Koen RouwhorstRussia’s certificate authority for sanctioned organizationsAfter Russia’s invasion of Ukraine, it has created a new certificate authority to support sanctioned organizations.9 min read·Apr 8, 2022----
Koen RouwhorstUnderscoring the “private” in private keyLast weekend, Eric Lawrence found that the Amazon Music app, like Zoom, can automatically be launched from web pages without any user…5 min read·Jul 26, 2019----
Koen RouwhorstA tale of private key reuseIn 2017, while attempting to get some DRM-enabled video player to work on my Mac, I stumbled upon a hard-coded private key. The…4 min read·Jan 18, 2019----
Koen RouwhorstinBlendle EngineeringProtecting our mission-critical domain namesAt Blendle we recently thoroughly reviewed the security of our domain names. In this blog post we will describe what we have learned, and…7 min read·Sep 29, 2017----
Koen RouwhorstGitHub bug bounty huntingLast month, I went hunting for security bugs in GitHub, a popular platform for sharing and collaborating on code. After spending many hours…4 min read·Feb 7, 2016--3--3
Koen RouwhorstNo, the U.S. Army did not read the emails of a Belgian MPToday, someone pointed me at an article in Belgian newspaper De Standaard in which Karolien Grosemans, a Belgian MP of the New Flemish…2 min read·Nov 2, 2013----
Koen RouwhorstNo, the NSA was not behind the DigiNotar hackOn Tuesday I found that former Dutch certificate authority DigiNotar, known for its security breach in 2011, was briefly mentioned in a…2 min read·Sep 14, 2013----
Koen RouwhorstWhat an e-book watermark looks likeIn recent weeks, there was some fuss about a new agreement between digital book distribution platform eBoekhuis and connected vendors. This…3 min read·Sep 7, 2013----