Profile

Cover photo
Tim Ehrhart
Works at F. Hoffmann-La Roche Ltd
Attended University of Maryland University College
Lives in Basel, Switzerland
87 followers|400,273 views
AboutPostsPhotos+1'sReviews

Stream

Tim Ehrhart

Shared publicly  - 
 
Intercepting SSL and more with WPAD
This morning I read Sniffing HTTPS URLS with malicious PAC files   by Alex Chapman and Paul Stone. It's an excellent summary of a key problem with PAC files, mainly that its a JavaScript file delivered by HTTP with well-known techniques to push to unsuspect...
1
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
Intercepting SSL and more with WPAD
This morning I read Sniffing HTTPS URLS with malicious PAC files   by Alex Chapman and Paul Stone. It's an excellent summary of a key problem with PAC files, mainly that its a JavaScript file delivered by HTTP with well-known techniques to push to unsuspect...
1
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
Detecting Surreptitious Drive Access
Many years ago someone told me that there was no way to detect the surreptitious imaging of a hard drive. This idea is reinforced in forensics classes that remind you to use a write-blocker during imaging to guarantee that nothing is changed on the drive. I...
5
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
Our shrine to Android. I don't think anyone's going to ask my team to do ice sculptures at weddings or parties...
2
Jeff Schuelein's profile photoAmy Sanker's profile photo
2 comments
 
Rough gig  you got there :)
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
A few months ago I stumbled upon an excellent write-up explaining the details of NETNTLM (NTLMv1 Challenge Response) authentication. It's an interesting design, and two things jumped out at me right away: the use of a symmetr...
2
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
+Chris John Riley releases a vulnerability in Privoxy, similar to my own research on abusing the HTTP 407 response, except using basic authentication rather than NTLM.
Privoxy Proxy Authentication Credential Exposure Product : Privoxy Project Homepage : privoxy.org Advisory ID : c22-2013-01 Vulnerable Version(s) : 3.0.20 (and possibly prior) Tested Version : 3.0.20-1 (tested using Debian Sid) Vendor Notification : March 6, 2013 Public Disclosure : March 11, 2013 Vulnerability Type : Insufficiently Protected Credentials [CWE-522] CVE Reference : CVE-2013-2503 Risk Level : Medium CVSSv2 Base Score : 4.3 (AV:N/AC:...
1
Sarah Newcomer's profile photo
 
Normal people like me have no idea what your talking about...:P
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
After reading a nice write-up by contextis.com on using WPAD and PAC files to collect SSL URLs, I'm releasing a tool I previously wrote for this exact attack and more.
2
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
"Topic Modeling FOIA Data" http://www.harvest.ai/blog/2015/10/12/topicmodelingfoiadata #security #feedly

Neat application of machine learning. 
Today we're going to look at an example of how we can apply Machine Learning- specifically how Natural Language Processing can be applied to massively extend our ability to understand and interact with large sets of data. Over the past months, the State Department released 5 dumps of over 50,000 pages of emails from Hillary Clinton's non-official email server under the Freedom of Information Act. There is a tremendous amount of inter...
2
Add a comment...

Tim Ehrhart

Shared publicly  - 
5
Jeff Schuelein's profile photo
 
Just don't lick the toad :)
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
Efficient use of packaging. One box for one cable. 
4
Cory Marchand's profile photo
 
It looks, ya know, fragile enough....
Add a comment...

Tim Ehrhart

Shared publicly  - 
 
Let's play "guess what that sign means". I suggest: Don't walk or ride here, or else the gate will beat you down. 
5
Juan Miguel Paredes's profile photoTimothy Ehrhart III's profile photoTim Ehrhart's profile photo
4 comments
 
And the above comments are an example of why not to give a smart phone to a three year old. :-)
Add a comment...
Story
Tagline
[Network|Computer|Cyber|Buzzword of the day] security dude
Education
  • University of Maryland University College
    Computer Studies
Work
Occupation
Problem Solver
Employment
  • F. Hoffmann-La Roche Ltd
    Senior Security Analyst, 2013 - present
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Basel, Switzerland
Previously
Heidelberg, Germany - Honolulu, Hawaii - Lancaster, Pennsylvania - Skopje, Macedonia - Atlanta, Georgia
Tim Ehrhart's +1's are the things they like, agree with, or want to recommend.
Mint.com Personal Finance
market.android.com

ACCOLADES * Google Play: "Best Apps of 2012" * CNN Money: “6 Best Banking & Budget Apps” (2012) * Kiplinger’s: “Best Online Money-Management

Computer Science 101
www.cs101-class.org

Computer Science 101 is a free online class taught by Nick Parlante of Stanford University

Electronic Frontier Foundation
plus.google.com

Defending your civil liberties in a digital world.

Google's Python Class - Google's Python Class - Google Code
code.google.com

Google's Python Class. Google Code University › Programming Languages. Welcome to Google's Python Class -- this is a free class for

Chrome Multitask Mode
www.google.com

Chrome Multitask Mode lets you browse the web with multiple mice at the same time, so you can get more done, clickety-split.

Project Glass
plus.google.com

Thoughts, designs, and stories.

RaiderSec: Introducing dumpmon: A Twitter-bot that Monitors Paste-Sites ...
raidersec.blogspot.com

TL;DR I created a Twitter-bot which monitors multiple paste sites for different types of content (account/database dumps, network device con

Google Online Security Blog: Google Public DNS Now Supports DNSSEC Valid...
googleonlinesecurity.blogspot.com

Tuesday, March 19, 2013 8:30 AM. Posted by Yunhong Gu, Team Lead, Google Public DNS We launched Google Public DNS three years ago to help ma

About the Security Content of OS X Mountain Lion v10.8.3 - F-Secure Webl...
www.f-secure.com

F-Secure Security Labs brings you the latest online security news from around the world. Ensure that you are up-to-date with the latest onli

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
blog.c22.cc

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Version(

An update on our war against account hijackers
googleblog.blogspot.com

Have you ever gotten a plea to wire money to a friend stranded at an international airport? An oddly written message from someone you haven'

Learning from DNS « The Day Before Zero
blog.damballa.com

Learning from DNS. Tweet · Tweet. If you step back and examine the domain names that are observed in almost any network, you could roughly c

Google Authenticator
market.android.com

Enable 2-step verification to protect your account from hijacking. Google Authenticator generates 2-step verification codes on your phone. W

Full Disclosure: multiple critical vulnerabilities in sophos products
seclists.org

Nmap Security Scanner · Intro · Ref Guide · Install Guide · Download · Changelog · Book · Docs · Security Lists · Nmap Hackers · Nmap Dev ·

Note to self: Google Authenticator + oneiric
securitynirvana.blogspot.com

install Google-Authenticator app on whatever device you prefer. Then you do this on Ubuntu 11.10 (oneric): git clone https://code.google.com

Errata Security: Common misconceptions of password cracking
erratasec.blogspot.com

After this great article on passwords at Ars Technica, I've seen some common misconceptions pop up. I thought I'd clarify them (even though

Sampan
plus.google.com

Sampan hasn't shared anything on this page with you.

ajmrtd
market.android.com

ajmrtd uses the NFC Chip of your phone to communicate with an ePassport. Please notice that we are in an early stage of developement, so do

How The TSA's Security Theater Harms Us All | Techdirt
www.techdirt.com

Security expert Bruce Schneier has been debating the former TSA boss, Kip Hawley, over at The Economist, concerning aviation security. The

Public - 3 months ago
reviewed 3 months ago
An excellent excursion for a family starting near Lucerne. Enough attractions to keep busy for one very full day, or two lighter days. Attractions suitable for small children through adults.
Public - 5 months ago
reviewed 5 months ago