Bob Lord
@boblord.bsky.social
Cautiously pessimistic, esp. about cyber things.
The owls are not what they seem.
🗻🗻🦉🌲🪵 🍒🥧☕️🍩 🕵🏼♀️ 👍🏻
Also: 🔐🔑🔒
The owls are not what they seem.
🗻🗻🦉🌲🪵 🍒🥧☕️🍩 🕵🏼♀️ 👍🏻
Also: 🔐🔑🔒
Pinned
Bob Lord
@boblord.bsky.social
· Dec 20
The Quiet HTTPS Revolution
In a recent post, I explained that the websites I visit on my Chromebook are almost all delivered over HTTPS. Better still, 100% of the…
medium.com
Reporters, this is a story worth covering. It might not be as glamorous as high-profile hacks, and it might not attract as many clicks, but it’s important. The quiet adoption of HTTPS has improved online security for billions of people, and it deserves attention.
medium.com/@boblord/the...
medium.com/@boblord/the...
Reposted by Bob Lord
Happy New Year!
May it be all that you hope for.
May it be all that you hope for.
January 1, 2026 at 8:06 PM
Happy New Year!
May it be all that you hope for.
May it be all that you hope for.
Reposted by Bob Lord
Reposted by Bob Lord
Here’s to 2026
December 27, 2025 at 11:34 AM
Here’s to 2026
Reposted by Bob Lord
Reposted by Bob Lord
I don't make many predictions, but I think here is a slow pitch directly over the plate...
As more companies turn to using AI generated code, criminal hackers and digital incident responders will be overwhelmed with work. #infosecmemes #dfirmemes
As more companies turn to using AI generated code, criminal hackers and digital incident responders will be overwhelmed with work. #infosecmemes #dfirmemes
December 26, 2025 at 3:00 PM
I don't make many predictions, but I think here is a slow pitch directly over the plate...
As more companies turn to using AI generated code, criminal hackers and digital incident responders will be overwhelmed with work. #infosecmemes #dfirmemes
As more companies turn to using AI generated code, criminal hackers and digital incident responders will be overwhelmed with work. #infosecmemes #dfirmemes
Reposted by Bob Lord
Cursor CEO Michael Truell warns that “vibe coding” advanced projects may create “shaky foundations” and eventually “things start to kind of crumble” fortune.com/2025/12/25/c...
December 26, 2025 at 4:10 PM
Cursor CEO Michael Truell warns that “vibe coding” advanced projects may create “shaky foundations” and eventually “things start to kind of crumble” fortune.com/2025/12/25/c...
Please tell me QR codes and juice jackers are on the list!
December 23, 2025 at 3:20 AM
Please tell me QR codes and juice jackers are on the list!
🎁 🎄 🎅 All I want for Christmas is…
links to the #hacklore you keep seeing 👀
You know the advice. Everyone repeats it. No one questions it.
Send it my way, and spread the word: www.hacklore.org 🙏
links to the #hacklore you keep seeing 👀
You know the advice. Everyone repeats it. No one questions it.
Send it my way, and spread the word: www.hacklore.org 🙏
Stop Hacklore!
Hacklore is a blend of hacking and folklore—modern urban legends about digital safety. Hacklore spreads quickly and confidently, passed from person to person as if it were hard-earned wisdom. But…
www.hacklore.org
December 22, 2025 at 11:28 PM
🎁 🎄 🎅 All I want for Christmas is…
links to the #hacklore you keep seeing 👀
You know the advice. Everyone repeats it. No one questions it.
Send it my way, and spread the word: www.hacklore.org 🙏
links to the #hacklore you keep seeing 👀
You know the advice. Everyone repeats it. No one questions it.
Send it my way, and spread the word: www.hacklore.org 🙏
☕ Here's your morning cup of hacklore! ☕ 😂
www.pcworld.com/article/3014...
Learn what really works against the most common attacks, and sign up for the newsletter!
www.hacklore.org
www.pcworld.com/article/3014...
Learn what really works against the most common attacks, and sign up for the newsletter!
www.hacklore.org
Leaving your phone's Wi-Fi on all the time is a huge risk, experts warn
Whenever you're in public, you should be turning off your phone's Wi-Fi and Bluetooth features. Don't underestimate the security risks!
www.pcworld.com
December 19, 2025 at 5:39 PM
☕ Here's your morning cup of hacklore! ☕ 😂
www.pcworld.com/article/3014...
Learn what really works against the most common attacks, and sign up for the newsletter!
www.hacklore.org
www.pcworld.com/article/3014...
Learn what really works against the most common attacks, and sign up for the newsletter!
www.hacklore.org
Reposted by Bob Lord
I also want to say thank you to the person who introduced me to the French word 'beaucoup' this year. It means a lot.
December 19, 2025 at 1:32 PM
I also want to say thank you to the person who introduced me to the French word 'beaucoup' this year. It means a lot.
🚨🧰 Small businesses, this one’s for you.
I made a few small updates to my cyber guidance for small businesses, based on recent conversations. Feedback is very welcome.
medium.com/@boblord/cyb...
I made a few small updates to my cyber guidance for small businesses, based on recent conversations. Feedback is very welcome.
medium.com/@boblord/cyb...
December 19, 2025 at 3:09 AM
🚨🧰 Small businesses, this one’s for you.
I made a few small updates to my cyber guidance for small businesses, based on recent conversations. Feedback is very welcome.
medium.com/@boblord/cyb...
I made a few small updates to my cyber guidance for small businesses, based on recent conversations. Feedback is very welcome.
medium.com/@boblord/cyb...
I wrote CISA’s Cyber Guidance for Small Businesses at the start of 2023. I’m biased, but I still think it’s one of the best starting points for organizations that aren’t sure how to begin a cybersecurity program. But if you could change one thing, what would it be?
www.cisa.gov/cyber-guidan...
www.cisa.gov/cyber-guidan...
Cyber Guidance for Small Businesses | CISA
Cyber incidents have surged among small businesses that often do not have the resources to defend against devastating attacks like ransomware. The security landscape has changed, and our advice needs…
www.cisa.gov
December 17, 2025 at 6:00 PM
I wrote CISA’s Cyber Guidance for Small Businesses at the start of 2023. I’m biased, but I still think it’s one of the best starting points for organizations that aren’t sure how to begin a cybersecurity program. But if you could change one thing, what would it be?
www.cisa.gov/cyber-guidan...
www.cisa.gov/cyber-guidan...
MITRE has released its 2025 “CWE Top 25 Most Dangerous Software Weaknesses” study! cwe.mitre.org/top25/index....
How is the software industry doing? Here are some thoughts:
medium.com/@boblord/rec...
How is the software industry doing? Here are some thoughts:
medium.com/@boblord/rec...
December 17, 2025 at 1:09 AM
MITRE has released its 2025 “CWE Top 25 Most Dangerous Software Weaknesses” study! cwe.mitre.org/top25/index....
How is the software industry doing? Here are some thoughts:
medium.com/@boblord/rec...
How is the software industry doing? Here are some thoughts:
medium.com/@boblord/rec...
Reposted by Bob Lord
December 15, 2025 at 5:55 PM
Reposted by Bob Lord
I don’t think we as a society have thanked @papapishu.bsky.social for obtaining, ripping, and uploading a master copy of the essential Ricky Jay And His 52 Assistants, Jay’s 1997 HBO special and the best distillation of his one of a kind talent archive.org/details/rick...
Ricky Jay & His 52 Assistants [1996] - RF Rip : Free Download, Borrow, and Streaming : Internet Archive
NOTE: DO NOT DOWNLOAD THE COMPRESSED MP4 THAT ARCHIVE.ORG AUTO-GENERATES. This is an RF rip of Ricky Jay and His 52 Assistants, to date the greatest card...
archive.org
December 14, 2025 at 12:42 AM
I don’t think we as a society have thanked @papapishu.bsky.social for obtaining, ripping, and uploading a master copy of the essential Ricky Jay And His 52 Assistants, Jay’s 1997 HBO special and the best distillation of his one of a kind talent archive.org/details/rick...
Reposted by Bob Lord
Wow. This is an absolutely terrifying read. We now live in an age when a single company can, through what appears to be plain old bureaucracy, can more or less brick your entire digital life.
December 13, 2025 at 12:27 PM
Wow. This is an absolutely terrifying read. We now live in an age when a single company can, through what appears to be plain old bureaucracy, can more or less brick your entire digital life.
Reposted by Bob Lord
Most people should use a password manager, but there's no one-size-fits-all recommendation. ssd.eff.org/module/choo...
Choosing a Password Manager
Password breaches are a common occurrence, and if you use the same password on every site, that may grant access to bad actors who try out that password elsewhere to get into your accounts. The best way to protect yourself is to use a unique password everywhere (and two-factor authentication,...
ssd.eff.org
December 13, 2025 at 3:58 PM
Most people should use a password manager, but there's no one-size-fits-all recommendation. ssd.eff.org/module/choo...
@zackwhittaker.com has some last-minute security and privacy gift ideas. He includes what NOT to buy, and includes a reference to Hacklore.org. Thanks Zack!
this.weekinsecurity.com/last-minute-...
🎅 👕 Stop Hacklore T-shirts make great stocking stuffers! 👕 🎅
www.bonfire.com/stop-hacklore/
this.weekinsecurity.com/last-minute-...
🎅 👕 Stop Hacklore T-shirts make great stocking stuffers! 👕 🎅
www.bonfire.com/stop-hacklore/
Stop Hacklore!
Hacklore is a blend of hacking and folklore—modern urban legends about digital safety. Hacklore spreads quickly and confidently, passed from person to person as if it were hard-earned wisdom. But…
Hacklore.org
December 12, 2025 at 11:56 PM
@zackwhittaker.com has some last-minute security and privacy gift ideas. He includes what NOT to buy, and includes a reference to Hacklore.org. Thanks Zack!
this.weekinsecurity.com/last-minute-...
🎅 👕 Stop Hacklore T-shirts make great stocking stuffers! 👕 🎅
www.bonfire.com/stop-hacklore/
this.weekinsecurity.com/last-minute-...
🎅 👕 Stop Hacklore T-shirts make great stocking stuffers! 👕 🎅
www.bonfire.com/stop-hacklore/
The "AP Cybersecurity Course Framework" document contains some hacklore about "The Dangers of Public Wi-Fi". If you have contacts there, can you please connect me? 🙏
apcentral.collegeboard.org/courses/ap-c...
Hacklore Central contact info: www.hacklore.org/about
apcentral.collegeboard.org/courses/ap-c...
Hacklore Central contact info: www.hacklore.org/about
About AP Cybersecurity – AP Central | College Board
Part of the AP Career Kickstart™ group of courses, AP Cybersecurity is a new career course that helps students develop the technical and professional skills needed for the high-demand, high-growth…
apcentral.collegeboard.org
December 11, 2025 at 11:56 PM
The "AP Cybersecurity Course Framework" document contains some hacklore about "The Dangers of Public Wi-Fi". If you have contacts there, can you please connect me? 🙏
apcentral.collegeboard.org/courses/ap-c...
Hacklore Central contact info: www.hacklore.org/about
apcentral.collegeboard.org/courses/ap-c...
Hacklore Central contact info: www.hacklore.org/about
🎅 🎁 A Stop Hacklore t-shirt makes a perfect Christmas gift for that special someone who stayed off the naughty list by not spreading hacklore! 😂 🔐
www.bonfire.com/stop-hacklore/
www.hacklore.org
www.bonfire.com/stop-hacklore/
www.hacklore.org
Stop Hacklore! | Bonfire
Hacklore.org exists to separate digital security myth from reality. . Note: Logo on black shirts and hoodies will not be visible.
www.bonfire.com
December 11, 2025 at 6:02 PM
🎅 🎁 A Stop Hacklore t-shirt makes a perfect Christmas gift for that special someone who stayed off the naughty list by not spreading hacklore! 😂 🔐
www.bonfire.com/stop-hacklore/
www.hacklore.org
www.bonfire.com/stop-hacklore/
www.hacklore.org
It’s time again for me to listen to my favorite cybersecurity podcast. Well, it’s technically about automotive safety, but I can’t help seeing the parallels to software safety. I hope you find it enlightening too! 💥 🚗
99percentinvisible.org/episode/nut-...
99percentinvisible.org/episode/nut-...
The Nut Behind the Wheel - 99% Invisible
In the past fifty years, the car crash death rate has dropped by nearly 80 percent in the United States. And one of the reasons for that drop has to do with the “accident report forms” that police…
99percentinvisible.org
December 10, 2025 at 10:36 PM
It’s time again for me to listen to my favorite cybersecurity podcast. Well, it’s technically about automotive safety, but I can’t help seeing the parallels to software safety. I hope you find it enlightening too! 💥 🚗
99percentinvisible.org/episode/nut-...
99percentinvisible.org/episode/nut-...
If you have recently taken your cybersecurity awareness training, did you see any examples of hacklore?
I’m collecting real examples of hacklore in the wild.
I’m collecting real examples of hacklore in the wild.
Stop Hacklore!
Hacklore is a blend of hacking and folklore—modern urban legends about digital safety. Hacklore spreads quickly and confidently, passed from person to person as if it were hard-earned wisdom. But…
hacklore.org
December 9, 2025 at 2:00 AM
If you have recently taken your cybersecurity awareness training, did you see any examples of hacklore?
I’m collecting real examples of hacklore in the wild.
I’m collecting real examples of hacklore in the wild.
@troyhunt.com Hi Troy! Any chance you'd have some time to update this website with the latest status? I'd be curious which of the top 2,000 websites do not correctly support HTTPS. 🔐🙏
whynohttps.com
whynohttps.com
Why No HTTPS? The World's Largest Websites Not Redirecting Insecure Requests to HTTPS
With the web rapidly becoming secure by default, "Why No HTTPS?" is a who's who of the world's biggest websites globally and by country still not defaulting to HTTPS.
whynohttps.com
December 7, 2025 at 6:59 PM
@troyhunt.com Hi Troy! Any chance you'd have some time to update this website with the latest status? I'd be curious which of the top 2,000 websites do not correctly support HTTPS. 🔐🙏
whynohttps.com
whynohttps.com
