Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @arturjanc
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @arturjanc
-
Pinned Tweet
Earlier today we published the details of a set of vulnerabilities in Safari's Intelligent Tracking Prevention privacy mechanism: https://arxiv.org/abs/2001.07421 . They are... interesting. [1/9]
@kkotowicz@empijei@we1xShow this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
S2 Systems joined Cloudflare: https://blog.cloudflare.com/cloudflare-and-remote-browser-isolation/ … Cloudflare is now hiring web browser experts! https://www.cloudflare.com/careers/departments/product-strategy/ … If you are an engineer in Seattle, and want to get your hands dirty with Chromium, WebAssembly, Typescript, Docker and Terraform - consider applying!
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Our team at
@DeepMind is hiring engineers and researchers in PL, compilers, systems etc. Come work with us on challenging problems and help shape the next generation of AI infrastructure! https://deepmind.com/careers/jobs/1796254 … https://deepmind.com/careers/jobs/470166 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
2019 has been a record-breaking year on lots of fronts - thanks to you all! Keep up your awesome discoveries.https://security.googleblog.com/2020/01/vulnerability-reward-program-2019-year.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
What a year! 2019 was the year of my growth and success. 2121 of you clicked the follow button on my avatar
unbelievable. No words can describe the feeling of becoming an inspiration to you guys! As for a small update, In march I'm joining @Google infosec
#MyTwitterAnniversary
pic.twitter.com/fKVE3Pj4jZ
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Read about all the great things the
@googleChrome Security team has been up to recently! https://dev.chromium.org/Home/chromium-security/quarterly-updates …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Improving
@googlechrome privacy too fast could break the web by scaring advertisers away, Chrome leader@justinschuh says. But Mozilla's@TanviHacks disagrees. A discussion from#enigma2020 privacy & security conference.https://cnet.co/2TZSjxzThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
We’ve published an explainer about an idea to harden SMS-delivered one-time passwords by allowing senders to associate the codes with a website. We’ve been talking about the idea with some folks at Google, and would like more feedback.https://github.com/WebKit/explainers/blob/master/sms-one-time-code-format/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Into TLS? Like helping teams and individuals reach their goals? Come manage Apple’s Secure Transports Team: https://jobs.apple.com/en-us/details/200129265/security-engineering-manager-secure-transports …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
We recently deployed Strict, nonce based CSP to Cloudflare dash as well :) We use an intermediary like Cloudflare Workers to do the job. But it changes the threat model a little bit. Since it’s react based, we are not worried about reflected html based injections.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Chrome privacy sandbox highlights: 1. Remove tracking surfaces - make it harder to track 2. Audit and attestation - can't entirely rely on tech measures 3. Privacy preserving APIs - meet use cases devs need 4. Anti-abuse - still need to catch things that fall through
#enigma2020Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Strict, nonce-based CSP now deployed on a good portion of http://Postmates.com . Yay!
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
SameSite=Lax cookie issues imminent for AMP-enabled websites since the AMP cache loads under a faux first party:https://blog.amp.dev/2020/01/27/cookie-classification-on-amp/ …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
.
@LeaKissner: Can y'all compare and contrast the different approaches to browser privacy?@ericlaw: You're asking us to rank our neighbor's children!
#enigma2020Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
#enigma2020@justinschuh We don't want to throw out what makes the web so great: - Open Standards - No Single Entity Control (low barrier to entry to do something on the web) - Ephemerality (users can seamlessly migrate between sites)Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
From a defender's point of view this looks much less optimistic. There's still a large number of patterns that developers frequently get wrong (including "easy" things like XSS prevention), and new patterns (SWs, JWT|localStorage) create new bug classes. You can still have fun!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
As much as I'd like to retire, I'd guess that once the dust settles a large number of the applications worth attacking will set `SameSite=none`, so don't write off CSRF / XS-Leaks just yet :)https://twitter.com/filedescriptor/status/1221128754786758656 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
From June 8th to September 4th, I'll be a Security Engineer intern at Google Zurich

pic.twitter.com/vcKgp6iHoJ
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Our research on Safari's Intelligent Tracking Prevention (ITP) is now available on https://research.google/pubs/pub48871/ cc
@arturjanc@kkotowicz@empijeipic.twitter.com/JvbLIhGDXd
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Artur Janc Retweeted
Fascinating paper detailing various attack vectors introduced by Safari’s Intelligent Tracking Prevention by
@arturjanc,@kkotowicz,@empijei, and@we1x. Definitely worth a read. https://arxiv.org/pdf/2001.07421.pdf …pic.twitter.com/9uiClnox1f
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.