Troy Hunt

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals

Stop the madness! Ridiculous security scare tactics revealed

You know the best way to sell security products? Scare the shit out of people. I mean make them really genuinely fearful that if they don't have the thing you're pushing that a bunch of nasty stuff will happen to them. It's the Donald Trump school of winning hearts and minds. Which brings me to CUJO, an Indiegogo campaign for a "security in a box" product. Strap yourself in and watch the video: Are we terrified yet? Yes? Good. Scary music, a hacker dude in a hoodie and just for good measure, a beauty queen and a kid (won't someone please think of the children?!) Around the 40 second mark you get a bit of "you may not know it,...

I wanna go fast: HTTPS' massive speed advantage

I tweeted this the other day, and the internet was not pleased: HTTPS is slow. No - wait - is it HTTP that's slow?! https://t.co/T49GG7oCaK pic.twitter.com/cfnYOpXMWc— Troy Hunt (@troyhunt) July 8, 2016 In fact, a bunch of the internet was pretty upset. "It's not fair!", they cried. "You're comparing apples and oranges!", they raged. No, it's not fair, the internet is not fair. But that's just how the web is today and whilst you might not like that it's not fair, that's the ballgame we're playing. When it comes to performance tests, I don't care about "fair", I only care about one thing: Let's take just a moment to put how...

Why am I in a data breach for a site I never signed up to?

This question in the title of this post comes up after pretty much every data breach I load so I thought I'd answer it here once and for all then direct inquisitive Have I been pwned (HIBP) users when confusion ensues in the future. Let me outline a number of different root causes for the "why is my data on a site I never signed up to?" question. You forgot you signed up Let's start with the simplest explanation because it's often the correct one - you've simply forgotten you signed up. We leave a huge trail of accounts behind us on the web over the many years we've been online for and there's no doubt whatsoever that most of...

Round 4 of Europe for 2016: More talks, more workshops

If you follow my Twitters, you may have noticed I can be a bit, well, "despondent" about the climate in Europe. No, not the whole Brexit political climate situation, I mean more like this: Crowds of people in Birmingham waiting for summer before they go outside: pic.twitter.com/7ImjmCt4Bf— Troy Hunt (@troyhunt) June 16, 2016 Yet I keep ending up back there so either it's my poor judgement or... I secretly enjoy it. Back in Jan (when it was much easier to complain about the weather), I was over in England, Scotland and Norway for four weeks then in May it was Belgium and Spain and last month was Norway and England again plus a few days in...

Getting to grips with cloud computing security on Pluralsight

Two of the things you'll have found me most frequently writing about on this blog are "cloud" and "security". Whilst the latter seems to have been what I've gravitated towards most in recent years, the former is something I'm very heavily involved in, particularly with my work on Have I been pwned (HIBP). I'm enormously happy to see the very last course in the Ethical Hacking series I've been building out with Pluralsight now complete with the 8th and final one being Ethical Hacking: Cloud Computing. Overwhelmingly excited. Ecstatic! I'll come back to why I'm so happy that the entire thing has now been wrapped up, but let me start with my favourite cloud question of all: Is "the cloud"...