Author Archives: Christian Huitema

About Christian Huitema

I have been developing Internet protocols and applications for about 30 years. I love to see how the Internet has grown and the applications it enabled. Let's keep it open!

Cracking the SNI encryption nut

Back in May and June this year, I was reviewing the state of SNI encryption. I found in reviewing the archives of the TLS mailing list. I collected the list of attacks that demonstrated holes in previous proposals, and documented … Continue reading

Posted in Uncategorized | Leave a comment

Newspapers, subscriptions, and privacy

Quite often now, when I click on a link to a news article, I am greeted by a message explaining that I will not be able to see it. In some cases, the news site asks me to please turn … Continue reading

Posted in Uncategorized | Leave a comment

Privacy’s Reductio Ad Absurdum

For Internet Privacy advocates like me, the recent vote by Congress to authorize ISP to sell customer information is disheartening. But it is also a proof that the current attacks on privacy in the Internet are not sustainable, a “reduction … Continue reading

Posted in Uncategorized | Leave a comment

Two wins for Internet Privacy on the same day

Today, the 17th of May 2016, the IETF Editor published RFC 7844, an Anonymity Profile for DHCPv4 and DHCPv6 clients, and RFC 7858, transmission of DNS requests over TLS. These two RFC can close two important avenues for leaking metadata … Continue reading

Posted in Uncategorized | 2 Comments

MAC Address Randomization in Windows 10

As you may know, I care a lot about Internet privacy. The main tool for privacy is encryption, hiding your communications from potential spies. But that’s not enough. We also need to deal with web privacy, the tracking of your … Continue reading

Posted in Uncategorized | Leave a comment

The Quest for Internet Privacy

Two years have passed since the Snowden revelations, and almost two years since the IETF meeting in Vancouver. There was a palpable sense of urgency in the meeting, with more than a few hints of anger, as you can see … Continue reading

Posted in Uncategorized | Leave a comment

Hiding a Wi-Fi network is worse than Security Theater

Last month, I spent a lot of time looking at Wi-Fi protocols, and in particular at the privacy implications of Wi-Fi on mobile devices. The main privacy issue with Wi-Fi the use of “worldwide unique” MAC addresses, which enable really … Continue reading

Posted in Uncategorized | 13 Comments