In advance of the forthcoming data protection reforms affecting the UK, the government has declared that the new General Data Protection Regulation (GDPR) will take effect from 25 May 2018. Not sure what's involved? The Information Commissioner's Office (ICO) have an Overview of the GDPR. They've also produced a handy download, with steps on how to start preparing now.
Can’t believe it is Microsoft calling? - security expert David Massey provides a detailed summary of his call from Microsoft.
Want to see how closely you are being tracked when visiting a website? Check this out: https://clickclickclick.click
How to Safely Store Your Users' Passwords in 2016 is a timely overview of the options available for password hashing in popular programming languages like PHP, Java, Ruby and Node.js.
A cookie can last 7,984 years, according to new international privacy study. Insightful study on the subject of cookies and how websites are using them.
The Hostile Email Landscape: it's getting harder and harder to send emails these days.
If you use public Wi-fi in hotels, cafes, the airport etc. then be cautious; this is the advise from the Information Commisioner's Office Blog, who remind us that when we sign-up to use these "free" services the personal data we are obliged to provide (well, this usually depends on how desperate you are to get connected) will inevitably be sold to third-party businesses and used for future marketing purposes. So, even if it's just your email address (although I've personally seen some providers requesting full postal address and telephone numbers) when you agree to their terms of service you are practically consenting to receive spam.
From a legal perspective, the Data Protection Act (DPA) states that any personal data you share with these service providers can used for specified purposes (which includes marketing) so you should weigh up the pros and cons of giving away your email address. The best solution though is to create a new email address (like a Gmail account) and occasionally delete all the spam.
As more websites make the transition to delivering their content securely and encrypted, this SSL Server Test could prove to be a very useful service for assessing the quality of your secure certificate.
Remember this recent post about using HTTPS for serving secure content to your site visitors? Well, if you've thought about it, or need some extra persuasion to nake the move, then here's a very useful list of tips and tricks for using HTTPS on your site. There's also a few potential pitfalls to avoid too, like what to do if you're currently using Feedburner.