Weekly update

A 259-post collection

Weekly Update 260

An early one today as I made space in the schedule to get out on the water 😎 I'm really liking the new Apple AirTags, I'm disliking some of the international media coverage about Australia's COVID situation, another gov onto HIBP and a blog post I've wanted to write for a long time on biometrics. That last one in particularly I felt was really important as time and time again, I hear these irrational statements from people about the perceived "risks" of biometrics and in particular, the belief that you can somehow how representations of your body parts "stolen" in such a way that they can circumvent modern day auth controls. Nope and nope! ReferencesThe AirTag "anti-stalking" feature is pretty cool...

Weekly Update 259

I'm  back from the most epic of holidays! How epic? Just have a scroll through the thread: I’m back! Went offline for most of the last week, pics and stories to follow 🐊 pic.twitter.com/hRUcKMwgGU — Troy Hunt (@troyhunt) September 2, 2021 Which the Twitter client on my iPad somehow decided to break into 2 threads: At times this felt like navigating through a scene from Jurassic Park, just with wallabies rather than velociraptors 🦖 pic.twitter.com/VHa4kJw6kb — Troy Hunt (@troyhunt) September 3, 2021 Holiday snaps aside, there was a heap of other stuff this week ranging from me actually reading a book to the impact of the Gun Trader breach to my personal favourite, Pwned Passwords...

Weekly Update 258

A really brief intro as this is my last key strokes before going properly off the grid for the next week (like really off the grid, middle of nowhere style). Lots of little things this week, hoping next week will be the big "hey, Pwned Passwords just passed 1 billion", stay tuned for that one 😊 ReferencesYou probably should have an OnlyFans account (no, not in the way it sounds like you should...)Is the silver lining of Brexit an end to inane cookie warnings? (queue arguing about whether this is a GDPR thing or not)Spammy thread hijacking - ugh! (looks like the offender's account is no longer public)Pwned Passwords is almost about to roll over past the 1B...

Weekly Update 257

It all feels a bit "business as usual" this week; data breaches, IoT and 3D printing. But what I'm most excited about is what I probably spent the least amount of time talking about, that being the work 1Password and I have been doing on our "Hello CISO" series. I love it because it's broadly relevant, easily consumable and totally, properly free. Feedback so far has been awesome, I hope you enjoy it too 🙂 ReferencesThe Fab365 3D models are amazing (this one is a SpaceX Falcon 9)My 11th MVP kit arrived this week (I'm at the point where I think I need to stop putting these up on a wall...)T-Mobile got seriously breached (a good Krebs write-up on...

Weekly Update 256

Well this week went on for a bit, an hour and 6 mins in all. The 2 Apple things were particularly interesting due to the way in which both catching CSAM baddies and catching baddies who steal your things involves using technology that can be abused. Is it good tech because it can do good things? Bad tech because it can do bad things? Or is tech just morally neutral and we need to look at it more holistically? I argue the latter, but also acknowledge the views of both camps at either end of the argument. I think they're wrong (the extremes almost always are), but discuss them anyway 🙂 ReferencesApple will start looking for known Child Sexual Abuse Material...

Weekly Update 255

I'm back in the office this week and back to decent audio and video quality. There's loads of bits and pieces happening as evidence by almost an entire hour disappearing in this week's vid, ranging from problems with tradies (tradespeople), more lockdown, stats on some projects and then this week's blog post, 3D printing with my 9-year old daughter Elle. Enjoy 😊 ReferencesHere's that Harlem Shake script I used (the bigger picture here is that sites that allow this to run have no - or insufficient - content security policy)Pwned Passwords is up over 960M requests a month now (getting closer and closer to the 1B mark!)Finally got the Shellies Discovery script working in Home Assistant (all Shellies are...

Weekly Update 254

The plan this week was to do a super simple update whilst having some time out. In the back yard, sun shining, iPad, Air Pods, all good. Mostly all good - the sound quality on those Air Pods is absolute rubbish. I don't if that's a general truism or there's just something amiss with mine, but the constant fading out is extremely frustrating and I apologise for the sound quality not being up to expectations. Next week I'll be back in my office, I hope this week's video is still watchable and you find something useful in it 🙂 ReferencesSponsored by: Varonis. Reduce your SaaS blast radius with data-centric security for AWS, G Drive, Box, Salesforce, Slack and more....

Weekly Update 253

This week, by popular demand, it's Charlotte! Oh - and Scott. People had been asking for Charlotte for a while, so we finally decided to do a weekly update together on how she's been transitioning from Mac to PC. Plus, she has to put up with all my IoT shenanigans so that made for some fun conversation, along with how our respective homelands are dealing with the current pandemic (less fun, but very important). There's been a bunch of requests for us to do more of this so stay tuned and maybe we can make a more regular thing out of it 😊 ReferencesSponsored by: Guarantee peace of mind from credential stuffing attacks. Learn how at Arkose Labs’ webinar with Troy...

Weekly Update 252

Next week first: based on popular demand, at 18:00 on our end Friday 23 (that's 09:00 in London and terrible o'clock everywhere in the US), Charlotte is going to join me to talk about her transition from Mac to PC. Scott Helme will also be here (as in Zoom "here") so it'll be a bit of fun and inevitably go way off topic, but I thought it would be fun to fix it up a bit 🙂 This week is more of the usual with Chrome's push to HTTPS, another gov on HIBP and more travels in IoT land. ReferencesChrome is continuing the push towards defaulting to HTTPS and flagging HTTP as a security risk (I'm yet to hear...

Weekly Update 251

Between school holidays and a house full of tradies repairing things, there wasn't a lot a free time this week. That said, I've got another gov onto HIBP, snared by 11th MVP award, did a heap of other cyber-things and Charlotte and I even managed to slip in our first COVID shots amongst all that. Next week will start getting back to full steam as the winter holidays end (yeah, it's winter here, I know that's confusing for some people!) and I'm sure there'll be an all new stash of cyber-IoT-other things waiting for me at the end of it 🙂 ReferencesFinally got my first COVID shot! (that's a link to a thread which is mostly only relevant in my part...