Weekly Update 302

Presently sponsored by: Detack. Detect & prevent weak, leaked, shared passwords with EPAS, a patented, privacy compliant solution used in 40 countries. Try it free!In a complete departure from the norm, this week's video is the much-requested "cultural differences" one with Charlotte. No tech (other than my occasional plug for the virtues of JavaScript),...

16h

Understanding Have I Been Pwned's Use of SHA-1 and k-Anonymity

Presently sponsored by: Detack. Detect & prevent weak, leaked, shared passwords with EPAS, a patented, privacy compliant solution used in 40 countries. Try it free!Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Later in 2018, I...

2d

Weekly Update 301

Presently sponsored by: Detack. Detect & prevent weak, leaked, shared passwords with EPAS, a patented, privacy compliant solution used in 40 countries. Try it free!First up, I'm really sorry about the audio quality on this one. It's the exact same setup I used last week (and carefully tested first) but it's obviously just super sensitive to the...

1w

Weekly Update 300

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!Well, we're about 2,000km down on this trip and are finally in Melbourne, which was kinda the point of the drive in the first place (things just escalated after that). The whole journey is going into a long tweet thread you can find...

3w

Weekly Update 299

Presently sponsored by: Meet compliance objectives in a remote-first world without resorting to rigid device management. Try Kolide for 14-days free!How on earth does an enterprise rack-mounted NAS not come with rails to actually install it in the rack?! So yeah, that's what's in the box, something that should have been in the original box and not...

3w

Welcoming the Indonesian Government to Have I Been Pwned

Presently sponsored by: Meet compliance objectives in a remote-first world without resorting to rigid device management. Try Kolide for 14-days free!Four years ago now, I started making domains belonging to various governments around the world freely searchable via a set of APIs in Have I Been Pwned. Today, I'm very happy to welcome the 33rd government,...

4w

Weekly Update 298

Presently sponsored by: Varonis for Salesforce. Detect suspicious behavior and strengthen your Salesforce security posture. Try it free!I somehow ended up blasting through an hour and a quarter in this week's video with loads of discussion on the CTARS / NDIS data breach then a real time "let's see what the fuss is about" with news that one of our state's...

4w

Weekly Update 297

Presently sponsored by: Kolide enables cross-platform fleet visibility for your Linux, Mac, and Windows devices. Start your free 14-day trial today!So I basically spent my whole day yesterday playing with Ubiquiti gear and live-tweeting the experience 😊 This was an unapologetically geeky pleasure and it pretty much dominates this week's video but hey,...

May 2022

Weekly Update 296

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that really cool Pwned Passwords downloader that I know a bunch of people have been waiting on, and now we've finally released....

May 2022

Downloading Pwned Passwords Hashes with the HIBP Downloader

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!Just before Christmas, the promise to launch a fully open source Pwned Passwords fed with a firehose of fresh data from the FBI and NCA finally came true. We pushed out the code, published the blog post, dusted ourselves off and that...

May 2022