On this week’s show we’ll chat with Troy Hunt of Have I Been Pwned. He’s released version two of his pwned password service and API. Basically it lets websites check to see if a user’s password is one that he has in his dataset. Version two allows this process to happen without users having to send over a complete password hash to HIBP.
It’s making some waves already. It’s a genuinely interesting, free service.
In this week’s sponsor interview we chat with Trail of Bits security engineer JP Smith about all thing blockchain. Trail of Bits has gotten into blockchain stuff because, hey, we’ve all heard about the many, many security issues associated with things like Ethereum smart contracts, and when it comes to blockchain and Ethereum security, well, someone has to do it.
JP will talk us through some of the bug classes he sees as well as talk about the work trail of bits has done on its dynamic binary analysis software Manticore in terms of applying it to the Etherum Virtual Machine.
Adam Boileau, as always, is this week’s news guest.
The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.