Articles

RSSAtomJSON

I write about TypeScript, Node.js, React, security and privacy.

2020

The Security of GitHub Actions

2020-02-24


GitHub Actions are a great way to build powerful customised CI/CD workflows using the power of community-driven resources, but they can be tricky to get right in terms of security.


Password Reset for End-to-End Encrypted Applications

We forget passwords. Usually it's OK, because most websites implement a password reset feature. But how to do this in end-to-end encrypted applications that don't have access to the password in the first place ?

2019

How To Store End-to-End Encryption Keys In The Browser

2019-12-13


End-to-end encrypted applications use cryptographic keys that don't leave the client, so how do we store them securely in the browser ?