It is indisputable that the Google Glass failure was a devastating blow to smart glass tech. We have a radioactive wasteland poisoned for 10+ years, and who knows when it will be declared safe. …

Quite a lot. I assume you already know how u2f (Universal Second Factor) works, what is webauthn standard developed by Fido alliance is, and so on. The Wikipedia article is detailed enough if any of those words sound unfamiliar to you. Or, at least, here is a picture to freshen…

Don’t get me wrong: I still appreciate EPSS as a significant breakthrough that, after decades of failed attempts, finally made some sense of important parameters that affect software exploitability and exploitation. However, the importance of predictions (as opposed to reliable, up-to-date information and deterministic conclusions at hand) is as overrated…

How did the quarantine affect cybersecurity? Spoiler alert: not much. https://drive.google.com/file/d/1-ph5dN5vj7y2UfRc7sePXTe7sCriyBtx/view?usp=sharing

A legal framework proposal to fix GDPR and privacy forever The problem: substituting authentication with identification is a fallacy and a violation of the “need to know” principle. We confused identification (X == X0, you are this person) with authentication (X’ == X, you are the same person that came…

I see a lot of GDPR experts and consultants around — and I do my share of GDPR consulting as well, yet I have to admit there are several things that I do not know; and when I start asking around, the only answer I get “ah, we do not…

One more hopeless rant I was engaged in, like, for last 20 years or more. What is totally broken, however, is UX decisions that mark them «evil». Self-signed TLS certificates possess no more intrinsic evil qualities than your beloved ssh and gpg keys. The intent behind ostracising self-signed certificates is…