Security, Privacy & Tech Inquiries

Lukasz Olejnik

I write about security, privacy, Web, technology and tech policy matters.

About me
My newsletter
09 Nov 2020 on encryption, cryptography, technology policy, security, cybersecurity

The policy of Security Despite Encryption

The Council of the European Union is a group of representatives of 27 EU governments. The institution continues to investigate the challenges caused by encryption technology.  Someone in there recently coined a new policy term “security through encryption and security despite encryption” (in this document). What does it mean? The…

Read more

20 Jul 2018 on web browser, security, privacy, w3c

Making Web Ecosystem Safer - Certificates, Browsers, Web

Unsecured ways of web browsing are fading away at accelerating pace. Technically this is done thanks to the increased deployment of HTTPS on the of web. Data indicates that above 70% of websites are now accessed via this secured protocol, those numbers quickly increasing. This is an important milestone in…

Read more

28 Aug 2017 on security, web, w3c, sri

Making third-party hosted scripts safer with Subresource Integrity

Websites routinely include third-party hosted resources - images, scripts, stylesheets and so on. It's now a standard practice. One thing to keep in mind is that if your website includes a JavaScript script from another site (example.org): <script src=“https://example.org/CoolLib.js"></script&…

Read more

12 Jul 2017 on security, privacy, usability, E2EE

Are you sure your iMessage is encrypted? Blue > Green.

Do you know when Apple Messages send end-to-end encrypted messages? This note might look unusual but it was sparked by continuous questions I receive about communication confidentiality. If you’re well-versed in security and privacy technology - feel free to skip, most likely you won’t find much things of…

Read more

23 Jun 2017 on nist, privacy, security, privacy engineering

New NIST guidelines: security and privacy recommendations

NIST has published new guidelines relating to security and privacy (I noted recent NIST’s involvement in privacy engineering here). As many of their documents, new guidelines will be influential for security and privacy engineering. Though they’re focused on Digital Identity, the reach will be much broader. I paid…

Read more

Page 1 of 2 Older Posts →
Privacy policy.