Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Troy Hunt Profile picture
@troyhunt
Apr 29, 2020 6 tweets 3 min read Read on X
Had a great panel on #covidsafe tonight with @alecdtucker, @matthewrdev, @GeoffreyHuntley and @kcarruthers. I had a bit of an epiphany on where I believe a lot of the misunderstanding is coming from so bear with me here:
A theme across my intro was that I encouraged people to ask not whether #covidsafe ensured privacy or not, but rather how it *changes* privacy from what it would be without the app. If you test positive, for example, how will privacy differ with or without the app?
The epiphany is that people are frequently associating digitised records directly with the app. They ask questions like “how will data from the app be protected on the server” but never seem to consider that even without the app, your data will still be on a server if positive.
For example: some people were unhappy that #covidsafe stores data on Amazon, but where is data stored if you’re *not* using the app and test positive? Because y’know it’ll go onto a server somewhere, right?
Or they’re worried that uploading data on contacts (something that only happens if tested positive) poses a risk. Do people realise they’ll be queried about their movements and contacts and that their answers will be digitised even with no app?
These are all (quite rightly) valid concerns, my point is that for the most part they’re equally valid with or without the app in its current implementation. You catch this thing and a whole bunch of your personal data is going to end up on a server somewhere. That’s the point.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Troy Hunt

Troy Hunt Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @troyhunt

Troy Hunt Profile picture
Oct 25
Was confused whilst doing my live stream just now why there was a sudden spike in DB usage on @haveibeenpwned. Turns out it was related to *dropping* this constraint:
ALTER TABLE [dbo].[Domain] ADD CONSTRAINT [CHK_DomainName_Pattern] CHECK (([dbo].[IsDomainValid]([DomainName])=(1)))
We'd decided a constraint that calls a function on every insert of a new domain was unnecessary; all it did was validate that the string adhered to the correct pattern, but because we controlled the upstream code, we could do that before it even hit the DB.
Read 5 tweets
Troy Hunt Profile picture
Oct 9
Hi folks, yes, I'm aware of this. I've been in communication with the Internet Archive over the last few days re the data breach, didn't know the site was defaced until people started flagging it with me just now. More soon.
Looks like someone compromised a polyfill JS file on a subdomain to inject the alert, but that doesn't explain the root site being down
Looks like a combination of things with the site being DDoS'd as well:
Read 9 tweets
Troy Hunt Profile picture
Oct 8
This was a very uncomfortable breach to process for reasons that should be obvious from @josephfcox's article. Let me add some more "colour" based on what I found:
Ostensibly, the service enables you to create an AI "companion" (which, based on the data, is almost always a "girlfriend"), by describing how you'd like them to appear and behave: Image
Buying a membership upgrades capabilities: Image
Read 21 tweets
Troy Hunt Profile picture
Sep 25
Another cool little @Cloudflare thing that snuck out recently is this very simple security.txt creator: Image
It's a simple form-based configuration that takes the basics of a security.txt file in the following interface: Image
Because @cloudflare sits in the middle of the traffic, they can then intercept requests to the appropriate path and serve up the file. Here's one I just created: troyhuntsucks.com/.well-known/se…
Read 4 tweets
Troy Hunt Profile picture
Jul 29
Our Aussie Cyber Security Act is going to be interesting to watch unfold not just in it's initial form, but as it evolves over the years. IMHO, great steps forward, but let's look at those arguments *against* it abc.net.au/news/2024-07-3…
"Business groups say the new disclosure rules, and the proposed $15,000 fines for failures to disclose a payment, could sink some small operators." - you only get fined if you don't disclose, so... don't hide the breach!
"They are also pushing back against the decision to include businesses with an annual turnover of more than $3 million, arguing the threshold is too low" - appx 90% of Aussies businesses have turnover <$3M/y, so the scope is still very small
Read 7 tweets
Troy Hunt Profile picture
Jul 19
Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode: Image
The issue is worldwide: dailymail.co.uk/news/article-1…
Hearing multiple reports of a Crowdstrike agent issue
Read 22 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(