTP API?
One concern ...
- 121
1
vote
0
answers
1k
views
Best Practices to Store Sensitive Information in Desktop Application (Electron)
I'm working in a desktop application using Electron.js with React.js and I have to store some sensitive information like API keys and database credentials. So I started digging and decided to encrypt ...
- 111