Georgios Kontaxis
@k0ntax1s
Ph.D. in Computer Science. Security and Privacy. (On Mastodon: @[email protected])
You might like
Verifying myself: I am kontaxis on Keybase.io. 48aChilCrFSgjyJ_X54MuLZU9vQiNSiXEWmG / keybase.io/kontaxis/sigs/…
Inflight wifi didn't work so of course I had to debug it. It appears the problem is lack of DHCP lease. The WiFi was using 8 hour leases, which was time enough for many planeloads of passengers to embark/disembark. A quick ARP scan at the time showed there were 55 devices on the…
SMTP Smuggling - Spoofing E-Mails Worldwide sec-consult.com/blog/detail/sm…
Today @FTC took action against Rite Aid for recklessly using facial recognition tools, leading to innocent people being wrongly accused of shoplifting. Our order prohibits the firm from using facial surveillance tools for 5 years, among other protections. ftc.gov/news-events/ne…
The full text of "Firewalls and Internet Security, Second Edition”, by Bill Cheswick, Avi Rubin, and myself, has been released under a Creative Commons license at wilyhacker.com. We include the full LaTeX source of the book, since we typeset it ourselves.
Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues papers.mathyvanhoef.com/usenix2023-wif…
Messaging Layer Security: Secure and Usable End-to-End Encryption ietf.org/blog/mls-secur…
OpenSSL support for RFC7250 raw public keys has been merged into the 3.2 development branch (master): github.com/openssl/openss… This supports trust validation via DANE TLSA records! I have pre-release code that adds DANE-with-RPK support to Postfix: github.com/vdukhovni/post…
github.com
RFC7250 (RPK) support (Fixes #6929) by tmshort · Pull Request #18185 · openssl/openssl
Add support for the RFC7250 extensions, allows the use of only private keys for connection (i.e. certs not needed). Fixes #6929 Replacement for #16620 (since github doesn't allow changing t...
Zoom and dark patterns. Click a meeting link. It auto-downloads Zoom. Ignore that. The 'launch meeting' page gives no indication that you can join via browser but suggests install the Zoom Client. Click 'launch meeting' & you get the choice to 'Join from your Browser'.
From the TLS newsletter: Mike Malone wrote a blog post about using short-lived certificates to avoid having to deal with revocation. buff.ly/3Jn8QUg
When can two TCP sockets share a local address? blog.cloudflare.com/the-quantum-st… @jkbs0 did a cool investigation on when bind-before-connect can reuse local port occupied by connect() and vice-versa. The results will shock you! :)
📢Our work on automated discovery of memory safety vulnerabilities in DL frameworks has been accepted at @USENIXSecurity 2023! Jointly with @neochristou @di_jin42 @Vatlidak @baishakhir | arxiv.org/abs/2209.14921 | gitlab.com/brown-ssl/ivys… | 39 CVEs 😎🤘💣#ivysyn #brownssl #usesec23
Really excited to see Google doing OHTTP with Fastly. My sources tell me it only took Fastly 45 minutes to build this. Amazing! Awesome to see this technology being used in the wild. Next up, OHTTP for DNS. developer.chrome.com/blog/oblivious…
I'm very excited about the types of things OHTTP infrastructure will enable, so it's great to see it deployed in practice. e.g., I could imagine collecting signals of page breakage from tracking protection.
Really excited to see Google doing OHTTP with Fastly. My sources tell me it only took Fastly 45 minutes to build this. Amazing! Awesome to see this technology being used in the wild. Next up, OHTTP for DNS. developer.chrome.com/blog/oblivious…
Google Chrome - Partnering with Fastly—Oblivious HTTP relay for FLEDGE 𝑘-anonymity server developer.chrome.com/blog/oblivious…
That brings up the question of what should be revoked? For ages, I have been saying revocation reasons don't make sense in the WebPKI. Well Mozilla agreed and has worked on defining those reasons better blog.mozilla.org/security/2022/…
Well this is not awesome. @Raspberry_Pi Camera v3 produces RF EMI on the GPS L1 frequency when enabled. Enough to make a GPS receiver maybe 20cm away from the camera cable drop lock. Camera v2 doesn't do this.
United States Trends
- 1. Steelers 52.2K posts
- 2. Rodgers 21K posts
- 3. Chargers 36.9K posts
- 4. Tomlin 8,209 posts
- 5. Schumer 221K posts
- 6. Resign 104K posts
- 7. #BoltUp 2,982 posts
- 8. #TalusLabs N/A
- 9. Tim Kaine 18.8K posts
- 10. Keenan Allen 4,877 posts
- 11. #HereWeGo 5,659 posts
- 12. Durbin 26.5K posts
- 13. #RHOP 6,904 posts
- 14. #ITWelcomeToDerry 4,592 posts
- 15. Gavin Brindley N/A
- 16. Angus King 15.9K posts
- 17. Herbert 11.7K posts
- 18. 8 Democrats 8,963 posts
- 19. 8 Dems 6,997 posts
- 20. Shaheen 34K posts
Something went wrong.
Something went wrong.