Russia’s certificate authority for sanctioned organizationsAfter Russia’s invasion of Ukraine, it has created a new certificate authority to support sanctioned organizations.Apr 8, 2022Apr 8, 2022
Underscoring the “private” in private keyLast weekend, Eric Lawrence found that the Amazon Music app, like Zoom, can automatically be launched from web pages without any user…Jul 26, 2019Jul 26, 2019
A tale of private key reuseIn 2017, while attempting to get some DRM-enabled video player to work on my Mac, I stumbled upon a hard-coded private key. The…Jan 18, 2019Jan 18, 2019
Published inBlendle EngineeringProtecting our mission-critical domain namesAt Blendle we recently thoroughly reviewed the security of our domain names. In this blog post we will describe what we have learned, and…Sep 29, 2017Sep 29, 2017
GitHub bug bounty huntingLast month, I went hunting for security bugs in GitHub, a popular platform for sharing and collaborating on code. After spending many hours…Feb 7, 20163Feb 7, 20163
No, the U.S. Army did not read the emails of a Belgian MPToday, someone pointed me at an article in Belgian newspaper De Standaard in which Karolien Grosemans, a Belgian MP of the New Flemish…Nov 2, 2013Nov 2, 2013
No, the NSA was not behind the DigiNotar hackOn Tuesday I found that former Dutch certificate authority DigiNotar, known for its security breach in 2011, was briefly mentioned in a…Sep 14, 2013Sep 14, 2013
What an e-book watermark looks likeIn recent weeks, there was some fuss about a new agreement between digital book distribution platform eBoekhuis and connected vendors. This…Sep 7, 2013Sep 7, 2013
