Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Calm Down: HTTPS Is Not a VPN

OWASP Foundation via YouTube

Start learning Write review
GetSmarter Ad

MIT Sloan AI Adoption: Build a Playbook That Drives Real Business ROI

Learn More → Coursera Ad

AI, Data Science & Cloud Certificates from Google, IBM & Meta

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the limitations and misconceptions surrounding HTTPS in this 46-minute conference talk from AppSecEU 2016 in Rome. Delve into topics such as packet capture, OCSP, TLS exceptions, fingerprinting techniques, and privacy concerns related to HTTPS implementation. Gain insights into why HTTPS is not equivalent to a VPN and understand its implications for web security and user privacy across various platforms, including Android.

Syllabus

Intro
Welcome
About Dirk
Motivation
What if
HTTPS
HTTP
Why HTTPS is nonsense
Packet capture
Clearing
OCSP
Fingerprinting
TLS Exceptions
TLS fingerprinting
Client Hello
Client Time Off
Packets
Application Data
Website fingerprinting
trackers
security
Android
Conclusion
Privacy

Taught by

OWASP Foundation

Reviews

Start your review of Calm Down: HTTPS Is Not a VPN

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.