Weekly update

A fairly hectic week this one, in a large part due to chasing down really flakey network issues that are causing devices (namely Shelly relays) to be inaccessible. I suspect it's ARP related and as of now, it's still not fully resolved. You know how much shit breaks in a connected house when devices become inaccessible? Lots. But hey, at least I've finally automated my aircon! ReferencesI've had a heap of issues with my Shellys on my Ubiquiti network (thought I had it fixed after recording this but now, not so much...)I joined the Phil DeFranco show this week (I really enjoyed this and apparently, heaps of other people did too)My aircon woes are almost over, courtesy of...

What. A. Week. Heaps of data breaches, heaps of law enforcement and gov stuff and somehow, I still found time to put even more IP addresses into the house courtesy of even more IoT. I'm not sure if the latter gives me a break from the more professional tech stuff or just compounds the amount of stuff I've already got on my plate, but I'm having fun doing it anyway 😊 All that and more in this week's update. ReferencesHere's the thread on the ~250M US people data set (at 51.6% for the negative, this won't be going into HIBP)The FBI in conjunction with efforts from the Dutch NHTCU and German BKA grabbed a bunch of data from the...

Lots of bit and pieces this week, most of which is self-explanatory based on the references below. One thing to add though is the outcome of the ClearVoice Surveys breach I live-tweeted during the stream: someone from there did indeed get in touch with me. We spoke on the phone, they confirmed the legitimacy of the breach and acknowledged they'd seen it posted to a hacking forum where it's now spreading broadly. They're working on their disclosure but as I said to them on the call, the fact it's now spread so broadly means I'm notifying my HIBP subscribers ASAP, which I've just done. 15M more record are now in there and based on the backlog I'm currently working through,...

Geez I'm glad the Facebook stuff was the week before this one! With that (mostly) out of the way, we headed off to Thredbo for a couple of days of mountain biking, hitting trails I've only ever snowboarded down before (yes, we get snow in Australia). Back to normality (I think we can start calling it that now), Rob and I did our book editing session, the Facebook scraping incident (let's stop calling it a "data breach") continued to consume time and in a case of very fortuitous timing, they're copping a class action right after I wrote about my displeasure regarding data breach ambulance chasing. Good timing indeed, here why this is really bugging me in this week's video....

"What a shit week". I stand by that statement in the opening couple of minutes of the video and I write this now at midday on Saturday after literally falling asleep on the couch. The Facebook incident just dominated; everything from processing data to writing code to dozens of media interviews. And I ran a workshop over 4 half days. And had 2 lots of guests visiting. And had to deal with all sorts of other unpleasant stuff outside of that. Damn that beer tasted good... ReferencesThe petition in front of UK parliament to require verified IDs on social media platforms has fallen flat (not unsurprising, and the response is actually quite nicely written IMHO)I've probably taken a little...

As soon as I started watching this video back, I remembered why I don't do daylight mode in these any more. It's just so... boring. That said, I've got a bunch of stuff in the pipeline to enhance the room design and lighting as I think there's still plenty of room for improvement, stay tuned for that one. For now though, a lot of this week's video is about the Ubiquiti situation and I'm very candid about my feelings on that one. I'm also very happy about what I've done with Coinhive, so enjoy listening to that piece 😎 ReferencesI tweeted about my annual purchase of 1Password and next minute, people are debating the virtues of cloud storage and open source...

This 🤬🤬🤬 DAC! I mean it's a lovely device, but it's just impossible to use it as an audio source in the browser without it killing the camera. I'm very close to being out of ideas right now, only remaining thing I can think of is to set everything up on the laptop and see if it suffers a similar fate to what's happening on my desktop. The last thing I feel like doing now is burning more precious hours, but it's getting to that point. In other news, more breaches and a big argument about SMS based 2FA, enjoy 😊 ReferencesMy Apollo Twin DAC audio problems remain, as of this moment, unresolved (this is such a nice bit of kit, but...

A slow start this week as the camera refused to be recognised by any browser. The problem, of course, was that I'd plugged in a new DAC for the replacement speakers 🤷‍♂️ Despite the slow start, there's a heap in this week's update on all sorts of different things as I find myself continually drawn in different directions. But that's also what I love about this industry, that there's so much variety and always something to scratch every itch 🙂 ReferencesA massive thanks to everyone who has supported Elle's fundraising efforts (helping support the school and plant trees)The new Genelec speakers arrived, and they're amazing 😎 (the DAC and camera also seem to be working together now, I just plugged the DAC...

A big, big week with a heap of different things on the boil. Cyber stuff, audio stuff, IoT stuff - it's all there! Sorry about the camera being a little blue at the start, if anyone knows why it's prone to do this I'd love to hear from you. But hey, at least the audio is spot on, hope you enjoy this week's video. ReferencesComplying with NIST Password Guidelines in 2021 (a piece from this week's sponsor, intro'd by yours truly)We're rapidly going cashless, but not everybody is happy (there are some valid points in that thread, but also some pretty tenuous arguments IMHO)My friend Tanya Janca has published Alice & Bob Learn Application Security (I really like...

Data breaches all over the place this week! Not just data breaches, but noteworthy data breaches; the VPN ones for being pretty shady, Oxfam because it included my data which was posted to a hacking forum, Ticketcounter because of the interactions I had with them during the disclosure process and Gab because, well, everything about Gab is always weird. The CEO's behaviour is just appalling and that seems to trickle down to many of the users too, including some who joined in the live stream. But hey, it's giving me amazing conference material and some of the stuff from the last couple of days is just so good, I'm going to save it for when I can actually present it...