Weekly update

This week I'm doing my best "dress like a professional" impersonation as I prepare to record the next episode in our quarterly Creating a Security-centric Culture series. We're putting these out for free every few months and right after wrapping up this week's update, I recorded the next Pluralsight one and that's now gone off to them for editing. This week, I'm still on HTTPS. I don't mean for this to become a repetitive topic (and I'm sure it'll die down after Chrome 68 hits next week), but this week got pretty crazy. The most unexpected outcome of those discussions was a real flat-earther chiming into the Twitter discussion after someone made the innocent mistake of using the...

Not only has this been a super busy blogging week, it's also the week my coffee machine decided to die 😢 It's not terminal, it's just continually leaking so it's off for a service and I have to fuel my productivity through other means. But fuel it I did and I spent a big whack of the week doing things I hope to talk about next week (namely some major architectural changes to HIBP services), as well as preparing both the Pemiblanc credential stuffing list for HIBP and then pushing out Pwned Passwords V3. But if I'm honest, it's the post and associated video on HTTPS and static websites I enjoyed the most and based on the number of likes in...

It's a week of tweets! I only wrote the one short blog post this week, but I spent a heap of time on the Twitters arguing with people instead so... that's something? But seriously, there was a huge amount of discussion around HTTPS in particular and some very vocal opinions around its usefulness (or lack thereof), which frankly, had myself and many others tearing their hair out. I'll prepare some great demos over the next few days to illustrate the problems which just seem to be going over the heads of many people. It'll be a fun blog post 😃 For now though, here's this week's update which talks through many of the issues covered in those tweets not just as...

Geez it's nice to be home! I took a ride on the jet ski today which was just one of those typically perfect Gold Coast winters days at a balmy 24C. I cruised around the ocean with a pod of dolphins (probably a dozen of them), grabbed some prawns for lunch (not those "shrimp" you get other places, proper big prawns), then sat down here and enjoyed the serenity: I’ve really gotta stay home more ☀️ 😎 pic.twitter.com/soi3J7ygox— Troy Hunt (@troyhunt) June 29, 2018 But I did get a heap of stuff done earlier this week I was really happy with, the biggy being the announcements around Firefox and 1Password integrating with HIBP. I talk...

Last day away! As much as I enjoy travel, I love going home and I'm wrapping this post up whilst sitting at the airport in Oslo about to begin the epic journey that is travelling back to the other side of the world. It's been a great trip, but yeah, I like home 😎 This week, I'm recapping on some workshops, talking about how data breaches circulate, sharing some pretty epic Report URI stats and also covering last week's blog post on the Estonian government providing data to HIBP. Plus, just a little teaser for some big news coming next week, but I'll cover that in detail on Friday from the comfort of home. References The Estonian Central Criminal Police sent...

We're at NDC Oslo! We found a spot on the floor and recorded this a couple of hours before doing our final talk of the event. In this video, we discuss some of what we were planning to cover in that talk, namely HTTPS anti-vaxxers as Scott wrote about earlier in the week. And how did it go? Apparently, exceptionally well! Best talk of the conf! @troyhunt and @Scott_Helme on web security - dont get advise from a psychic 😆 #NDCOslo pic.twitter.com/X0m3Q5xFeq— Natalia An (@illumikko) June 15, 2018 Just left #NDCOslo after watching the best talk of the week with @troyhunt and @Scott_Helme pic.twitter.com/PNyNFMMI2V— Thomas Fredriksen (@thomfredev) June 15, 2018 Best...

Wow wow wow! What a week! This video is going out a couple of days late but if ever I had a good excuse for it, this week is the one. Scott and I are in Oslo this week having just flown in from London where we collectively scooped up 3 awards, one each at the European Blogger Awards and the big one (quite literally - the thing weights several kilos), the SC Award for Best Emerging Technology courtesy of Report URI. This is massive for us, and very, very unexpected too. We talk about why this week. Further to that, there's our experiences from the Infosec Europe conference, Scott's talk about nomx (sorry - "multi-award-winning UK blogger Scott...

An exciting weekly update - I got an award! I did write about it earlier this morning, but I talk about it more in this week's update and explain why it means a lot. In other news, I'm heading back to Europe in a few days from now so am doing the last-minute rush tying up loose ends here, finishing presentations and just generally preparing myself for what will be another hectic few weeks. I also killed off the non-anonymous endpoints of Pwned Passwords today so it's k-anonymity all the way now. Plus, in this week's blog posts, the Spanish government comes on board HIBP and I write about some really cool large-scale use cases of Pwned Passwords. Oh -...

Well it's all quietened down here with Scott gone so it's back to business as usual, which means, well, it's not very quiet at all! I've been in Sydney this week talking at one of our big banks and as I say in this week's update, getting out there amongst companies dealing with their unique cyber challenges is always interesting: #cyber pic.twitter.com/CIMDhPfKIP— Troy Hunt (@troyhunt) May 23, 2018 In other news, Pwned Passwords is going nuts, there's some awesome cyber comments from The Daily Mail (yep, that's right), I'm doing a bunch of re-engineering work on HIBP, there's the ViewFines data breach and a brand new Pluralsight course on bug bounties. I'll still be home next...

We're on a beach! It's the day after 3 pretty intense days of NDC conference and the day before Scott heads back to the UK so beach was an easy decision. The conference went fantastically well and, in all honesty, was the most enjoyable workshop I think I've done out of ~50 of them these last few years. NDC will be back on the Gold Coast next year, plus of course it will be in Oslo in a few weeks' time then Sydney in September where we'll both do it all again. This week, we talk a lot about EV certs. As I say in the video, neither of us have anything against commercial CAs or even EV certs per...