We have compiled all practical information we could find and written it up at Numbers you need to know. It’s a long list of restrictions, rate limits, and other useful information to keep in mind. Here’s a few selected points that we found interesting. Big thanks to schoen from Certbot/EFF for pointing out numerous inaccuracies.
Monthly Archives: June 2017
As secure as rock, paper, scissors at once – Art of Defence, Demo at DEFCON
A team of great people from the Security Group at UCL and our start-up Enigma Bridge designed and implemented a practical security system tolerant to severe attacks compromising all parts of the supply chain. We will present and demonstrate it at DEFCON in Las Vegas.
Continue reading As secure as rock, paper, scissors at once – Art of Defence, Demo at DEFCON
The potential of multi-party signing – as secure as its STRONGEST link
Is it really possible to design an encryption system, which is as strong as its strongest link? There is never a straight “yes” answer to this question, but we are now as close as one can get.
Continue reading The potential of multi-party signing – as secure as its STRONGEST link
Guardian, FT, etc. share their internet encryption keys with many
We have all heard about hackers stealing huge user databases with passwords as they are tempting bounties. FT, Guardian and many others create a new kind of reward – their internet encryption keys via CDNs – services speeding up web traffic.
Continue reading Guardian, FT, etc. share their internet encryption keys with many
SSL testing – servers or domains?
SSL certificates – 7 Free Spot Checks in one go – KeyChest
While implementing features of the certificate planner, we have added a few handy features to the KeyChest spot checker as well. It is now much more than just a tool to check when a website certificate expires.
Continue reading SSL certificates – 7 Free Spot Checks in one go – KeyChest
First BlackHat, now DEFCON: We talk “Trojan-tolerant hardware security in practice”
I have mentioned this multi-party encryption project of ours (Enigma Bridge) and University College London here earlier. If you’re planning to go to BlackHat US or DEFCON-25, come and see our talks about practical “ultra-secure” multi-party encryption for the cloud and some of the technology enabling it (Unchaining the JavaCard Ecosystem).
Continue reading First BlackHat, now DEFCON: We talk “Trojan-tolerant hardware security in practice”
Meet your internet neighbors – sharing SSL keys with strangers
You may think I’m pulling your leg, when I say that you share encryption keys with an adult content website, road sweepers West Sussex, or hackers trying to impersonate Apple. But that’s exactly what happens when you use a free (CDN) service with HTTPS.
Continue reading Meet your internet neighbors – sharing SSL keys with strangers
Is cloud security all about emotional marketing?
I still find it interesting that when I mention “hardware security” to someone, my “pitch” is over, done, finished. Like if no-one realized that every cloud needs physical servers to run on. Everything cloud is marketed as “secure”, but are we really in control of our data?
Continue reading Is cloud security all about emotional marketing?
KeyChest – FREE plan and track for 100% HTTPS uptime
We have been using Letsencrypt certificates for a year now. As it is free, we have been constantly increasing the number of services using it. I personally like the three months validity as it makes renewals a “business as usual” task, rather than incidents. But it doesn’t happen through magic.
Continue reading KeyChest – FREE plan and track for 100% HTTPS uptime