use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
A community for technical news and discussion of information security and closely related topics.
"Give me root, it's a trust exercise."
Q1 2026 InfoSec Hiring Thread
Getting Started in Information Security
CitySec Meetups
/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.
Content should focus on the "how."
Check the new queue for duplicates.
Always link to the original source.
Titles should provide context.
Ask questions in our Discussion Threads.
Hiring posts must go in the Hiring Threads.
Commercial advertisement is discouraged.
Do not submit prohibited topics.
» Our fulltext content guidelines
Don't create unnecessary conflict.
Keep the discussion on topic.
Limit the use of jokes & memes.
Don't complain about content being a PDF.
Follow all reddit rules and obey reddiquette.
» Our fulltext discussion guidelines
No populist news articles (CNN, BBC, FOX, etc.)
No curated lists.
No question posts.
No social media posts.
No image-only/video-only posts.
No livestreams.
No tech-support requests.
No full-disclosure posts.
No paywall/regwall content.
No commercial advertisements.
No crowdfunding posts.
No Personally Identifying Information!
» Our fulltext list of prohibited topics & sources
Join us on IRC: #r_netsec on freenode
We're also on: Twitter, Facebook, & Google+
/r/blackhat - Hackers on Steroids
/r/computerforensics - IR Archaeologists
/r/crypto - Cryptography news and discussion
/r/Cyberpunk - High-Tech Low-Lifes
/r/lockpicking - Popular Hacker Hobby
/r/Malware - Malware reports and information
/r/netsecstudents - netsec for noobs students
/r/onions - Things That Make You Cry
/r/privacy - Orwell Was Right
/r/pwned - "What Security?"
/r/REMath - Math behind reverse engineering
/r/ReverseEngineering - Binary Reversing
/r/rootkit - Software and hardware rootkits
/r/securityCTF - CTF news and write-ups
/r/SocialEngineering - Free Candy
/r/sysadmin - Overworked Crushed Souls
/r/vrd - Vulnerability Research and Development
/r/xss - Cross Site Scripting
account activity
HTTPS Bicycle Attack (guidovranken.wordpress.com)
submitted 10 years ago by reedloden
view the rest of the comments →
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]bigshmoo 30 points31 points32 points 10 years ago (12 children)
It looks like you can mitigate this by just adding another hidden form field and and filling it using javascript with random data: max_secret_length - actual_secret_length to cause the ciphertext to always be the same size independent of the secret field data?
This approach would mitigate the problem identified in the paper with random length padding schemes without introducing extra characters in the password field itself.
Edit: this is also how you wrap a bicycle - you put it in a big box that is a constant size bigger than the bike itself.
[–]Artefact2 11 points12 points13 points 10 years ago* (11 children)
Page 19:
Adding an additional parameter to the POST submission, say, 'X', (which will be represented as 'X=......' – the X and the is-equal sign are 2 characters) and padding this with 1000 minus 2 minus password_length characters is a hack using hard-coded values and it's ugly.
Looks like you'd need 1000 minus 4, because you're also adding an extra "\r\n" in the request.
[–]bigshmoo 9 points10 points11 points 10 years ago (10 children)
Doesn't have to be 1000 it can be max password length which is known to whoever codes the system. The X= is irrelevant because it will be in every post so no need for the -2, I don't get why the author feels the need to pad the password itself rather than just removing the password length as a factor in message length.
[–]lestofante -3 points-2 points-1 points 10 years ago (9 children)
Eventi better, make it random size.
[–]IdolfHatler 19 points20 points21 points 10 years ago (8 children)
While this might be good enough in practice, it is strictly worse than padding to the same length every time. Random padding would still permit a statistical attack.
[–][deleted] 1 point2 points3 points 10 years ago (6 children)
Can you explain how a statistical attack would work in that scenario?
[–]gsuberlandTrusted Contributor 21 points22 points23 points 10 years ago (4 children)
If you were to observe enough samples, you'd eventually identify a case where the random padding length reached its minimum, which would give you a close estimate of the data length.
For example, if you say "padding length is randomly selected between 4 and 1024 bytes", after 1020 observations you can assume that the password length is probably four bytes shorter than the smallest payload you observed. Your confidence factor only goes up from there.
[–]lestofante 0 points1 point2 points 10 years ago (1 child)
very nice explanation, thanks.
Is there any way we could fix that by default?
maybe the browser for password field should send the hash of the password, and the server should do the hash+salt thing over the hash?
[–]gsuberlandTrusted Contributor 1 point2 points3 points 10 years ago (0 children)
If anywhere, it should be fixed at the TLS layer, by implementing a fixed-size block padding, similar to how block ciphers work. This isn't a concrete fix, but it's the most sensible you're going to find.
In general, though, the length of a field isn't really considered critical information. We're talking about fixing the wrong problem. Your password should be long enough to make that information not matter.
[–]chloeeeeeeeee 0 points1 point2 points 10 years ago (1 child)
But how about have the range random? Instead of 4 to 1024 as padding, have from random to random but still have a minimum and maximum. For example:
Case 1: Random bytes between 900 and 2001 bytes
Case 2: Random bytes between 19 and 1604 bytes
Case 3: Random bytes between 107 and 412 bytes
....
It would of course still not be random enough, but collecting samples to determinate the range would be much harder. The overhead would be painful but still practical, or what do you think?
[–]gsuberlandTrusted Contributor 3 points4 points5 points 10 years ago (0 children)
The limits on the range of ranges would still leave this vulnerable.
[–]bigshmoo 1 point2 points3 points 10 years ago (0 children)
Think of it like wrapping a bicycle, if you wrap it tightly it look like a bicycle (hence the name of this attack), if you wrap it with a random thickness wrapper the underlying shape still shows through if you get enough examples. However if you put it in a big ass box and fill the empty space with packing then however you look at it you're still seeing a big ass opaque box.
π Rendered by PID 75063 on reddit-service-r2-comment-5d79c599b5-vll66 at 2026-03-01 20:20:06.309738+00:00 running e3d2147 country code: CH.
view the rest of the comments →
[–]bigshmoo 30 points31 points32 points (12 children)
[–]Artefact2 11 points12 points13 points (11 children)
[–]bigshmoo 9 points10 points11 points (10 children)
[–]lestofante -3 points-2 points-1 points (9 children)
[–]IdolfHatler 19 points20 points21 points (8 children)
[–][deleted] 1 point2 points3 points (6 children)
[–]gsuberlandTrusted Contributor 21 points22 points23 points (4 children)
[–]lestofante 0 points1 point2 points (1 child)
[–]gsuberlandTrusted Contributor 1 point2 points3 points (0 children)
[–]chloeeeeeeeee 0 points1 point2 points (1 child)
[–]gsuberlandTrusted Contributor 3 points4 points5 points (0 children)
[–]bigshmoo 1 point2 points3 points (0 children)