All Posts
16 Dec 2024
The security industry’s standard response to SSL/TLS protocol vulnerabilities drives organizations into urgent version upgrades, suggesting severe and immediate risk. However, the vast majority of these vulnerabilities share an major prerequisite: attackers must first achieve specific network positions. When attackers gain such positions, they typically have access to simpler and more reliable attack methods. Additionally, by analyzing technical requirements, modern mitigations, and practical attack scenarios across multiple protocol versions (SSL 3.0 through TLS 1.1), we uncover a significant disconnect between these protocol vulnerabilities, their practical risk, and how organizations seemingly over-respond.
16 Dec 2024
This technical analysis serves as a companion piece to our main article “Is TLS Your Biggest Problem?” While the main article examines the broader implications of TLS protocol security, these appendices provide exhaustive technical details across four critical areas: network position prerequisites, browser/library implementation timelines, network position analysis, and comprehensive CVE analysis.
26 Nov 2024
While building my own JARVIS-like assistant (yes, another one of those), I noticed something: AI output is perfectly readable as text, but throw it at a text-to-speech system and… well, let’s just say it’s not winning any audiobook awards.
07 Nov 2024
I’ve come to recognize two distinct mindsets in security: those grounded in technical reality, and those I call the “boogeyman crew.” The latter operates on fear rather than facts, treating every scanner-flagged “CRITICAL!” finding as an equally urgent disaster. Their world is populated by various specters: the compliance boogeyman who’ll condemn them for not addressing every high-severity CVE regardless of context, the dreaded auditor who’ll condemn them for not following frameworks to the letter and, of course, the truly bad actors lying in wait.
01 Nov 2024
Traditional vulnerability scanning has been a cornerstone of enterprise security programs for decades. However, some fundamental aspects of how these tools operate - and how quickly vulnerabilities are exploited in the wild - suggest we might need to reconsider this approach. This analysis explores why scanning might be problematic as a primary security measure, particularly for Internet-facing systems, and considers what alternatives might look like.
31 Oct 2024
Built a tool called censyspy that simplifies FQDN discovery via Censys. While you can absolutely do all of this with the Censys CLI and their query syntax (which isn’t particularly complex), this wrapper makes it a bit more straightforward if you’re specifically hunting for FQDNs. Since Censys has such a massive certificate dataset, queries can take a few minutes to complete - the tool defaults to a 5-minute timeout which should be enough for most cases.
29 Oct 2024
Welcome to my new blog.