Websites routinely include third-party hosted resources - images, scripts, stylesheets and so on. It's now a standard practice. One thing to keep in mind is that if your website includes a JavaScript script from another site (example.org): <script src=“https://example.org/CoolLib.js"></script>…
Read more
Do you know when Apple Messages send end-to-end encrypted messages? This note might look unusual but it was sparked by continuous questions I receive about communication confidentiality. If you’re well-versed in security and privacy technology - feel free to skip, most likely you won’t find much things of…
Read more
NIST has published new guidelines relating to security and privacy (I noted recent NIST’s involvement in privacy engineering here). As many of their documents, new guidelines will be influential for security and privacy engineering. Though they’re focused on Digital Identity, the reach will be much broader. I paid…
Read more
Did you encounter a web, Facebook or Twitter advertisement seemingly tailored to your interests or related with your recent actions on the web? Chances are this was delivered to you via Real-Time Bidding channels. I am involved in technical research and analysis of Real-Time Bidding systems and their potential influence…
Read more
It was never my intention to have a "blog". Then, as I have found myself increasingly interested in, and doing more and more things, I indentified a need to have a place for writing. It is not a good idea to put my thoughts on my site; I prefer to…
Read more