Real experiences from the field. We share what we've learned building encryption systems that actually work in production environments across Taiwan and beyond.
Last year, a financial services client came to us after their security audit revealed gaps. They were using AES-256, which sounds impressive on paper. But the implementation had issues with key rotation and we found plaintext fragments in memory dumps. This taught us that algorithm choice matters less than execution details.
Read Full Story
Most tutorials skip the hard parts. Like what happens when you need to search encrypted data, or how to handle key storage without making developers want to scream. We walk through an actual e-commerce implementation from December.
Keep Reading
We tested homomorphic encryption for a healthcare project in Taipei. The promise? Compute on encrypted data without decrypting it. The reality was more complicated, with performance issues we didn't anticipate. Here's what actually happened.
See Results
Everyone focuses on which encryption algorithm to use. But I've seen more breaches happen because of poor key management than weak algorithms. In one case, a startup stored their master key in an environment variable. That's like buying a safe and leaving the combination on a sticky note.
Back in 2023, we had clients who wanted us to build "proprietary encryption solutions" because they thought it would be more secure. It took a few audit failures to convince everyone that using battle-tested libraries makes way more sense. Now we spend that energy on proper implementation instead.