HackerTrans
TopNewTrendsCommentsPastAskShowJobs

new23d

no profile record

Submissions

What data do coding agents send, and where to?

chasersystems.com
2 points·by new23d·8 months ago·1 comments

Obfuscating outbound traffic via a Suricata "firewall"

new23d.com
1 points·by new23d·last year·1 comments

Living-off-the-land Dynamic DNS for Route 53

new23d.com
1 points·by new23d·last year·1 comments

An analysis of CRL sizes from various CAs

chasersystems.com
1 points·by new23d·2 years ago·4 comments

[untitled]

2 points·by new23d·2 years ago·0 comments

Disabling Encrypted ClientHello in Google Chrome, and Why

chasersystems.com
4 points·by new23d·3 years ago·5 comments

Terraform Cloud down for a couple of hours now

status.hashicorp.com
3 points·by new23d·3 years ago·0 comments

comments

new23d
·5 months ago·discuss
netim.com has been reliable over the years for me
new23d
·8 months ago·discuss
Our report seeks to answer some of our questions for seven of the most popular agentic code editors and plugins. By intercepting and analysing their network flows across a set of standardised tasks, we aim to gain insight into the behaviour, privacy implications, and telemetry patterns of these tools in real-world scenarios. Incidentally, a side-effect was running into OWASP LLM07:2025 System Prompt Leakage for three of the chosen coding agents. You can see the system prompts in the appendix.
new23d
·last year·discuss
Obfuscation via egress firewalls and evasive binary development with an iterative LLM agent.
new23d
·last year·discuss
Use AWS Route53?
new23d
·last year·discuss
Making a dynamic DNS client with aws and jq CLI, with a least-privilege IAM role and a SystemD service.
new23d
·2 years ago·discuss
Exactly the same happened with me. Picking up the phone and responding to email (in weeks, not hours or days) didn't lower my bills. This sort of marketing is perhaps deflection.
new23d
·2 years ago·discuss
We'll be working on that in the coming days. Thought the data at this point was a good start.
new23d
·2 years ago·discuss
Some initial observations:

• Google's CRLs from the same intermediate CA (same public key) have different URLs and different content when pulled from different hosts (google.com, youtube.com).

• DigiCert has sharded according to 'assurance' class, algorithm, year and acquisition's name.

• Sectigo also has sharded according to 'assurance' class [1].

• GlobalSign has sharded by the yearly quarter presumably.

• HTTP Cache-Control maxage (or s-maxage), 'Expires' and 'Next Update' within the CRL file are not in sync.

• Some CAs other than Let's Encrypt also do not publish CRL URLs in the leaf certificates.

[1] https://www.sectigo.com/knowledge-base/detail/Sectigo-Interm...
new23d
·2 years ago·discuss
We collected some data [1] on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [2].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41058138 [2] https://news.ycombinator.com/item?id=41046956
new23d
·2 years ago·discuss
We collected some data on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [1].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41046956
new23d
·2 years ago·discuss
TLS 1.3 and ESNI (now called Encrypted Client Hello - ECH) are separate standards, although you'll see ECH only enabled in bleeding edge stacks. In fact, ECH is still in IETF draft phase [1].

It can be disabled if an organisation wishes to. I wrote about how to do this in Chrome [2,3], and will write about Firefox when I get a chance.

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ [2] https://chasersystems.com/blog/disabling-encrypted-clienthel... [3] https://news.ycombinator.com/item?id=37823262
new23d
·2 years ago·discuss
Product appears to be an ID Tent from Evi-Paq. It has inches on the front 'leg' and cms on the rear.

https://forensicssource.com/collections/evidence-markers/pro...
new23d
·2 years ago·discuss
Stay near a transport hub so you can connect with your prospects and customers regularly, by travelling. Working along side other founders in the B2B space would be extremely beneficial too.
new23d
·2 years ago·discuss
Wait till they get to the part where it can be easily bypassed. I spoke about it [1] at the fwd:cloudsec conference [2] in July 2022. Others have raised concerns about discovery of these bypasses too [3].

[1] https://www.youtube.com/watch?v=DKSa32qWiRw [2] https://fwdcloudsec.org/ [3] https://canglad.com/blog/2023/aws-network-firewall-egress-fi...
new23d
·2 years ago·discuss
This is the FlightRadar24 playback of the flight: https://www.flightradar24.com/data/flights/la800#34506b53

At time ~02:27, a dip in the altitude can be seen in the flight data chart.
new23d
·2 years ago·discuss
No.
new23d
·2 years ago·discuss
+1 for 14"
new23d
·2 years ago·discuss
My interest in Framework is the DIY repairability. Not interested in modular upgrades but hot swappable ports on the side and should something need replacing, can be done in a relatively shorter and more predictable timespan than with ThinkPads and EliteBooks these days. Have had terrible experience with those in the last few years.
new23d
·3 years ago·discuss
Sorry for the plug but DiscrimiNAT Firewall actively prevents ECH [1] from flowing through and cannot be bypassed with SNI forging either [2]. Also has a great 'discovery' mode and CLI tooling to figure out that allowlist on an on-going basis.

[1] https://chasersystems.com/blog/disabling-encrypted-clienthel... [2] https://chasersystems.com/discriminat/comparison/aws-network...
new23d
·3 years ago·discuss
Google Chrome v117 turned on TLS Encrypted ClientHello by default (on 27 Sep?) This will impact the effectiveness and accuracy of outbound traffic filtering* - for those who've implemented it (regardless of vendor.) We've written a short blog post on disabling it with PowerShell, Windows Registry and Google Chrome UI for those who may need to roll this out ASAP and regain visibility. (Disclosure: we are a vendor of an outbound filtering solution and this has impacted our customers already.)

*for many websites, the domain name visibility during an HTTPS handshake will no longer be available to firewalls/proxies (unless they were terminating.)