Nick Sullivan (@grittygrease) / X

Nick Sullivan

7,522 posts

Nick Sullivan

@grittygrease

Internet Architecture Board Bluesky: nicksullivan.org

NYC

Joined August 2010

Nick Sullivan
@grittygrease
Jan 4, 2024
Fun fact: I wasn’t supposed to be in this video. I was just walking into work one day, saw Tom Scott in the lobby and asked “Aren’t you Tom Scott from YouTube?” and he interviewed me. The camera is digital, but I grew up in the 80s so I reflexively used the term “videotape” 😅
Trung Phan
@TrungTPhan
Jan 4, 2024
Tom Scott retired his legendary YouTube channel after 10 years. A favourite lesson: For encryption, Cloudflare uses a camera to videotape a wall of Lava Lamps. Then turns footage into a “stream of random unpredictable bytes” to make encryption keys for traffic on its network.
00:00
508K
Nick Sullivan
@grittygrease
Aug 12, 2018
Thread. I was recently privy to a conversation in which some really smart people in security shared their favorite papers or articles. Security engineering, like other disciplines, has a rich history worth learning from. I'm going to list some of these papers in this thread.
Nick Sullivan
@grittygrease
Aug 11, 2018
It’s here! 🎉🎉🎉 RFC 8446: TLS 1.3 rfc-editor.org/rfc/rfc8446.txt Also, I wrote a blog post about the topic:
blog.cloudflare.com
A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)
TLS 1.3 (RFC 8446) was published today. This article provides a deep dive into the changes introduced in TLS 1.3 and its impact on the future of internet security.
Nick Sullivan
@grittygrease
Sep 6, 2019
DNS-over-HTTPS will be rolled out by default in Firefox for U.S. users starting at the end of September 2019. Firefox will default to using Cloudflare's 1.1.1.1 at first, but that may change if other resolvers adopt a comparably strong privacy policy.
What’s next in making Encrypted DNS-over-HTTPS the Default – Future Releases
From blog.mozilla.org
Nick Sullivan
@grittygrease
Jul 10, 2023
Personal news! Today marked a significant milestone for me. Ten years ago yesterday, I embarked on an incredible journey with a scrappy San Francisco startup. Now, @Cloudflare is a global powerhouse, and I am turning the page and announcing my departure. Over the past decade,
201K
Nick Sullivan
@grittygrease
Jun 21, 2019
This is huge! Cloudflare now offers a global NTP service at time.cloudflare.com. It supports NTP and authenticated time via the new Network Time Security (NTS) spec. Authentication keys are established over TLS 1.3 on port 1234. blog.cloudflare.com/secure-time/
Nick Sullivan
@grittygrease
Jan 24, 2019
Facebook lets you know which advertisers uploaded a contact list with your info. The next time you see an ad, follow this sequence: Why am I seeing this ad-> Manage your ad preferences-> Advertisers-> Advertisers who uploaded a contact list with your info How big is your list?
Nick Sullivan
@grittygrease
Feb 24, 2020
TLS 1.3 just passed TLS 1.2 as the most common encryption protocol for requests to the Cloudflare network.
Nick Sullivan
@grittygrease
Oct 20, 2018
DNS Queries over HTTPS (DoH) is now RFC 8484. This is a big step forward for DNS security. rfc-editor.org/rfc/rfc8484.txt
Nick Sullivan
@grittygrease
Apr 6, 2018
The 1.1.1.1 resolver now supports a new protocol: DNS over Twitter! Just send your queries to @1111Resolver. We’re also working on even more interesting ways to access the DNS. Watch this space. #1dot1dot1dot1
Nick Sullivan
@grittygrease
May 3, 2016
How we generate the 64bits of entropy for the new @CloudFlare Origin CA #lavarand.
Nick Sullivan
@grittygrease
Sep 29, 2023
Encrypted Client Hello (ECH) is a new proposed standard that improves encryption and metadata protection for connections online that use TLS for security. After years of testing and refinement, it's finally happening. Chrome has been testing ECH for months, and is now enabling
98K
Nick Sullivan
@grittygrease
Feb 23, 2017
Cloudflare had a bug. A bad one. In the spirit of transparency we've shared all the details.
blog.cloudflare.com
Incident report on memory leak caused by Cloudflare parser bug
Last Friday, Tavis Ormandy from Google’s Project Zero contacted Cloudflare to report a security problem with our edge servers. He was seeing corrupted web pages being returned by some HTTP requests...
Nick Sullivan
@grittygrease
Sep 11, 2018
Guess what happened today? TLS 1.3 surpassed TLS 1.0 as the second-most common version of TLS seen by Cloudflare. #tls13