More and more data is outsourced to remote (cloud) storage providers fuelled by “software as a service” trends in enterprise computing. Data owners want to be certain that their data is safe against thefts by outsiders, internal threats, and untrusted service providers alike. To safeguard the data, encryption is used. …

We always strive to make high-end security tools available to general developer audience in a convenient fashion. Only by making data security accessible, we can ensure real security of sensitive data everywhere. As another step towards our mission, we are proud to announce that Acra encryption suite is now available…

How to improve your database security — Beep-beep! You hear the sound of an alarm clock. The first thing you see after you wake up is a notification. The entire user base of your WordPress* app has leaked into Darknet. According to GDPR, you’re both data controller and processor so now you’re facing a number of fines and…

What are poison records and how you can detect massive database breaches and leaks using them. Imagine you’re storing a table containing a lot of sensitive data: customer names, emails, biometric information, etc… No matter how hard you work on security, at some point an SQL injection or a malicious…

Top Curious Cases of Governments Opposing Encryption and Secure Means of Communication The recent ban of Telegram in Russia and basically the end of freedom of speech brought by the new legislation in Egypt inspired us to create a little paranoia-driven hit parade of countries banning secure communication tools. “Don’t…

A Very Subjective List of the notable security and, specifically, cryptographic fails of the year While half of the world is still busy getting over the seasonal festivities and the other part is only getting ready to celebrate, we decided to share the list of our favourite (and extremely subjective)…

Explaining crypto is hard, explaining crypto in simple words is harder. Explaining Zero Knowledge Proof to a child? Easy! So here you go — ZKP explained with some Halloween candy. Previously in the series: Explain Like I’m 5: End-to-end Encryption Zero Knowledge Protocol Zero Knowledge Protocol (or Zero Knowledge Password Proof, ZKP) is…

A closer look at the well-documented, but rarely implemented properties of end-to-end encryption. Intro Security architectures and trust models are frequently defined and redefined. The Web with its questionable code runtime, virtualised assets, and remote secret storages, constantly introduces new interesting risks and security challenges. Looking back, it could be safe…

All the aspects of our lives relocate online ― we’re blogging, instagramming, posting, facebooking, and messaging. We’re communicating and transferring our data using the Internet. Some parts of our communication are open to everyone and there is something we’d like to keep between ourselves and the recipients. The more we’d…