Troy Hunt

I'm in Denmark! Well I'm just in Denmark, I'm about to head out the hotel door and into 30 hours of travel which isn't exactly fun, but that's the nature of living on the other side of the world to pretty much everything. This week's update is a little late as my Friday was absolutely non-stop in Denmark. I talk about that below including the preceding days involving some pretty full on sledding in Norway, workshops, talks, ice, slush and snow. Plus, of course, the actual infosec stuff from the...

Usually when we talk about information security, we're talking about the mechanics of how things work. The attacker broke into a system due to a reused password, there was SQL injection because queries weren't parameterised or the company got ransomware'd because they didn't patch their things. These are all good discussions - essential discussions - but there's a broader and perhaps even more important one that we need to have and that's about the security culture within organisations. This is...

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699...

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files. Sometimes - like in the case of the recent South Africa situation - I could be sitting on data for months that's actually very serious in nature...

It's my last day in the sun ☹️ Well, at least it's my last day in the sun for a couple of weeks so today I've gone to the sunniest place I know. It's "the boat edition" of my weekly update and I apologise up front for the rocking motion, the occasional wind noise (I lost the fluffy bit off my smartLav mic [http://www.smartlav.com/]) and the gratuitous amount of sunshine and beach. This week is all about heading off on travels again and the Indian Aadhaar system which is making big headlines ove...

India's Aadhaar implementation [https://en.wikipedia.org/wiki/Aadhaar] is the largest biometric system in the world, holding about 1.2 billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's also an era where this sort of information is constantly leaked to unauthorised parties; last year Equifax lost control of 145.5 million records on US consumers [https://en.wikipedia.org/wiki/Equifax#May%E2...

It's 2018! All new year and already someone has gone and broken our computer things courtesy of the Meltdown and Spectre bugs. I only touch briefly on them in this week's update and I refer people to my Twitter timeline for good coverage I've shared. However, there's one resource which stands out above the others and it's this thread from Graham Sutherland [https://twitter.com/gsuberland/status/948907452786933762]. If you want to get a good overview quickly, start there. In other news, I talk a...

I look back a lot more than what I suspect people realise. Not in a reminiscent way, but rather because I find it helps me put things in perspective. A lot of people like to set personal goals or objectives so that there's something specific they're setting out to achieve but for me personally, I just want to see progress. I want to be able to do these retrospectives - not just on Jan 1 but every day - and say to myself "yeah, I'm happy with how far I've moved ahead". And believe me when I say t...

It's Xmas! Well, it was Xmas but I (and hopefully you too) am still in that Xmas period haze where it's hard to tell one day from the next. Apparently, it's also hard to remember to hit record before talking about this week's updates so yeah, good one Troy! But I did eventually record a full update and in an otherwise slow news week, I thought I'd talk a little bit about Xmas down under in Australia. About 93% of visitors to my blog this year have been from other parts of the world (most notabl...

Regular readers will know I create a lot of Pluralsight courses. It's now 5 years ago I started writing my first one [https://www.troyhunt.com/introducing-owasp-top-10-for-aspnet-on/] which incidentally, is still my highest rated course every month (apparently the OWASP Top 10 as it relates to ASP.NET is still a big thing). Most of the time, the courses I create are on topics I know well, primarily on security but occasionally with a bit of cloud and development practices sprinkled in for variet...