It's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and I just simply didn't get time to push this out until sitting at the airport waiting for the plan home.
This week's update is a little different as we did it at SSW's recording setup in front of a live audience. Better video, better audio and some questions asked in the process too. Other than that, it's business as usual: more keyloggers on payment forms, more data breaches and a massive extended validation smack-down.
References
- Scott published his blog post about Magecart coming for you (then right after that the NewEgg breach was announced)
- SRI is a super useful little browser feature (it doesn't negate the need to review the code you're running, but it's not meant to either)
- EV is a dead duck (seriously, read that post if you haven't already, it's just an absolutely pointless security mechanism as it stands today)
- Tech Fabric are sponsoring my blog this week (big thanks to those guys for their ongoing support!)
Oh - and PayPal still has no EV either ?
3 days later, PayPal still isn't showing the EV indicator in Chrome on Windows. Could it possibly be that it's just not that important? https://t.co/tQ3eMqJIz0 pic.twitter.com/GDRnHW84fn
— Troy Hunt (@troyhunt) September 21, 2018