When you do threat modeling, the danger is often lurking near the interfaces. It’s where different domains touch, where different security levels meet and where trust assumptions have to face reality – or the exploits of advanced attackers. This means […]
GDPR became officially applicable in May 2018 and it did not play out quite the way we had in mind. First, we received email messages from like every organization that got hold of our email addresses throughout the years – […]
Last week, Bloomberg ran a lengthy article on a supposed supply chain attack that gave the Chinese manufacturer (as well as Chinese state actors) a way to control Amazon and Apple devices. The article itself was no journalistic masterpiece, since […]
Ivan Ristić and I go back together a very long time. It must have been in 2005 or 2006 that we started to talk about ModSecurity, DDoS and security in general. That was an interesting conversation and it never ended. […]
If you believe the news, North Korea is behind half of the bigger cyber attacks happening around the globe these days. That is probably exaggerated, but there is no doubt that the attack capabilities of this unique nation state exceed […]
Artificial intelligence and machine learning are all the rage these days and if you are able to combine them with blockchain technology, then you are likely to have a winning entry into a bullshit bingo game. But we can joke […]
There was a time, when the web was populated by clients and by servers. Clients would send individual HTTP requests and servers would return their responses one by one. Occasionally, content on certain servers would become very popular – we […]
The dumb programmer is a prominent character in security lore. But developers and system engineers have their own traditions and the stubborn security officer plays an equally important part in their camp fire stories. We could accept this as a […]
At last year’s Swiss Cyber Storm, we ran an E-Voting focus. We looked into the basic problem E-Voting technology aims to solve. We touched on the big problems standing in the way and possible solutions proposed by the two Swiss […]
For the average user, the selection of the secure messaging app does not matter very much anymore. All the options bring you end-to-end encryption and even if they are not perfect for paranoid users, they certainly do the job for […]
