everything wrong with university press releases overselling research https://www.cerias.purdue.edu/site/blog/post/purdue_cerias_researchers_find_vulnerability_in_google_protocol/ …
-
-
well, disabling quic will not disable secure transport, it will fall back to tls. but it does nothing to mitigate this "vuln".
-
Then the length is still leaked, so I assumed they were advising disabling secure transport. Either way, it's bananas.
- 2 more replies
New conversation -
-
-
Reminds me of "SNI leaks the hostnames you visit, there's no point in using HTTPS!"
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.