Hacker News
- Solving Open Source Supply Chain Security for the PHP Ecosystem https://paragonie.com/blog/2022/01/solving-open-source-supply-chain-security-for-php-ecosystem 28 comments
- Our Ambitious Plan to Make Insecure PHP Software a Thing of the Past https://paragonie.com/blog/2018/01/our-ambitious-plan-make-insecure-php-software-thing-past 90 comments
- How We Engineered CMS Airship to Be Simply Secure https://paragonie.com/blog/2017/03/how-we-engineered-cms-airship-be-simply-secure 23 comments
- Secure Account Recovery Made Simple https://paragonie.com/blog/2016/09/untangling-forget-me-knot-secure-account-recovery-made-simple 20 comments
- Show HN: Airship, a modern and secure CMS written in PHP 7 (1st Beta) https://paragonie.com/project/airship 8 comments
- How to Securely Allow Users to Upload Files (PHP) https://paragonie.com/blog/2015/10/how-securely-allow-users-upload-files 2 comments
Lobsters
- Paseto is a Secure Alternative to the JOSE Standards (JWT, etc.) https://paragonie.com/blog/2018/03/paseto-platform-agnostic-security-tokens-is-secure-alternative-jose-standards-jwt-etc 20 comments cryptography , php , security , web
- Avoid Encrypting URL Parameters (2015) https://paragonie.com/blog/2015/09/comprehensive-guide-url-parameter-encryption-in-php 10 comments cryptography , security , web
- How We Engineered CMS Airship to be Simply Secure https://paragonie.com/blog/2017/03/how-we-engineered-cms-airship-be-simply-secure 5 comments php , security
- JWT is a Bad Standard That Everyone Should Avoid https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid 16 comments security , web
- Our Contributions to a More Secure Internet - Paragon Initiative Enterprises https://paragonie.com/blog/2022/06/recap-our-contributions-more-secure-internet 4 comments php
- Stop Storing Authentication Tokens in JS-accessible Storage https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid 5 comments reactjs
- Ristretto255 for the PHP Community - Paragon Initiative Enterprises Blog https://paragonie.com/blog/2021/05/ristretto255-for-php-community 10 comments php
- Against Agility in Cryptography Protocols https://paragonie.com/blog/2019/10/against-agility-in-cryptography-protocols 43 comments crypto
- The Definitive 2019 Guide to Cryptographic Key Sizes and Algorithm Recommendations https://paragonie.com/blog/2019/03/definitive-2019-guide-cryptographic-key-sizes-and-algorithm-recommendations 27 comments crypto
- Security Concerns Surrounding WebAuthn: Don't Implement ECDAA (Yet) https://paragonie.com/blog/2018/08/security-concerns-surrounding-webauthn-don-t-implement-ecdaa-yet 5 comments crypto
- Protecting RSA-based Protocols Against Adaptive Chosen-Ciphertext Attacks https://paragonie.com/blog/2018/04/protecting-rsa-based-protocols-against-adaptive-chosen-ciphertext-attacks 10 comments crypto
- Paseto is a Secure Alternative to the JOSE Standards (JWT, etc.) https://paragonie.com/blog/2018/03/paseto-platform-agnostic-security-tokens-is-secure-alternative-jose-standards-jwt-etc 11 comments netsec
- The 2018 Guide to Building Secure PHP Software https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software 3 comments webdev
- The 2018 Guide to Building Secure PHP Software https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software 187 comments netsec
- Assuring Ciphertext Integrity for Homomorphic Cryptosystems https://paragonie.com/blog/2017/12/assuring-ciphertext-integrity-for-homomorphic-cryptosystems 12 comments crypto
- Guide to Building Searchable Encrypted Databases with PHP and SQL https://paragonie.com/blog/2017/05/building-searchable-encrypted-databases-with-php-and-sql 46 comments netsec
- JWT (JSON Web Tokens) is a Bad Standard That Everyone Should Avoid https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid 14 comments webdev
- Cryptographically Secure PHP Development https://paragonie.com/blog/2017/02/cryptographically-secure-php-development 21 comments netsec
- Public-Key Encryption in PHP https://paragonie.com/blog/2016/12/everything-you-know-about-public-key-encryption-in-php-is-wrong 10 comments crypto
- On the (in)security of popular open source Content Management Systems written in PHP https://paragonie.com/blog/2016/08/on-insecurity-popular-open-source-php-cms-platforms 24 comments netsec
- How to Generate Secure Random Numbers (Various Programming Languages) https://paragonie.com/blog/2016/05/how-generate-secure-random-numbers-in-various-programming-languages 8 comments programming
- How to Generate Secure Random Numbers (in Various Programming Languages) https://paragonie.com/blog/2016/05/how-generate-secure-random-numbers-in-various-programming-languages 3 comments netsec
- Building Persistent Shopping Cart https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence 15 comments webdev
- Securely Implementing (De)Serialization in PHP https://paragonie.com/blog/2016/04/securely-implementing-de-serialization-in-php 26 comments netsec
- How to Safely Store a Password in 2016 (with example code) https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016 96 comments netsec
- The Comprehensive Guide to URL Parameter Encryption https://paragonie.com/blog/2015/09/comprehensive-guide-url-parameter-encryption-in-php 26 comments programming
- DEFCON 23 Underhanded Crypto Contest - Password Authentication Backdoor Write-Up https://paragonie.com/blog/2016/01/on-design-and-implementation-stealth-backdoor-for-web-applications 13 comments crypto
- On The Design and Implementation of a Stealth Backdoor for Web Applications https://paragonie.com/blog/2016/01/on-design-and-implementation-stealth-backdoor-for-web-applications 9 comments netsec
- Preventing Timing Attacks on String Comparison with a Double HMAC Strategy https://paragonie.com/blog/2015/11/preventing-timing-attacks-on-string-comparison-with-double-hmac-strategy 14 comments programming
- WordPress 4.4 finally gets a CSPRNG https://paragonie.com/blog/2015/10/coming-wordpress-4-4-csprng 10 comments netsec
- Coming to WordPress 4.4: CSPRNG https://paragonie.com/blog/2015/10/coming-wordpress-4-4-csprng 9 comments webdev
- You Wouldn't Base64 a Password! (Cryptography Concepts for Developers) https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded 29 comments programming
- You Wouldn't Base64 a Password - Cryptography Decoded https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded 6 comments netsec
- Preventing SQL Injection in PHP Applications - the Easy and Definitive Guide https://paragonie.com/blog/2015/05/preventing-sql-injection-in-php-applications-easy-and-definitive-guide 11 comments netsec