Earlier this week, I worked to recover the private key for a valid SSL certificate that was embedded in the Amazon Music application. I already described the process in a Twitter thread, but now I have turned into a blog post.

Read the post on my personal blog.

In 2017, while attempting to get some DRM-enabled video player to work on my Mac, I stumbled upon a hard-coded private key. The corresponding public key was used in a valid and publicly trusted Cisco certificate. This further piqued my interest in the internet PKI, and made me wonder how many of private keys I would be able to find. In the months that followed I found and reported many hundreds of certificates of which the private key was compromised. In this post, I want to focus on one particular compromised key.

This post was originally published my personal blog.

Continue reading

At Blendle we recently thoroughly reviewed the security of our domain names. In this blog post we will describe what we have learned, and what measures we have taken since to protect the domain names that are critical to the operation of our business.

About registries and registrars

First, a few words on the different entities involved in the domain name ecosystem. In order to reserve a domain name, a registrant must register it with a registrar or one of their resellers. Some of the largest and most well-known registrars include eNom, Tucows, and Network Solutions. Once a domain name is registered, the registrar…

Last month, I went hunting for security bugs in GitHub, a popular platform for sharing and collaborating on code. After spending many hours mapping out GitHub’s infrastructure, and testing for weaknesses without any significant results or leads, I shifted my focus to the service providers. This is a write-up about two of the issues I found, which both have since been addressed.

Trawling Amazon S3 buckets

There aren’t many organisations that don’t use Amazon S3 for object storage in some way, and there aren’t many organisations that have correctly configured all of their S3 buckets either. That’s because it’s far too easy to screw…

Koen Rouwhorst

Security Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store