HackerTrans
TopNewTrendsCommentsPastAskShowJobs

new23d

no profile record

Submissions

What data do coding agents send, and where to?

chasersystems.com
2 points·by new23d·8 miesięcy temu·1 comments

Obfuscating outbound traffic via a Suricata "firewall"

new23d.com
1 points·by new23d·w zeszłym roku·1 comments

Living-off-the-land Dynamic DNS for Route 53

new23d.com
1 points·by new23d·w zeszłym roku·1 comments

An analysis of CRL sizes from various CAs

chasersystems.com
1 points·by new23d·2 lata temu·4 comments

[untitled]

2 points·by new23d·2 lata temu·0 comments

Disabling Encrypted ClientHello in Google Chrome, and Why

chasersystems.com
4 points·by new23d·3 lata temu·5 comments

comments

new23d
·5 miesięcy temu·discuss
netim.com has been reliable over the years for me
new23d
·8 miesięcy temu·discuss
Our report seeks to answer some of our questions for seven of the most popular agentic code editors and plugins. By intercepting and analysing their network flows across a set of standardised tasks, we aim to gain insight into the behaviour, privacy implications, and telemetry patterns of these tools in real-world scenarios. Incidentally, a side-effect was running into OWASP LLM07:2025 System Prompt Leakage for three of the chosen coding agents. You can see the system prompts in the appendix.
new23d
·w zeszłym roku·discuss
Obfuscation via egress firewalls and evasive binary development with an iterative LLM agent.
new23d
·w zeszłym roku·discuss
Use AWS Route53?
new23d
·w zeszłym roku·discuss
Making a dynamic DNS client with aws and jq CLI, with a least-privilege IAM role and a SystemD service.
new23d
·2 lata temu·discuss
Exactly the same happened with me. Picking up the phone and responding to email (in weeks, not hours or days) didn't lower my bills. This sort of marketing is perhaps deflection.
new23d
·2 lata temu·discuss
We'll be working on that in the coming days. Thought the data at this point was a good start.
new23d
·2 lata temu·discuss
Some initial observations:

• Google's CRLs from the same intermediate CA (same public key) have different URLs and different content when pulled from different hosts (google.com, youtube.com).

• DigiCert has sharded according to 'assurance' class, algorithm, year and acquisition's name.

• Sectigo also has sharded according to 'assurance' class [1].

• GlobalSign has sharded by the yearly quarter presumably.

• HTTP Cache-Control maxage (or s-maxage), 'Expires' and 'Next Update' within the CRL file are not in sync.

• Some CAs other than Let's Encrypt also do not publish CRL URLs in the leaf certificates.

[1] https://www.sectigo.com/knowledge-base/detail/Sectigo-Interm...
new23d
·2 lata temu·discuss
We collected some data [1] on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [2].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41058138 [2] https://news.ycombinator.com/item?id=41046956
new23d
·2 lata temu·discuss
We collected some data on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [1].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41046956
new23d
·2 lata temu·discuss
TLS 1.3 and ESNI (now called Encrypted Client Hello - ECH) are separate standards, although you'll see ECH only enabled in bleeding edge stacks. In fact, ECH is still in IETF draft phase [1].

It can be disabled if an organisation wishes to. I wrote about how to do this in Chrome [2,3], and will write about Firefox when I get a chance.

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ [2] https://chasersystems.com/blog/disabling-encrypted-clienthel... [3] https://news.ycombinator.com/item?id=37823262
new23d
·2 lata temu·discuss
Product appears to be an ID Tent from Evi-Paq. It has inches on the front 'leg' and cms on the rear.

https://forensicssource.com/collections/evidence-markers/pro...
new23d
·2 lata temu·discuss
Stay near a transport hub so you can connect with your prospects and customers regularly, by travelling. Working along side other founders in the B2B space would be extremely beneficial too.
new23d
·2 lata temu·discuss
Wait till they get to the part where it can be easily bypassed. I spoke about it [1] at the fwd:cloudsec conference [2] in July 2022. Others have raised concerns about discovery of these bypasses too [3].

[1] https://www.youtube.com/watch?v=DKSa32qWiRw [2] https://fwdcloudsec.org/ [3] https://canglad.com/blog/2023/aws-network-firewall-egress-fi...
new23d
·2 lata temu·discuss
This is the FlightRadar24 playback of the flight: https://www.flightradar24.com/data/flights/la800#34506b53

At time ~02:27, a dip in the altitude can be seen in the flight data chart.
new23d
·2 lata temu·discuss
No.
new23d
·2 lata temu·discuss
+1 for 14"
new23d
·2 lata temu·discuss
My interest in Framework is the DIY repairability. Not interested in modular upgrades but hot swappable ports on the side and should something need replacing, can be done in a relatively shorter and more predictable timespan than with ThinkPads and EliteBooks these days. Have had terrible experience with those in the last few years.
new23d
·3 lata temu·discuss
Sorry for the plug but DiscrimiNAT Firewall actively prevents ECH [1] from flowing through and cannot be bypassed with SNI forging either [2]. Also has a great 'discovery' mode and CLI tooling to figure out that allowlist on an on-going basis.

[1] https://chasersystems.com/blog/disabling-encrypted-clienthel... [2] https://chasersystems.com/discriminat/comparison/aws-network...
new23d
·3 lata temu·discuss
Google Chrome v117 turned on TLS Encrypted ClientHello by default (on 27 Sep?) This will impact the effectiveness and accuracy of outbound traffic filtering* - for those who've implemented it (regardless of vendor.) We've written a short blog post on disabling it with PowerShell, Windows Registry and Google Chrome UI for those who may need to roll this out ASAP and regain visibility. (Disclosure: we are a vendor of an outbound filtering solution and this has impacted our customers already.)

*for many websites, the domain name visibility during an HTTPS handshake will no longer be available to firewalls/proxies (unless they were terminating.)