DNS over TLS - Thoughts and Implementation

08.09.2018, in { networking, dns, privacy }

A week or so I discovered that Android P has DNS over TLS support! It piqued my curiousity - could it finally be that DNS encryption goes mainstream?

In this post we’ll survey DNS over TLS, implement a client and share some thoughts!

Bloom Filters for the Perplexed

29.07.2017, in { algo }

Bloom filters are one of those simple and handy engineering tools that any engineer should have in their toolbox.

It is a space-efficient probabilistic data structure that represents a set and allows you to test if an element is in it.

They are really simple to construct and look like this:

The cool thing is that to achieve such space-efficiency Bloom filters allow for errors with an arbitrarily small probability!

CVE-2016-3873: Arbitrary Kernel Write in Nexus 9

13.09.2016, in { android, kernel, vuln }

Nexus 9’s kernel (tegra kernel tree) exposes a debugfs file entry that allows a privileged attacker write arbitrary values within kernel space.

The root cause is unsanitized input to the dangerous writel() function. A similar vulnerability was discovered by Marco Grassi earlier this year.

Let's Encrypt, EFF and San Francisco

25.05.2016, in { letsencrypt, life }

TLDR: Took a week off, jumped to SF to work on Let’s Encrypt with the Electronic Frontier Foundation!

Let’s Encrypt

For quite some time now I’ve been contributing code to Let’s Encrypt and more specifically Certbot. For those of you who never heard of it - Let’s Encrypt is an automated CA that securely validates domain ownership and offers FREE certificates.

CVE-2016-2437: Untrusted App to Kernel Heap Overflow

05.05.2016, in { android, kernel, vuln }

The nvhost GPU driver for the Tegra kernel contains a heap overflow in the NVHOST_IOCTL_CTRLL_MODULE_REGRDWR ioctl command. The bug results from an integer overflow that makes the kernel allocate a small heap buffer, and eventually overruns it with an attacker controllable payload. The current SELinux sepolicy allows any untrusted_app to trigger it.

Crypto Classics: Wiener's RSA Attack

18.04.2016, in { crypto, algo }

While reading on RSA I stumbled upon Dan Boneh’s Twenty Years of Attacks on the RSA Cryptosystem 1999 paper. In there, I found a trove of applied attacks against RSA; one of which, Wiener’s, employs continued fractions approximation to break RSA efficiently (under certain conditions).

The attack was interesting enough to make me want to learn about it and spread the word.

So, today we’re going to use simple math and Python to distill Wiener’s Attack :).

Bitcoin Transaction Malleability

05.11.2014, in { bitcoin, crypto }

I had the opportunity of participating in Aviv Zohar’s Advanced Bitcoin Seminar at the Hebrew University.

My task was to review Christian Decker’s article Bitcoin Transaction Malleability and MtGox [[^1]].

It was a great read, I learned a lot! :)

Blackhat Europe: Attacking /dev/urandom on Android

20.10.2014, in { android, kernel, vuln }

Our paper was accepted to both Usenix WOOT and Blackhat Europe! So Nadja and I got to go to Amsterdam :) !

We wanted to exploit CVE-2014-3100 - a stack based buffer overflow in Android’s Keystore. We needed to bypass the stack canary. Long story short, we devised probablistic attacks that enables an attacker to predict random bytes that are extracted from the underlying entropy pool of /dev/urandom during device boot, such as Keystore’s canary value.

Capabilities Playground

16.02.2013, in { test }

Latex with Katex

Given two sets $A$ and $B$ the Jacard simliarity coefficient is a commonly used indicator of the similarity the two.

$$Pr[h _{min} (A)= h _{min} (B)] = J(A,B)=\frac{|A\cap B|}{|A\cup B|}$$

Blockquotes are written like so

The individual has always had to struggle to keep from being overwhelmed by the tribe. If you try it, you will be lonely often, and sometimes frightened. But no price is too high to pay for the privilege of owning yourself.

Nietzsche.

They can span multiple paragraphs, if you like.