I had plans this week. Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. This is a genuinely important issue and the whole concept of the JavaScript supply chain needs much better thought. We've got the technology, it's just that most people don't know it exists!
I did then later get around to posting my "dark web" piece too. It's a scary read because it has dark stuff, hoodies and green screens and we know that's scary because that's the message we keep getting fed! Actually, not so scary and I break that down in my "dark web" FUD post.
BTW - that typo in "Poop" in the video: I saw that 1 hour into the upload to YouTube when it was at only 18% so it stays. Thank you Aussie internet ?
iTunes podcast | Google Play Music podcast | RSS podcast
References
- I'm doing a webinar for Fortinet next week on Australia's Notifiable Data Breach Scheme (there's good stuff and stuff I'd like to see done better in out NDB)
- How much can we trust other people's JavaScript we embed in our services? (not much, apparently, but we have awesome defences for when it goes wrong)
- Ooh, the "dark web", scary! (no, not so much, that's usually just marketing hyperbole)
- Netsparker is sponsoring my blog again this week (a great sponsor whose things I've genuinely used for years, here's my previous blog posts on them)