This is the last part of a three part blog series about AccessURL – Password Security and Cookies Security issues with AccessURL original implementation Solving all the issues by simple design change In the previous post we saw a few security issues in the way AceessURL generates the passphrase and the id for the share […]
Common Encryption Pitfalls
Common Encryption PitfallsPart 2 - Security Issues Found
This is the second part of a three part blog series about AccessURL – Password Security and Cookies Security issues with AccessURL original implementation Solving all the issues by simple design change Security issues found After using AccessURL browser extension I found a few issues which allowed me to get almost any credentials. To have […]
Common Encryption PitfallsWhen Using AES256 Is Not Enough - Part 1
I recently came across AcessURL. AccessURL is an online service which offers an easy way to allow access to online accounts without sharing the account password. Unfortunately, their initial implementation had some security issues. In this post, I will describe and suggest how to fix these issues. It is important to say that AcessURL since […]
Bitcoin security back to front
An article written by me has been published in Digital Whisper, the Israeli hacking and information security magazine.
Bitcoin Security Lecture
Here are my lecture slides and the video from the last Bitcoin meetup You can press the “p” key to see speaker view with notes. Sorry but the slides are only available in hebrew.