Skip to main content
Information Security

Questions tagged [compression]

Ask Question

the act of compression reduces the size of the file(s) being compressed by encoding information and eliminating statistical redundancy.

82 questions
Newest Active Bountied Unanswered
0 votes
1 answer
74 views

It is often stated that encrypted data cannot be meaningfully compressed, because encryption produces output that appears random and lacks redundancy. In practice, this is why systems typically ...
Muhammad Ikhwan Perwira's user avatar
  • 151
0 votes
2 answers
292 views

The general consensus on enabling SSL Compression is "don't" because of the CRIME exploit. However, this exploit seems to have been mitigated in 2012. I want to know: Should I still avoid ...
Kingsley's user avatar
  • 103
2 votes
1 answer
720 views

I'm reading about Error Level Analysis (ELA) in image forensics as means to detect if modifications were made to a photo. ELA is nicely described here: https://fotoforensics.com/tutorial.php?tt=ela. ...
Bob Ortiz's user avatar
  • 7,733
1 vote
1 answer
247 views

Let's assume an API returns sensitive information (e.g. medical or financial) to authenticated users only. In some circumstances responses may include information the user supplied in the request (e.g....
Joseph's user avatar
  • 13
2 votes
4 answers
2k views

I have a backend for a mobile application that has to serve large JSON responses from time to time, the transfer would be greatly helped by enabling compression, especially when the user has bad ...
JohanShogun's user avatar
  • 123
1 vote
2 answers
674 views

I have read up on compressed folders of file types such as .zip, .rar and .7zip being the malicious file itself (excluding cases such as an .exe file being disguised as a .zip file etc...), only ...
ReaLiTy-UnFatHom's user avatar
  • 11
1 vote
1 answer
390 views

Could someone please explain this to me: When you use a fuzzy hash algorithm (ssdeep, tlsh, sdhash... or any other) to calculate the hash value of a file, does it calculate the hash based on the whole ...
Moooz's user avatar
  • 55
24 votes
2 answers
6k views

I've had a look within the official TLS specification but I cannot see any mention of this. Does TLS allow compression to be disabled? Or is it mandatory?
intrigued_66's user avatar
  • 341
1 vote
1 answer
184 views

I use LUKS to encrypt all sensitive data on my computer. If I switch to using a filesystem with on-the-fly data compression such as ZFS, should I use its compression feature together with LUKS? Does ...
CurtisB's user avatar
  • 43
0 votes
1 answer
3k views

I'm not an expert of security. I heard it's not recommended to enable GZIP compression for HTTPS requests, that would open a security issue (see SO answer: https://stackoverflow.com/a/4063496/17307650 ...
Zorgatone's user avatar
  • 135
5 votes
0 answers
1k views

There is a well-known threat named compression bombs. Such image formats as PNG and JPEG use compression methods, and therefore and in theory PNG/JPEG images might be a compression-bomb. I've found an ...
salazar324's user avatar
  • 63
0 votes
1 answer
430 views

lets say I have a rar file that has a bunch of images inside. Is there any risk of opening the image inside the rar without extracting the entire file?
zhili wang's user avatar
  • 1
8 votes
1 answer
903 views

Assume sensitive audio emissions from a mechanical keyboard. These audio emissions are often sufficient to reconstruct the actual key presses that generated the sound. If the audio is compressed using ...
forest's user avatar
  • 67.9k
5 votes
2 answers
3k views

I'm having a hard time knowing whether the following setup is vulnerable to CRIME/BREACH type attacks (which target HTTPS). I am running a Wireguard VPN that tunnels VXLAN protocol, using ChachaPoly20 ...
Orsiris de Jong's user avatar
  • 153
1 vote
0 answers
514 views

The challenge data is: ...
CtfLover's user avatar
  • 11

15 30 50 per page
1
2 3 4 5 6