At DEFCON 2011, Moxie Marlinspike presented a possible solution to the “big SSL problem”: Convergence, a clever way to remove the need of certificate authorities. But is it really going to solve it?

A friend asked me some time time ago how his bank’s OTP token worked. Most tokens that banks use (at least in Italy) are products of the “RSA SecurID” family, which are proprietary and secret (and rumored to have been compromised), but the general cryptography behind them is well-known and there are open standards that [...]

In the never-ending spam-fighting war, many different technologies are implemented to prevent users from wadingthrough a daily batch of pill discounts and lottery winnings. Two of them, which are both very effective, are greylists and RBLs (aka blacklists); they both operate at the SMTP level (even before the mail body is transferred). Usually, these technologies [...]