Troy Hunt

Hi, I'm Troy Hunt, I write this blog, run "Have I Been Pwned" and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals

Weekly Update 178

This week I'm at Microsoft Ignite "The Tour" in Sydney with Lars Klint. I've spent most of the last couple of days doing the "hallway track" (basically just wandering around and saying "hi" to people) and doing a bunch of meetings with folks here on cyber things. I didn't mention it in the video, but there was also the Azure User Group Wednesday night and a panel here at Ignite last night so definitely keeping busy. Not too busy, mind you, and I did manage to get a couple of blog posts out this week. I'll be home on the Gold Coast from tomorrow beginning what I'm planning to be an extended "quiet period" with a lot less travel and...

Donating BAT to Have I Been Pwned with Brave Browser

I don't know exactly why the recent uptick, but lately I've had a bunch of people ask me if I've tried the Brave web browser. Why they'd ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers. It also has some cool built-in stuff like the ability to create a new private browsing window in Tor rather than just your classic incognito window that might ditch all your cookies and browsing history but still connect to the internet directly from your own IP address. But the thing that's really caught the attention of the people I've been speaking to is Brave Rewards which is an innovative way of simultaneously eschewing traditional ads whilst...

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

Today is Safer Internet Day which marks the annual occurrence of parents thinking about their kids' online presence (before we go back to thinking very little about it tomorrow!) It's also the day the Courier-Mail here in my home state of Queensland published a piece on sharenting or as Wikipedia more accurately describes it, the practice of "sharing too much information" about your kids online. That's a worthy discussion to have on this day, although the opening paragraph started out, well... just read it: Reported in today’s Courier-Mail here in Queensland: should parents “ask their toddlers for permission before taking a photo”? What say you, internet? pic.twitter.com/65m4gj9mZB — Troy Hunt (@troyhunt) February 11, 2020 I was...

Weekly Update 177

I've got audio! Ok, so I cheated a bit in terms of recording back in the home office, but the plugs I need to make the Zoom H6 work the way it should (and yeah, I know I said "Rode" H6 in the vid, sorry!) are on the way and hopefully they'll be all good for next week when I'm in Sydney. I'm talking about that trip in this week's update along with the Chrome 80 changes to SameSite cookies not that its hit, the Adult FriendFinder breach and then recapping on a heap of the week's news in tweets. I hope the audio (and video) improvements this week do the job, I'll do it all again from Sydney next...

Weekly Update 176

Well that's the audio issues fixed - mostly. The Zoom H6 is an awesome recorder, I just can't quite work out the right adaptors for the mic. I've got a couple of Saramonic SR-XLM1 lav mics and the guy at the DJ store I bought the Zoom from was convinced we'd be fine with just with 3.5mm to 6.35mm jack converters which appears to be incorrect. Someone else hen said we'd need a TRRS to TRS adaptor so we grabbed a couple of Rode SC3s which also didn't solve the problem. So, keeping in mind we have no idea what we're doing (and missing), can someone explain the gap here and what's required to fill it? In other...

Weekly Update 175

Alright, let me get this off my chest first - I've totally lost it with these bloody Instamics. I've had heaps of dramas in the past with recordings being lost and the first time I do a 3-person weekly update only 2 of them recorded (mine being the exception). I was left with a zero-byte file on my unit which we tried to recover to no avail. It's not just that; the mobile app is clunky AF (Scott was demonstrating how many times he had to mash a button on his just to get it to connect to a mic), firmware updates require an install on the PC (which at least previously, was unsigned code loaded over HTTP via an...

Kids and Code: Object Oriented Programming with Code Combat

Geez time flies. It's just a tad under 4 years ago that I wrote about teaching kids to code with code.org which is an amazing resource for young ones to start learning programming basics. In that post I shared a photo of my then 6-year-old son Ari holding a Lenovo Yoga 900 I gifted him as part of the Insiders program I'm involved in: He got a lot of mileage out of that machine and learned a lot about the basics of both code and using a PC. Today seemed like a good time to follow up on that post, starting with a new machine: This one is a Lenovo Yoga C940 and for full disclosure, it came courtesy...

Weekly Update 174

We're in Norway! More specifically, Scott Helme and I are in Hafjell and recording this after a day on the snow before heading back to Oslo and the NDC Security conference next week. For now though, we're talking about some really screwy global roaming behaviour with telcos, the Danish gov coming onto HIBP, babies in data breaches and the takedown of We Leak Info. We'll do this again together next week from Oslo and then again the following week from NDC London. For now, here's the fireside version in Hafjell: ReferencesBabies in data breaches - yep, babies (there are no limits on who can be breached these days)We Leak Info got taken down by a collection of law enforcement...

Welcoming the Danish Government to Have I Been Pwned

In a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I'm very happy to welcome the first country onto Have I Been Pwned for 2020 - Denmark! The Danish Centre for Cyber Security (CFCS) joins the existing 7 governments who have free and unbridled API access to query and monitor their gov domains. As the year progresses, I'll keep onboarding additional governments to help consolidate existing searches their departments have been independently running and provide greater visibility at a national level....

Weekly Update 173

I really should have started the video about 3 minutes earlier. Had I done that, you'd have caught me toppling backwards into the frangipani tree whilst trying to position my chair and camera which frankly, would have made for entertaining viewing. Instead, this week's update is focused primarily on a completely different epic fail, namely Surebet247's handling of a breach impacting their customers. I chose those words carefully as it now seems almost certain the breach was actually of BtoBet and I've linked to the story on that below. Regardless, have a listen to how the Nigerian gambling service handled the incident, holy shit... ReferencesNDC is coming to Melbourne! (also check out the CFP if you're interested in delivering a...