Hey @LloydsBank! 2009 called and asked if you’re done sending your customers links to unencrypted HTTP endpoints yet. How do you feel about switching this to a HTTPS link rather than relying on an interceptable/injectable HTTP request?
Previous Post:
Ireland and the UK Aren’t In The Same Timezone!
Ireland and the UK Aren’t In The Same Timezone!
Next Post:
Mow-Rio Kart
Mow-Rio Kart
Previous Note:
The Last Supper
The Last Supper
Next Note:
Next Post
Next Post
Related Posts
Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective
Moxie Marlinspike "acquires" a Cellebrite UFED and hacks it, with all the delight and sarcasm you'd expect. Dan partially-translates.
OpenID For WordPress
Update: 12th October 2007 – this project is to be considered abandoned. Please see How To Set Up OpenID For…
Rave Reviews for Your Password Sucks
After running a breakout session entitled "Your password: how bad guys will steal your identity" at the 2012 UAS Conference,…
Security Checklist
Be safe on the internet. An open source checklist of resources designed to improve your online privacy and security. Check…
@LloydsBank They don’t even have HSTS set up: https://t.co/Hndp6eGewd
They have it on HTTPS, and always redirect to HTTPS, so they’re half-trying.