Saturday, August 06, 2016

Protect yourself against the HEIST + BREACH vulnerability

The new HEIST vulnerability demonstrated at Black Hat this week  makes it possible to use BREACH and/or CRIME vulnerabilities to decode HTTPS traffic (or HTTP/2) without the hacker having a man-in-the-middle position.

[EDIT: Just to be clear, This will not protect against all instances of the HEIST attack, but as it disables BREACH, it protects against the specific technique of combining HEIST and BREACH]

CRIME requires TLS compression which was dropped by most products that supported it in 2012. BREACH requires HTTP compression within the HTTPS session, which they manipulate to determine the plaintext contents of the encrypted message.

Many web site admins have been shutting off HTTP compression on encrypted sites for a while, but you cannot trust that everyone else is as diligent, so a browser based approach is best for protecting your own info.

In order for compression to work the browser and the server both need to support it, so the server relies on a request from the browser.

To prevent Google Chrome from requesting compressed pages it is required to modify the Accept-Encoding request header. There is a plugin for Google Chrome called ModHeader that will allow you to do that. simply install ModHeader and insert an entry for Accept-Encoding with a blank value as shown below:

Inline image 1

You can test this at the following site:

The drawback to turning HTTP compression off is that sites that do use compression (which is still perfectly safe for non-encrypted sites as there are no secrets to be revealed) will load up a little bit more slowly as the GZIP or Deflate compression can decrease size of sites by about 60%

Friday, August 05, 2016

Speeding up Windows 10

Windows 10 can feel a little sluggish if you have been using a fairly peppy system under Win 7 or 8.1

Here are a few things you can do to make it feel less sluggish.

first click on the notifications icon in the taskbar

Now click the "All Settings" button

I know, it's not the most intuitive place to look, but click on "Ease of Access"

Now click "Other Options"

At the top you will see this switch for play animations in Windows... turn it off.
Your start menu will come up as soon as you click it now, instead of feeling like the computer needs to wake up from it's nap first.

Now there is another place where animations that are not really necessary can be switched off. This is pretty much mandatory for old systems that have been upgraded to Win 10.

open up the System Control Panel (from the old control panel, not the new metro/modern system)
Click on "Advanced System Settings"

Click the first "Settings" button under Performance

Uncheck any animation features you don't care about.

Now this one is something I've done for every Windows install for ages, but not everyone knows it:
While you are in here, click the "Advanced" tab and click the "Change" button

Windows by default will have Automatically manage paging file checked, uncheck that box.
Now look at the recommended size near the bottom of this window, that will be different for your computer than it is for mine, but highlight one of your drives and enter the recommended amount of virtual memory (AKA page file, swap) space in both the initial size and maximum size.

Here you can see that I had a largish virtual memory space on my F: drive previously, but I have also added some space in the recommended amount to my C: drive. C: is only a 128GB SSD, so I had put this swap space on F: (a standard laptop HDD) initially, and that was fine, but putting some swap on the SSD really perked it up. I had to move the C:/Windows/Installer folder to one of my other drives to make some room (a lot of room) on C: to make this even possible.

If you have additional tips add them to the comments.