xnyhps
- Karma
- 1,012
- Created
- September 5, 2012 (13y ago)
- Submissions
- 0
[ my public key: https://keybase.io/xnyhps; my proof: https://keybase.io/xnyhps/sigs/m-nsALHMR_0WYxhEtG6-ngXnDELyL0_4cxRt_ufsGkM ]
- Bad things come in large packages: .pkg signature verification bypass on macOS (sector7.computest.nl)
- Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass (sector7.computest.nl)
- Zoom RCE from Pwn2Own 2021 (sector7.computest.nl)
- Zoom RCE from Pwn2Own 2021 (sector7.computest.nl)
- Comodo Incident Report – OCR (mail-archive.com)
- WoSign Incidents Report Update [pdf] (wosign.com)
- Apple's response to the WoSign incidents (mail-archive.com)
- Incidents involving the CA WoSign (mail-archive.com)
- On the CCA (in)security of MTProto (eprint.iacr.org)
- UUIDs generally do not meet security requirements (littlemaninmyhead.wordpress.com)
- Scientist says researchers in immigrant-friendly nations can't use his software (news.sciencemag.org)
- HipChat Acquires Blue Jimp and Jitsi.org (blog.hipchat.com)
- Validate the encoding before passing strings to libcurl or glibc (blog.thijsalkema.de)
- HTTPS Attacks and XMPP 2: CRIME and BREACH (blog.thijsalkema.de)
- CVE-2014-1361: SecureTransport Buffer Overflow (blog.thijsalkema.de)
- Breaking Half of the Telegram Contest (blog.thijsalkema.de)
- HTTPS Attacks and XMPP 1: BEAST (blog.thijsalkema.de)
- Misconceptions About Forward Secrecy (blog.thijsalkema.de)
- Is Google signing your chat messages? (blog.thijsalkema.de)
- Piercing Through WhatsApp’s Encryption (blog.thijsalkema.de)
- The State of TLS on XMPP (blog.thijsalkema.de)
- Prosody 0.9.0 released (blog.prosody.im)