Demystifying SOP and CSP, featuring CORS

In my experience, many developers are not aware of the Same Origin Policy nor of the Content Security Policy, or at least were not aware of more than one or two of the directives CSP supports. Let’s lay out what these terms are and how they drastically improve the security... [Read More]

Encrypting Files in a Post-PGP Age

I have watched a cryptographer of reasonably widespread renown spitball an attack on the PGP MDC, and then say “fuck it, I’m not going to spend time working on PGP”. That’s roughly my take on where PGP is in the modern crypto firmament.— Thomas H. Ptacek (@tqbf) May 18, 2018... [Read More]
Tags: crypto