Ah, impending summer on the Gold Coast! It's that time of year when you can just start to sense those warm beach days and it's absolutely my favourite time of year here. Which means... it's time to head off to other events again. Fortunately it's all domestic this time as I head south to Sydney and Melbourne and maintaining my "no fly unless I absolutely have to" stance, it's long, open road drives, copious podcasts and lots of thinking time.
On the infosec side of things, there's a a bunch of HTTPS related content this week plus a couple of (really) sensitive data breaches. I do give a warning at the beginning of this week's update that one of them in particular is pretty, uh, "edgy" and may not be something you want to listen to, but it consumed a bunch of cycles this week and IMHO is worthy of discussion. It's a weird, weird world out there on the web...
References
- I'm at Ping IDENTIFY in Sydney on Tuesday
- And then Ping IDENTIFY in Melbourne on Thursday
- Chrome is changing the way it handles mixed content (good steps forward which amount to eventually upgrading all insecure subresource requests)
- Some people actually think that Firefox has killed EV (EV still works just fine, it's only the visual indicator that's gone)
- The Zooville breach taught me that zoophilia and bestiality laws are really, really weird (I learned - and saw - many things whilst process this one)
- Sponsored by Varonis. Free Video Course: 7 Hidden Office 365 Security Settings You Can Only Unlock with PowerShell