What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-23 19:38:29 | Get Pwned, for 30% Less! (lien direct) | We've had great feedback from people who have gotten Pwned. Loads of people had told us how much they've enjoyed it and would like to get their friends Pwned too. Personally, I think everyone should get Pwned! Which is why we're making it possible | Studies | ★★★ | |
|
2022-11-22 20:06:51 | Data Breach Misattribution, Acxiom & Live Ramp (lien direct) | If you find your name and home address posted online, how do you know where it came from? Let's assume there's no further context given, it's just your legitimate personal data and it also includes your phone number, email address... and over 400 other | ★★★ | ||
|
2022-11-06 20:29:39 | The Have I Been Pwned API Now Has Different Rate Limits and Annual Billing (lien direct) | A couple of weeks ago I wrote about some big changes afoot for Have I Been Pwned (HIBP), namely the introduction of annual billing and new rate limits. Today, it's finally here! These are two of the most eagerly awaited, most requested features on HIBP's UserVoice | |||
|
2022-11-03 10:09:17 | Better Supporting the Have I Been Pwned API with Zendesk (lien direct) | I've been investing a heap of time into Have I Been Pwned (HIBP) lately, ranging from all the usual stuff (namely trawling through masses of data breaches) to all new stuff, in particular expanding and enhancing the public API. The API is actually pretty simple: plug in an | |||
|
2022-10-27 07:19:02 | Big Changes are Afoot: Expanding and Enhancing the Have I Been Pwned API (lien direct) | Just over 3 years ago now, I sat down at a makeshift desk (ok, so it was a kitchen table) in an Airbnb in Olso and built the authenticated API for Have I Been Pwned (HIBP). As I explained at the time, the primary goal was to combat abuse of | |||
|
2022-09-07 23:15:34 | "Pwned", the Book, is Finally Here! (lien direct) | The first time I ever wrote publicly about a company's security vulnerabilities, my boss came to have a word with me after seeing my name in the news headlines.One of the worst days I've ever had was right in the middle of the Have I | |||
|
2022-08-03 21:09:40 | Sending Spammers to Password Purgatory with Microsoft Power Automate and Cloudflare Workers KV (lien direct) | How best to punish spammers? I give this topic a lot of thought because I spend a lot of time sifting through the endless rubbish they send me. And that's when it dawned on me: the punishment should fit the crime - robbing me of my time - | |||
|
2022-07-18 07:03:46 | If You\'re Not Paying for the Product, You Are... Possibly Just Consuming Goodwill for Free (lien direct) | How many times have you heard the old adage about how nothing in life is free:If you're not paying for the product, you are the productFacebook. LinkedIn. TikTok. But this isn't an internet age thing, the origins go back way further, originally being used | |||
|
2022-07-09 23:21:01 | Weekly Update 303 (lien direct) | And we're finally done with this trip. 26 days, 14 different accommodations, 5,146km of driving through 4 states and the last 4 weekly vids all done on the road. Travel is great, but right now going home is even better 😊 Next week's vid will | |||
|
2022-07-06 21:55:27 | MVP Award 12 (lien direct) | 11 years now, wow 😲 It's actually 11 and a bit because it was April Fool's Day in 2011 that my first MVP award came through. At the time, I referred to myself as "The Accidental MVP" as I'd no expectation of | |||
|
2022-07-04 07:11:27 | Welcoming the Polish Government to Have I Been Pwned (lien direct) | Continuing the rollout of Have I Been Pwned (HIBP) to national governments around the world, today I'm very happy to welcome Poland to the service! The Polish CSIRT GOV is now the 34th onboard the service and has free and open access to APIs allowing them to query | |||
|
2022-07-02 07:23:39 | Weekly Update 302 (lien direct) | In a complete departure from the norm, this week's video is the much-requested "cultural differences" one with Charlotte. No tech (other than my occasional plug for the virtues of JavaScript), but lots of experiences from both of us living and working in different parts of the | |||
|
2022-06-30 07:21:48 | Understanding Have I Been Pwned\'s Use of SHA-1 and k-Anonymity (lien direct) | Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Later in 2018, I did the same thing with the email address search feature used by Mozilla, 1Password and | |||
|
2022-06-25 04:49:46 | Weekly Update 301 (lien direct) | First up, I'm really sorry about the audio quality on this one. It's the exact same setup I used last week (and carefully tested first) but it's obviously just super sensitive to the wind. If you look at the trees in the background you | |||
|
2022-06-17 22:29:54 | Weekly Update 300 (lien direct) | Well, we're about 2,000km down on this trip and are finally in Melbourne, which was kinda the point of the drive in the first place (things just escalated after that). The whole journey is going into a long tweet thread you can find below (or mute - | |||
|
2022-06-12 08:18:22 | Weekly Update 299 (lien direct) | How on earth does an enterprise rack-mounted NAS not come with rails to actually install it in the rack?! So yeah, that's what's in the box, something that should have been in the original box and not in a separate purchase. Just to add to the | |||
|
2022-06-06 00:03:21 | Welcoming the Indonesian Government to Have I Been Pwned (lien direct) | Four years ago now, I started making domains belonging to various governments around the world freely searchable via a set of APIs in Have I Been Pwned. Today, I'm very happy to welcome the 33rd government, Indonesia! As of now, the Indonesian National CERT managed under the National | |||
|
2022-06-04 08:08:12 | Weekly Update 298 (lien direct) | I somehow ended up blasting through an hour and a quarter in this week's video with loads of discussion on the CTARS / NDIS data breach then a real time "let's see what the fuss is about" with news that one of our state' | Data Breach | ||
|
2022-05-29 01:19:19 | Weekly Update 297 (lien direct) | So I basically spent my whole day yesterday playing with Ubiquiti gear and live-tweeting the experience 😊 This was an unapologetically geeky pleasure and it pretty much dominates this week's video but hey, it's a fun topic. Still, there's a bunch of data breach | |||
|
2022-05-20 07:43:48 | Weekly Update 296 (lien direct) | Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that really cool Pwned Passwords downloader that I know a bunch of people have been waiting on, and now we've finally released. It hits the existing k-anonymity API over 1 million | |||
|
2022-05-19 22:34:54 | Downloading Pwned Passwords Hashes with the HIBP Downloader (lien direct) | Just before Christmas, the promise to launch a fully open source Pwned Passwords fed with a firehose of fresh data from the FBI and NCA finally came true. We pushed out the code, published the blog post, dusted ourselves off and that was that. Kind of - there was just | |||
|
2022-05-15 01:32:56 | Weekly Update 295 (lien direct) | A short one this week as the previous 7 days disappeared with AusCERT and other commitments. Geez it was nice to not only be back at an event, but out there socialising and attending all the related things that tend to go along with it. I'll leave you | |||
|
2022-05-01 00:52:53 | Weekly Update 293 (lien direct) | Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D | |||
|
2022-04-22 07:23:05 | Weekly Update 292 (lien direct) | Well that was an unusual ending. Both my mouse and keyboard decided to drop off right at the end of this week's video and without any control whatsoever, there was no way to end the live stream! Wired devices from kids borrowed, I eventually got back control and | |||
|
2022-04-15 03:48:57 | Breach Disclosure Blow-by-Blow: Here\'s Why It\'s so Hard (lien direct) | For many years now, I've lamented about how much of my time is spent attempting to disclose data breaches to impacted companies. It's by far the single most time-consuming activity in processing breaches for Have I Been Pwned (HIBP) and frankly, it's about the | |||
|
2022-04-15 02:26:13 | Weekly Update 291 (lien direct) | Bit of a long one this week, just due to a bunch of stuff all coinciding at the same time. The drone is obviously the coolest one and it was interesting to hear other people's experiences with theirs. This is just super cool tech and I can' | |||
|
2022-04-11 06:50:37 | Welcoming the North Macedonian Government to Have I Been Pwned (lien direct) | In my ongoing bid to make more useful information on data breaches available to impacted national governments, today I'm very happy to welcome the 32nd national CERT to Have I Been Pwned, the Republic of North Macedonia! They now join their counterparts across the globe in having free | |||
|
2022-04-09 04:30:56 | Weekly Update 290 (lien direct) | I hope scheduling these in advance is working well for everyone, the analytics certainly suggest a much higher viewership so I'm going to keep scheduling these and refining the whole thing further. Other than that, it's same-same this week with the usual array of breaches, tech | |||
|
2022-04-07 20:52:24 | Welcoming the Serbian Government to Have I Been Pwned (lien direct) | Supporting national governments has been a major cornerstone of Have I Been Pwned for the last 4 years. Today, I'm very happy to welcome the 31st government on board, Serbia! The National CERT and the Gov-CERT of the Republic of Serbia now has free and complete access to | |||
|
2022-04-01 07:18:13 | Weekly Update 289 (lien direct) | Everyone just came for the Ubiquiti discussion, right? This is such a tricky one; if their products sucked we could all just forget about them and go on with our day. But they don't suck - they're awesome - and that makes it hard to fathom | |||
|
2022-03-28 20:30:53 | Welcoming the Bulgarian Government to Have I Been Pwned (lien direct) | Data breaches impact us all as individuals, companies and as governments. Over the last 4 years, I've been providing additional access to data breach information in Have I Been Pwned for government agencies responsible for protecting their citizens. The access is totally free and amounts to APIs designed | Data Breach | ||
|
2022-03-21 09:16:58 | Welcoming the Italian Government to Have I Been Pwned (lien direct) | For the last 4 years, I've been providing API-level access to national government agencies so that they can search and monitor their government domains on Have I Been Pwned. Today, I'm very happy to welcome the 29th government to join the service, Italy! Via CSIRT-Italia within | |||
|
2022-03-19 22:33:28 | Weekly Update 287 (lien direct) | So the plan was to schedule this week's session in advance then right on 17:30 at my end, go live. It mostly worked, I just forgot to press the "go live" button having worked on the (obviously incorrect) assumption that would happen automatically. Lesson learned, | |||
|
2022-03-11 08:12:34 | Setting the Bar for Government Access to Have I Been Pwned (lien direct) | Over the last 4 years, I've onboarded 28 national government CERTs onto Have I Been Pwned (HIBP) and given them free and open access to APIs that enable them to query and monitor their gov domains. This doesn't give them access to any information they can& | |||
|
2022-03-11 06:46:07 | Weekly Update 286 (lien direct) | Somehow this week ended up being all about Russia and Cloudflare. Mostly as 2 completely separate topics, but also a little bit around Cloudflare's ongoing presence in Russia (with a very neutral view on that, TBH). Looking back on this video a few hours later, the thing that | |||
|
2022-03-10 06:53:28 | Building Password Purgatory with Cloudflare Pages and Workers (lien direct) | I have lots of little ideas for various pet projects, most of which go nowhere (Have I Been Pwned being the exception), so I'm always looking for the fastest, cheapest way to get up and running. Last month as part of my blog post on How Everything We& | |||
|
2022-03-04 11:21:36 | Weekly Update 285 (lien direct) | With travel now behind me, I'm back to a stable schedule and doing these on time again. Mind you, I came home to some of the wildest weather I've ever seen here, but it was kinda cool to watch and the kids didn't complain | |||
|
2022-02-27 01:45:04 | Weekly Update 284 (lien direct) | A little late this week as the tail end of travel bites into my time, but it's nice to be home again (albeit amidst a period of record rainfall). I'll get back on a normal schedule next week but for now, here's all the | |||
|
2022-02-24 20:36:04 | I Wanna Go Fast: How Many Pwned Password Queries Can You Make Per Second? (lien direct) | I feel the need, the need for speed.Faster, Faster, until the thrill of speed overcomes the fear of death.If you're in control, you're not going fast enough.And so on and so forth. There's a time and a place for going fast, | |||
|
2022-02-20 04:10:41 | Weekly Update 283 (lien direct) | A super quick intro this week as I take a bit of time out before a hectic week. It's hotel room quality audio this week, but that's a temporary state before I'm back home next week. I hope you entry week 283, so much | |||
|
2022-02-16 22:59:36 | Welcoming the New Zealand Government to Have I Been Pwned (lien direct) | Continuing the march forward to provide governments with better access to their departments' data exposed in breaches, I'm very pleased to welcome the 28th national government onto Have I Been Pwned - New Zealand! They'll join the other govs around the world that have complete | |||
|
2022-02-16 07:23:42 | How Everything We\'re Told About Website Identity Assurance is Wrong (lien direct) | I have a vehement dislike for misleading advertising. We see it every day; weight loss pills, make money fast schemes and if you travel in the same circles I do, claims that extended validation (EV) certificates actually do something useful:kg-card-begin: html-->Why are you still claiming this @digicert? This is extremely | Guideline | ||
|
2022-02-13 05:30:43 | Weekly Update 282 (lien direct) | Just listening back to this now, I'm really happy with the Focusrite Scarlett Solo DAC that has replaced the old setup. Super simple, one of the cheapest of all the options and just works! Good times. The other thing of note as I put this video into a | |||
|
2022-02-05 23:28:43 | Weekly Update 281 (lien direct) | I feel like perfect audio remains an unsolved problem for me. Somehow, a low "hiss" has slipped in over the last couple of weeks and messing around trying to solve it before recording this video only served to leave me without any audio at all on the first | |||
|
2022-01-29 10:46:38 | Weekly Update 280 (lien direct) | Well, true to my opening dialogue, this was a monotopical weekly update (and yeah, apparently that's a word). The Azure bill story got a huge amount of traction this week and there are many interesting angles to it that I didn't fully cover in the original | |||
|
2022-01-24 07:44:41 | How I Got Pwned by My Cloud Costs (lien direct) | I have been, and still remain, a massive proponent of "the cloud". I built Have I Been Pwned (HIBP) as a cloud-first service that took advantage of modern cloud paradigms such as Azure Table Storage to massively drive down costs at crazy levels of performance I never could | |||
|
2022-01-22 07:42:01 | Weekly Update 279 (lien direct) | It's mostly breaches this week and that's mostly business as usual, except for one. I didn't know whether I should speak about the one that frankly, upset me, but I felt it would be somewhat disingenuous not to. I couldn't on the | |||
|
2022-01-14 07:10:22 | Weekly Update 278 (lien direct) | I recorded this a week after Charlotte appeared with me, fresh out of isolation with a negative COVID test. However... 9 year old Elle had tested positive on Monday (albeit entirely symptomatic, so no idea how long she'd been positive) but hey, hopefully she'd be clear | |||
|
2022-01-08 01:01:53 | Weekly Update 277 (lien direct) | Well that all changed very quickly. One week ago, I was like "I'm going to do this video from somewhere really epic next week". A few hours after that video, the host of the drinks we'd gone to over the road the day before | |||
|
2021-12-31 07:58:45 | Weekly Update 276 (lien direct) | 2021 Dumpster fire? Harsh, but fair and I shall keep this 3D-printed reminder handy and hope I don't end up needing to print a 2022 version! So many times throughout this week's video I came back to that theme... But hey, there was some positive stuff |
To see everything:
Our RSS (filtrered)
