Weekly Update 156

Written by Troy Hunt / Original link on Sep. 13, 2019

Weekly Update 156

Turns out it's actually a sunny day in Oslo today, although it's the last one I'll see here for quite some time before heading off to Denmark then other European things for the remainder of this trip. I'm talking a little about those events (all listed on my events page), this week's changes to EV, more data breaches and a somewhat semantic argument about the definition of "theft".

Weekly Update 156Weekly Update 156Weekly Update 156


  1. Entrust are convinced you should still pay them for EV certs (even though the primary value proposition they're still promoting is now gone...)
  2. Scott killed a million bucks worth of EV certs (it turns out that extended validation isn't always so... extended)
  3. The hacking forum got breached and is now in HIBP (a lot of private messages in there people really wouldn't want being traced back to them)
  4. Garmin in South Africa had a whole bunch of credit cards siphoned off (looks like a classic Magecart attack)
  5. Does a data breach actually constitute "theft" given the original owner isn't deprived of it? (that's a link to the Twitter thread on it, I think the term is a bit overloaded TBH)
  6. Sponsored by Okta: You wouldn’t roll your own hashing algorithm, so why build your own auth? Secure users in mins with a free dev account.

weekly-update 117

« Automatically compress images to your Pull Requests with this GitHub Action - Route Wildcards »