The Host Unknown Podcast - Episode 80 - The Thom Langford A.I.
Episode Date: November 5, 2021This week in infosecWith content liberated from the “today in infosec” twitter accountHonourable mention for the Morris Worm3rd November 2000: A Dutch hacker gained access to Microsoft's network b...y exploiting a vulnerability Microsoft issued a patch for 10 weeks earlier. The Patch MS Forgot to Applyhttps://twitter.com/todayininfosec/status/132380788942589542425th October 2013: Adobe revealed that a breach of 2.9 million customer accounts made public 3 weeks earlier actually affected 38 million users.Adobe breach THIRTEEN times worse than thought, 38 million users affectedhttps://twitter.com/todayininfosec/status/1323807889425895424 Rant of the weekCisco fixes hard-coded credentials and default SSH key issuesBilly big balls These Parents Built a School App. Then the City Called the CopsStockholm’s official app was a disaster. So annoyed parents built their own open source version—ignoring warnings that it might be illegal.[INDUSTRY NEWS]Cops Receive Stalkerware TrainingConti Group Leak Celebs' Data After Ransom Attack on JewellerVenmo to Reimburse Hacking VictimsBlackMatter Group Speeds Up Data Theft with New Tool Student Loans Company Dismissals Highlight Insider Risk NSO Group Blacklisted by US for Trade in SpywareCyber-Incident Impacts UK Labour Party#SecTorCa: Jeff Moss Defines the Role of Hacking Threat Actor Claims 'Groove' Ransomware Gang Was HoaxTweet of the weekhttps://twitter.com/summer__heidi/status/1456099556622364672 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
So what are we going to do with Tom not being here?
I was thinking we could break out the top secret Tom AI.
But isn't that for like when he dies?
Yeah, we call it a trial run. I mean, surely it's not that far away and we've got to
iron out the kinks in the beta.
Yeah, fair enough.
You're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning, good afternoon, good evening from wherever you are joining us. And yes, it's Friday. Welcome, one and all. Good morning, gentlemen. How are we?
Well, Tom, thank you for asking. I'm doing very good. I'm doing very good indeed.
Glad it's Friday. I don't know where the week went. Andy, how about you?
Not too bad. Can't complain. Have you got any stories about where we are with your,
what should I say, your neighbourly activities in terms of stalking people that fly tip and
your neighbourhood watch? You're basically like a neighbourhood watch coordinator now, right?
You know, this is how you start.
And I don't know if you've seen the meme.
It's like Guardians of the Galaxy protect the galaxy
and the Avengers protect the world and Spider-Man protects New York.
And then you've got Daredevil micromanaging like three square blocks.
So I'm working my way up.
I was going to say.
Oh, dear. like three square blocks so i'm working my way up i was gonna say oh dear so we're gonna be calling you the uh the angel of hell's kitchen but the uh was it the angel of north london yeah
something like that oh man so we are a bit light the uh tom ai is working well yes that's right
so we did have to uh break glass in case of emergency. Do you think it's
a stretch to get him to say what's coming up today? Well, we could always help him out, can't we?
So what have we got coming up today? Well, this week in InfoSec is the common story of a big
corp telling people to do as they say, not as they do. Billy Big Balls. Admires a handiwork of fed up parents.
Rant of the Week.
Is about hard-coded credentials.
Industry News brings us the latest and greatest security news stories from around the world.
And Tweet of the Week.
Is a disheartening reminder that this industry is not for everyone.
All right.
Well, I think we go on to our favourite part
of the show right now.
The part of the show we like to call...
This Week in InfoSec.
I should just clarify, and I've said it before,
we say it's our favourite part of the show,
but it's really our favourite jingle of the show.
It's nothing to do with the content, right?
But it is that part of the show where we take a stroll down InfoSec memory lane
with content liberated from the Today in InfoSec Twitter account.
So this week I have resisted the urge to rehash a story related to the Morris Worm.
If you have an interest in that,
you will need to do your own bad research on it. So our first story takes us back
21 years to the 3rd of November
2000 when a Dutch hacker gained access to Microsoft's network by exploiting a
vulnerability that Microsoft had issued a patch for 10 weeks earlier.
So the story goes on to say,
Microsoft's network was cracked through a hole it had recently warned its customers to patch immediately.
A Dutch hacker going by the name of Dimitri told IDG News Service that he entered Microsoft's network
and was able to upload a text file, download other files,
and view the structure of basically Microsoft's network and was able to upload a text file, download other files and view the structure
of basically Microsoft's server network. So he entered it through a sort of well-known security
hole by what was then commonly known as the Unicode bug. And Microsoft basically clarified
it's a web server folder traversal vulnerability. So it did impact a Microsoft IAS service, IAS if
you remember back then, versions four and five, and their tech bulletin stated that the vulnerability could potentially allow a visitor to a website to take a wide range of destruction, destructive actions against it, including running programs on it.
And as mentioned in the headline, Microsoft did release a patch for the whole 10 weeks previously and considered the whole dangerous enough that it specifically reminded
its customers to apply the patch several times so this uh was just a classic do as we say not as we
do scenario and it kind of reminds me of that time not too long ago when um if you remember that big
four company that that writes up people for not enabling mfa they got breached because they didn't
enable mfa and they lost a lot of client. So it is one of those practice what you preach.
Yeah. If Tom was there, he'd be saying like, well, I've got people to do that for me.
I was going to say.
Recovering season.
Yeah. I can't believe it's been like two decades. It's the same problems like not being able to
patch in time. I mean, 10 weeks by today's estimation, it's a small window of opportunity. Nowadays, it's like months go by
when people don't patch stuff. But what really hit me is when you said 21 years ago in 2000.
It can't be 21 years ago.
I know. So Tom normally inserts these calculator sounds as I do these numbers so but when you
realize yeah it's a long time anyway so talking about our second story takes us back a mere
eight years and you know when you say 21 years is a long time I always use this as the good
litmus test for sort of how you can age someone's time in the industry or sort of online. And that's because
on the 25th of October 2013, Adobe revealed that a breach of 2.9 million customer accounts,
which it made public three weeks earlier, was actually 38 million users rather than the
original 2.9 that they suspected. So very easy mistake to make, you know, 2.9, 38 million,
you know, 35.1 million out, whatever.
But this always comes up.
So if you think of sites like Have I Been Pwned?
or if you ever do cyber threat intelligence reports,
you know, on people, you'll find,
you can find, you know, their emails have been compromised
or credentials have been compromised in the past.
And you usually find the Adobe breach in there somewhere.
And that sort of lets you know, OK, they're probably, you know, at least a senior level in the industry because they've been around that long that they used to have an account on Adobe.
You know, back in the day when you had to register for Reader or ColdFusion or whatever it was you were using.
But yeah, that was only eight years ago.
But it's still probably one of the biggest breaches we've seen of people's credentials from the company.
Yeah, yeah.
You know, it's really strange how certain examples there so long ago and yet you still quote them as if they were yesterday.
I guess that you probably do that more more with the stats that you use.
Stuff like the TK Maxx one or the Target breach and all these things,
they just keep on coming up and then you look at how long ago they are
and it's like literally, yeah, you do need the help of the route.
Yeah, and that's why we can't have nice things.
Yeah.
Well, at least the Equifax breach was a breath of fresh air for statistics, right?
Yeah.
When they came out.
But even now, that's a good few years on, right?
It is.
It is quite a few years on.
And all I say is bless the folk at Verizon for the Verizon data breach report.
At least it gives us one slide to update,
according to the 2021 VDB IR.
Insider threat is the biggest threat to companies,
so buy our user behaviour analytics product.
People still need to patch.
And that was this week's...
You're listening to the host unknown podcast bubble gum for the brain so it's kind of weird without uh ranty tom around i don't know how ranty the ai can get but uh
maybe jav you're able to help us out this week if you can channel your inner Tom.
I'll try.
Listen up!
Rant of the Week.
It's time for Mother F***ing Rage.
Yeah, I'm in that weird age right now where I can't... When you're really young and you're full of testosterone,
you can get really angry.
And when you're really old, you just don't care
and you just shout and yell at everyone.
And right now I'm sort of like in disappointed dad mode. angry and when you're really old you just don't care and you just shout and yell at everyone and
right now I'm sort of like in disappointed dad mode. You're just shaking your head a lot. Exactly
exactly shaking my head a lot and looking for my glasses so I can read what the notification says
on my phone. So you can read over the top of your glasses right that's you put your glasses on so
you can hold your phone up to your face and read over the top
oh man that is so true but uh yeah so there's a story about cisco fixes a couple of vulnerabilities
and you think well good on you cisco until you read what the vulnerabilities are it allows
unauthenticated attackers to log in using hard codedcoded credentials or default SSH keys to take over unpatched devices.
And I am shaking my head a lot. It's 2021. We still have hard-coded credentials or default
keys. And it's not like it's a startup. It's not it's some chinese iot device that you bought for five
quid and yeah you'd expect that that webcam to have hard-coded credentials but this is cisco
cisco for all of all companies for heaven's sake don't have the resources just don't have
the resources right just like microsoft can't pack stuff we focus on delivery
do as i say i was gonna say at least with microsoft right that was 21 years ago but
what you're talking about here has a cve which starts with 2021 yes i can't believe it but this
is some real i know i know the the first one the the cve came with a a perfect 10 out of 10 cisco
this is not the olympics you're not trying to get a 10 out of 10 there's some some
some intern they're high-fiving others like yes we got 10 out of 10
aim high shoot yeah so so this one was found in the cisco catalyst passive optical network
or pon series switches optical network terminal ont I have no idea what these devices are, but they are Cisco products.
Maybe 21 years ago, you'd know all about that.
Maybe, maybe.
You know what?
And I'll say this with a bit of embarrassment.
Networking has never been my strength.
Even back in the day when I was responsible for configuring firewalls
and trying to get network packets going,
it was really like the any
any rule and call it a night and leave a note in the leave a note in the in the in the incident
record so that someone far more qualified than me could fix it in the morning oh dear nice one
just say something yeah couldn't couldn't connect to it or couldn't find the rs-232 cable to make
the changes if you can find one in the morning, please do these actions.
Yeah, the second flaw also, it was like a vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite
could allow an unauthenticated remote attacker to log into an effective system as the root user.
Root user. as the root user root user this is a cisco story but there are still so many of these things around
especially like when you when you look at some organizations with legacy systems i remember being
at a bank and there was like one super admin account and i won't say it out loud because i
wouldn't be surprised if it's still around and everyone knew what the password for was for it
because over time oh i need to fix this i'll use that account and that'll fix around and everyone knew what the password for was for it because over time oh I
need to fix this I'll use that account and that'll fix it so everyone knew what it was but they
wouldn't change it because no one exactly knew what it was being used for because people would
just end up using it for like different apps or custom stuff because it just had permissions to
everything so there was just this fear factor.
If we change the password, it will break everything
or something will break.
And the worst thing is it wasn't something that would break
and a bank system would come down.
The bigger fear was something would break
and no one would even notice until like a year later,
the audit comes in and says like,
why are you siphoning off all this money over here or something like that?
So I can empathize with the hard-coded credentials and legacy systems
and in organizations, but for vendors to be putting out crap like that
this day and age, I shake my head in a ranty manner.
And I'm sure that AI Tom totally agrees with us.
Yes, yes, yes.
Absolutely.
Why wouldn't he?
Thank you, Jeff.
Rant of the Week.
This is the podcast the Queen listens to.
Although she won't admit it.
So I guess the next one we've got coming up,
we're absolutely burning through these.
Can you see how much more agile we are
when we lose the old guy, right?
Honestly, honestly.
You know, you're only as slow
as the weakest member of the herd, right?
Exactly.
In fact, I think I propose
we should make the AI Tom a permanent member,
get rid of the physical Tom.
AI Tom doesn't have any union rules, he's never tired, doesn't have another job to go to,
doesn't do wedding photography on the weekends, and we don't owe him a slice of the profits.
So I say let's definitely go for it.
Definitely. And so do you know what? I've actually been working on a jingle for this.
Let's definitely go for it.
Definitely.
And so, do you know what?
I've actually been working on a jingle for this.
You're listening to the Host Unknown podcast with your award-winning hosts,
Javad and Andy,
and insert name here.
AI Tom.
It could work.
It's there.
You know, two-thirds of the board agree.
We voted in favour.
Motion passed.
Right, I'm going to take us through to the
now this is a story i absolutely loved however it's one that requires so much detail that i
debated whether or not i could even try and fit it in because there's no way i would do it justice
so i will say there is a link in the show notes but i will give you the helicopter view right so
jeff i'm pretty sure that you are familiar as a parent assume your kids schools use sort of
different apps yes to to like manage things yeah i mean with this school term they switched to a
new app at my daughter's school and it's an utter nightmare right we've still got money in the old app uh based for like payments on like school dinners and things like
that and they can't transfer it across and so you know they need to refund it and it's just a
complete nightmare like you get messages you get alerts on the app but you can't read them and then
the message comes via email instead and it's like why are you sending me an
app like an alert via an app telling me to open the app and then the app says we've sent you an
email right you know it's like just either send the email or just make the alert say check your
email but it's just but then sometimes you know they will put the messages in the app so I I
completely empathize with where this story was going this is probably why it hit home so so well and this is the story of a father in sweden whose patience was running out with the
city of stockholm's official school system which is called school platform well i pronounce it
school platform but i'm sure that those of the um you know a swedish persuasion may pronounce it
correctly so essentially he couldn't get it to work, right?
So he would dig through like all these different menus
trying to figure out what his kids were doing at school,
whether or not they needed their PE kits.
You know, he didn't know how to report them
if they were sick or anything like that.
And he wasn't the only one, right?
And so this app was launched in 2018
and all the parents were just absolutely frustrated with it right and but you
know the platform was never meant to be this way right it started back in 2013 and it's supposed
to make the lives of everyone easier right as all these things are supposed to and it's supposed to
be used by children and teachers and parents and the whole idea was it was going to be this technical
backbone for all things education, right?
You know, from keeping copies of grades or, you know, recording attendance.
And so everyone's got access to the information when they need it.
But it turns out that the platform is so complex, it's actually made up of 18 different modules that are maintained by five different external companies right and so i guess
if you work in a in a corporate in a big corp or even a company that sort of brings systems together
you know what it's like managing multiple stakeholders and um you know different vendors
and having internally it's a pain in the backside trying to get different teams to manage one thing, right?
So this app, which cost like $117 million, like, you know, US dollars, just never really lived up to the hype, you know.
And parents, teachers just constantly complained about it.
The complexity, the launch was delayed.
It just, you know, everything that could go wrong was wrong.
Okay.
And it wasn't like, it's not just like a small pocket of people. It's got an average app rating of 1.2 on the app store.
Right.
So anyway, this dad is like completely fed up and just turns out that he's a developer
by trade, also the CEO of an innovation consulting firm.
by trade, also the CEO of an innovation consulting firm. And so he started back in October 2020,
it's just over a year ago, he sort of tweeted his group, let's trash the school platform.
And it kind of became this sort of, I guess, like a rallying cry. And so he wrote to the city officials and he asked to see the api documents for the
platform and then whilst he was waiting for that response he decided to you know have a poke around
himself see what could be reverse engineered basically it took him a couple of hours to
figure out how this whole thing worked so he built his own api that sat on top of their api
and so you know at the end of nove, he started this and the app at the
time, whilst he was developing his sort of, you know, platform to sort of control this wider
platform, the underlying platform got hit by the Swedish data regulator with, you know, for
serious flaws in the application. So it basically exposed data of hundreds of thousands of parents,
children, teacher, and some of that information could actually
just be found from google searches right so the app clearly had some issues and so this dad with
you know other parents and fellow developers they basically created an open source version
of this platform without any of the documentation they got they literally took what they could they
figured out the urls it used the payloads how they could return that and they built this entire sort
of private api package that could run on any phone and then you know they basically skinned it and
just made it workable it was brilliant and you know they tried working with the city to do it
right and obviously the city just turned around said right what you're trying to do it could be illegal and then they tried to derail it and they tried to
shut it down and they warned all parents to stop using the app and they started saying look you
know this could access people's personal information illegally right you know and then they reported
the parents to the data protection authorities wow and then they they tweaked the underlying apis to basically break authentication
if it was used you know from their way so they went into this ongoing sort of like cat and mouse
game which is just brilliant because this open source version like parents were loving it right
it actually ended up with a 4.2 rating on the app store you know and it's literally just using, you know, the underlying crap platform. But,
you know, they actually built in additional identity verification with the local bank ID
system. So it was like they had built this more secure app on top of this piece of crap that
wasn't working. And yeah, the government didn't like it. They went after them. They tried suing
them. They reported them to the police. You know, there's such a fuss that's been going on.
Like I said, it's a really entertaining case that's kind of been going on.
And, you know, what I will say, it does have a happy ending because the city asked the developers to unpublish their source code from GitHub.
And, you know, they're prepared to work with them.
You know, but this is really parents fed up taking a system making it
better and the city not liking it it's so brilliant you know i mean sweden's a very sort of
tech enabled i guess sort of region really aren't they in terms of forward thinking what they do
yeah yeah like so i can't do the the story justice but uh it's so fascinating we've got
the link in the show i mean dido harding is probably sitting around thinking amateurs like i could make a worse app 1.1 rating how do you even get that high
give it to me but that is absolutely fascinating i suppose it's spent so long in development and
you said it was like 2013 was it it was 2013 they started yeah
they started it so you can imagine how there might have been some scope creep in there and
i'm glad there's a happy ending because you know digital cyber vigilantism doesn't always work out
that way and uh you know just be glad if you're one of our American listeners, do not try something like this because you probably hit by some sort of anti-terrorism act and be bundled away by the FBI.
So don't try that in other countries.
Excellent. Thank you very much, Andy, for this week's Billy Big Balls of the Week.
That was a really good story.
I did enjoy that immensely.
And I think you did do it justice.
So well done on that.
Much appreciated, AI Jeff.
Thank you.
This is the podcast the Queen listens to.
Although she won't admit it.
Andy, what time is it?
Oh, it's that time of the show where we head over to our PA news sources at the InfoSec Newswire
who have been very busy bringing us the latest and greatest security news from around the globe.
Industry News.
Bots receive stalkerware training. Industry News. POTS receives stalkerware training.
Industry News.
Conti Group leaks the left data after ransom attack on jeweler.
Industry News.
Venmo to reimburse hacking victims.
Industry News.
Black Matter Group speeds up data theft with new tool.
Industry News.
Student loans company dismissals highlight insider risk.
Industry News.
NSO group blacklisted by US for trade in spyware.
Industry News.
Cyber incident impacts UK Labour Party.
Industry News.
Sector.
Jeff Moss defines the role of hacking.
Industry news.
The red actor claims Groove ransomware gang was hoax.
Industry news.
And that was this week's...
Industry news.
Huge if true.
I'm just going back.
So London-based Graff, which sells diamond jewellery to the super-rich,
confirmed the news in a statement it sent to Sky.
Regrettably, we, in common with a number of other businesses,
have recently been the target of a sophisticated cyber attack
by professional and determined criminals.
We were alerted to their intrusive activity by our security systems,
allowing us to react swiftly and shut down our network.
Excellent. So what did they lose, right? systems allowing us to react swiftly and shut down our network. Excellent so what
did they lose right so they got tens of thousands documents including customer
invoices and receipts all posted to the dark web although they're said to be
plenty more in reserve. Okay so we know which which celebs have been purchasing
what so big names from Hollywood sport and business are reportedly impacted
including former footballers David Beckhamckham frank lampard donald trump although
he's not a footballer and hollywood actors alec baldwin samuel jackson and retail boss philip
green okay so it'll be their personal data that's been taken and i guess the purchase
criminals are looking to figure out which houses to target yeah yeah exactly what would be really
funny is like if um victoria if Victoria Beckham sees the receipts
and sees that she hasn't got that diamond ring,
but it's being worn by Rebecca Luce.
Oh, God, that could happen.
Are you not impressed by my footballing knowledge?
I can't believe how I remember those names.
I am actually.
I mean, obviously, these are incidents from, I mean,
David Beckham stopped playing about five years ago, possibly longer.
So, you know, the whole Rebecca Luz thing, I'm thinking it was maybe like 14, 15 years ago.
Maybe that long. Wow.
Yeah. So he, no, he joined them in 2003.
No.
And then he left in 2007. So, yeah, it's about 14 years ago.
Yeah. So it's when he first joined them with uh yeah but you know fair play to you i mean i know that story made um made national yeah so i
was just reading this story about venmo they actually reimbursed mobile payment service venmo
has come to the aid of a couple from florida it has to be Florida, whose entire bank account was emptied by hackers.
So retired couple had $19,500 stolen. $19,500? Yeah. Allegedly, they done small value transactions
like about $1,500 every week. You know, the couple obviously didn't have online
banking or they didn't check their bank statements or something, but they went on for as long as they
could until they emptied the account and they only realised once their rent payment bounced.
Oh, yeah. But they must, is this like they're at fault for it and they're just not admitting it?
The couple told that they hadn't heard of venmo
and had no idea what it was interesting yeah they contacted bank of america but they weren't they
were unable to recover money because bank of america said they couldn't return any of the
money stolen because it had been told by venmo that the couple had authorized the transfers
venmo which is owned by paypal said the company will authorized the transfers. Venmo, which is owned by PayPal,
said the company will reimburse the Stearns for the whole amount stolen. Investigation into how
the hackers were able to create a fake account and get the fraudulent transfers authorized is
ongoing. So they probably just found some of their details or what have you, and set up an account. And you know how much these online services
do take verification seriously these days, I suppose.
Of course.
That's how they got away with it.
Another much smaller news item,
which is why it wasn't picked up in the main stories,
but I thought I'd mention it,
is this week Smashing Security hit its 250th episode,
which doesn't really impress me.
It's not really a big deal.
And I'm reminded of a time,
and I believe it was Shawn Michaels
and Bret Hart when,
well, they had a feud for their entire careers,
but I think Bret Hart was saying something like,
you're nothing to me.
I'm a seven-time world champion.
And Shawn Michaels retorted as well,
saying you're a seven-times champion
only tells me that you lost the belt seven times i don't know i'm struggling here i'm struggling
and uh and so yeah i mean 250 episodes doesn't mean much it's just a vanity metric in my
estimation i mean we could put out two episodes a day and within a few months we could hit that number two. But, you know, we're not petty like that. Yeah, we can knock out 10 today.
Yeah. Yeah. We could split this one into a special 10 parter.
But because we're not petty and we know that it did mean a lot to the
smashing security, Graham and Carole, we did record them a small little jingle.
250 episodes! Blimey, I didn't think Graham was capable of lasting that long.
Lol, time to stick to the same formula. Jingles.
And four guests.
You guys are like the Hutch to our Starsky.
The Lacey to our Cagney.
The Doyle to our Bodie.
The Hooch to our Turner.
The Danny DeVito to our Arnold Schwarzenegger.
The Robin to our Batman. The Rodney to our Del Boy. The Cheito to our Arnold Schwarzenegger The Robin to our Batman
The Rodney to our Del Boy
The Cheech to our Chong
The Canine to our Doctor
From all of your friends at Host Unknown
Officially more entertaining
Than smashing security
In your face
I think that was really good, very thoughtful
Yes The Host Unknown Podcast I think that was really good. Very thoughtful.
Yes.
The Host Unknown Podcast.
Orally delivering the warm and fuzzy feeling you get when you pee yourself.
Andy, I think it's time for you to take us home with this week's... Tweet of the Week.
We always play that one twice.
Tweet of the Week.
We always play that one twice.
Okay, so this is a tweet from Heidi, Summer Heidi.
And they say, as someone who spent a long time in customer service,
I find cybersecurity taxing on my soul.
And this is one.
So I am very client-facing in my role role and sometimes you have those days right where it is just too much to uh too much to uh bite your tongue and uh you know you can't always
respond in the way that you want to respond uh but she does go on to sort of qualify when someone
says hey like you know exactly you know what is the problem with working with, you know, with clients and cybersecurity, you know, coming from customer service.
And she actually clarifies that clients don't always want to hear what you've got to say.
And this is something that I can relate to because I guess, you know, security doesn't always change.
If you talk about a control environment,
the controls are what they are. And if you're building something, you've got a way of, yes,
we can change the scope here, we can make this happen, or if we're building a statement of works,
we can do X, Y, Z. But when you're talking about something that is in place as it is,
that you're buying off the shelf, unfortunately, that is is yeah it's challenging so i do have sympathy for uh summer
heidi on this one and um definitely people if if you think that customer service is a uh is a tough
role then um you know try to try dealing with clients and cybersec you're right you're not
wrong you're not wrong but but also I think it's like most industries.
There are good aspects.
There are bad aspects.
There are good days.
There are bad.
And, you know, it's...
The best days have been in Advocate, right?
Oh, man, you have no idea.
You have no idea.
But I won't say that publicly
because I don't want everyone jumping on the Advocate bandwagon
and diluting my swimming pool.
And just diluting the industry as a whole.
Exactly, exactly, yeah.
It's all right.
We need people doing all sorts of jobs.
And no, you're right.
I think that the people that are having those difficult conversations are bearing the brunt of the workload. As an
advocate, I just come in and say, oh, just patch and walk out. And then they're left trying to
explain why that's actually a really tough thing. We're not going to get into the debate about
patching and how difficult it is at this
stage of the show no no i mean just i'm more of a microsoft patching type person i'll tell them to
patch but you know yeah 10 weeks later don't ask me if i've done it myself details i don't do with
details i'm more of the i take a holistic view of uh of the environment was it you that that was saying that once you there was
this a project or something and no one could get this particular unix thing to work and then they
call you're gonna mention magic man that's the one yes yeah yeah this was yeah we were building
out this environment it was uh solaris um like we'd put oh spent a shed load on this uh sun environment
and uh we couldn't get it to work and these people couldn't get it to work either like you know the
consultants that were with us that we called in they couldn't get it to work either from sun
and then like one of them like you know the boss me telling he goes you know we're gonna have to
call magic man and we were in a data center like i think we're up in maidenhead um you know like waiting around and everyone's like you know magic man like we're thinking of
some sort of joke and i kid you not this guy like about an hour later it's like um do you remember
reservoir dogs where it's like let's call the wolf and he's like right you know you're 20 minutes
away i'll be there in 15 yes yes pulp fiction oh pulp fiction yeah and um yeah and
this uh this old school jag pulled up not the uh the really old school e-type but they're the sort
of xjs i think it was and this guy you know long hair sandals as you would expect like the god of
eunuchs to look like uh just came out he walked in and you know people are literally
talking to him as he was walking down it's like people ran up next to him sort of explain what
was going on and like i may be imagining that he had a toothpick in his mouth that he was chewing
but in my mind he's still got a toothpick that he's chewing and he just walked up to the console
and i kid you not maybe 60 seconds of typing and then just walked off
and everything was working it's like now i understand why you call it magic man right
you know this is one of those things where it's not an ironic name this guy really just knew and
it's like you know even now i think you know where did he go you know where did he come from where
did he go it's just one of the most amazing, amazing things I've ever witnessed.
Walked off.
Did he not say, did he not turn around and say, documentation is your problem?
It wasn't that level.
It was more like, it was more chilled.
It was very sort of like a, you know, hippie vibe.
Like the dude.
Yeah.
I'd love to have that reputation.
I think that's the ultimate gig.
Just get really good at one thing and become magical at it.
You know what it is?
He's probably got hard-coded credentials.
Do you know what I mean?
All the systems probably got his hard-coded credentials
and he's the only one that knows them.
And that's why.
That's probably it.
That's why he's the only one that can fix it.
He probably works at Cisco these days.
Yeah.
Oh, man, that's just too good.
God, I love it.
Excellent.
Thank you very much, Andy, for...
Sweet of the Week.
Oh, damn.
AI Tom is really on the ball.
He is.
Well, we draw to a close, folks.
Jav, thank you very much indeed for your time.
Thank you, Tom. It's been a pleasure.
And thank you very much, Andy.
Stay secure, my friend.
Stay secure.
You've been listening to The Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
R slash Smashing Security.
Got away with it.
Got away with it. I think that was slick AF.
I don't think it's got anything to do with Tom's unhinged rant the other day
where he forgot the mic was on and he had a go at Smashing Security.
That was pretty bad and we should issue in a
statement of apology we should well if we cared about them we would it's totally unprofessional
though we'll keep him undercover for how about you know graham and carol your business model
this idea and your startup you can burn to the ground in hell right where you belong