Fido2 is not only passwordless authentication, but also it can sign anything you need. Nowadays, we know Fido2 as passwordless authentication - which initializes authorized session. But in cryptogr...
Introduce about Certificate Transparency Web Public Key Infrastructure (Web PKI) helps us on privacy and security. Trusted Certificate Authorities issue certificates and we trust them by default. A...
U2F vs Fido2 Fido U2F is renamed to CTAP1. FIDO UAF: FIDO Universal Authentication Framework. WebAuthn: New API supports passwordless login, compatible with Fido U2F/UAF. Fido2: CTAP2 + Webauthn...
Android Accessibility Service Android provides accessibility service for disabilities people. This service can access all events on phone’s screen. The security hole is that it can access platform ...
NFC ID Card - new challenge for fraudsters. NFC ID card is new challenge for fraudsters and banking/fintech. Based on cryptography, the data on card must be consistent. NFC ID card overview: Da...
ECH is final piece of big privacy picture. When we connect to website, the TLS helps us with confidence, security but no privacy. The eyes of ISP still see your target server via SNI. They could te...
Problem I discovered some Kafka brokers. And when I consume topic, I get the error: failed to get offset for topic pushgatway_send Partition 3: dial tcp 172.18.19.58:9092: i/o timeout or failed to ...
NFC data is followed ICAO’s specification. We must verify the Security Object Document (SoD), it contains signature, data and certificate of Document Signer (DS). Wait, what’s Document Signer Cer...
ZeroTrust is just a access context management Some years ago, I heard that zerotrust would become the future of security. Nowaday, I see zerotrust in every security product advertisment. From my pe...
The use case Mobile applications are replacing the traditional web applications. Some techniques are developed to identify the requests are coming from official application - which they own and not...
A new version of content is available.