Talks NemID

Analysis of everything NemID.

  • Why NemID is a bad trusted third party model, leading to the attack discussed in
  • Is this a "theoretical attack", as Nets and Digitaliseringstyrelsen says? (no)
  • Could Nets sign stuff with my private key, if they wanted to? (yes)
  • NemID and Persondataloven § 41 Stk. 3.
  • Why using a domain from Niue ( is really, really unprofessional
  • Why the banks' usage of NemID is illegal according to Lov om betalinger §128
  • Attacking NemID using sslstrip
  • etc


  • Friday Aug. 25 11:30 - 12:30