The Council of the European Union is a group of representatives of 27 EU governments. The institution continues to investigate the challenges caused by encryption technology. Someone in there recently coined a new policy term “security through encryption and security despite encryption” (in this document). What does it mean? The…
Read more
Unsecured ways of web browsing are fading away at accelerating pace. Technically this is done thanks to the increased deployment of HTTPS on the of web. Data indicates that above 70% of websites are now accessed via this secured protocol, those numbers quickly increasing. This is an important milestone in…
Read more
Websites routinely include third-party hosted resources - images, scripts, stylesheets and so on. It's now a standard practice. One thing to keep in mind is that if your website includes a JavaScript script from another site (example.org): <script src=“https://example.org/CoolLib.js"></script&…
Read more
Do you know when Apple Messages send end-to-end encrypted messages? This note might look unusual but it was sparked by continuous questions I receive about communication confidentiality. If you’re well-versed in security and privacy technology - feel free to skip, most likely you won’t find much things of…
Read more
NIST has published new guidelines relating to security and privacy (I noted recent NIST’s involvement in privacy engineering here). As many of their documents, new guidelines will be influential for security and privacy engineering. Though they’re focused on Digital Identity, the reach will be much broader. I paid…
Read more