For modern software developers, there are a number of must-have tools: An editor, a compiler (called a web browser by HTML/JS devs), and a debugger. Further, if you are developing a non-trivial project, especially as part of a team, you will need a version […]
Author: Yngve
A safe too far: Goodbye Hotels.com
As I recently described, my primary requirement for selecting a hotel is that it has an in-room safe for storing my laptop. Recently I have been running into problems regarding that. In the last year or so, there have been many cases when the […]
Where did all the nice things go?
Over the years we buy many things that we use for various purposes, and some of these things become favorites that we replace with new items of the same kind as the old ones get worn out. Until we are (surprise!) no longer able […]
Microsoft, keep your hands off my keyboard!
The keyboards connected to our computers are essential to controlling every aspect of our computer experience, and to our communications with everybody we communicate with. A very basic aspect of the keyboard, and of our personal choice (it is really a major aspect of […]
Secure online X-mas shopping? Big stores encrypt, the corner-store doesn’t
Encryption usage by Norwegian online shopping sites (2016 edition) Over the past several years I have performed occasional surveys of Norwegian shopping sites and their use of encryption. I decided to limit my surveys to Norway, because I concluded that limited knowledge would make […]
There are more POODLEs in the forest
In December it was announced that several TLS server implementations were affected by a problem similar to an SSL v3 issue called POODLE disclosed by Google researchers in October. This attack worked by modifying the padding bytes of the encrypted SSL/TLS records that are used to […]
The POODLE has friends
In October last year, researchers from Google published details about an attack on SSL v3, called POODLE. This attack worked by modifying the padding bytes of the encrypted SSL records that are used to make the records into even multiples of 8 or 16 byte […]
Usikker registrering av persondata i mange nettbutikker
[Apologies to my English language readers, as this article mainly concerns encryption in Norwegian online shopping sites, I decided to write it in Norwegian] Jeg har ved at par tidligere anledninger undersøkt bruken av kryptering av norske nettbutikker, sist i 2013. Konklusjonen begge ganger […]
A possible reason why many e-commerce sites do not use encryption?
If you have read my past articles, you may have noticed that I am a little annoyed by the low number of e-commerce sites using HTTPS encryption to protect their customers. While most do use encryption for payments, usually that is because they use […]
Not out of the woods yet: There are more POODLEs
As I wrote in my previous article about this, in October a group of Google security researchers had discovered a problem, called POODLE, in SSL v3 that in combination with another issue, browsers’ automatic fallback to older TLS and SSL versions, allowed an attacker […]