The Host Unknown Podcast - Episode 37 - Merry New Year!
Episode Date: January 8, 2021Welcome back to the New year and the new look Host Unknown, with a slightly less ethnically diverse lineup than usual, but, but still the same average quality and distinctly suspect ethics you have co...me to expect from Host Unknown. This week Thom displays his love of the Animaniacs, Andy has audio issues and Graham has the voice of a midnight hour radio show host. Smutty or Security?Graham wins by a nose and a euphemism. This Week in InfoSecLiberated from the “today in infosec” twitter accoun):6th January 1982: The final draft of the script for the movie WarGames was printed. Due to the Cold War and relative ignorance about remotely accessible computers, the film released in 1983 scared the hell out of politicians, the military, and adults. And inspired a generation of hackers!https://twitter.com/todayininfosec/status/1214381338028953600 8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker". 8 months later it was published in issue 7 of the hacker zine Phrack.http://phrack.org/issues/7/3.html#articlehttps://twitter.com/todayininfosec/status/12150268696003133449th January 2001: Macromedia, the maker of the Flash media player, claimed that Flash was secure because it was "a constrained environment by design". https://web.archive.org/web/20010123231000/http://www.zdnet.com/zdnn/stories/news/0,4586,2672473,00.htmlhttps://twitter.com/todayininfosec/status/1215067971963375616End of the road for Flashhttps://twitter.com/gcluley/status/1344822920946872320https://www.bbc.co.uk/news/technology-55497353 Rant of the Weekhttps://www.bbc.co.uk/news/technology-55573149https://threatpost.com/facebooks-mandatory-data-sharing-whatsapp-ire/162828/WhatsApp is forcing users to agree to sharing information with Facebook if they want to keep using the service.The update is designed to “offer integrations across the Facebook Company Products”, which also includes Instagram and Messenger.Some of the data that WhatsApp collects includes:User phone numbersOther people’s phone numbers stored in address booksProfile namesProfile pictures andStatus message including when a user was last onlineDiagnostic data collected from app logsThe company warns users in a pop-up notice that they "need to accept these updates to continue using WhatsApp" - or delete their accounts."Opt in, or fuck off by 8th Feb."But…. some good news!And the UK is still considered part of the “European region”, even if we’re not in the EU. Yes, we are still Europeans in 2021!However, the new version of the privacy policy for European users explicitly says that data can be shared with other Facebook companies to show personalised advertising and offers, make suggestions for content, and "help" to complete purchases, among other reasons.What’s telling to me...In 2018, the founders of WhatsApp quit FB over disagreements about privacy and encryption. Walking away from $850 million...https://www.theguardian.com/technology/2018/apr/30/jan-koum-whatsapp-co-founder-quits-facebookhttps://www.forbes.com/sites/parmyolson/2018/09/26/exclusive-whatsapp-cofounder-brian-acton-gives-the-inside-story-on-deletefacebook-and-why-he-left-850-million-behind/If they can walk away from $850 million, surely WhatsApp users can switch to Signal.Alternatives:SignalWickr Billy Big BallsElon Musk has become the wealthiest person on the planet, surpassing Amazon CEO Jeff Bezos, thanks to the continued rise in Tesla’s stock price. Musk is now worth around $188 billion, according to Bloomberg’s Billionaires Index.“How strange,” Musk tweeted Thursday. “Well, back to work ...”Musk eclipsing Bezos’ own extravagant personal wealth of around $187 billion marks the latest development in a years-long rivalry between the two tech magnates.https://www.theverge.com/2021/1/7/22163361/elon-musk-billionaire-richest-world-jeff-bezos-tesla-stock-spacexEncrypted messaging app Signal says it’s seeing a swell of new users signing up for the platform, so much so that the company is seeing delays in phone number verifications of new accounts across multiple cell providers.As for what or who is responsible for so many new users interested in trying the platform, which is operated by the nonprofit Signal Foundation, there are two likely culprits: Tesla CEO Elon Musk and Signal competitor WhatsApp.https://www.theverge.com/2021/1/7/22218989/signal-new-signups-whatsapp-facebook-privacy-controversy-elon-musk Industry NewsNYSE to Delist Chinese Telcos on National Security GroundsOne Million Compromised Accounts Found at Top Gaming FirmsMicrosoft: SolarWinds Attackers Viewed Our Source CodeNYSE U-Turn Means Chinese Telcos Escape DelistingChinese APT Group Linked to Ransomware AttacksRansomware Surge Drives 45% Increase in Healthcare Cyber-AttacksUS: Fewer Than 10 Govt Agencies Hit by SolarWinds AttackMost Public Sector Victims Refuse to Pay Ransomware GangsDark Web User Numbers Spiked During #COVID19 LockdownOver a Third of TMT Firms Hit by Security Breach in 2020Social Media Neuters Trump’s Accounts After Fans Storm CapitolDoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes Tweet)s) of the WeekGraham from the Smashing Security podcast: @modesty_blaise0: Due to travel restrictions, the USA had to organize a coup at home this year.https://twitter.com/modesty_blaise0/status/1346965502703198208Andy: @ChatGotNextYou can’t even do this shit on GTAhttps://twitter.com/ChatGotNext/status/1346911137439223822Thom:@YousefMunayyerWe spend $750 billion annually on "defense" and the center of American government fell in two hours to the duck dynasty and the guy in the chewbacca bikinihttps://twitter.com/YousefMunayyer/status/1347026407294201863Graham from the Smashing Security podcast:@bocxtopit’s literally harder to sign into gmail from a new device than it is to breach the capitol wallshttps://twitter.com/bocxtop/status/1347003538468204545Andy:@notvikingstarting to think it’d actually be incredibly easy to steal the declaration of independencehttps://twitter.com/notviking/status/1346923223489736704Thom: (serious)@Olivia_BeaversIf there is still any question about how rhetoric can manifest into action, that question has been answered today.https://twitter.com/Olivia_Beavers/status/1346901714767642630 They Pushed Me Out And Maced Me Sticky Pickle of the WeekSticky Pickle of the WeekSticky Pickle of the WeekGraham applies his razor sharp mind to this weeks triple sticky pickle. US nuclear launch codes were 00000000 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
guys sorry i can't make it to the podcast recording so go ahead without me if you do
get a guest to stand in for me just make sure it's not some white man otherwise we completely
screw with our demographics all right bye you're listening to the host unknown podcast
with your hosts and Andy, Graham and Tom.
Hello, hello, hello. Good morning, good afternoon, good evening and welcome to the Host Unknown Podcast.
The all new Host Unknown Podcast. New year, new equipment, new jingles, new hosts.
new jingles, new hosts. It's fantastic. So yes, we have a new host. I think one member of the party can't be bothered to turn up anymore. I would like to welcome Graham. That's Graham
from the Smashing Security Podcast, clearly. Graham, how are you, sir?
Hello, hello. It's great to be here. Thank you. This is very exciting. You've changed the
wallpaper. Who's that chap at the beginning?'s saying hey everybody welcome welcome what's the name of
this podcast welcome the host unknown is this for 2021 this is this is nothing but the best
that fiverr can buy wow at uh 1 30 in the morning at 1 30 in the morning. 1.30 in the morning, yeah. Little last minute,
but we got it. We got there.
Wow, guys. That's awesome.
Yeah, so
welcome, Graham. I'm really pleased to have
you on here. It's great
that you've decided to retire
from the Smashing Security Podcast.
Move to the competition.
Forget all that. Yeah, Maria
took my place,
so it's just her and Carol now who are doing it.
That's fair.
Great to be here and to be the token Asian.
Yeah, exactly.
All you need to do now is get a tan and grow a beard.
Right.
And lose about a foot in height.
But yeah, other than that, it should be fine, shouldn't it?
Yeah, exactly.
And Andy, how are you, sir?
Not doing too bad, thank you very much but
uh no one's here to listen to me tom let's be honest well yeah they are here for graham i mean
we had we did have plenty of other choices but we thought you know graham's got that blue ticket on
his twitter thing so he must have some sort of credibility right right? Exactly. I had to Photoshop mine onto my photo to get that on Twitter.
One of these days, Andy, eh?
One of these days.
Oh, dear.
So we've got plenty of stuff coming up for you today,
as you would expect in this brand new year where it has been,
well, it was six days until a major incident in 2021.
It's now zero.
But because, as we've seen from the scenes in America,
people just got, you know, they'll get a little bit sort of restless.
You'll be carried away.
Yeah, decide to go out for a little walk and a little wonder. But I'm sure we'll talk about
that later on. But what we have coming up today, we have the return, I say the return of Smutty
or Security. We have This Week in InfoSec. We have Rant of the Week, Billy Big Balls, Industry News, Tweet of the Week, and will we have a Little People today?
So, Graham, you took on that responsibility.
Do we have Little People today?
I'm sorry.
This is the first I've heard of this.
Okay, that's fine.
You've got about 50 minutes to get it sorted out.
No worries.
You can just text someone in the background to send you something via WhatsApp.
Yeah, exactly. We'll play it over the mic. it'll be fine it'll be fine so let's let's without further ado shall we just just move straight on to smutty or security More security. Is that Dave Bittner's voice?
No, that's Dave Bittner playing the oboe.
I've heard he's a practitioner of the pink oboe.
Anyway, smarty or security?
You know what I said earlier, Graham, that we edit things out, you know, and you said really, because people say, well,
don't be surprised if that doesn't quite
make the cut.
Oh, dear.
Anyway, I'll just put more things
to say to that, but I'm not going to.
Andy, sir.
So, Graham is clearly getting in the
mood already for Smutty or Security.
So, as we know, the hacking community falls into two camps,
either an obsession with a cool name or just a complete disregard
of something basic.
And as we have Graham with us today with his vast encyclopedic knowledge
of security terms and viruses we had this uh fantastic idea where i will give you a name
and you have to tell me whether it falls into the category of smutty or security or even potentially
both and uh yeah so i listened back to the uh last time played this, and when I said, you know, you shout your name as a buzzer,
Jav was very quick to shout other people's names as a buzzer
to get their chance at first.
So in this round, what you do, I'm going to read out a name.
You shout your name as the buzzer.
Whoever gets there first will be called upon to declare smutty or security.
Okay.
So are we ready?
Yes, we are.
My name has two syllables, whereas Tom is easier to say, I think.
All right, Gaz.
OK.
Gaz?
You can say G.
If it's easier, you can say G.
OK, I'll try that.
Oh, G.
The original O-G.
Right.
4K.
G.
Graham. Well, 4K. G. Graham.
Well, 4K is the name of the virus. It's the name of the Frodo virus, which added 4,096 bytes and displayed a message saying
Frodo lives on your screen. Is that correct?
Tom, I'm not fancying your chances on this one.
Is there a rigger in here or what?
Okay. Point'll be honest. Is Wayne Trigger-Rigger in here or what? Okay.
Okay.
Point one to Graham.
The next one we have is five low.
Tom.
Virus.
It is a virus.
Yes!
Get in.
It was 50-50.
Fair enough.
So what I have from this is the five low infects resident.exe files only.
When it infects a file, it increases the file size by about 1,000 to 1,100 bytes,
although the typical value is 1,032 bytes.
Well, this is really sexy talk, Andy.
That is.
It's getting really hot stuff.
One apiece. Next one down, we have
300.
Oh, for goodness sake.
Tom, virus.
No, unfortunately.
Smutty. Smutty.
It's smutty.
And this is when you've finished
having sex with your partner,
you kick them out of the bed and shout,
this is Sparta!
What?
Sorry.
It's the name 300.
That happens enough that it was given a name.
It's a Tinder thing, Graham.
I think we're a bit too old for that.
Yeah, we are too old for that.
Yeah, hinge, Graham.
That's where you need to go now. So still one of next one we have is bad bunny oh hey yes uh that's security i know that so we're gonna have to give this one to graham and i got the details off uh one of your blogs
oh this is one of my favorite viruses of all time. VBS slash Bad Bunny hyphen A, I think it is,
which was a multi-platform piece of malware
which displayed an image...
Of?
Of...
It displayed an image of what I will describe
as a man and a woman playing leapfrog.
But the man was dressed in a full sort of body costume of a rabbit.
And hadn't quite left the floor.
And they were out in the forest somewhere.
And we wrote about this on the Sophos blog at the time.
And so what we did was because you could see the woman's face quite clearly,
we pixelated out her face, but we thought it would also be funny to pixelate out the rabbit the man with the full
rabbit faces and we kept on getting feedback from the American marketing department saying
can you crop this picture a little bit more because it's and we had to make it so
small in the end because everything about the picture was offensive. But it is one of my favourite viruses of all time, VBS.
Thank you for the memory.
Okay, Tom, you're lagging behind.
It's 2-1 to Graham.
So the next one we have is the angry pirate.
Oh, Tom.
That sounds sexy.
Yeah, it sounds sexy. What do you know about it, Tom. Yeah, it sounds sexy.
What do you know about it, Tom?
Is it something to do with Heather
Mills because she's only got one leg
and pirates...
No, it's about
ejaculation
into
your partner's eye and then kicking them in the
shin.
And then they walk around like an the shin. That's right.
And then they walk around like an angry pirate.
That's right.
Mum, I'm really sorry.
I'm sorry.
I should not have known that.
Is this going to go out on Apple Podcasts?
Yeah, it is.
I must get round to unchecking that box saying it's safe for children.
Yeah.
It's just two apiece.
Oh, my goodness.
The next one we have is Bunana.
Oh, Tom, that's smutty, definitely.
I think it might be security.
Yeah, I'm going to have to give that one to Graham.
Graham, what can you tell us about it?
Nothing.
But it kind of rings a vague bell. I got this from one of your blog posts in the past.
Oh, did you?
Yeah, this is about a Trojan making the rounds back,
oh, what year was it?
I didn't even remember.
Andy, you need to understand that Graham had staff to ghost round.
So it spreads via Facebook messages,
and it's the one which says is this you in this video
we know you're a big fan of facebook and your response had to be boo nana
so i i mean we can either call it there three two for a win for graham or uh yeah i think so
i think everyone by going down some of the next ones I've got on the list as I read them
in the cold light of day
and my mother never talking
to me again
so Graham is
victorious on this week's
oh sorry
Smutty
or security?
At least we didn't get to hear about Long John's saliva,
which is a good thing, I suppose.
Oh, smutty.
Oh, dear.
I do.
I like that jingle.
I'm not sure about this segment because I tell you what,
you want to win, but you don't want to win by knowing that it's muddy.
Yeah, I seem to do well on the security bits.
Yeah, yeah, I know.
That was noticed.
Excellent.
Yeah, so I think, are we going to make make that a regular we've got a jingle for it
now right oh we do i mean once you got the jingle that's it it's a feature right exactly
exactly oh dear right excellent thank you very much andy uh we're gonna move move straight on to you again, Andy.
Hurrah!
Yes, woo-hoo, for this week's...
This week in InfoSec.
I just love how unique that jingle is.
That is a jingle.
Believable.
You like it, right?
After all the legal letters, after...
Hey, it's on freesounds.org now, you know.
Outrageous.
Andy.
Yeah, I actually just muted myself so I could cough,
but, yeah, you know, call me out for it.
I'll call you out for not being there on your segment.
Well, I think you guys were having a nice little conversation there, so I thought I'd leave you go for a bit.
So this is the part of the show where we take a trip down memory lane, where we liberate content from the Today and InfoSec Twitter account,
a trip down memory lane where we liberate content from the Today in InfoSec Twitter account,
which hasn't been updated recently, so I've had to go back and find myself and look at some information. And this week is kind of like an origin story. So it's the start of
the year for us, but the content I've got this week, to me, it's where it all started.
The content I've got this week, to me, it's where it all started.
And so we start off 6th of January 1982.
So quite some time ago, 38 or so.
39.
39.
I wasn't yet born.
So the final draft for the script of the movie War Games was printed.
And due to the Cold War and relative ignorance about remotely
accessible computers, the film released in 1983
and scared the hell out of politicians, the military
and adults, and is considered an inspiration to a whole
generation of hackers. I like the way it said
and adults,
whereas kids were just inspired to dial into their schools
to try and change their grades.
But it was great, though.
I mean, you got, you know, he dials in,
he goes into the office, he pulls out the drawer,
looks under the keyboard where the password is kept,
you know, on a post-it note.
Has much changed in these last few years.
Have you guys both seen War Games? Of course.
Oh.
Have you not seen it? No.
No, I've never seen it.
There's quite a lot of movies. I haven't seen
Hackers either. That's the one with Angelina Jolie, right?
I've never seen that.
That's fantastic.
It's okay. I mean, I think it's a bit
over-egged myself, but it's okay.
There's a worrying number of movies I've never seen,
like Jurassic Park.
That has some kind of – there's something in that, doesn't it,
where he says it's Linux.
I know Unix.
I've never seen Jurassic Park.
No, the little girl says, oh, I know this.
It's Linux.
That's right.
Oh, no, it's Unix or something like that.
Yeah.
At least it's Unix rather than Linux.
Do you not watch movies, Graham?
I tend to fall asleep during them because it's just cosy and dark.
And he's a man of a certain age.
Yeah, there weren't movies in my day, yes.
They were just flip cards.
We didn't have moving pictures.
But this is quite an odd thing for you to have pulled out of the annals,
actually, Andy, because you said this is quite an odd thing for you to have pulled out of the annals, actually, Andy, because you said this is the anniversary
of the final draft of the script being printed.
So what you're just saying is that the script writer sent it to his printer
and that has been recorded in history as this is the day he printed it out.
It's not even the release.
This is probably what we outsource stuff to.
Yes, when your supply chain lets you down. Excuse me, what we outsource stuff to. Yes, when your supply
chain lets you
down.
Excuse me,
I've got a phone
call.
I'll have to
leave you to
this,
hang on.
That's outrageous.
This is his
delivery driver
saying he's
pulling up down
the road or he
can't find the
house.
Can you get the
guards to let me
in?
Down the drawbridge. Can you get the hounds back in?
I think we do need to continue, though.
We do.
So the second one, this is even better in history as I talk about origins.
This is from the 8th of January, 1986.
Something called the Hacker Manifesto was written by Lloyd Blankenship,
aka The Mentor, and it was originally titled The Conscience of a Hacker. And this was,
you know, eight months later, published in the Frack magazine. Now, if you recall, this whole, I guess, piece of text is just absolutely legendary.
We'll put a link to it in the show notes. But as I say, this is the inspiration for many people who are around today in the security industry.
So what was what did actually talk about? What was the what was the article about?
what was what did actually talk about what was the what was the article about so it wasn't so much an article it was more of um so he'd recently been arrested and then when he got out he literally
just i wasn't you know just talked about and so it starts off you know another one got caught today
it's all over the papers teenager arrested in computer crime scandal hacker arrested after
bang tampering damn kids they're all alike um alike And he goes through, he does all of this
And he talks through basically his life
It's like, I'm a hacker, enter my world
Did he get out of jail
And then go to creative writing classes?
Well, he should have
But I think it's the
The end line, it says
I'm a hacker and this is my manifesto
You may stop this individual
But you can't stop us all.
After all, we're all alike.
And this is 1986.
This was like metal before it was, you know.
Yeah, yeah.
But yeah.
If only we had some input from somebody who was, you know,
much more active on the security scene then, you know,
like host Graham from the Smashing Security podcast.
Yeah, absolutely.
I mean, someone with a bit of credibility,
a blue tick on their name on Twitter and everything.
Yeah, exactly.
Yeah.
Exactly.
Yeah, I do like this last one, though.
Yeah, so moving swiftly on, this is from the 9th of January, 2001.
So we are 20 years ago.
Macromedia, who at the time was the maker of the Flash media player,
claimed that Flash was secure
because it was a constrained environment by design.
Yeah.
So Macromedia were acquired by Adobe, weren't they?
They were, yeah. And there's stuff I used to love about Macromedia.
So I worked at a place where we used Macromedia Cold Fusion back then.
It became Adobe Cold Fusion. And as we scaled and grew and not necessarily, you know,
operated within the usual sort of procurement process for licensing
and the strict licensing terms exactly speed to market uh the best thing you could do was go onto
the support forums uh where cold fusion administrators around the world were dumping
their entire um sort of system config for support say, this isn't working or I'm getting lag on something
or it's too slow.
I think I know where this is going.
Yes.
What we would do,
because the license key
was installed in there as well.
So if we needed a license key quickly,
whilst waiting for the procurement process,
we would go to the support forums
and just copy one out
and dump it into the systems.
Oh, nice. Nice. Like it. forums and just copy one out and dump it into the uh into the systems oh nice nice like it i i always remember macromedia flash because you had to install it to watch there were these cartoons
and all i can remember is um superfly but it was a it was a the animated cartoons using flash it's
a bit like if you know the oatmeal today it's that kind of style of drawing, but
they were animations.
I'm going to have to look them up again, because they
were hilarious. There was another
great one called Newgrounds as well,
who had loads
of Flash games,
which were just fantastic.
But I am
so glad that Flash is gone.
It's sad to see
the demise of Flash
well
I mean it's like
five years
you're sad to see
hang on I'm back
what's going on
you're sad to see
the demise of Flash
yeah
I was talking about
the old games
I'm sad
there are some great games
in the old days
oh for goodness sake
it's not together in Flash
and so one of my
housemates at the time
this was jeez this was a long time ago.
He created a game.
Do you remember the game show Banzai?
Yes, yes.
The one hosted by Chris Tarrant?
I can't remember.
Do you know what?
I actually can't remember the host,
but he had like Mr. Shaky Man,
where he'd shake someone's hand,
and you'd have to see how long he could shake their hand for
but people are so polite they don't want to pull away and things like that but uh yeah my hell he
created a game like that but in flash and you it's literally like a multiple choice but what if you
did you always lost because the answer was something ridiculous. But it was one of those things, you know, he taught himself
Flash in
maybe three hours.
You know, just read a book.
But yeah, I'm sad to see that go.
No, I'm not. I think
when Steve Jobs
sealed his face.
When Steve Jobs said it's time for Flash
to die, I thought, oh, Steve, you're so right.
It's been 20 years of misery, to be honest, hasn't it, Flash?
I mean, although there's been some good stuff written in Flash,
it's just been so riddled with security holes and problems
and slowing down computers and, you know, it's just like,
oh, it's so resource hungry, wasn't it?
The problem is, though, that there will be companies
who've built systems maybe internally which use flash and have never been updated and you've
probably already talked about this while i was away uh no not yet we were waiting for the
opinion we were just killing time until you got back from that other more important task we had
yeah you know that part where uh normally on calls people say, you're on mute?
During that last part, I was sitting there saying,
Graham, you're not on mute.
Someone landed it.
Maybe, maybe not.
It depends how much I, you know.
We like to keep it real.
Anyway, excellent.
Thank you very much, Andy, for this week's.
This week in Info... This is really annoying.
That's my son's voice.
You can't say that.
Well done, Andy.
Excellent points.
Well made.
Yes, indeed.
Hang on.
You're a few segments too early.
All right.
I think, blimey, look at the time.
I do think we need to move very quickly
onto this week's...
Rant of the Week.
Which is over to Graham from the Smashing Security Podcast.
Yes, I think it's for me to rant, isn't it?
And I want to rant about WhatsApp.
Oh, hell yeah. Because you use rant, isn't it? And I want to rant about WhatsApp. Oh, hell no.
Because you use WhatsApp, don't you, Tom?
Yeah, oh, I think most of the world do, don't they?
Andy, you use WhatsApp?
Yeah, big fan.
Only because of Jav, though.
We were on wire, but Jav decided that he couldn't deal with it.
No, I mean, yeah, so it's difficult.
So all the good gags go through on WhatsApp.
And so you may be familiar
with the old bait and switch uh images that people send it looks like something you click on it a bit
of a bit of a connoisseur of the bait and switch it expands and what you see is not what the uh
sort of the view that you get in your messages actually is when you actually open it um it's a
completely different image to what you thought um and that just doesn't translate to wire or any of the other
yeah so you guys are quite juvenile is that right uh yeah we're literally stuck on whatsapp
because andy wants to send us pictures of dicks without actually looking like he's sending us
pictures of dicks It's ridiculous.
Lovely.
Well, anyway, I've only recently installed WhatsApp because I've rejected it for years and years.
And, I mean, the reason why I got on WhatsApp was a bit sad.
My brother ended up in intensive care at the end of last year,
not for anything COVID-related, but he was quite seriously ill
and he ended up on an incubator yeah or whatever they're
called intubator i mean not an incubator he wasn't he wasn't a baby um but um but and the only way to
communicate with him and the rest basically i didn't know what on earth was going on but the
rest of the family did because they were all on whatsapp chatting about it and i thought begrudgingly
i have to go on whatsapp um in order to find out what's going on.
But now, as you've probably heard,
WhatsApp is forcing its users to agree to some terms and conditions.
Otherwise, they're going to kill off your account.
They're saying that you have to agree that they can do various things
with your data and collect terms.
Now, it does depend on where you are in the world.
So that does vary.
Is this something that Brexit has helped or hindered?
Well, interestingly, you should say that,
because apparently in WhatsApp terms,
UK is still considered part of the European region.
So we're not in the EU, but we're still considered.
Well, I don't know.
I don't know if it's the geography or what it is,
but they are saying that we are still Europeans in 2021.
So there's that for us to wave our flag over.
And that means they won't be grabbing quite as much data
and won't be sharing quite as much of it as with Mark Zuckerberg
as they will be in the rest of the world.
But it feels like this is a slippery slope even more,
and some people are waking up to the threat that WhatsApp
in different parts of the world is collecting not only your phone number
and your information, but also information from your address book.
And that's what really – that's what riles me is that there are services
where it's not me
deciding to share my information, but it's you arseholes, Tom and Andy,
who may have my details in your address book and you've given it to WhatsApp
who are now going to let it be scooped up by Facebook as well.
Yeah, but like Facebook haven't already got your email and um phone number already because
you've done this in the past because you've got one of those facebook screens for your family
because well i listen to your podcast graham i know i know my in-laws theirs got actually
eaten by the dog so that that's no longer operational. Yeah. I don't think that eating the screen
means that the data that Facebook has taken
has also been eaten.
The dog ate my data.
That would be good, wouldn't it, if that was the case?
That would be handy.
That would be handy.
But yeah, so I mean,
people will be starting to see this notice
saying you need to accept the new terms and conditions
or F off by the 8th of February.
And I hope, I hope, though it may be a forlorn hope,
that some people actually, you know, take the hint and do F off
and start using a different message.
Because why would you want to use the one from Facebook and Zuckerberg
rather than one which is written with more privacy and security in mind
and isn't going to scoop up your data and begin to show you adverts or who knows what else?
Well, anything that's owned and touched by Zuckerberg is, you know, a bit crap anyway,
right? We've been here before, though. I mean, this isn't the first time Facebook have tried
this with WhatsApp. And I remember last time, you know, we actually shifted. We used to have quite
high traffic group chat
and we did try shifting to wire
but it wasn't
as functional.
It's just a bit more clunky.
I think some of the alternatives
are better now though.
I think it's worth reviewing.
If you've tried them in the past,
it's worth trying again because I normally use Signal if I want to message somebody. And when I went to WhatsApp, I thought, well, this is basically the same. I don't really see any difference in terms of usability. So Signal is good. Wicker is quite handy. Wicker is an interesting one as well, which very privacy. In fact, in some ways. Sounds a bit too hippie-ish for me.
Oh, Wicca is all about the weed, man.
Wicca, I think, is beloved by drug dealers.
So it's interesting you say that.
Oh, really?
Yeah.
Drug dealers in your area now.
No, I can't confirm that.
But the thing with Wicca is you don't even have to give them a phone number.
Signal, you do have to give them your phone number.
It's a bit of a shame that you have to do that.
But the thing which is really telling to me, I was talking to –
so my brother came out of ICU, and I'm still on WhatsApp,
and I said to him, look, I'm going to be killing off my WhatsApp account,
so you can go to Signal.
And he said, oh, well, you know, why should we care?
Why should we care about this?
Well, what's really telling to me is that the two founders of whatsapp they sold the
business for about 20 odd billion to facebook years ago yeah but they stayed on as facebook
employees and they were getting stock and things well they've in a few years ago they quit facebook
because they disagreed with what zuckerberg was planning to do and And they walked away from $850 million by doing that.
Yes.
They turned out that if they'd stayed and kept their mouths shut,
they would have got $850 million.
They walked away.
And if they're prepared to walk away from $850 million,
which even if you've made $20 billion,
still you're going to notice it a bit,
then surely WhatsApp users can consider switching to Signal.
If it's good enough for Edward Snowden,
then isn't it good enough for the rest of us?
Yeah.
I saw a tweet from Edward Snowden, actually.
I was going to say, yeah, I think I'm going to quote the same one.
Go on.
Someone said, you know, can we really trust Signal?
And Edward Snowden replied and said, oh, I've got a reason.
I use it every day and I'm not dead yet.
But that's because Putin still wants to keep him around
as a bit of collateral, in fairness.
Is he still in Russia?
Yes, I believe so.
Okay.
Of all the places to go to, I i mean i understand why he went there but oh
my god that can't be the best place to stay right well i think it's maybe one of the best places to
say if you don't want to be extradited to the u.s yeah yeah well yeah there is that there is that
i'm surprised maybe he'll get a pardon before january 20. Who knows? Everyone else will.
Actually,
I could imagine Biden giving him a pardon.
I don't know.
We'll have to see.
Yeah.
Anyway, excellent, Graham.
That was a spot on rant of the week for this week.
Well, hang on.
No, I haven't finished yet.
Are you guys going to stop using WhatsApp? Are you guys going to stop using WhatsApp?
Well, it depends on how many of those pictures, Andy.
Do you know what?
I usually say, like, take the emotion out of what's going on.
What's the actual problem here?
I do hate Zuckerberg, but I do have a Facebook account.
Take the emotion out of the argument there, Andy.
Yeah, I don't use it often.
But much like you're saying yourself with family, Graeme,
the year before was my cousin's 50th birthday in Ireland,
and we had this big family group chat going on. And I had no idea what all the conversation was about.
I got a
message from my sister saying like we're going to ireland for the weekend it's uh you know birthday
party yeah and i'd missed all the details and i what i knew is that you know we'd rented a couple
of houses um it's gonna be big house party so you know i got there i got a hire car loaded the boot
full of alcohol um you know turned up at this place. And everyone's like, right, let's go out then.
And I'm like, well, hang on a second, I thought we were in.
And this whole chat had occurred.
But because I refused to install Facebook Messenger,
I didn't realize that they were literally just using the house as a base.
And we had events planned at all these various places in this village
in the arse end of nowhere.
Or maybe because your family were just sort of too ignorant
to pass on the relevant details to you.
Well, they just assumed, because I had been added to the chat,
they just assumed that everyone was on it.
I think it's lovely, Andy, that you imagined they had wanted you
to know about all these activities.
Yeah, it's kind of like when I was growing up.
I used to come home and find my parents had moved house.
It was really weird.
Just imagine their disappointment when you said,
oh, are we all going somewhere?
Let me tag along as well.
And they're like, oh, we thought that would work.
Strange stuff, man.
Happens all the time.
But yeah, so I mean, I'm a big fan of WhatsApp,
not a fan of Zuckerberg.
But, like I say, the functionality of it,
I've got Signal, I've got Wire, I've got, you know, Telegram.
I've tried everything.
And WhatsApp is just so easy to use.
Yeah, but you just have a very specific use case,
which is sending pictures which appear to be of penises,
but when you enlarge them
they're not so the other way around what's your number graham i'll send you some examples
you never want another way around penis but it only works on whatsapp that's the thing
But it only works on WhatsApp, that's the thing.
Well, have you tried it in Signal recently?
Not recently, no.
But I just had a quick look and I actually don't have many people in my address book.
Funny that.
The people that I have that are on Signal are a guy that we went to court with for intellectual property theft in 2010.
And two people that I used to play football with about 10 years ago.
And Tom,
I see your name's on here.
But I will try sending you a,
I shall look forward to receiving it.
You'll get your penis pop up in there.
Maybe before the end.
Yeah,
exactly.
Maybe before the end of the show.
I don't know.
Oh, well.
Right, can I play the jingle now?
Do it.
Thank you very much.
I hit sound.
Rant of the week.
Okay.
It's my turn.
Yeah.
For, where are we now?
Oh, I was going to say,
you can tell that Graham's used to editing a show post-production,
so he doesn't really care about how long he spends on a segment, does he?
No, no.
You know, come on, we got the cocks ticking here, Graeme.
Is this podcast sponsored by WhatsApp, by the way, or Signal?
Don't you think it should be?
I would happily take Zuckerberg's money, though.
Oh, yeah, absolutely.
Absolutely. I mean, you know, there's resentment at take Zuckerberg's money, though. Oh, yeah, absolutely. Absolutely.
I mean, you know, there's resentment at what Zuckerberg does
and then there's Zuckerberg's money.
Two very different things.
Anyway, let's do this week's...
Billy Big Balls of the Week.
So it probably comes as no surprise,
we're going to talk about another extraordinarily wealthy person
on the planet in the tech industry.
Yeah, tech industry.
Yeah, tech industry.
Joe's definitely not in the tech industry.
Elon Musk has just become the wealthiest person on the planet.
He has jumped over, leapfrogged maybe,
wearing a rabbit suit perhaps, Jeff Bezos,
thanks to the continued rise in Tesla's stock price.
So Musk is now worth $188 billion,
according to Bloomberg's Billionaires Index.
billion dollars according to Bloomberg's Billionaires
Index.
Musk tweeted in his
regular, not many
words style of
how strange. Well, back
to work, which is a little bit of a
humble brag, I think.
It does sound
like that.
It's like, oh, I pretend I'm not noticing.
Yeah, it does sound a little bit like that. It's like, oh, I pretend I'm not noticing. Yeah, exactly.
There's got to be a point in time where you just stop counting, though, right?
Yeah, exactly.
Well, Bezos has only got 187 billion, so loser.
And this is the latest development, a years-long rivalry between the two of them.
But what's very interesting with this, so Musk, Billy Big Balls,
richest guy in the world, richest person in the world.
But what's interesting is this is related to Musk as well,
is that you may not have heard of this encrypted messaging app called Signal.
But it's seeing a swell of new users.
Yeah, I know, I know. I hadn't heard of it
until now. A swell of new users signing up to it. So much so that they can't cope with the demands.
So you get sent an SMS or a phone verification to confirm the account, etc. And so much so that
those are being delayed because their systems quite simply can't cope.
And the reason for that is, one, the first off is, and again,
you may not know this, but WhatsApp have apparently changed
their privacy policy and will be now sharing all of their details
with Mark Zuckerberg at Facebook.
Breaking news, I know.
Is that really such a big deal?
That seems fine to me
Yeah
I don't know what the problem is
Yeah, what's the worst that can happen?
Come on Tom, on with the show, stop interrupting
Yeah
exactly
but Musk also tweeted
again, using as few words as possible
just two words
use signal
and from that they have seen a massive uptick, so we know using as few words as possible, just two words, use signal.
And from that, they have seen a massive uptick.
So we know now that Elon Musk uses signal.
And if the richest man in the world with $188 billion or worth $188 billion can use signal. Well, so can you, everybody.
You could easily make that move from WhatsApp to Signal.
Hang on a moment.
I think.
He tweeted, use Signal.
How do we know that he meant the messaging app
and not Signal toothpaste?
Has the toothpaste sold?
It would be interesting to see the share price of Signal toothpaste.
Because when the Zoom share price went up,
the wrong Zoom share price went up, didn't it?
Yeah, interesting.
Well, wouldn't it say something like,
use Signal minty fresh?
With the red stripes.
Yes.
With the red stripes.
Not the one without, because that one's a bit yucky.
Just saying.
So, yeah, but I think it's a good point.
It's a good point.
One we should possibly investigate.
We'll put it to a vote.
No.
But seriously, if Elon is now proposing Signal,
that kind of puts me off it.
I think I might have to go to Wicca instead
with all of the local drug dealers.
Oh, really? You're not off Diana Musk?
No, God, no.
Why not?
Because he's odious.
Why is he odious? He's eccentric.
He's not just eccentric, he's a prat.
Remember that whole business with the submarine
and the kids in Thailand trapped down the cave?
Yeah, I mean, I'll say two things about him. business with the submarine and the kids in Thailand trapped down the cave. Yeah.
I mean, I'll say two things about him.
He came forward and tried to come up with a solution,
but then he accused the lead guy of being a kiddie fiddler.
Yeah.
So, you know, doesn't one cancel out the other?
Yeah.
Possibly.
Possibly.
Yeah, you're right. That was not his greatest hour, I have to say.
But generally, would you say that if you had to choose one
to have dinner with, would it be Elon Musk or Bezos?
Elon Musk.
Bezos is an odious little turd.
Oh.
Yeah, see, I think there's more hatred for Bezos I think so yeah
I'd much rather have Bezos for dinner
Really?
Yes Elon Musk
Elon Musk would try and get off
With your girlfriend
I don't think Bezos would
If I could have dinner with Elon Musk
And that would mean I had a girlfriend
I'd take the risk
He'd bring a few spares
with him, I expect, from what
I've heard.
Come on.
He'd break out the spliffs and talk
about hacking and shit. It'd be cool.
He rocked up
to DEF CON, didn't he?
The year before last, I think.
Two years, whatever.
What happened to last year?
I can't remember.
2018, he turned up to DEF CON and just sat down and chatted in the car hacking room with
everybody.
Oh, wow.
Just imagine someone being able to sit down and chat with someone else.
Why do we give this?
Oh, isn't he amazing?
Well done, Elon Musk.
Anyone can do that.
There's nothing special. Seriously, you're impressed by that?
Let's be fair. The bar is set pretty low these days, Graham.
Yeah, come on.
When you look in the world.
I can't see Bezos doing that. He'd be too busy counting his millions and cackling.
All right.
Reach his own.
I'm not saying he's a perfect man.
He's not a perfect man by any stretch
of the imagination, but I like
him more than I like Bezos, that's for sure.
And Zuckerberg. You're saying that you admire
Musk's big balls, is what you're
saying. His Billy big balls.
Yes, but not as
much as Tim Cook's, but there you go.
Tim Cook is the man at the moment in my eyes.
But anyway, let's move on before you cut me down any more, Graham.
Billy Big Balls of the Week.
I don't know, we invite him onto the show.
I'll stop talking.
That's a week-by-week contract.
So it's that time where we head over to our news source
over at the InfoSec PA Newswire,
who's been very busy this week,
bringing us the latest and greatest security news
from around the globe.
Industry News.
NYSE to delist Chinese telcos on national security grounds.
Industry news.
One million compromised accounts found at top gaming firms.
Industry news.
Microsoft, SolarWinds attackers viewed our source code.
Industry news.
NYSE, U-turn means Chinese telcos escape T-listing. Industry News. Chinese ABT group linked
to ransomware attacks. Industry News. Ransomware surge drives 45% increase in healthcare cyber
attacks. Industry News. US, fewer than 10 government agencies hit by the SolarWinds attack. Industry News.
Most public sector victims refused to pay ransomware gangs. Industry News. Dark web
user numbers spiked during hashtag COVID-19 lockdown. Industry News. Over a third of TMT firms hit by security breach in 2020.
Industry news.
Social media neuters Trump's account after fans storm capital.
Industry news.
DOJ, SolarWinds attackers hit thousands of 0365...
Industry news.
And that was this week's...
Industry news. And that was this week's...
Industry News.
I don't know what it is.
People just can't seem to squeeze that last one in.
That's huge if true.
Yeah, it is.
Huge if true.
Do you know what?
When I read that first one about the New York Stock Exchange
delisting Chinese telcos.
I thought, what?
That's outrageous.
That's never going to happen.
It'll teach me to not read the notes.
Oh, dear.
Fascinating.
Fascinating.
Anything in there that stands out for you?
I do like the fact that Facebook, of all people,
banned Trump's account. Yeah.
I would have thought it would have been
Twitter first.
Well, they did mute him for 12 hours,
didn't they? Yeah, I know.
Facebook have permanently banned
him, and yet Facebook have been one of the
worst ones for amplifying his
voice, right? I think what the world has decided
is it's more dangerous
for Donald Trump to have access to a Facebook account
than the nuclear codes.
So it's good to see action being taken.
That's right, yeah, yeah.
Well, especially as, didn't I read years ago or a few years ago
that up until something like the late 90s,
the pin code effectively for the nuclear launch codes was six zeros.
What?
No, come on.
Yeah, seriously.
This is where you receive the launch code briefcase,
and it says, you know, first line, please change the default password.
It's 0000.
Please change this at your earliest
convenience i'm serious i'll try and find the link to this it was insane because they were so
worried that most of you people would forget it and then they wouldn't be able to launch
so i'll have to dig that out but yeah is there not a switch underneath the
big red button is there not another button that says forgot my password
and then there's a capture
refreshed all the red commie sites yeah how many traffic lights are in this picture?
And you're sitting there thinking, well, does the corner count?
Because it's not.
Do you notice how much time I spend wondering if I should click on that one?
And then I'll never know if I get a second picture afterwards.
Does it mean I failed the first one?
Yeah, exactly. Exactly. a second picture afterwards? Does it mean I failed the first one? Or was it just a check?
Yeah, exactly.
Exactly.
Oh dear. I don't know.
You know, oh God.
I tell you what though,
we need a sponsor.
Any ideas of who we could get
to sponsor us? How about Tesla?
We'll take Musk's money.
Yeah, absolutely. Or, well actually no, Facebook. We didla we'll take musk's money yeah absolutely or well actually no facebook we
said we we did say we'd take zuckerberg's money yeah facebook haven't been talked about enough
on this episode i think i think they're missing out they need to take this opportunity yeah they
can buy some goodwill yeah okay so facebook, here we go. Host Unknown. Sponsored by
Insert Media.
Call me.
Call me, Mark.
Get me on Signal.
Yeah, that's right.
Yeah, because I had to uninstall WhatsApp.
You've already got our numbers.
Give us a call.
Yeah.
Yeah, you got my number from when i submitted it for 2fa uh anyway let's move on to this week's tweet of the week
so this is all of us andy you've you've spread these around. I have. Well, so we generally avoid politics on this show.
However, there has been an event that was recognised globally,
I think it's fair to say.
You may have missed it, I don't know,
but I think it's been, what, you know,
two days since the US Capitol was recently stormed and taken over.
So this is a selection of tweets from from a recent event uh and i just
couldn't choose a good one uh to start with so uh i thought we'd have a couple just thrown in
you can decide on your own favorite so go on graham oh okay you want me to read that okay
so i've got one here underneath The part that says underneath Graham from the Smashing Security Podcast. Yes.
So this one is from Modesty Blaze, and she says,
due to travel restrictions, the USA had to organise a coup at home this year.
I love it.
Nice.
This is one from Chat Got Next, and he said, you can't even do this shit on GTA.
Mine's from at Yusef Munaya.
And he and they said, we spend seven hundred and fifty billion dollars annually on defense.
And the center of American government fell in two hours to the Duck Dynasty and the guy in the Chewbacca bikini.
I thought it was the guy from Jamiroquai, if I'm honest.
It's literally harder to sign into Gmail from a new device
than it is to breach the capital walls.
I think we all know that feeling.
than it is to breach the capital rules.
I think we all know that feeling.
So from at not Viking, he says,
starting to think it would actually be incredibly easy to steal the Declaration of Independence.
Nobody tell Nicolas Cage.
And this, oh God, you left me the serious one.
That's all right.
I've got something to follow up on this anyway.
The serious one from Olivia Beavers.
If there is still any question about how rhetoric can manifest into action,
that question has been answered today.
So true.
So true.
Words matter, unfortunately.
If only somebody had told us that before we started this podcast.
Well, I do have something to add to this.
So there was this fantastic interview.
I don't know if you saw it or sort of, you know,
curbside interview with somebody who had allegedly been trying to storm the
building and had been maced in the face.
It was this woman.
I can't remember the name.
She had a cloth to her face and she said oh just
be amazed to just be amazed etc you know and well you know that's you know it's terrible what
going on well we're just here to assert our rights well you know what did they make you i don't know
i don't know and why are you here oh i'm trying to take over the Capitol building. It's a revolution. You know, again, cognitive dissonance.
But somebody did this beautiful, beautiful little spoof thing.
You may recall from years ago, and I believe they're coming back,
but years ago, a cartoon called The Animaniacs.
Yes.
And let me share this with you.
We're animaniacs, totally insane-y. They let me share this with you.
It's just so good.
So good.
That's genius.
Wow.
So please look that up if you can find it.
It did make me laugh an awful lot.
So that wasn't a tweet, but that was this week's...
Tweet of the Week.
And just in case you haven't realised what you're listening to. You're listening to the Host Unknown Podcast.
More fun than a security vendor's briefing.
True words.
True words.
Yeah.
Yeah, we don't crash the jingle either.
Yeah, exactly.
Exactly.
So we move on to the final part of the show.
It's normally called The Little People, which Jav would do.
But obviously we've got Graham in now because he's more reliable.
But unfortunately, Graham hasn't come up with The Little People,
so we've got something else for him.
So we've got a new segment, and we call it...
Sticky Pickle of the Week. Sticky Pickle of the Week.
Sticky Pickle of the Week.
Sticky Pickle of the Week.
So I don't know if everyone knows.
So Sticky Pickle or Sticky Pickles is the name of the podcast run by my Smashing Security co-host, Carole, of course.
What? Really? Yes. Have wehost, Carole, of course. What?
Really?
Yes.
Have we just accidentally?
Oh, not again.
I don't know if she would have mentioned it on a past appearance
on the Host Unknown podcast.
She's quite humble about it.
I'm just waiting for her to invite me to co-host with her.
Well, I don't think she's ready for a pickle that sticky, to be honest.
Well, you could have helped out a couple of weeks ago, Tom,
when there was a sticky pickle with someone whose daughter came in
and asked what WAP stood for, or if she knew what WAP stood for.
Wireless Access Protocol.
Well, exactly.
It's a topic we have covered previously.
I think, who is it, Card yeah i think i think she's down with the tech kids yeah so it's um yeah i mean it's amazing
how sometimes this content just crosses over it's yeah but do we have a sticky pickle for
graham we do have a sticky pickle of the week for Graham. So Graham,
I want you to put yourself in this mindset. Okay. So I'm going to say I'm absolutely petrified
because I don't know what's about to happen. That's okay. Neither do I. I might have to fake
another delivery at my front door. I love the sound effect you used last time so great put yourself in this mindset okay imagine
you are an executive of a company uh which does online sales um now unfortunately your company
doesn't have the best reputation for various reasons um however you do drink the kool-aid
and repeat the mantra you know don't hate the player, hate the game.
So a couple of years ago, people made a big deal about an incident that turned out to affect, you know, barely 5% of your customer base.
Sure, some people lost their data as a result, but it's not the end of the world. It's only payment data, addresses, name, phone numbers, you know, whatever.
Just little things like that.
I mean, it's basically WhatsApp, you know, it's equipment installed in WhatsApp.
So another company arrogantly tried to tell you about this incident.
You know, so you looked at it internally, you investigated it, you found nothing.
And you were totally absolved of being at fault when the source turned out to actually be a live chat program that you used in your systems internally.
So anyway, fast forward all of this.
This is just in background.
You are this powerful executive.
And with everything else going on, you hire some employees from your rival.
You don't know the specifics of what happens,
but it turns out that these employees that you hire from
your rivals are able to log into your competitor's systems so you can see in real time sort of pre-sales
data from your competitor and you can adjust your own strategy accordingly now this information is
shared at summit with at least 14 of your other colleagues. So there's no way you can claim the credit for this quietly.
Oddly specific.
As the executive in this situation,
what would you do to the person who made this all possible for you?
Okay, so I'm like the boss of Ticketmaster is what you're saying.
For instance, as a possible example.
Yes, make it Taster.
We'll make up the company name.
Okay, and so you've hired someone who's brought in data
and passwords from their past employer,
and we've exploited it for years,
and we basically hacked our competitor.
What would we do?
Well, I think I'd need a sacrificial lamb.
I think I'd need someone to throw to the slaughter, wouldn't I?
Someone to burn at the stake.
So obviously I want to protect myself,
but I think it's time for the staff to be chucked out,
made to walk the plank.
So just to confirm, did Graham know about this all the way through
or is this just becoming apparent?
No, Graham, the executives have known about this all the way through.
Oh, right, okay. In which case, yeah, it's definitely the right course all the way through. This is BAU.
In which case, yeah, it's definitely the right course of action
to throw someone else under the bus.
Yes.
See, yeah, unfortunately, what you didn't do was actually promote
that person and give them a pay rise.
Which is the correct answer.
So obvious in hindsight.
So obvious.
Yes.
in hindsight.
So obvious.
Are we talking about Ticketmaster or the Catholic Church?
Some controversial
comments there. Yeah, so this is
the story that Ticketmaster have now
been
fined recently for hacking a rival company.
And it is just amazing that just the whole, I guess, just the operating practices of this
company, you know, as part of this settlement where they're paying $10 million in fines,
they've also agreed to maintain a compliance and ethics program.
Ethics?
Ticketmaster?
Sorry, anyone who's ever used Ticketmaster surely knows.
I mean, they're, well, I can't say.
They're a bad deal for everyone.
Because Tom doesn't edit the podcast.
They're rapscallions.
Yeah, they're rapscallions, exactly.
Gosh, that was a hell of a sticky pickle, I have to say.
It was.
And unfortunately, yeah, you guys didn't do too well.
Didn't do it too well.
Didn't do the right thing.
No, no, exactly.
We've got to promote the person responsible for it.
Yeah, it's all about building character, promoting from within.
Absolutely.
Encouragement.
Absolutely.
Raise people up.
Well, Graham, thank you for that particular, I was going to say little people but it's not is it it's
sticky pickle of the week sticky pickle of the week sticky pickle of the week
andy when you had those made did you accidentally hit control paste three times.
No, do you know what? I just got it in my head that it almost sounds like something that should
be said three times.
Okay, no, it's fair.
It's interesting.
I'm going to steal the jingle and send it to
Carol, and I think she could use it on her podcast.
Do, that's fine.
Isn't that the way this works?
Absolutely, absolutely.
Send you the file on WhatsApp. Yeah, no, signal. No, wicker. I do. Isn't that the way this works? Absolutely. Absolutely.
Yeah.
No, signal.
No, wicker.
And claim that we're selling drugs so that, Graham,
we can get Graham excited again.
So, excellent.
We have hit the time.
Thank you very much, folks, for listening to our inane ramblings again. Pot potentially more inane because it's the first one back we're out of practice and graham doesn't know how to not
crash a jingle but um apart from that um graham thank you so much for joining us thank you so
much for playing a part uh i hope you enjoyed yourself oh thank you and thank jeff as well
for not showing up that was very good of him.
Well, with a bit of luck he won't be here next
week either.
But yes, thank you so much, Graham. It's
much appreciated. For those of you that
haven't worked it out yet,
do go and listen to the
Smashing Security podcast, but only
after you've listened to the host on mobile.
But nonetheless, Smashing Security,
very, very good podcast,
has some great guests on it
and some not so great guests on it,
but some brilliant ones.
The best ones have been on at least three times.
Yeah, Jab's been on twice, hasn't he?
Yes, that's right.
I'm not going to say who's been on three times
on this show, but it certainly wasn't Andy.
Who?
Exactly. The other one. Andyy thank you so much as well for all of your uh editing and copy and pasting three times for this week's show
appreciate it stay secure my friends stay secure toodaloo you've been listening to the smashing
unknown podcast with and, Graham and Tom.
If you liked it, please like and subscribe.
If you hated it, please leave your complaints on Reddit at r slash Smashing Security.
Outrageous.
They pushed me out and laced me.
And that, Graham, is how the professionals do it.
That was pretty slick.
How many episodes is this?
Is it the 37th?
Yeah.
We still haven't got it right.
It's about 40-something, but Tom mislabelled it at one point.