HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

  • Home
  • Visit Our Shop
  • Download the free App
  • Contact us for Info
VISIT OUR SHOP! CLICK HERE !

Weekly Update 138

by / Friday, 14 June 2019 / Published in Hacking
Share
Tweet
Pin
0 Shares

Presently sponsored by: Twilio: Learn what regulations like PSD2 mean for your business, and how Twilio can help you achieve secure, compliant transactions

Weekly Update 138

After a mammoth 30-hour door-to-door journey, I’m back in the USA! It’s Minnesota this week and I’ve just wrapped up a couple of days of Hack Yourself First workshop followed by the opening keynote at NDC followed by PubConf. All great events but combined with the burden of travel, all a bit tiring too (plus, it turns out that emails don’t stop coming in when you’re busy…) There’s a real crypto theme to this week’s update courtesy of some of the contents in my keynote, a really ridiculous article on PC Mag I came across and a lovely meeting with a few of the folks from Let’s Encrypt. There’s also a follow-up to the video I promised to include in this blog post…

After recording this piece, I went and checked what had changed on that PC Mag article about certs. As expected, it turns out it was just promotional content on Sectigo, specifically changing the name from Comodo and also changing some of the content. Here’s a diff of the archive.org version from earlier this month versus today:

card kg-image-card“>Weekly Update 138

card kg-image-card“>Weekly Update 138

Gotta keep that “good reputation”! Still in the PC Mag article:

  1. “you’re probably best off clicking away from [sites using DV certs] as fast as you can”
  2. “most modern web browsers will indicate that an EV certificate is being used by showing a green Uniform Resource Locator (URL) bar”
  3. “You usually get what you pay for”

To be clear too: archive.org shows a few edits of that article in October and November last year then nothing until the 6th of May which is the day I tweeted this:

How on earth did @PCMag manage to publish a piece on certificate authorities and only focus on the paid ones without a single mention of @letsencrypt? Can you comment on this @gleefulmischief? To conclude that "You usually get what you pay for" is grossly misleading. https://t.co/9IpPvdHheO

— Troy Hunt (@troyhunt) May 6, 2019

You can see why this sort of thing is so frustrating to folks like Scott and I; imagine what it’s like for people actually trying to figure out what certificate they should acquire! Anyway, all that and more in this week’s update:

Weekly Update 138
Weekly Update 138
Weekly Update 138

References

  1. I’m doing another Hack Yourself First workshop in New York next week (we’ve still got tickets available for that one, kicks off on Monday!)
  2. PC Mag did an absolute hatchet piece on certificates full of disinformation and clearly motivated by commercial desires (I’ve linked to my tweet as the ensuing discussion makes for “entertaining” reading)
  3. Some people remain insistent on arguing about Let’s Encrypt’s success to the fullest extent possible (but they’re easily debunked arguments, which brings me to the next point…)
  4. Let’s Encrypt certs are now used by 38% of the Alexa Top 1M sites serving content over HTTPS (that’s based on Scott’s nightly crawler stats)
  5. There’s some real upsides to having phishing sites served over HTTPS (that’s Scott’s piece from Jan last year)
  6. Varonis is sponsoring my blog this week (they’re talking about insider threats again, courtesy of the course I made for them ?)


Troy Hunt’s Blog

Share
Tweet
Pin
0 Shares
Tagged under: Update, Weekly

Search on the site

Our customers say

Annabel M. – Systems Engineer

 
Samuel D. – Ethical Hacker

 
Karola M. – Influencer

 
Marcus P. – Private Investigator

 
Rosemary S. – Housewife

 
Amit V. – IT Consultant

 
Matthew C. – Entrepreneur

 
Aisha B. – Computer Science student

 
Li W. – IT Analyst

 
Robert C. – Programmer

 

Click here now to visit our Shop!

Click here now to visit our Shop!

Other 2300 users like you have already done it this year!

DOWNLOADED 1316 TIMES!

DOWNLOADED 1316 TIMES!

Download now Hacker Secret our free Android app.

CONTACT US NOW FOR IMMEDIATE SUPPORT!

Contact Us
Write your email address here
Write here how we can help you - we support you immediately for all your needs!

Latest posts

  • How to tell if someone is stealing your wifi

  • How to check saved passwords on Chrome

  • The Computer Security Day

  • What is digital forensics

  • How to install Metasploit in Termux?

## Are you looking for products for hacking, computer security and penetration testing? Do you need to clean up your smartphone, your PC or your site from viruses and malware? Do you need to track down someone or retrieve urgent information? Do you want to buy devices already configured to experiment all the hacking techniques quickly and easily? Do you have special needs in software or hardware? ##

Contact us now … another 2300 users like you have already done it this year!

Click here now!

 

All the techniques, products and services described or contained on this site are intendend for exclusive use of study and professional training and to test the security of own's computer network in accordance with the national legislations on access to computer and online systems. All the services provided on this site (penetration testing, social accounts hardening, Incident Response & CSIRT, MSSP, Cybersecurity Consultancy, etc.) can be provided only with prior written and documented authorization from the owners or their legitimate representatives in accordance with current national regulations .

TOP
New Order