Weekly update

A 161-post collection

Weekly Update 151

Well that's Vegas done. 8 days of absolutely non-stop events that's now pretty much robbed me of my voice but hey, I got a flying cow! Scott and I both spent BSides, Black Hat and DEF CON doing "hallway con" or in other words, wandering around just meeting people. The personal engagement you get from these ad hoc meetups really can't be beat and I appreciate everyone who took the time to come over and say hi. Just a sample of our week is below: Approaching a week of @BSidesLV, @BlackHatEvents and @defcon. Three conferences, tens of thousands of people and 44C temps. This’ll be interesting... pic.twitter.com/049DzhpePF — Troy Hunt (@troyhunt) August 5, 2019 The best...

Weekly Update 150

Vegas! I'm a bit late with this week's update but I thought I'd catch up with Scott Helme and do the video together. We're talking about the events in Vegas, the ongoing Project Svalbard process, some very screwy messaging about certificates from Sectigo and the Irish government coming on board HIBP. Next week we'll do another one from Vegas and talk about what the events of the week here were like. ReferencesSectigo made some pretty wild claims about EV certs (read the tweet thread by Scott)The subsequent rebuttals by David from Sectigo are worth reading (although they still don't justify the earlier claims IMHO)The Irish government is now using HIBP to monitor all their domains (they now join...

Weekly Update 149

What. A. Week. I've been in San Fran meeting with a whole bunch of potential purchasers for HIBP and it's been... intense. Daunting. Exciting. It's actually an amazing feeling to see my "little" project come to this where I'm sitting in a room with some of the most awesome tech companies whilst flanked by bankers in suits. I try and give a bit of insight into that in this week's video, keeping in mind of course that I'm a bit limited by how much detail I can go into right now. As the process unfolds I'll share more, but hopefully this will give you a little taste of what I'm going through at present. References Our password hashing has no...

Weekly Update 148

It's the last one from Norway before heading off to the US and diving into the deep end of the Project Svalbard pool followed by Black Hat and DEF CON in Vegas. That's off the back of the last week being focused on pushing out Pwned Passwords V5, loading several hundred million new records worth of new data breaches and finally launching something I've been very excited about for a long time now: auth on the HIBP API. I spend most of this week's update talking about that because it's such an important feature and I especially wanted to make it clear why there's now literally a financial price to pay for entry. All that and more in this week's...

Weekly Update 147

So "Plan A" was to publish Pwned Passwords V5 on Tuesday but a last-minute check showed control characters had snuck in due to the quality (or lack thereof) of the source data. Scratch that and go to "Plan B" which was to push them out today but a last-minute check showed that my "improved" export script had screwed up the encoding and every single hash was wrong. "Plan C" is now to push them out on the weekend with everything working correctly. Hopefully. If I don't screw anything up again... The constant challenge I've faced over the last few years is the massive amount of multi-tasking required to do all the things I'm presently doing. I touched on this in...

Weekly Update 146

After a very non-stop Cyber Week in Israel, I'm back in Oslo working through the endless emails and other logistics related to Project Svalbard. In my haste this week, I put out a really poorly worded tweet which I've tried to clarify in this week's video. On more positive news, the Austrian government came on board HIBP and my MVP status got renewed for the 9th time. I also wanted to talk this week about some of the stats from HIBP I've been preparing as part of the acquisition. There's a bunch of really interesting numbers in there (for me at least) and rather than just keeping them locked away in an information memorandum, I thought I'd share them with...

Weekly Update 145

Something totally new this week - Israel! I spent the week in Tel Aviv at Cyber Week, a massive infosec conference where I shared the keynote stage with an amazing array of speakers including many from three letter acronym departments and even PM Benjamin Netanyahu. It's funny how on the one hand an event like this can be so completely different to the very familiar NDC Oslo scene I was in just last week yet by the same token, I'm up there talking about all the same stuff and doing my usual thing. This week, I'm talking about Israel, the Cyber Week event and how things are tracking with Project Svalbard (spoiler - bloody busy!) I also get a ticket...

Weekly Update 144

So first things first - my patience for the Instamics we're wearing just reached zero. One of them recorded and one of them didn't which means we've had to fallback to audio captured by the iPhone I was recording from so apologies it's sub-par. I ended up just uploading the unedited clip direct from the phone because frankly, after trying to recover the non-existent audio both my time and patience were well into the red. Be that as it may, there's video, audio and a narrative to tell both around the NDC event Scott and I are at and the progress of "Project Svalbard". I'm trying to share as much as I can about that process as things progress and...

Weekly Update 143

Well this was a big one. The simple stuff first - I'm back in Norway running workshops and getting ready for my absolute favourite event of the year, NDC Oslo. I'm also talking about Scott's Hack Yourself First UK Tour where he'll be hitting up Manchester, London and Glasgow with public workshops. Tickets are still available at those and it'll be your last chance for a long time to do that event in the UK. Then there's Project Svalbard. I think it'll come across in the video below, but putting a project I've poured my heart and soul into over the last 5 and half year up for sale is a massive thing for me. There are so many emotions...

Weekly Update 142

I made it to the Infosecurity hall of fame! Yesterday was an absolutely unreal experience that was enormously exciting: It was an absolute honour to induct the fantastic @troyhunt into the @Infosecurity @InfosecurityMag Hall of Fame today at #Infosec19. Troy is a credit to our industry and also a really great guy. Congrats Troy, so well deserved 👏🏼 pic.twitter.com/grN4aALypV — Eleanor Dallaway (@InfosecEditor) June 6, 2019 But that wasn't all, there was also the European Security Blogger awards a couple of days earlier: Thanks folks 😎 pic.twitter.com/GvCnvOL7X3 — Troy Hunt (@troyhunt) June 4, 2019 And just a general absolutely jam-packed, non-stop week for both Scott and I. We talk about what we've been up to in...