More than one friend recently has had their social media account compromised or stolen. Often this is a consequence of a combination of bad password hygiene and a third party data breach. If you use the same password on multiple sites, and one of those sites suffers a breach, you run the risk that your account on every other site where you reused that password is vulnerable to compromise. As an excuse to try out the new Azure N series VMs with their NVidia GPUs, I found an email I recognised in one of the breaches, and followed it from hash through to brute-forced password to prove the point. Continue reading
I spent a bit of time over the Christmas break revamping this site and preparing to write more posts. I moved to the nice clean theme – not unlike Medium for ease of reading, and I wanted to move the whole site to HTTPS. Why enable SSL for the whole site? Continue reading
As a bit of fun I got hold of the LinkedIn data leak and knocked up a tool to check if a given password is in the leak. Take a look at it here: http://leakedin.durdle.com/ By now there are probably multiple other sites doing the same thing, but I like the logo on mine and it was an excuse to play with JQuery, JSON and MySQL again.