December 22, 2017
About eight months ago, friends at the Freedom of the Press Foundation reached out to us, to see if we were interested in prototyping an idea they had …
June 2, 2016
App stores can work well without any tracking at all Attackers are increasingly seeing app stores as a prime attack vector, whether it is aimed at the …
March 28, 2016
Three open-source projects haved joined together to announce a new partnership to create an open, verifiably secure mobile ecosystem of software, …
December 29, 2015
It is time to update to a stronger signing key for your Android app! The old default RSA 1024-bit key is weak and officially deprecated. What? The …
January 26, 2015
Every so often, we revisit our core libraries in the process of improving our existing apps, and creating new ones. IOCipher has become a standard …
October 16, 2014
Update: now you can do this with Tor Onion Services Many software update systems use code signing to ensure that only the correct software is …
September 26, 2014
We’ve been on a big kick recently, updating the newest members of our CipherKit family of frameworks: IOCipher and CacheWord. There also are is a …
March 28, 2014
Hardware Security Modules (aka Smartcards, chipcards, etc) provide a secure way to store and use cryptographic keys, while actually making the whole …
February 12, 2014
The HTTPS protocol is based on TLS and SSL, which are standard ways to negotiate encrypted connections. There is a lot of complexity in the protocols …
December 28, 2013
ver the past couple of years, Android has included a central database for managing information about people, it is known as the ContactsContract …