Mastodon

Troy Hunt

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals

Weekly Update 288

Wow, what a day yesterday! I mentioned at the start of this week's update that Charlotte and I jumped on a chopper with our parents to check out our wedding venue, here's the pics and I just added a video to the thread too: > Well that was amazing; chopper ride to our wedding venue for lunch with our parents. So happy to live here and have access to such a wonderful place. And such a wonderful woman in @charlottelyng [https://twitter.com/charlottelyng?ref_src=twsrc%5Etfw] 😊 🚁 💍 pic.twitter....

Welcoming the Italian Government to Have I Been Pwned

For the last 4 years, I've been providing API-level access to national government agencies so that they can search and monitor their government domains on Have I Been Pwned [https://www.troyhunt.com/the-uk-and-australian-governments-are-now-monitoring-their-gov-domains-on-have-i-been-pwned/] . Today, I'm very happy to welcome the 29th government to join the service, Italy! Via CSIRT-Italia within their National Cybersecurity Agency (ACN), they now have free access to breach data I hope will furt...

Weekly Update 287

So the plan was to schedule this week's session in advance then right on 17:30 at my end, go live. It mostly worked, I just forgot to press the "go live" button having worked on the (obviously incorrect) assumption that would happen automatically. Lesson learned, session restarted, we'll be all good next week 😊 [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699] [https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplaymusic&apn=com.go...

Setting the Bar for Government Access to Have I Been Pwned

Over the last 4 years, I've onboarded 28 national government CERTs onto Have I Been Pwned (HIBP) and given them free and open access to APIs that enable them to query and monitor their gov domains. This doesn't give them access to any information they can't already access via the free public domain search feature, but it makes their lives easier. Much easier. As interest from govs has grown, it's caused me to ponder: who am I willing to give access to? Who am I unwilling to give access to? Thos...

Weekly Update 286

Somehow this week ended up being all about Russia and Cloudflare. Mostly as 2 completely separate topics, but also a little bit around Cloudflare's ongoing presence in Russia (with a very neutral view on that, TBH). Looking back on this video a few hours later, the thing that strikes me is the discussion around what appears to be a phishing page seeking donations for Ukraine. Just listen to me try to figure this out and as I say in the vid, if I have trouble discerning phish from legit resource,...

Building Password Purgatory with Cloudflare Pages and Workers

I have lots of little ideas for various pet projects, most of which go nowhere ( Have I Been Pwned [https://haveibeenpwned.com/] being the exception), so I'm always looking for the fastest, cheapest way to get up and running. Last month as part of my blog post on How Everything We're Told About Website Identity Assurance is Wrong [https://www.troyhunt.com/how-everything-were-told-about-website-identity-assurance-is-wrong/] , I spun up a Cloudflare Pages [https://developers.cloudflare.com/pages/]...

Weekly Update 285

With travel now behind me, I'm back to a stable schedule and doing these on time again. Mind you, I came home to some of the wildest weather I've ever seen here, but it was kinda cool to watch and the kids didn't complain getting days off school. Oh - and I also loaded a bunch of new data breaches this week, the Robinhood one from earlier today being particularly noteworthy with more than 5M unique email addresses. At that and more in this week's update. [https://itunes.apple.com/au/podcast/tro...

Weekly Update 284

A little late this week as the tail end of travel bites into my time, but it's nice to be home again (albeit amidst a period of record rainfall). I'll get back on a normal schedule next week but for now, here's all the usual stuff in number 284, complete with a super cool "ransomwear" hoodie from this week's sponsor, Varonis 😎 [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699] [https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplay...

I Wanna Go Fast: How Many Pwned Password Queries Can You Make Per Second?

I feel the need, the need for speed. Faster, Faster, until the thrill of speed overcomes the fear of death. If you're in control, you're not going fast enough. And so on and so forth. There's a time and a place for going fast, and there's no better place to do that than when querying Have I Been Pwned's Pwned Passwords service. (Ok, a lot less glamorous than the context of the previous statements, but also less likely to have a catastrophic outcome.) In December last year, Pwned Passwords sa...

Weekly Update 283

A super quick intro this week as I take a bit of time out before a hectic week. It's hotel room quality audio this week, but that's a temporary state before I'm back home next week. I hope you entry week 283, so much FUD to debunk on website identity verification... [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699] [https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplaymusic&apn=com.google.android.music&link=https://play.google.com...