Troy Hunt

Hi, I'm Troy Hunt, I write this blog, run "Have I Been Pwned" and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals

Weekly Update 265

I had a bunch of false starts with this one. I don't know if it was just OBS or something else, but we got there after several failed attempts and me resorting to reading Gov Parson's nutty tweets until it all started working. "Nutty" is a bit of a theme this week not just with the Gov, but particularly Thingiverse's extraordinarily poor handling of their data breach. Just watch (or listen), because it's pretty crazy stuff and it's still unfolding now 🍿 ReferencesI hit 4M HIBP subscribers! (sure, it's just a number, but it's a BIG round number!)Kids, devices, social media and parental supervision (tl;dr - use technical parental controls, but there ain't no substitute for a present and...

Weekly Update 264

A lot of cyber things this week: loads of data breach (or "scrape", In LinkedIn's case) incidents, Windows 11 upgrade experiences and then bricking my house courtesy of a Home Assistant update that fundamentally changed the Tuya integration. So pretty much "same, same but different" to every other week 🙂 ReferencesI've done another podcast with 1Password ("Crocodile Shower Privacy Settings with Troy Hunt" - yep!)LinkedIn had hundreds of millions of records scraped (seems like multiple incidents earlier in the year just now circulating broadly)Twitch - wow! (that's a thread on what I learned as news of the incident unfolded before I then reviewed the data)The Windows 11 upgrade process has been... mixed (still just my laptop that won't...

Weekly Update 263

Lots of little bits and pieces this week in a later and shorter than usual update. See the references for all the details, but plenty of cyber, some IoT weather station discussion and a bit of chatter around career and me deciding I want to do a "Hack Your Career More" talk once we all get back to doing events in person. Stay tuned for that last one in particular! ReferencesFor those asking, the weather station I'm using is a Davis Vantage Pro2 (really happy with this one, especially using the WeatherLink module to integrate into Home Assistant)Here's Scott's thread on the fallout of the Let's Encrypt expired root cert (we all knew it was coming, doesn't seem like...

Weekly Update 262

5 years of weekly updates, wow. It's not like anything of much significance has happened in that time, right?! I've done these videos every single week without fail, through high and lows and no matter where I was in the world. As I say early on, they've helped keep me focused and whilst it hasn't always been easy to sit here and create them each week, I'm very glad I've done it. I'm also very glad Scott joined me on this one and we could have a bit of fun, shows with him always rate well and I'm sure we'll do many more like this over the next 5 years 😊 ReferencesScott's run-in with a patent troll is absolutely cringeworthy (and...

Weekly Update 261

Never a dull moment! Most important stuff this week is talking about next week, namely because Scott Helme and I will be dong a live stream together for the 5th anniversary of my weekly update vids. We'd love questions and topics in advance or just drop in on the day, we're planning it for 18:00 Gold Coast time on Friday 24 which will be 09:00 that morning in London and ridiculous o'clock everywhere in the US. A few other random things in this weeks vid, the one worth following up on here though is the promised tweet about how to handle the Epik breach and the result so far is, well, let's just say I think I nailed...

Weekly Update 260

An early one today as I made space in the schedule to get out on the water 😎 I'm really liking the new Apple AirTags, I'm disliking some of the international media coverage about Australia's COVID situation, another gov onto HIBP and a blog post I've wanted to write for a long time on biometrics. That last one in particularly I felt was really important as time and time again, I hear these irrational statements from people about the perceived "risks" of biometrics and in particular, the belief that you can somehow how representations of your body parts "stolen" in such a way that they can circumvent modern day auth controls. Nope and nope! ReferencesThe AirTag "anti-stalking" feature is pretty cool...

You Don't Need to Burn off Your Fingertips (and Other Biometric Authentication Myths)

111 years ago almost to the day, a murder was committed which ultimately led to the first criminal trial to use fingerprints as evidence. We've all since watched enough crime shows to understand that fingerprints are unique personal biometric attributes and to date, no two people have ever been found to have a matching set. As technology has evolved, fingers (and palms and irises and faces) have increasingly been used as a means of biometric authentication. I'm writing this on a PC that uses a Verifi fingerprint reader. I'll probably continue to draft it from a comfy spot later on using my Lenovo laptop that has a built in reader. I'll also go backwards and forward between my iPhone and...

Welcoming the Czech Republic Government to Have I Been Pwned

For the last few years, I've been welcoming national governments to Have I Been Pwned (HIBP) and granting them full and free access to domain-level searches via a dedicated API. Today, I'm very happy to welcome the Czech Republic's National Cyber and Information Security Agency who can now query their government domains along with the 26 other nations that have come before them. Data breaches impact all of us in one way or another, and government agencies are no exception. My hope is that in supporting the agencies that help protect us online, they're better equipped to do their jobs and we create a safer internet experience for all....

Weekly Update 259

I'm  back from the most epic of holidays! How epic? Just have a scroll through the thread: I’m back! Went offline for most of the last week, pics and stories to follow 🐊 pic.twitter.com/hRUcKMwgGU — Troy Hunt (@troyhunt) September 2, 2021 Which the Twitter client on my iPad somehow decided to break into 2 threads: At times this felt like navigating through a scene from Jurassic Park, just with wallabies rather than velociraptors 🦖 pic.twitter.com/VHa4kJw6kb — Troy Hunt (@troyhunt) September 3, 2021 Holiday snaps aside, there was a heap of other stuff this week ranging from me actually reading a book to the impact of the Gun Trader breach to my personal favourite, Pwned Passwords...

Weekly Update 258

A really brief intro as this is my last key strokes before going properly off the grid for the next week (like really off the grid, middle of nowhere style). Lots of little things this week, hoping next week will be the big "hey, Pwned Passwords just passed 1 billion", stay tuned for that one 😊 ReferencesYou probably should have an OnlyFans account (no, not in the way it sounds like you should...)Is the silver lining of Brexit an end to inane cookie warnings? (queue arguing about whether this is a GDPR thing or not)Spammy thread hijacking - ugh! (looks like the offender's account is no longer public)Pwned Passwords is almost about to roll over past the 1B...