Sponsored by:

Weekly Update 105

It's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and I just simply didn't get time to push this out until sitting at the airport waiting for the plan home.

This week's update is a little different as we did it at SSW's recording setup in front of a live audience. Better video, better audio and some questions asked in the process too. Other than that, it's business as usual: more keyloggers on payment forms, more data breaches and a massive extended validation smack-down.

Listen on Apple Podcasts
Get it on Google Play
Download via RSS

References

  1. Scott published his blog post about Magecart coming for you (then right after that the NewEgg breach was announced)
  2. SRI is a super useful little browser feature (it doesn't negate the need to review the code you're running, but it's not meant to either)
  3. EV is a dead duck (seriously, read that post if you haven't already, it's just an absolutely pointless security mechanism as it stands today)
  4. Tech Fabric are sponsoring my blog this week (big thanks to those guys for their ongoing support!)

Oh - and PayPal still has no EV either 😜

Weekly update