Scott Helme

Working around expired Root Certificates

Should clients care about when a Root Certificate expires? That's a bit of an odd question, and the first time I asked myself this question, the answer was a resounding...

Free Post

Let's Encrypt

Let's Encrypt Root Expiration - Post-Mortem

Well, the Internet Apocalypse came and went! Due to the recent expiration of the Let's Encrypt intermediate and root certificates, I saw more widespread issues than I was expecting, but...

Free Post

Let's Encrypt's Root Certificate is expiring!

On 30th September 2021, the root certificate that Let's Encrypt are currently using, the IdentTrust DST Root CA X3 certificate, will expire. You may or may not need to do...

Free Post

BMW M140i Project

The M140i project post - Part 15

I took a bit of a break from writing up my work on the M140i but I'm back and there are a few things I want to cover! This post...

Free Post

Open Redirect

The danger of open redirects!

Like everyone else, I get a lot of spam emails that range from downright annoying through to deceptive phishing emails that are really dangerous. Today I got one of the...

Free Post

Home Assistant

Creating a Home Alarm System with Home Assistant

I've not talked too much about my Home Assistant installation but it's absolutely amazing and I've just done something even more awesome with it. Creating a home alarm system was...

Free Post

Home Assistant

Setting up HTTPS for Home Assistant

I absolutely love Home Assistant and if you follow me on Twitter then you will have probably seen me talking about various awesome things that I do with HA. This...

I turned on CSP and all I got was this crappy lawsuit!

Free Post

CSP

I turned on CSP and all I got was this crappy lawsuit!

Yes, you did read that right. It turns out that enabling CSP on your website, specifically CSP nonces, is enough for you to get threatening letters about patent infringement! I've...

Here's another free CA as an alternative to Let's Encrypt!

Free Post

ACME

Here's another free CA as an alternative to Let's Encrypt!

As the use of HTTPS continues to increase across the Web, we need more support from Certificate Authorities that issue the certificates to make it all work. I'm a huge...

Setting up HTTPS on the UniFi Protect NVR

Free Post

Ubiquiti

Setting up HTTPS on the UniFi Protect NVR

I recently wrote about setting up a new CCTV system for my house using the UniFi Protect range and like all good bits of kit, it comes with a web...

Scott Helme

Hi, I'm Scott Helme, a Security Researcher, Entrepreneur and International Speaker. I'm the creator of Report URI and Security Headers and I deliver world renowned training on Hacking and Encryption.

Working around expired Root Certificates

Let's Encrypt Root Expiration - Post-Mortem

Let's Encrypt's Root Certificate is expiring!

The M140i project post - Part 15

The danger of open redirects!

Creating a Home Alarm System with Home Assistant

Setting up HTTPS for Home Assistant

I turned on CSP and all I got was this crappy lawsuit!

Here's another free CA as an alternative to Let's Encrypt!

Setting up HTTPS on the UniFi Protect NVR

Upcoming Events

Cheat Sheets

Projects

Upcoming Events

Cheat Sheets

Projects

Follow