Weekly Update 132

From last week's update in Seattle to home to Sydney to back home and a late update (again). But regardless, I'm committed to continuing the cadence of doing these updates each week and 132 of them in, I'm yet to miss a week.This week it's a combination of more of the same (travel, events and data breaches), as well as more thoughts on the future of HIBP and Cloudflare's role when it comes to nasty content online. That last one in particular is a really tricky discussion and it's one that tends to come back to the surface after events that cause us to reflect on the nature of online speech that whilst legal, we all (well, almost all)...

Weekly Update 131

So firstly, sorry for the audio quality. I'm pretty damn frustrated with those Instamics right now between the flakey firmware upgrade process and the unexpected loss of recording today. I'll make sure I get on top of it for next time.I'm sitting at the gate in Seattle right now about to board so I'm going to cut this intro short and jump straight into the vid. Here's this week's which has a bunch of different things in it I found interesting including the usual raft of data breaches and other industry bits and pieces. Gotta fly, enjoy! ReferencesI'm doing a keynote for Akamai in Sydney on Thursday (hear more from me on data breaches and cyber-things)And another NDC...

Weekly Update 130

Well that was a hell of a week of travel. Seriously, the Denver situation was just an absolute mess but when looking at the video from the day I was meant to fly in, maybe being stuck in LA wasn't such a bad thing after all:As of 1:30 p.m., all runways are closed, but the terminal & concourses are open. Airlines have cancelled flights for early afternoon/evening. Conditions on Peña Blvd. are poor; visibility is extremely low, conditions are icy. Consider the @RideRTD A Line when traveling to DEN. pic.twitter.com/AvGxVcZgeP— Denver Int'l Airport (@DENAirport) March 13, 2019 But despite the dramas I did still (just) make it and got to...

These Cookie Warning Shenanigans Have Got to Stop

This will be short, ranty and to the point: these warnings are getting ridiculous: I know, tell you something you don't know! The whole ugly issue reared its head again on the weekend courtesy of the story in this tweet:I’m not sure if this makes it better or worse... “Cookie walls don't comply with GDPR, says Dutch DPA”: https://t.co/p0koRdGrDB— Troy Hunt (@troyhunt) March 8, 2019 The reason I don't know if it makes it better or worse is that on the one hand, it's ridiculous that in a part of the world that's more privacy-focused than most it essentially boils down to "take this cookie or no access for you" whilst on...

Weekly Update 129

Heaps of stuff going on this week with all sorts of different bits and pieces. I bought a massive new stash of HIBP stickers (1ok oughta last... a few weeks?), I'll be giving them out at a heap of upcoming events, I was on the Darknet Diaries podcast (which is epic!) plus there's more insights into the ShareThis data breach and the ginormous verifications.io incident. Oh - and Udemy is still pirating my content, here's the tweet if you'd like to let them know how you feel about that:Disgusted that @udemy is still pirating courses from @dalemeredith and myself. Seriously guys, this has been going on for years, there's obviously no checks on this whatsoever. Here&...

Weekly Update 128

I'm not intentionally pushing these out later than usual, but events have just been such over the last few weeks that it's worked out that way. This one really is a short one though as there hasn't been a lot of newsworthy stuff going on this week, other than the new Instamics I picked up which are rather cool. The audio recording did work well (I mentioned in the video I wasn't sure if it was functioning correctly), and it's pretty damn good quality for what it is. Certainly better than my old Rhode lapel mic, but obviously not up to the standard of the Electro-Voice I use for professional recording.Next week I expect I'll be a little more...

Weekly Update 127

It was another travel week so another slightly delayed weekly update, but still plenty of stuff going on all the same. Along with a private Sydney workshop earlier on, I'm talking about some free upcoming NDC meetup events in Brisbane and Melbourne and I'd love to get a great turnout for. I've just ordered 10k more HIBP stickers to last me through upcoming events so they'll be coming with me.In other news, there was old news appearing as new news about how hosed you are if your machine is compromised with the level of hosing extending to your password manager. This will inevitably be another one of these times where something gets blown out of proportion (and context) in...

Weekly Update 126

Another week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual meetups, chats, beers, selfies, delivery of HIBP stickers and an all-round good time, albeit an exhausting one. That's why I'm a day late this week having finally arrived home late last night.Moving on though, I've got a bunch of other events coming up particularly in conjunctions with the folks at NDC. Brisbane in a couple of weeks, Gold Coast in April then Minnesota in May. Oh - plus Oslo in June and stretching out beyond that, Sydney in October. The link in the references below about how conferences can help keep speakers happy (or piss them off,...

The Race to the Bottom of Credential Stuffing Lists; Collections #2 Through #5 (and More)

A race to the bottom is a market condition in which there is a surplus of a commodity relative to the demand for it. Often the term is used to describe labour conditions (workers versus jobs), and in simple supply and demand terms, once there's so much of something all vying for the attention of those consuming it, the value of it plummets.On reflecting over the last 3 and a half weeks, this is where we seem to be with credential stuffing lists today and I want to use this blog post to explain the thinking whilst also addressing specific questions I've had regarding Collections #2 through #5.The 773 Million Record "Collection #1" Data BreachOn Thursday 17 Jan,...

Weekly Update 125

I'm back home! It was an amazing trip in many ways, not least of which was the time it gave both Scott and myself to reflect on workload and managing lives which can be a bit of a never-ending series of commitments. To that effect, I've been backing off Twitter a bit and as I say in this update, I very quickly remembered why after a couple of short engagements yesterday. But moving forward, it's Microsoft Ignite in Sydney next week and that should be a great event, plus I'm talking about Google's Password Checkup extension and the other credential stuffing list "collections" I keep getting asked about. On that last point, I explain my hesitation with them in the...