|
Nimrod Aviram
@
NimrodAviram
|
|
TAU PhD student. Recently worked on DROWN: drownattack.com
|
|
|
198
Tweetovi
|
431
Pratim
|
201
Osobe koje vas prate
|
| Tweetovi |
|
Nimrod Aviram
@NimrodAviram
|
31. sij |
|
Woohoo! Congrats Juraj :-)
|
||
|
|
||
| Nimrod Aviram proslijedio/la je tweet | ||
|
Robert Merget
@ic0nz1
|
16. sij |
|
If you are using TLS client authentication with Java 11 or Java 13 you should patch your servers NOW.
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
9. sij |
|
Probably too late to do anything now, but FWIW, streaming keeps disconnecting for me, so I can't really watch. If there is any chance of streaming via youtube next time, would appreciate it. Thanks for organizing an awesome conference, wish I could attend!
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
9. sij |
|
Thanks for setting this up! Could you please increase the length limit for the author list? I ran out of space for the DROWN paper 😂
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
9. sij |
|
Thank you Prof. Blaze, will read :-)
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
9. sij |
|
Honest question: Have you or other experts tried an approach like "OK, let's put aside for the moment the next election. By 2030, we'd like elections to just use X. This is far enough to prepare for. And you don't know which party will be in power, so it's politically neutral."
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
7. sij |
|
whoa, awesome work Antonio!
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
29. pro |
|
Hi Damian, not really "email" but maybe also relevant, in case you didn't hear:
twitter.com/Daeinar/status…
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
24. pro |
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
19. pro |
|
Thanks for posting this, I've been looking for such a solution. But it seems inoreader only allows following 30 twitter users? Or is there an option to follow more?
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
15. stu |
|
Wait until you start talking to cryptographers working on TLS 1.3 twitter.com/willmanduffy/s…
|
||
|
|
||
| Nimrod Aviram proslijedio/la je tweet | ||
|
Robert Merget
@ic0nz1
|
7. stu |
|
We released a new version of our tools TLS-Attacker and TLS-Scanner. Besides various improvements TLS-Scanner now has a rating & recommendation system. Feedback on how we rate things is more than welcome. github.com/RUB-NDS/TLS-Sc…
|
||
|
|
||
| Nimrod Aviram proslijedio/la je tweet | ||
|
juraj somorovsky
@jurajsomorovsky
|
7. stu |
|
After a longer time, we had again a look at SAML...resulted in a complete signature bypass in SimpleSAMLphp and xmlseclibs, and my coolest (public) Signature Wrapping exploit. Please patch. Writeup: hackmanit.de/en/blog-en/82-… (CVE-2019-3465) // cc @hackmanit pic.twitter.com/ORzZfGcdJt
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
5. stu |
|
Hi Deirdre, May I ask why 'meh'? In principle, losing 2 bits of security for ~25% increase in speed sounds like a good trade-off, right? (I'm asking seriously, I don't really know curves well). Thanks :-)
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
5. stu |
|
You can inform yellers (of all age groups) that some people are cheering for the work you and your team do! I'm also wondering in which age group there is a higher chance of hearing a rational response.
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
26. lis |
|
hey Thomas, bb98->rce sounds interesting, could you please provide a reference? thanks :-)
|
||
|
|
||
| Nimrod Aviram proslijedio/la je tweet | ||
|
James Harris
@jimeharrisjr
|
4. lis |
|
Child exploitation is "icky" and men in suits don't feel comfortable discussing it. They don't like planning ops against it. Everybody wants to "smash the perverts," but doing it correctly would require actual time investment in a very dark world.
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
4. lis |
|
congrats folks! btw, have you examined amazon's s2n and Facebook's mvfst?
|
||
|
|
||
| Nimrod Aviram proslijedio/la je tweet | ||
|
Sebastian Schinzel
@seecurity
|
30. ruj |
|
New Paper: “Practical Decryption exFiltration: Breaking PDF Encryption“ describing new attacks that uncover the plaintext of encrypted PDFs. To be presented at @acm_ccs and joint work with @jensvoid @Murgi @v_mladenov @CheariX @JoergSchwenk. #PDFex 1/n pic.twitter.com/1LjaHijRGs
|
||
|
|
||
|
Nimrod Aviram
@NimrodAviram
|
18. ruj |
|
can you please give examples? (asking seriously)
|
||
|
|
||