The Host Unknown Podcast - Episode 210 - The Is Andy Paying Attention? Episode
Episode Date: December 3, 2024This week in InfoSec With content liberated from the “today in infosec” twitter account and further afield24th November 2014: The Washington Post published an article which included a photo of ...TSA master keys. A short time later functional keys were 3-d printed using the key patterns in the photo. Oops.https://twitter.com/todayininfosec/status/1860803840620044356 22nd November 2010: Matt Blaze published the PowerPoint slides he was contractually required to submit for his 2011 RSA Security Conference presentation. Matt hates PowerPoint. Take a moment to admire the slides he submitted.https://twitter.com/todayininfosec/status/1860027850369519669 Rant of the Week (12:47)https://www.theregister.com/2024/11/26/third_major_cyber_incident_declared/A UK hospital is declaring a "major incident," cancelling all outpatient appointments due to "cybersecurity reasons."The Wirral University Teaching Hospital NHS Trust, located in North West England, said the so-called "incident" affects the whole Trust, which oversees Wirral Women and Children's Hospital, Clatterbridge Hospital, and Arrowe Park Hospital.Although the tech problems began on Monday, officials confirmed to The Register it is still dealing with the fallout as of Tuesday morning. All outpatient appointments were canceled on Monday and the same decision was made today, according to Arrowe Park and Clatterbridge's social media posting. All patients whose appointments were canceled will be contacted to rearrange them. Billy Big Balls of the Week (20:48)Put your usernames and passwords in your will, advises Japan's governmentJapan's National Consumer Affairs Center on Wednesday suggested citizens start "digital end of life planning" and offered tips on how to do it.The Center's somewhat maudlin advice is motivated by recent incidents in which citizens struggled to cancel subscriptions their loved ones signed up for before their demise, because they didn't know their usernames or passwords. The resulting "digital legacy" can be unpleasant to resolve, the agency warns, so suggested four steps to simplify ensure our digital legacies aren't complicated:Ensuring family members can unlock your smartphone or computer in case of emergency;Maintain a list of your subscriptions, user IDs and passwords;Consider putting those details in a document intended to be made available when your life ends;Use a service that allows you to designate someone to have access to your smartphone and other accounts once your time on Earth ends.The Center suggests now is the time for it to make this suggestion because it is aware of struggles to discover and resolve ongoing expenses after death. With smartphones ubiquitous, the org fears more people will find themselves unable to resolve their loved ones' digital affairs – and powerless to stop their credit cards being charged for services the departed cannot consume.Some entrepreneurs have already identified end of life services as an opportunity. "Dead Man's Switch" apps can be set to contact whomever you choose if you do not sign in to certain accounts after a period you select as a likely indicator of your departure from this world.Meta also offers the chance to nominate a "legacy contact" who can manage your account.Such services aren't just opportunistic: grieving people have a lot on their plate, and executing wills is not always straightforward. Industry News (31:08)ICO Urges More Data Sharing to Tackle Fraud EpidemicOver a Third of Firms Struggling With Shadow AIDarknet Services Fuel Holiday Scams and E-Commerce ExploitsNHS Trust Declares Major Incident for “Cybersecurity Reasons”Nuclear Decommissioning Authority Opens Sellafield Cyber CenterNew EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 DaysT-Mobile Claims Salt Typhoon Did Not Access Customer DataAlbanian Drug Smugglers Busted After Cops Decrypt CommsUK Justice System Failing Cybercrime Victims, Cyber Helpline Finds Tweet of the Week (39:43)https://bsky.app/profile/mattpotteruk.bsky.social/post/3lbyu4dy3b22f Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
I was talking to Adrian Sanabria. Oh yeah. Oh Brent and yesterday any message to me?
Hold on, let me pull out the message. It goes, how's life treating you? I check out your
podcasts every now and then. I enjoy the banter. That guy's never listened to our podcast in his life. Yeah, never.
Never.
You're listening to the host unknown podcast.
Hello, hello, hello. Good morning, good afternoon, good evening from wherever you are joining us and welcome welcome one and all to episode
210 of the host unknown podcast uh yes welcome everybody uh sorry about last week but uh java
was off field and andy and i couldn't be asked uh was what it pretty much came down to. So, yes, but we're back again in the, well, increasingly irregular, I would suggest, Host
Unknown podcast, but what the hell?
A bit like your bowel movements that you've done.
Yes, exactly!
But when they come back, they come back strong.
Anyway, Jav, how are you, sir?
How's your, well, two weeks been, I guess, but how was your illness?
How was your man flu?
My man flu, it was kind of like, turned out to be more of a non-gender binary flu.
It wasn't quite man flu, so I recovered quite quickly from it.
Fair enough.
A bit of a non-dairy milk milk and you're back to normal, right?
Yes, yes, although yesterday I was at an event and it was the first time I actually ended up doing clay pigeon shooting
Those little buggers move fast, yeah, they do
Those little buggers move fast. Yeah, they do.
They do.
And like, there's one point I swang around like to try and stay because he was saying
you stay in front of the clay and what have you.
And I was knocked into the guy next to me.
He goes, what are you doing?
And he was an older guy and he was hilarious.
And I said-
So you shot him for mouthing off.
And I said to him, do you remember the old James Bond? I think it was a Roger Moore
movie where he goes clay fitting shooting and he pulls out the gun and he goes bang
and he goes, you missed Mr Bond and he goes, no, I didn't. And this is us and falls out
from the tree. Yeah, that's right. So basically you shot the gamekeeper. You know what? Who was it? Was it Biden that once shot someone?
No, no. It was...
Rumsfield?
No. What? Oh my God. His daughter's in politics now.
That narrows it down.
Or Trump. But yeah, I know what you mean. He shot somebody
while out duck hunting. But better, he shot them in the ass. They were right in front
of him. And there are stories about it being on purpose.
Well, I guess once you're that high up in politics you can you get a bit of creative license
right?
Rank has privileges.
Exactly.
And talking of pains in the ass, Andy how are you?
Oh I thought you were going to say talking of privileges and going to Jav.
Pain in the ass, I'm not too bad actually.
This week's just gone by, it's been a whirlwind, absolute whirlwind of a week.
You're the only one who's sort of really honestly earning a living at the moment.
Well, I think not just at the moment. That's always been the case, isn't it?
I kind of wonder how you guys have never been found out.
Do you know what it is? I think I need to get on stage and talk more shite.
But then you really will get found out.
You guys managed to get by alright.
There's an art to it, I'm telling you.
There is.
There is an art to it.
You know, it takes a lot of time and practice to make it appear as amateurish as me and Tom do.
Oh dear, but talking of amateurs, Jav, how are you, sir?
Me?
I just told you how I was.
Do you know, have we actually just been through what?
Oh yeah, because you went clay pigeon shooting.
I'll tell you what, this week has been a nightmare.
What?
Are you serious?
I am absolutely just, I told you this week has been crazy.
I thought you were joking there from...
Bit of a memory lapse there.
God, something's catching.
It's catching. I've been sitting with you
too long Tom.
This is not on us.
This is like totally you.
Anyway, it was Dick Cheney who shot his...
Dick Cheney, thank you.
Liz Cheney is his daughter who's in Congress.
And she's the one who is calling out Trump on all his shit.
Yeah.
And speaking of Dick, how are you Tom?
Ha ha ha ha ha ha ha.
Very good, at least someone is paying attention this way.
That's how it's done.
Yeah, that's how it's done. Yeah, that's how it's done.
Yeah, by getting it right.
Apart from the dick part.
So yeah, very good.
I've been on holiday this week in between jobs.
I start the new job on Monday
and I'm straight up to the show.
I'm going out and buying my new school uniform
for the new job.
You know what it's like, new school year,
new uniform, all that sort of thing.
So, gonna go and do that.
I was up in London.
Getting a new lunchbox as well.
Sorry, what?
Getting a new lunchbox as well.
Yeah, lunchbox, new satchel, you know.
And I was up in London this week, which is good.
Photographing a gig.
So that was fun, so I've got a few photos to edit there
and yeah, gonna be buying my season ticket, all that sort of stuff, so it's exciting,
it is exciting stuff, looking forward to it.
Well, I only get your season ticket for the first three or six months, how long your probation
period is, because you don't know, you go to waste otherwise.
Mate, I'm getting it weekly.
Yeah, good. Not'm getting it weekly. Yeah
Talking of this disappointingly short
Appearances shall we see what we've got coming up for you today
this week in Infosec takes us back to the Washington Post.
Rant of the Week is about kicking a man while he's down.
Billy Big Balls talks about using an interesting document
as your password manager. Interesting news brings the latest and greatest
security news stories from around the globe
and tweet of the week is official advice
from the US government.
So you just did that off the top of the dome.
I did.
That's not too bad.
Was that all right?
That was all right, wasn't it?
Yeah, we'll see how they actually do relate to the stories
but you know, you sold it well.
Yeah. So I can see how you guys get away with it on stage now.
Right, I get it, I get it.
Yeah, you would have had to been on to chat GPT to tell you what to say.
Prove me wrong.
So moving swiftly on, let's move on to our favourite part of the show.
It's the part of the show that we like to call...
Let's move on to our favourite part of the show. It's the part of the show that we like to call...
This Week in InfoSec
It is that part of the show where we take a trip down InfoSec memory lane with content liberated from the Today and InfoSec Twitter account and further afield. And today's first story takes us back just a mere 10 years to the 24th of November 2014
when the Washington Post...
So close, so close to getting that timing right.
24th of November 2014 when the Washington Post published an article
which included a photo of TSA master keys.
Oh yes, that's right.
A short time later.
Oh yes.
Functional keys were 3D printed
using the key patterns in the photo.
Oops.
Yeah.
This was a, as you recall,
I mean this was great back you know back in the
time it was like a whole new threat vector for 3d printing wasn't it and
such an innocent mistake I think they're doing an article about TSA weren't there
some guy held up his bunch of keys for the photo unknowingly doing the but yeah
I think it was taken down after because those TSA locks are notoriously difficult to open
they are this impossible
and you know what like having those locks
you know sort of the same key all over the world
you know across all the different states in the US
there's absolutely no chance of anyone ever getting a copy of those keys
no never
yeah TSA approved is essentially easy to pick.
I think one of the reasons why the American Airlines bans things like nail clippers on flights is because you could pretty much use them to break, to just chop those padlocks off, right, with a pair of nail clippers?
Yeah. right with a pair of male clippers yeah alas our second story takes us back a
mere 14 years thanks when Matt Blaze published the PowerPoint slides he was
contractually required to submit for his 2011 RSA Security Conference presentation.
And if you know anything about Matt,
you will know that he absolutely hates PowerPoint.
So this is actually a link,
and you can bask in the glory of the slides he provided.
All three of them.
The first one is his title,
My PowerPoint Slides for the RSA Conference 2011.
The second slide says,
I'm not using PowerPoint in my presentation. I hate PowerPoint. I avoid using it whenever
possible. And then it goes on to say how the
conference organizers insist that he sent PowerPoint. So this is what he sent.
So here you are, end of presentation. And those were his complete slides.
But very much a big big balls move back in the day for RSA. I like that I
thought it was either gonna be something like that or it was gonna be the one
where the fella uses something like 270 slides in 10 minutes. Oh that guy's good
the one that talks really quick. Yeah yeah yeah yeah yeah which you know some
people have tried to sort of imitate, but it's never really
You know worked well, and they can't keep it up for like the whole sort of 10 20 minutes anyway
They can only do it for like the first minute and a half yeah
HD more he normally speaks quick is it is it him you mean I?
Don't think so no
No, no, it's a it was a younger guy well he's
probably old now but anyway anyway Andy thank you so much for this week's of the
week this week's in info sir in InfoCert.
I'm having a few problems with the buttons at the moment.
So I'll hold on.
It's all right. If you play the jingle again, Andy will start his story again.
Feeling overloaded with actionable information?
Fed up receiving well-researched factual security content?
Ask your doctor if the Host unknown podcast is right for you.
Always read the label, never double dose on episodes. Side effects may include nausea,
eye rolling and involuntary swearing in anger. One week away completely out of
practice. This pushing button stuff it's not easy. It's not easy. Right. Let's move on, shall we, to this week's...
Listen up!
Rant of the week.
It sounds a motherf***ing rage.
So this week's rant, it's about, obviously,
well, it's a security thing, hackers hacking and people being hacked, but this is about a UK
hospital that's declaring another major incident, cancelling all outpatient appointments due
to a cyber security reasons.
Now we've seen this before and in fact I was talking on a show earlier this week about
how in some cases there is honour amongst thieves and the criminals don't
go after soft targets especially like hospitals and schools but very often you
know not all criminals are like that and as was found out by the
Wirral University Teaching Hospital NHS Trust, which just rolls off the tongue there.
They're based in the northwest of England and they said that the so-called incident affects the
whole trust which oversees Wirral Women and Children's Hospital, Clatterbridge Hospital and
Arrow Park Hospital. Although the tech problems actually began just earlier this week, officials actually confirmed
that they're still dealing with the fallout as of
Tuesday.
However, the problem we have here with this one is that this is something like, is this the third
time I think it was,
that this hospital has been hit by cyber attacks?
And it's, it's, oh the NHS, sorry, has been hit by cyber attacks and it's just constant.
There was the earlier outage, two major attacks have hit NHS Scotland and England.
There was the London one most recently
which hit the pathology services,
which they are still recovering from
because my mum was affected by this
and having a number of appointments canceled.
Wait, your mum is Geoff's neighbor?
Yeah.
It's...
It's...
It's...
It's...
Not after what he said last time.
She's had him evicted.
But the problem here is...
Well, there's two things here.
One, cyber criminals going after hospitals, I think, is...
Well, obviously they're criminals.
They kind of don't have the most highest of morals to begin with,
but constantly going after the NHS is just, you know, crippling a country. It gets to the point
where criminal activity is verging on actual hostile acts against a country, potentially.
But perhaps the real rant here is, is NHS you've really got to up your
game here. You've really got to pull this together because yeah you're being
kicked while you're down but three times I mean you know getting it wrong once
it happens you know these everybody's affected by it. Twice is unlucky three
times just feels like it's poor practice
being carried out. Of course it doesn't help when, wasn't there a CISO position for the NHS
published and it was paying something like 80 grand, which I know is a reasonable salary across
the board, but you're not going to get the top draw. For the size of the responsibility you've
got going on there. Exactly. We're not saying 80 grand is top drawer... For the size of the responsibility you've got going on there.
Exactly. We're not saying 80 grand is not a lot of money but for that responsibility.
You're not going to get top drawer applicants, let me put it that way, because the top drawer
applicants aren't even looking at that. And that's not even going to wage inflation or
that sort of thing, but the factor remains. They've probably filled the position. I'm sure they're a very good fit etc
But you're excluding a vast number of extremely talented people who could who?
Can try experience as well to address with the experience?
Yeah, yeah, I mean you might get lucky with obviously people
who are, you know, doing it for the lols.
You know, people that don't need them,
who aren't doing it for the money, you know,
but it is a very small pool of people
that you would be choosing.
Yeah, precisely.
But yeah, I think, you know, three times in,
in what, less than a year?
That's, well, about six months, isn't it? Six or seven months. Yeah. You know what they should say though that's what about six months isn't it
six or seven months yeah you know what they should say though that you know
they're saying it's like you know fool me once shame on you fool me twice shame
on you again because you know I'm easily fooled yeah it's that kind of thing with
the NHS right yeah exactly once please stop as a as a see-saw Tom or at least for up until today you
you should know that things don't change that drastically in a year and I don't
know that quickly no that quickly so you know the fact that you know they've been
hit three times within a year if it was three times over the course of five
years I think that would be kind of more telling in a way. That's fair
But that's fair, but it has been ongoing
Right. I mean, I think the NHS has been in the in the spotlight and the crosshairs pretty much since WannaCry
Yeah, you know and it's been a constant constant
Push so, you know three times in six months and probably what, 20 times in the last 10 years?
That they know of.
That they know of, exactly.
So it's a valid point, Jav,
but I think it's already been proven
that there are challenges here.
I mean, hence why they pushed the boat out
and raised the salary expectations of up to 85 grand.
Yeah, yeah, yeah.
That's right. Yeah.. So yeah, really. And it's troubling because I think
one of the challenges here is that everybody, certainly, and all of our UK listeners,
have got a real soft spot for the NHS. It's a source of national pride and all that sort of thing. And to see a national
treasure sort of going down the pan like this is not good. It's like seeing Dame Judy Dench
on a drug and alcohol-fuelled bender throwing fish and chips at a double decker bus on the on the edge of a road, you know, a bank holiday weekend on a bank holiday weekend. Yeah, exactly. It's like we love Dame Judy Dench,
but it's we're just really rather disappointed in in her behavior here. Obviously, friend of the
show Dame Judy Dench, obviously. So yeah, you know, we they just got to do better really.
It's something's got to happen.
What is it the government's always like to say?
A root and branch review or whatever,
which I never really understood.
What are they doing with trees?
Surely they need to look at the business, not at the life.
It's where it's all going wrong for them.
Yeah, exactly.
Not at the decorations, right?
Not at the properties.
I hear your frustrations tom
i just don't agree it's a rant it's just the way things are oh that's why it's a rant
all right that was this week's rant of the week
Rant of the week.
People who prefer other security podcasts are statistically more likely to eject USB devices safely.
For those who live life dangerously, you're in good company with the award winning host unknown podcast.
And now for more misguided views on just the way things are. I mean, we could just change all of our articles, you know, all of the titles of our things
of, this is Jav's, the way things are.
This is Andy's, the way things are.
This is the equivalent of writing your English essay and then ending with, and then I woke
up and it was all a dream
All right, so Japan a nation known for
electronics and overpopulation Japanese people Japanese people and the Japanese language and Tokyo and Nintendo and Nintendo and very good cars. So their National Consumer Affairs Center gave a suggestion to citizens to start digital
end of life planning.
And this actually is a really good thing because people need to plan end of life because I've
heard from several people.
We've been a few talks.
So Wendy Nath, she gave a talk at B-Sides London one year.
Oh, that was a few years ago.
That was a dark year.
That was an incredibly depressing opening talk for the day.
But there were like two or three talks that day
which were really depressing as I recall.
Yeah, and actually if you plot out mental health
in the industry after that point in time,
I'm not saying correlation and causation,
but... But she spoke about how I think when her mother passed away, there was no way in
which she could access some of his bank accounts and stuff, all his state. So she basically had to pretend to be him in some instances or what have you. And like how, you know, and actually
Kyle Bopp, he'd done another talk, similar talk about when one of his parents passed
away about all the hoops he had to jump through and like how it's a good thing to do.
Was his dad at a circus? Kyle Bopp aka Nightwing aka Robin. Sorry,
oh my god this is so bad honestly you're such a bad influence Tom. It's like this is serious
stuff I'm trying to talk about here. Just wonder why he's jumping through a lot of hoops.
Okay Drax, so Japan's National Consumer Affairs Center gave some tips and one of the tips
they said was put your usernames and passwords in your will.
What?
That's actually a good idea man.
I'm actually on board with this.
So they're saying ensuring your family members can unlock your smartphone or computer in
case of emergency.
What about MFA?
Well you know maybe, you know if you going to lock the phone if you're using an
authenticator app you should be able to get into that as well. And there's absolutely no correlation
between this new recommendation and my new job as an estate planner in Japan. Or an office cleaner in Japan specializing in the legal industry.
So ensuring your family can unlock your phone, maintain a list of your subscriptions, user
IDs and passwords and consider putting those details in a document intended to be
made available when your life ends.
And it says use a service that allows you to designate someone to have access to your
smartphone and other accounts once your time on earth ends.
You know what, I try to be very normal with my usage and safe and everything, but I'll be damned if even after my death
I allow anyone to get their hands on my digital
Digital stuff, I don't care if my kids and wife go penniless and they lose access to the house
That is a risk worth taste
taking
Then actually giving them access to this guy's in your browser history. Yeah. Yeah. Yeah.
Yeah. I think all three of us will agree on that matter.
But before this, before the show,
we were talking about legacy contacts
and how you can create a legacy contact
for your Apple account and I think Google as well.
Didn't you say, Andy, That Google have got a good thing.
I mean, it's not new, they've had this for years.
Inactive account manager.
So you can basically email a pre-recorded,
a pre-written email to.
If you are reading this email, I am dead.
Exactly that, exactly that.
The only issue is you have to have not access
to your account for about three months.
So it's quite a long time. So it's gonna gonna be like it's properly from beyond the grave rather than yeah, probably something a bit more timely
That's right, but yeah, I get notification every sort of six months or so
What you are seeing in my browser history is the man I used to be
Three months ago. I am not that man anymore. How have you read my message?
And why am I talking like this from beyond the grave?
My computer was hacked once and I think hackers have put these very specific websites and
login IDs on my account and they used AI to make it look that I was involved in that activity.
You know, do you remember that book Bravo 2-0 about the SAS in Iraq? Never read it but I was
very familiar with it. Yeah, yeah, the whole story. They were talking about the preparations
they were making and all that sort of stuff and one of the key sort of preparations they make
is that they allocate someone from the regiment
who's not in the,
who's not in the,
on the operation that they're on,
that if they don't come back,
that person has access to all of their stuff
before the family.
And the reason given was because they didn't want their family knowing that actually they were into some kind of
weird bondage porn or something like that, which was...
And I thought that was quite pragmatic really.
You don't want a war hero coming back and then just picturing them in a you know a full leather mask and stuff
finding the pictures of them and all finding the pictures of them yeah precisely you know so i think
there is a there is a practical element to this yeah or you could just not not not lead double
lives and have secrets i suppose is the well that's that's my approach now
lives and have secrets I suppose is the... Well that's my approach now.
Andy is not agreeing. Okay anyway I just thought it was a very... I thought it's a very important topic that needs to be discussed. It is. And planned for. But this is not how you do it.
Maybe not. No this is dreadful.
This is made up by that stereotypical view
of like a 75-year-old Japanese manager
in an office somewhere going, I've got a good idea.
Let's make this happen.
And everybody agreeing with him
because you're not allowed to disagree with the boss.
Yeah, yeah.
I genuinely think this is a good idea.
There are better ways of doing it
than writing it down into a will,
which in almost all certainty is gonna be
in printed manner and stored in literally
someone's filing cabinet in a regular office.
You know the wills these days are stored electronically.
They don't have to be stored. So my will, one is like in a mountain somewhere but there's an electronic
copy. Is it an iron mountain? Something like that, yeah. Cost me like 40 quid a year. 40
quid a year? The bloody subscription model has gone mad. You can just look Andy. Sass
my wheel is now sass. Give me a copy, I'll only charge you 20 quid a year.
Exactly.
I've got plenty of storage space here.
Yeah, but then I won't get a direct debit every year from Simply Legal and Ass.
That's literally what it says when it comes out every year.
Simply Legal and Ass.
I'm pretty sure Javavan ass can get a supply.
Speaking of which Tom, I need to speak to you about a deposit that you left in my account.
Oh yeah.
Agitate prostate or something. Agitated prostrate limited or something.
Thank you very much that yeah it was it was
agit digi8 prost digi8 was yeah thanks for that okay Andy I just looked it up Oh my god! It's not barely, it is simply.
I think we might have gone a little bit off topic here.
Yes, yes. Bring us back Tom, with the jingle.
Yeah, that was this week's... Billy Big Balls of the Week.
If good security content were bottled like ketchup, this podcast would be the watery
juice which comes out when you don't shake properly.
In a niche of our own, you're listening to the award-winning Host Unknown podcast.
All right, let's squeeze the bottle for another time this week and find out what time it is, Andy.
It is that time of the show where we head over to our new sources over at the InfoSec PA Newswire
who have been very busy bringing us the latest and greatest security news from
around the globe.
Industry News. ICO urges more data sharing to tackle fraud epidemic.
Industry News. Over a third of firms struggling with shadow AI.
Industry News Darknet services fuel holiday scams and
e-commerce exploits.
Industry News NHS Trust declares major incident for cyber
security reasons.
Industry News Nuclear Decommissioning Authority opens
Sellafield Cyber Center
INDUSTRY NEWS
New EU Commission to unveil Healthcare Cyber Security Plan in first 100 days
INDUSTRY NEWS
T-Mobile claims Salt Typhoon did not access customer data
INDUSTRY NEWS
Albanian drug smugglers busted
after cops decrypted comms.
INDUSTRIE NEWS
UK justice system failing.
Cyber crime victims.
Cyber helpline finds.
INDUSTRIE NEWS
And that was this week's
INDUSTRIE NEWS
INDUSTRIE NEWS
Huge if true. Huge if true. industry news
huge if true
huge if true
that's um salt typhoon the famous son of lord and lady typhoon
ah i wonder where they were i thought it was a wrestler
duchy of gloucester
interesting
see the nhs trust declares major incident for cyber security reasons.
Again? Again? What?
So do you know what? I was trying to do a delay repay because I've had some terrible trouble with trains this week.
Do you remember when TfL had that cyber security incident?
Yeah, yeah, yeah. They're still dead.
The systems say you cannot access this information due to an ongoing cyber incident.
Like it's a pain in the backside.
It's been months.
Do you know what it is?
I've had to put some expenses in for travel, you know, and you use either tap and go or
whatever.
Well exactly, that's the stuff I can't get everything done.
To make it cheaper, because it makes it significantly cheaper rather than buying a day ticket or
whatever, and you can't get your receipts.
Yeah. So I've literally been printing off bank statements from my phone, you know.
But if that for no other reason they need to sort it out.
Yeah because Tom's struggling to claim, claim. Six pound fifty. Yeah. Yeah. Well we know what
you're like with your expenses.
Well, so this isn't so much the expense.
This is more just on principle that my train has either been canceled or delayed
every day I've been in London for the last two weeks.
Yeah.
Not acceptable.
Not having it.
It's bang out of order.
Gov.
Bang out of order.
I like this story about the UK justice system failing cybercrime victims.
And they say like 98...
So they're seven times less likely to see perpetrators charged or summoned compared to victims of offline crime. And additionally 98% of cyber enabled crimes result in no further action from the police
or justice system.
And I think, well, have you looked at non-cyber crimes these days?
People's phones getting stolen, shoplifting in stores at all time high.
The police don't do anything so you know just cool I mean
yes I am like my sympathies obviously with any victims of any crime but you
know I if I were to start anywhere I would start with let's get policing
sorted out first stop people stop kids getting shot in in crossfire stop people
getting stabbed so much stop people's phones getting nicked. I mean... So I didn't realise how bad London is for phone snatching.
It's the highest in Europe now. Is it really? Yeah, it is. Higher than Spain and Barcelona.
The highest in Europe. Wow. Yeah. I mean, the other thing as well is, Jav, to your point,
have people just tried not being victims of crime? Well, that's what you were saying about the NHS earlier, isn't it?
I mean, three times in one year. Clearly, give them karate lessons so they can
defend themselves.
That's an interesting parallel, I have to say.
What else have we got here? Sorry, go on.
No I was just saying that you've probably seen that. I don't know whether Apple have
done it but Android recently with one of their updates they had a phone snatched, a decommissioned
sort of. It's like if it detects that your phone's been snatched and accelerated off
in its...
It asks for extra authentication.
Yeah, it sort of and then it locks it down.
So even if they've taken it offline or what have you,
yeah, they sort of lock it down.
But who's stealing Android phones
when they want to go after Apple phones, to be honest?
The real sale value on them isn't as much.
And also, if it's doing something like,
you know, it's suddenly changing speed what
happens if you're if you run and jump onto a train and then suddenly you're
accelerating off is that mean you're you know that's got to be a very fast
notice Jeremy trying yeah don't take off yeah we're not in Japan these are the
bullet trains yeah but no a moped is not exactly 0-60 in 4 seconds.
I think it looks like the gyroscope and it looks at the angle of the phone and how it's
moved and what have you and then the functions that people go into.
There's a few things there.
So it's not just like one thing.
The invention of the accelerometer is incredible for the things that they've been able to make
it do. It is, it is indeed.
Well, you know, when they're even using it in substitution of the microphone
to actually listen into conv... I mean, holy moly.
Vibrations.
Yeah.
So I know years ago, I was speaking to this MDM type provider or a mobile phone thing, and they provided software for police officers in America.
Yeah.
I think they got acquired or whatever you afterwards,
but I don't know what happened.
But they also had it where it could detect if the officer
suddenly went face flat or basically fell down.
And if there's then no radio contact
for a certain period of time, it would automatically then send coordinates, say like officers potentially
being shot or they've fallen down or what have you, they've been hit unconscious. So
here's a location, send someone here.
It's basically what old people have had for decades.
So you've had it for decades and you haven't told us about this? You know you wear
it around your neck and then you press the button and there's help I've fallen and I can't get up.
You know. That is life alert or something? Yeah life alert. Yeah yeah now they're built into like
apple watches and stuff like that. Oh like full detected. Yeah. How many times have you pressed
the button to say help I can't get up? Well the problem is I was falling land on my arms so... And then you're
like hey I can't feel my hand. Yeah. Don't worry cancel the ambulance I need a... I need an hour.
I'm sorry, I've just got that. I've just got that. And sorry, an hour. All right, okay. Well, keep coming. Just don't put on the blues.
I think that is our cue to move swiftly on, shall we?
That was this week's industry news.
In Springfield, they're eating the dogs.
Sorry.
Sorry.
That was, you know, that's just in recognition of the US's President-elect.
The host unknown podcast, orally delivering the warm and fuzzy feeling you get when you
pee yourself.
Right Andy, why don't you take us home please with this week's Tweet of the Week.
And we always play that one twice. Tweet of the week.
And this week's Tweet of the week comes from Matt Potter. This is actually from Blue Sky.
And Blue Sky is actually, well, it's actually a quote, what do you say, quote tweeting,
a screenshot from Mastodon. Things are getting messy. Yeah, the blue sky is quoting, tweeting something
from Mastodon. This is more confusing than Tom's, like, you know, romantic life. So essentially,
he's highlighted something which I actually thought was funny. Todd Beardley from Mastodon
Todd Beardley from Mastodon and he just says I'm not pirating movies I'm just training my model which is a fantastic defense. But it's made even
better by the position that Tom Beardley holds. Well and this is what Matt Potter's
highlighting is that Todd Beardley of the US government Cybersecurity and
Infrastructure Security Agency or CESA
to the rest of us, bringing the fire on AI training using copyrighted material.
I'm not pirating movies, I'm just training my model.
Very good.
And that shall be my defense going forward as well.
Are people still getting done for pirating movies?
Well Joe, I think they're going after the illegal streams these days.
Yeah.
So I've seen a lot of the sports providers who sort of,
so the UK's got this stupid law
where you're not allowed to broadcast football games
between 2.45 p.m. and 5.15 p.m. on a Saturday.
Really?
Yes, it's a long-standing law
that came in very many, many moons ago.
And the original intent was to ensure that people didn't stop going to local clubs.
Oh, I see. Just to watch the Premier League and that sort
of stuff, which is why 3pm kickoffs are never shown on UK TV on a Saturday. Hence, there's
such a huge market for illegal streams because Sky only show games.
You know you'll notice that the kickoff times on TV are like 12.30 on a Saturday
and then 5.30 on a Saturday. Every time I've looked up kickoff times of football
matches that's exactly what I think. And then it's Sunday, it's always Super Sunday, that's
where the big games are because they can't show them at 3 o'clock on a Saturday and something new every day
Honestly that that is truly insightful
Interesting so 245 p.m. Oh, it might be 445 p.m. Yeah, so 245 or 515
Yeah, but yeah, you won't see games on UK TV broadcast, which is why you know, I watch a lot of Arabic TV
star Sports Asia on a weekend to get my analysis in Thai. So you're saying that if the UK just allowed Sky to broadcast films, football matches
on a Saturday afternoon, that would get rid of the streaming. People are paying pirates
for this service. I have Sky, I've got BT Sports, whatever it's called now after the
wee brand, TNT Sports, I've got all the sports channels but I still can't watch the games
that I want to watch. This is the Cobra effect almost isn't it?
Did consequence it is?
so this is really really interesting because it like
It might I mean sports is I think I mean
I don't know but I assume it forms a large portion of the illegal streaming because that's what people are really interested
in getting on the day and everything. And all the other streaming services, they do
a really good job of movies and shows anyway. Providing content generally speaking. And
for a good price as well compared to the sports channels. So this is really interesting about
that how maybe you just addressing the wrong problem going after
like illegal pirating and this at the other when actually the whole thing could be fixed simply
by just saying Sky Sports go on broadcast or BT Sports whoever it is here's the rights broadcast
it on a Saturday and you can see everything or repeal the law and this is actually part of the
other problem is that now you've got be sky sports then you got BT sports
Yeah, now Amazon invented the game. Yeah, so they've got games on there and discovery
And now it's getting to the point where you know what not paying everyone to watch certain party
Yeah, you're breaking up the piece of the but it's just gone ridiculous
Yeah, therefore it's and then even the clubs have their own channels as well isn't it they are but again they can't show games live during that time either
it's but but okay but putting that aside the good news about some streaming
services Netflix is not going to be charging extra and from next year in the
UK we can watch Monday Night Raw and Smackdown for free as part of our existing subscription.
Fantastic. Fantastic. And it also includes I think WrestleMania and like the big pay-per-views as well.
Does it really? I think so. I think that's what I read. No way. No way.
Moving on. Bloody hell.
I was starting to lose it a little bit there. I was bad enough with football, but when you get on to wrestling, come on.
Anyway, we come to the end of the show. Thank you so much, gentlemen. I can see you both now multitasking, so it's obviously time to move on and finish the show. Jav, thank you for your wisdom, charm, charisma and just general
being here and being lovely. You're welcome. So additionally, Netflix will be bringing
WWE electrifying content. Stay secure, my friends. Stay secure.
You've been listening to the host unknown podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
r slash smashing security.
Beginning in January, you can see all the WWU flagship shows.
Additionally, you can see all the all the stuff like Smackdown, NXT and events such as WrestleMania, Royal Rumble and SummerSlam.
So they charge like 20 quid or 25 up to 30 quid for those events on their own. Yeah. That's like three months of Netflix. Yes! Honestly just watch three paper views and you've paid for your
years supply of Netflix. It's literally paid for itself. It has, it has. You're literally making money.
Boy math. Yeah, boy logic.