serisec

Tag: was

  • 1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever

    1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever Today, I loaded the 1,000th data breach into Have I Been Pwned. Reflecting on that milestone number, I pondered how to mark the occasion in writing, and what immediately came to mind was a very simple question: why is it still needed? Especially considering…

  • Weekly Update 491

    Weekly Update 491 Well, the ESP32 Bluetooth bridge experiment was a complete failure. Not the radios themselves, they’re actually pretty cool, but there’s just no way I could get the Yale locks to be reliably operated by them. At a guess, BLE is a bit too passive to detect state changes, and unless it was…

  • Weekly Update 488

    Weekly Update 488 It’s the discussion about the reaction of some people in the UK regarding their impending social media ban for under 16s that bugged me most. Most noteably was the hand-waving around “the gov is just trying to siphon up all our IDs” and “this means everyone will have to show ID, not…

  • Who Decides Who Doesn’t Deserve Privacy?

    Who Decides Who Doesn’t Deserve Privacy? Remember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data breach of all time. There are many reasons for this accolade, but chief among them is that by virtue of the site being expressly designed to…

  • Weekly Update 473

    Weekly Update 473 This week’s video was recorded on Friday morning Aussie time, and as promised, hackers dumped data the following day. Listening back to parts of the video as I write this on a Sunday morning, pretty much what was predicted happened: data was dumped, it included Qantas, and the injunction did nothing to…

  • Weekly Update 468

    Weekly Update 468 I only just realised, as I prepared this accompanying blog post, that I didn’t talk about one of the points in the overview: food. One of my fondest memories as a child living in Singapore and now as an adult visiting there is the food. It’s one of those rare places where…

  • Weekly Update 463

    Weekly Update 463 I’ve listened to a few industry podcasts discussing the Tea app breach since recording, and the thing that really struck me was the lack of discussion around the privacy implications of the service before the breach. Here was a tool where people were non-consensually uploading photos of others and leaving fairly intimate…

  • Welcoming Aura to Have I Been Pwned’s Partner Program

    Welcoming Aura to Have I Been Pwned’s Partner Program One of the greatest fears we all have in the wake of a data breach is having our identity stolen. Nefarious parties gather our personal information exposed in the breach, approach financial institutions and then impersonate us to do stuff like this: So I recently somewhat…

  • Weekly Update 458

    Weekly Update 458 I’m in Austria! Well, I was in Austria, I’m now somewhere over the Aussie desert as I try and end this trip on top of my “to-do” list. The Have I Been Pwned Alpine Grand Tour was a great success with loads of time spent with govs, public meetups and users of…

  • Weekly Update 457

    Weekly Update 457 Firstly, apologies for the annoying clipping in the audio. I use a Rode VideoMic that’s a shotgun style that plugs straight into the iPhone and it’s usually pretty solid. It was also solid when I tested it again now, just recording a video into the phone, so I don’t know if this…

  • Weekly Update 442

    Weekly Update 442 We survived the cyclone! That was a seriously weird week with lots of build-up to an event that last occurred before I was born. It’d been 50 years since a cyclone came this far south, and the media was full of alarming predictions of destruction. In the end, we maxed out at…

  • Weekly Update 435

    Weekly Update 435 If I’m honest, I was in two minds about adding additional stealer logs to HIBP. Even with the new feature to include the domains an email address appears against in the logs, my concern was that I’d get a barrage of “that’s useless information” messages like I normally do when I load…

  • Weekly Update 428

    Weekly Update 428 I wouldn’t say this is a list of my favourite breaches from this year as that’s a bit of a disingenuous term, but oh boy were there some memorable ones. So many of the incidents I deal with are relatively benign in terms of either the data they expose or the nature…

  • Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching

    Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching I’ve spent more than a decade now writing about how to make Have I Been Pwned (HIBP) fast. Really fast. Fast to the extent that sometimes, it was even too fast: The response from each search was coming back so quickly…