Hanno Böck

Hanno is a freelance writer and IT security professional. He has discovered high profile TLS vulnerabilities in the past, including the ROBOT attack and flaws in TLS GCM implementations. He is the author of the monthly Bulletproof TLS Newsletter..


URLs for Hanno Böck

No URLs found.


Events for Hanno Böck

Many protocols, including the email protocols SMTP, POP3 and IMAP, allow two ways to use TLS: An implicit mode on a dedicated port and a mechanism called STARTTLS that upgrades plain text connections to TLS.

The STARTTLS mechanism is incredibly fragile and almost by default leads to vulnerable implementations. In 2011 Wietse Venema discovered a flaw in Postfix that allowed a man in the middle attacker to inject commands into an encrypted connection [1].

We discovered that the f… Read more


Schedule:

  • Saturday, Aug 15th, 2020, 16:00 (CEST) - Saturday, Aug 15th, 2020, 17:00 (CEST)