Free Post HTTPS Debunking the fallacy that paid certificates are better than free certificates, and other related nonsense Those that know me or have followed me online will know I'm a massive advocate of encryption on the web. One of my goals is to help encrypt...
Free Post Security Headers When crawlers are hungry for porn... I had a bit of a strange issue on Security Headers this week and at first I thought it was someone trolling me. Turns out it wasn't someone...
Free Post HTTPS Do SSL warranties protect you? As much as rocks keep tigers away... This post is the first of two that I will be publishing over the coming days to address a few concerns that seem to be rising in the wider community....
Free Post Security Headers Alexa Top 1 Million Analysis - February 2018 It's that time of year again! I'm really excited to publish the 6th installment of my Alexa Top 1 Million analysis so we can take a...
Free Post HTTPS Why we need to do more to reduce certificate lifetimes In the early days of the encrypted web you could get certificates valid for any period of time. Long gone are those days and as more time goes by we...
Free Post nissan leaf Analysing variations in EV efficiency This blog is a break from the normal security focus of articles I write but I do have other interests outside of security! I drive an Electric Vehicle and one...
Free Post PKI Are you ready for the Symantec distrust? It's been common knowledge in the wider PKI community that Symantec, the Certificate Authority, is currently being distrusted and will soon cease to exist as a CA. My...
Free Post CSP Protect your site from Cryptojacking with CSP + SRI We saw a pretty big event take place over the weekend where a 3rd party provider was compromised and their JS library was altered. The alteration introduced a crypto mining...
Free Post Report URI Hacking Azure Table Storage to do ORDER BY on Timestamp I recently wrote about a little hack we did with Azure Table Storage to give us functionality equivalent to a LIKE query in SQL, something not natively supported in Table...
Free Post Report URI Launching Report URI JS The most common way to set a Content Security Policy on your site is to deliver it as a HTTP response header, but that's not always possible. On...