Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @we1x
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @we1x
-
Pinned Tweet
Our Google I/O
#io19 slides are online now: Securing Web Apps with Modern Platform Features by@arturjanc and@we1x.https://speakerdeck.com/lweichselbaum/o-securing-web-apps-with-modern-platform-features …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
2019 has been a record-breaking year on lots of fronts - thanks to you all! Keep up your awesome discoveries.https://security.googleblog.com/2020/01/vulnerability-reward-program-2019-year.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Lukas Weichselbaum Retweeted
More
#samesite
cookie news:
Intent to **prototype**
tl;dr you can't share
across HTTP / HTTPS
3P
need to be Secure anyway
unaffected
Consider HTTPS by default (again)
HTTP
HTTPS may mean transferring
Happy to discuss!https://twitter.com/intenttoship/status/1221856997995417600 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Our research on Safari's Intelligent Tracking Prevention (ITP) is now available on https://research.google/pubs/pub48871/ cc
@arturjanc@kkotowicz@empijeipic.twitter.com/JvbLIhGDXd
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Lukas Weichselbaum Retweeted
Excellent paper by
@arturjanc et al. on the risks of on-device tracker classification. Specifically, they discuss how Safari's ITP can be abused to leak browsing history, leak search history, and perform denial of service attacks: https://arxiv.org/ftp/arxiv/papers/2001/2001.07421.pdf … [thread]Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
Ouch. The Safari tracking prevention has privacy vulnerabilities allowing worse tracking than what it was trying to prevent. Privacy engineering is *hard*. Honestly, I don't see a robust way around this one, though I haven't had enough time to sit down and really chew on it.https://twitter.com/lukOlejnik/status/1219873289230856198 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
The reason is the design of Intelligent Tracking Prevention (this is not a coding bug). You don't expect these kind of bugs. Very serious security/privacy bug. Cool research.
@kkotowicz@arturjanc janc@we1x@empijeipic.twitter.com/rap7KHLwMq
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Really looking forward to thishttps://twitter.com/intenttoship/status/1217173615734595589 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
Blink: Intent to Deprecate and Freeze: The User-Agent stringhttps://groups.google.com/a/chromium.org/d/msg/blink-dev/-2JIRNMWJ7s/yHe4tQNLCgAJ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Really looking forward to
@SecAppDev and to meeting great folks like@PhilippeDeRyck and@manicode!https://twitter.com/SecAppDev/status/1210132653447483392 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
@we1x giving a guest lecture on "Securing web apps with modern platform features" for our students in Avanced Internet Security. Lots of interesting stuff!@SBA_Research@tuvienna#secprivpic.twitter.com/lxXMGWBItA
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
May we present the next outstanding speaker at
#DevOneConf 2020 -@we1x. As a Staff Information Security engineer at@Google with 10+ years industry experience he frequently speaks at infosec and developer conferences around the globe. More Infos?
https://bit.ly/2rxpxZ1 pic.twitter.com/qk0phtVjv1
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
In almost every training, someone asks me “Why don’t browsers do this by default?”. Easy to say in hindsight, but hard to predict 20 years ago.
@arturjanc captures the history and the future well in this great story. A must read!#infosec#appsechttps://buff.ly/2Q7f2qTThanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
Kudos to
@damienmiller@openssh for FIDO Security Key support in ssh. Works splendidly!Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
Stoked to finally hear
@we1x giving a talk live at@ITSecX
pic.twitter.com/kWobi3Bkko
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
We deployed two post-quantum (aka quantum-resistant as far as we know) key agreement algorithms in TLS 1.3: one fast with big keys (ostrich) and one slow with smaller keys (turkey) and ran an experiment with Chrome to race them. Here are the results. https://blog.cloudflare.com/the-tls-post-quantum-experiment/ …pic.twitter.com/iyItCn8icz
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Lukas Weichselbaum Retweeted
Presenting dns-over-tls-forwarder, a simple, fast, low-footprint DNS-over-TLS forwarding server with hybrid LRU/MFA caching written in Go (thx
@empijei!). Run it on your router and protect all your network DNS requests from ISPs and eavesdroppers.https://github.com/mikispag/dns-over-tls-forwarder …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

