bearblog

Defective by Design: Reflected Attacks on Email Privacy using DMARC

Email privacy is dead, confirmed for the umpteenth time. In this post I present the SOILED-PRIVACY attacks (Systemic Online Information Leakage using Email+DMARC against Privacy). These are two reflected attacks against email infrastructure allowing an attacker to access private knowledge about a target user, transparent to mail forwarding, mailing lists, and web services.

Wayland is Almost There

I finally break down and install wayland on my desktop at home, using sway to replace i3. Things go OK, mostly.

All posts on bearblog are licensed as CC-BY.