Setting a custom FileVault (macOS FDE) passphrase

FileVault 2 is the full-disk encryption system of macOS. Normally, it's turned on from System Preferences, and locks the disk with the passwords of all the users allowed to unlock the machine. Overloading the login/unlock/sudo password is an understandable UX simplicity choice, but makes it very hard to… »

Finding Ticketbleed

Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be affected… »

Go Time #32 - Hellogopher, whosthere?

I joined Erik St. Martin, Carlisia Pinto and Brian Ketelsen for episode #32 of the Go Time podcast to chat about Hellogopher, whosthere (, $GOPATH, TLS 1.3, Cloudflare's secret reverse proxy, and more. Go Time #32 — Hellogopher, whosthere? with Filippo Valsorda hellogopher — "just clone and make&… »

TLS 1.3 at 33c3

Nick Sullivan and I gave a talk about TLS 1.3 at 33c3, the latest Chaos Communication Congress. Here's the Fahrplan entry. We spoke about the flow of TLS 1.2 vs. TLS 1.3, how it manages to save a round trip, resumption and 0-RTT, forward secrecy and replays,… »

How to protect yourself from the WebEx extension

On Monday, Tavis Ormandy of Project Zero revealed that the Cisco WebEx Chrome extension (20M users) has a critical vulnerability. OMFG🔥 The WebEx Chrome extension has a trivial code execution vulnerability: any website could just install malware on your machine silently— Filippo Valsorda (@FiloSottile) 23… »