Weekly update

Yes, I'm in my car. I'm completely disorganised, rushing to the next event and really didn't plan this very well. But hey, what an awesome little soundproof booth it is! That said, I did keep this week deliberately concise... until I went to edit it and then Adobe Premiere (or the NVIDIA drivers on my laptop) decided to turn a 16 minute video clip into a multi-hour shit-fight. That's before the multi-hour upload process too because "Australia" 🙃 ReferencesScott Helme is running my Hack Yourself First workshop in Amsterdam on Dec 9 & 10 (he's getting awesome reviews on these too)Apparently, FinecoBank in Italy reckons you should Google your password and not use it if it appears 10 times or...

It's a late, early in the day, hazy, bush-firey Aussie weekly update with a whole bunch of various bits and pieces of interest from throughout the week. The references below will give you a sense of how much I've jammed into this week so I won't repeat it all here in the intro, but I reckon it's a really interesting mix of different things across the industry. Enjoy 😎 ReferencesNord has had a heap of credential stuffing attacks (or at least a heap of Pastebin entries with creds from attacks)Whilst it sucks for Nord, they do also have some accountability here (the FTC says that "businesses will no longer be able to play the victim-card")Veritas (DNA testing) had a...

It's been a pretty full week this one with a couple of talks in Sydney followed by another in Melbourne. Then, to top it all off, getting sick hasn't helped and oh boy did this one hurt. Good news is that even just a few hours after recording this video I'm feeling much better, but I desperately need to take a longer period of rest if I don't want a repeat of this any time soon. That'll come, but not for a while yet. Oh - I forgot to mention it in the vid but I'm also now publishing this podcast via Spotify. Check out the link below if that's your preferred means of consuming podcasts. ReferencesCatch Scott Helme running...

Ah, impending summer on the Gold Coast! It's that time of year when you can just start to sense those warm beach days and it's absolutely my favourite time of year here. Which means... it's time to head off to other events again. Fortunately it's all domestic this time as I head south to Sydney and Melbourne and maintaining my "no fly unless I absolutely have to" stance, it's long, open road drives, copious podcasts and lots of thinking time. On the infosec side of things, there's a a bunch of HTTPS related content this week plus a couple of (really) sensitive data breaches. I do give a warning at the beginning of this week's update that one of them...

It's my first conference back in Australia since probably about May and I'm experiencing a rare luxury - not flying! I'm sticking to driving some big distances just to get a break from the tyranny that is check-in, security and airport lounges. Seriously, it was beginning to do my head in so now it's cruise control and podcasts for me in the foreseeable future. This week's travel has brought me to Sydney where the new iPhone got a good workout: Night Mode on the iPhone 11 Pro is rather amazing. This shot last night was just point and shoot well after dark - no filters or touch up! pic.twitter.com/zcklC3VxML — Troy Hunt (@troyhunt) October 17, 2019 Beyond...

Australia! Geez it's nice to sit amongst the gum trees and listen to the birds, even if it's right in the middle of some fairly miserable weather. I'll continue to be here for the foreseeable future too, at least in one state or another. But being back here hasn't stopped me talking about European laws being handled by a local American website nor commentating on the (now well and truly over) debate about the usefulness of visual identity indicators in browsers. But hey, at least the discussion keeps in providing entertaining material! ReferencesI tweeted about not liking having content blocked when I'm in Europe (no, it doesn't mean I don't like privacy, it means I don't like the choice being...

Well, this will be the last weekly update done overseas for some time as I count down the return to beaches, sunshine and fantastic coffee (yes, I'm confident saying that even whilst in Italy!) It's been a non-stop trip with an attempt of a bit of downtime at the end of it, albeit with limited success. Regardless, this week I'm covering off the last few days travels, reflecting on 10 years of blogging and looking at a really cool use of HIBP related to net neutrality comments lodged at the FCC. Next week... who knows, but at least I'll be home. ReferencesI went to CERN - it was amazing! (that's a bunch of thoughts and pics from the trip, just...

It's been a bit of intense country-hopping since the last update so this one is a consolidated "this week in tweets" version. I actually found it kind of interesting going back through the noteworthy incidents of the week in lieu of having original content of my own, see what you think. Given the coming schedule (and a deep, deep desire for a few days of downtime), the next one might be more of the same so I hope it resonates! ReferencesBecause this week is predominantly about noteworthy tweets, I'm going to do the references a little differently. Firstly, with a sponsor shout-out: Sponsored by Okta: You wouldn’t roll your own hashing algorithm, so why build your own auth? Secure...

Hungary! And that's about as much intro as I'm going to do on that because this is going out super later and I'm writing this at the end of a very long day. Only other thing I'll mention is the audio - the Instamic failed to record again so it's now going firmly into the e-waste bin. Anyway, on a more positive note, enjoy the beautiful sights of the Hungarian parliament before you jump into this week's update: Budapest! 🇭🇺 pic.twitter.com/RBgc2ssfiR — Troy Hunt (@troyhunt) September 23, 2019 Dark mode 🇭🇺 pic.twitter.com/KX7WzAstwz — Troy Hunt (@troyhunt) September 23, 2019 References2FA is far from a perfect beast (read back up through the thread, how do normal everyday...

Turns out it's actually a sunny day in Oslo today, although it's the last one I'll see here for quite some time before heading off to Denmark then other European things for the remainder of this trip. I'm talking a little about those events (all listed on my events page), this week's changes to EV, more data breaches and a somewhat semantic argument about the definition of "theft". ReferencesEntrust are convinced you should still pay them for EV certs (even though the primary value proposition they're still promoting is now gone...)Scott killed a million bucks worth of EV certs (it turns out that extended validation isn't always so... extended)The Void.to hacking forum got breached and is now...