The Host Unknown Podcast - Episode 8 is the Charm

Episode Date: May 29, 2020

Medicaid scam, LinkedIn trolling, Magnum PI and Murder She Wrote crossovers, Wim Remes (at last!) and Trump. WARNING! This episode strays dangerously close to being a serious, current affairs podcast... towards the end. We apologise for our slip of judgement. Normal service will be resumed next week. Come on! Like and bloody well subscribe!

Transcript
Discussion (0)
Starting point is 00:00:00 Jav, your gain's a little bit high. You're maxing out on... Damn, it's pretty much all the way down. Is it really? Your gain's maxing out. It's like you've got a dashboard. You can see what's going on. I know.
Starting point is 00:00:16 And me saying, yeah, it's down, as if I know exactly what he's talking about. Yeah, it's not the volume, Jav. It's the gain. Come on. No, the gain is all the way down. Unless it's all the way up. Hold on, let me turn it all the way up. My laptop's upside down. What does that sound?
Starting point is 00:00:37 You're listening to the Host Unknown Podcast. Hello and welcome everybody. Welcome back to episode 8, I think this is. 12 something? 24. 24, who knows. I'm kidding you, buy the episode mate. If you're listening to them, it just feels like forever, right? That's what it comes down to uh it's another sunny day lockdown is um well i wouldn't say coming to an end but it is in sight at the moment well i guess it depends whether you're observing the rules in the first place this is true this is true we have we're
Starting point is 00:01:17 dealing with cum gate at the moment aren't we we've got bj and come gate it's very unfortunate which is hashtags yeah it is it is especially you know it's it sounds like um you know that band from biker grove oh dear oh dear um i guess you're a bit too old to catch that when it came around first time but you you reference popular pop culture, right? I don't know. It's just written down in front of me. So it's what you gave me. It's what you gave me. So, Mr Malik, how are you, sir? I'm very, very good. Thank you.
Starting point is 00:02:00 I've got a cup of coffee in front of me and I'm doing very good this week. Thanks. Awesome. Awesome. We had some technical troubles getting you on the show this morning, but we did what every good IT support would tell you to do and switched it off and switched it on again. It seemed to work. It was a bit more technical than that. I had to switch it off, switch it on, log on, and then it got working.
Starting point is 00:02:20 So there was a third step. Okay. Almost threw me. Good thing we didn't have any of that pesky 2FA enabled. 2FA? One host unknown? That stuff slows you down. I'm just checking the...
Starting point is 00:02:35 Because we're known for moving fast, aren't we? I'm just checking the metadata of that error message that Jav sent just to make sure it's not a pre-prepared image that he had for when he wants to be late and sort of not admit to being late. Are you going to do a Google reverse search? Just doing a reverse search now, yes. Hang on, you used that last year.
Starting point is 00:03:03 Oh, dear. Oh, dear. So, Andy, what about you? How are are you doing sir uh not doing too bad um actually i've been you know uh you know when you get stuck and you just browse on your phone and you're looking for stuff to buy uh so i've been doing a lot of window shopping on alibaba as you know uh with some uh previous troubles on customs duty and import tax. And yeah, this week I actually accidentally purchased stuff from Alibaba three times. Really? How much in import duty are you going to pay on that? Well, so I figure it's a standard £8 fee anyway from the Royal Mail.
Starting point is 00:03:42 So it's really just the uh taxes on top um so hopefully not too much uh hopefully the eight pounds the big part of it but it was one of those things where i genuinely didn't realize that i'd previously purchased stuff um so it's a funny thing with alibaba there's so many sellers that uh you know you browse you buy stuff and then that person never sells that stuff again. So you find other vendors. So at the moment, I've got lots of face masks, obviously. Is that not slightly suspicious?
Starting point is 00:04:13 I mean, the vendor's still there. They're just not selling that particular item. So it's very difficult. Because that hasn't fallen off the back of a truck. Exactly. Whatever's available that week. Yeah. I don't know.
Starting point is 00:04:27 What has little Johnny been able to scally away from? This is stuff which, you know, I'm just preparing for when air travel is available again. I'm one of those people that always wipes down the seats and trays and seatbelts and everything before i uh make myself comfortable well i've seen the way you eat so yeah yeah so that's that's when you leave the plane yeah absolutely yeah but uh also you know leave it uh clean for the next person um but yeah so i know uh people have taken the uh the piss mic out of me previously for my
Starting point is 00:05:02 cleansing routine when i get on a plane obviously pre-corona days and I was just really stocking up for that again I saw some horrifying pictures during the week of a flight coming back from Russia I think it was there's a bit of fisticuffs that kicked off really yeah so apparently people weren't observing social distancing it was a a full flight and then a couple of it's a bit hard in economy. Well, exactly. I mean, this is why, you know, you don't sit in the back. It's where the animals are, isn't it?
Starting point is 00:05:33 It's where all the cattle go. I don't call it cattle class for nothing. No. But I did... So I do this thing where I like to learn something new every day. And one of the things which I learned this thing where I like to learn something new every day. And one of the things which I learned this week was the phrase Sisyphean task. Sisyphean.
Starting point is 00:05:52 Well, see. Jeez, God. You know what? You never take the piss out of someone on their pronunciation. Who's learning. Exactly. Because it means they're learning by reading. This is true. Yeah. This is true.
Starting point is 00:06:07 Yeah. This is true. This is one which I picked up, obviously, in reference to third-party risk management. Is it really? It was, yeah. Where did you read about that? So there's this really good blog which I read.
Starting point is 00:06:20 What was it called? Yeah, no, this escapes me. But, I mean it will come back in my feed at some point has it have you lost
Starting point is 00:06:29 the memory of it I've got lost thinking about it it's definitely a season that writes it and it's
Starting point is 00:06:38 the lost thoughts almost I'm lost it's completely lost me completely escaped me by
Starting point is 00:06:44 but I guess obviously we can't mention your good self, Mr. Langford, without mentioning the media whore in the group. This is true. This is true. Mr. Malik sent this message to the group yesterday stating there was a good program on scams. It was like an alert. It was. It was a great program on scams and scammers on itv yeah um i you know the way my phone responded i thought some kid had gone missing the amber essentially wasn't it exactly it was just just jab telling us he's on the telly again it's a bit of a rickroll isn't it these days where uh anything you sort of sense through it's either you know video blog post uh tv um so itv this week bbc last week that's yeah yeah yeah i i'm
Starting point is 00:07:35 just in talks with netflix about how do i get my own documentary no no i i thought it was you know hello this is netflix you've been green lit how can i help you yes yes so you know, hello, this is Netflix. You've been greenlit. How can I help you? Yes, yes. So, you know, we've already had Tiger King. Now we're going to get Cyber King. Oh, Netflix, if you're listening. Yeah, absolutely. Absolutely. Netflix, if you're listening.
Starting point is 00:07:59 Host Unknown. Sponsored by Netflix. Insert name here. Host Unknown. Sponsored by Netflix. So what was it like being on Crime Watch, Jeff? You know, it's funny because the segment I was, they put me in, they topped and tailed it with a scammer who looked like she or something his name was Mahmoud Khan or something it was very unfortunate
Starting point is 00:08:29 so you have me talking and then you have this mugshot of this guy talking and I'm sure for most people they couldn't tell the difference between two or five so they're like and now he's a criminal what's going on? I'm confused I can just hear the producers
Starting point is 00:08:46 think thinking right we can't get some middle-aged white guy condemning this man it's not gonna work you know it's but that was actually really interesting because that was recorded like three four weeks ago and oh wow because of social distancing rules, they just sent me a shot list. I had to record it all myself at home, enlisted my children to help me. They actually sent you a shot list? Seriously? Yeah, they sent me a shot list. Wow.
Starting point is 00:09:18 It was quite fun. So were you introduced from that that Girl Cynic wrote your content again? No, no. she didn't write the content she just made sure i was in frame what was really interesting is it i i gathered all the family around for it and i was like oh i might be on this show because it wasn't confirmed that i would make the cut i said i might be on this show uh and so everyone's there and i come up on screen and my wife's like oh that's from a few weeks ago because you had long hair. Now I've obviously cut it all off.
Starting point is 00:09:51 And my mum looks at it and goes, oh, that was from a few weeks ago because the tulips were in full bloom back then. Oh, very good. When I looked at it, I was like, that's definitely a couple of months ago. Cause he's a lot fatter than that now. Oh man. So talking of, um, you know, big, big,
Starting point is 00:10:16 big, big people in the industry and, uh, you know, rock stars, et cetera. I reckon we could move on quite nicely. We could segue quite nicely,
Starting point is 00:10:24 uh, into. I reckon we could move on quite nicely. We could segue quite nicely into... One of these days I'm going to get the timing right on that thing. Don't worry. So I have got the perfect Billy Big Balls this week. It's actually a couple from Las Vegas. Yeah. They stole $13 million from the U.S. government. How did you steal $13 million from the U.S. government?
Starting point is 00:10:59 Exactly. Okay. Okay, so Timothy and Letitia Harron created a fake healthcare company in North Carolina. Andy, you might want to take some tips from me if you want to avoid your import duty. Anyway, step two, they read through the obituaries of people who recently died. OK, it gets a bit dark. Step three, they used a Medicaid eligibility tool to find out if the dead person had a Medicaid identification number. Brilliant. Using that number...
Starting point is 00:11:41 Publicly accessible. Yeah, it's publicly accessible, yeah. Using that Medicaid number, they backed Build Medicaid for made-up services. They supposedly gave the dead person before they passed away. The dead person couldn't fight it because they're kind of dead. And the family didn't know because no money was coming out of their pockets.
Starting point is 00:12:02 So they wrapped up $ 13 million from Medicaid. Wow, that's brilliant. But how did they get caught? They flexed too hard on the gram. They bought a private jet, ate at the nice restaurant, and went to town at Tiffany & Co. So the mistake they made was
Starting point is 00:12:25 their thought of a nice restaurant was Applebee's. Yeah, exactly. And when they really wanted to up the game, they went to the Cheesecake Factory. What's really, really funny about this is that they got caught by flexing on Instagram,
Starting point is 00:12:40 but they only have like 635 followers on Instagram. What? And one of them's a snitch. It's all about quality, not quantity, you know? Yeah. I mean, on average, he gets like 30 to 40 likes a picture, and he puts the hashtag millionaire in his captions. Oh, my God.
Starting point is 00:13:08 Jesus. So was it the Inland Revenue or whatever it is in the US? Was it them that founded it? IRS, yeah. I don't know. I didn't dig that deep into the story. I am a researcher or something
Starting point is 00:13:25 an expert in this it's like the you know that robbery at in the year 2000 at the dome diamond robbery the big diamond heist and how basically
Starting point is 00:13:42 the police found out about this and so they swapped the diamonds out. They had police, you know, plainclothes police and all that sort of thing. And it was just literally they, they rocked up, crashed through the walls,
Starting point is 00:13:53 et cetera, and were just immediately arrested. And the reason why that was foiled, and this is, you know, this is something like an $18 million diamond or something like that. The reason that was foiled was one of the guys got drunk in a bar and started bragging about this job they were gonna do yeah it's like yeah the thank goodness
Starting point is 00:14:11 there is no such thing as the criminal mastermind yeah and you see this a lot with the um i don't want to say you know they're sort of convicted hackers turned turned professional type uh but you know i always wonder i, they can't be that. Who are you thinking of? Well, I'm not mentioning any names, but I'm just thinking, you know, these are the people, they've been caught. You know, there are better people out there. Why are you settling for the B players?
Starting point is 00:14:34 Because the A players are still out there, you know? True, true. But, mind you, you know, I haven't had a film made about me starring Leonardo DiCaprio. So, you know, define B player. Well, true. But there was that, obviously not mainstream, not Netflix. What's the other one?
Starting point is 00:14:56 Pornhub, I've seen one of your films on. That was... Oh, yeah. Yeah. We should get them as a sponsor. Absolutely. I'm not going to do it. I'm not going to play the sponsorship thing,
Starting point is 00:15:08 Justin Grace. That's going to come out of context immediately. Oh, damn. But, yeah, it's amazing how much flexing actually, you know, seems to bring down these criminal not masterminds. Yeah. The clever ones are the ones that stay quiet. Indeed.
Starting point is 00:15:27 Exactly. Yeah. And that proves our point. Billy Big Balls of the Week. Oh, dear. We didn't even plan that. So I'm trying to think
Starting point is 00:15:49 what else? I mean, obviously we've got some round to the week and industry news and little people and all that. In fact, we've got two lots of little people in the can. We can choose who we want. Shall we toss a coin? Yeah. I feel like Willy Wonka
Starting point is 00:16:05 and we've got a bunch of Oompa Loompas. Yeah. That's how Andy and I feel around with you, Geoff. Is Andy in his heels? Yeah. This is Mr. Malkin in his box. And you not standing on your box. The amount of photos where you're doing the old Tom Cruise
Starting point is 00:16:28 with a box underneath you. It's brilliant. Proper movie. Yes, in fact, so I think since last week, we've now got an Instagram account. Did we add that in from last week? I don't recall. Oh, excellent.
Starting point is 00:16:42 Yes, we've got an Instagram account. And, in fact, we opened a kimono on how our photos are taken with our very first post, which is just that. It's the photo from the homepage of our website, which shows how Jav managed to grow a foot in height for that particular shoot. So, yeah, it's quite fascinating. And in fact, somebody did reply
Starting point is 00:17:08 and mentioned if this was the Tom Cruise effect. Ah, very good. So this Instagram account, just remind me what the account name is. Host Unknown TV. Excellent. I think. And what's the password
Starting point is 00:17:24 so I can just add it to my account now and I can start adding some content? Oh, yeah, it's javis, and that's with a four for the A and a one for the S, short. Oh, okay. And that's 5H, the standard password we always use. Yeah, yeah, yeah. And then a question mark at the end.
Starting point is 00:17:45 Gotcha. Sweet. Excellent. I reckon we can... Oh, look, Jav's turned his mic off. No, I had no idea. I'm busy looking on Instagram because I had no idea we had an account.
Starting point is 00:18:09 Listen to your what no listen to your WhatsApp read your WhatsApp why would I yeah we just tell you anyway through another walk unless it's from the BBC I'm not really picking up any calls now new phone who dis
Starting point is 00:18:22 even ITV is just a little bit sort of, you know, low rent for you now. I've been there,
Starting point is 00:18:31 done that. Right, okay, I'm going to get the timing on this one right. Andy,
Starting point is 00:18:38 when you're ready, we're going to be doing the rant of the week. Ah, this one.
Starting point is 00:18:44 So, as you guys know, and I feel bad i actually fell for this one because it is clickbait of the highest quality um so i opened up linkedin on uh when was it wednesday i think um and obviously the the top post in my feed was uh someone that i am connected with interacting with this post um so i i am very particularly who i connect with on linkedin um i actually like to know the person first um you know unlike uh i know your good selves with thousands and thousands of connections i think i'm still in the low hundreds um well it's just so rude to say no well do you know what and there's some
Starting point is 00:19:25 people i've actually disconnected from because i just don't remember how i know them um so it would be great if linkedin actually had a feature where you could just put a little note in and say how you remember them um you know but hey i'm going off track anyway so the the clickbait i fell for um and the reason i say i fell for it is that I read it, immediately got incensed and thought, you know, this is a prime example of someone who runs their mouth off because they know that they can't get punched through the internet. And then, obviously, I took the screenshot and I sent it out to you guys. And then, you know, once I started, I was like,
Starting point is 00:20:01 do you know what, just forget about it. It's clickbait. Yeah, but it was too late because I was on it then. Yeah, and then I got you incensed. The pitchforks were out. And I know that you did actually make a comment on it. You did waste the time. I did.
Starting point is 00:20:19 I'll never get that 30 seconds back in my life. No. So this was, and I do not know the pronunciation of this guy's name. Like I say, he's not one of my connections. It's a second connection. It's all right. I respect you for learning through reading. Yes.
Starting point is 00:20:35 So Frank Nuvdo, I'm going to say. Not going to mention any company names or anything like that. But he posted quite an incendiary article, obviously. And basically the first line says, wanted to be in cybersecurity and don't want to learn how to code. I'm going to be frank. Get over it and learn to code. You want the big money and the cool factor of working cybersecurity, then do the work. Is it possible? I'm sure it is. Plenty of terrible InfoSec people who have no idea what code is. They're a leak away from being blacklisted. The fact is that a lot of
Starting point is 00:21:13 tools out there have programmatic interfaces and or search functions that are more like SQL queries than Google searches. From a less practical but equally important perspective, you just don't get taken seriously by your subordinates or co-workers. Finally, for cyber security, I really don't consider it a first job kind of field. You should really have several years experience in coding, networking, sysadmin. Look at it this way. If you don't know what a stack is in in programming how are you going to know what a stack overflow is if you don't know what a basic ttp handshake is then how would you defend against it in a sin flood attack and you know quite that is just brilliant you know you need to read it in like a doctor evil voice or something and then it will make a lot more sense. Yeah.
Starting point is 00:22:06 The best part of it is that it's a good conversation point. It actually, it's an opinion, and nothing wrong with that as a valid opinion. But the way it's put, well, the way it's presented is that, you know, hey, I'm thinking this, what do you think? Whereas the way he's presenting is that is that you know hey i'm thinking this what do you think whereas the way he's presenting it is very much i'm right you're wrong if you disagree you're a knob yeah that's what he's saying you know and i think that was the worst part of it um i you know i don't know if there are any replies that actually agreed with him no uh there didn't seem to be and i didn't even see his
Starting point is 00:22:45 uh his response to any of the um the the bane mob that were uh trying to engage with him either uh which is why i do believe it was clickbait well that's the thing yeah i mean if if it was if it was um uh intentional and and a a close-held opinion, he could at least have got on and started to defend against some of the comments that were on there. Or at the very least say, OK, that's valid. It's not what I think. But he didn't.
Starting point is 00:23:20 He just ran for the hills. Do the whole light the fuse on the dynamite and just walk away right yeah yeah absolutely so at least he's looking cool with the explosion no no that that he's not walking away like that he's scurrying away like a rat oh well basically with views like this he's probably still holding it. That's why he's not responding to this. Yeah, that's right. But, yeah, so I guess this also touches on something that we've spoken about before. You know, do you really need to be that technical to work in cybersecurity?
Starting point is 00:24:02 And I guess this is that view where people think that cybersecurity is all about pen testers or SOC engineers or, you know, threat hunters. It's a very broad field. Oh, I think the phrase you use, it's a broad church, I think is not the TV show, but it's a very valid one. And it takes all sorts to get on in this, you know, even, even people, you know, communications and all that sort of stuff. It's all part of the, we're all part of the same team here, you know? Yeah. Oh yeah. I mean, it's like, if you go to the, to the hospital, the surgeon is not going to be like the anesthetist or, you know, and they're going to be very, whatever.
Starting point is 00:24:40 or, you know, they're going to be very... Whatever. And the ophthalmologist is not going to be the same as the cardiologist. No, no, no, Jav, my doctor. Yes.
Starting point is 00:24:58 Is that my apple? Is there enough for that? Yeah, fine, boy. It's the same principle absolutely absolutely you know without the surgeons good medicine would still happen it wouldn't be the full you know the full effect you wouldn't be able to deal with everything but you would still be able to deal with a huge amount of, of stuff as it were. And then with, and so on and so on, you know, it's not, not every single, as individuals, we're not important to the greater scheme, but as, as a group, we can actually address everything across the board.
Starting point is 00:25:40 Stronger together. Stronger together. Hashtag. Teamwork makes the dream work indeed indeed so yeah thank you that was that was a good one i think that's um you know go go look this up on linkedin you could if you um if you do happen to to follow me or just search me up you'll see my response in there you might see some other stuff in there as well about other things that i've been that's terrible advice don't don't go search it i mean this is exactly what he wants so what i said to you two after you two went raging off on was that that he just needs the oxygen starve him off it don't interact don't engage and isn't that what we say to you an awful lot
Starting point is 00:26:21 on our little what that sounds like a pre-prepared uh uningrained uh response that you've just come up with there jav where have you heard this before yeah yeah that's right i seem to remember saying those words quite a few times you know so you should be proud that look i listen i absorb i i i improvise adapt and overcome the point that's it and continue to do it I tell you what do as I say not as I do with Jab isn't it honestly you're such gatekeepers
Starting point is 00:26:56 the two of you it's just like because he just said something that I might have said something similar to I need to be involved in this discussion. Something that Andy was rallying against just seven episodes ago. Seven episodes ago. Blimey. If it was seven episodes ago, I think that was 2015, wasn't it?
Starting point is 00:27:19 Exactly. So this makes us one of the longest running um loosely infosec based podcast today right we've got to be out there in the top 30 at least yeah well we're certainly longer running than smashing security that's amazing amazing i don't know how that even passes the podcast don't be bitter i'll tell you what i'll be bitter do you know I think standards are slipping in smash insecurity and Graham if you're listening
Starting point is 00:27:51 and I've got hard evidence I've got the receipts as to why I think that show's going down they've asked me back on oh dear so you know if you are a fan of the smashing security podcast i'm sorry um i'm sorry that it's it's not what it used to be but uh you know this is what
Starting point is 00:28:15 happens when you when you when you get when you get c-listers like me when you run out of key they literally just cycled through everyone they know and that's it they just need to go right who's uh who's gonna say no who's not gonna say no yeah exactly exactly they're on like episode 180 i mean i think that's all of the people that is tricky it's uh but it is a great show yeah i will say big fan of their love the show love the show love the show love the show friends of the show as well you You know, we should have one of those crossover episodes. You know, like when Magnum P.I. and Murder, She Wrote did a crossover. Did they really?
Starting point is 00:28:52 Did Magnum P.I. do a crossover with Murder, She Wrote? I don't remember that. Yes, she did. Yeah, yeah, yeah. I mean, I remember. I'll send you the screenshots. Yeah, I remember the Simpsons and Family Guy. Yeah.
Starting point is 00:29:05 Does Futurama do one as well with them? I don't know. I don't know. I saw an episode of South Park last night that had a probably unlicensed crossover with the Simpsons. Right. It was when Mr. Hankey, the Christmas Poop, he was driven out of town and it was like, oh, where can I go? Who's going to welcome this old fashioned, racist and intolerant speech of a character?
Starting point is 00:29:43 And he walked into The Simpsons man terrible terrible so yeah i think that that was the um the rant of the week and i think we might have uh we did we did digress but uh yeah i don't agree with the guy and uh i'm fed up with that sort of clickbait that gets my blood pressure boiling. Yeah, completely agree. Rant of the Week. Wow. So, have we decided yet on who we're going to use for the little people? Do you know what?
Starting point is 00:30:23 I was actually looking for a question. Oh, do you know what? I was actually looking for a quote. Oh, yeah. So I... And let's... Just so we... Before I ask Dan, Raywood, and he kindly provided it, I think we should go with him.
Starting point is 00:30:33 Wim kept us waiting for a week, so we should keep him waiting for a week now. He makes a good point. Yeah, well, we'll see. He makes a good point. Yeah. Well, I'm just looking at what I've got loaded in my soundboard
Starting point is 00:30:45 because once again rigging the election and and also wim's talking about something that supports uh something else i'm supporting this week so yeah okay we'll do dan okay so this uh this premium rate number that I've got set up for people to vote, are we still going to give it out or where do we stand on this? Are we still sponsored by Pornhub? Anyway, talking of journalism
Starting point is 00:31:20 or journalists I should say I reckon that's a very good segue onto... Industry News. NHS contact tracing app security issues detailed. Industry News. Non-cyber security incidents outnumber cyber attacks in ICO report. Industry News. Non-cyber security incidents outnumber cyber attacks in ICO report. Industry News.
Starting point is 00:31:50 DNS traffic analysis detects hidden DDoS attacks. Industry News. I'm going to chuck in a bonus one this week because it has been a very busy week in InfoSec. So I'm going with intelligent gateway launches to compile malicious COVID-19 URLs. Someone's been busy this week. Yeah, our sources have pulled their fingers out this week. In fact, I think you had a chat with our sources. No, this is syndicated content.
Starting point is 00:32:32 We are subscribed to the InfoSec equivalent of PR Newswire or PA News. Multiple news sources. Multiple news sources. And we only select the best of the best, the cream of the crop. Exactly. Only the best. We need the finest. Keep the best coming. Otherwise, we will have a go like we did earlier in these in this in these
Starting point is 00:32:47 podcasts yeah we'll try and create our own content no and you don't want that to happen i mean just look at the other 55 minutes of this podcast so there's been a lot a lot also in the news uh talking about the um the track and trace apps and all that sort of stuff that's going on and uh the nhs are still or not the nhs but the government are still holding out about you know using their particular app for um contact tracing and stuff like that what what do you think about that uh. So where are we with this contact tracing app? So I saw previously a very good article about how, you know, essentially it only works when it's open,
Starting point is 00:33:34 and it will only alert if you've been in contact with someone for 15 minutes. And basically there were just lots of holes in, you know, the way it worked. And it was kind of what's the point of it you know because i don't necessarily want it where you know it tells me i've been in the same building as someone for 15 minutes i want it you know as i'm passing someone in the tube or you know i've been sitting in the same carriage with them it's uh something that's actually going to concern me and i think that you, until we get to that level of, you know, detail. And also the fact that they keep the data as well, you know, from what I saw in that first iteration.
Starting point is 00:34:13 20 years. 20 years, yeah. I mean, that's just unnecessary. Up to 20 years. Unnecessary. It is, absolutely. Yeah. And especially as it's kept centralized, et cetera.
Starting point is 00:34:21 Yeah. So I was on a webinar the other night, and it was hosted by the IRMS, the Information Records Management Society, and it was about privacy, and it was talking about this. Sounds fantastically thrilling. It was all right, actually. It was all right. And in fact, it was very well put together as well.
Starting point is 00:34:41 But of the four panelists, and the questions were what what is the validity of all this, etc. What really struck me was that none of them agreed on what was the right approach and what was, you know, what was the right way that this data should be collected under GDPR and all that sort of thing. And it just goes to show that this is a very complex environment. But there's some real basics, it seems to me, that the UK government is just completely fluffing up. So someone tweeted the other day, one of the privacy folks I follow, and they highlighted in the privacy policy on the apps and some of the verbiage in the terms and conditions
Starting point is 00:35:29 and all that sort of thing, that actually they're using phrases in there that actually aren't entered into British or English privacy law. So they talk about, you know, personally identifiable information, PII, which is an American term, not one that is recognized in GDPR. Is that true?
Starting point is 00:35:52 I'll be honest, I did not realize that either. Yeah, it's personal information, not personally identifiable information. Okay, so, well, obviously I work in an industry full of information, but we will constantly refer to it as PII uh regardless yeah it's an American it's an American term I mean there's nothing wrong with the term per se but as a um as a brown M&M you know um canary as it were i think i've mixed my words but as a you know as a as a canary it's quite a quite a telling thing that in a you know a uk app commissioned by the uk government supposedly written for uk people and compliant to uk and european law they're using terms that are only valid under US law. So are you implying that the app or maybe the underlying, you know,
Starting point is 00:36:51 sort of things were created by foreign actors, maybe Russians? Possibly, possibly. I think, you know, if it was written by Russians, I think, you know, if it was written by Russians, it might be that this, you know, you do not accept the privacy policy in Russia, the privacy policy except you. You know, maybe that might have been a giveaway. right for our society and accepting the and downloading an app that is frankly um poorly written and you know poorly conceived and going to be poorly managed in the future uh which is a bit of a dilemma so is it safe to say that you do not intend to download it i still haven't made my mind up i must admit you know my my, my initial thought, my thoughts to much of this about, you know, privacy and stuff is, ah, screw it, it'll be all right. You know, it'll work itself out.
Starting point is 00:37:52 Something will happen, et cetera. But, you know, something like this, when it's talking about holding on to data for 20 years and it's just, it's such a, well, to be blunt, such a shit show'm i am concerned that um something will you know something will go horribly wrong uh so yeah i still haven't made my mind up what about you guys i want to know a bit more about it i guess i'm i'm looking for someone smarter than me to uh to to complete the uh analysis uh and Frankly that's exactly what I'm going to do is if Rowena downloads it I'll download it
Starting point is 00:38:30 I think that would be fair right I guess the difference is Rowena, friend of the show big privacy advocate has a Huawei phone rather than an Apple iPhone, unlike yourself. So I don't think you'll find an app that she uses
Starting point is 00:38:50 that you'd be able to use. Oh, this is true. I thought she had an iPhone. I'm messing with you, folks. Oh! Yeah. The Hosts Unknown podcast where every line is an inside joke. Something like that.
Starting point is 00:39:03 The Host Unknown podcast where every line is an inside joke. I tell you what. It was only in Andy's head. You're listening to the Host Unknown podcast. More fun than a security vendor's briefing. True security insights for the average consumer on this show so i reckon we now go on to uh the next part of the show this is the the part that has been up in the air which which way are we going to go we're going to go with dan are we going to go with Dan? Are we going to go with Wim? You know, not sure. So why don't we just roll the jingle,
Starting point is 00:39:48 toss the coin and see what happens. The Little People. Okay, guys. I've been asked by you to talk about a specific topic for two minutes, which is really freaking difficult because there's a lot of topics and there's only two minutes. But the topic I've chosen to talk about is third-party security. The way we handle third-party security is a really weird thing to me.
Starting point is 00:40:26 Somehow we've dumbed it down to a 200-question questionnaire based on some arbitrary standards in our industry. And to make it worse, we kick the relationship over from whoever has a stake in that relationship to a third-party assessment team that has no vested interest in having a relationship with the vendor we want to engage with. So the way I look at it, the first important part is that relationship. In any assessment, there needs to be a stakeholder that has a vested interest in that relationship. And on the other hand, I think we need to start more from a threat model than a pure questionnaire. In the end, it's our threat model and the vendor's threat model that goes together and merges into one threat model. And lastly, I think it's important that we
Starting point is 00:41:27 work together and take the opportunity to understand what are what we need and what our vendor needs what we know and what our vendor knows to make things better for all of us so it's for me it needs to be a much more invested process that is clear, that has defined outcomes and that we can do something valuable with for all parties involved.
Starting point is 00:41:56 So let's try to make third-party assessments better and not just stupid, stupid questionnaires. The Little People. There you go. Good point well made. Good point well made. It was.
Starting point is 00:42:09 Yeah, that third point especially was spot on the money. Yeah. You're going to insert in post, aren't you? Yeah, yeah, yeah. Especially because of that first screw up as well. I always like hearing from Dan. Really good points. Yeah, absolutely. Lovely fellow, Dan. Lovely fellow. I always like hearing from Dan really good points yeah absolutely lovely fellow
Starting point is 00:42:26 lovely fellow and I think next week we'll have Wim on instead I think that would be good so yeah Dan thank you very much for that okay so we're coming up
Starting point is 00:42:43 blimey we say we're going to do these things shorter every time, and now we're coming up to sort of like nearly 45 minutes. Can I have to get in a Tweet of the Week before we go? Tweet of the Week. Okay, yeah. Should we do that? I will do a Tweet of the Week. Right.
Starting point is 00:43:01 So Tweet of the Week. I'm going to go for uh donald trump again um after after you went for donald trump was it last week it was last week i can't remember it was up but yeah so um so yeah donald trump tweeted something i don't know it was all rock anyway it's all about um mailing ballots and stuff like that being illegal. This, you know, coming from the man who has, who voted through a mailing ballot, alongside his press secretary,
Starting point is 00:43:33 who 11 of the, sorry, 10 of the 11 times she has voted in the last, she has voted, have been through mailing ballots. And yet they're all saying that it's actually just, they're just, they're illegal and they're going to be. Sorry, what? Well, stop sending me messages on WhatsApp and I might be able to concentrate.
Starting point is 00:44:00 Why don't you concentrate on what you're saying? Me and Andy are trying to have a conversation here. Why don't you concentrate on what you're saying? Me and Andy are trying to have a conversation here. Anyway, Trump said some utter rot. And for the first time ever, Twitter actually labelled his tweet as requiring a fact check. Which, you know, Donald Trump immediately backed down and said, you're right. I think, you know, I think possibly what? No, what I'm saying, of course I don't.
Starting point is 00:44:29 He blew up and started talking about, you know, having his freedom of speech restricted and blah, blah, blah. And in a matter of days has introduced a bill, which I don't understand. I've read about a little bit of it. I don't really get it. But basically he's introduced a bill, which I don't understand. I've read about a little bit of it. I don't really get it. But basically, he's introduced a bill targeting social media companies and how they should not be effectively arbiters of truth in all of this.
Starting point is 00:44:57 So really, really interesting that in days he can pull together, you know, laws and regulations, you know, against this sort of thing. But it takes him two months to order some PPE for the country. So I just thought it summed up an awful lot. And also, well played, Twitter. I'm hoping that they carry on. Jack Dorsey is a bit Marmite. You know, people either love him or hate him. But I think he stood by his guns on this one. And long may that continue. he's a bit Marmite. People either love him or hate him.
Starting point is 00:45:26 But I think he's stood by his guns on this one and long may that continue. Yeah. Just to put it a bit in context, the tweet that violated the Twitter rules about glorifying violence, he was
Starting point is 00:45:42 tweeting about the Minnesota riots that are going on after the unfortunate killing of george floyd the by the police and and the the phrase he used in it was um any difficulty we'll assume control the military is ready when the looting starts the shooting starts yeah oh. Oh, dear God. If that's not inciting violence, I don't know what. But that's going to stir up his... a particular fan base of his. Well, you know, just send in, you know, the white militia,
Starting point is 00:46:17 the ones that... You know, the peaceful protests after that George Floyd thing that were broken up by tear gas and rubber bullets and stuff versus when the militia coming in complaining about haircuts and being able to get their nails done, came in carrying heavy-duty military weapons and were just left alone, which kind of tells you something, really. Yeah.
Starting point is 00:46:48 Well, I think we're heading into very dangerous, uncharted waters here when we... We'll avoid politics. We'll avoid politics. Let's just agree... American politics that we have no idea. Let's just agree that the apricot-coloured president is probably out of his depth
Starting point is 00:47:05 and has been for a while yeah i think that that was obvious before he uh got voted in but i will just raise one point on the um the the sort of fact check that uh twitter came up with and i think you know they're saying look what we're saying is go and have a look at all the information and make up your own mind and there you And there is a school of thought where... I saw a really good argument on Reddit, which someone was making, where they basically said, look, don't give people all the information
Starting point is 00:47:35 to make up their own minds. Because what they're doing is they're finding factually incorrect information and they're making up their minds because that aligns with their thinking. And this is why you have to have trusted organizations who are the authorities uh you know the authority of it you know you've got a guy uh you know he goes to universities university studies for three years gets a degree studies another three years gets a phd goes on to do it you know specialist diploma and something else then you got you know becomes a an expert in the field you
Starting point is 00:48:10 know writes white papers which appear reviewed you know comes up with an opinion and then you've got some guy sits on his armchair you know read a couple of blog posts and then turns around just sort of calls bs on the the expert's opinion uh because it doesn't align with uh what they're thinking so it's yeah i i get what you're saying andy and and that's true but i think what the the the challenge that we find ourselves in now is that there has been a sustained campaign over the last few years to undermine and discredit all those trustworthy organizations you've seen it with the attacks on media and even legitimate fake news exactly and even recently we've seen it where they've turned on doctors or the world health
Starting point is 00:49:00 organization or you know with with relate to the coronavirus and the pandemic that that's there. So climate change is another example. It's, you know, President Trump has been going after them for a long time saying that that's all fake as well, when you know, we're going to pull out the Geneva Convention or, or what have you. So I think that there is a very, it's a very strange time where you do have those experts and I completely agree that those are the ones
Starting point is 00:49:31 that we should be listening to, but their voices are being drowned out by these other institutes that we should be trusting as well. These are like some of the leading governments in the world. So it's really, really difficult to find out who's right who's wrong who's got an
Starting point is 00:49:46 agenda who doesn't and and what the truth is yeah i mean all we know is that generally chinese or russian we can trust it yeah i would i would go basically say if trump says it it's not true or bojo for that matter yeah oh dear anyway just a reminder folks you know if you we get all serious in the last 10 minutes or so but just a reminder of where you are in case you think you've shifted over to a Radio 4 podcast or something
Starting point is 00:50:16 you're listening to the Host Unknown Podcast more fun than a security vendor's briefing just to be clear as we finish the show that this is where you are. I don't think we've ever got quite so serious, have we? No, it's just the politics brings it out, doesn't it? And obviously it's been a quite horrific week in the US.
Starting point is 00:50:36 It's like a week that just gets worse every week. Every week this year just seems to get worse and worse. 2020 is the year that smiles at you as it's punching you in the face yeah corona's only killed two uh hundred thousand of our citizens let's start shooting them as well yeah yeah that's right mind you not that not that the um the uk can talk we've got the highest mortality rate per thousand of population in the world number one baby number one, that's right. Reach for the skies.
Starting point is 00:51:06 Anyway, on that note, folks, I reckon we should go before we get way too serious. Thank you, everybody, or both of you for listening. In fact, well, I think last week we went into double digits on our downloads. Woo-hoo. So, yeah, thank you very much for listening. We'll be back next week. Jav, closing thoughts? Oh,
Starting point is 00:51:31 see, you got me in all serious mode and now you ask me for closing thoughts. Don't listen, don't believe the governments, don't believe the fake media, just come to Host Unknown for your trusted source of information. And by that I mean me. Ignore the other two when they
Starting point is 00:51:49 put fake doctored pictures up on Instagram about me standing on a box. Fake doctored pictures. Does that mean that they're real? Double negative. I'm confused. Andy.
Starting point is 00:52:06 Stay secure, my friends. I'll tell you what, you should copy right now. I should use that, yeah. It's a good one. So good. Thank you, folks. We'll see you next week. host unknown the podcast was written performed and produced by andrew agnes javad malik and tom langford copyright 2015 or something like that insert legal agreement here as applicable and
Starting point is 00:52:40 binding in your country of residence. We thank you. And we're out. Woohoo! That went all right. Apart from I can absolutely do some editing around the little people. Nah, fuck it, I'll leave it in. Nobody will notice.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.