Sasha Romijn

Category: security

2015
January
Crypto weaknesses in the Ectual energy meter
2014
October
Vulnerability in Apple portal compromised iOS keychain access groups
April
Phishing out iOS URL schemes
March
The definitive guide to cookie domains and why a www-prefix makes your website safer
February
Why your certificate authority rarely matters, and expensive certificates are not safer
January
But where is the decryption key?
Watch that cache: Dropbox and Evernote insufficiently protecting iOS 6 user's data
2013
December
An appeal for security for the ordinary developer
June
A basic guide to when and how to deploy HTTPS
April
Proof of concept: arbitrary remote code execution through pickle-backed cookie-based sessions