Sponsored by:

Weekly update

A 87-post collection

Weekly Update 77 (Seattle Edition)

I'm in Seattle! This has been a mega week at the Microsoft MVP and Regional Director summits and as I say in the video, I'm actually a little run down now that it's all done. But I've had a wonderful week of meeting a heap of people and seeing some very cool stuff from Microsoft, especially around Azure which remains one of my favourite tech things. In this week's update, I'm talking about how I've made some further strong gains with Pwned Passwords which is being adopted at a pretty fierce rate. I also give an insight into what happens at this big Microsoft event each year and I hope that's something people find interesting. I'm off the Vegas tomorrow...

Weekly Update 76

Massive, massive week! I'm not trying to make these videos longer (and the next two while I'm overseas will definitely be shorter), but yeah, this week was a biggie. Pwned Passwords dominated throughout, interrupted only by a few thousand new data breaches going into HIBP. But the big one - at least to me in terms of the significance - is the UK and Aussie governments now using HIBP to monitor their gov domains. That's an absolute milestone in the service's history for many reasons, some of which I talk about here and more I'll talk about later on in a subsequent post. As with last week, because this is such an epic I've listed out all the key times...

Weekly Update 75

Every now and then, I look at one of the videos I've just recorded and only realise then how tired I look. This was one of those weeks and it was absolutely jam-packed! There was some awesome stuff and there was some very frustrating stuff. Let me add briefly to the latter here: The joy of participating in online communities is that we have these melting pots of diverse backgrounds and ideas all coming together in the one place. A huge portion of what I've learned personally has come from very robust debates within these communities and in turn, I hope others have also learned from me. These discussions are awesome; they make us all better people and better professionals....

Weekly Update 74

I had plans this week. Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. This is a genuinely important issue and the whole concept of the JavaScript supply chain needs much better thought. We've got the technology, it's just that most people don't know it exists! I did then later get around to posting my "dark web" piece too. It's a scary read because it has dark stuff, hoodies and green screens and we know that's scary because that's the message we keep getting fed! Actually, not so scary and...

Weekly Update 73

I'm not entirely sure how I've gotten to the end of the week feeling completely wrung out whilst having only written the one thing, but here we are. In fairness though, I've put a heap of work into Pwned Passwords version 2 and finally completed the data set. There's some coding work and other logistics to complete before it goes live, but the plan for now is week after next so I'm looking forward to that. This week, it's all about minimum password lengths. In isolation, that sounds a little mundane but in the context of the broader picture of how authentication has evolved, I think it makes for an interesting discussion. By pure coincidence, I was very happy to...

Weekly Update 72

I'm home! It's nice being home 😀 This week I start by getting a couple of things off my chest, namely some pretty wacky reactions to my suggesting that we're never going to see a coders' hippocratic oath and how I feel when media outlets say "the dark web". Plus, I've got news around running workshops in Europe with Scott Helme and me finally getting a content security policy on this blog. That last one in particular makes me very happy because it really shouldn't have been this hard, but it was (for reasons I explain in the video) and it's now working fantastically! All that and more in this week's update. iTunes podcast | Google Play Music podcast | RSS...

Weekly Update 71 (Denmark Edition)

I'm in Denmark! Well I'm just in Denmark, I'm about to head out the hotel door and into 30 hours of travel which isn't exactly fun, but that's the nature of living on the other side of the world to pretty much everything. This week's update is a little late as my Friday was absolutely non-stop in Denmark. I talk about that below including the preceding days involving some pretty full on sledding in Norway, workshops, talks, ice, slush and snow. Plus, of course, the actual infosec stuff from the week namely my new Pluralsight course on creating a security-centric culture. iTunes podcast | Google Play Music podcast | RSS podcast References This is the first of a brand new Pluralsight series...

Weekly Update 70 (NDC London Edition)

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast | Google Play Music podcast | RSS podcast References I'm at NDC London! (my talks are done and they'll be online in the coming weeks so until then, here's a bunch of previous ones) Here's how I'm handling breach disclosures (this is a really important part of...

Weekly Update 69 (Boat Edition)

It's my last day in the sun ☹️ Well, at least it's my last day in the sun for a couple of weeks so today I've gone to the sunniest place I know. It's "the boat edition" of my weekly update and I apologise up front for the rocking motion, the occasional wind noise (I lost the fluffy bit off my smartLav mic) and the gratuitous amount of sunshine and beach. This week is all about heading off on travels again and the Indian Aadhaar system which is making big headlines over that way lately. Plus, I show you a little of what it's like down my way on yet another glorious summer day 😎 (And yes, I'm aware I...

Weekly Update 68

It's 2018! All new year and already someone has gone and broken our computer things courtesy of the Meltdown and Spectre bugs. I only touch briefly on them in this week's update and I refer people to my Twitter timeline for good coverage I've shared. However, there's one resource which stands out above the others and it's this thread from Graham Sutherland. If you want to get a good overview quickly, start there. In other news, I talk about all the NDC events I have coming up: Just been planning my @NDC_Conferences events for 2018, talks and workshops at:London, 15 Jan: https://t.co/Sx8JuWouUyOslo, 22 Jan: https://t.co/XTA8ItnRKTGold Coast, 25 Apr: https://t.co/xIyzZcd6a9Oslo,...