Seems like a bit of a paradox that we simultaneously tell security teams to 1) run everything over TLS / SSH and 2) take network forensics classes where you learn to deconstruct cleartext protocols
-
-
Indeed, and you cannot intercept the attacker-built/run crypto, no? [and by crypto I freakin' mean encryption :-)]
-
is there any other meaning? :) depends on the implementation, and how you can thwart it. Of the small sliver that uses encryption, most is straight out TLS. Of that, most I've seen doesn't bother with CA validation let alone cert pinning.
- Još 3 druga odgovora
Novi razgovor -
-
-
Well I don’t use TLS :P guess I’m an anomaly whoops
also I’d say covert methods for control are becoming more common while TLS is staying the same i would say that is where it is changing.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
I don’t have any metrics to support it, but seems to me a lot more c2 is going SSL/TLS
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Suggests trivial defense: routers that drop all packets without sufficient entropy to plausibly be TLS. Also improves user security, doesn't break anything legitimate.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
What's the source of this diagram? Could you share it?:)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
Advanced Practices