Fixing a 16 year-old privacy problem in TLS with ESNI

Privacy 2019: Fixing a 16 year-old privacy problem in TLS with ESNI

| | censorship, ESNI, Privacy, security, TLS
We continue our series covering privacy, anonymity & security on the internet with a look at encrypted SNI, explaining what it fixes, and what it doesn't ...
What type of encrypted email is right for your enterprise?

What type of encrypted email is right for your enterprise?

Encrypted email describes email messages which have been encoded to prevent unauthorized access to their contents. Given the frequent number of targeted attacks and impersonations through email, forward-thinking enterprises have embraced encrypted ...
Privacy 2019 - Tor, Meek & The Rise And Fall Of Domain Fronting

Privacy 2019: Tor, Meek & The Rise And Fall Of Domain Fronting

| | censorship, meek, Privacy, security, SNI, TLS, tor
The first in a series covering privacy, anonymity and security on the internet in recent times, with a focus on real issues affecting people in the real world. Censorship and pervasive state-sponsored ...
EH-Net - Daw - Ease Me Into Cryptography Part 4: TLS

Ease Me Into Cryptography Part 4: TLS – Applied Cryptographic Foundations

You made it to part 4! Here’s a quick overview of what we have broken down so far. We started with some basic vocabulary for cryptographic building blocks and talked about hash ...
What is a Zombie POODLE.tif

What is Zombie POODLE?

| | TLS, VERT, Zombie POODLE
This post is one in a series of posts describing TLS CBC padding oracles I have identified on popular web sites. The other posts in this series include an overview of CBC ...
Padcheck Backstory 1

TLS CBC Padding Oracles in 2019

| | CBC, Padcheck, TLS, VERT
Since August, I’ve spent countless hours studying CBC padding oracle attacks toward the development of a new scan tool called padcheck. Using this tool, I was able to identify thousands of popular ...
Final Nail in the Coffin of HTTP: Chrome 68 and SSL/TLS Implementation

Final Nail in the Coffin of HTTP: Chrome 68 and SSL/TLS Implementation

| | http, security, ssl, TLS
Google released Chrome version 68 in late July 2018, marking the start of a new era for secure web browsing. From version 68 onwards, all websites using HTTP will be marked as ...
TLS 1.3 Final Finalized, Finally

TLS 1.3 Final Finalized, Finally

| | ietf, Infosec Policy, ISOC, TLS
Truly astonishing the length of time our beloved (Hmmmmmm) IETF takes to remediate the suborg's own bad decisions with a stop-gap measure ...

What Are My Options? Session Encryption Protocols Looking Forward

TLSv1.3 is a game changer for some enterprises and data centers, what if I can?t switch to end-to-end and need a transition phase or alternate solution? This provides some options as well ...

They Are Looking At WHAT? Service Provider Monitoring

At the start of an adoption curve there is much apprehension. This is true of TLSv1.3 and those managing enterprise networks and data centers. The IETF working group spent much time listening ...
Loading...