How SSL/TLS Works: The Handshake Explained
5d ago · 13 min read · TLDR: SSL (now TLS) secures data between your browser and a server. It uses Asymmetric Encryption (Public/Private keys) once — to safely exchange a fast Symmetric Session Key. Everything after the handshake is encrypted with the session key. 📖 The...
Join discussionLastSignal: Secure Your Digital Legacy with a Self-Hosted Dead Man's Switch
6d ago · 3 min read · 📝 Quick Summary: LastSignal is a self-hosted, end-to-end encrypted dead man's switch that automatically delivers messages to trusted contacts if the user becomes unresponsive. It prioritizes security with a zero-knowledge architecture and modern cry...
Join discussionFrom CPU Instructions to Hardware States: Architecture of a Crypto Coprocessor
Mar 3 · 4 min read · Last semester, I had an Information Security course, in which we went from the basics like Caesar ciphers all the way to modern algorithms like AES and SHA-256. Naturally, being a dev, I got curious a
Join discussion
Securely encrypting data in a Chrome Extension without sending it to a server (key management problem) ??
Mar 4 · 3 min read · I am building a Chrome extension where some user data (for example tab metadata or browsing-related information) must remain on the user’s device due to Chrome Web Store privacy policies. The extensio
Join discussion
From Zero Trust to Quantum-Safe: A Deep Dive into the Modern SASE Stack
Feb 26 · 9 min read · Table of Contents The Old Way Is Broken Enter SASE: Security That Lives on the Edge Zero Trust: The Philosophy Behind SASE Why SASE Matters Right Now The Quantum Threat: A Problem That Exists Tod
Join discussion
pagevault: Hiding an Encryption Platform Inside HTML
Feb 24 · 1 min read · HTML is an encryption container format. That sounds wrong, but think about what an HTML file can hold: arbitrary data in script tags or data attributes, a full programming runtime via JavaScript, and a rendering engine (the browser) on every device o...
Join discussionA case for API-level cryptography
Feb 17 · 8 min read · Do you rely on TLS Pinning or OS level HTTPS handling for all your API privacy? You may either break your app or insufficiently protect your information on corporate networks. It is not unusual for large corporations to use HTTPS proxy for data ins...
Join discussion
Complete Guide to Developer Privacy: Tools, Practices, and Must-Have Software
Feb 17 · 5 min read · Complete Guide to Developer Privacy: Tools, Practices, and Must-Have Software Developers are high-value targets. You have access to source code, production servers, customer databases, API keys, and deployment pipelines. Your digital footprint reveal...
Join discussion