tls – SNI leakage prevention with proxy

In TLS 1.2 / HTTP(S) context, plaintext target hostname could potentially leak in 3 different ways:

  • In DNS query prior to TCP/TLS/HTTPS connection.
  • In TLS handshake, ClientHello message, in SNI extension.
  • In HTTP Host header.

DNS leakage can be prevented by using e.g. DoH/DoT.
HTTP Host header leakage is prevented through TLS encryption.
This leaves us with SNI leakage to address.

Which proxy types prevent leaking plaintext SNI and how?

Please note I’m asking explicitly about proxies, not ESNI, domain fronting or other similar means.

network – Detect document leakage author

A company Y suspects an employee that he might leak sensitive data on a file sharing website and calls a company X to help. X hands over each employee a file, and later on is notified that a copy has been sent over a file sharing website. There is no record of who uploaded this file, the SHA256 of all files handed out are identical, the names appear the same but X on downloading a copy of the leaked file still works out who leaked it. How?

My own research and beliefs:

(Disclosure) I am new to networking and I try to do as much research as I can to improve my knowledge. I couldn’t find a reliable solution (for this context of leaking a file through using a file transfer protocol), or a specific methodology that this company X could have used to find the author of the leak, however I have researched some state-of-the-art techniques used nowadays that can potentially halt and learn about third party connectivity with a company.

(Research)

Different prevention techniques may be
appropriate for different data states:

  1. at rest (at the
    repository)
  2. in motion (over the network)
  3. in use (at
    the endpoint)

For in motion and in use
scenarios, the data leak prevention mechanism should be
sufficiently context aware to infer the semantics of
communication. While some solutions secure data
at rest
by restricting access to it and encrypting it, the state of
the art relies on robust policies and pattern-matching
algorithms for data leak detection. Related
academic work in data leak prevention focused on building
policies (1), developing watermarking schemes (2), and
identifying the forensic evidence for post-mortem analysis (3).

These techniques of: creating unique files for each employee and then comparing those with the leaked one, applying text clustering to corporation email communications for a period of time to identify what a normal cluster of messages looks like and trigger an alert when abnormal communications are made, seem like they miss the point of this question.

Here what I am looking for is a more networking based answer. For example, a method that would track down the leaker’s ip once it submits sensitive data on file sharing websites. Now, this might seem too general, because its difficult to map every host IP of every file sharing website and ask the corporation’s network to prevent communication with that 3rd party. And if we could do that, we could have stopped this issue altogether. I know that a lot of information is not provided in this question, like the environment where it happens or what type of ftp platforms are used by the author of the leak. Therefore, I am not necessarily looking for a solid answer, so any opinion is highly appreciated!


References

(1): N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A.
Blome, G. A. Reis, M. Vachharajani, and D. I. August, “Rifle: An
architectural framework for user-centric information-flow security,” in
Proceedings of the 37th annual IEEE/ACM International Symposium on
Microarchitecture (MICRO 37), Portland, OR, USA, 2004, pp. 243–254
(2): J. White, and D. Thompson, “Using synthetic decoys to digitally
watermark personally-identifying data and to promote data security,” in
Proceedings of the International Conference on Security and
Management (SAM 2006), June 2006, pp. 91–99.
(3): S. Lee, K. Lee, A. Savoldi, and S. Lee, “Data leak analysis in a corporate
environment,” in Proceedings of the 2009 Fourth International
Conference on Innovative Computing, Information and Control (ICICIC
’09), Las Vegas, NV, June 2009, pp. 38–43.

security – Does macOS automatically erase freed memory (to prevent leakage of information left in freed memory)?

I am involved in both macOS and Linux.

Linux automatically erases every freed memory in order to prevent leakage of information left in freed memory, and also to prevent attacks that seek or rely on information left in freed memory (e.g. uninitialized variable attacks, use-after-free attacks, reuse attacks, stack content exposures, and heap content exposures) (https://www.kernel.org/doc/html/v4.18/security/self-protection.html). I like this feature of Linux, and I am wondering if macOS has this feature as well.

  1. Does macOS automatically erase every freed memory?

  2. (Assuming #1 is positive) Since which version of MacOSX, OSX or macOS, has it been equipped with this feature of automatic erasure of freed memory?

When you answer, try to point out an official Apple document (either at developer.apple.com or support.apple.com but NOT forum.apple.com) that supports your answer.

By the way, Linux Kernel Self-Protection includes “memory poisoning”, which does more than “memory erasure”. “Memory Poisoning” fills the freed memory with a special signature in order to identify bad or corrupted memory data and warn the system when this bad data is eventually read (https://patents.google.com/patent/US20140006879A1/en).

machine learning – How to solve the Data Leakage when accuracy 1 in sklearn

enter image description here

This is my data set. While using machine learning knn classification models, I encountered the problem of accuracy being output to 1. I know this is a data leak problem, but I don’t know how to solve it. I think it’s because the features I collected are so extremely well divided that the targets are so clearly classified. In this situation, what can I do?Is there a way other than collecting additional data? Or is collecting additional data the only solution?

And when I clf.score(x_test, y_test), accuracy showed result 1.

enter image description here

To solve the problem in my own way, I looked at the correlation through heatmap. In this figure, it is strange that not all results are 1, but the result of accuracy is 1.

enter image description here

Only one line appears to be output here, probably because both train and test accuracy print 1.The lines seem to overlap.

from sklearn.model_selection import train_test_split

col = list(map(str,data.columns)) 
x = data(col(:-1)) 
print(x)

y = data(col(-1)) 
print(y)

I split the data like this.

x_train, x_test, y_train, y_test = train_test_split(x, y, test_size = 0.2)

The data segmentation then proceeded through the above code. As far as I know, I’ve heard that extremely well divided cases don’t need to use machine learning. However, for the experiment, I need to utilize these datasets and want to get a better solution.

data leakage – Laptop and Iphone security is compromised

data leakage – Laptop and Iphone security is compromised – Information Security Stack Exchange

data leakage – Over 533 millions Facebook s linked phone numbers leaked with 1 user out of 2 affected in my country. How to find out if I m affected?

data leakage – Over 533 millions Facebook s linked phone numbers leaked with 1 user out of 2 affected in my country. How to find out if I m affected? – Information Security Stack Exchange

data leakage – Over 533 millions Facebook s linked phone numbers leaked with 1 user out of 2 affected in my country. How to find out if I m affected?

The following kind of article about a data leak becoming free https://www.bleepingcomputer.com/news/security/533-million-facebook-users-phone-numbers-leaked-on-hacker-forum/ is making the headlines.

The problem is such data don t contains email addresses and isn t about account access theft. So it s not in projects like amIpwned.

So I tried to search about where that list is published in order to download it and look at the single entry I m interested in but found only other news articles on the topic.

How to check if my account along my phone number is in that list?

data leakage – Pwned by a website I never subscribed to – How do they have my e-mail address?

I searched my email addresses in https://haveibeenpwned.com/.

One of my e-mail addresses results as having been pwned, and is present in a data breach, in particular the Apollo data breach:

Apollo: In July 2018, the sales engagement startup Apollo left a
database containing billions of data points publicly exposed without a
password. The data was discovered by security researcher Vinny Troia
who subsequently sent a subset of the data containing 126 million
unique email addresses to Have I Been Pwned. The data left exposed by
Apollo was used in their “revenue acceleration platform” and included
personal information such as names and email addresses as well as
professional information including places of employment, the roles
people hold and where they’re located. Apollo stressed that the
exposed data did not include sensitive information such as passwords,
social security numbers or financial data. The Apollo website has a
contact form for those looking to get in touch with the organisation.

I have never subscribed to Apollo or given my address to Apollo.

How do they have my e-mail address in the first place?

Web scraping?

data leakage – Is uninitialized memory considered sensitive?

Consider a program that can allocate and read uninitialized memory regions, e.g. for performance reasons.

Should said program assume that those regions may contain sensitive information, or is it the previous owner of those regions responsible for writing 0s before deallocating them?

I am almost certain that it is the latter, as the former would require all uninitialized regions to be assumed to be “sensitive”, but I could not find any authoritative source on this.

DreamProxies - Cheapest USA Elite Private Proxies 100 Cheap USA Private Proxies Buy 200 Cheap USA Private Proxies 400 Best Private Proxies Cheap 1000 USA Private Proxies 2000 USA Private Proxies 5000 Cheap USA Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive.com Proxies-free.com New Proxy Lists Every Day Proxies123.com Best Quality USA Private Proxies