Cheap IoT devices like power plugs are mostly manufactured in China. They connect to “bridging” servers we don’t really have control over, they are usually not documented and those required “bridging” services may  fail or even be terminated at any time.  Which would of course render your (or my) “smart” power plugs useless. Time to do something about it. Read More →

Plenty of services use a standard email-address as login token. This has advantages: The user doesn’t need to remember another keyword and the service provider knows that the email address is unique and can be verified. But there’s one BIG problem: Other people know your email-address and – with it – 50% of your login credentials. How to to eat the cake AND eat it? Read More →

Javascript is growing strong. It’s the universal language for online development. It allows anything – from file access to content modification, even video- and audio chats are now scriptable. But what about security? A new mechanism guarantees safe script even on corrupted servers. Read More →