I've written before about how I verify data breaches [https://www.troyhunt.com/heres-how-i-verify-data-breaches/] and discussed it at length in various conference talks. I take verification very seriously because misattribution can have serious consequences on the company involved, those in the alleged breach and indeed, on myself as well. To give you a sense of how much effort can go into verification, last month I wrote about a data breach investigation blow by blow [https://www.troyhunt.com/a...

It's the end of another big trip and time to take the long journey home. This time it's Copenhagen to London, then Dubai, then finally Brisbane and a ride home to the Gold Coast. It's been a busy week in the lead up to the travel too with lots of talks and writing. But the big pone I'm most proud of this week is this: > Sometime today, @haveibeenpwned [https://twitter.com/haveibeenpwned] broke through the 1M verified subscriber mark. Having a quiet champagne alone before flying home ?? pic.twit...

That's it - I'm calling it - HTTPS adoption has now reached the moment of critical mass [https://en.wikipedia.org/wiki/The_Tipping_Point] where it's gathering enough momentum that it will very shortly become "the norm" rather than the exception it so frequently was in the past. In just the last few months, there's been some really significant things happen that have caused me to make this call, here's why I think we're now at that tipping point. We've already passed the halfway mark for request...

Supercar factory last week. Brewery this week. This is how it's done! As I've written before, despite the many awesome moments these trips have, they're enormously busy with a huge amount jammed into them. This week I talk about travels in Belgium, how they crashed HIBP with a massive surge of traffic after some good press, my upcoming Copenhagen workshop and the inevitable demise of LeakedSource which finally happened yesterday. Next week... somewhere on a plane... on the way to somewhere warm...

Yesterday, the website known as "LeakedSource" went offline. It's still early days and there's not yet an official word on exactly what happened, but the unfolding story seems to be as follows [http://www.zdnet.com/article/breach-site-leakedsource-raided-by-feds/]: > Yeah you heard it here first. Sorry for all you kids who don't have all your own Databases. Leakedsource is down forever and won't be coming back. Owner raided early this morning. Wasn't arrested, but all SSD's got taken, and Leake...

How's this for a spot to be?! This week I'm at the McLaren factory in Woking just outside London courtesy of a kind invite from a friendly Twitter follower. On Sunday, I was shown around some great spots in London by another one and as I've said before, I've only ever had good things come from meeting people "in real life" that I've interacted with online. Highly recommended! Not a lot to talk about in terms of new content I've written, but I give a rundown on the NDC conference, the new Plural...

This is a somewhat shorter, very tired version of my weekly update. As I say in the video, preparing for the NDC conference in London next week has been extremely taxing with two new talks and a bunch of other activities to organise. I didn't mention it in the vid, but I was also going until the early hours of yesterday morning recording a new Pluralsight course which I'll then be editing while I travel. I didn't realise how tired I look until I edited the clip so I'm going to do my best to use...

Someone has just sent me a data breach. I could go and process the whole thing, attribute it to a source, load it into Have I been pwned [https://haveibeenpwned.com] (HIBP) then communicate the end result, but I thought it would be more interesting to readers if I took you through the whole process of verifying the legitimacy of the data and pinpointing the source. This is exactly the process I go through, unedited and at the time of writing, with a completely unknown outcome. Warning: This one...

It's a new year! Which means looking back at the old year and while I'm there, also looking back at how much we didn't know we didn't know. This week I also permanently nuked all remaining remnants of the ad network given the success of the sponsorship model and that has made me very happy. What I didn't mention in the weekly update is that I've had over 70k visitors to this blog over the last 24 hours largely on the basis of that post. It got a lot of traction on Hacker News [https://news.ycomb...

I don't mind ads on websites as a concept, that is I don't mind the idea of a message appearing somewhere that helps the producer of said content earn a crust. However, there are other things about ads that I do mind enormously and most of them are due to the ad networks themselves. I don't like the overhead of a whole other website being embedded into an iframe. I don't like the total irrelevancy of much of the ad content. It could be tailored to my browsing habits, but then I'm not overly fond...