Hi, first of all many thanks for the videos. In your first example you mention to avoid auto-decryption. Do you mean between the DB and the app? In the case of a user querying CC numbers, you would eventually need to decrypt, would this be done in the app?
Failure, I was expecting a failure in the algorithm that would lead to data exposure, not a failure in cryptographic setup. The good point its the downgrade attack, if it's possible to downgrade a version of cryptos, this would actually be a failure.
Really really good videos. Quick and to the point
Thanks Ruth! Glad you enjoyed them and we appreciate the comment!!
Very clear, thanks man, nice video 👍
Amazing video!! Love this straight forward format easy to remember
Thanks for the comment and glad you enjoyed the video!!
Hi, first of all many thanks for the videos. In your first example you mention to avoid auto-decryption. Do you mean between the DB and the app? In the case of a user querying CC numbers, you would eventually need to decrypt, would this be done in the app?
Awesome 🌟
Glad you liked it and thanks for the comment!
perfect
sir!
These guys have just narrated what's there on OWASP website.
Failure, I was expecting a failure in the algorithm that would lead to data exposure, not a failure in cryptographic setup.
The good point its the downgrade attack, if it's possible to downgrade a version of cryptos, this would actually be a failure.
Your explanation was very bad. This beautiful type of attack could have much better examples 👎