SecureStore: the open secrets container format

It’s been a while since we first released our SecureStore.NET library for C# and ASP.NET developers back in 2017, as a solution for developers looking for an uncomplicated way of safely and securely storing secrets without needing to build and maintain an entire infrastructure catering to that end. Originally built way back in 2015 to support secrets storage in legacy ASP.NET applications, SecureStore.NET has been since updated for ASP.NET Core and UWP desktop application development, and now we’re proud to announce the release of SecureStore 1.0 with multi-platform and cross-framework support, with an updated schema making a few more features possible and official implementations in C#/.NET and Rust.

Continue reading

Transparent encryption and decryption in rust with cryptostreams

C# developers have long been spoiled when it comes to quickly and easily getting up and running with encryption thanks to the .NET CryptoStream  class, which wraps a Stream instance in a second Stream that automatically encrypts/decrypts anything read/written to/from it before passing it along to the underlying Stream. Long story short, it makes it ridiculously easy to add encryption or decryption facilities to an existing pipeline, as after setting up the CryptoStream instance you can just treat it like any other Stream object and read or write to it normally.

Encryption has been somewhat of a sore spot in the rust ecosystem after a few false starts with “native” rust encryption libraries that went nowhere, but today the rust community has fortunately adopted the OpenSSL bindings as the approach of choice, and the rust-openssl crate makes it easy to both bundle and consume the openssl bindings from rust in a cross-platform manner. What it doesn’t do is make encryption and decryption any easier than OpenSSL itself does.

Continue reading

SecureStore: a .NET secrets manager

SecureStore is our open-source (MIT-licensed) solution to secrets management for .NET developers. It’s intended to be dead simple and boldly embraces the KISS principle. We’ve been using it in production for a while now (years, actually!), but hadn’t gotten around to officially releasing it despite its public availability on our GitHub page.

Continue reading

Why Google’s announcement of fully encrypted search doesn’t matter for analytics

Google finally announced what we all knew was coming sooner or later: all search is now encrypted — and the kicker for those of us in the online business is that we’ll never again receive information about which keywords searchers used to land on our site (from Google, at any rate).

(Backstory: when you search on Google, the search terms are part of the URL of the results page. When clicking on search results, your browser normally sends the URL of the page you were on along with your request to the server of the page you’re visiting. Except for when browsing over HTTPS: here, the browser does not send this critical – and sometimes sensitive – information to the server of the page you’re about to see. This referrer information was the basis of keyword metrics to determine which keywords bring in the most visitors to individual pages on your site.)

But, honestly, despite the fact that the web is now full of people griping about this change, it actually doesn’t matter. Google’s announcement is nothing more than a formality. Have a look below to see why:

Continue reading

Connecting to WPA2-Secured Wi-Fi with Windows XP x64

A while back, we reported on how if you’re a Windows XP x64 user, Microsoft didn’t think you needed the additional Wi-Fi security offered by the WPA2 encryption protocol – which just happens to be one of the only two non-trivial Wi-Fi protection scheme available at the same time. Well, chin-up, because if you’re a Windows XP 64-bit Edition user, you can now up that security level on your router and enjoy WPA2-encrypted networking bliss.

That’s right, 64-bit users can now use WPA2 just like the rest of the world has been doing (including Linux x64 users, OS X users, Windows XP 32-bit, and just about every other operating system on the planet). It seems that Windows XP x64 SP2 includes the hotfix, which Microsoft still refuses to release separately, though the 32-bit version was released as a hotfix two years before XP x64 SP2 was made available.

Anyway, all you need to do to be able to connect to WPA2-encrypted networks is download and install Service Pack 2, then connect using your Wi-Fi connection tool of choice, including the Windows Zero-Configuration Wi-Fi module.

You can read the official release notes for Service Pack 2 – just skip down to the “Wireless Protected Access 2” section and read. Congratulations Windows x64 users, and welcome to the world of the secure. Say thank you to Microsoft for giving you their blessing to enter, but be careful, the party is almost over. So much for a 64-bit future – and Microsoft wants to make Vista the last 32-bit operating system. Scary.

Hat-Tip: Dan