Olivia
Online
Emily Stark
@estark37
Trustworthy ๐ transport ๐ for Chrome. HTTPS, certs, encryption, security UX, software eng & mgmt. @estark.bsky.social. Opinions are my own. she/her
San Francisco Bay Area
Joined November 2010
886 Following
10.1K Followers
3.4K Posts
I'm not checking this hellscape much anymore. Find me on ๐ฆ (estark at bsky dot social)
A proposed CA/Browser Forum ballot would radically shorten the max validity period of #TLS certificates over the next few years https://t.co/ZVaMxJ7Ddi
Who to follow
Feisty Duck
@feistyduck
The place for TLS and PKI education. Publishers of Bulletproof TLS and PKI. Authors of Practical TLS and PKI training. Cryptography & Security Newsletter.
Thomas H. Ptacek
@tqbf
Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
Tavis Ormandy 
@taviso
I'm also @[email protected]
@musalbas @distractedm1nd @ekr____ @taoeffect This was how the initial deployment of CT worked, but is no longer true for Chrome. SCTs are audited probabilistically.
@distractedm1nd @ekr____ @taoeffect And the way Chrome has implemented SCT auditing means that all Chrome clients "see" the same tree head; in other words, a log can't target individual Chrome clients with a split-view.
@distractedm1nd @ekr____ @taoeffect I'm not going to dispute that CT has nuanced security guarantees (https://t.co/wpa0fdZ0UL), but the tweet you quoted is pointing out that there are, in fact, deployed forms of gossip in the wild. Also doesn't seem fair to ignore that Chrome does do (probabilistic) SCT auditing.
@prdonahue @thedanigrant @GrantSlatton @ptrschmdtnlsn It's sometimes more trouble than it's worth for us to do non-deterministic behavior like this because it can be confusing/hard to debug. (user reports cert error, site operator can't reproduce)
@prdonahue @thedanigrant @GrantSlatton @ptrschmdtnlsn I don't think we (on Chrome at least) have considered this for upcoming expired certs, but I think Google has done it for some server-side cert changes.
@benadida The DRM angle is that it creates an ecosystem in which users are limited in the software and hardware they can use to create/edit content. You can strip off the metadata, sure, but then your content is no longer "legitimate". It's not literally DRM, but spiritually similar IMO.
@benadida ... contains much less fraught solutions if the goal is for skilled analysts (rather than the mass consumer user base) to be able to distinguish. Like even just having the metadata in the image but not displaying it to end users would be preferable IMO.
@benadida ... resources should go into flagging mis/disinformation, and/or giving nuanced context around questionable content, rather than affirmative indicators.
@benadida I really try not to shoot things down without presenting an alternative, which I don't have. But I vaguely feel that technology is putting the cart way before the horse, solutions must be customized to the UI and user base of each social media platform, and the bulk of the...
It's a common misconception that we need to move from AES-128 to AES-256 to counter quantum attack. In this great talk @sejaques explains why, and shows a few new arguments why Grover's algorithm is even less practical than we already understood it to be. https://t.co/KZnHCnid6w
Update: flights grounded due to an โIT issueโ so I might, in fact, just be living in SFO forever, Crowdstrike-style
I will be at TPAC this week! Planning to attend WebAppSec, WebAuthn, various breakouts, and the hallway.
Last Seen Users on Sotwe
ุขููู
ูููุดูุููุฎุฉ
ุนุจูุฑ ุงูู
ู
ุญููู ๐ฅฐ
Seen from Saudi Arabia
เธเธฒเธข เนเธชเธเธชเธธเธ
Seen from Spain
ู
ูููุฒููุฉ ุขู ุฎูููููุชูุงู
Belgique
Seen from Turkey
๐น๐๐๐ โ๐ฆ๐๐ฅ๐๐ฃ๐ฅุงูุตูุงุฏ๐นIโ๏ธ
Seen from Germany
SUKA BRONDONG
Seen from Indonesia
America Agnew ๐
SEX video 18+๐
Samiya collection ๐ณ๏ธโ๐๐ณ๏ธโโง๏ธ
Seen from United States
Pussy Licking
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers