Cossack Labs
Cossack Labs
Blog
6 Mar 2017
Importing with ctypes in Python: fighting overflows
Best cases of boring technical debt are understood when reflected properly. This post addresses a simple one: inelegant flags in core C library ended up breaking Python tests. This is no small case to us: tests breaking sometimes might end up in things seeming to work, but not really working. Not something you can afford yourself when you're doing cryptography, do you?
28 Feb 2017
Plugging leaks in Go memory management
Investigating memory leaks can be fun, sometimes. Sometimes it might even teach you a few lessons in how the language you know and like actually works.
30 Dec 2016
2016 at Cossack Labs
Bright and full of new 2016 year insensibly came to an end. Sharing the summary of our work!
21 Dec 2016
Themis database modules
In an ongoing effort to make Themis functions available anywhere we (and potential users) might need them, we're starting to release Themis wrappers for popular databases. This post outlines the first two - for Redis and PostgreSQL databases.
13 Dec 2016
12 and 1 ideas on how to enhance backend data security
Previously, we’ve talked about classic design patterns in backend data security and about key management goals and techniques. In this article, we'll discuss how modern approaches differ and shed light on our solutions. Updated in 2019
23 Nov 2016
Themis 0.9.4 release
Glad to announce Themis 0.9.4! Minor changes for stable new version.
26 Oct 2016
Why making Internet safe is everyone’s responsibility
... not the security vendors, nor government or big corporations can solely fix the current state of things. It's everybody's duty and the earlier we understand it - the better.
21 Sep 2016
Backend data security: Key management 101
Second article in series, Key Management 101 will talk about basic key management concepts, goals and methods to achieve them.
15 Aug 2016
Classic Backend Security Design Patterns
In the upcoming series of articles, we'll ascend from classic database security techniques to the modern technologies, including some cutting edge research data and our own experiments.
27 Jul 2016
Zero Knowledge Protocols without magic
In this post, we talk about Zero-Knowledge Proofs, tie ZKP authentication to traditional security models and help you understand better how authentication, in general, should work.
