Nothing Is Secure [slides]
Yesterday I gave a talk on a local BSides conference in Bulgaria titled “Nothing is secure”. The point is simple: security is very hard, there are many details, many tools,Continue reading
Internally And Externally Facing Honeypots
Honeypots are great security tools – you install a “decoy”, which attracts malicious traffic. They have certain ports open and they work with certain protocols, mimicking regular interactions, e.g. SSH,Continue reading
A Security Issue in Android That Remains Unfixed – Pull-down Menu On Lock Screen
Having your phone lying around when your kids are playing with everything they find is a great security test. They immediately discover new features and ways to go beyond theContinue reading
The Lack Of Native MFA For Active Directory Is A Big Sin For Microsoft
Active Directory is dominant in the enterprise world (as well as the public sector). From my observation, the majority of organization rely on Active Directory for their user accounts. WhileContinue reading
Open APIs – Public Infrastructure in the Digital Age
When “public infrastructure” is mentioned, typically people think of roads, bridges, rails, dams, power plants, city lights. These are all enablers, publicly funded/owned/managed (not necessarily all of these), which allowContinue reading
On Disinformation and Large Online Platforms
This week I was invited to be a panelist, together with other digital ministers, on a side-event organized by Ukraine in Davos, during the World Economic Forum. The topic wasContinue reading
Don’t Reinvent Date Formats
Microsoft Exchange has a bug that practically stops email. (The public sector is primarily using Exchange, so many of the institutions I’m responsible for as a minister, have their emailContinue reading
I Have Been Appointed As E-Governance Minister of Bulgaria
Last week the Bulgarian National assembly appointed the new government. I am one of the appointed ministers – a minister for electronic governance. The portfolio includes digitizing registers and processesContinue reading
Simple Things That Are Actually Hard: User Authentication
You build a system. User authentication is the component that is always there, regardless of the functionality of the system. And by now it should be simple to implement itContinue reading
Integrity Guarantees of Blockchains In Case of Single Owner Or Colluding Owners
The title may sound as a paper title, rather than a blogpost, because it was originally an idea for such, but I’m unlikely to find the time to put aContinue reading