Digital identities, the electronic credentials embedded in phone wallets, workplace logins, and other apps, are becoming ubiquitous. While they offer unprecedented convenience, they also create new privacy risks, particularly around tracking and surveillance.  One of these risks is linkability, the ability to associate one or more uses of a credential to a specific person. Currently, when people use their mobile driver’s license or log into various apps,  

Outdated coding practices and memory-unsafe languages like C are putting software, including cryptographic libraries, at risk. Fortunately, memory-safe languages like Rust, along with formal verification tools, are now mature enough to be used at scale, helping prevent  

One of the biggest pillars for Microsoft Edge is trust. Today, to further bolster that trust while keeping our customers safe, we introduce a new feature called Password Monitor. The feature notifies users if any of their saved passwords have been found in a third-party breach. All this is done while ensuring Microsoft doesn’t learn the user’s passwords. The underlying technology ensures privacy and security of the user’s passwords, which means that neither Microsoft nor any other party can learn […]

Cloud services have become the new critical infrastructure, and cloud expectations have transformed how developers work. The number of cloud services that are business-critical continues to grow every day, with no end in sight. And the era of boxed software is over: developers are now responsible for continuously shipping new capabilities in live services while also maintaining their security and availability. Today, most cloud and web services are programmatically accessed through REST (REpresentational State Transfer) APIs. However, the tools for […]