On Saturday, 13 January 2018 03:31:23 CET Christian Huitema wrote:
> On 1/12/2018 1:53 PM, Dan Wing wrote:
> > The question I want to ask: What can we do *now* to stop this from
> > happening when TLS 1.4 will be deployed? I have the feeling GREASE
> > won't be enough...
>
> Data sets. Machine lea
The research that this is built on isn't especially new:
https://arxiv.org/abs/1607.01639
The interesting observation in that paper is that the results are
obtained only from the subset of malware that uses its own TLS
configuration. Those that used the Windows stack in a default
configuration we
On Sat, Jan 13, 2018 at 12:02 AM, Hanno Böck wrote:
>
> The question I want to ask: What can we do *now* to stop this from
> happening when TLS 1.4 will be deployed? I have the feeling GREASE
> won't be enough...
Sidebar: TLS 4 ;)
--
Tony Arcieri
___
On 1/12/2018 1:53 PM, Dan Wing wrote:
> I'll dare to have a look into the future and make this imho very
> plausible claim:
> Cisco won't be the only vendor selling such things. We will see more
> products that magically can identify "bad things" in TLS traffic by
> applying everything from AI to
On Fri, 12 Jan 2018 15:53:05 -0800
Dan Wing wrote:
> Those bugs that interfere with TLS handshakes are un-related to
> Cisco's Encrypted Traffic Analytics ("ETA"). Different technologies.
I haven't claimed that.
I just think it's very plausible to assume that a company that
already created two
On Jan 12, 2018, at 3:02 PM, Hanno Böck wrote:
>
> Hi,
>
> This working group just went through a painful process of realizing
> that deploying a new TLS version on the Internet is a hard task due to
> broken devices. If you're not aware David Benjamin just gave a great
> talk summarizing the is
