You know how you always wanted a fork with an ARM processor that could upload data wirelessly over the internet? C’mon, you know you want it and now you can get a HAPIfork [http://www.hapi.com/product/hapifork]. Or how about your light globes? Yes, LIFX totally rocks [http://au.lifx.co/] but no, I wasn’t so keen on the idea once I learned your neighbours could pwn your wifi through them [http://www.smh.com.au/digital-life/consumer-security/security-vulnerability-found-in-lifx-smart-light-bulbs-...

These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]Just a quick one as it’s mostly explained in How to Disable SSL 3.0 in Azure Websites, Roles, and Virtual Machines [http://azure.microsoft.com/blog/2014/10/19/how-to-disable-ssl-3-0-in-azure-websites-roles-and-virtual-machines/] , but there are a few bits worth adding. Oh – just in...

As I’ve written in the past [https://www.troyhunt.com/2013/12/micro-optimising-web-content-for.html], I put an awful lot of effort into making Have I been pwned? [https://haveibeenpwned.com/] (HIBP) fast. Not just a bit fast, blisteringly fast and that includes when it’s under a huge amount of load [https://www.troyhunt.com/2014/09/10-things-i-learned-about-rapidly.html]. But there was something bugging me with the site when it came to performance and it was this: That’s right, 33 images loa...

I’ve learned some rather intriguing things about what our mobile apps are doing while we’re not looking in the six days since I launched the challenge to find crazy stuff in mobile app communications [https://www.troyhunt.com/2014/10/find-crazy-stuff-in-mobile-app.html]. For example, there’s the social app that allows you to accept friend requests on behalf of someone else [https://www.troyhunt.com/2014/10/find-crazy-stuff-in-mobile-app.html#comment-1627770487] if you call the API in the right...

We don’t seem to go far these days without the next “catastrophic” bug hitting the internets. Remember how a few weeks ago Shellshock [https://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html] was going to end the internet as we know it? If you believed all the headlines, that sucker was going to own us through our light globes (I suspect some poetic license was taken on my IoT comments) and the web would never be the same. Scroll forward and it’s already “Shell-what?” Earlier th...

In the spirit of “here’s something I couldn’t find an easy answer for so I’m writing it myself”, let me very briefly run you through how to have Raygun ignore specific exception types raised by Web API. Firstly, Web API support came a couple of months ago [https://raygun.io/blog/2014/08/webapi-exception-tracking/] which is rather important given how much stuff is transitioning to APIs these days. I use Web API fairly extensively in Have I been pwned? [https://haveibeenpwned.com/] (HIBP), partl...

Here’s a pop quiz for you: how much data do you reckon this iPad app downloads when it first runs? I don’t mean how big it is to download from the App Store (it’s 25MB), I mean after you download it then simply tap the icon to fire it up, how much data does it pull down if you don’t touch it again? Take a close look and consider the answer before reading on: Now you’ve probably done what I would have done – looked what you can see on the screen, speculated about how you’d build it in a way to...

I imagine this is what it’s like when one of your kids gets old enough to finally beat you at something you’ve poured your heart into teaching them. Yes, I’m proud and it’s awesome that it has turned out so well, but I was still a little disappointed to get this the other day: This came totally out of the blue for me which, of course, is exactly how it’s meant to work. If all this is unfamiliar to you, this is the paste monitoring feature of “Have I been pwned?” (HIBP) which I launched last m...

Remember Shellshock? How could anyone forget! This thing has totally dominated the news – not just the tech news either – and like Heartbleed before it (inevitably the yardstick we compare it to), the hype has been, well, somewhat overinflated. I get it – it is a big thing – but the press has a way of sensationalising things in a pretty unique way. Case in point: I wrote Everything you need to know about the Shellshock Bash bug [https://www.troyhunt.com/2014/09/everything-you-need-to-know-about...

Here’s a scary stat for you: last year was the most hacked year ever. According to Risk Based Security [https://www.riskbasedsecurity.com/reports/2013-DataBreachQuickView.pdf], we saw 823M records exposed via data breaches: Nasty stuff right? Yeah, but it gets worse. As of mid 2014, we’re already looking at 502 million records exposed [http://datalossdb.org/incident_highlights/66-hacking-exposed-78-of-all-records-compromised-in-first-half-of-2014] . Bugger. These breaches keep on coming and w...