The Host Unknown Podcast - Episode 17 - Sponsored by The Duchess of Ladywell
Episode Date: July 30, 2020This weeks show is sponsored, demonstrating Host Unknown's 200% performance increase year on year when it comes to sponsorship deals. Who wouldn't want to be a sponsor of our show with those stats?And...y's Percy Pig Problemhttps://twitter.com/trevolafoam/status/1288364716004450304?s=20Thom's Bonobo Problem Jav's Instagram Problemhttps://www.independent.co.uk/life-style/gadgets-and-tech/news/instagram-camera-spying-iphone-ios-14-feature-bug-a9641286.html... and the much anticipated return of the little people with the ineffable Lee Munson.That's a full show, and yet we still manage to fit in Industry news and an offer of free advertising for anyone who took out lifetime sponsorship packages at Peerlyst, which unfortunately closed its doors this week. Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
this what i did want to bring up is uh how happy i am tom that uh
your mother's going to be more closely associated with the show
the duchess of lebanon um whoa whoa what what hang on hang on what? Hang on. Hang on. What is going on?
You're listening to the Host Unknown Podcast.
Well, hello. Good morning. Good afternoon. Good evening. Welcome.
Well, hello, good morning, good afternoon, good evening and welcome.
After a little, slightly uncomfortable start there.
It wasn't uncomfortable for us, Tom.
Mr Malik, how are you, sir?
I'm good, thanks, I'm good. I'm so glad that we got the right Langford involved in this show this time.
Right. Yeah. Moving swiftly on from you, Mr. Agnes, how are you, sir?
Just echoing Jav's comments, really.
I think we're really making progress in terms of having the right Langford involved in this show.
Well, yes, it's true. It's true.
My mother has become a sponsor of the show.
Her comment to me was, you know, why aren't your family members sponsoring the show as well?
To be perfectly honest, you know, it always falls to the Langfords to shoulder the lion's share here.
Because me and Andy don't get pocket money from our parents anymore.
We have to go out and earn our own.
It's not pocket money it's an allowance
did you uh tell me this did you actually invoice your own mother
no no no well i mean or is this a cash in hand job that the tax man
all i did was add a line item in the normal invoice for every month.
Oh, dear.
The cost of being a good son is going up.
Damn straight.
Damn straight.
You know, if she wants to talk about a prodigal son returning,
well, that's extra.
Did you put that line item above or below the one where you charged her
for not cutting the crusts off the sandwich.
Oh dear mum.
I know you're listening because you'd certainly listened to last week's show.
Thank you very much.
We,
we certainly appreciate it.
It's that money is now rattling around at the bottom of our empty bank account
paying for our annual fees on running this thing.
More likely Tom's local takeaway has seen the benefit of that cash.
Actually, I'll be honest, since moving in by myself,
I've cooked every meal
myself every night um i would dispute the word cook yes uh i mean prepared i would accept but
cooking it's a bit a bit of a loose
great i've been sending you pictures and everything. It looks beautiful. Yeah, I actually thought that burger you sent a photo of,
I actually, on first glance,
thought it actually had ketchup in the middle of it,
where it was just pure blood.
I thought you'd somehow hand-rolled it
with a big dollop of ketchup.
It's got to be juicy.
It's got to be juicy.
the ketchup but um it's gotta be juicy it's gotta be juicy but yeah i've i've um i've been uh making the most of the delights of the george foreman grill that i was i was gifted um and
it's great it's so quick and easy god i don't know why they should do adverts on telly for these things but uh but yes no takeaways no takeaways at all um so uh not even
you know my favorite um you know curry house takeaway the akash of chippin them um not even
from them yet so i haven't quite fallen into full bachelorhood just yet
so what have we got for you today and we say this every week and we say the same thing every
week um we've got the tweets of the week that's coming from andy we've got the billy big balls
from me uh or in fact this week it's going to be the bonobo big balls i think uh rant of the week
from jav and well it's become a bit of a running piece every week uh will we have a little people today
jav or is it a little is it little people surprise it is a surprise i do have one actually
people off the internet um what andy's heard it but you haven't tom and this all become clear
heard it but you haven't tom and and this all become clear we'll add it in post we'll add it in post will we okay so i still can't hear it okay um so talk about being torn here it's like
50 yes we're actually going to have a full feature set and 50 oh cock what have you guys gone and done um well we'll see we will see so what
we've been up to this week um andy just as busy as normal uh busy as normal i think um i am not
a lawyer as uh you may be surprised to hear uh i've just been kind of buried in legal and
regulatory requirements from other regions and obviously pretending to be a subject matter expert on the opinion,
as I'm sure many people in our industry do.
One page ahead in the book.
That's all you need to be.
Subject matter Googler.
I am.
Yes.
SMG.
Yeah.
I like that.
I'm going to use that.
I'm going to steal that and call it my own.
Just like everything else.
I'm going to use that.
I'm going to steal that and call it my own.
Just like everything else you say, I steal.
Oh, dear.
Jav, what about yourself?
Me?
I've been, well, I've been raising the next generation well, I think.
I don't know how this happened, but my daughter,
she received a WhatsApp phishing message last night.
Oh, yeah.
It was just from a UK number. It said, oh oh we've detected unauthorized access on your paypal account visit this link to
remove the block uh so she she immediately knew this was a scam a because she doesn't have a
paypal account but b because she she knows these things So she replied with the script of B-movie in Morse code.
Please tell me it was an audiophile.
No, it was written out, but it was hilarious.
Nice.
So she was allowed an extra suite last night before going to bed.
An extra suite last night before going to bed. An extra suite.
The next generation are something I'm very much hopeful for,
for the future of our country.
Especially after the TV show.
That was brilliant.
Oh, my God.
Come on.
All right, moving swiftly on.
Moving swiftly on, yes, indeed.
So we shall talk more about sponsors,
because obviously they have paid.
They have.
Mother, you have paid for a slot.
Not sure what we're going to say.
We address your mother as the Duchess of Ladywell.
That's correct.
Mother, I think that's very.
Absolutely.
I think that's using her formal title
as bestowed upon her by the subjects of Ladywell.
But yes, absolutely.
Duchess of Ladywell.
Or if you're a builder, Duchess.
So, yes, let's move on.
Why don't we...
Oh, jeez, I've lost everything on here.
Ah, here we go.
Yeah, so why don't we go on to the...
Tweet of the week.
That was really impressive.
You are getting faster.
I was about to say.
I nearly had heart palpitations
because I thought I was going to crash it,
but that was perfect.
You pressed it five seconds before you wanted to move on.
I think I pressed it just before I started recording this episode.
So, Mr. Cluley, if you're listening, there's no gap.
Gap.
Anyway, I'm going to prove I can do it again.
Yeah, and as he knows, we don't fix stuff in post.
What you hear is live.
We are au naturel.
Okay, so why don't we talk about this week's
tweet of the week so this is uh one which i was amused by so i can't remember how i ended up on twitter um i received a link for something and uh obviously i opened up twitter and i hit the home page and uh the usual
bile and uh just uh bile and hatred yeah and toxicity which uh goes about but uh at the top
of my timeline was a tweet which i was amused by and this caught my eye for many reasons uh one
uh because i've worked in offices which are very close to Marks and Spencer's
I have a Marks and Spencer's, you know, like the little shop, petrol station
Very close to my house
So whenever I frequent these places
One thing which will always make it into my basket
Is a packet or two of Percy Pigs
Which you may be familiar with.
They are the, I guess,
the M&S equivalent of Haribo
or that genre of sweets.
But to be clear, these are M&S ones.
They're not just your average gelatine
and pork wine.
This isn't just hooves and lips.
This is M&S, hooves and lips. is m&s hooves and exactly yeah and uh so this
was about an article which has come out the national food strategy report um is accusing
marx and spencer of false virtue in the display of its ingredients of sweets um and they're
accusing m&s of uh sort of implying that these sweets are uh you know sort
of pink sweet cute and all natural um which i would be astounded if anyone thought that these
sweets were full of uh natural goodness and were actually you know counted towards one of your five
a day one of your five animal products a day yeah exactly so i guess that you know, counted towards one of your five a day. One of your five animal products a day.
Yeah, exactly.
So I guess that, you know, one of the reasons these are so popular
is they also have vegetarian, you know, equivalents.
They're lovely, the veggie purses.
Yeah, and, you know, they've got a real nice texture and consistency to them.
It's slightly thicker, isn't it?
Yeah.
It's slightly more chewy, yeah.
Yeah, and I'm a big fan of them and um as uh
my wife is also partial to the odd one or two when i've got them and she's vegetarian so uh you know
must be a winner uh you know treat for the family this uh tweet that uh accompanied this article
uh or rather in response to this article um there's a guy from trevor callaghan and he says i just want to be
clear that i have never been misled by a bag of percy pigs i knew what was getting into i knew
what i was getting into i'm kind of disappointed there's only four forms of sugar in them
i mean these streets they taste good, you know, and to me...
Of course they got sugary.
Exactly.
And this is, yeah, who is, who genuinely thought that these were all natural products that were just good for you?
And I'm glad that this guy just kind of called it out in such a simple way.
Good on you, Trevor Callaghan.
Exactly.
Because I think, you know, what the report's actually pointing out
is the fact they're saying this is made with real fruit juice.
As if that is the line that is going to convince you
that these things must be good.
You mean fruit juice that has sugar in it?
Yes, exactly.
That type of fruit.
I mean, it's all just sugar at the end of the day.
Fructose, glucose, sucrose, whatever. It's all just sugar at the end of the day this you know fructose glucose sucrose whatever it's
all just sugar it's just in a slightly different form as he said different forms of sugar in it
um but yeah it's still just sugar so if you know if you can't work out that you know with with
fruit juice they're using the fruit juice to sweeten it because fruit juice has sugar in it i mean no
sweets will ever be healthy right you know the clues in the no yes yeah yeah yeah yeah once
someone invents uh something that's sweet tasting that is uh you know entirely healthy for you
that person will become richer than uh yeah and by the way oranges apples and bananas don't count yes no
unless they're foam bananas um terry's chocolate oranges or or um what's your apple
improved by the by by basting it in sugar.
No.
You know, speaking of these sweets,
I can't remember whether it was here or whether it was in America,
but I got a packet of, in vegetarian, jelly beans once,
and it had a logo on it saying,
approved by the Heart Association.
It might be the American Heart Association. That would be American. Yeah, approved by the heart association it might be the america it might be the american
that would be american yeah approved by the american heart association it had a green little
heart made out of it and i was looking at it thinking hmm i'm shocked there's gambling going
on in this casino yeah exactly and this is the uh the country where, you know, famously, you know, you can pay doctors to recommend your products to patients.
You know, capitalism at its finest.
It is indeed.
My goodness.
Well, I think that's a pretty good tweet because I think that sums it up,
I must admit.
So I think that definitely counts for this week's.
Tweet of the week you know what i was just thinking we need trevor callaghan to read
some reports that are published by security researchers and vendors and the like
and just come up with his own take on them cut to the chase yeah yeah so if if you're listening trevor you are uh at travola foam
there's got to be a story behind that but uh at travola foam on twitter if you're listening
come join us we'll send you a security article and we would love your three-line take on it
um if you could throw in sugar, then eat all the better.
Oh, dear.
So I think we've kicked off the Host Unknown
information security podcast really well there.
I think we've really hit the industry on the head there.
You know, as an information security community advice show.
Let's hope that changes in the next link.
Go on, Tom.
Oh dear. Anyway.
You're listening to the host unknown podcast.
More fun than a security vendor's briefing.
Yes, you are.
We're going to have to update these jingles at some point,
perhaps when we reach episode 25 or something like that.
You know, they cost a bit of money.
They don't come for free.
And, you know, as much as we appreciate the allowance,
Mrs. Langford senior the duchess
of lady will has provided us that's not enough to change the jingles we need some real hardcore
sponsors for that yes we do yes we do i tell you should we get straight on to the um bonobo big
balls and then um then we can uh um perhaps start chasing chasing for more sponsors.
I mean, let's face it.
We've now had two sponsors.
That's not a coincidence.
That's not a freak happening.
We're obviously worth sponsoring.
And we're 200% up on last year in terms of sponsors.
We are.
Yeah, we are 200% up.
Who else is showing 200 200 growth year on year
oh in their in their sponsorship especially during times of the of the uh rona indeed
indeed right okay let's get on to the billy big balls of the week All right, this one is me.
This was in the Sunday Times on Sunday.
It's behind a paywall, I'm afraid, but I'm sure we can put a...
So I had to send the two chaps here a screenshot
because I know they wouldn't be able to afford to get behind that planet.
What I like about this, if I can just say,
is it's clearly a screenshot from your giant iPad.
I had to shrink it down to try and fit it
into the show notes.
No, no, no, no.
This is the line.
So Tom's got a different iPad.
This is clearly from the Duchess of Ladywell's iPad.
It was round there.
She's the one that subscribes to this, not Tom.
No, actually, I just use my mother's subscription.
Anyway, let's move on.
So Knowsley Safari Park park which is uh up north um has a problem so as
you know many safari parks have um you know monkey and baboon and uh enclosures that um you drive
through and they're all netted off and basically if if you ever wanted to pay money to have your car destroyed this is how
you do it um because you drive in and they start pulling off windscreen wipers um friend of mine
oh was it passing car or passing plane that was a uh passing lorry did you actually hear that
because yes i did okay so i've got my windows open at the
moment you spent too much on your microphone it's too good yeah um so god i don't know and so um
and in fact a friend of mine went into one in a sort of an old land rover and these little
bastards started peeling off the rubber ceiling around the around the windows that would actually
the windows would literally have popped out they're relentless um yeah exactly absolutely relentless and it's it's all part of the fun but you know and they
yeah when it's not your own car it's part of the fun yeah when you're watching the one in front
yeah exactly um and you know they do unspeakable things on the bonnet of the car and all that sort
of stuff but nosely safari park uh possibly because it's at location, I don't know, you know, up north, has a problem.
So I believe that they are bonobo monkeys,
hence the bonobo big balls.
And they have been seen approaching cars
armed with knives and screwdriver,
approaching cars armed with knives and school drivers,
which I think, I mean, is that a Scouser problem? That's definitely a Scouse thing.
Hey, you ever met my mate Stanley?
Stanley, yeah.
You ever hear that at a football match, you know you're in trouble.
As a Scouser.
you ever hear that at a football match,
you know, you're in trouble.
What's the,
what's the,
um,
the,
the,
the,
the BNQ own brands.
Hey,
have you met my friend dial?
Anyway,
excuse me.
So they don't know if they've nicked these out of toolboxes out the back of
pickups and things like that they've nicked them out of toolboxes let's face it um or if people
are actually giving them that but yeah although it's you know the headline you know the headlines
in things they normally sort of you know that's the thing. And the story is a bit of a letdown afterwards, right?
It says the headline is Safari Park for Booms, armed with knives.
Later it goes, armed with knives, blah, blah, blah.
Keepers have even seen a bonobo monkey with a chainsaw.
That's my favourite part.
That should be the headline, surely.
You imagine you're sitting in the car,
watching the car in front getting its hubcaps ripped off
and then some monkey just casually walking towards you
with a chainsaw.
Looking at you straight in the eyes.
With a face made out of the skin of his victims.
Necklace of ears or whatever. Yeah. Oh, dear. off his victims.
Necklace of ears.
Yeah.
This is just brilliant.
You just wouldn't believe this was this country.
I know.
I know.
I mean, if it was America,
it wouldn't have even made
page four or whatever.
It's like, you know,
chainsaws,
why haven't these got guns? They should know their rights.
I mean, that's the next stage, right?
But anyway, just
brilliant story and I just
if 2020
couldn't get any worse,
it's the fact that Safari Park
monkeys now
are armed with knives, screwdrivers
and chainsaws.
Oh dear.
So I could not resist that one.
I could not resist that one.
I thought that was absolute genius.
And the fact that these monkeys are just, you know,
taking it up a level.
Brilliant.
Brilliant.
So that was this week's Billy Big Balls of the Week.
Sorry, Bonobo Big Balls.
Thank you, Andy and Tom, for those two brilliant information security stories on our podcast.
You can tell we're sort of losing interest slightly, can't you?
So I have actually been mugged by monkeys before.
Really?
Yeah, me and a group of friends.
Not just northern monkeys.
Not just northern monkeys.
This was in Bali, we were.
We went to this sort of monkey temple.
And you've got all the sellers outside
selling you big bunches of bananas,
you know, as tourists to take in.
The idea is
you feed the monkeys is it like the high street get your bananas here pretty much yeah but
more uh uh you know sort of gesturing with hand motions and sort of like laughing when they they
say what the price is and then like you know you settle on something which is clearly above you
know cost anyway but they uh you know they act like they're hurt but
they're still prepared to sell them to you and you know you act like uh you know you're okay with it
where when you actually realize you put the the decimal point in the wrong place and paid
a lot more than you should have for uh you know bunches of bananas uh anyway myself and uh friends
we walked into this uh monkey temple this big monkey park and it was amazing
that you know we had these great big bunches of bananas in our hands and a couple of monkeys came
up in front of us all kind of cute and we thought oh they're really nice literally just about to
break one off a bunch and hand it to the monkey and we got ambushed by about 20 monkeys behind us
and it's clearly some sort of distraction
scam that they've got going on and um they just the ones with the really big eyes in front of you
yeah they just literally ripped the bunches from our hands and we didn't see it coming at all and
then you know the two that were in front of us ran off with the rest of the pack and um we probably got about 10 meters inside the inside the park when this happened so uh yeah very
clearly a big tourist scam and wouldn't surprise me if those monkeys were trained to then give them
back to the vendors yeah they keep one commission and they have to hand the rest back yeah did the
two monkeys in front you know after after the ones behind it, grabbed the bananas.
So just before the two monkeys in front ran off,
did they do sort of like the wanker song?
Yeah.
Not far, yeah.
Just the chuckle in the middle finger.
That's right.
Oh, man.
See, this is where the pigeons at Trafalgar Square were going wrong.
I think had they been more savvy, they'd still be around.
Do you know what?
All the pigeons need is a flick knife and then they'll be fine.
They could learn a thing or two off monkeys, let's face it.
But, yeah, that park is well known for monkeys ambushing tourists, isn't it?
Well, not well known to me when monkeys ambushing, um, uh, tourists, isn't it? Uh,
well,
not well known to me when I arrived there.
I think,
uh,
probably after experiencing it.
Yeah.
Yeah.
Well,
I've seen,
I've seen a few videos of it and,
you know,
literally dropping from the trees onto people's heads and stuff like that.
Just trying to get the,
uh,
the bananas,
but yeah,
man.
Oh dear. So dear so um you know
sponsors we want to talk about sponsors and in fact something happened earlier this week that's
um and and bear with me is might be a little bit long form but um our industry has uh lost a, how can I put it, a stalwart, a meeting place of minds with the closure of PeerList.
Did you guys read about this?
Yes, I did.
Yes.
So PeerList is going to go.
Brought a tear to my eye.
Yeah, yeah, absolutely.
Were you laughing hard or something but um but no seriously peer list has been around for what five years something like that
and it was um you know created by security professionals for security professionals it was a
um contributory platform i think you know so you'd write for peer list and you would connect
to it and they had a job section and obviously they'll take advertising things like that so
um but they closed is it it was um tuesday this week something like that was it
yeah probably oh i thought it's gonna be end of the month i i don't know oh they announced
middle of this week didn't they um and so i i was And so I was a lurking member of PeerList
and I'd been involved in a couple of articles on there.
In fact, actually, my biggest story with PeerList
was I got disinvited from a lunch at RSA by them
when I left Publicist because I wasn't a CISO anymore.
Well, as you know, as soon as you lose the title,
you automatically lose all knowledge, which goes with that position.
Absolutely. And my IQ points went up about 30.
But yes, that was my real interaction.
But that's not the point of the story.
That's not what I'm trying to say.
So, yeah, it's a sad time when you've got something
that's built you know,
built by security professionals for security professionals closing down.
I'm not entirely sure.
Obviously, the financials weren't working.
That's the reason why things closed down, I guess.
But what did catch my eye was I happened to look at PeerList
and some of the sponsorship packages,
and they had one that was list your product for $999.
Your page will stay forever.
And that was there last week, which is a little bit of a problem
if you just hand it over that money.
So I thought, here's the trick.
So I thought we will honour anybody who can prove they've paid the
thousand dollars for a forever listing we will honor that sponsorship for one episode what do
you reckon um i think it's a clever way to you know like the old 419 scams and uh things like
that where hit me out so this is clearly a method.
So you know how a lot of these scammers have bad spelling and stuff like that.
And the intelligent people look at it and say, oh, my God, how would you fall for this?
It's got terrible spelling, terrible grammar.
This doesn't make sense.
That stuff is deliberate to actually identify the people who are not smart enough to determine it's a scam.
So are you suggesting that anyone that fell for the peer list lifetime
advertising offer is someone that we want sponsoring this show?
Because if that's the direction you're going, I'm all on board.
Yeah. I mean, exactly. Yeah.
Well, what we're doing is we're giving you a you know a try before you buy it
yeah yeah so so so here's how it works folks um if you could prove to us that you paid
999 to peer list for that lifetime we'll give you one episode for free well it's free the
advertising will be free there will be a slight admin charge. If you could Western Union the money to us, that would be perfect.
But other than that, it will run.
It's all legit.
You can send us your little segment and we will do it.
We'll do the full pre-roll, mid-roll and post-roll thing for it.
So you get the full suite.
You'll get a feel for the whole thing.
So you can either record something
or send us some text to read out um we'd like the choice of music in the background while we read
your stuff out just because that'll be hilarious um but um but yeah we'll we'll do this we'll do
this that's how desperate we are for sponsors and had PeerList advertised with us, maybe they wouldn't be shutting down.
Well, you know.
It's just an example of what could happen to you
if you don't seize that opportunity.
Yeah.
Absolutely.
I mean, let's look at it this way.
Let's look at the evidence that backs it up.
Smashing Security, that little-known podcast,
they sponsored our show.
Have they gone out of business?
No. No. Mrs. Langford Senior. that little known podcast they sponsored our show have they gone out of business no no mrs langford senior is she still not the the the uh lady of the duchess of lady or the lady of dutch
the lady well of dutch yeah yeah yeah she's still going she's still going yeah absolutely so there's a hundred percent proof return on
investment yeah with a brand that's growing 200 year on year while keeping their costs down
during the roaner i'm surprised we don't have vcs just like knocking on our door right now
i know and venture capitalists yeah
i don't know why we'd want people with medals coming to our door though
but you know
nonetheless
so yes
if you're listening
this could be you
I think we're trying to say former PeerList sponsors.
Come to us.
You know it's the right thing.
What did you say, Jav?
I said some company that sponsored PeerList.
Oh, dear.
Andy, what have we got next?
Industry news.
Our reliable sources over at the InfoSec PA Newswire
have been very busy bringing us the latest and greatest security news.
Indeed, I've got high hopes.
They have been hitting six for six, our InfoSec Stig,
six for six for about the last three weeks running, right?
Yeah, on a very good roll at the moment.
Yeah, yeah.
Okay, so let's move on to...
Industry News.
Sheffield Hallam University
confirms Blackboard linked data breach.
Industry News.
Oh, it's me.
Garmin confirms cyber attackers
ransomware recovery rumoured.
Industry News.
Nation state attackers shift to credential theft.
Industry news.
Qualis announces spell security acquisition.
Industry news.
Why are there so few stories this week?
Industry news.
And someone can't spell acquisition properly.
Industry news.
That is...
That was...
Industry news.
You wouldn't believe how often I see the misspelling
of the word acquisition.
Yeah, acquisition.
Yeah.
Acquisition.
Yeah.
You'd expect the editor to pick that one out
before it got published, wouldn't you?
Yeah, I don't know.
I hope he gets marked down
in his performance review.
Yeah, exactly.
We crashed the jingles there a little bit,
but hey, you know.
That's showbiz.
You can tell that this is a handmade
product as a result.
It's like the Etsy of podcasts.
that this is a handmade product as a result.
It's like the Etsy of podcasts.
Yes, slightly shit.
No, no.
I like to think of it as because there's no post-editing,
it's like no safety net.
We're like the Tom Cruise of podcasts.
We do our own stunts.
That's true.
And I just did the equivalent of breaking my ankle. Yes, exactly.
Through that particular thing, yeah.
Oh, dear. But, yeah, Halfway through that particular thing, yeah. Oh, dear.
But, yeah, four stories.
Come on, Stig, what are you up to?
Well, it is nearly August.
It's probably like, you know, getting ready for the summer holidays.
Winding down, yeah.
Getting their beach body ready.
Oh, dear.
Okay, so apparently we've got to talk about one of the above stories of to reference oh here
we go uh i noticed the uh credential theft one um because i our resident media whore
um posted something which i'll admit i didn't read yet uh is that a friend of the show friend of the show javad malik um and i noticed
i know tom you uh sort of took the uh mickey out of the infographics that he inserted
um oh yes his story he's sort of gone full management consultant no i i took the mickey
out of them myself i i told you i inserted them when writing it as a joke.
And I was sure that our editor would strip them out.
So when I submitted it, our editor came to us and said,
I've got a question about the charts.
And I was like, oh, there we go.
They're going to get it.
I said, yeah, what's that?
And they were like, can you cite the source for them?
I was like, yeah, sure. They they're me i created them okay and so you
see them i'm i'm scrunched as a source on all the charts so so um jav's employer if you're listening
jav does not take his job seriously you know what i uh many times um and two examples that
spring to mind of when you realize you don't joke in professional documents.
So one back in the day when I was applying for a job, I asked a friend of mine to print out my CV.
This is back in the day when you print your CV, take it with you to an interview.
And he basically modified my CV, added something like, you know, this early jobs, you know,
I'm good with money, you know, I fiddled the tills at, you know, establishment, blah, blah, blah,
never got caught, you know, as a positive, as a strength of the job, and I never knew about it,
and I saw him in the evening, he was like, how'd it go, and then, you know, he was laughing,
and then he came into my room, and he saw he saw like these cvs that were printed on the side
he's like why are those ones there and i said oh i took the other ones and he's like did you read
them before you took them i'm like no why would i and obviously he had modified it um and i never
actually heard back from that job funny enough so i So I think I know the reason why. But the other time was, you know, my previous company,
our MD was sort of anal for, you know, reviewing stuff before it went out.
And we had a requirement from an important client of ours
who wanted to see our pandemic plan.
This is when the bird flu, avian flu was big.
Was it bird flu or swine flu?
Whichever one came through.
They wanted to know that as a vendor, we were able to continue, you know, in that.
And so, you know, I basically created this pandemic plan on the fly, as you do, to send to the vendor when you're a startup.
And for a joke, I actually put, you know, that when someone coughs, you know, the first time someone coughs,
when someone coughs, you know, the first time someone coughs, we execute them on site and import,
import contractors from India to take over the role.
And I sent this on via email and, you know,
I didn't hear back for a couple of hours.
I took a walk down to his office and I said, Hey, you,
are you okay with that plan? You know,
expecting him to joke and say, Oh, very good. Where's the real one?
And he said, sorry sorry i didn't read it
i just sent it straight to the client okay you know let's uh let's stop putting jokes in um
you know proper documentation uh because not everyone's on the same level no no it kind of
reminds me when your accountant was looking at your bank statement, he started laughing at certain transactions, Andy.
I thought that was his expenses.
Yeah.
But that article you wrote, in all fairness, I think, obviously, good article.
And yes, the images, the graphs and the stats and all that sort of thing, they don't tell you a lot, but you have to look at them.
You have to, you know, kind of concentrate on them
to realise this isn't telling me much.
And that probably applies to so many articles out there, right?
Yeah.
Well, magic quadrant.
That's Javad's personal opinion
if you'd like to sponsor us
please contact me.
Thank you very much.
Forrester Wave.
Is Javad's personal opinion.
Any ponemon
scruff ever made.
451
research.
The ponemon research comment is a host unknown comment
that's fine
friends don't let friends
quote ponemon
exactly
yeah 451
what about them
oh mind you you were there Jav weren't you
so yeah there's probably lots of pointless
no no they actually didn't do any of those
comparison charts that.
Oh, did you see Gartner's risk cube?
What? No.
Yeah. Oh, you've got to do it. I mean, I haven't got one in front of me.
It just reminded me.
Honestly,
it will give you a headache to look at and work out what it's trying to say.
I could not work it out. I
mean, you know, I like to think I know about risk, but I don't, you know, I'm not very academic when
it comes to it. I look at things a little bit more simply, as you know, you know, sharks and
coconuts and all that sort of rubbish, but, and toothbrushes, but I could not work this out at all.
So, yeah, maybe it's in progress and will improve,
but has anybody found it?
Is anybody looking it up?
I'm trying to look it up.
I can't find anything yet.
Yeah, so the problem is when you search the word,
anything with the word Gartner in it is absolutely full of shites,
as you would imagine.
Yeah. Is Andy's personal opinion, Gartnerner if you'd like to contact us for sponsorship yeah i'm surprised i've gone
like six articles down and not not seen the phrase tragic quadrant yet tragic quadrant
is that a joke or is that a product no that's that's a common colloquial reference to the magic quadrant.
Oh, I see.
Do you know what?
I've not heard that one.
I've not heard one.
There you go.
There you go.
Anyway, so what were we talking about?
Actually, for the listeners, if you want a proper,
a really simple and usable risk model you should
check out the malik langford risk model yeah or the langford malik one that's also just as good
yes i don't i i did it alphabetically you know you you did it in accordance to size of ego yeah
which is the right way it's that's in accordance with the Hosts Unknown style guide.
Exactly.
Either or, it doesn't matter.
I was going to say, yeah, that one came out quite nicely,
although in reality it's purely based on an ISO 27005 model,
but it's a way of explaining things.
We did a coronavirus one, didn't we, COVID-19?
That's right, the special edition. Yeah, I'll put a link to that in the show notes um if i remember we're not this isn't smashing security folks we don't we don't have extensive show notes it's whatever i can be asked
to put in before hitting publish um whatever you remember was uh yeah exactly you know let's face it google is your friend here oh dear so um i think it's time to
uh talk about our sponsor actually it's a sponsor jingle time isn't it yes uh so um yes here we go
host unknown sponsored by the duchess of Ladywell.
Nice.
Nice.
There you go.
Hope you got your money's worth there, Mum.
Got your mummy's worth.
I see what you did there.
Hey!
A little Freudian slip there.
Again, so yes, Mum, thank you very much. I was explaining to my mum on the phone.
She said, well, what do you need sponsorship for? And when I told her actually just how much we spend uh again so yes mum thank you very much i was explaining to my mum on the phone she said um
well what do you need sponsorship for and when i told her actually just how much we spend
just on a an annual basis right you know we did that spreadsheet i've shared that thing with with
you guys she was really surprised at how much it actually costs to do it right um or how much or
how much it costs to produce content of this quality.
Yeah, exactly.
That's probably more accurate.
But yes, there are running costs in all of this.
We've pushed against doing a Patreon because we're not beggars,
are we, at the end of the day?
We don't want something for nothing, unlike... we just bully our friends and family into sponsoring us yeah that's right that's right
this this is the kirby model you know it's a kirby model yeah so for those who don't don't
remember kirby was a hoover a vacuum cleaner sorry for our international listeners and their model
was literally the guy would go around
and he would get put adverts in the local paper saying high paying job you could win this that
the other uh high commissions and he'd get like 50 people in a room every week in in an area he
says well here's your kirby here they do the demo and says your target if you meet your targets you
can go on a carib Caribbean cruise or something like that.
And, you know, your commission is really high because your target for this this week is you have to sell one, just one.
And maybe you can try your parents. And these were expensive. These cost like about a grand at the time.
So that first week they'd go, these kids, these teenagers or early 20s, they'd go these kids these teenagers or early 20s they'd go home mom dad
please buy it's really important for my job i finally got a career i can win trips to the
caribbean and mom and dad okay okay they'll pay for it and next week it's like yeah your target's
20 sales and here's a list of cold calls we made and uh no one got any more sales. But Mr. Kirby got like 50 sales out of that that week
and he was moved on to the next area.
Yeah.
Just like any kind of pyramid scheme or MLM scheme.
Multi-level marketing.
I'll tell you what, what is it?
Reddit is full of stories about multi-level marketing scams
and stuff like that.
I love reading about them.
I'm starting to see them on, you know, that Nextdoor app,
which I've got.
It's certainly, well, actually, I think it's a bit harsh that it's an MLM.
But, you know, like the Avon people.
Yes.
Getting absolutely spammed on that.
And I saw some crossfire from, hey,
are you replacing whoever was doing it
anyway uh you know who who normally manages this area uh you know this person's like oh i don't
know who that person is you know oh turf wars yeah absolute turf wars with the avon ladies
yeah pretty soon the avon ladies will be armed with monkeys carrying chainsaws
and a bag full of Avon products.
Oh, dear.
OK, so let's...
Yeah, I think we can now move on to Jav and his...
Thank you.
And unlike you two, I've tried to find something
that's actually security and privacy related.
What more on the privacy side?
I see how you meant heavily caveated.
It's more relevant to information security professionals than monkeys with chainsaws.
What's more related security than a threatening monkey with a chainsaw
and how do you think uh all these security professionals keep their sugar levels high
when they're working late see i mean jab you're just so one-dimensional
play the jingle again you two have ruined the moment go on
okay uh what are you oh you're doing right yeah that's right you're doing
this one rant of the week so maybe the big one just to really build it up yeah and you know last
week how i i i told you how i was actually leaning towards agreeing with andy on a lot of privacy
issues and how a lot...
You were leading up to a joke.
No, no, no. I was making some heartfelt comments. I think, you know, he's right. There is a lot of
outrage that is just purely emotion led and not, we don't think it through and it's really easy to
just throw TikTok under the bus. Now, last week, there was a quote unquote bug in Instagram. Yeah. Instagram was really cool
before TikTok ate its lunch, but it's still a big thing. And the new iOS update, it started showing
that, hey, Instagram was using the camera even when users weren't taking photos or weren't using an app and Instagram
came out and said oh it's a bug and uh we're fixing the issue yeah it's a bug it's only to
help you scroll through the things and it just says that it's using the camera it's not really
using the camera don't worry about it and everyone's like oh okay if they say so then that's fine and and that's it
I've not heard anything else about it and I'm like you hypocrites you you you you racist because you
if it if that was TikTok I swear Twitter would be all over it all the Americans will be all over it
everyone would be like ah this this is terrible it's a chinese-led company they're
stealing the data now look they're taking photos of you while you're on the bog scrolling through
the app but no it was instagram oh it must have been a mistake you know these things happen i'm
sure apple have misidentified when they're actually using the camera on the device that they produce
so this is facebook seo all over yeah they're controlling
the narrative yeah yeah but it's not even showing up on twitter uh really much as a story like
facebook don't have a whole bunch of bots or uh influencer accounts on twitter yeah yeah of course
so so i'm with and i'm saying if you want to be outraged, be outraged equally.
And if you're going to say, oh, these things happen or I've got nothing to hide or it must be a bug, then apply that kind of equally as well.
So, yeah, I'm going to go download TikTok this week on my other phone.
Come join the dark side.
On your other phone.
On your burner phone.
Yeah, exactly.
Exactly.
Baby steps.
On your burner phone.
Yeah, exactly.
Exactly.
Baby steps.
Baby steps.
Although, to be honest, you know, I don't need to download TikTok because I've got Andy.
Yes.
And he's like my quality filter.
If it doesn't meet his standards, he doesn't forward it on.
Simple as that.
He's like the Heisenberg of TikTok.
Yeah, that's right.
At some point in the future,
he's going to reduce my supply to zero.
You're going to have to download it.
Then he's going to send me like an affiliate link where I'll download TikTok and he'll get, I don't know,
money or favours or the addresses of some of the TikTokers.
Yeah, my handlers have put me onto this scheme to encourage others.
Ah.
All I can say is, woo, money.
Yeah, that's right.
Which also happens to be the name of your handler.
Woo, money.
But it is weird how, you're absolutely right, Jeb,
how Instagram having a a very very similar
bug and it's you know it's just it's well to be blunt i think it's it's our industry
or our community having a very short attention span and we've just moved we've just moved on
to the next shiny thing we've seen the next squirrel running around and we're chasing that
one now um you know so it's it's it is bizarre utterly bizarre but we've we have seen the next squirrel running around and we're chasing that one now um you know so it's it's
it is bizarre utterly bizarre but we've we have seen it time and time again haven't we in these
sorts of things it is indeed right okay um yes thank you very much uh jav for this week's rant of the week right
so we come to the closing
part of the show
Andy and I are
well I think we're just sort of
we've given up
holding our breath on this one
so
you can breathe again you can breathe easy
Andy, Tom
and people off the internet.
So this week, I went out to a true little person, someone that actually crawled up from the ranks
of actually no security background, no technology background, started as a hobby, and now they're
working in the industry, and they're doing really, really well for themselves.
Now they're working in the industry and they're doing really, really well for themselves.
But, you know, security isn't just about being, you know, a good writer or a good technician.
It's about people.
So I asked this person, like, you know, when they first got their break into the industry,
please explain what their first boss or manager was like. because, you know, clearly they must have
left a really good impression for them to stay and thrive within the industry.
Terrible, absolutely terrible. And you know what? I should have known what it was going to be like after my first day.
He took me out for lunch at the worst West London pub I've ever been in.
There was hair in my soup, which I had to pick out of my lap after the waiter tripped over.
The wallpaper was hanging off the walls, and I'm sure I saw a chap in a corner with a gun underneath his newspaper. But it got worse after that. For three months I had to commute four
hours a day, every day, as he insisted it would be good for me to be in the office.
What he didn't mention was the fact that I'd be there on my own every day. When he
did eventually turn up I thought I was going to learn loads from him during my career,
but all I got was some vague direction on making Earl Grey and emptying his bin at the end of each shift.
He was a bit more specific about the on-site pub though.
He made it clear that the new boy always pays for the beer.
Strangely, I continued to be the new boy long after the team expanded. I never did
understand how that worked. But back to the office and this guy, who I thought was going to be a
fantastic mentor, proved to be anything but. He only turned up for a couple of hours every other
Wednesday and my emails to him were never answered. All I got was some muttering about bad luck with laptops and phones
and how easy they were to misplace in the local pubs and restaurants.
Who am I talking about?
Well, you know, it's obviously...
Hang on, are you recording this?
The Little People
Munson! Some good points, well made. Are you recording this? The Little People.
Munson!
Some good points well made, I think,
during this week's Little People.
Okay.
I think that was, for those who weren't aware,
that was Lee Munson.
He's much beloved within the industry.
He started off just... Well, he was.
He says, I'm going to ruin him.
Well, you already tried your best, but he left, Tom.
I'll get you, Lee Munson.
He's now under the protection of rights and money.
Yeah.
Exactly.
Oh, dear, it was weird hearing his voice again I mean the guy never said
two words anyway
do you want sugar in your
earl grey sir
well he would say two words
he'd just say yes boss
which taught him well
so Raj I hope you like
your tea and you're welcome ah lovely oh so nice to be reminded of um one's own little people
see uh see how far you've fallen tom and now you're uh
invoicing your own mother to generate revenue.
And ambulance chasing sponsors from PeerList.
Oh, yeah, because I'm doing that all by myself at the moment, aren't I?
You are. You are. I mean, as opposed to you guys slagging off Gartner and Forrester.
I'm not going to include Ponemon in that.
This is where we keep it real,
and people from the streets will appreciate keeping it real.
And so we'll get the real OG sponsors,
the ones who we really want associated with the brand.
It's a form of filtering them out, like the Niger scams yeah yeah absolutely absolutely we want the companies that are
dumb enough to give us a lot of money not the companies that are smart enough to give us little
to none is that what you're saying am I paraphrasing exactly I think you hit the nail on the head
exactly and and with that resounding noise I think that brings us to the end of the show.
So, yes, jolly well done.
Jolly well done, everybody.
Jav, thank you very much for your time and for being on time and for not being tired.
And for bringing some security news.
But you're welcome.
Yes, absolutely.
And Andy, thank you very much.
And have yourself a good week.
Stay secure, my friends.
Stay secure, my friends.
Host Unknown, the podcast, was written, performed and produced by Andrew Agnes, Juvad Malik and Tom Langford.
Copyright 2015 or something like that.
Insert legal agreements here as applicable and binding in your country of residence.
We thank you. Oh, I think we got away with that one.
That was a pretty shit episode, wasn't it?
Hopefully we'll get some sponsors as a result.