subject:"Bug#870813\: \[bug #51666\] Please hash the hostname in \~\/.wget\-hsts files"

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2018-08-24 Thread Ethan Welker

Follow-up Comment #6, bug #51666 (project wget): Thank you for your feedback. Regarding the salt: I used one because OpenSSH uses one and that was both what the original bug report references, and written by somebody likely more experienced than me Re: security. If you want me to remove the

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2018-08-24 Thread Tim Ruehsen

Follow-up Comment #5, bug #51666 (project wget): Thanks for addressing the issue. Saving the salt together with the (salted) hash isn't of big help when we talk about a limited set of input strings. You can get complete lists of existing domains and brute force through them in a few seconds. Can

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2018-08-23 Thread Ethan Welker

Follow-up Comment #4, bug #51666 (project wget): Hello! I've written a series of patches (attached) that adds this feature. Please let me know if there's some other way that I should be submitting these instead. Some notes: * I have little security experience, so these should be checked over

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2017-08-18 Thread Tim Rühsen

On Freitag, 18. August 2017 14:51:12 CEST Ander Juaristi wrote: > Follow-up Comment #2, bug #51666 (project wget): > > I'm not generally against these kind of small tweaks that don't harm and > slightly improve user's privacy. > > If Firefox doesn't do it, we don't care: it's their business and

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2017-08-05 Thread Tim Ruehsen

Follow-up Comment #1, bug #51666 (project wget): The files are read/write only to the user (in case you didn't protect your home directory appropriately). If you are still concerned, what about ~/.mozilla/firefox/*.default/SiteSecurityServiceState.txt and likely hundreds or thousands of other

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

2017-08-05 Thread NoëlKöthe

URL: Summary: Please hash the hostname in ~/.wget-hsts files Project: GNU Wget Submitted by: nok Submitted on: Sat 05 Aug 2017 04:14:03 PM CEST Category: Feature Request

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

Bug#870813: [bug #51666] Please hash the hostname in ~/.wget-hsts files

6 matches

Site Navigation

Mail list logo

Footer information