Anybody from my followers working for Fastly (or knows anyone) who can help us with some TLS analyses? Thank you!

It is really ridiculous that disclosing crypto vulnerabilities is so hard nowadays. We can practically decrypt Fastly TLS sessions, and they ignore/misunderstand our disclosure for 2 months. Is that really so hard to understand TLS if you are a large CDN???

The latest version of Intra has more robust protection against SNI attacks, unblocking more sites in more places, without the need for a VPN! It's working very well in Iran for Youtube, Reddit and other sites. Check out getintra.org and help spread the word!

Last week, Russia started blocking the Encrypted Client Hello(ECH). This prevents Russian internet users from utilizing ECH for censorship circumvention. It also blocks otherwise uncensored websites such as SteamDB. I wrote a short summarizing blog post: jonsnowwhite.github.io/page/posts/202…

Great presentations by all four #ACSAC2024 Cybersecurity Artifacts Impact Award finalists! 👏👏👏 A difficult decision for the jury indeed!

Congrats to Fabian Bäumer, Marcus Brinkmann, Nurullah Erinola, Sven Hebrok, Nico Heitmann, Felix Lange, Marcel Maehren, Robert Merget, Niklas Niere, Maximilian Radoy, Conrad Schmidt, Jörg Schwenk, Juraj Somorovsky on the 2nd #ACSAC2024 Cybersecurity Artifacts Impact Award 👏👏👏

China advanced its QUIC censorship. The GFW now decrypts QUIC Initial packets and extracts the hostname from the SNI extension—similar to its censorship of TLS over TCP. My colleague details our findings in our new blog post: upb-syssec.github.io/blog/2025/quic…

🚨 Our S&P’25 paper reveals rising regional censorship in China. In addition to the national Great Firewall, Henan province runs its own firewall. Though less sophisticated, it’s more volatile and aggressive—once blocking 10× more domains than the GFW. 👉 gfw.report/publications/s…