Hacker News Comments on
DEF CON 25 - Hanno Bõck - Abusing Certificate Transparency Logs
DEFCONConference
·
Youtube
·
1
HN comments
HN Theater has aggregated all Hacker News stories and comments that mention DEFCONConference's video "DEF CON 25 - Hanno Bõck - Abusing Certificate Transparency Logs".
Youtube Summary
HN Theater Rankings
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.
⬐
Interesting timing, considering the talk [0] on this very topic just uploaded to YouTube yesterday morning from DefCon 25. Basically, this is offering his observation (CTL can be used to get a real-time list of new domain names, which can be exploited), as a service.Seems like Hanno Bõck could at least use a shout out if it was related to his work.
Either way, the talk is worth a watch.
[0] https://www.youtube.com/watch?v=TMNeSnjZfCI&list=PL9fPq3eQfa...
⬐ zer01Interesting! I haven't been able to attend Defcon in the past few years so I haven't seen that talk (or heard of his research), but it's something I've thought about for a while now - using CTLs as a means to jump into the early process of setting up webapps and whatnot.Thanks for the video!
⬐ tty7Shout out isnt needed, i did the same thing as Hanno over a weekend early this year. Been kicking myself since defcon that i didn't submit a talk!Anyone who reads the certificate transparency log rfc can quickly realize whats possible.
I've also been following calidog since his first medium post, ive got my own similar cert scanner/tracker.