User Vlastimil Burián - Information Security Stack Exchange

36 votes

2 answers

27k views

Smart-Screen filter still complains, despite I signed the executable, why?

asked Oct 10, 2016 at 17:10

30 votes

4 answers

12k views

What are the toughest SSH daemon settings in terms of encryption, handshake, or other cryptographic settings? [duplicate]

asked Feb 4, 2018 at 20:28

12 votes

2 answers

8k views

Do AES-NI instructions accelerate both AES-128 and AES-256?

asked Dec 19, 2016 at 14:27

10 votes

2 answers

4k views

Is it already the right time to say goodbye to TLS1.1 support on web servers? [closed]

asked Nov 26, 2017 at 11:56

9 votes

2 answers

8k views

Hardening SSH security on a Debian 9 server

asked Mar 16, 2017 at 14:51

5 votes

1 answer

3k views

Apache naming for TLS_RSA_WITH_3DES_EDE_CBC_SHA

asked Mar 17, 2017 at 15:36

5 votes

2 answers

9k views

Does giving out Dell service tag of my device pose a security risk?

asked Jun 21, 2018 at 6:29

5 votes

1 answer

2k views

PGP public key block Public-Key (old) - What does the OLD mean?

asked Oct 23, 2018 at 12:07

5 votes

1 answer

3k views

Could Intel SGX be dangerous under Linux?

asked Mar 24, 2019 at 9:04

4 votes

1 answer

1k views

Is there a security difference between GPG signing a file directly or its SHA512SUM file?

asked Mar 14, 2019 at 20:19

4 votes

1 answer

5k views

Sacrificing 30% of my CPU performance (by disabling Hyper-Threading) to fully mitigate CPU vulnerabilities, necessary?

asked Oct 17, 2019 at 17:31

4 votes

1 answer

7k views

Secure DNS (DoH, DoT) differences, performance, comparison

asked Jan 5, 2023 at 0:37

4 votes

1 answer

398 views

Is this HSTS header set correctly in LAMP?

asked Apr 14, 2016 at 1:48

3 votes

1 answer

517 views

Does it matter what version of GnuPG I use to create revocation certificates?

asked Apr 17, 2016 at 5:12

3 votes

1 answer

2k views

How can I check the integrity of a Bitcoin tarball with GPG?

asked May 27, 2016 at 0:18

3 votes

1 answer

378 views

Is proxy useless when connected to VPN?

asked Dec 28, 2016 at 3:09

2 votes

1 answer

771 views

Why does the revocation sent to the OpenPGP keyservers not show up?

asked Apr 16, 2016 at 10:30

2 votes

1 answer

2k views

Is it possible for my ISP to do MITM attack on my VPN? [duplicate]

asked Aug 26, 2017 at 13:08

1 vote

2 answers

452 views

How to enable OCSP stapling on my FTPS server. Is it even possible with vsftpd?

asked Feb 15, 2018 at 7:34

1 vote

1 answer

1k views

Being connected to a trusted VPN, do I still need personal firewall, and if so, why?

asked Sep 13, 2018 at 12:12

1 vote

1 answer

277 views

Missing DKIM, but having digital signature, will this help mitigate ending up in spam folder?

asked Oct 18, 2016 at 9:36

1 vote

2 answers

1k views

Does Cloudflare's DNS over TLS (DoT) implement DNSSEC too?

asked Oct 18, 2020 at 11:44

1 vote

1 answer

10k views

Any Cloudflare's DNS over TLS (DoT) check + DNSSEC test?

asked Mar 23, 2022 at 6:53

1 vote

0 answers

97 views

`sig` lines in my GPG key, what are they for, and how to remove?

asked Dec 8, 2022 at 4:41

0 votes

1 answer

2k views

Soft-fail vs Hard-fail SPF + Monitor vs Reject+Strict DMARC, could it be counterproductive?

asked May 9, 2019 at 11:15

0 votes

1 answer

508 views

Is security by obscurity / obfuscation a valid option, or do the crawlers have JavaScript enabled?

asked Jun 10, 2019 at 5:34

0 votes

1 answer

274 views

Spoofed forwarded email? Help with analyzing of DMARC report

asked Jun 10, 2023 at 22:20

0 votes

2 answers

1k views

Will digital signature prevent tempering, or at least harden the cracking, of my Windows applications?

asked Sep 9, 2016 at 15:11

0 votes

2 answers

1k views

DMARC on ProtonMail custom domain

asked Feb 27, 2019 at 10:46

Stack Exchange Network

29 Questions

Smart-Screen filter still complains, despite I signed the executable, why?

What are the toughest SSH daemon settings in terms of encryption, handshake, or other cryptographic settings? [duplicate]

Do AES-NI instructions accelerate both AES-128 and AES-256?

Is it already the right time to say goodbye to TLS1.1 support on web servers? [closed]

Hardening SSH security on a Debian 9 server

Apache naming for TLS_RSA_WITH_3DES_EDE_CBC_SHA

Does giving out Dell service tag of my device pose a security risk?

PGP public key block Public-Key (old) - What does the OLD mean?

Could Intel SGX be dangerous under Linux?

Is there a security difference between GPG signing a file directly or its SHA512SUM file?

Sacrificing 30% of my CPU performance (by disabling Hyper-Threading) to fully mitigate CPU vulnerabilities, necessary?

Secure DNS (DoH, DoT) differences, performance, comparison

Is this HSTS header set correctly in LAMP?

Does it matter what version of GnuPG I use to create revocation certificates?

How can I check the integrity of a Bitcoin tarball with GPG?

Is proxy useless when connected to VPN?

Why does the revocation sent to the OpenPGP keyservers not show up?

Is it possible for my ISP to do MITM attack on my VPN? [duplicate]

How to enable OCSP stapling on my FTPS server. Is it even possible with vsftpd?

Being connected to a trusted VPN, do I still need personal firewall, and if so, why?

Missing DKIM, but having digital signature, will this help mitigate ending up in spam folder?

Does Cloudflare's DNS over TLS (DoT) implement DNSSEC too?

Any Cloudflare's DNS over TLS (DoT) check + DNSSEC test?

`sig` lines in my GPG key, what are they for, and how to remove?

Soft-fail vs Hard-fail SPF + Monitor vs Reject+Strict DMARC, could it be counterproductive?

Is security by obscurity / obfuscation a valid option, or do the crawlers have JavaScript enabled?

Spoofed forwarded email? Help with analyzing of DMARC report

Will digital signature prevent tempering, or at least harden the cracking, of my Windows applications?

DMARC on ProtonMail custom domain