threat-modeling
2 posts tagged threat-modeling.
-
Two Months Without Code: The Windows Security Wars Part 1 (1995-2001)
In 1995-2001 the worms won. The Trustworthy Computing memo and the ten-week Windows Security Push that followed taught the industry how to ship secure software.
-
Edge's Two Password Cryptographies: A Beautiful PSI on the Wire, and Plaintext RAM by Design
Microsoft Edge ships a homomorphic-encryption PSI for breach checking and decrypts every saved password into process RAM at launch. Both designs are deliberate. They defend different threat models.