Arjen

Blog posts and open-source work

About

Arjen

  • Security software engineer
  • arjen@tweedegolf.com

In 2021, Arjen made the switch to Tweede golf. As an expert in the field of security with a background in pentesting, he mainly focuses on IRMA and other security-related projects. In addition, Arjen wants to broaden his knowledge by gaining experience with, among other things, Rust backends and JavaScript frontend frameworks.

Arjen is a real problem solver. He has solved countless 'Hack The Box' challenges in recent years, and can never resist the yearly Christmas puzzle in the local newspaper.

When he is not at his computer, Arjen likes to do sports (swimming, running, cycling) or do some home improvement.

Blog posts

Show all posts by Arjen
May 31, 2023

Threat Modelling

Since I joined Tweede golf as the security lead, I’ve had the chance to work on improvements regarding security and privacy for all projects, as well as for the organisation in general.
security
Read article
When conducting a penetration test (also known as a hack test) on a website, one of the first things that will catch my eye is the configured (or better, not-configured) security headers on the targeted website. Security headers are a defense-in-depth measure, in the form of response headers, that let the browser know what is allowed and what is not. Browsers will respect the rules defined by these headers and thereby protect visitors from client-side attacks and potentially leaking sensitive information.
securityprivacy
Read article

When you enabled Google Analytics (GA) on your website maybe you thought "I don't really have another viable option". Or maybe you thought "the negative effect on my visitors isn't that bad, is it?" Both are relatable, but recently Data Protection Authorities have put GA under a microscope and concluded it actually is pretty bad. Some things in GA violate the GDPR. Apart from the question of whether it is legal or not, the fact that your visitors are tracked across the internet - we feel - is just awful. And, as it turns out, you do have options.

privacyweb-development
Read article

Open-source work

Show all

Tags

privacyweb-developmentirma

Languages

rustjavascript

Contributors

Marlon
Arjen

TGuard

TGuard is a web-based sending and decrypting service for irmaseal-encrypted messages that is currently in development at Tweede Golf.

TGuard utilizes IRMA to allow a user to encrypt messages client-side. These messages can be decrypted client-side once the receiver proves to be the owner of attributes the message was encrypted for, like an e-mail address, name, or an identifying number.

Github

Tags

securityprivacyirma

Languages

rustgojavascript

Contributors

Marlon
David
Arjen

ID-contact

For ID Contact we researched the possibilities of digital identification: how can residents organize their personal government affairs in a simpler and more reliable way? By telephone, via chat or via a video call.

The ID Contact innovation pilot is a collaboration between the municipalities of Arnhem, Nijmegen and the Drechtsteden and knowledge partners such as the Tax Authorities and iHub (Radboud University).

Within the ID Contact team we developed the software that makes secure digital identification possible.

Github