It's been a really long time coming, but, the end is finally here for the padlock icon in the address bar! 🔒🚫 A Long Road Wow, where do I start?! Whilst the dawn of the encrypted Web was in 1994,…
Category: Scott Helme
Report URI to partner with PCI Security Standards Council
As part of our continued effort to drive security forwards at Report URI, we're joining the PCI SSC as a Participating Organisation. This will allow us to have more direct involvement in the development and improvement of the PCI DSS,…
5 Years On: What did we learn from the Government Cryptojacking Attack?
5 years ago, I published a blog post covering one of the most widespread and potentially damaging Cryptojacking attacks seen on the Web. Despite the extensive coverage in global media at the time, and the realisation of just how bad…
Boosting password security! Pwned Passwords, zxcvbn, and more!
As we're constantly working to improve Report URI, time is not always spent on new features and bug fixes. We always want to offer the most secure service we can and recently, we made some upgrades that will help our…
Strengthening security on my Apple account!
Apple announced some awesome, new security features last year and they were due to land in 2023. Well, it's 2023, and they've landed! Apple are bringing some mega security features in 2023! https://t.co/iYi020xt53 — Scott Helme (@Scott_Helme) December 7, 2022…
Strengthening security on my Apple account!
Apple announced some awesome, new security features last year and they were due to land in 2023. Well, it's 2023, and they've landed! Apple are bringing some mega security features in 2023! https://t.co/iYi020xt53 — Scott Helme (@Scott_Helme) December 7, 2022…
Announcing the new Security Headers API, New Features and Upgrades!
It has been one of the most commonly requested features for a long time, and finally I'm happy to announce that it's here, the Security Headers API!!! Security Headers API I know, I know, it took me too long! If…
Report URI Penetration Test 2022
Another year of development, new features, bug fixes and progress has been made so that means it's time for our annual penetration test over at Report URI! Penetration Tests As is tradition, Report URI has just undergone another penetration test…
The M140i project post – Part 17
It's been a while since I've had time to work on my car and then to find time to write up what it is that I've been up to, but, it's time for another post! The Series The last post…
New pricing for Report URI
Report URI has been running as a publicly available service for over 7 years now and this will be the first ever change to our pricing. Don't worry though, if you're an active subscriber, this won't have any impact on…
Expanding the Threat Intelligence capabilities on Report URI
It wasn't so long back when I blogged about our first announcement of Threat Intelligence capabilities at Report URI, and I said back then that we'd be announcing more over the coming months. Well, it's time for the next set…
Report URI has a new look!
It's been a long time since the main website for Report URI got any real attention, with all of our efforts being focused on developing new features and improving existing ones. The time has finally come for a bit of…
Implementing all the Stripe things for Report URI
We've recently pushed some changes to the Report URI billing processes that will result in a better experience for our users, give us less lines of code to maintain and simplify our tax handling! What are the changes? Before I…
Implementing all the Stripe things for Report URI
We've recently pushed some changes to the Report URI billing processes that will result in a better experience for our users, give us less lines of code to maintain and simplify our tax handling! What are the changes? Before I…
I’m now a Microsoft Most Valuable Professional!!
Yep, that's right! I'm now able to announce that I'm super excited to be recognised as a Microsoft MVP! Microsoft MVP You can find a full overview of the MVP Award here, but here's a quick snippet that I'm particularly…
I’m now a Microsoft Most Valuable Professional!!
Yep, that's right! I'm now able to announce that I'm super excited to be recognised as a Microsoft MVP! Microsoft MVP You can find a full overview of the MVP Award here, but here's a quick snippet that I'm particularly…
Another free CA to use via ACME!
I've been really happy over the years to see more CAs start to offer certificates via ACME and that those CAs have some kind of free certificate offering. Let's Encrypt is awesome and I've used them since the beginning, but…
The first ever issue with my Pi-hole, and I don’t know what happened…
It was all the way back in April 2018 when I first blogged about setting up my Pi-hole and since then, along with many upgrades and improvements, I've never had a single problem. Until now… Pi-Hole If you've not heard…
Report URI: Major new features, Threat Intelligence and more!
As Report URI has continued to grow, we're constantly hearing about new things that our users want. Alongside maintaining the site, fixing bugs and constantly scaling, we're always listening to feedback to guide us on feature development too. Based on…
The M140i project post – Part 16
It's been a while since I published something about my car and it's another big post! I've talked about alcohol based fuels before, like my methanol injection post or my ethanol fuel blending post, but this time I'm going a…
Top 1 Million Analysis – June 2022
Thanks to the sponsorship provided by Venafi for this post, we have another Top 1 Million Analysis just 6 months after the last one in November 2021! Let's take a look at what's changed in the last 6 months and…
Increasing entropy in our CSP nonces
This article has been indexed from Scott Helme I've talked many times about CSP and CSP nonces, the easy way to control JavaScript on your page, but someone recently pointed out an area we could improve. Report URI needed to…
PCI DSS 4.0; It’s time to get serious on Magecart
This article has been indexed from Scott Helme The latest version of PCI DSS just dropped and it's really awesome to see that one of the most notorious threats that we face online when it comes to payment card data…
Re-bloom! Pwned Passwords v8
This article has been indexed from Scott Helme After the recent release of the Pwned Passwords v8 dataset, it was time to update my Bloom Filter implementation of Pwned Passwords! Bloom Filters If you aren't familiar with what a Bloom…
Re-bloom! Pwned Passwords v8
This article has been indexed from Scott Helme After the recent release of the Pwned Passwords v8 dataset, it was time to update my Bloom Filter implementation of Pwned Passwords! Bloom Filters If you aren't familiar with what a Bloom…
Can you get pwned with CSS?
This article has been indexed from Scott Helme I recently started to consider changing the grading criteria on Security Headers which isn't something that happens very often. I wanted to make a change that would result in more sites achieving…
Projects I Support
This article has been indexed from Scott Helme As we roll further into 2022, I wanted to outline the projects and other activities in the community that I support in the hope that it might inspire you to consider doing…
Projects I Support
This article has been indexed from Scott Helme As we roll further into 2022, I wanted to outline the projects and other activities in the community that I support in the hope that it might inspire you to consider doing…
If it looks like a duck, swims like a duck, and QWACs like a duck, then it’s probably an EV Certificate
This article has been indexed from Scott Helme For a little while now I've been following a new type of certificate that you may soon be hearing a lot more about. They're called a "Qualified Website Authentication Certificate", or QWAC,…
Responding to the Log4j 2 vulnerability (CVE-2021-44228)
This article has been indexed from Scott Helme This blog post isn't going to be a deep dive into the vulnerability itself, but instead how Report URI reacted as an organisation and the things we've improved, even though we don't…
Top 1 Million Analysis – November 2021
This article has been indexed from Scott Helme Wow! It's been quite a while since I've had time to do my regular analysis of security in the Top 1 Million site, but it's happening again! As it's been over 18…
Frequency analysis on hundreds of billions of reports at Report URI: Top-K
This article has been indexed from Scott Helme After looking at how a Bloom Filter works and moving on to understand a Count-Min Sketch, we were left with the final problem of identifying the most frequent reports we see at…
Report URI is now using CSP nonces in an enforced policy
This article has been indexed from Scott Helme Hurrah! Sometimes it takes a little while for projects to make it through your backlog and into production, but the nonce-based policy for CSP on Report URI can now be crossed off…
Report URI Penetration Test 2021
This article has been indexed from Scott Helme Wow, where did that last year go?! It's time for our annual penetration test again over at Report URI and just like we did last year, we'll be publishing the entire report,…
Sketchy Pwned Passwords
This article has been indexed from Scott Helme After playing with some more probabilistic data structures and talking about Count-Min Sketch, I wanted to expand on my previous work with the Pwned Passwords data set. This is quite an interesting…
Frequency analysis on hundreds of billions of reports at Report URI: Count-Min Sketch
This article has been indexed from Scott Helme At the time of writing, Report URI has processed a total of 669,142,999,794 reports. That's a lot of reports and sometimes it can be difficult to work with such large volumes of…
Frequency analysis on hundreds of billions of reports at Report URI: Count-Min Sketch
This article has been indexed from Scott Helme At the time of writing, Report URI has processed a total of 669,142,999,794 reports. That's a lot of reports and sometimes it can be difficult to work with such large volumes of…
When Pwned Passwords Bloom!
This article has been indexed from Scott Helme I recently wrote about Bloom Filters, the hugely space efficient, probabilistic data structures, and how great they can be. I wanted to create a demonstration of just how useful they could be…
Frequency analysis on hundreds of billions of reports at Report URI: Bloom Filters
This article has been indexed from Scott Helme Have we seen this report before? It sounds like a simple question to ask of a service that collects and processes hundreds of millions of reports per day, and in many ways…
Frequency analysis on hundreds of billions of reports at Report URI: Bloom Filters
This article has been indexed from Scott Helme Have we seen this report before? It sounds like a simple question to ask of a service that collects and processes hundreds of millions of reports per day, and in many ways…
Working around expired Root Certificates
This article has been indexed from Scott Helme Should clients care about when a Root Certificate expires? That's a bit of an odd question, and the first time I asked myself this question, the answer was a resounding 'yes, of…
Let’s Encrypt Root Expiration – Post-Mortem
This article has been indexed from Scott Helme Well, the Internet Apocalypse came and went! Due to the recent expiration of the Let's Encrypt intermediate and root certificates, I saw more widespread issues than I was expecting, but on different…
Let’s Encrypt’s Root Certificate is expiring!
This article has been indexed from Scott Helme On 30th September 2021, the root certificate that Let's Encrypt are currently using, the IdentTrust DST Root CA X3 certificate, will expire. You may or may not need to do anything about…
The M140i project post – Part 15
This article has been indexed from Scott Helme I took a bit of a break from writing up my work on the M140i but I'm back and there are a few things I want to cover! This post is going…
The danger of open redirects!
This article has been indexed from Scott Helme Like everyone else, I get a lot of spam emails that range from downright annoying through to deceptive phishing emails that are really dangerous. Today I got one of the latter and…
The danger of open redirects!
This article has been indexed from Scott Helme Like everyone else, I get a lot of spam emails that range from downright annoying through to deceptive phishing emails that are really dangerous. Today I got one of the latter and…
Creating a Home Alarm System with Home Assistant
This article has been indexed from Scott Helme I've not talked too much about my Home Assistant installation but it's absolutely amazing and I've just done something even more awesome with it. Creating a home alarm system was much easier…
Setting up HTTPS for Home Assistant
This article has been indexed from Scott Helme I absolutely love Home Assistant and if you follow me on Twitter then you will have probably seen me talking about various awesome things that I do with HA. This blog post…
I turned on CSP and all I got was this crappy lawsuit!
This article has been indexed from Scott Helme Yes, you did read that right. It turns out that enabling CSP on your website, specifically CSP nonces, is enough for you to get threatening letters about patent infringement! I've heard of…
Here’s another free CA as an alternative to Let’s Encrypt!
This article has been indexed from Scott Helme As the use of HTTPS continues to increase across the Web, we need more support from Certificate Authorities that issue the certificates to make it all work. I'm a huge fan of…
Setting up HTTPS on the UniFi Protect NVR
This article has been indexed from Scott Helme I recently wrote about setting up a new CCTV system for my house using the UniFi Protect range and like all good bits of kit, it comes with a web interface. Using…
Introducing Data Watch: Detect Magecart style attacks, fast!
This article has been indexed from Scott Helme We recently announced a new feature that we'd been working towards for quite some time called Script Watch. Allowing you to be quickly notified of new JavaScript dependencies that appear anywhere on…
Introducing Data Watch: Detect Magecart style attacks, fast!
This article has been indexed from Scott Helme We recently announced a new feature that we'd been working towards for quite some time called Script Watch. Allowing you to be quickly notified of new JavaScript dependencies that appear anywhere on…
Magecart are still going strong, join us and fight back!
This article has been indexed from Scott Helme Yesterday at Report URI we launched the first of several new features that are going to specifically target and help mitigate Magecart and similar attacks. Magecart is a massive threat to any…
Introducing Script Watch: Detect Magecart style attacks, fast!
This article has been indexed from Scott Helme I'm really excited to be announcing something that we've been working towards for a long time at Report URI, Script Watch! Continuing our goal of making browser security features like CSP easier…
Securing my house with Ubiquiti’s UniFi Protect range
This article has been indexed from Scott Helme Regular readers will know that I'm a fan of Ubiquiti's UniFi range of products, having built two home networks using them, but now, I'm expanding outside of the networking hardware. Not only…
Securing my house with Ubiquiti’s UniFi Protect range
This article has been indexed from Scott Helme Regular readers will know that I'm a fan of Ubi1uiti's UniFi range of products, having built two home networks using them, but now, I'm expanding outside of the networking hardware. Not only…
What the FLoC?!
Read the original article: What the FLoC?! There have been quite a few mentions of FLoC recently and several people have been providing various links, bits of information and questions about the new feature. Whilst it's still quite a new…
What the FLoC?!
Read the original article: What the FLoC?! There have been quite a few mentions of FLoC recently and several people have been providing various links, bits of information and questions about the new feature. Whilst it's still quite a new…
Transparency about Data Protection at Report URI
Read the original article: Transparency about Data Protection at Report URI When I started building Report URI almost 6 years ago, it was a small project operated by just me and handled very little data. With 6 years behind us…
Transparency about Data Protection at Report URI
Read the original article: Transparency about Data Protection at Report URI When I started building Report URI almost 6 years ago, it was a small project operated by just me and handled very little data. With 6 years behind us…
Enabling COOP and COEP reports on Report URI
Read the original article: Enabling COOP and COEP reports on Report URI A couple of months ago I talked about a few new features coming to a browser near you that included both COOP and COEP. With the latest version…
The M140i project post – Part 14
Read the original article: The M140i project post – Part 14 With a significant amount of work having taken place on my car over the last year or so, a lot of effort also goes into making sure nothing goes…
Supercharging your DNS with Cloudflare for Teams!
Read the original article: Supercharging your DNS with Cloudflare for Teams! I was recently quite surprised to be introduced to an idea about using Cloudflare for Teams to look after my personal DNS. I’ve never used Cloudflare for Teams before…
Catching and dealing with naughty devices on my home network – V2
Read the original article: Catching and dealing with naughty devices on my home network – V2 I’ve previously tackled a problem on my local network where devices would be naughty and try to sneak around by using their own DNS…
Setting up a quick and easy status page with Cloudflare Workers!
Read the original article: Setting up a quick and easy status page with Cloudflare Workers! I use status pages for other services now and again to see if I’m experiencing issues or if they’re experiencing issues and I decided that…
Setting up a quick and easy status page with Cloudflare Workers!
Read the original article: Setting up a quick and easy status page with Cloudflare Workers! I use status pages for other services now and again to see if I’m experiencing issues or if they’re experiencing issues and I decided that…
The M140i project post – Part 13
Read the original article: The M140i project post – Part 13 In Part 11 and Part 12 I looked at the introduction of alcohol based fuel with my Water/Methanol Injection system and Ethanol fuel blending. In Part 13 we’re going…
COEP COOP CORP CORS CORB – CRAP that’s a lot of new stuff!
Read the original article: COEP COOP CORP CORS CORB – CRAP that’s a lot of new stuff! Yep, you heard it right, we have a few new security features and even some new Security Headers in town! Whilst technically only…
Running my own DoH relay and getting Pi-hole protection away from home!
Read the original article: Running my own DoH relay and getting Pi-hole protection away from home! I absolutely love the protection my Pi-hole gives me at home and absolutely hate how I don’t get those benefits when I’m not at…
Report URI Penetration Test
Read the original article: Report URI Penetration Test In line with our constant desire to improve and offer the best service we can, Report URI recently went through an independent penetration test as many other companies and organisations do. Unlike…
Report URI Penetration Test
Read the original article: Report URI Penetration Test In line with our constant desire to improve and offer the best service we can, Report URI recently went through an independent penetration test as many other companies and organisations do. Unlike…
The M140i project post – Part 12
Read the original article: The M140i project post – Part 12 Following on from the wild idea of injecting water and methanol into my engine in Part 11, Part 12 is going to have a considerable focus on more alcohol…
Introducing another free CA as an alternative to Let’s Encrypt
Read the original article: Introducing another free CA as an alternative to Let’s Encrypt Let’s Encrypt is an amazing organisation doing an amazing thing by providing certificates at scale, for free. The problem though was that they were the only…
Want to Encrypt All The Things? Firefox has you covered with HTTPS-Only Mode!
Read the original article: Want to Encrypt All The Things? Firefox has you covered with HTTPS-Only Mode! We are currently powering towards an encrypted Web and in recent years we’ve made tremendous progress on that journey. In the latest version…
Déjà vu – macOS hits OCSP hurdles
Read the original article: Déjà vu – macOS hits OCSP hurdles Regular readers will have seen me talk about OCSP many times before and some of those times are going back quite a number of years. That’s why it came…
The M140i project post – Part 11
Read the original article: The M140i project post – Part 11 This is going to be a big one and I’m super excited! In this post I’m only going to be talking about one thing but it’s pretty significant in…
Let’s Encrypt issues new Root and Intermediate Certificates
Read the original article: Let’s Encrypt issues new Root and Intermediate Certificates Let’s Encrypt have just issued a bunch of new certificates including a new Root and several Intermediates. These will bring some significant advantages so let’s dive in and…
The M140i project post – Part 10
Read the original article: The M140i project post – Part 10 Part 10?! When I started writing this series I did not expect to hit Part 10 and the good news for those appreciating these blog posts is that there’s…
Let’s Encrypt postpone the ISRG Root transition
Read the original article: Let’s Encrypt postpone the ISRG Root transition I was looking forward to something happening this month in the world of PKI that has had to be postponed for the 3rd time. Let’s Encrypt were going to…
Goodbye Feature Policy and hello Permissions Policy!
Read the original article: Goodbye Feature Policy and hello Permissions Policy! I talked about Feature Policy almost 2 years ago and it has seen great adoption since then. As things have progressed a name change has been proposed and accepted…
The M140i project post – Part 9
Read the original article: The M140i project post – Part 9 After another short break from writing about the car project it’s time to hit it again with Part 9 and quite a few items that you don’t need to…
Finding alternate trust paths the easy way; Introducing Chain Builder
Read the original article: Finding alternate trust paths the easy way; Introducing Chain Builder I ended up talking a lot about certificates recently and covered quite a few topics in a good amount of detail. To demonstrate something I’ve touched…
Finding alternate trust paths the easy way; Introducing Chain Builder
Read the original article: Finding alternate trust paths the easy way; Introducing Chain Builder I ended up talking a lot about certificates recently and covered quite a few topics in a good amount of detail. To demonstrate something I’ve touched…
Cross-Signing and Alternate Trust Paths; How They Work
Read the original article: Cross-Signing and Alternate Trust Paths; How They Work In my last couple of posts about CAs and Root Certificates I’ve talked about something called Alternate Trust Paths. As a result, many people have asked me questions…
Cross-Signing and Alternate Trust Paths; How They Work
Read the original article: Cross-Signing and Alternate Trust Paths; How They Work In my last couple of posts about CAs and Root Certificates I’ve talked about something called Alternate Trust Paths. As a result, many people have asked me questions…
The Complexities of Chain Building and CA Infrastructure
Read the original article: The Complexities of Chain Building and CA Infrastructure In my previous blog post I looked at the problem of expiring Root CA Certificates and why it exists and you should definitely read that post first. Now…
The Complexities of Chain Building and CA Infrastructure
Read the original article: The Complexities of Chain Building and CA Infrastructure In my previous blog post I looked at the problem of expiring Root CA Certificates and why it exists and you should definitely read that post first. Now…
The Impending Doom of Expiring Root CAs and Legacy Clients
Read the original article: The Impending Doom of Expiring Root CAs and Legacy Clients Regular readers will know that I’m very active in the CA / PKI space and even deliver a 2-day advanced training course on the topic. Over…
The Impending Doom of Expiring Root CAs and Legacy Clients
Read the original article: The Impending Doom of Expiring Root CAs and Legacy Clients Regular readers will know that I’m very active in the CA / PKI space and even deliver a 2-day advanced training course on the topic. Over…
Launching a brand new theme!
Read the original article: Launching a brand new theme! I host my blog on Ghost and they’ve announced some cool new features recently that I’ve wanted to use but never quite had time to implement. Well, that recently changed so…
Launching a brand new theme!
Read the original article: Launching a brand new theme! I host my blog on Ghost and they’ve announced some cool new features recently that I’ve wanted to use but never quite had time to implement. Well, that recently changed so…
Running dodgy programs safely with Windows Sandbox
Read the original article: Running dodgy programs safely with Windows Sandbox I’m sure many of you, like me, have needed to run a program for one reason or another and you just weren’t happy with the idea of running it…
The M140i project post – Part 7
Read the original article: The M140i project post – Part 7 Digging into the 7th part of this series now and it’s time to visit the chassis and handling again. Making a car go fast isn’t just about more power,…
Setting up HTTPS on the UDM Pro
Read the original article: Setting up HTTPS on the UDM Pro I recently upgraded my home network to the latest generation of Ubiquiti hardware and with new hardware comes the requirement to set a couple of things up again, things…
Setting up HTTPS on the UDM Pro
Read the original article: Setting up HTTPS on the UDM Pro I recently upgraded my home network to the latest generation of Ubiquiti hardware and with new hardware comes the requirement to set a couple of things up again, things…
The M140i project post – Part 6
Read the original article: The M140i project post – Part 6 I can’t believe we’re on Part 6 of this series now and things are still moving along at an awesome pace! Time to get hands on with a few…
Boosting my PC performance whilst working from home
Read the original article: Boosting my PC performance whilst working from home I’m sure a lot of you, like me, have been spending a lot more time at home recently. With this extra time at home comes the inevitable reality…
My Ubiquiti Home Network – V2
Read the original article: My Ubiquiti Home Network – V2 I’ve been using Ubiquiti networking equipment at home for quite some time now and I’ve honestly not had a single complaint to make. Recently, Ubiquiti reached out to me and…
My Ubiquiti Home Network – V2
Read the original article: My Ubiquiti Home Network – V2 I’ve been using Ubiquiti networking equipment at home for quite some time now and I’ve honestly not had a single complaint to make. Recently, Ubiquiti reached out to me and…