Strap yourself in, this is a big one! Big video, big breach (scrape?), and a big audience today. The Twitter incident consumed a heap of my time before, during and after this live stream, but then I go and get a sudden itch to do stuff like the number plate capturing and, well, there goes even more hours I don’t have. But hey, I love what I do and I have no regrets, I hope you enjoy watching this week’s vid 😊

Oh – one more thing: today I set up an official Mastodon account for HIBP. If you’ve got a footprint in the fediverse, please go and give the account a follow. There are a bunch of others out there that definitely aren’t run by me, it’s only this one, it only follows me personally and it has a verified website of haveibeenpwned.com so should be easy to find even if you don’t follow the link above.

Listen on Apple Podcasts
Get it on Google Play
Download via RSS


  1. The old legacy rate limit for the HIBP API is now gone (loads of warning on this, but the stats show a lot of extra requests being rate limited since the change hit)
  2. The Deezer breach has been really poorly communicated on their behalf (seems like they forgot to notify, well, everyone!)
  3. Looks like the scraped Twitter data all came by throwing previously breached email addresses at a vulnerable API (you can’t even blame Elon for that one… but you can probably blame him for the zero comms on the incident)
  4. I had way too much fun letting ChatGPT mess with a spammer (he wasn’t quite as amused as me 🤣)
  5. I’ve been playing around with capturing number plates via my Ubiquiti gear (after more trialling today, my conclusion is that I need to get my hands on some of their new AI gear and stop trying to build this myself)
  6. Sponsored by: 1Password, a secure password manager, is building the passwordless experience you deserve. See how passkeys work
Weekly update


Source link