my name is Frederik Braun and I currently work as a Staff Security Engineer at Mozilla. This blog's content is heavily influenced by my work in security, but it is a personal blog and opinions do not reflect anyone else's than mine.
In the fall of 2013 I have co-authored a whitepaper about the benefits of the X-Frame-Options security header with Mario Heiderich. It actually mostly showcases some nifty tricks and attacks that you can carry out when a website can be framed.
I once wrote a thesis about the Same Origin Policy and its state in the API-rich HTML5 browsers in Summer 2012, which concluded my studies of IT-Security at the Ruhr-University in Bochum. This is also where I co-founded the CTF team fluxfingers.