The Host Unknown Podcast - Episode 25 - The Week of Weak Content
Episode Date: October 2, 2020It has been a quiet week, but Host Unknown still provides the goods. Admittedly the goods have come from Lidl.This Week in Infosec25th September 2003: A report critical of Microsoft, "CyberInsecurity ...- The Cost of Monopoly", was published. As a result, Dan Geer, one of seven co-authors of the report, was fired by @stake. https://cryptome.org/cyberinsecurity.htm#Fired30th Sept 2009: "Schneier on Security" was published. It consisted of a compilation of articles Bruce Schneier wrote between 2002 and 2008. Billy Big Balls Tweet of the Weekhttps://twitter.com/J4vv4D/status/1311682834738929665?s=20Industry NewsIvanti Adds VPN and MDM Technolgies in Double AcquisitionResearch: Cloud Skills and Solutions Are in Short SupplyUK Receives 2020 European CYBERSEC Award#DTXNOW: Time to Remove Security from ITTechnical and Cost Concerns of Passwordless Authentication Bother Security Leaders Rant of the Weekhttps://twitter.com/hacks4pancakes/status/1311295830838710273?s=20https://collider.com/hackers-movie-sequel-reboot-details/ Monkey Business Illusion / Invisible Gorilla:https://youtu.be/IGQmdoK_ZfYhttps://www.itsecurityguru.org/2020/09/23/the-invisible-risk/Drinking quotes: https://imgur.com/gallery/i0Wt7 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
Okay. Hello, hello, hello. Good morning, good evening, good afternoon, wherever you are.
I hope you're doing well. Welcome to the Host Unknown podcast. I'm Javad Malik and alongside
me is Andy Agnes. How are you doing, mate? Not too bad. How are you doing?
Yeah, very good. Very good. I feel like we're a bit light today. I'm feeling...
I don't know whether we've been working out,
we dropped some fat.
What is it?
It's like a collective feeling.
It's definitely a lot of fat we dropped.
We definitely dropped a lot of fat.
Now, the real question is, do you know how to play the intro jingle?
Yes.
Hold on a second.
Check this out.
Check this out.
You're listening to the host unknown podcast
hello good morning good afternoon good evening that's what he usually says isn't it
yeah something like that god knows that was a tough job to replace
i see uh you still have your phone on regardless of um it's not it's not it's the uh
it's tom's ipad which plays the jingles that he has neglected to mute so um his son sending him
text messages dad come and get me dad where are you old and i could have some fun with i'm not your real dad oh he's old enough now to know anyway isn't it yeah yeah yeah he shouldn't do it by text message
actually anything yeah i suppose it's a bit harsh but so should we explain where are you today jeff
i am in tom's flat uh i drove all the way up to Chippenham in the rain.
And yes, it's...
Oh my God, he's getting news updates.
How do I turn...
I don't want to turn the volume down because I might screw up the soundboard.
So he's going to have like a little switch on the top.
Well, actually, knowing Tom, it's the new Prime, isn't it?
So it'll be on the top.
Yeah, it is.
It'll be a hard switch.
So anyway, I drove up to see Tom today and I'm in his place and we all got set up and he went off to get a cup of tea and he's been gone for like, we waited all of 30 seconds for him before we could see it recorded.
It was tough.
So Tom's flat.
Tell us about it.
Obviously, I couldn't make it.
We're doing this off-site disaster recovery thing,
so all three of us can't be in the same location.
There's a storm coming, and should the worst happen,
we can't afford for all three of us to go down.
That's right.
That's right.
So imagine a man pad. But when you're young and you have your own bedroom, you don't have money.
But imagine if you're like old and you've got money and you have your own man pad and you have access to Amazon and Ikea.
This is like a Tony Stark wet dream that he's living in.
Just not as fluid, right?
It's going to be more funky.
Yeah, everything's like cobbled together and connected.
So everything's wireless.
There's no manual switches or anything anywhere.
Everything's either voice activated or gestures or something like that.
And he was showing me earlier
and he was like,
oh, you know how I close the blinds?
And he yelled out,
Siri, close the bedroom blinds.
And at first it didn't recognize him.
Then he had to say it again
nearer to the speaker.
And he had to get out of bed,
stand next to the blinds and shout it.
Honestly, it was hilarious.
But it's like one of those Rube Goldberg machines where, you know,
you set off a marble in motion and it clicks around and it sets fire to something
and cracks an egg.
And in the end, it just turns the page on your book.
But he does have fun doing it, doesn't he?
I know I've been fascinated by this mirror that he's been working on,
this magic mirror that he gives us an update.
And it turns out it's not even in that house.
It's in his other house.
Yeah.
I know. I know.
I know.
Do you want lunch, Jav?
Because the way you're going, you're going to be wearing it.
I don't know.
You started without me as well.
No, no, no.
Ladies and gentlemen, this is why Tom is single.
Do you hear the aggression in that voice there?
So controlling.
So controlling.
Damn.
Gaslighting jab.
Gaslighting jab.
You know what, Tom?
A mate of mine, he's set up a dating site,
and maybe you should look at it.
I can get you an introductory to it.
He set it up in Prague, but it's online and it's called
Checkmate.
Sorry, I think what
you mean is...
Dear me!
Damn it! I thought
being in person next to you, you'd actually laugh
at it, but...
Well, after all the stuff I've just heard from
the kitchen, while i'm making
you a lovely chai tea latte thank you this is this is my third of the day so far it's only like 11 in
the morning i'll be bouncing at the wall soon please tell me you did the intro music we did
so it's all proper we're all started are we no it's not amateur hour down here tom don't worry
about that are you sure about Are you sure about that?
Are you sure about that? Anyway, hello, good morning, good afternoon, good evening,
ladies and gentlemen, from wherever you are.
We've done that already.
Oh, for goodness sake.
So all you've done is say that and then rip on my beautiful apartment.
Pretty much, yeah.
I said it's like Tony Stark's wet dream come true.
No, you didn't. You said it's like a teenager's bedroom,
but someone who has money and access to Ikea and Amazon.
I heard you.
Oh, dear.
I don't know.
I feel attacked.
By the way, your son was texting.
He said, say hi to Jab for me.
And I replied saying, I'm not your real dad.
What?
I saw it come through on him.
No, that's someone else.
Was it?
Isn't that your son?
Oh, okay.
Son number two.
What have you said?
Oh, no, thank you. Son number two from wife number three.
You could be the future ex-Mrs. Langford.
Oh, dear. You could be the future ex-Mrs Langford Oh dear Well, actually, since I have no idea
where we are in the running order or anything
since...
We were just saying hello, that's all
You callously started while I was
making libations
for us both
This and money
It should have been for both of you
but Andy, you failed to attend i did
we've already been through this is uh deliberate um off-site strategy um plus i feel like i've got
the rona so i don't want to spread it to you guys oh that's fair good good that's fair thank you
yeah very very kind of you i'll be using that for the next couple of months when i want to get out of something so shall we move on to the first um first section sure yeah and and actually we did
ask the audience to come in with some jingles for us and we got one this week in infosec in InfoSec.
I think we maybe forgot to pay the last 50 pence
because I kind of ran out at the end.
But I like that.
I like that.
It's got a...
It's just really catchy music.
Yeah.
It's like I recognise it.
You know, it's one of those memories
that you just have
as if it's always in your head. Yeah. Yeah, that's like I recognise it. You know, it's one of those memories that you just have as if it's always in your head.
Yeah, yeah, that's right.
It's like, you know, when you go to an InfoSec conference
and you see an old, bald white man and you think,
he looks familiar.
Yes.
And you can't quite put your finger on it.
It's like that.
Well, this isn't going according to the script.
Share your screen with me. I going according to the script. Wait, share your screen with me.
I can't see the script.
I thought we were supposed to say something about vinyl as well.
But, you know, it's old school, like vinyl.
Almost like a vinyl memory, right?
Andy, go on.
Let's hear your Today in InfoSec.
Let's hear this one again.
You can go straight after the jingle.
How's that?
Okay.
This week in InfoSec.
So we have from 25th of September, 2003.
So 17 years ago, a report critical of Microsoft, the report was called Cyber Insecurity, the Cost of Monopoly, was published.
And as a result, Dan Gere, one of seven co-authors of the report, was fired by AtStake.
ex-CTO for AtStake and he said he was forced out after co-authoring a critical report about Microsoft who was an AtStake client at the time and this whole report was about you know the
monopoly and how you know so many governments use them it was just a bad thing to do you know
looking at the arguing that you know um, you know, the, the
complexity and dominance of Microsoft OS, uh, made the government prone to cyber attack, which, uh,
should have been considered a national security threat. Um, so I guess these days we look at that
and think, uh, well, you know, you've got to be critical of things, but back then it wasn't the
dumb thing. Uh, and obviously respected security company like at stake, um, you know, you've got to be critical of things. But back then it wasn't the dumb thing. And obviously a respected security company like AtStake, you know,
to axe one of their own.
Well, maybe also they weren't aware that he was writing this.
But, I mean, certainly even by Microsoft's own admission,
the security was not top of the agenda at that point, was it?
No.
And in fairness to them, they did a complete 180 on it
and made it a priority.
Yeah, but it's funny to see how things used to be.
Some of the kids today, 17 years old,
probably don't even remember these good old days of at stake,
loft-heavy industries and the like.
But always good to take a trip down memory lane.
It is, indeed.
You got another one for us?
We do.
So this is a much shorter one, so we'll just whiz through this one.
30th of September 2009, so mere 11 years ago this was,
a book called Schneier on Security was published.
It was security.
Yeah.
It was literally just a compilation of articles
which bruce schneier wrote between 2002 and 2008 um and the funny thing on the front cover of this
book it had a quote saying the closest thing security has to a rock star. Oh, please. Yeah. So this has given me a great idea.
You're just going to publish all your old blog posts, right?
This is from El Reg as well.
It was.
Well, El Reg was not the beast back then.
Anyway, no, here's a great idea for us.
We find someone on Fiverr.
Andy knows loads of people on there.
We say, here are all of our podcasts.
Transcribe them.
Put them into a book.
Hosts Unknown on security.
Yeah, that's right.
It could be quite a dull book, I think.
Who cares?
We will be published.
Well, we will be the second closest thing to security rock stars then,
according to El Reg. We'll be the new boy band rock stars oh dear yeah i must admit um i know schneider was
was talked about as a rock star a number of times but it's never something that i've really seen
before or i've felt was true because i just think um well, if you've ever seen him talk,
if you've ever met him, he's the furthest thing from a rock star
apart from his haircut.
He's a miserable old git.
But he never used to be.
So I actually met him a long time ago at DEF CON in like 2000.
Was it 2000 or 2001?
One of those two.
But he was signing copies of his secrets and lies book
which you know he was like quite down to earth he seemed really um sort of uh amiable and you know
good laugh but um yeah over the years he kind of started to get a bit grumpier and then um
you know there's some articles i've seen where i just think man you know the man's lost the plot
but yeah can't take away uh you know, the man's lost the plot.
Can't take away, you know, what he has contributed to the industry.
No, certainly not.
But, Bruce, if you are listening, we know you're a friend of the show,
but please come on and prove us wrong or come on and be, you know,
a big massive curmudgeon and prove us right, one or the other.
Don't mind.
Come and tell us a few gags or come and tell us that we're we're you know we're
uh incompetence because we keep on bashing the microphone and tapping the table and and starting
the podcast without muting the ipad which controls the sounds in case you just heard jfc so no i
didn't know i i asked andy of course you didn't know because you didn't you're not supposed to
do this because one of us is in charge here this is almost turned into a rant of the week but um but yeah come on and show us to be
or show two of us to be the frauds that they are that think they know how to run a podcast after
watching somebody you know struggle for 25 episodes um but there you go that was uh
go that was uh this week in infosur you know i really like those jingles so much i think we could get we should get all of our jingles recommissioned by this same uh contributor yeah i don't know so
not a bad idea we should we could actually pay them proper money as well
oh dear well you know who you are, Mr. Fan of the Show,
who I absolutely didn't pay to get these done.
But, yeah, I do like those new jingles.
I think we could do more of those, don't you?
Yes, Tom.
Good.
Glad to hear it.
So, right.
Let's move on to the next section. Well, well in fact let's talk about what we've got
coming up after our infosec of the week shouldn't you've done that in the beginning um i thought
you'd done it you said you'd cut done it all but anyway we got the tweet of the week bully big
balls rant of the week and will we have a little people today i think not you know i i did i have
been i've got a couple of people, but one particular group,
I was like, please can you do Little People?
And they said they're working on it and they haven't got it.
But Security Queens, please get us your Little People.
I'm talking to you, Morgan and Sophia and the Andy of the group.
Matt, Luke and Ken.
Craig.
Ken!
Well, I thought it'd be really good because I said to him,
you're like the younger female version of Host Unknown.
Oh, Christ, poor them.
Yeah, I know.
And I think they never answered me after that.
They're younger than us and already washed up.
Yeah.
I've offended them bitterly.
All right, let's go off topic here.
Let's do Billy, not off topic, off the running order.
Let's go and start with this week's
Billy Big Balls of the Week.
And that's over to me.
So, the world's richest man?
I think so.
Not far off.
No.
Tom would be if he stopped buying stuff for his apartment but you can't stop buying stuff
and he's got like 40 amazon boxes in his hallway what are you talking about yeah handy why do you
have 40 amazon boxes in your hallway i just i just haven't got around to opening them that's all
then why did you order it because i need them but obviously not because you haven't opened them i mean last week you said
you had 40 boxes i think the week before you said you had 40 boxes well i didn't say i needed them
now i just said i needed them but but then it's amazon you get it next day why why why not order
it when you actually actually need so i've got things like uh like bulb light bulbs so you know
last time i changed
a light bulb at the weekend i checked oh i'm down to the last one i better order you know another
okay so what have you got 39 boxes of amazon stuff that you don't need right now search my
orders yeah tell us what's in there sorry we're off topic but actually yeah i wouldn't be surprised
if he's got a flat pack coffin in there somewhere.
Why?
I need one, just not right now.
Yeah, that's right.
And actually, this is relevant to Jeff Bezos, in fairness.
It is, yeah.
Delivered to so light bulbs.
Obviously, these ones are golf ball 42 watts.
They'll be for the living room.
Yeah, they're light bulbs.
We're not interested in the specifics
I'm just looking at
the other one
I can't tell what
it is from the
picture
so home
refrigerator
fridge
freezer
door lock
latch
catch
toddler
kids
child
cabinet locks
well you obviously
don't need that
because you haven't
opened it and put it
on
in any way
I assume that's
because your diet
starts tomorrow
yeah it's actually
to stop the little
one from getting
into the snack cupboard
because there's a couple of kilos of Haribo in there.
There's no way to talk about your missus.
I got some additional bulbs.
These are 40-watt non-dimmable.
So these are from my office, these ones.
We understand the bulb side of things.
There's like different sets of bulbs.
So I was on a bit of a mischief.
No, really?
I realised I was short.
So then we got like the travel dog guard.
So that's for the...
A dog guard?
Yeah, for the cast.
Wow, that's brilliant.
Yeah.
And then, you know, so the dog can't jump over the back seat.
So power strips, net curtain hooks.
So actually...
Curtain rod, LED light strips, power strip tower surge protector.
So, so hang on. So a curtain rod.
So you've obviously got curtains that are not up at the moment. Correct.
So you don't mind parading rounds naked at night so that everybody can see.
Absolutely zero shame. He doesn't mind.
Yeah, exactly. Exactly. And a power strip.
Obviously you bought that because you thought, Hmm,
this looks dangerous like this. Maybe I need an anti-surge power strip, but actually that because you thought hmm this looks dangerous
like this maybe i need an anti-surge power strip but actually you're fine leaving it be dangerous
because oh no no it's not dangerous no i currently have a surge power strip this is just a different
one this one looks better oh my god you take the mickey out of me for having a nice looking place
but these are all cheap things, you know.
Next week, we should go down to Andy's place, help him unbox his stuff.
Yeah, that's right.
What next?
Have you got, like, nice-smelling bin liners or something?
I do.
What?
100% recycled scented bin liners, heavy-duty, 30 litres.
So these are for dog uh like dog bags yeah when i come back from uh taking the dog for a walk if he's done his business yeah oh my god i got a
mallet as well a mallet mallet you got a rubber mallet yes well you could have invited me round any time. Why? He's got a rubber version.
It's easy, clean and wipe-free.
That's to help with a...
I've got some little mini fences to put down in the back garden.
Have you got the mini fences?
I do, but I did unbox those.
Are they in boxes?
No, I unboxed those then realised,
you know what, I'm going to need a mallet to put these in.
No, you don't need a mallet to put these in no you don't need
a mallet we know exactly how capable you are what you need to do is hire someone from next door
to come around and like fix that mini fence then how long have you had the mallet in the box yeah
you know sorry let's getiver 23rd of September.
Well over a week.
Oh, my God.
All right.
So now there is absolutely no – we've got absolute clarity, I should say, on why Jeff Bezos is the richest man in the world.
Yes, exactly.
It's people like Andy.
Yeah, who buy stuff they don't need yet anyway
but but you know this this might be a good strategy because we know andy can't do any
diy but he'll call a builder and say give me a quote on putting up that mini fence and he'll
say something like 200 quid and he goes 150 and i'll let you use my mallet yeah my brand new
do you know why i actually purchased that stuff?
It's because I did get someone to come and quote to put up a dog fence.
And do you know what he wanted to put up a dog fence?
And we're talking about chicken wire around the garden.
£350.
That's what I would have thought, and I would have probably paid that as well.
£1,800.
What?
Yeah.
To put chicken wire, yeah, but how big's your garden?
It's like 500 foot.
No, it's not that big.
We've got hedges both sides, just a little bit.
But yeah, I was annoyed.
I was like, no, not paying that.
It's taking the absolute.
So you thought what you do is just order the fencing
and the mallet yourself and then not do the job.
Yes.
Because it's cheaper.
Well, you know, you've got to percolate on these things.
I'm still planning.
It's a garden job, not a coffee job.
Next week, me and Tom will come round.
We can have a fence building party.
I've already got the fences.
I've got a mallet.
And I've also got cable ties as well, just in case anything starts.
You know, there's a presidential campaign in the US at the moment
where I think your skills could come in handy.
Don't worry, Governor.
I could build that for you.
Oh, dear.
Anyway, shall we go back again to this week's...
Billy Big Balls of the Week.
So you don't need any context for this.
I'll just read out the quote from the tweet that I saw.
And it's hilarious.
It's like, breaking news.
Jeff Bezos nominates himself to the solution
to a problem he's still causing.
Any guesses what that might be, folks?
Yes. He wants to start a school for kids whose families are underpaid by people like Jeff Bezos. And you know what? I saw this
and I laughed and I thought, that's such a Billy Big Balls move. You underpay your staff and then
you come out with this act of philanthropy. I'm building a school for kids that don't read too good.
But then I thought, you know what,
this is kind of like the security industry through and through.
I see where you go with the InfoSec side of things.
Yeah, yeah.
I mean, how many times have we hired in consultants
and they've come in and they've then ordered a product and we've
installed it and then next year we have to hire another consultant to fix the product that the
first consultant so when you say we you're obviously involved in this so you've obviously
worked for you know the royal shallow end of the gene pool of the infosec vendors who do this sort
of thing no i've worked for the largest banks in the world so yes the absolute shallow end of the gene pool exactly yeah hold up we need more clear chlorine for the
shallow end of this gene pool oh dear so so basically this he is the richest man in the
world he could he could solve huge numbers of problems just in his country alone by giving you know like a tenth of his um of his of of his
fortune and what he's doing is actually just continually underpaying and overworking people
to make more money so he can invest in uh schools to help people's kids because they are living in poverty.
Well, probably he's investing in schools because it's a tax write-off,
so he can pay even less tax than he already does.
I was about to say, there's going to be some tax breaks on this, isn't it?
Yeah.
And also there's that quote that people don't give to charity to help others,
they do it to help themselves because it makes them feel better about themselves.
They think it offsets some of the toxicity.
It's like a carbon offsetting scheme.
It is, it is.
And yeah, this is quite common.
You see it amongst wealthy people,
but actually bringing it back.
And as you were talking, Tom,
I think it's easy to make fun of people like this.
But then I think, well, how much do I earn?
And how much more is that than the average London wageon wage and then how i could give 10 of my salary to help people that are um homeless
or but you certainly you will for a start you pay taxes i pay taxes i know i know
doesn't pay taxes i mean he's he is he's got a lot in
common with trump on that efficiency schemes yeah exactly exactly i mean for instance alan sugar
not somebody or sir alan no lord alan now isn't it um not somebody i particularly respect in the business world, but he pays the full PAYE tax amount on his money.
So that's effectively 50% of what he earns goes to the tax, the HMRC.
But yeah, to pay taxes at anything like that at least means you are contributing to the
society in which you live in bezos is not contributing back he is purely pulling money
out um so yeah i i would put this in the rant of the week not the billy big balls myself but you
know what that's so i've actually uh done a quick search on them and it says why do people hate jeff
bezos um and so that there's like a couple of things they do.
Yeah, well, yeah, yeah.
So I just want to get to the, oh, what's it?
So I'm on something called Front Page Live,
and their quote is, reality is our bias.
So first thing, number one,
he cut health benefits for 1,900 Whole foods workers um so amerson brought the grocery
store chain um and then business decided he didn't want to pay for part-time employees health benefits
so he cut them off um the decision was made to better meet the needs of our business and create
a more equitable and efficient scheduling model uh yeah they've got shipped they might have taken time off
to get their illnesses looked at well they shipped expired baby formula which i think yeah it's an
old story that we knew um tried to buy the seattle city council so this was uh one of the seattle
seattle city council members thought that amazon Amazon and other Seattle-based corporations should pay their fair share
of the city's taxes.
Funny that.
Yeah, so Bezos poured $1.5 million into her opponent's campaign
when she was elected, ignored the fire in the Amazon,
threw pennies at the Australian wildfires.
So this is...
Okay, so he donated $690,000
to the Australia firefighter fine,
but they're not happy with that
because at the time it was worth $145 billion
and Metallica donated $750,000.
Elton John gave $1 million.
Okay. He's definitely richer than Elton John. He's definitely richer,000. Elton John gave a million dollars. Okay.
He's definitely richer than Elton John.
He's definitely richer, yeah.
This one I'm not sure.
He let employees pay taxes to him.
That's a very long, I don't know how to do it.
Also, didn't he set up this fund to try and,
he set up a fund that people could contribute to
to help pay his furloughed workers.
Quite possibly.
So it requires 60-hour work weeks.
He contributed something to it, but basically said,
you know, Amazon workers are in trouble.
Give us your money so we can pay them.
Crikey, he could have kept them going for about 50 years.
No doubt he is the Billy with the biggest balls on the planet at the moment Yes, I think so
Billy Big Balls of the Week
I find that just really depressing
That's taken a... that's killed the buzz, hasn't it?
It would be a funny tweet
and look at you two taking it dark.
But
how different is he
from other billionaires?
With the exception of maybe Bill Gates.
Warren
whatever his name is.
Warren Buffett.
David Gilmour.
Who's that?
Who's that? Who's that?
It's the lead guitarist from Pink Floyd
Oh
But yeah
I think there's plenty of examples out there
Of how people who are worth a lot of money
Actually can contribute back
And not make a big dent on their
On their
Lifestyles
What I've found is it depends sometimes on how they acquired their wealth.
So a lot of celebrities I find, they're actually quite good at donating
because their money or revenue isn't built upon shareholder value
and exploiting workers and that kind of model.
It's built on the fact that they appeal to people.
People are putting their money in their pockets to watch them in their films and TV,
listen to their music,
you know,
all that sort of thing.
So there's a much more direct connection to their,
to the consumer of their product.
Hmm.
I don't know.
I don't know.
I think we need to lighten the moods.
Don't you?
Definitely.
Yes,
Tom.
Yes. Blimey guys. This is so Definitely. Yes, Tom. Yes, Tom.
Blimey, guys.
This is so...
Do you know what?
I muted myself to blow my nose.
Just...
And then you ask a question
and I can't...
Yeah, I'm sat next here to Jav
and he's like picking his nose
looking at the ceiling.
I'm like...
You know, like,
mate, we are live here.
Anyway,
let's go to... Oh, let's go to you, Andy,
and this week's...
Tweet of the Week.
Andy, Andy, I just saw there's not a delay in the soundboard at all.
It takes Grandpa, like, two seconds to look around all the icons
and find the one he's made the prayers.
It's not straightforward.
Do you know what?
We should just put stuff in a particular order
and make the soundboard in that order
so he doesn't have to look for anything.
And we just number them.
One, two.
Okay, so let's try it again.
Oh, see?
It's not straightforward, is it?
He put me off.
Wait, wait, wait.
Third time's a charm.
Tweet of the week.
Oh, now he's doing that middle finger up the side of his face thing to me.
Jeez, guys, get a room, okay?
We are in a room.
Yeah, that's right.
So I was going to take the piss out of this week's Tweet of the Week
because I saw this and I thought,
what a perfect opportunity to take the piss out of someone.
However, no, do you know what?
I looked at it and thought, it's actually okay.
It takes the piss out of itself more than capably.
I couldn't do any more damage
to this uh so uh if you have a quick look you'll see the link now i've posted and it is uh this
particular tweet this is twitter it's national cyber security awareness month so i'm going to
give you three tips right now that you can do to secure your twitter account more secure than it
is already unless you've already done these additions one click on the three dots no this is actually the speed that uh i believe our uh friend of the show mr malik
um may have uh consumed some red bull before filming this video
this is uh i guess what i was going to take the mickey out of but if you um consider the type of
people that this may be targeted at,
not necessarily your generation, Tom,
but someone young like myself who's part of the TikTok generation,
obviously it's not needed for Twitter.
We wouldn't know what Twitter was.
But it is National Cyber Security Awareness Month.
I don't think we've mentioned that yet. So October is traditionally NCSAM, hashtag NCSAM.
I never know why it's October.
I did hear something because there's five weeks in October,
and so therefore you get a lot of…
Is there always five weeks in October?
I don't know.
Like I say, this is something…
How does that… No, it changes, surely. Well, you've got 31 days. get a lot of... Is there always five weeks in October? I don't know. Like I say, this is something...
It changes, surely?
Well, you've got 31 days.
That's the problem with you young people.
You don't know basic
knowledge.
Yeah, exactly.
However, it is...
To get to the jam, I'm trying to give you
a backhanded compliment here.
Despite the
Red Bull consumption, it's National Cyber Security Awareness get to the jam i'm trying to like give you a backhanded compliment here um yeah despite the uh
the red bull consumption it's uh national cyber security awareness month and just three really
quick tips um which were useful uh you know enabling multi-factor authentication um you
know check permissions uh but nicely laid out and um you know educational uhely lit, I would like to say.
There's obviously some nice backlight in there and a good short focus.
If somebody used to ask me, I reckon that was a 50mm prime lens
that Jav used on that.
Put on, you camera nerd.
What can I say?
But thank you, Andy.
The sunglasses were from a Christmas cracker.
No, no, those are my – so those sunglasses and jacket,
I wore them in GDPR Millionaire video and a few others.
That's the kind of like the character.
But those sunglasses are actually Tyler Durden's.
I got them from –
Oh, really, are they?
Yes.
Nice.
Yeah.
Does Tyler know you've got them?
He won them
fair and square.
In my mind,
yeah.
He won them
fair and square.
I did wonder
why Jad didn't
turn up that week.
No,
very good.
I must say,
it was a good video.
It didn't go on
as long as most
of your others,
so I enjoyed it
much,
much more.
That's what she said.
So, you know, again, backhanded compliment delivered at speed.
So it was good, informational, short and sharp,
and perfect for National Cyber Security Month.
So we look forward to seeing your daily videos on on all of this daily
the first video i put out in like three months or something no you know that's not true but uh
yeah very very good and um yeah that was this week's tweet of the week okay do you know what time it is andy is it time to i don't know are we sticking to the uh running
order or are we yeah yeah well yes because that's why i'm very subtly delivering up the the top the
the part of the show that you always uh deliver so well you know where i usually say our reliable
sources over at the infosec pa newswirewire have been very busy bringing us the latest and greatest security news
from around the globe.
Indeed. So it's time for this week's...
Industry News.
Ivanti adds VPN and MDM technologies in double acquisition.
Industry news.
Research, cloud skills and solutions are in short supply.
Industry news.
UK receives 2020 European CyberSec Award.
Industry news.
Hashtag DTX now.
Time to remove security from IT.
Industry news.
Technical and cost.
I'm trying to stop Tom from pressing the button.
Technical and cost concerns are password authentication.
Industry news.
And that was this week's.
Industry news. Even when he's in the room, he can't stop me. and that was this week's Industry News
even when he's in the room he can't stop me
I'm trying to maintain
some distance
yeah
we had to take our masks off when we first saw each other
no that didn't sound right
yeah fascinating
huge if true
I'm trying to pick out an interesting story and
i'm struggling uh oh this one time to remove security for it that's also the one that i
clicked on uh it's about moving the cso out of it oh god the 90s called they want their headline
back i remember someone giving a talk uh was it you
andy i think you gave it at rsa one year about the uh playing game of thrones it was yes i remember
yeah but the problem where it all failed is that not everyone had seen game of thrones at the time
i i yeah i lost the room very quickly with that one that's right that's right but but tom you
remember that you were there you actually tell that story well i was there yeah absolutely playing the game of
thrones getting a seat at the king's table absolutely i remember andy delivering that
very very well and thankfully you didn't deliver that you know that that talk like five years later
because nobody would have turned up because game of Thrones was crashing into season eight at that point.
But this was back in the early days when the Red Wedding was kicking off and literally everybody was playing it.
So, yeah, it was good.
But the evolution of the CISO and where they sit and where they come from, brilliant.
Absolutely brilliant.
One of my favorite talks ever.
So do you think the CISO should be in IT, though, Tom?
No, not at all.
When you were a CISO, were you in IT?
No, no.
I reported to the CEO of the organisation.
Wow.
I remember actually that we did, I did ask you one time,
what's the most important thing in a job to you?
Do you remember this?
And I know you both had separate answers,
but I remember Tom tom yours was a
reporting line or reporting structure and i was like damn the man's really not motivated by money
i'm totally motivated by money that's why it was my second point but i didn't feel i could put it
down as my first point but no reporting lines Otherwise, you're just hamstrung from day one.
And I'm amazed that this is kind of like a...
Still a thing.
Well, almost like a front page news type thing.
Obviously, everything we talk about in industry news is front page news.
But I'm amazed this is still a concept.
I know there are still companies out there where the CISO reports
to the CIO, but I think it's, if nothing else,
it's being questioned far more.
And I think the accepted wisdom is that it shouldn't,
except in exceptional circumstances.
So I'm really surprised that this is a, you know,
Do you find some of that's being driven because now they're trying to dump a lot of gdpr like privacy and
legal stuff onto the lap of the cso so they're like okay you can move out of it if you take on
all this possibly yeah but again that generates another conflict of interest you know because
the the interest of the cso is to keep the data secure the interest of the CISO is to keep the data secure. The interest of the privacy officer, the chief privacy officer,
is to keep the individuals, to maintain the privacy of the individual.
Now, they do that through using the tools of the CISO.
And I think if you put the two together, you do end up with this conflict
of interest because you could be in direct contravention of GDPR, but have a totally
unbreachable and secure system. And I think, you know, the two of them together, it's different
between compliance and security itself and compliance. You know, they're not the same.
And in the same way that, you know, privacy and security are not the same.
In fact, I think, Andy, you did a really good video on this
where you appeared at the French windows of your house, didn't you,
while you were inside and you said, you know, I've got security.
I can't get in.
But if I want privacy, I need to shut the curtains, right?
Yeah.
It's a good analogy, that one.
Yeah, it was brilliant.
I was in awe of your work there.
But I didn't know you had those kinds of, you know,
elite editing skills either, video editing skills.
But, yeah, anyway, I think, you know, anybody who knows me at all
knows that this is a real bugbear of mine
and something I will forever be pushing so ceo ceos out there if you want to hire tom he'll be happy to be your pa
because it's a very clear like yeah you know clear line line of engagement not having to go
through the cio absolutely most pas would earn more than me right now anyway. Yeah, they would. Oh, my goodness.
Right, shall we move on now to the next one?
Absolutely.
Rant of the Week.
Well, again, you know, Jav just crashed that
with you saying something, Andy.
It's like letting, you know, a schoolboy out into the sweetie shop.
He's got buttons that he can press and everything.
I mean, he almost did that little tiny clap in front of his chest
as he pressed the buttons.
Anyway, this week's Rant of the Week is me, and it's interesting.
This has definitely generated debate.
And I think my rant comes from a slightly different direction here.
But there was an announcement from the Twitter handle
Hack the Planet at Hacked Planet.
A return to hackers is being actively considered,
says director Ian Softley.
So there'll be a new Hackers movie.
This is the movie with Johnny Lee Miller and...
Angelina Jolie.
Angelina Jolie, thank you, Mr and Mrs Smith.
But, you know, that was, I don't want to say highly regarded per se.
Mr Smith was Brad Pitt, just for the record. But, you know, that was, I don't want to say highly regarded per se.
Mr. Smith was Brad Pitt, just for the record.
Yes.
Oh, yes, so it was, yeah.
But they were both married to Angelina Jolie, weren't they?
So Johnny Lee definitely dated her.
I'll tell you a story about him after this.
Okay, okay, cool.
I'm looking forward to that.
So anyway. Sorry, listeners, subscribe
to our Patreon and you can hear that story too.
Oh God, we've got to create a Patreon link now.
But, you know, it certainly
sort of captured the zeitgeist
if I may, of the whole sort of
hacking movement far more than many other
Hollywood films
about hacking have done probably
the only thing that's come close to it ever since is the mr robot the tv show anyway so a a return
a sequel is being considered um and we there's a lot of debate so somebody tweeted no no please
the only good thing about that movie was catching an iconic moment in hacker culture.
Today it would just be a soulless film about
ransomware full of technobabble.
That's probably true,
but you know what? Why is this
generating quite so much
angst
it would seem? It's a film.
If you don't like it, don't go and see it.
It's
funny how Twitter or social media generally just seems to latch
onto something and just over-inflate it beyond what it actually needs to be.
If you only want to know about the first film,
just watch the first film and leave it at that.
Not a big deal.
So did you ever see Point Break, the original and the remake?
There was a remake?
I haven't seen the remake.
I've seen the original.
I saw the remake they did in Hot Fuzz.
No, it's a genuine uh remake which they've
done um so the what's the other one i was thinking uh total recall oh yeah yeah how do you feel
that was good i thought the second one was good stood on its own but had some nice little callbacks
to the original film okay yeah yes okay, like the three-breasted lady
and the woman who was going through customs
going, two weeks!
But yeah, nice little touches to it.
Cool.
So, yeah, okay.
So I guess it could go either way then.
Absolutely.
I didn't like Total Recall the remake.
No, I was more of a fan of the original as well.
Yeah.
Oh, God, the original is brilliant.
I mean, the rubber mask
effects and everything.
Actually, speaking about security films,
everyone always jumps on the hacker band.
Everyone was trying to make something about hackers
and that's why that show Scorpion
was so bad.
This tweet is right. I think it'll
just be ransomware and technobabble.
But historically, I think if you want to ransomware and techno babble. But historically,
I think if you want to look at movies that capture the more of the infosec
professional best,
and I've actually working on a blog about this is predator is the best movie
about security ever.
And Arnie's character actually shows life as a CISO.
Get to the chopper.
Basically it's all set in a,
in a sandbox environment.
Deception technology.
The APT is there.
There's some real key takeaways from there.
And I'll always rate that highly.
But again, the original was fantastic.
The sequels just got from bad to worse.
They're good fun, though.
Yeah, but there's good fun
and then there's greatness
yeah yeah absolutely
Adrian Brody was very good
in Predators
was it I think
no no that wasn't the last one
they've done other ones since
that was the one where they went on another planet
they were kidnapped and parachuted in
yeah they had some aliens in that as well
did they? no they didn't have
oh no they didn't have aliens in that one no so because then it would
have said predator and alien yeah the clues in the know predators brackets not aliens brackets
oh dear but uh yeah anyway so i just find it funny how well i guess i'm going to go back
on myself a little bit here.
People feel very passionate and very protective around, you know,
whatever subculture it is that they're in.
And I guess that's what they're trying to defend here.
But, you know, sometimes I just think social media amplifies
entirely the wrong things.
Sometimes.
Not always.
But, yeah, sometimes.
You know what?
Sometimes.
Not always.
But, yeah, sometimes.
You know what?
We are in the golden era of especially TV and movies to a degree as well,
but especially TV, and there's so much good content out there.
Yes.
I think there's just so much good stuff you can't even get through all of that if you want to.
So I don't concern myself with the bad stuff out there because I'm not even
going to get to it even if I really wanted to.
No, that's true.
I mean, my watch list on Netflix alone is huge.
You know, there is so much content out there.
If it gets made, don't worry about it.
If it's that bad, it just gets consigned to the bin.
I just finished a series on Netflix called Humans.
Oh, it's a Channel 4 series.
It was a Channel 4 series.
I stole that Channel 4.
It's got three seasons, and that's it.
Such a good show.
I really, really liked it.
Actually, you'd find it interesting, Tom, because it's really –
it's got androids in it, and they're like personal helpers,
but it's really about your relationship with technology
and how some people try to fill a void with technology.
They buy things that they don't need.
They have, like, seven types of, like, smart speakers in their house.
And leave them in their boxes in the hallway.
Yeah, exactly.
Don't worry, Tom.
When he says it's about Android, he doesn't mean the operating system.
You know, I bought an Android tablet the other day
because I needed to do something on the smart home.
So, yeah, I just said hacking.
Not quite.
I need to do something.
I know I've been meaning to sort of get up to it.
So I bought the cheapest, virtually the cheapest tablet I could.
And it's absolutely awful.
Horrible, horrible operating system.
You kind of get what you pay for.
Yeah.
Yeah.
Yeah, exactly.
Exactly.
Yeah.
Oh, no, I don't like it at all.
So I will use it for what I need to use it for,
and then I shall sell it.
Or just use it as a doorstop or a Frisbee, something like that.
Or just give it to Jav because he loves Android.
Anyway, that was this week's...
Rant of the Week.
You're welcome.
So I'll tell you quickly, it's not even worth making a big deal out of.
My Johnny Lee Miller story, this is going back in the day.
Oh, yeah, yeah, yeah.
So I used to play football at a previous company.
We used to go out at lunchtimes or mid-morning and play against other companies.
It was five-side indoor football.
Down the back near Baker Street, this sports centre we went to.
And one time I was there.
So I have this thing, you probably know,
I just have some sort of facial blindness where I just don't recognise people.
Unless I've seen them a lot or, like, you know, really know them.
I generally just don't know people.
I forget what they look like.
You know, it just takes me time
to uh you know to to realize who they are uh so there I was um getting changed uh before the game
uh there's this guy opposite me he did look familiar obviously uh and I said hey how's it
going it's like yeah cool I said are you playing today and he sort of like looked around he goes
the football I was like yeah I guess no not today he said i've just been to the gym i was like okay cool and like we're chatting i said you up too much later
and you know just being polite and uh he was like no i just got some work on i was like cool and i
was like well anyway i'll catch up with you later yeah picked up my boots went off and he's like
yeah see you later and i came out i turned to my colleague i was like i forget who he is i was like
what's that guy's name he looks me i thought he was your friend he goes that's johnny lee miller he's an actor
i was like damn i thought he worked upstairs or something you know
but uh yeah no i just terrible with faces um as i i now recognize my neighbor uh but the sort of
first six months were pretty embarrassing.
Six months? You've been there for like four years, haven't you?
I have now, yeah. But in those first six months, one time he came round and my missus was like,
it's so obvious he didn't know who he was.
But you just smiled and nodded.
I did, yeah. Extend a hand. You don't have to shake hands these days, so it's even easier.
No, no, that's a good thing.
But after you got married,
how long did it take waking up every morning
to recognise your missus?
Or were you just awkwardly hanging around?
You're going to go home now, love.
Wasn't there an Adam Sandler film about that
with Drew Barrymore?
Yeah, 51st Day.
51st Day.
That is Andy's life.
Not quite that romantic, unfortunately.
Yeah, no, I do.
I don't know what it is.
It's absolutely terrible.
One time we got burgled, not at home, in the office.
And I actually saw the guy.
You know, this guy came into the office after hours.
And, you know, I challenged him.
He left our office.
But he'd actually burgled a load of the other offices.
But it turns out he was actually the burglar. and the police asked me to describe what he looked like
i had no idea you were like two legs you were like have you read this book called the invisible
gorilla yes that's me that really is you know i love that book that's probably the only full book I've got on my iBooks account, you know.
It's a whole book about that one experiment.
Yeah, it's more than just that experiment.
Yeah, there's lots of things.
Oh, about perception and...
Yeah.
Yeah.
They have different stories about in real life,
like there's cops chasing after someone.
They think that the criminal's further on.
Yeah.
And they completely ignore that one of his colleagues has tackled him and on the floor
struggling with him and he's still running past them to go yeah for those that don't know about
the invisible gorilla it's a it was an experiment we'll put a link of the video down below that'll
be easier than you trying to explain and we're short on time we're not short on time we're short
on time so uh yeah someone can dig up the link for me.
I'll copy it in.
Yes, excellent, excellent.
Nice little story to round it off.
So, yes, we don't have a little people because we've got some young women
who are at the end of their careers, apparently,
that are going to be delivering something to us.
Is that correct, Jack?
I hope so, yeah.
I hope so.
I really
like that LinkedIn thing oh the LinkedIn thing okay yeah well so we got some extra stories here
so let's do this one last uh story LinkedIn so go on Jeff so I saw this post someone forwarded
it to me someone posted this on LinkedIn and it just hit home it was so true so LinkedIn
influencers yesterday I was walking to an interview.
There was a starving dog on the road.
I stopped to feed him and I missed the interview.
The next day, I got a call asking me to come in to do the interview.
I was surprised, but I went.
Then the interview came in.
The interviewer came in.
He was the dog.
Is that from the state of LinkedIn account?
It has to be, surely.
I don't know.
But it's just so true.
That is what LinkedIn is like.
Oh, my goodness.
Yeah, real sort of virtue signaling.
Oh, my goodness.
Yeah.
Do you know what?
I can't remember where I saw it, whether it's an instagram or a tumblr or something like that but um it was people that took motivational
quotes and put them um you know from fitness accounts or business strategy accounts and put
them on drinking um pictures so it's like there's a guy passed out on the floor sitting in vomit
with like all these empty beer bottles next to him bottle of vodka on the table and it's like there's a guy passed out on the floor sitting in vomit with like all these empty beer
bottles next to a bottle of vodka on the table and it says like you know just when you're about
to give up keep going you know and there's some fantastic ones like that and it just so you know
just taking all this inspirational stuff and applying it to a different topic um just uh as
you said that sort of virtue signaling just to sort of show
how um you know ridiculous it can be yeah yeah nice nice right i do believe we're drawing to
the close so i'm going to say uh thank you very much jav for starting this podcast without me
you're welcome i look forward to lunch yeah Yeah, you might not want to now.
So thank you, Jav.
And Andy, thank you, sir.
Stay secure, my friend.
Stay secure.
Stay secure.
Host Unknown, the podcast, was written, performed,
and produced by Andrew Agnes, javad malik and tom
langford copyright 2015 or something like that insert legal agreements here as applicable and
binding in your country of residence we thank you So what are you making for lunch?
Did somebody say just eat?
Oh, no.
No.
Your mate's a CISO there, isn't he?
Kevin Fielder, is he?
I know Kevin.
Oh, is he not your mate?
I thought you knew him. Well, everyone's my mate.
Jervis, sounds like you're getting a bowl of
fuel.
Oh, is that the time? I must be getting
a bowl of fuel. Let me head to
the service station.
And have a Ginsters.