Does TLS 1.3 mitigate the BREACH vulnerability?

Section 5.4 of the TLS 1.3 specification describes record padding.

One of the mitigations for BREACH is to add random padding.

Therefore, I’m wondering:

  1. Does TLS 1.3 require random record padding? I’m also unclear on if this padding is optional or required, and if it is always random.
  2. If TLS 1.3 random record padding is done, am I correct in thinking that it does mitigate BREACH?

Assuming both of those questions are answered affirmatively, I believe that would mean that any site that uses TLS 1.3 (and supports no earlier version of SSL/TLS) would not be vulnerable to BREACH.

How can one mitigate both DOS attacks and online brute force attacks at the same time?

I was recently reading this question, where the accepted answer claims that it is easy for attackers to bypass rate limiting that is based on IP, which makes any sort of IP rate limiting to prevent a brute force attack much less useful. But, if it is based on the account that is a victim, then it becomes very easy for an attacker to block access to a victim’s account. What is the best way to defend against both DOS attacks and online brute force attacks (and anything else that is in this same category)?

Simply sleeping for, for example, 1 second isn’t sufficient because the attacker can simply put in more requests before the first one finishes (1 second latency, but unbounded throughput, and throughput is what matters for brute force). If subsequent requests are blocked until the first one finishes, then they must be blocked per-IP or per-user, which produces the same problem.

2FA isn’t always a good solution either, because, for worse, many people fail to use it.

How to mitigate credential disclosure in man in the middle attack

I have the followin scenario and looking for a secure solution.

There is a web application, hosted on IIS. The connection is established over TLS 1.2 and is encrypted.

So the steps are

  1. Client connects to the server over ssl

  2. Client sends the username and password (as well xsrf token)

  3. The server authenticates the user and creates an encrypted cookie that will go back and forth.

Assume that we are in a corporate environment were all communication occurs via a proxy server (for example when using SSL Inspection). If the inspector is compromised (quite probable based on this) then the user is vulnurable to credential theft.

I read about the crypto binding solution, but this only secures us from the MITM to not be able to keep the connection alive after the client has stopped creating traffic.

Is there a way to secure the user’s passwords when ssl has been compromised this way?

Is there any way to mitigate crits?

When I ran a testround the tank char of the group (8 soak!) got hit by a 4 dice attack with a pistol that managed to do 9 damage and due to rolls got 2 triumphs (npc was attacking).

Now that resulted in a crit, which then took the PC out of the combat and adventure (1 strain for every action done….rolled very high for crits). What wondered me how “deadly” the system is in effectively taking chars out of combat.

Is there something I have overlooked there in terms of how a PC can mitigate a critical?

(the combat was during a breakin scene so they had no time for a complete medical healing…at max. first aid and nothing more).

how to mitigate mailsploit

if a mail sender encode his sender-adress in from: field in the smtp protocol, the mail transfer agent only check the sender after the unencoded @. in this way protection mechnisms like SPF/DKIM/DMARC are subverted.

Is there are any Mitigation againt this?

From: =?utf-8?b?$  {base64_encode('potus@whitehouse.gov')}?==?utf-8?Q?=00?==?utf-8?b?$  {base64_encode('(potus@whitehouse.gov)')}?=@mailsploit.com" 

mitigate token impersonation

is there any mitigation to prevent a local administrator to impersonate other logged on user accounts by duplicate the security token?

szenario: AdminA is working on ServerA AdminB grabs SYSTEM-User rights and impersonate AdminA on ServerA so AdminB can list Network-Shares which are only accessable for AdminA in normal way.

how to prevent this type of attacks?

How can a demon mitigate the danger of Compromise when changing to demon form?

On p.43 of the Demon: The Descent manual we find:

Some demons feel much more comfortable in their demonc form, to the point that they try to arrange their lives so that they can spend some time that way every day. These demons sometimes band together to create safe spaces where the can assume their demonic forms and “let their har down” without worrying about curious humans for the God-Machine’s agents.

Given that full transformation results in a Compromise roll at -3 dice, how can a demon change fully every day without Compromise? Are there ways that PC’s can mitigate this roll?

LUKS mitigate brute force attacks even if salt parameter is know?

From What users should know about Full Disk Encryption based on LUKS

In Linux world, LUKS implementations are based on cryptsetup and dm-crypt.  In  order  to  mitigate  the  problem  of  brute  force  attacks based  on  weak  user  passwords,  LUKS  combined  the  ideas  of  salt and key derivation function (i.e., PBKDF2). Because salt parameter is known and user password may be guessed, we focus on iteration counts and their ability to slow down a brute force attack as much as possible 

I can’t understand how can the usage of salt (when it is known as in this case) mitigate brute force attacks ? What am I missing ?