Reducing metadata leakage from software updates

October 16, 2014

Update: now you can do this with Tor Onion Services Many software update systems use code signing to ensure that only the correct software is …

Tweaking HTTPS for Better Security

February 12, 2014

The HTTPS protocol is based on TLS and SSL, which are standard ways to negotiate encrypted connections. There is a lot of complexity in the protocols …

Proposal for Secure Connection Notification on Android

November 15, 2012

A major problem of mobile applications being increasingly used over web-based applications, is that there is no standard established for notifying the …

CACertMan app to address DigiNotar & other bad CA’s

September 5, 2011

As I expect many of you are aware, there was a major compromise to a Dutch Certificate Authority named “DigiNotar” recently, where they allowed SSL …