11 May 2021 14:25 5 comments Hey @LloydsBank! 2009 called and asked if you’re done sending your customers links to unencrypted HTTP endpoints yet. How do you feel about switching this to a HTTPS link rather than relying on an interceptable/injectable HTTP request?
Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective 27 Apr 2021 Moxie Marlinspike "acquires" a Cellebrite UFED and hacks it, with all the delight and sarcasm you'd expect. Dan partially-translates.
OpenID For WordPress 6 Aug 2005 Update: 12th October 2007 – this project is to be considered abandoned. Please see How To Set Up OpenID For…
Rave Reviews for Your Password Sucks 26 Oct 2012 After running a breakout session entitled "Your password: how bad guys will steal your identity" at the 2012 UAS Conference,…
Security Checklist 16 Jan 2019 Be safe on the internet. An open source checklist of resources designed to improve your online privacy and security. Check…
@LloydsBank They don’t even have HSTS set up: https://t.co/Hndp6eGewd
They have it on HTTPS, and always redirect to HTTPS, so they’re half-trying.