Shows
ThinkstScapesThinkstScapes Research Roundup - Q2 - 2025ThinkstScapes Q2’25Networking is always trickyBeyond the Horizon: Uncovering Hosts and Services Behind Misconfigured FirewallsQing Deng, Juefei Pu, Zhaowei Tan, Zhiyun Qian, and Srikanth V. Krishnamurthy[Paper]0.0.0.0 Day: Exploiting Localhost APIs From The BrowserAvi Lumelsky and Gal Elbaz[Blog post] [Video]Local Mess: Covert Web-to-App Tracking via Localhost on AndroidAniketh Girish, Gunes Acar, Narseo Vallina-Rodriguez, Nipuna Weerasekara, and Tim Vlummens[Website]Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-LayerNiklas Ni...
2025-08-0434 min
Sterbewelten - der HospizpodcastHospiz und junge MenschenIm Gespräch mit Trixi und Robert Merget
Das Ehepaar Trixi und Robert arbeiten seit über 10 Jahren ehrenamtlich in der Begleitung von Schwerkranken und Sterbenden und ihren Angehörigen.Gleichzeitig geben sie ihre Erfahrungen auch an junge Menschen in Schule und Gemeinde weiter. Das bundesweite Projekt „Hospiz macht Schule“ gab den Anstoss, der Christophorus Hospiz Verein fördert nun den Austausch mit Schulen und Kirchengemeinden, indem v.a. ehrenamtliche Hospizhelfer*innen entweder Jugendliche im Christophorus-Haus begrüßen oder auch direkt vor Ort in die Schulen gehen. Sie erzählen von ihren Erlebnissen und einem anderen Umgehen mit Sterben, Tod und Trauer...
2024-02-1529 minThinkstScapesThinkstScapes Research Roundup - Q3 - 2022Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things DevicesDilawer Ahmed, Anupam Das, and Fareed Zaffar[Code] [Paper]Watching the Watchers: Practical Video Identification Attack in LTE NetworksSangwook Bae, Mincheol Son, Dongkwan Kim, CheolJun Park, Jiho Lee, Sooel Son, and Yongdae Kim[Website] [Paper] [Video]Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side ChannelHenrique Teles Maia, Chang Xiao, Dingzeyu Li, Eitan Grinspun, and Changxi Zheng[Slides] [Paper]LTrack: Stealthy Tracking...
2022-11-0431 min
Cryptography FMEpisode 19: Cross-Protocol Attacks on TLS with ALPACA!TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols.
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks...
2021-07-1241 min
Adventures in DevOpsDevOps 053: When Raccoons Attack! with Robert MergetIn this episode of Adventures in DevOps, the panel is joined by Robert Merget, a PhD student at Ruhr-University Bochum and Maintainer of TLS-Attacker. He joins us to talk about Racoon Attack, a timing vulnerability in the TLS specification that affects HTTPS and other services that rely on SSL and TLS. He will walk us through how it works, and what you should do to protect your organization.PanelJoe StevensJeffrey GromanHenry JewkesCharles Max WoodGuestRobert Merget
2020-10-2735 min