Skip to main content
privacy-for-journalists-cover

Launching ‘Privacy for Journalists’

Reporters are one of the bastions of democracy, as they could expose the wrongdoings of governments, corporates or well-connected individuals affecting the many.

With the legal protections shrinking and the technical disparity widening, the protection of information sources is more challenging than ever.

Information security experts launch website and community to help investigative journalists protect their information sources.

Read More

upcoming-sri-features-cover

Upcoming Features of Subresource Integrity 2.x

As a response to the growing number breaches involving CDNs, the first release of the Subresource Integrity (SRI) was published hastily in late 2015. The W3C WebAppSec Working Group decided to leave certain useful features out, in favour of an early release. Although SRI already does the job, there is some room for improvement with regards to user experience. The good news is that some of these features will be added to the next iteration of SRI.

The following article gives a brief, speculative overview of the upcoming features of Subresource Integrity.

Read More

hacking-password-cards-cover

Passwordcard.org Wordlist Generator

Passwords suck, bit time. They should be unique per each website, and we are supposed to remember all of them. Password cards help to remember the myriad of passwords. Sadly, these cards are vulnerable to brute-forcing attacks and here is why.

This post introduces a tool called Munchkin, which is a wordlist generator for attacking passwords derived from password cards.

Read More