Robert Merget

@ic0nz1

TLS-Researcher and TLS-Attacker Dev. PhD Student @ Ruhr University Bochum 🦝🦝🦝

Vrijeme pridruživanja: travanj 2012.

Tweetovi

Blokirali ste korisnika/cu @ic0nz1

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ic0nz1

  1. Prikvačeni tweet
    20. sij

    CVE-2020-2655: TLS/DTLS client authentication bypass in Java 11 & 13 (JSSE) Details & PoC

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    prije 22 sata

    So delighted to announce Swift Crypto: . This is the result of a long collaboration between so many people, and we’re all delighted and proud to announce it today.

    Poništi
  3. proslijedio/la je Tweet
    31. sij

    Also...I have two open positions in the area of applied crypto and system security. Contact me if you are interested. Will reference the official offers soon :)

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    29. sij

    Into TLS? Like helping teams and individuals reach their goals? Come manage Apple’s Secure Transports Team:

    Poništi
  5. proslijedio/la je Tweet
    23. sij

    Chrome's TLS deprecation UI experiment has been enabled.

    Poništi
  6. proslijedio/la je Tweet
    22. sij

    Coming soon to OpenSSL: a simple, safe and performant API for primality testing. With , and with thanks to Kurt Roeckx from OpenSSL and who posed the question.

    Poništi
  7. 20. sij

    Credits: , , Kostis Sagonas, Bengt Jonsson,

    Prikaži ovu nit
    Poništi
  8. 16. sij

    If you are using TLS client authentication with Java 11 or Java 13 you should patch your servers NOW.

    Poništi
  9. proslijedio/la je Tweet

    Comic about the (semi-)recent debate on picking high security elliptic curves on the CFRG mailing list:

    Poništi
  10. proslijedio/la je Tweet
    10. sij
    Poništi
  11. proslijedio/la je Tweet
    19. pro 2019.

    Weird native libraries in the Facebook android app: - - seems to be a disassembly/hook engine? - - some kind of heartbleed mitigation that crashes the app when it receives an SSL heartbeat message

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    18. pro 2019.

    Today I learned about Google’s proprietary version of TLS for Google Cloud, thanks to . It’s called ATLS and it’s the second (third?) proprietary TLS replacement Google has developed.

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    16. pro 2019.

    Asking for a friend (really!): Anybody searching for a data analyst in Zurich? DM me!

    Poništi
  14. proslijedio/la je Tweet
    10. pro 2019.

    We show how to design a circuit construction protocol (such as used in ) that is 1) non-interactive, 2) immediate forward-secret, and 3) requires only O(n) message exchanges - disproving the common belief that such construction is not possible.

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    13. stu 2019.

    We have now also updated our TLS-Attacker Burp Suite extension based on the new stuff introduced in TLS-Scanner. Enjoy:

    Poništi
  16. proslijedio/la je Tweet
    7. stu 2019.
    Poništi
  17. 7. stu 2019.

    We released a new version of our tools TLS-Attacker and TLS-Scanner. Besides various improvements TLS-Scanner now has a rating & recommendation system. Feedback on how we rate things is more than welcome.

    Poništi
  18. proslijedio/la je Tweet

    We deployed two post-quantum (aka quantum-resistant as far as we know) key agreement algorithms in TLS 1.3: one fast with big keys (ostrich) and one slow with smaller keys (turkey) and ran an experiment with Chrome to race them. Here are the results.

    Prikaži ovu nit
    Poništi
  19. 30. lis 2019.

    I created a TLS challenge (Evil Corp) for the 4future CTF at . Only one team was able to solve it, so I created a writeup of the intended solution. CC:

    Poništi
  20. 30. ruj 2019.

    I just discovered this neat site which visualizes sslpulse data over time. Very cool!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·