Weekly Update 105

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech Fabric

It’s another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and I just simply didn’t get time to push this out until sitting at the airport waiting for the plan home.

This week’s update is a little different as we did it at SSW’s recording setup in front of a live audience. Better video, better audio and some questions asked in the process too. Other than that, it’s business as usual: more keyloggers on payment forms, more data breaches and a massive extended validation smack-down.

Lastly, just as I went to publish this post, I noticed SSW had taken down the original video. I’ve reached out to them to get a new link, but I managed to download and publish the audio earlier on so I’m publishing that for now.

Weekly Update 105
Weekly Update 105
Weekly Update 105


  1. Scott published his blog post about Magecart coming for you (then right after that the NewEgg breach was announced)
  2. SRI is a super useful little browser feature (it doesn’t negate the need to review the code you’re running, but it’s not meant to either)
  3. EV is a dead duck (seriously, read that post if you haven’t already, it’s just an absolutely pointless security mechanism as it stands today)
  4. Tech Fabric are sponsoring my blog this week (big thanks to those guys for their ongoing support!)

Oh – and PayPal still has no EV either 😜

Leave a Reply