The Host Unknown Podcast - Episode 148 - The Short And Not-So-Sweet Episode
Episode Date: April 21, 2023This week in InfoSecWith content liberated from the “today in infosec” twitter account and further afield19th April 1965: Electronics magazine publishes an article by Gordon Moore, head of researc...h and development for Fairchild Semiconductor and future co-founder of Intel, on the future of semiconductor components. In the article, Moore predicts that transistor density on integrated circuits will double every eighteen months for “at least” the next ten years. This theory will eventually come to be known as Moore’s Law and has largely held true to this day. Controversy exists over whether Moore’s Law remains applicable, however time will tell just how long Moore’s Law will continue to remain true. 19th April 2010: The OWASP Top 10 for 2010 was officially released.http://web.archive.org/web/20100628190859/http://www.owasp.org/index.php/OWASPTop10-2010-PressReleasehttps://twitter.com/todayininfosec/status/1251895022598803457 Rant of the WeekBackground: Capita IT breach gets worse as Black Basta claims it's now selling off stolen dataBlack Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant.A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion ($8 billion), originally said it hadn't yet confirmed if that data leak is legit."We are in constant contact with all relevant regulators and authorities. Our investigations have not yet been able to confirm any evidence of customer, supplier, or colleague data having been compromised."They stated that once they’d finalised their own probe, Capita said it will "if necessary" inform all parties affected in the security breach."We have taken all appropriate steps to ensure the robustness of our systems and are confident in our ability to meet our service delivery commitments," the spokesperson said.The technology outsourcer at first confirmed it had suffered an "IT issue" late last month, though didn't cop to it being a "cyber incident" until April 3.Over the weekend, the Sunday Times claimed the IT breach was worse than Capita has admitted to date: Capita has played down fears that personal and corporate information was accessed, though it appears the miscreants who broke into the business have started selling off that very kind of data, said to be lifted from Capita's systems.Capita has 'evidence' customer data was stolen in digital burglaryBusiness process outsourcing and tech services player Capita says there is proof that some customer data was scooped up by cyber baddies that broke into its systems late last month.The British listed business, which has around £6.5 billion ($8.09 billion) in public sector contracts, updated the London Stock Exchange thursday morning to confirm the criminals breached its infrastructure on March 22 and remained inside until “interrupted” by the company on March 31.“As a result of the interruption, the incident was significantly restricted, potentially affecting around 4 percent of Capita’s server estate. There is currently some evidence of limited data exfiltration from the small proportion of affected server estate which might include customer, supplier or colleague data.” Billy Big Balls of the WeekWe would have talked about “An earlier supply chain attack led to the 3CX supply chain attack, Mandiant says” if we were doing a BBB Industry NewsUK's SMEs to Benefit From New Cyber AdvisorsWhatsApp, Signal Claim Online Safety Bill Threatens User Privacy and SafetyNSO Group's Pegasus Spyware Found on High-Risk iPhonesNCSC Warns of Destructive Russian Attacks on Critical InfrastructurePolice Escape $1.2m Fine For Secretly Recording Phone CallsRecycled Network Devices Exposing Corporate SecretsChatGPT-Related Malicious URLs on the RiseDaggerfly APT Targets African Telecoms Firm With New MgBot MalwareNorth Korean Hacker Suspected in 3CX Software Supply Chain Attack Tweet of the Weekhttps://twitter.com/quentynblog/status/1649302927910002689 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
So we're going to wait much longer for him?
No, in fact, I've actually got news
I've had to take him off air, unfortunately,
following complaints about the comments he made
about the Indian education system last week.
Oh, yes.
That's right.
It's actually safer just to take him off air.
Is this a week-long ban?
Who knows?
What can I say?
Who knows?
Nobody knows.
You're listening to the Host Unknown Podcast.
Hello, hello, hello.
Good morning, good afternoon, good evening from wherever you're joining us.
And welcome to episode 148.
Episode 148.
152.
Blimey, what happened there?
My mic was on mute for some reason.
Oh my goodness.
I had actually said 152 in sync with you and uh yeah it's wasted so
so we we're taking one person off air for for being rude i think the other one should come
off for incompetence what the hell the microphone was on mute i know it's a classic pandemic excuse
isn't it it's uh i'm just bringing do you know what happened it's because you're on
a timer i'm on a timer and i didn't let my tea brew for more than 60 seconds which i think is
technically illegal is it an illegal color it is an illegal color uh so i'm a bit concerned
in fact you know i've got a spare tea bag here i'm actually just going to drop it in
you're not going to double dip.
I'm going to.
No, no.
I'm going to put a new teabag in.
Oh, a new.
Oh, I see.
Yeah, I do carry emergency ones in my bag.
Because technically it's also a breach of the peace
if you're walking around with your teabag
in your already milked teabag.
Yeah.
That's not right either.
That's just illegal too.
So blimey, you are skating on thin ice That's not right either. That's just illegal too.
So blimey, you are skating on thin ice by adding the second teabag.
Anyway, despite your teabagging, how's your week been, Andy?
What have you been up to?
It's been a busy week, but I was pleasantly surprised when you were demonstrating a new camera.
Yes. was pleasantly surprised when you uh you were demonstrating a new camera yes you sent a photo of a landmark which is literally outside my office yeah that's right so it turns out i've been you
know or the hotel i'm in at the moment is literally well i equidistance from the mcdonald's between us
exactly yeah uh which is i mean this isn't the first time there's another i've met up with
an old friend he probably remember mikey he came to us to uh 44 on one time uh he sent a photo to
a group chat from a mute you know of a mutual friend that he saw in london bridge station
and he said i just bumped into this guy in london bridge station i said oh what are you doing there
he said i work here i said no kidding so how long you work there he said two years i was like no way
it's nothing like staying in touch with your friends in college
well that's it we actually speak regularly anyway it's just yeah we we don't really do um do you
know what i'm thinking next time we meet for dinner we just need to cut jab out totally because we're
always trying to accommodate him we end up in a crappy place yeah miles in the middle of nowhere and
where he still orders the cauliflower yeah and like the two of us you know i think we should
just go with majority it's where we are so yeah absolutely mind you i did say you know we we did
struggle to to arrange a a dinner date as it were this this week and then i mentioned the mcdonald's
between us and you said oh well you didn't say didn't say there was a McDonald's on the cards.
Maybe I am free.
You know how to talk a man.
I know, you know, you say we might end up at a crappy restaurant with Jav.
It's a crappy, expensive restaurant.
Whereas you, well, let's face it.
You, well, let's face it.
Besides spanking significant amounts of cash on fancy equipment,
what else have you been up to this week?
What other spanking have I been up to?
Well, I was in London all week, as you know,
and actually it was good to sort of take the camera out on tour, as it were.
Realised I desperately needed a little tripod.
So that got delivered yesterday.
Don't. Just don't.
So I'll be using that next week when I'm up at the same hotel.
So that'll be good. So I'll post a link to the photo in the
show notes how's that let's uh let's let's satiate everybody's uh uh we've wet their whistle we've
wet their whistle absolutely absolutely um and uh yes got back yesterday did, did a Tice Talk, because as you know, I freelance stroke Moonlight as a Tice Talk host, which was very good.
It wasn't a mangle.
I would have actually said you occasionally moonlight as a CISO, but OK.
Yeah, they might be listening.
They might be listening.
They're probably not, but they might be listening.
Yeah, exactly.
So, yeah, it's good.
And it's my son's birthday today as well.
And this is like how we carbon date you, isn't it?
Yeah, that's right.
That's right.
You check my bank account for large amounts of money spent
at certain times of the year.
It's either my kid's birthday or... lego i've got a special sale on
yeah or or there's or there's new lego released exactly you know so
oh dear anyway so talking uh talking of lego specials let's see what we have built for you today See what I did there?
This week in InfoSec takes us back to the time of more computing power Round to the week is a nothing-to-see-here story
From the outsourcers who handle government tech contracts worth billions
Billy Big Balls is off-air today
Because, well, he couldn't be bothered to turn up
Our special guest didn't turn up
Yeah, exactly.
It feels like
Smashing Security.
Their guests are
forever not turning up.
In fact,
I think you were
one of them
on more than one occasion.
Industry News
brings us the latest
and greatest
security news stories
from around the world
and tweet of the week
is Musings
from an old man.
Yeah.
Well,
Musings, two old men really, but I guess he's cast as an old man. Yeah. Well, Musin's two old men, really,
but I guess he's classed as an old man now.
I mean, he still does look like he's 12, but yeah.
Anyway, nonetheless.
So, without further ado,
shall we move on to our certified favourite part of the show,
the part of the show we like to call...
This Week in InfoSec It is that part of the show where we take a stroll down InfoSec memory lane with content
liberated from the Today in InfoSec Twitter account and further afield.
from the Today in InfoSec Twitter account and further afield.
And our first story takes us further afield,
a mere 58 years ago to the 19th of April 1965,
when Electronics Magazine published an article by Gordon Moore,
who was Head of Research and Development for Fairchild Semiconductor and and at the time, future co-founder of Intel
on the future of semiconductor components.
And in that article, Moore predicted that transistor density on integrated circuits
would double every 18 months for at least the next 10 years.
And that theory eventually became known as Moore's Law.
And even better, it's actually largely held true to this day.
Although people do still, you know, pick holes in it.
I bet if you drew an average line through the chart,
it would be largely true, though.
Yeah.
It would have to be.
I can't see, you know.
And the only way it wouldn't hold true either as well
is if it's doubling every 12 to six months.
Yeah, but yeah, no, I mean, it's a long time ago.
It's not like people just messaging each other in real time,
bouncing ideas off each other on the wall.
You know, you're a very closed group.
So to come up with these sort of
theories that have stood the test of time is uh pretty impressive well they certainly stood the
test of the 10 years that he said they would and then and then some and then five times more yeah
see they don't build them like they used to these days they don't they don't all these all these um
you know gen zedders or whatever they are now i don't know but no you know that
they they just they just like to complain about stuff rather than just putting up and shutting up
you know whereas we just complain about stuff and don't do anything about it
no absolutely they they complain about stuff and then have the audacity to go and fix it
fix it so unless our second story takes us back a mere 13 years to the 19th of april 2010 when the os top 10 for 2010 was officially released and um was it only 2010 blimey well the os 2010 top 10
obviously so it has been really has been obviously redone.
So they had one in 2007, been updated to 2017,
and now obviously 2021.
And as I say this, I realise we did cover this a couple of years ago.
Well, obviously.
It's this year in industry.
You know, we've got to get our news stories from somewhere.
Yeah, if only I'd gone back to the original show notes
from a couple of years ago and copied this,
it would have been much smoother.
But yeah, we still see a lot of the same things in there, right?
Cross-site scripting, SQL injection,
been on there since day one.
Injection, broken authentication.
Oh my God.
Why?
I mean, I'm not a developer.
As we know, I am not a developer.
And I think part of the problem is that a lot of the people that develop apps
are not developers either.
Well, yes.
That's right.
And whilst that continues, yeah, we shall always have jobs.
But I don't understand how even the coding language that are used
do not look for these things
automatically anyway or do not allow things to go through i i this is this is the problem i have
with this yeah but there's so there's lots of tools that can do like verico do like a green
light tool it's like a spell checker when you're actually writing code and obviously you can do
various tools you can build into advanced things but but the top 10 should be built into every single kind of coding language that
might be susceptible to them yeah sure but then people charge right people want to charge for it
i don't know i don't know it's like it's like safety belts in cars right your your basics need to be covered if you want a roll cage and if you
want you know racing five-point harnesses and all that sort of stuff then go and pay for it but the
basics need to be covered i don't know sorry i'm i'm i'm one you're getting in the mood i'm one
part of the show ahead of myself yeah you got you got one toe in the rant of the week
well i got around about something i'm not sure about this week's rant but you know I'm so ahead of myself. You've got one toe in the rant of the week.
Well, I've got to rant about something.
I'm not sure about this week's rant, but this thing, it pisses me off.
It pisses me off.
It really does.
Basics, people.
Basics.
Why do you think I've lost all this hair?
Anyway, thank you so much, Andy, for pissing me off once again. And this week's...
This week in
InfoServe.
This is the podcast
the king listens to.
Although he won't
admit it.
Those little trumpet
coronation sounds are going to become
more and more relevant in the coming few weeks, aren't they?
Absolutely.
Yeah. What are you doing for the coronation?
I will definitely eat coronation chicken. That's a given.
And I shall definitely be drinking tea.
And I will definitely use it as an excuse to overeat for no other reason.
And take a day off work.
Yeah, maybe even leave the country as well.
Oh, really?
Well, I don't know.
There's a lot of good deals to get away for the weekend.
So, yeah.
True, yeah.
But, yeah, three of the four and a half weeks of May,
we've got a public holiday.
Beautiful.
It's three four-day weeks.
And can you believe people have the audacity to hate on the monarchy?
And the government that gave us it.
Anyway, let's move on.
Whilst we not only get ourselves even angrier at the thought of that,
but also our audience, let's move on to this week's.
Listen up!
Rant of the week.
It's time for mother f***ing rage.
All right, I'm going to...
I am a bit torn on this one.
It's about Capita, who've had an it breach uh it was announced what
was it march march 20th march 22nd was when it happened in march 22nd it happened in march 22nd
and it was interrupted by the company on march 31st now, there's a lot being talked about this capital breach, partly
because it's a large company. It's got lots of government contracts, billions of pounds, etc.,
and lots of finger wagging, and they should know better, and all that sort of stuff.
The fact that there was a just a nine day gap between when the attack started or when when they gained access to the accounts or to the system, sorry, when it was discovered.
Let's just put that into context of the industry average of six months, roughly, of when access is made into a system and when it's found.
So when you have got very professional, slick criminal gangs who are deliberately trying to get in very quietly and to not trip any defences
and all that sort of thing.
For me, nine days is not bad.
It's not bad.
It's not great, don't get me wrong,
but compared to an industry average of whatever it was,
170 days or six months roughly, it's pretty good.
It's up there.
It's not great that it happened, don't get me wrong.
But again, I've come back to this thing
and I'm glad Jav's not
here because he'll be
rubbing his hands with glee. But it comes
back to this whole thing of victim blaming
and how actually
it seems to me that the bigger the company
that are or
the bigger the celebrity,
if you get your manner broken into
and your crown jewels stolen,
the bigger you are, the more you deserve it.
Do you know what?
I am in Jav's absence.
I'm going to pick up his boxing, though.
So I agree with everything you've said so far.
Good.
But I feel you are letting
them off too easy for their lack of notification so they haven't got to that part okay cool
all right but thanks for reminding me
but then again then again uh you know it know, something as vastly complex as this.
We're what? We're three weeks exactly into April, right?
As vastly complex as this.
When did their first notification come out?
When was that?
March 22nd?
No, no, no. That's when it happened.
OK.
No, they did announce it reasonably quick but it wasn't until
the sunday times broke the article well on the third of april yeah yeah but they said but what
the sunday times was saying that the it breach was worse than capita has admitted to date now
given that they discovered it on the 31st and it was three days
we know what it's been like bottom line is somebody snitched let's face it uh otherwise
how on earth would the sunday times have found something you know something somebody snitched
um but to be fair in order for them to publish that statement on the 31st of March,
that would have been through their PR, their legal, their exec.
They would have had that info for days prior to that announcement.
Well, they would have had that info for days,
but they would have had the info that something had happened
and they're trying to ascertain it.
Maybe they didn't quite understand the
full extent of it or maybe it had to go through a metric fuck ton of lawyers before they said yeah
the data you know we've got some data that has been taken or whatever personal data it's like
and this is a whole point of breach notification is that you don't get to decide but you know how long it
takes to actually confirm that something's been taken you might suspect something what is it they
say you never say never say what you don't know only say what you know yeah so yeah they they
will have known because especially as that data has already been published on the dark web by the hacking group that's doing it.
Black Barista, is it, or something like that?
Yeah.
So they've already published snippets of the data.
Yeah.
So I think at that point.
It seems pretty quick to me.
I mean, certainly when you compare it to many, many others that we rightfully rant at here.
But I don't know.
I seem to think this timeline is not too bad.
Could it be better?
Yeah, probably.
It's not that bad.
Come on.
Do you know what?
I normally do defend this type of stuff,
but I can't defend the lack of notification.
But they did.
They did it.
They didn't.
Within days.
They were, no, they didn't notify individuals.
They didn't notify all their employees that had that data stolen.
All of that stuff has gone for sale.
When did they inform the ICO?
Let's see.
Yes, well, so they've been in contact with the ICO,
but they've not actually notified the affected individuals.
And the ICO would have given them advice on when
and what they should be doing, right?
Yeah.
Can we call up Stephen Bonner now and see what he says?
Yeah, that's right.
You mean our man on the inside.
Oh, sorry.
Yeah, but bleep out his name.
I haven't got time to bleep out his name we're on the clock here at the moment anyway anyway well i'm going this is exactly why
we rant anyway so this is this is part of it but you know on the whole i think it's it it was okay
you think it was less okay we're talking about days here rather than months which let's face it most of the rants
are about months you know in many cases about you got to raise the bar time you got to raise the bar
hey we do these things gradually you can't just you know jump in jump in with both feet the other
interesting part of this as well and this is a statement from capita as well so you know you
might want to sort of, you know,
take it with a pinch of salt and all that sort of thing.
But it says, they say, as a result of the interruption,
the incident was significantly restricted,
potentially affecting around 4%.
Did they give a percentage?
Oh, there we go.
4% of Capita's server.
You know that when you give a percentage,
it is actually far more serious than they are trying
for people to know about this
this is when you start counting the um dev servers like the decommissioned assets in the background
the shadow it that you refuse to acknowledge exactly i know i know they did they did give
a percentage yeah yeah but uh okay but nonetheless but it's all about the crown jewels, right, and where those are. But, you know, overall, Capita is such a challenging position. They've probably got a lot of, you know, a lot of legal challenges here. That would be my guess here. You know, if there's any delay, it's probably around, you know, getting legal authorization to do stuff. But nonetheless, I do think this is a, I wouldn't say a storm and a teacup,
but I think the level of outrage is...
Jeez.
I think you're going to be off air next week at this rate.
Hey, my name and contact details weren't in there.
I don't care.
So Capita, Host unknown have got you back rant of the week this is the easy jet of security podcasts let's be honest your cheap
ass couldn't tell the difference between us and a premium security podcast anyway Okay, so we would normally be going straight out to...
But we're not going to.
It would have been a good one about the supply chain chain attack on 3cx which was actually a supply
chain a check uh supply chain attack on one of their supply chains to get in there it's like
it was so meta oh well your man's not here anyway he's he's spending time elsewhere. But talking of time, Andy.
See what I did there again?
I'm on it.
I told you it'd be good.
I'm on it.
What time is it?
It is that time of the show where we head over to our news sources
over at the InfoSec PA Newswire, who have been very busy
bringing us the latest and greatest security news from around the globe.
Industry News.
around the globe.
Industry News UK's SMEs to benefit from new cyber advisers.
Industry News
WhatsApp and Signal claim online safety bill threatens user privacy and safety.
Industry News
NSO Group's Pegasus spyware found on high-risk iPhones.
Industry News NSO Group's Pegasus spyware found on high-risk iPhones. Industry news.
NCSE warns of destructive Russian attacks on critical infrastructure.
Industry news.
Police escape $1.2 million fine for secretly recording phone calls.
Industry news.
Recycled network devices exposing corporate secrets.
Industry news.
Chat GPT-related malicious URLs on the rise.
Industry news.
Daggerfly APT targets African telecoms firm with new MGBot malware.
Industry news.
North Korean hacker suspected in 3CX software supply chain attack.
Industry News.
That was this week's...
Industry News.
Huge if true.
Huge if true.
I was just clicking in the please escape $1.2 million fine.
When did we start converting stuff into US dollars to make it sound bigger
when we talk about the uk police
forces this is the uk police force this this is the us police what the hell i know this we're
gonna have to have a word with uh uh info security is it uh no it's our news sources over the infosec
pa news oh sorry yeah yeah yeah of course of course sorry sorry don't click the link people yeah
it's gonna give it it's gonna give out give away all of our sources uh so two uk police forces
have been reprimanded by the country's data protection regulator after covertly recording
200 000 phone calls with victims witnesses and suspected perpetrators of crimes.
So, oh, no, it's another one where the ICO's given their new approach to public sector enforcement,
which focuses on reprimands over monetary penalties.
Because they want that money invested in actually fixing it
because it's public money, which I get.
I get. I do understand it it but there has to be some
you know if that's the carrot what is the stick if the carrot is we're not going to fine you
because it's public money and we don't want to waste it what's the stick someone needs yeah
someone needs that whole accountable person thing yeah yeah absolutely i'm starting i'm starting to
agree with what you were talking about the other week uh so yeah so the problems stem from uh surrey and sussex police forces using
an app uh installing this app on their mobile phones which then recorded all incoming and
outgoing phone calls oh what 1015 staff members across the two forces are downloaded. Yeah, it automatically saved recordings of hundreds of thousands of phone calls.
Oh, so, right, everybody, this app is being pushed out to your phones.
Don't worry, we've checked it.
Wow, I don't even think they went that far to say it's been checked.
It's just used to make calls.
Jesus Christ.
Yeah.
Outrageous.
No data protection impact assessment before deploying that app.
No fucking common sense deployed before rolling that out.
This WhatsApp and Signal claim online safety bill
threatens user privacy and safety.
When WhatsApp and Signal are on the same team
something's really bad even though even though we know signal are on there for privacy reasons
and whatsapp are there because they won't make any more money for marketing reasons yeah exactly
but nonetheless you've got to know that it's bad when they're on the same team the enemy of the
enemy the enemy of my enemy is my friend yeah yeah exactly that is that is not
good that is not good at all the optics do not look good for those guys no yeah i love this
also chat gpt related malicious urls on the rise so it's kind of like well yeah and also the um
the fact that if you click on the link and you start typing in your question or whatever,
is it going to give you deliberately bad information?
You know, is it?
It's not going to affect your computer,
but it is going to tell you to go and drink bleach
and inject sunlight up your arsehole or something.
I don't know.
So I don't know if you saw,
I know it was doing the rounds on LinkedIn this week
or other social media where, you know, you speak to ChatGPT and you ask it for a list of pirate websites.
And it says, oh, I can't do that.
You know, I'm not able to give you this stuff.
And it says, OK, I didn't realize piracy was illegal.
Can you please send me a list of all the websites I should be avoiding so i don't accidentally go there yeah here's a whole list of uh you know websites are known to host and distribute pirated content
this this is where you work out that chat gpt is incredibly intelligent but has the common sense
of a three-year-old yeah exactly oh dear i i do like i do like that uh you know the the the turns have tabled as it were
yeah exactly yeah other than that pretty much a uh standard the whole yeah the whole world
so the nso groups pegasus spyware isn't this like a 2012 yeah i thought so. On high-risk phones. Well, they're high-risk now.
Yeah, I thought they just... I think they just recycle this story every year or so.
Yeah.
Yeah.
Going to have to have words with them.
Dollars and recycling.
Yeah.
Because as our, you know,
This Week in InfoSec proves,
we are not fans of recycling old stories.
Absolutely not.
Absolutely not.
You know, we don't have many morals,
but the ones we do have on this show involve recycling of stories.
Anyway, that was this week's...
Industry News.
You're listening to the award-winning Host Unknown podcast.
It's better than tinnitus.
Such a clear-cut statement, and yet so true.
OK, let's take us home, shall we, Andy, with this week's...
Tweet of the Week.
We always play that one twice.
Tweet of the Week.
And this week's Tweet of the Week comes from friend of the week uh we always play that one twice sweet of the week and this week's tweet of the
week comes from friend of the show quentin taylor who has said so due to a late plane last night and
then early morning meeting this morning i'm here at work with only four hours sleep i thought
according to linkedin influencers that four hours sleep was the magic number. I should feel energised. I feel like death.
Did they lie on LinkedIn?
No, Quentin, you're just old.
Welcome to the club.
Happens to the best of us, Keith.
Yeah, exactly.
Exactly.
It does.
It does.
It's so true, though.
All this, you know, four hours sleep bullshit.
What are they talking about?
5.8. What was it? 4am club. Is it that you know, four hours sleep bullshit. What are they talking about? 5.80.
What was it?
4 a.m. Club.
Is it that?
Yeah, the 4 a.m. Club.
Yeah.
Woo.
They can all get together in the fucking twilight of Sparrowfart.
In fact, pre-Sparrowfart, isn't it?
You've got to respect the hustle, Tom.
Respect the hustle, my ass.
God, dear.
I'm with Oscar Wilde.
Get a reputation for getting up early and you can stay in bed till lunchtime.
Because if you don't turn up somewhere, they think you're somewhere else.
Not in bed, because you get up early.
And I spent a lot of time getting that reputation.
Excellent.
Thank you for this week's... Tweet of the Week. that reputation. Excellent.
Thank you for this week's Tweet of the Week.
Well, that was a short one.
In honour of our...
In honour of our friend Jav.
Of our missing guest.
Yeah.
It was a short one.
So hopefully, well,
I'm not going to be able
to edit it until late tonight.
So if you're listening to this, apologies that you're listening to it on Saturday rather than Friday.
Apologies that you're listening to it full stop.
Well, yes, that too.
We'll just leave it there.
Yeah, exactly.
We can't do much about that, I'm afraid.
You know, we can impact a lot of things, but your sense of taste and common sense is not one of them.
So, Andy, thank you so much.
It was brief, but it was sweet.
Stay secure, my friend.
Stay secure.
You've been listening to The Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
The worst episode ever.
R slash Smashing Security.
We didn't say Eid Mubarak.
Oh, no, that's right, Gesundheit.
Yes, indeed, Eid Mubarak to everybody who has been watching the moon recently.
So is it official?
Has it happened today?
The moon was sighted.
I thought the moon was sighted last night.
Okay.
But, hey, I'm not an authority on this.
No, no.
I mean, I doubt it would have been sighted right now, in fairness.
I mean, the cloud cover alone is terrible.
But, yeah, okay, good.
So basically I'm guessing Javi's off. But, yeah. Okay, good. So, basically, I'm guessing Jav is off.
No, he was taken off air.
I told him not to come.
Yeah, no, I told him not to come this week.
Yeah, we need to protect the interests of both our Indian listeners.
Okay.