The Host Unknown Podcast - Episode 189 - The Something Something Band Something Something Together Episode
Episode Date: April 8, 2024This week in InfoSec (06:10)With content liberated from the “today in infosec” twitter account and further afield3rd April 2011: Email marketing and loyalty program management company Epsilon re...ported a data breach of names and email addresses of numerous companies' customers, totaling at least 60 million records. Dozens of companies were impacted, including Kroger, Walgreens, Verizon, and Chase.https://twitter.com/todayininfosec/status/1775598288277835996 1st April 1995: US President Bill Clinton and Russian President Boris Yeltsin announced a pact to exchange their personal PGP keys and to make the technology available to all citizens worldwide. (April Fools' Day)https://twitter.com/todayininfosec/status/1774994645053010184 Rant of the Week (13:06)William Wragg honey trap scandal is ‘extremely troubling’ says ministerExplosive revelations that a senior Conservative MP leaked colleagues’ phone numbers to a man he had met on the gay dating app Grindr are “very serious”, a minister has warned, amid questions over whether the MP will face sanctions.Vice chairman of the 1922 committee William Wragg admitted he sent the numbers after becoming concerned about the power the recipient had over him since he had sent intimate pictures of himself.Treasury minister Gareth Davies said the situation was “incredibly troubling and very serious” but maintained that Mr Wragg would keep the party whip while the incident is being investigated. Billy Big Balls of the Week (24:09)Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery StoresAmazon Fresh is moving away from a feature of its grocery stores where customers could skip checkout altogether.Amazon is phasing out its checkout-less grocery stores with “Just Walk Out” technology, first reported by The Information Tuesday. The company’s senior vice president of grocery stores says they’re moving away from Just Walk Out, which relied on cameras and sensors to track what people were leaving the store with.Just over half of Amazon Fresh stores are equipped with Just Walk Out. The technology allows customers to skip checkout altogether by scanning a QR code when they enter the store. Though it seemed completely automated, Just Walk Out relied on more than 1,000 people in India watching and labeling videos to ensure accurate checkouts. The cashiers were simply moved off-site, and they watched you as you shopped.On Wednesday, GeekWire reported that Amazon Web Services is cutting a few hundred jobs in its Physical Stores Technology team, according to internal emails. The layoffs will allegedly impact portions of Amazon’s identity and checkout teams. Industry News (29:46)Dataset of 73 Million AT&T Customers Linked to Dark Web Data BreachFirms Must Work Harder to Guard Children’s Privacy, Says UK ICOThreat Actor Claims Classified Five Eyes Data TheftLeicester Council Confirms Confidential Documents Leaked in Ransomware AttackJackson County IT Systems Hit By Ransomware AttackLockBit Scrambles After Takedown, Repopulates Leak Site with Old BreachesChina Using AI-Generated Content to Sow Division in US, Microsoft FindsWiz Discovers Flaws in GenAI Models Enabling Customer Data TheftChinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities Tweet of the Week (35:58)https://twitter.com/belldotbz/status/1776187040813441272 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
what were you up to over easterling chaps well funny so right complete stroke of luck
i was in oxford yeah just down the you know walking down the street and um
this amazon delivery driver pulls up next to me right and he says sorry mate what's your name
and i thought being funny the only famous person i know in oxford i said graham cluley
right he handed me this box. Okay.
And I'm like, okay, cool.
Yeah.
He disappears.
And I rattled the box.
It feels a bit heavy.
Guess what I got?
Brand new iPhone 15.
Check this out.
Nice.
Nice.
Good job.
You're listening to the Host Unknown Podcast Hello, hello, hello, good morning, good afternoon, good evening from wherever you are joining us And welcome, welcome one and all, welcome dear listener to episode 193 of the Host Unknown Podcast
A special guest star on today apparently 193 of the Host Unknown podcast.
A special guest star on today, apparently.
Hey.
Yeah.
Jav, how are you this week?
I'm good.
Where are you this week?
Thank you so much, kind folks, for inviting me and allowing me to be on your podcast.
It's an absolute honour, even though you have kept me waiting for about 45 minutes
before you hit record. What, as opposed to the hour and a half you kept us waiting last week
before telling us, oh, I forgot? Okay, at least you didn't bring up the price. I'm sorry, was there a lag there,
or did you just forget some words? He's speaking for once. He's trying to think of something to say
let me finish don't interrupt me
don't interrupt my silence
it's the last few days of Ramadan
so hopefully by next week
I'll be in better spirits and better mood.
So I probably won't be on the show again.
Yeah, that's right.
You did sound like you were having a better time where you were.
And to be honest, we had a better time wherever you were as well.
It's a win-win situation.
Absolutely.
Andy, what about you? How have you been have you been sir i've been good i took a
couple of days off i went to go and watch uh frozen the musical not on my own i actually
took my daughter it wasn't just something i felt like going to see myself i've seen that like three
times i think it's brilliant it actually was a lot better than i was expecting and
as grown men shouldn't you really just let it go?
It's actually impressive.
I think even you would get sucked into the emotion of the way the voice is boomed.
I'm not an emotional person.
Me neither.
How very dare you call me emotional.
No, but yeah, they gave us a bottle of prosecco in the box as well and my wife's not a big drinker so um it was down to me to so you know she wasn't that
night anyway no certainly wasn't this week but uh yeah talking to big drinkers, Tom, how's your week been? Oh, it's very good. Very good.
Ex-big drinkers, I'll have you know.
But, yes, not bad.
It was a nice sort of long break last week, which was last weekend, obviously, for the Easter.
Four-day weekend.
Yeah, four-day weekend.
So that was good.
A bit of spring cleaning, you know, all the sorts of things that adults have to do.
Making space for more Lego.
Well, I mean, it is my birthday coming up, I'm just saying.
You had one last year.
Sorry?
You had one last year.
I know, I know.
This is why you're getting so old.
If you keep having birthdays at the frequency that you do.
Exactly.
My God. Exactly. My God.
Exactly.
Speaking of birthdays, there's someone in the UK who's like the oldest man.
He turns 111.
And he's on our podcast every week.
Well, I tell you, he looks better than Tom.
He's not Tom.
John Tinniswood.
Wow.
He's in his care home in Southport.
So happy birthday, John.
Well, I'm sorry, just out of interest,
when Tom said it's his birthday coming up,
did you Google UK's oldest man?
No, no.
And just expect to see a picture of Tom or something?
I'm just trying to make the link here. hang on a minute no no and quickly as well i literally saw the news story on the bbc earlier today
okay that makes me feel so much better yeah... Anyway, if you're just joining us, welcome to the Host Unknown Guinness Book of Records podcast.
We do seem to get a little bit random.
A little bit random.
Yes, well, this is true.
One of us in this group does hold a Guinness Book of Records record.
Is that right?
I have held Guinness many times.
Indeed. Indeed.
And talking of dubious choices,
let's see what we've got coming up for you this week.
This Week in InfoSec asks,
what could go wrong with a third party
holding all of your contact information?
Rant of the Week demonstrates the value of deep vetting
in security clearance.
Billy Big Balls reveals to us that AI stands for actual Indians.
Industry News is the latest and greatest security news stories from around the world.
And Tweets of the Week is about a new keyboard with a rather priapic name.
So without further ado, shall we move on to our favourite part of the show?
It's the part of the show that we like to call...
This Week in InfoSec.
It is that part of the show where we take a trip down InfoSec memory lane
with content liberated from the Today in InfoSec Twitter account and further afield. And today our first story takes
us back a mere 13 years to the 3rd of April 2011 when email marketing and loyalty program
management company Epsilon reported a data breach of names and email addresses of numerous
companies' customers, totaling at least 60 million records. Dozens of companies were impacted,
including Kroger, Walgreens, Verizon and Chase. And so this breach targeted Epsilon,
a marketing email provider serving numerous large companies, including the likes of Barclaycard and Capital One. And while personal information beyond names
and email addresses was not believed to be exposed, there were warnings of potential
fraudulent emails seeking further login details. So much so, the UK's Information Commissioner's
Office also launched inquiries to determine if any Britons were affected.
Epsilon confirmed the breach, but provided limited details, stating that an unauthorised entry into its email system occurred.
And various companies that were affected began warning their customers, including major financial institutions like J.P. Morgan and Citigroup, as well as Best Buy and Disney destinations.
And obviously, the breach raised concerns about phishing scams, leveraging the stolen email
addresses. And the incident drew comparisons to previous large scale breaches, such as the
Heartland Payment Systems breach in 2008. And it highlighted ongoing cybersecurity challenges in
safeguarding sensitive data
and could we swap the name to companies in this story and just change the date and still say the
same thing yep and i think we can and wheel out graham clearly to say this is a a watershed moment
for security we need to change things i'm sorry i swear I could pick any recent breach and find your rent-a-quote in there somewhere.
The amount of times we stumble across stuff you've opined on is crazy.
But you know what?
60 million records.
That's chicken feed nowadays.
Nowadays?
But this was 13 years ago.
Oh, I know.
I know.
But it just goes to show 60 million records is now just a blip in the ocean compared to some of the breaches that have been going on.
It's like a late Monday afternoon breach these days.
Yeah, numbering in the billions and billions.
It's almost to the point where surely your email is out there anyway, somewhere.
Oh, the data's been breached so many times.
Yeah.
And this is actually, just segue here.
so many times yeah and this is actually like just segue here i got notified on have i been pwned that um you know my details showed up in whatever that recent one was a something api um but they
won't tell you what the password is that you used which makes it a lot harder because it's not a
specific system it's in a group it's a batch of stuff. And so I couldn't tell which company got breached because my passwords, depending on how much I trust the company, will either be standard or the same or, you know, will actually contain their name in the password.
So I know that it came from them when it does get breached.
But, yeah, it's pretty annoying.
It just says it got breached, but it won't tell which password got breached it just says a password
associated with this email address got breached come on troy hunt friend of the show sort it out
absolutely no it's it's it's uh it's a liability issue isn't it he doesn't want to be it's not not
if you authenticate with your email they get them to email it to you. Like literally.
That couldn't go wrong at all, could it?
No, absolutely not.
Nothing could go wrong with sending passwords in clear text.
But anyway, I'll tell you what protects against clear text.
And it's something that we found 29 years ago on the 1st of April 1995,
when US President Bill Clinton and Russian President Boris Yeltsin announced a pact to exchange their personal PGP keys to make the technology available to citizens worldwide.
And so Clinton said at the time, Yeltsin sent me a cypherpunk T-shirt for my birthday.
said at the time yeltsin sent me a cypherpunk t-shirt for my birthday although it had been tie-dyed before entering the former soviet union the shirt clearly showed a four-line script in
the pearl programming language containing a working version of the rsa encryption algorithm
and i think the clue here is the first of april date. Yes. Which, you know, kind of
leads me to think this maybe was an April
4th joke. Exactly.
Because if you follow it up with, you can stay
down there, honey.
Do you know what I found
the other week was that Bill Clinton
and I even had to look it up to make sure
it was true. He left office
like 20 plus years ago,
23 or 24 years ago.
He's still younger than both Trump and Biden.
Jeez.
Really?
Yeah.
That's what you're dealing with, America.
That's what you're dealing with.
Well, it's certainly the lesser of two evils, isn't it?
Yeah.
Bring back Clinton.
Which one?
The one that was kind of, you know know a bit of a cheeky fella like do you mean like the only rapidly rapidly losing whatever fan base we had down in in the south i did i did hear sandy
toxfig talking about about him and um she was saying that he is the most charismatic person she has ever met. He
literally mesmerised her. And she said, you know, she almost turned straight for him. It was that
kind of thing, you know, and she, you know, she's a married lesbian, as it were. Well, not as it were um well not as it were she actually is but but even she was saying he is so captivating
in person it's kind of unsurprising that he won two terms and what got into the kind of trouble
he did yes and that's just the stuff we knew about well exactly exactly yeah anyway let's move on show before we
either alienate or incriminate
ourselves thank you Andy for
this week's
InfoSoul
this is the podcast
the king listens to
although he won't
admit it
okay it's time now to move on to...
Listen up!
Rent of the Week.
It's time for Mother F***ing Rage.
So here's a story that is very, very recent.
I think it actually came out possibly today.
Well, yesterday.
Well, it happened recently.
And also it depends on when you listen to this as well
and when we actually get round to
releasing this
it's happened at some point in the last
five days to six months
but
it's about
an MP
called William Ragg
and he was involved in a honey trap scandal, which another minister says
is extremely troubling. Now, these are described as explosive revelations that a senior Conservative
MP leaked colleagues' phone numbers to a man he had met on the gay dating app Grindr.
And that these revelations are very serious, the minister has warned,
amid questions over whether the MP will face sanctions.
So Vice Chairman of the 1922 Committee, William Wragg, has admitted he sent the numbers
after becoming concerned about the power
the recipients had over him since he had sent intimate pictures of himself. So this isn't a
story as old as time. And the Treasury Minister Gareth Davies said the situation was incredibly
troubling and very serious, but maintained that Mr Wragg would keep the party wet while the incident
is being investigated. So this winds me up in a number of ways.
One, the fact that there are people out there who like to do this sort of blackmail stuff
and honeypot entrapment and all that sort of stuff,
which kind of goes without saying, nobody really likes that.
The other problem as well is that I that i i do have empathy for william
ragg because it's kind of like everybody is human everybody has their own peccadillo's everybody has
their own you know the the right to live their sort of personal life how they how they wish
and um you know he obviously got some uh some kind of enjoyment and pleasure out of sending new pictures of himself to this person.
And unfortunately, because of the threat of those going public, showing this showing the world basically that he's biologically identical to everybody else who's uh who's of
the same sort of gender effectively one assumes um uh that william wragge does have a penis and
that's possibly what's going to be showed but the fact that he felt that he was that if those
pictures came out that that would be worse than handing over the phone numbers of trusted colleagues and MPs who then subsequently received,
you know, lots of unsolicited WhatsApp messages and calls, etc.
So it's almost I know this thing of security clearance.
security clearance it requires that people are not going to be able to be taken advantage of and put into positions of of of um where they feel they are obliged to carry out either illegal acts
or um dubious acts in order to to escape uh being exposed etc but surely we live in a world now
where frankly as he should just be able
to get on and do what he wants. And if those pictures are released, no big deal. He's, you
know, OK, so he's an MP with some nude pictures. That's all it is. So it does wind me up a little
bit. But I do understand the security implications. But perhaps, perhaps if the Conservative Party was a significantly
less purient and probably a lot less hostile towards many in the LGBTQ plus community,
this would never have happened in the first place. So, yes, I think I think that's shortened to the
point, I think, this week, which is, you know, really just just let people live their lives and then they won't feel, you know, they won't fall victim to blackmail because they won't care.
Just they'll just say publish and be damned.
So that's your takeaway here.
That is like this guy is the vice chair of the 1922 committee.
Yeah. Which oversees the election of party leaders yeah okay he received an
anonymous message and decided to reply with nudes exactly like and that i know he received the
anonymous message in grinder honestly no regardless and then he decided it was a good idea to reply with nudes.
But these people have the power to replace government leaders.
Tom has completely missed the point here.
I think the last time someone was so wrong was when our prime minister was coming off the airplane, waving a letter saying, yeah, Hitler has promised there will be no war.
I think the phrase was peace in our time yeah okay but uh but yeah no i'm 100 with with andy this is like the issue isn't the personal life or the the preferences The issue is that someone who is in such a sensitive position,
and NCSC have actually written about this a few months ago, about how people, individuals with
access to secret information or valuable information, need to beef up their social
media security and their online digital footprint and all that kind of stuff. But the fact that you can be so easily manipulated into something
and then handing over information is the worry here.
If it's not about their sex life, it will be about something else,
about their gambling habits or their drug use or their alcoholism
or their speeding ticket that they got their mate to cover up for
or something like that.
And we need people with better integrity and morals and who won't just reply to random stuff online well i think his
worst crime here was actually it was obviously handing over the phone numbers he should never
have done that in the first place he should never have done that and he should never have felt that
he needed to as as the saying goes you know, if suddenly someone really attractive or really hot messages you and says, hey, you know, you're my ideal person, then, you know, if it's too good to be true, it usually is.
like if you if you see on amazon someone's selling a 700 quid iphone and you think with next day delivery next day delivery for free and then be surprised that nothing ever arrives honestly
it's an interesting uh conflation of of concepts there but you know
the analogy worked the what what, sorry? The analogy worked. Is that right?
He should have just told him to fuck off.
I mean, and he kind of did.
He only handed over a handful of them, not all of them, for some reason.
I'm not entirely sure what changed his mind.
But he should have just told him to fuck off.
That's your security advice if you ever receive an unsolicited message
tom says tell him to fuck off no if someone tries to blackmail you tell him to fuck off
i think you're missing a step here the blackmail comes later
yeah you probably shouldn't be sending stuff to people you don't know.
I agree, yeah.
But, you know, it's just I feel that society needs to be a little bit more
accepting of the fact that people like to do this sort of weird shit, you know?
I think people can be accepting of it just depending on what your job is and what the
fallout from that could be yeah I get yeah I get what the issue is here my therapist would
describe this as Tom projecting possibly actually yeah you're absolutely right we've already seen
the photos we don't care and we know that's my point that's what so here's the thing so if he had done this and sent the photos and then was asked for the
blackmail and then he said no screw you you don't i'm not i'm not giving you any photos and now i'm
reporting this conversation to to the relevant authorities would we still be having a similar
conversation around he's in a position where he shouldn't be sending nudes yes would we still be having a similar conversation around he's in a position where he
shouldn't be sending nudes yes would we yes why so what because his response was i don't care
and i'm but you know what so okay so i'll tell you something if you notice that um certainly
you do see a lot of b-sides and events like that where when things start
getting a bit crazy and people would just sort of like say right that's enough for me and they'd
sort of leave the room and it's always people who have got clearance and always people that are in
jobs that require them to hold that clearance because they don't want to be associated with
any type of controversy whatsoever and that is actually the type of responsibility that you need
to have in
that position i'm not saying you can't have a personal life but there are some sacrifices you
have to make depending on what type of job you have and i think the vice chair of the 1922 committee
has to make some sacrifices where do you know what maybe he shouldn't be sending
dick pics on grinder to complete strangers whilst he's holding that position.
Exactly.
What I'm taking away from this is I'm not going to get security cleared
any time.
No.
I think the takeaway from this is that depending on your position
and your responsibility, a different burden lies with you.
I mean, if you're the manager at Staples and you have a fling
with your summer intern, that's very different from Bill Clinton.
And so they're held to a different level of accountability.
Yeah.
The fun Clinton, as you put it.
The fun Clinton.
Ah, well, let's see if any of our readers,
listeners are awake enough to reply to us on this one.
Just go to our Reddit channel on r slash Smashing Security to leave your comments.
Rant of the Week.
You're listening to the award-winning Host Unknown podcast.
Like a real security podcast, but lighter.
Okay, Jav, over to you now for this week's...
So this is a much lighter topic.
I'll bring us all back to some sense of normality now.
So Amazon, and Tom, you may chime in now saying yes they are the
criminals and i'm praising them okay so uh many of you may have seen or been aware of they had
these uh just walk out shops where you walk in you identify yourself at a camera or scan a qr code
and um you just pick up stuff and you walk out the
shop and they've got like hundreds of cameras in the store and they see who you are they recognize
your face they see what products you're taking and then it's automatically billed to your Amazon The technology is just like magic.
AI.
AI. AI.
AI, in this case, may not stand for artificial intelligence,
but probably stands for all Indians.
Because it seemed completely automated,
It seemed completely automated, but Just Walkout relied on more than 1,000 people in India watching and labelling videos to ensure accurate checkouts. In essence, they outsourced their cashiers to India.
How are we only finding out about this now?
I have no idea.
I mean, that's a lot of people and probably a lot of churn.
I think we're finding out about it now because they're ditching it.
Yeah.
They're ditching it because the technology just didn't catch up
with the promise.
Probably because they started asking for higher pay or something,
like to go with the cost of living crisis.
Yeah, maybe.
You know what Amazon's like when it comes to saving a few quid.
Or also the checkout staff, you know,
they probably ask for a seat to sit on.
You know, that's...
Yeah, maybe.
Maybe, maybe.
So, you know, I think...
But, you know, it's like you hear about those like it's only a man inside the metal suit it's not literally a robot like talking back or something so i think
we should like use google maps like the the satellite imagery to look at india because i
think we're going to find a cluster of 10,000 people there somewhere
that are actually behind ChatGPT they've got like access to like you know Coral Draw and Getty
Images and Adobe Suite subscription one one that they share amongst all it's gonna I was gonna say
it's gonna be a crack copy yeah And can type 100 words a minute.
Exactly.
Exactly.
Yeah.
So I think that's where we're heading to.
But I think it's still a Billy Big Balls move of the week where, like, Amazon allowed everyone to believe
that it was just their AI and their superior technology
that was making all this happen when it was just, like,
you know, some poor guy.
I mean, we've always made jokes about how, like, you know, identify the traffic lights in this picture is just a tool to train the AI.
Maybe that's what those people were thinking of as well.
Yeah. Play this game, Dilbesh. Like, you know, just identify all the products this person picks up off the shelf.
Identify all the products, yeah.
identify all the products this person picks up yeah but it reminds me amazon had this functionality a few years back where
you could take a picture of something i don't know like a a phone or a mug or whatever and then it
would you know you take a picture of it in the app and then it would come back with here's where
you can buy that product and i was amazed by this at the time until someone
said you know what it's probably just somebody in india looking at the picture i was gonna say
it's the response always alibaba yeah exactly you can buy off alibaba well there's always a
referral code in there yeah yeah but yeah it's oh man it's it really it's like the wizard of oz isn't it it's like the end of
the wizard of oz when you you find out that you know the the the the king of the emerald city is
just this you know sad old man who sits behind the curtain um you know pretending to be all powerful
so yeah actually i like this one i it is pretty big ballish i've got to say
jav i'm going to agree with you on this one so even the big companies are just faking it till
they make it yeah they are aren't they
billy big balls of the week In 2021, you voted us the most entertaining cybersecurity content amongst our peers.
In 2022, you crowned us the best cybersecurity podcast in Europe.
You are listening to the double award winning host unknown podcast.
How do you like them apples?
award-winning host unknown podcast how'd you like them apples right well it was almost a once in a lifetime thing here with me agreeing with jav on that
um but uh talking of time well what time is it andy it is that time of the show where we head
over to our news sources over at the infosec Newswire, who have been very busy bringing us the latest and greatest security news from around the globe.
Industry News.
Data set of 73 million AT&T customers linked
to dark web data breach.
Industry News.
Firms must work harder to guard children's privacy,
says UK ICO.
Industry news.
Threat actor claims classified Five Eyes data theft.
Industry news.
Leicester Council confirms confidential documents leaked in ransomware attacks.
Industry news.
Jackson County IT systems hit by ransomware attack.
Industry news.
Lockbit scrambles after takedown.
Repopulates leak site with old breaches.
Industry news.
China using AI-generated content to soda vision in US, Microsoft finds.
Industry news.
Wiz discovers flaws in Gen AI models enabling customer data theft.
Industry news.
Chinese threat actors deploy new TTPs to exploit Ivanti vulnerabilities.
Industry news.
And that was this week's...
Industry news.
Wow.
Huge if true.
Huge if true.
I like... You know how Microsoft's been criticised a lot recently,
especially by the US government for failing to secure their exchange systems
and have all these vulnerabilities and keep getting hacked?
And then all of a sudden they have this report ready to go.
They're like, you know what?
China's so in division.
It's all AI generated, man. They're so in division in the u.s
look over there yeah exactly ban tiktok yeah yeah exactly that that is exactly what it is
i see avanti's getting a good pummeling again this week oh man it's one of those like stop
stop they're already dead yeah i mean who is genuinely going out and buying Iventi at the moment?
I know.
It's got to be scary, isn't it?
I mean, I should look up the share price or the Iventi share price
or, you know, sales figures or whatever.
It would be really interesting to see, you know,
quite when this started and when this stopped.
I mean, the cost of their products must literally be the equivalent of scrap.
They can't be making money on them at the moment.
No.
They can't be selling them.
No.
I love this lock bit story.
So because a lot of the infrastructure was just dismantled and taken down,
so they're not doing anything.
But there's probably a couple of people left.
And they're like, how do we make it look like we're still a big threat?
So they're taking the old breach data and publishing it again to make it look like they're active and everything.
This is, as a PR person, I find this amazing.
I think it's a great bit of marketing and PR.
They took a leaf out of Amazon's book.
Yeah, exactly.
Just fake it.
Fake it till you make it, man.
Exactly. Yeah. leaf out of amazon's book yeah yeah just fake it fake it till you make it man exactly yeah yeah we've got we're doing all these all these breaches and hacks but actually we've just got
a team of indians just going through this you know kicking kicking all the new all the old data out
data set 73 million at&t customers it's's nothing. We just confirmed that those sorts of figures are a child's play these days.
Yeah.
I mean, it's got social security number, date of birth, full names,
phones addresses, emails, and other info.
I think all this stuff was already lost in the Equifax breach in 2017 or something.
Probably the same stuff, right?
Yeah.
Well, now you've got literally just cross-referencing
to be able to tell which data is valid
and probably identify the negative seeds
that Equifax was using in their data set
so you can remove it for future data sets.
Yeah, so much data out there.
What else have we got well you've got Leicester Council
being ransomware'd which is like
there's been several
councils that have been hit by ransomware
over the last couple of years
you had Hackney which was down for a long time
you had the other one was it Gloucester or something that had their their their whole museum's archive record in there that was taken
that was an inaccessible it's just pointless like uk councils are literally on their knees like
they there's so many going bankrupt like literally bankrupt yeah like birmingham so yeah like what do
you think you're going to get from them? It's like they have no money.
But it's the same with hospitals, though.
You're attacking hospitals, you're attacking schools.
They're easy targets, but they're so, as you say,
wholly underfunded and can't do anything about it.
So all you're doing is, well,
you're certainly no Robin Hood in this instance, are you?
No, no.
And the thing is, like, when councils go down,
that impacts, like, housing, social care,
like, people benefits.
Everything goes down the pan.
It's just terrible.
Yeah, if only we could get these criminals
to have a, you know, a sense of decency and morals.
Yeah, and not invest all their money in Icelandic banks.
Sorry, which criminals are you talking about?
Anything else before we move on?
Nah.
I think we're done, aren't we?
Thank you both.
That was this week's...
Industry News. aren't we? Thank you both. That was this week's... Ask your doctor if the Host Unknown podcast is right for you. Always read the label.
Never double dose on episodes.
Side effects may include nausea, eye rolling and involuntary swearing in anger.
True story.
Right, Andy, why don't you take us home with this week's...
Tweet of the Week.
And we always play that one twice.
Tweet of the Week.
This week's Tweet of the week comes from Andy Bell and he's
quote tweeting BenFRYC and so Ben is advertising a new keyboard okay and it says the time is knob
pre-orders for the knob KNOB1 by WorkLouder and now open available for 439 US dollars in both ANSI and ISO layouts with
a number of language options and this is a new mechanical keyboard and so obviously Andy Bell
quote tweets this and he says I am begging American companies to hire British people to
check their product names for them fucking knob man Jesusesus wept although i i've clicked on the link
and apparently um this company they're also uh producing a a mouse called uh todger they know
exactly what they're doing they know exactly what they're doing oh man but you know it reminds me as
um someone posted a screenshot ages ago about this book and like
the book like it was like converted from u.s english to british english and someone cleared
find replace and they're replacing pants with trousers all the way through and so in the middle, there was like participants got changed to participant trousers.
Love it.
Participant trousers.
I do like the thread of this one, which goes on to,
they've got other company names and there's an article which says, a new NFT company called Nontz Finance launched.
Then they quickly realised they had a problem.
Nontz. finance launched, then they quickly realised they had a problem. Nonsense.
How could you even launch with that name without realising?
Damn, man.
It's probably like, did they have a problem when all their customers
were like BBC presenters and children's shows?
Oh, man.
Oh, dear.
Excellent.
Thank you.
That was this week's...
Tweet of the Week.
Well, we've flown through that one, haven't we?
Excellent.
Well, thank you, gentlemen, for your time this week.
It's good to get the band back together occasionally,
so I have to say.
So, Jav, thank you so much for your wisdom charisma and well
frankly your presence this week did you call me part of the band i'm so touched like a roadie
no he's the bass player anyway thank you jav yeah love you too and uh thank you andy stay secure my friends stay secure
you've been listening to the host unknown podcast if you enjoyed what you heard comment and
subscribe if you hated it please leave your best insults on our reddit channel
worst episode ever.
R slash Smashing Security.
Cool.
Honestly, I need to turn down the brightness on my monitor.
Both your heads are reflecting so much light.
It's just like... I'll admit, the dome, I do have my dome light on
because my side light is not working.
Is the dome light the light you use to brighten up your dome?
It is, yes.
It's the wax enhancer.
The wax enhancer.
But you know what?
I was doing some calculations, Tom.
I realised you've been on the Smashing Security podcast
more this year than Jav's been on this podcast.
What can I say?
Just reliable.