I may be late to this, but here [1] is some commentary on why DoH (DNS over HTTPS) may not be as affective as it is perceived. The article also talks about DoT (DNS over TLS) mechanism which is apparently less disruptive for network monitoring tools compared to DoH.
Can some security minded folks from the community chime in about the claims made in the linked article?
This may be tangential and specific to United States, but is there a way to prevent someone from withdrawing money from your account if they know the account and routing number? Both of those numbers are on checks.
Is it just me or others also feel that this is only exacerbated by having 'always in ear devices' like AirPods (or any other earbuds for that matter)? Why is it not considered rude to have them on while you're having a discussion with someone?
I have been exploring similar BLE "hacking" tools and hardware lately. While this is a pretty good description around how to preform basic recon and basic attacks against poorly protected BLE devices, I haven't been able to find a good tutorial around attacking BLE devices with Out-of-band pairing enabled.
To elaborate further, I have attempted using HackRF to sniff the OOB channels (e.g. NFC) with limited success. So, I'm wondering if anyone has had any experience with it.
To shed some more light on qualifications, I've BS+MS in ECE with ~3 years of experience in the security field. I'm a member of a well recognized standards committee defining security standards. I've given conference talks, and published articles in industry trade journals.
Does that make my odds of getting O1 visa (or EB1 green card) higher in any way?
I'm on a cap-exempt H1b visa working in cyber-security field. Within past year I had to let go of 3 job offers due to visa transfer not being possible to for-profit companies (and all offers were made after April, so lottery based H1b application wasn't a path I could take this year).
What would you recommend someone in my position should do if they want to switch job to a for-profit organization?
Can some security minded folks from the community chime in about the claims made in the linked article?
(Disclaimer: English is my second language)
[1]: https://www.zdnet.com/article/dns-over-https-causes-more-pro...