14 Sep 2020
We cover cryptographically signed audit logging, when logs are generated in a certain way which prevents tampering messages, removing, adding or changing the order of log entries. We explain why signed logs are essential for security software, how we’ve built-in secure audit logging in Acra, and how to use it together with other defense in-depth layers in your systems.
10 Jun 2020
OpenSSL complexity starts with its version string. Apple, Carthage, and some dependency analysis tools have different opinions about it. Here is how we dealt with them and submitted iOS app to the App Store.
10 Jun 2020
This story is dedicated to fellow developers struggling with updating Carthage package with the latest OpenSSL for iOS and macOS apps. Here you will find the scripts, error messages, testing matrix, and our working solution for Themis to this no small feat. We believe it could save you time then you meet the same task.
28 Oct 2019
Don't be afraid of security incidents, prepare to them in advance. Choose the scenario that suits your company and fits your budget.
5 Sep 2019
How we helped the Bear note taking app for iOS/macOS, which decided to implement note encryption for their huge existing user base. A story about finding a balance between usability, security, and mobile platforms' restrictions.
4 Apr 2019
How to protect the data in your app infrastructure using the defence in depth approach, explained on the example of Acra encryption suite.
22 Nov 2018
A battle-tested explanation of why tracing is a very useful technique you can benefit from in your projects. A story from the trenches of implementing distributed tracing in our Acra data security suite.
29 May 2018
We tried out and described a few approaches to reducing the size of Docker images for the components of our database encryption suite Acra. As a result, we found a way to reduce the container size by roughly 62 times.
23 Nov 2017
Turning macros into auditable C code in a highly parameterised cross-platform cryptographic library Themis with a help of preprocessor customization.
21 Sep 2017
The second article in a series of three that covers our experiments with different sources of crypto primitives for Themis. This time we tested its multi-platform capabilities with Libsodium.