SlideShare a Scribd company logo
Nein, danke!
MAN IN THE MIDDLE ?
Daniel Schneller – CenterDevice GmbH
SSL – und alles ist gut™
SSL – und alles ist gut™
SSL – und alles ist gut™
…oder ?
Mac App Store
Mac App Store
Mac App Store
Und wo war nun SSL?
SSL – Chain of Trust
SSL – Chain of Trust
SSL – Chain of Trust
Root CA Certificate
SSL – Chain of Trust
Root CA Certificate
Intermediate CA Certificate(s)stellt aus
SSL – Chain of Trust
Root CA Certificate
Intermediate CA Certificate(s)
Leaf Certificate
stellt aus
stellt aus
SSL – Chain of Trust
SSL – Chain of Trust
SSL – Chain of Trust
SSL – Chain of Trust
SSL – Chain of Trust
SSL – Chain of Trust
Und wie viele
Root-CAs gibt es ?
System Roots
System Roots
System Roots
Windows 8: ~350
Mozilla: ~160
iOS 6: ~220
Man In The Middle?
Man In The Middle
[Corporate] Proxy Client
Man In The Middle
[Corporate] Proxy Client
Man In The Middle
[Corporate] Proxy Client
Man In The Middle
Website [Corporate] Proxy Client
Man In The Middle
Website [Corporate] Proxy Client
Man In The Middle
Website [Corporate] Proxy Client
Man In The Middle
Website [Corporate] Proxy Client
Man In The Middle
Man In The Middle
Man In The Middle
Man In The Middle
Man In The Middle
Man In The Middle
Konsequenzen
• Überwachung
• Veränderung
• Gesendete und empfangene Daten
• Chain-Of-Trust formal intakt
Gut und böse
• Debugging
• Reverse Engineering
• Security Audits
• Lernen undVerstehen
ReST Debugging
Gut und böse
• Phishing
• Identitätsdiebstahl
• Industriespionage
• …
Mac App Store
Mac App Store
Mac App Store
Demo 1
Video 1
Video 2
Gegenmaßnahmen
Zertifikatsvergleich
Zertifikatsvergleich
• Serverzertifikat in Client-App
• Vergleich mit vom Server präsentiertem
Zertifikat
• Verbindungsaufbau nur bei exakter
Übereinstimmung
Zertifikatsvergleich
Client AppServer
Zertifikatsvergleich
Client AppServer
==
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Zertifikatsvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
NSString *refPath =
[[NSBundle mainBundle] pathForResource:@"reference"
ofType:@"der"];
NSData *refCertData =
[[NSData alloc] initWithContentsOfFile:refPath];
Zertifikatsvergleich
• Schritt 2: Referenz-Zertifikat laden
NSString *refPath =
[[NSBundle mainBundle] pathForResource:@"reference"
ofType:@"der"];
NSData *refCertData =
[[NSData alloc] initWithContentsOfFile:refPath];
Zertifikatsvergleich
• Schritt 2: Referenz-Zertifikat laden
Zertifikatsvergleich
• Schritt 2: Referenz-Zertifikat laden
NSString *refPath =
[[NSBundle mainBundle] pathForResource:@"reference"
ofType:@"der"];
NSData *refCertData =
[[NSData alloc] initWithContentsOfFile:refPath];
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Zertifikatsvergleich
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
certificateVerified = [refCertData
isEqualToData:certData];
}
• Schritt 3: Referenzvergleich
Demo 2
Video
Fingerprintvergleich
Fingerprintvergleich
• Ähnlich Zertifikatsvergleich
• Vergleich des Zertifikat-Hashs mit Referenz
• Zertifikat nicht mit App ausgeliefert
• Beispiel: Apple Software Update
Fingerprintvergleich
Client AppServer
1122 3344 5566
7788 9900 AABB
CCDD EEFF 9988
7766
SHA-1 Hash
Fingerprintvergleich
Client AppServer
1122 3344 5566
7788 9900 AABB
CCDD EEFF 9988
7766
SHA-1 Hash
Fingerprintvergleich
Client AppServer
==
1122 3344 5566
7788 9900 AABB
CCDD EEFF 9988
7766
SHA-1 Hash
1122 3344 5566
7788 9900 AABB
CCDD EEFF 9988
7766
Fingerprintvergleich
SecTrustResultType evaluationResult;
OSStatus status =
SecTrustEvaluate(srvTrust,
&evaluationResult);
if (status == errSecSuccess) {
if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}
}
• Schritt 1: Chain-of-Trust validieren
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Fingerprintvergleich
static NSString* const kReferenceFP = @"AC .... DC";
BOOL found = NO;
CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) {
SecCertificateRef cert =
SecTrustGetCertificateAtIndex(srvTrust, j);
NSData* certData =
CFBridgingRelease(SecCertificateCopyData(cert));
NSString* fingerprint = [self sha1:certData];
found = [kReferenceFP isEqualToString:fingerprint]
}
• Schritt 2: Fingerprint berechnen
Demo 3
Video
Fallstricke
Fallstricke
• Zertifikatswechsel
• Abgelaufen
• Kompromittiert
• Frühzeitiges App-Update planen
• Altes und neues Zertifikat gleichzeitig
Variante
Variante
• Prüfung des Root-CA Zertifikats
• Trade-Off Flexibilität gegen Sicherheit
• Updates nur bei Root-CA Wechsel nötig
Fazit
Fazit
• SSL gewährleistet
• Vertraulichkeit
• Identitätsgarantie
• CA System (oft) ausreichend
• Mehr Sicherheit = Höherer Aufwand
Informierte
Entscheidungen treffen!
Links
Sample Code
• github.com/dschneller/mitm-no-thank-you
Tools
• github.com/ADVTOOLS/ADVcertificator
• github.com/ADVTOOLS/ADVTrustStore
• www.apple.com/support/iphone/enterprise
• technet.microsoft.com/en-us/library/
cc754841.aspx
Links
TLS Session Cache
• developer.apple.com/library/ios/#qa/qa1727
Root-CA Listen
• support.apple.com/kb/HT5012
• www.mozilla.org/projects/security/certs/included/
• social.technet.microsoft.com/wiki/contents/
articles/14215.windows-and-windows-phone-8-
ssl-root-certificate-program-member-cas.aspx
• Android: Settings–Security–Trusted Credentials
(ab 4.0)
Vielen Dank!
Fragen ?
daniel.schneller@centerdevice.de
@dschneller
Das war’s.Wirklich :)

More Related Content

Similar to Man in the Middle? - Nein, danke!

Client certificate validation in windows 8
Client certificate validation in windows 8Client certificate validation in windows 8
Client certificate validation in windows 8
Ashish Agrawal
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
 
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
tsuchimon
 
MongoDB World 2019: Life In Stitch-es
MongoDB World 2019: Life In Stitch-esMongoDB World 2019: Life In Stitch-es
MongoDB World 2019: Life In Stitch-es
MongoDB
 
Issue certificates with PyOpenSSL
Issue certificates with PyOpenSSLIssue certificates with PyOpenSSL
Issue certificates with PyOpenSSL
Pau Freixes
 
Java security
Java securityJava security
Java security
Bart Blommaerts
 
Seattle C* Meetup: Hardening cassandra for compliance or paranoia
Seattle C* Meetup: Hardening cassandra for compliance or paranoiaSeattle C* Meetup: Hardening cassandra for compliance or paranoia
Seattle C* Meetup: Hardening cassandra for compliance or paranoia
zznate
 
Hardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoiaHardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoia
zznate
 
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
DataStax Academy
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
Frank Kelly
 
Browsers with Wings
Browsers with WingsBrowsers with Wings
Browsers with Wings
Remy Sharp
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
Felipe Prado
 
Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)
Netwax Lab
 
使用 Passkeys 打造無密碼驗證服務
使用 Passkeys 打造無密碼驗證服務使用 Passkeys 打造無密碼驗證服務
使用 Passkeys 打造無密碼驗證服務
升煌 黃
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
Karri Huhtanen
 
SSL Failing, Sharing, and Scheduling
SSL Failing, Sharing, and SchedulingSSL Failing, Sharing, and Scheduling
SSL Failing, Sharing, and Scheduling
David Evans
 
Static Typing in Vault
Static Typing in VaultStatic Typing in Vault
Static Typing in Vault
GlynnForrest
 
Formal Verification of Transactional Interaction Contract
Formal Verification of Transactional Interaction ContractFormal Verification of Transactional Interaction Contract
Formal Verification of Transactional Interaction Contract
Gera Shegalov
 
The battle of Protractor and Cypress - RunIT Conference 2019
The battle of Protractor and Cypress - RunIT Conference 2019The battle of Protractor and Cypress - RunIT Conference 2019
The battle of Protractor and Cypress - RunIT Conference 2019
Ludmila Nesvitiy
 
SSL Certificates and Operations
SSL Certificates and OperationsSSL Certificates and Operations
SSL Certificates and Operations
Nisheed KM
 

Similar to Man in the Middle? - Nein, danke! (20)

Client certificate validation in windows 8
Client certificate validation in windows 8Client certificate validation in windows 8
Client certificate validation in windows 8
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
 
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
AWS IoTで家庭内IoTをやってみた【JAWS DAYS 2016】
 
MongoDB World 2019: Life In Stitch-es
MongoDB World 2019: Life In Stitch-esMongoDB World 2019: Life In Stitch-es
MongoDB World 2019: Life In Stitch-es
 
Issue certificates with PyOpenSSL
Issue certificates with PyOpenSSLIssue certificates with PyOpenSSL
Issue certificates with PyOpenSSL
 
Java security
Java securityJava security
Java security
 
Seattle C* Meetup: Hardening cassandra for compliance or paranoia
Seattle C* Meetup: Hardening cassandra for compliance or paranoiaSeattle C* Meetup: Hardening cassandra for compliance or paranoia
Seattle C* Meetup: Hardening cassandra for compliance or paranoia
 
Hardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoiaHardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoia
 
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
 
Browsers with Wings
Browsers with WingsBrowsers with Wings
Browsers with Wings
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
 
Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)
 
使用 Passkeys 打造無密碼驗證服務
使用 Passkeys 打造無密碼驗證服務使用 Passkeys 打造無密碼驗證服務
使用 Passkeys 打造無密碼驗證服務
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
 
SSL Failing, Sharing, and Scheduling
SSL Failing, Sharing, and SchedulingSSL Failing, Sharing, and Scheduling
SSL Failing, Sharing, and Scheduling
 
Static Typing in Vault
Static Typing in VaultStatic Typing in Vault
Static Typing in Vault
 
Formal Verification of Transactional Interaction Contract
Formal Verification of Transactional Interaction ContractFormal Verification of Transactional Interaction Contract
Formal Verification of Transactional Interaction Contract
 
The battle of Protractor and Cypress - RunIT Conference 2019
The battle of Protractor and Cypress - RunIT Conference 2019The battle of Protractor and Cypress - RunIT Conference 2019
The battle of Protractor and Cypress - RunIT Conference 2019
 
SSL Certificates and Operations
SSL Certificates and OperationsSSL Certificates and Operations
SSL Certificates and Operations
 

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
Techgropse Pvt.Ltd.
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 

Man in the Middle? - Nein, danke!