Welcome to my Blog
I am a researcher at Google.
My research is on computer security and applied cryptography with a specific attention to web, game and mobile security.

What Phishing Sites Look Like ? (Study)

Nov, 29 2011 | Security | Elie | 2 comments

In this post we are going to take a closer look on what are the current phishing tactics employed in the wild. The trends uncovered by analyzing our new data-set of 5000 recents phishing sites will change the way you think about phishing.

Read more

Evolution of the HTTPS lock icon (Infographic)

Nov, 18 2011 | Security | Elie | No comments

Since the introduction of HTTPS by Netscape, the lock icon have been the indicator of choice to tell users that their communication is secure. Over the years, this “prestigious” icon shape and position kept changing from browser to browser and from version to version so I made a couple of infographics to illustrate this. I hope you will enjoy them :)

Read more

How to physically secure your credit card

Oct, 17 2011 | Security | Elie | 5 comments

 

In this post I want to share with you the two simple steps I came up with to “harden” my credit card security against theft and duplication. In a nutshell, this hardening technique works by removing all the extra information written on the credit card (signature and security code) that are not necessary for it work and are valuable to an “attacker”.

Read more

Display your latest Foursquare checkins on your blog using Foursquare API v2 and PHP

Aug, 26 2011 | web | Elie | 27 comments

In this post I will show you how to use my updated version of the foursquare-php class to display your latest foursquare on your page and blog. I will go through the changes induced by using Foursquare API v2 and what are the new awesome features introduced in this version: getting previous checkins and using the lib as the JSON backend.

Read more

Using the Microsoft Geolocalization API to retrace where a Windows laptop has been

Jul, 29 2011 | Privacy | Elie | 52 comments

EDIT (Tuesday 2nd August) Microsoft Statement is available from here

EDIT (Sunday 31th July) The flaw is fixed: I had a phone call with some people from Microsoft  yesterday (yes on a Saturday) and they told me they fixed the problem. I will update this post with their response as soon as it is out. The demo code does not work anymore.

In our upcoming BlackHat talk, we will show you how the WiFi data stored by Windows can be used to geolocate where your computer has been. While the ability to retrace where a computer has been (and when) certainly carries privacy implications, in this post I want to focus on how we uncovered this data, and the unexpected difficulties we encountered while developing this technique.

Read more
Popular blog posts
Latest social News
about 10 hours ago
New survey: 19% of users use their browser private mode - http://t.co/2BTgm6SA #security #privacy #infosec #smo
about 21 hours ago
19% of users use their browser private mode - http://t.co/ed2NqpaZ #security #privacy #infosec
1 day ago
Blizzard fixing GAME Australia's bankruptcy mess, giving Diablo 3 to those who preordered - http://t.co/JjpVm5X5 #d3 #diablo #diablo3
3 days ago
SessionJuggler Secure Web Login from an Untrusted Terminal Using Session Hijacking - http://t.co/IRQsBcVY #security #infosec #www2012...
6 days ago
Fascinating: An interview with a cybercriminal - http://t.co/amO1M5wN < guy operate a 10k botnet. #botnet #security #infosec