Experimenting with password-based authentication implemented directly in Postgres, all sprinkled with a few twists. | Continue reading
A subtle, but surprising, realization about password-based key-derivation functions when using long byte sequences as passwords. | Continue reading
Documenting various open-source tools and projects that I've found while experimenting with the Linux container technology. | Continue reading
Immutable OSs are just a minor step towards reliable OS installations. However, for a complete solution we also need reproducible and thus deterministic installations, which implies cleaning-up and modernizing our package managers. | Continue reading
`sh` is not a programming language! Write application launchers in proper languages! | Continue reading
A rant about the complexity of modern Linux distributions, which places them on par with the opaqueness of Windows and OSX. | Continue reading
A live document providing learning resources and pointers for those that want to experiment with applied cryptography. | Continue reading
Experimenting with various real-world instantiations of cryptographic random oracles, with applicability from multi-factor encryption, to database record encryption. | Continue reading
Prototyping an encryption tool that allows combining multiple encryption factors, from PIN's, passwords, to X25519 pairs, and beyond. | Continue reading
I reflect on my preferences when it comes to choosing open-source tools I need to rely upon. | Continue reading
Experimenting with OpenSSH authorization keys resolution; from skeleton-key providing emergency access, to simple centralized key management. | Continue reading
Trying to make the case for permanent irrevocable digital identities, which unfortunately today, by de-facto, are email addresses. | Continue reading
A few words about one of my latest open-source projects, `z-tokens`, that among other thinks, also tries to tackle this problem but providing more added value compared to existing solutions. | Continue reading
Although many software engineers know about the topic, especially through their exposure to Base64, there are however many issues and missed opportunities not tackled by the broad community. | Continue reading
A few words of caution about storage-free deterministic password managers. | Continue reading
An interesting take on containerized deployments, contrasted with other similar trajectories in the software engineering history. | Continue reading
Questions (without definitive answers) about how to securely manage secrets in scripts and development environments? | Continue reading
Questions (without definitive answers) about memorable password schemes and patterns. | Continue reading
Questions (without definitive answers) about password strength (i.e. entropy bits) for offline storage. | Continue reading
Given a simple enough HTTP server, and by employing seccomp, one could easily achieve a quite secure(er) server, with a small enough attack surface that the potential attacker might want to look elsewhere in the stack for vulnerabilities. | Continue reading
A few Firefox addons I use on a daily basis. | Continue reading
by Ciprian Dorin Craciun (https://volution.ro/ciprian) on 2022-04-02 | Continue reading
by Ciprian Dorin Craciun (https://volution.ro/ciprian) on 2022-03-27 | Continue reading
Articles and tools I've found interesting in the last few days. | Continue reading
About how the largest romanian bank tries to give its clients a "warm-fuzzy-feeling" of security, that is actually zero in real security terms. | Continue reading
Articles and tools I've found interesting in the last few days. | Continue reading