In January, I asked whether TLS channel binding with strong authentication was the solution to defend against MITM or proxy style phishing attacks. The answer was “yes, but also no”. I will look beyond SCRAM soon, but first I want to fulfil a promise to go into more detail about how SCRAM works, especially with channel binding.[Read More]
Welcome to my blog
This is my blog on (mostly) cybersecurity, IoT and related subjects. It contains some historic stuff from LinkedIn and other places, as well as new thoughts that I’ll collect here. I’ll also occasionally talk about research work, including publications or other academic engagements.
For more information about me, visit my personal website.
My smart TV remote broke, so I took it apart 📺🛠
Why do BLE remotes have to be so complicated?
This is a story of frustration, confusion and so far no happy ending. It’s a chance for me to wax lyrical about some of the problems I see with modern “smart” consumer devices, but also, give a bit of insight into how things are put together. Let’s start, as many stories do, at the beginning…[Read More]