Security Is A Political Problem
Security is ultimately a political problem that may have technical solutions. It's because we can always risk it and hope for the best. Observe a climber, solving the technical problem of ascending after a political decision of taking this route.
Let’s deploy JA4. A tutorial for a HAProxy deployment and a proof-of-concept of PCAP collection and then parsing in Python.
The internet is full of bots and some aren't nice (DDoS, scraping, exploits, AI..). To block bots, we must identify them in the traffic. That's hard as some pretend to be human/browsers! Let's explore JA3/JA4 hashes, fingerprinting the TLS handshake.
Internet traffic is mostly encrypted - one SNI extension still causes trouble. Encrypted Client Hello aims to fix this for a price of dependency on big tech. Is this the way?
I've created a newsletter app as a competition entry (didn't win). Here's the writeup. Uses AI to report on AI!