Filippo Valsorda

Filippo Valsorda (@FiloSottile) is a cryptography engineer building and breaking systems in Go. Previously at Cloudflare, he developed its experimental TLS 1.3 stack and kicked DNSSEC until it became something deployable. Nevertheless, he's probably best known for making popular online vulnerability tests, including the original Heartbleed test.

Infos

Event(s):
34. Chaos Communication Congress, 33. Chaos Communication Congress, 32. Chaos Communication Congress
Language(s):
English
Track(s):
Security
Links:
Hi
Speakerdeck
Twitter
Blog

<h2>Recent presentations</h2> <ul><li>33c3: "Deploying TLS 1.3"</li> <li>GopherCon 2017: "Encrypting the Internet with Go"</li> <li>32c3: "The plain simple reality of entropy"</li> <li>HOPE XI: "Stealing Bitcoin with math"</li> <li>HITB2015AMS: "Non-Hidden Hidden Services Considered Harmful: Attacks and Detection"</li> <li>HITB2014KUL: "Exploiting ECDSA failures in the Bitcoin blockchain"</li></ul> <p>And <a href="https://blog.filippo.io/hi/#howwemighthavemet">more</a>.</p> <h2>What you might have read</h2> <ul><li><a href="https://blog.filippo.io/rustgo/">rustgo: calling Rust from Go with near-zero overhead</a></li><li><a href="https://blog.filippo.io/finding-ticketbleed/">Finding Ticketbleed (CVE-2016-9244)</a></li><li><a href="https://blog.filippo.io/giving-up-on-long-term-pgp/">I'm giving up on PGP</a></li><li><a href="https://blog.filippo.io/securing-a-travel-iphone/">Securing a travel iPhone</a></li><li><a href="https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/">Yet Another Padding Oracle in OpenSSL CBC Ciphersuites</a></li><li><a href="https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/">Bleichenbacher'06 signature forgery in python-rsa (CVE-2016-1494)</a></li></ul> <p>And <a href="https://blog.filippo.io/hi/#whatyoumighthaveread">more</a>.</p>

Statistics

English
134.8 wpm
731.5 spm
keypointservertimetlssessionclientpoolbitticketconnectionaddhashdatapointsrandomtimes1.3attacksendthingbugprivatebreaksdoublekeysnumber1.2decryptworkbitseventsexactlybytesunpredictablecodefindentropyearlycsprngmessageresultcarryexamplecalloutputattackerpskhello/dev/urandom
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%