security

infosec

Stored XSS via Swish Transaction

Last week I went to the cinema with some friends. My friend paid for the ticket so I decided to use

Read
infosec

tamperfree

I'd like to write about a part of what was my master thesis project. For my thesis I wrote about a mostly theoretical whistleblowing system.

Read

Easier Authentication for your Mobile Apps

Signing in to your mobile apps should be easier in my opinion than having to type

Read
sysadmin

Setting up a Tor hidden service

As part of my thesis, I'm looking at using Tor for an anonymous submission system.

Read
infosec

Revisiting the Free Wifi on Destination Gotland

I'm on the boat from Gotland again after having spent a week there with my

Read
infosec

Enumerating Cinema Tickets

This is a hack I disclosed around a year ago to the company in question. It involves the company SF, which has a

Read
infosec

One.com CSRF and XSS

About a year ago I found a few vulnerabilities on the one.com website. For those of you that don't know, _one.com_ is

Read
infosec

FitBit CSRF and XSS

A few months ago I bought a fitbit, which is a wristband tracking device.

Read
infosec

Bypassing Authentication to a Paid Wifi Hotspot

I spent the last week and a few days at my family's summer place on the

Read
infosec

label clickjacking and javascriptless csrf

Another niche attack. I happened to notice the interesting behaviour of

Read