For many of you, Scott Hanselman will need no introduction and is a very familiar face, voice and writer. Among the many good things that Scott does to support the web development community (and that’s not just the Microsoft folks either), he’s also the man behind the Hanselminutes podcast which I was very happy to join him on recently. In fact this remains one of the very few podcasts where I actually listen to every episode – regardless of the direct relevance to me – simply because it’s delivered in such a professional manner and I know I’m going to learn something each time.
The podcast has gone out under the title Are you secure? WiFi Honeypots, Pineapples and SSL with Troy Hunt which is pretty self-explanatory. As per the title, we mostly discuss the risks presented by using public wifi plus the importance of HTTPS for those of us who are building web apps. Let me share some supplementary material which I’ve either touched on in that talk or will be of relevance to interested listeners:
- SSL is not about encryption
- OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection
- 5 ways to implement HTTPS in an insufficient manner (and leak sensitive data)
- Your login form posts to HTTPS, but you blew it when you loaded it over HTTP
- The beginners guide to breaking website security with nothing more than a Pineapple
- Pineapple Surprise! Mixing trusting devices with sneaky Wi-Fi at #wdc13
There’s a lot more related content beneath those but that’s a good starting point. I hope you enjoy the podcast!