Crikey, what a week! Between the two Cloud[thing] stories, most of the last 7 days has disappeared with research, writing, media and seeing the first Cloud[thing] turn into a bit of a non-event whilst recoiling in abject horror as the second Cloud[thing] continued to unfold. This ended up being a 35 minute "update" which is way longer than I'd normally do, but I really wanted to drill into those two stories in particular and try to express some views in a way that doesn't always come across in w...

One of the best things I do on trips away is walk. It's a combination of things really; it's great for getting over jet lag, a fantastic way a seeing new places and if you do enough of it, a good workout too. I'll regularly walk 20+ kilometres when I've got a full day off in a nice spot, just seeing the sights, meeting up with random Twitter followers and taking some time out in nice spots to get a bit of work done. Which brings me to the Lenovo angle. I've always been of the mindset that a ser...

Only a couple of weeks ago, there were a lot of news headlines about how Germany had banned an internet-connected doll called "Cayla" over fears hackers could target children [http://www.telegraph.co.uk/news/2017/02/17/germany-bans-internet-connected-dolls-fears-hackers-could-target/] . One of their primary concerns was the potential risk to the privacy of children: > conversations between the child and others can be recorded and forwarded The Germans had a good point: kids' toys which record...

It has a cool name and a logo - this must be serious! Since Heartbleed [https://en.wikipedia.org/wiki/Heartbleed], bug branding has become a bit of a thing and more than anything, it points to the way vulnerabilities like these are represented by the press. It helps with headlines and I'm sure it does wonderful things for bug (brand?) recognition, but it also has a way of drumming up excitement and sensationalism in a way that isn't always commensurate with the actual risk. That said, the Cloud...

I started out doing this weekly update with not much news to share due to being away running a workshop for a couple of days then sitting on planes and in airports for another day. It was only as I finished recording I saw both shattered.io [http://shattered.io/] and CloudBleed [https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/] , both of which you know are serious because they have cool bug names and even logos. But in all seriousness, these are both m...

These days, I find myself spending more and more time in Europe. Four trips last year and one already this year versus only a single trip to the US each year (which I'm still on). There just tends to be more demand for events and workshops and if I'm honest, I particularly like the place. I've got a lot of history there having lived in the UK and Netherlands before and I love spending time back there sitting the sun at historic locations with a decent coffee or sampling the local breweries. Fun...

What an awesome spot for a weekly update! Just one of the sensational views I saw today, the first day I've completed a full marathon: Ok, bit more than a marathon, 51.19km in total according to Runkeeper [https://runkeeper.com/user/troyhunt/activity/935895934]. Now frankly, I'm not overly keen on running (I just get bored), so I walked all over San Francisco, looked at interesting things, took plenty of photos and had some nice breaks instead. I took my Lenovo Yoga 900 in the backpack (I'll...

I got up this morning thinking "I need to do my weekly update today because it's Friday". Except it's not, and due to the joy that is international travel, I really had no idea what day it was! So bottom line, I'm a day late, but with me heading off to the US for the RSA conference on Wednesday, I'm not even sure there's a lot of point me trying to acclimatise to home before I go. Regardless, this week I talk about some of that travel, how I'm now handling "fabricated" data breaches in HIBP (an...

I hit a bit of a milestone last week with HIBP which I thought deserved a little celebration: > Sometime today, @haveibeenpwned [https://twitter.com/haveibeenpwned] broke through the 1M verified subscriber mark. Having a quiet champagne alone before flying home ?? pic.twitter.com/whIss3OXeO [https://t.co/whIss3OXeO] — Troy Hunt (@troyhunt) February 2, 2017 [https://twitter.com/troyhunt/status/827214872119226368] A million verified subscribers (that is they've received a welcome email and click...

I've written before about how I verify data breaches [https://www.troyhunt.com/heres-how-i-verify-data-breaches/] and discussed it at length in various conference talks. I take verification very seriously because misattribution can have serious consequences on the company involved, those in the alleged breach and indeed, on myself as well. To give you a sense of how much effort can go into verification, last month I wrote about a data breach investigation blow by blow [https://www.troyhunt.com/a...