{"version":"https://jsonfeed.org/version/1","title":"Micro.blog - Thomas H. Ptacek","home_page_url":"https://micro.blog","feed_url":"https://micro.blog/posts/tqbf","_microblog":{"about":"https://micro.blog/about/api","id":"8634","username":"tqbf","bio":"","pronouns":"","is_following":false,"is_you":false,"following_count":1,"discover_count":0},"author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://www.gravatar.com/avatar/67443e4a0128865221ebdff74aad6376?s=96&d=https%3A%2F%2Fmicro.blog%2Fimages%2Fblank_avatar.png"},"items":[{"id":"13053793","content_html":"Because I’ve obviously gone all “Slurp Juice” on this MEGA attack thing, an attempt at a decoder ring.\n\nFirst: the client doesn’t trust the server. That’s the whole point of the design. The attacker is Mega, the target is the client.\n\nThe client wants to store encrypted files on the ser... <a href=\"https://flaked.sockpuppet.org/2022/06/21/because-ive-obviously.html\">flaked.sockpuppet.org</a>","summary":"","url":"https://flaked.sockpuppet.org/2022/06/21/because-ive-obviously.html","date_published":"2022-06-22T03:02:15+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2022-06-22 03:02","date_timestamp":1655866935,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"951896","content_html":"Internal Disclosure\nBoring Premises\nVirtually all software has bugs. We don’t know how to practicably build software without bugs.\n\nSoftware security vulnerabilities leverage bugs (or chains of bugs) to trick software into doing things for attackers. We don’t completely understand which... <a href=\"http://flaked.sockpuppet.org/2018/10/09/internal-disclosure-boring.html\">flaked.sockpuppet.org</a>","summary":"","url":"http://flaked.sockpuppet.org/2018/10/09/internal-disclosure-boring.html","date_published":"2018-10-09T20:38:14+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-10-09 20:38","date_timestamp":1539117494,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"587767","content_html":"You Need Deli Cups\nDeli cups are one of mankind’s greatest inventions, and also one of the most important kitchen tools. But most of my friends don’t have any, or, if they do, they don’t have enough. You need all of them.\n\nYou don’t want, like, five of them. You want a box of hundreds. ... <a href=\"http://flaked.sockpuppet.org/2018/05/23/you-need-deli.html\">flaked.sockpuppet.org</a>","summary":"","url":"http://flaked.sockpuppet.org/2018/05/23/you-need-deli.html","date_published":"2018-05-24T00:27:55+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-05-24 00:27","date_timestamp":1527121675,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"568415","content_html":"A unified timeline of Efail PGP disclosure events\nThis is an attempt to combine public sources regarding when various PGP vendors were notified about Efail.\n\nSources:\n\n  Efail: the Münster/Ruhr research team’s public Efail.de site.\n  #721: Enigmail bug #721\n  Koch: Werner Koch’s 5/14/20... <a href=\"http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html\">flaked.sockpuppet.org</a>","summary":"","url":"http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html","date_published":"2018-05-16T23:30:41+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-05-16 23:30","date_timestamp":1526513441,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"418357","content_html":"So @lvh and I have nailed the Latacora hiring challenge down.\n\nAt Matasano we had a PHP web app challenge and a custom protocol challenge. We had other stuff, but most of our technical qualification was done based on a web app you tested and a protocol you reversed and tested.\n\nLatacora... <a href=\"http://flaked.sockpuppet.org/2018/03/21/so-lvh-and.html\">flaked.sockpuppet.org</a>","summary":"","url":"http://flaked.sockpuppet.org/2018/03/21/so-lvh-and.html","date_published":"2018-03-21T15:14:00+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-03-21 15:14","date_timestamp":1521645240,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"410287","content_html":"Reminder: the Black Hat USA 2018 CFP is open for the next 4 weeks. It’s easy to put together a CFP response. BH is the industry’s best known practical offensive security conference. \n\nI’m working with 9 other crypto pros to review the Cryptography track.\n\nSome greatest hits:\n\nBlack Hat ... <a href=\"http://flaked.sockpuppet.org/2018/03/18/reminder-the-black.html\">flaked.sockpuppet.org</a>","summary":"","url":"http://flaked.sockpuppet.org/2018/03/18/reminder-the-black.html","date_published":"2018-03-18T23:59:00+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-03-18 23:59","date_timestamp":1521417540,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":false,"is_mention":false,"note":"","syndication":[]}},{"id":"410249","content_html":"<p>Black Hat Submission Advice: <a href=\"http://flaked.sockpuppet.org/2018/03/18/black-hat-submission.html\">flaked.sockpuppet.org</a></p>","summary":"","url":"http://flaked.sockpuppet.org/2018/03/18/black-hat-submission.html","date_published":"2018-03-18T23:31:00+00:00","author":{"name":"Thomas H. Ptacek","url":"http://sockpuppet.org","avatar":"https://cdn.micro.blog/photos/96/https%3A%2F%2Fwww.gravatar.com%2Favatar%2F67443e4a0128865221ebdff74aad6376%3Fs%3D96%26d%3Dhttps%253A%252F%252Fmicro.blog%252Fimages%252Fblank_avatar.png","_microblog":{"username":"tqbf"}},"_microblog":{"date_relative":"2018-03-18 23:31","date_timestamp":1521415860,"is_favorite":false,"is_bookmark":false,"is_deletable":false,"is_conversation":false,"is_linkpost":true,"is_mention":false,"note":"","syndication":[]}}]}