The Host Unknown Podcast - Episode 98 - The Statin-Free Show
Episode Date: March 25, 2022Linkshttps://www.theguardian.com/uk/canoe Authentication oufit Okta investigating Lapsus$ breach report Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminalNetflix to Charge Passwo...rd SharersBackground Check Company Sued Over Data BreachOkta Confirms 2.5% of Customers Impacted by Lapsus BreachMedical Service Leaks 12,000 Sensitive Patient ImagesWest Blocks Russia's Access to Weather DataFastest Ransomware Encrypts 100k Files in Four MinutesUS Indicts Russian Over "Carding Shop"Okta CSO: Lapsus Incident Was “Embarrassing”Indian Police Bust Online Helicopter ScamTweet of the week https://twitter.com/aschmelyun/status/1506960015063625733 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
five four three two one and we're recording uh so really struggling on this one this week so
i guess if we can do this without any editing whatsoever
and just publish it live we should be good i i completely agree
you're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning, good afternoon, evening, wherever you are. And welcome to the
Host Unknown Podcast. I'm Javad Malik. And me as always is my good friend, Agnes. How are you
doing, sir? I'm doing good. It's weird without Tom this week, isn't it? It's almost like we
don't know what to do or who's going to do what afterwards. It is. It is. It's almost like,
you know, if you have a tumour for like several years and then finally it gets cut out and you're
like, wow, you just missed the son of a
bitch that's all it is yes it's uncomfortable it's annoying it's ugly no one likes it everyone's
worried when it's around but you know you just kind of grow attached to it yeah yeah
how are you doing this week oh i'm doing good i'm doing good i was at a live event yesterday it was put on by the IGPP don't ask
me who they are what that stands for I saw photos of you on stage actually come to think of it
yes I was on stage to uh to edit them or uh sort of photoshop anything funny onto it but I will do
I'll make time later what uh what were you talking about uh I was talking about beyond phishing and security awareness,
how you can actually supercharge your efforts because, yeah, I mean,
I think that the fact is that everyone, most people in organizations,
they'll receive mandatory training at some point.
But, you know, then it's like, well, why haven't they changed their behaviors?
Well, because it's more than that.
But, you know, then it's like, well, why haven't they changed their behaviours?
Well, because it's more than that.
Yeah, no, it's a, that's actually not one I've seen before.
I know you rehash a lot of your old presentations.
I'm just thinking, I don't think.
You're confusing it with your jokes.
But anyway, how's your week been? It's been good. I actually travelled this week, not too far. I went up the country to Nottingham where there are offices and went out,
had dinner with people and then yeah, went on to a few drinks afterwards, which is the first time
I've really sort of drunk for a long time and I was certainly feeling it on Thursday
yes I remember getting a message from you like long after you were meant to be in the office
for a meeting saying oh I just woke up sorry you're breaking up there you're breaking up there
we're not going to edit this show I No. I was in the office on time.
No issues whatsoever.
Anyway.
It's funny how, like, after, like, two years,
just the act of going up to Nottingham from all places
and having dinner with people becomes a noteworthy event for the week.
I know, it's really sad, isn't it?
I feel sorry like kids
of this generation that have sort of grown up with the uh you know sort of turned to adulthood
during the pandemic uh era um they just have no idea it's uh heartbreaking
but alas i uh i'm conscious we i you, I've loaded up sounds into the soundboard.
And because we're not going to edit this, you know how Tom normally plays some music as we talk about what's coming up today?
Yeah.
We don't have any music.
OK.
I tell you what, you hum and I'll talk.
OK.
This week in.
So coming up today, this week in InfoSec talks about one of the attempts at fraud by a man from hartlepool rant of the week is a mini rant billy big balls tells us about a multi-millionaire
and suggests that maybe crime does pay industry news brings us the latest and greatest security
news from around the world and tweet of the week gives us tips on how you can spice up your life if you work with ticket-orientated workflow systems.
Wow, that's a mouthful.
That was a bit of a mouthful, wasn't it?
When you read it back and it's like, what was I thinking?
We are heading off.
Do you know what to do?
Tom normally does this, right?
Who's going gonna say it
allow me to lead you just follow my idea okay we're moving on to the
favorite part of the show the part of the show we like to call
this week in infosec InfoSec.
See, at least I have the timing with the jingles down.
Here's that part of the show where we take a stroll down InfoSec memory lane with stories of yesteryear to remind us of where we've come from
and enjoy the nostalgia of the good old days.
So I've got two stories this week.
The first is a quick one, but I'm going to talk more about the second one.
Just because I had a good old chuckle and I realised it was, you know, this time of year.
And it really brought back to like what happened.
I remember when it happened at the time, it was just pure genius.
I'll come on to that in a second.
So our first story this week takes us back a mere 16 years ago.
I don't have calculator sound, so I'm going to actually type on the calculator this time.
So the first story takes us back a mere 16 years ago to the 21st of March 2006,
when the origin of Twitter came out of a brainstorming session at podcasting company Odeo.
out of a brainstorming session at podcasting company Odeo.
So the initial concept was to share short messages via SMS text messaging with a small group.
And obviously Jack Dorsey was the primary designer of what was then
codenamed Twitter without the E in it, because you know, the shortened
spelling of names seems to happen a lot around the era, mostly because all
the good domains have been snapped up.
happened a lot around that era, mostly because all the good domains have been snapped up.
But at 09.50am on March 21st, 2006, Jack sent the first message, just setting up my Twitter.
And then Twitter would be released to the public in July of 2006 and found its first major success at South by Southwest in 2007, at which point shortly after it had
been spun off as a company of its own, which is now known today as Twitter Inc.
And I think we've got a lot to be thankful to Twitter for.
We've been to some good conferences and built up some great communities through it.
Are you still here?
Is this the part where you just...
That's fantastic.
I remember reading a meme the other day.
It was like, you know, you say that they spelt Twitter like T-W-T-T-R.
And the meme was like, people who write just the letter U instead of Y-O-U when they're texting.
It's like, what do they do with all that extra spare time
they have on their hands?
Back then he had, what's the Motorola phone?
The Razr, wasn't it?
It's spelled R-A-Z-R, wasn't it?
Yes, yes.
Grindr, obviously a very popular app that you use a lot.
I met Tom, actually.
Yeah.
We're at B-sides but
anyway our second story takes us back a mere 20 years to the 21st of march 2002
when hartley paul born john darwin was seen paddling out to sea in his canoe
so later that same day he was reported as missing after failing to report to work.
And a large scale sea search took place during which 62 square miles,
which is 160 square kilometres for our European friends, of coastline was searched.
And sadly, there was no sign of Darwin,
although a double-ended paddle
was retrieved that following day and then followed shortly after by the recovery of
the wreckage of his kayak. Now, that's not the end of the story because it gets a bit
more interesting. This was certainly one to puzzle the rescuers as to how Darwin could
have got into trouble. He was an experiencedist um and those conditions at the time the north sea were just unusually calm and so they're like how
could he possibly have you know got into trouble so alas no sign of him uh you know he didn't turn
up and he was presumed dead so a death certificate was issued stating that he had died on the 21st
of march 2002 which allowed his widowed wife to
collect 250,000 from life insurance, which is obviously a small consolation, you know, when
your life partner is no longer, you know, walking the earth with you. Yeah, damn shame.
So remember, we can't edit this, right? We're going live, right? This is a war dog episode.
The inner thoughts inside there. Yes. edit this right we're going live right we're oh this is a war dog episode you know the inner
thoughts inside yes so this all happened 2002 so fast forward a year and our boy john darwin
secretly moved back in with his wife in february of 2003 it like what? So what happened was that he had basically faked his death
and he was secretly living in a bedsit next door and his wife was in on the whole scam.
Like they'd run up a load of debt buying property, renting out the rooms that they needed to like,
you know, they needed a way to make money quick and clearly not the bank robbing type of people.
They devised this insurance scam. So one of my favourite parts of this story is when he was hiding out in the bed sit,
bear in mind he was doing this for a whole year, right, you know, hiding out in the bed sit,
a tenant of the block of the bed sits, you know, which they still owned,
a guy called Lee Wadrop recognised him and said, aren't you supposed to be dead?
To which Darwin replied, don't tell anyone about this right and
so wadrup later said that he didn't tell the police because he it's like you know didn't want
to get involved right that was his explanation and like that is a man who knows his mind's own
business right that's like yeah no snitch right and so you need people like that around in life so
at this point um darwin still hadn't been caught and we know that he eventually would be because
you know we're talking about this story.
But there was way more to come in this adventure.
So this was like now 2003.
So he's living in the house with his missus in 2003.
2004, they decided to move abroad.
So they're like, yeah, let's have a look at Cyprus.
But he's dead. How's this going to happen?
So he applied and obtained a passport using a false name uh going by the name john jones um but actually
using his true home address and so that you know it all went through like that what does that say
about the passport uh yeah uh you know checking scheme so there was november 2004 a couple visited
cyprus to look at buying property there and then even further after that back you
know in may 2005 there's a guy that claimed to have met him who's then going under the name john
williams uh in cornwall and so back at his home darwin supposedly spent most of his time on the
internet um he met a woman in kansas at the time he flew out to meet her like the man's just living
his life like nothing's going on right he was back and forth to the uk all the time he flew out to meet her like the man's just living his life like nothing's going on right
he was back and forth to the uk all the time like newcastle gibraltar then he went to el puerto de
santa maria um he looked at a 42 foot catamaran that he was considering buying um and so this is
just going on so not only is the man just living as if nothing's going on. In March 2006, he actually
signed a planning objection to his neighbor's building work by using a false name. So he's
still actually here just annoying his neighbors. Right. You know, he doesn't want this stuff to go
on. So by this point, they're actually thinking that we need to settle down somewhere. So they're
looking at Panama as a place to go. So to panama um and they were photographed by a panama property
agent and the resulting photograph was posted on the internet um and so you know again they're
going back and forth and we're now into march 2007 right where they went to panama and they sort of
they they started a company there like they're living their life to the max.
And so they started this company,
and the plan was to buy a couple of apartments in El Dorado.
And while this happened, the Panamanian authorities said,
look, in order to make this happen,
we're going to need to do some background checks on you to make sure that everything's above board.
In order to do this, we need to speak to the the uk
police to get into the detail of this so at this point ann's like oh you know what this isn't going
to work for us right the the identities aren't going to pass this like enhanced background check
so um john darwin thinking like okay what am i going to do? Like the gigs up, he literally decides to come back to the UK under his real name and just fake
amnesia.
Like literally like 1st of December,
2007,
he walked into a police station,
the West end of London.
And he's like,
ah,
I think my name's John,
but I've got no idea what's happened the last five years.
And,
uh,
so this obviously raised a spotlight in terms of what's going on.
So the police had already been a bit suspicious that Darwin might not have been dead just because, you know,
Anne, his wife, had initially portrayed herself as this sort of heartbroken widow.
But then she was taking foreign holidays at like every opportunity.
And, you know, she planned to sell the family home, moved to Panama.
She was transferring large amounts of money aboard.
So the police had already started their investigation and, you know, three months prior to his reappearance.
And it's actually one of Anne's colleagues that sort of snitched on her saying that, you know, she overheard a conversation, sounded a bit iffy.
And the police, the whole story just unraveled after the daily mirror published
photos of the tarwins taken in panama and the photograph was discovered by a member of the
public who simply searched for the words john and panama in google images and it was just
level yeah i know like the google foo was strong with that one. And so, yeah, the wife, when confronted with the photo,
she was like, yeah, that's him.
And she was quoted saying, my sons will never forgive me.
Because obviously she was in on the whole thing all along.
And so when the police did eventually examine his false passport,
you know, they discovered that he had been back and forth
to Panama multiple times in
the previous five years. But the two sons initially really happy at the return of their
father who wouldn't be. But then as the story unfolded, they realised that they were not
in on it. They didn't know anything that was going on. So they issued a joint statement
saying they'd been victims of scam and implied they wished to have no further contact with their parents.
You know, police emphasise that neither sons were suspected of any crime.
But, yeah, it's, you know, six years after it all started in March of 2008,
you know, Darwin admitted seven charges of obtaining cash by deception and past.
And later in July 2008, John and Anne Darwin were both convicted of fraud.
And Darwin faced an additional charge to, you know, relating to his fake passport.
Fake passport.
Fake passport. He was sentenced six years, three months, and his wife was sentenced to six years and six months.
Both appealed their sentences and both appeals were denied.
It's just fascinating.
It was just fantastic.
It's brilliant.
You can tell this is like from 20-odd years ago
because today if the paper in the bed set had seen him,
even if he had not gone to the police,
he would have taken a video, YouTube video,
I think like, I saw a dead person.
I saw a dead person. It'd be person it'll be on the next door app
yeah exactly exactly there's no way but you know this the goals of this guy he's like he he's lived
a better life after being dead than people do when they're alive it's like where did you get the money and the time and the and the ambition to
go like panama and here and there and you know it's it's amazing oh that's brilliant but it's
so he came into the news again recently uh just two weeks ago he he's 71 years old now um clearly
still got a death wish because he announced he's going to go and fight in the ukraine to uh or in ukraine to support um support ongoing efforts out there so you know he's not yeah i think he's not
looking for any sort of retirement anytime soon um you know he's definitely out there no wow well you for that that's absolutely fascinating thank you andy
this week in infosur you're listening to the host unknown podcast bubble gum for the brain
nice so we don't have uh the guy here today, high blood pressure man. No, we don't.
Get off my lawn.
What is it?
No statins on this?
A statin free episode?
Yeah.
Are you comfortable taking the next slot?
Well, comfortable is not the word.
It's like when your goalkeeper gets sent off and then like one of the other field players has to go and go.
Someone has to do
it so yeah go on roll the roll the rant the jingle listen up rant of the week it's time to mother
rage so this uh mini rant i'm sorry i just can't get angry about any of this
but the best thing is that you'd
actually get angry if Tom was doing it. You would find ways just to disagree with him for the sake
of it. I'm not ranting against the story, I'm ranting against Tom. That's my mission in life.
So let me just think, what would Tom say? Okay, so Okta apparently was targeted this week by the Lapsus Dollar group.
And they apparently breached the platform and published screenshots and all that kind of good stuff.
They told a good story, didn't they?
They did.
Oh, the screenshots were quite telling
and the whole chat that they were releasing,
it was, you know, they had it on there
and people were asking questions.
So they were saying to Lapsus, like, you know,
how'd you get in or how'd you not get caught
and what have you.
And they were like,
unless you're doing something really noisy,
like port scanning everything,
no one's going to find you.
No one checks it. And you uh revoke access to the sock and they can do nothing but cry and watch
and and it's sort of like yeah it's it's it's not good but it's it's kind of like a sad indictment
of where the industry is with most organizations but um i suppose that the rant part comes in comes in two halves it's uh
part of it is well you know anyone can get breached so you know let's lay off the whole
victim blaming thing here octa should have known better this is why passwordless is this is you
should passwordless this is why my solution is better than octa you know all that
kind of stuff that jumps in and ambulance chasing and yeah it's just something that happens all the
time uh the the other part is uh interesting in that apparently um this event actually happened in January. And so Okta was aware of the compromise since January,
yet they did not say anything to anybody.
And that, in this day and age, is...
Worth ranting about.
Yeah, it's a cardinal sin, isn't it?
I mean, people can accept that you got breached.
I think it's a lot harder
pill to swallow that you knew or you suspected you were breached and you didn't tell anyone
i think transparency goes such a long way yeah but unless they just didn't have the info at the time
that's one of those things where it's actually it doesn't look as bad as we think it is
maybe let's not make a deal out of this because it'll look bad yeah yeah always that whole um plausible deniability the junior just wasn't allowed to to report the issues
oh we didn't know we didn't know had someone told us we would have told you yeah
exactly that's an incredible story but it goes to show the power of storytelling
you know like when you can especially if you can you can include images with it as well, right?
They, um, oh yeah, it's a, it's a fan.
It definitely generated a lot of buzz and it turns out it's not actually as bad as initially
thought.
Um, I think it's fair to say, uh, because I think Octra have got an equally good story
to tell about what's happened and, and why it what's happened and why they've managed to downplay
it. And they do that clever thing where rather than saying exactly how many clients, they said
it's about 2.5% of people were impacted. It's a very, very small amount. In fact, they're like
one of the largest identity management platforms with global multi-billion dollar enterprises doesn't matter.
You know, when you put a number on it, it's 2.5%.
Yeah, it just doesn't make a difference.
Although when you flip it around and like you try and steal like 1% of the government's, you know, tax returns.
And all of a sudden it becomes, oh, we could have bought this many baby ventilators for
that amount of money oh man it's always the baby ventilators it is it is isn't it incubators
ventilators whatever like you know what i mean so i um i didn't quite feel the blood pressure rising
i you know i mean i'm just not compelled to argue with you to try and, you know, cause that heart attack.
I just don't feel like I can push you hard enough to sort of really make you explode on that one.
No, no, there's nothing. Tom, if you're listening, what would you have said to to get us all worked up?
Let's try and put ourselves in Tom's Tom's shoes. He would say, oh, this is unacceptable.
ourselves in tom's tom's shoes he would have said oh this is unacceptable and i'd have to go to do you know what let me go to theosaurus.com and just put in unacceptable yeah yes if you got the 1952
theosaurus i think you'll find words more relevant to what tom would come out with
uh yeah no these all the words in here are beyond the pale unseemly
it sounds like a done thing yeah this exactly this is yeah undesirable uh yeah disgraceful
obnoxious see these words just don't seem long enough for me like you know tom's definitely
had more more words with more syllables unlike unlike the uneducated person like me.
Yeah. Yeah. Afterwards, he comes out with either that or it's the stutter.
He's got a he has a stroke every week on air, a mini stroke and slurring his words.
And we just think, oh, he's so clever. So I'm I'm not going to make a joke about Tom having a stroke every week
because we can't edit this.
For the sake of cleanliness, shall I just play this out?
Yes, go for it.
You're listening to the Host Unknown podcast
with your award-winning hosts, Jad and andy and insert name here
we never actually got that third person in today did we i know no we did it a bit of a last minute
show uh but alas there are um some big swinging cojones coming our way. Oh, yeah.
So, Lapsus Dollar Group again. I don't know how to say that city name.
But apparently, one of their leaders has been arrested by the police.
by the police.
The Five-O kicked down a door
in, not in Latvia,
not in Russia,
not in North Korea, but in Oxford.
Ooh.
And they arrested
a 16-year-old.
They were being one of the
leaders of Atlantis.
Interesting.
Very interesting.
Fresh off the bbc uh the teenager and have a mass 14 million dollars about you know 10 and a half fortune from his hacking
um and he was uh basically docked by his uh rival or friends or ex-colleagues as all 16 year olds do yeah exactly exactly
you know the team now this is where it gets also really interesting is like the teenager
can't for legal reasons um has autism and attends a school in oxford right uh the boy's father said like i'd never
about any of this he never talked about hacking he's always on the computer so i thought he was
playing games and and then the next statement actually made me laugh is like to try to stop
him from going on computers oh geez it's it's like do you realize the gravity of the situation
farther off alleged hacker it's not a case of like we're going to try to stop him you're going
to burn the computer you're going to cut the internet you're going to put wrap the house in
foil so no wi-fi can get in and out it's uh and stop them from using the phone as well, right? Yeah, exactly.
But I just thought it's, for a young kid, it's just like amazing.
It's like $14 million.
So £10.6 million, right, for our listeners.
Like, I'm thinking when I was 16 years old,
I'd only just got a debit card at 16 i think is when
you allowed them because before that it's just a cash builder card isn't it um surely having that
amount of money in an account kind of you know flag something somewhere well i think it was a
bitcoin wallet so i don't think it's an actual account right okay so really had it been
uh you know this this guy is actually in reality he's probably down about 30 million pounds already
yes yeah okay so that that current as of today it's like 10 million pounds but that could be you
know three weeks time could be back up or down depending on which way the uh bitcoin's going yeah yeah wasn't
there a story a few weeks ago covered where uh off like bitcoins that police have seized they've
upped so much in value ever since they had to pay back the uh the interest or the difference in it
so that's uh yeah 300 bitcoins okay yeah that's a fair play to him so yeah that's the thing and
this is what happens right this is why you've got to choose your friends carefully and you do
yeah who do you lead with who's got info on you who's gonna dox you exactly at least with tom
i'm i'm comfortable sharing my seat to get some after about an hour or two anyway yes
yeah no it's much easier and he also doesn't understand half of it either he doesn't know I'm comfortable sharing my seat with him who gets them after about an hour or two anyway. Yes.
Yeah, no, actually, it's much easier.
And he also doesn't understand half of it either.
He doesn't know how to screenshot conversations.
No, he doesn't. He doesn't know how to unlink his iCloud from everything.
So he's deleted it from one place
and it's synchronized across 20 other devices
and he just has no idea.
And his wife's looking at all these images
come through on the apple tv at home yeah while he's there oh no we can't even edit that one out
okay it's all right tom ignore that one all right i'm gonna play this out billy bigs of the Week.
This is the podcast the Queen listens to.
Although she won't admit it.
So Andy, the sun's getting real low, big guy.
What time is it?
It's that time where we head over to our news sources over the InfoSec PA Newswire who have been very busy bringing us the latest and greatest security news from around the world.
Industry News
Charge password sharers.
Industry News Net charge password sharers. Industry news.
Background check company sued over data breach.
Industry news.
Okta confirms 2.5% of customers impacted by lapsus breach.
Industry news.
Medical service leaks 12,000 sensitive patient images.
Industry news.
West blocks Russia's access to the West.
Industry news.
Fastest ransomware encrypts 100,000 files in four minutes.
Industry news. US indicts Russia over carding shop. And that was this week's... Indian police bust online helicopter scam. Industry News.
And that was this week's...
Industry News.
Wow.
Huge if true.
So I started that Netflix to charge password share as one.
That's...
I know there's like the link with
you because it's you know sharing passwords but you know I'll be honest my
Netflix password isn't that strong anyway because I share it you know I can
have come over as two or four people I forget which account I've got I think
have four people but my in-laws use it you know they're sort of elderly couple
they've got a lot of time at home. So, you know, I share my password with them.
Let Netflix and chilling in your in-laws house.
Okay.
But yeah, so this is the story that they're going to charge.
They're already testing ways at the moment to charge Latin American users
who share their password to someone in a separate household.
So they're obviously doing something um you
know where they're checking where people connecting from uh but this is going to impact a lot of kids
that head off to university or you know couples that share from different locations i mean even
you know when you're traveling i think there's going to be some sort of additional authentication
that you need to do um netflix have kind of always acknowledged that you know people do share
accounts yeah exactly they even make jokes about it on on twitter yeah but it's uh yeah it's gonna
be a shame but i guess revenue uh is king and uh you know when you're up against the likes of
disney plus and amazon prime uh you know they're looking for ways to get that back.
Yeah.
Yeah.
So about five years ago, I'm just finding the tweet from Netflix.
It's either the 3rd of October or the 10th of March 2017.
Netflix tweeted,
love is sharing a password.
Brilliant. But yeah, tweeted love is sharing a password so brilliant uh but um yeah no i think it's it's interesting you know it's it's it's one thing to have it from day one but once people have gotten used to a
certain thing the way it is charging it then is uh is uh is a bit hard and it's tough. No one likes that.
So I was looking at the other story, like fastest ransomware encrypts 100,000 files in four minutes.
And this is a story that it was a vendor, obviously.
Splunk did this.
And they're now saying that network defenders have just 43 minutes
to mitigate ransomware attacks once encryption has begun.
So doing testing that they did, they measured the speed at which ransomware encrypted, you know, sort of 53 gigs of data, which is about 100,000 files.
And LockBit came out the fastest, you know, speeds of 86% faster than, you know, the median.
speeds of 86 faster than you know that the median of um so lock bit can apparently encrypt 25 000 files per minute which is great for their marketing brochure uh so i'm guessing internally
that you know their marketing teams are saying hey this is why you need to be using our ransomware
it's it's so optimistic to think that any company can do any 43 minutes i mean i don't even reply
to my emails in 43 minutes when they're like flagged marked as urgent and like immediate response required
yeah within an hour after lunch i'll respond to it i'm the same with ims let alone emails
yeah well you never check emails
but yeah no i think it's uh it's so like it's interesting research it's not really
anything groundbreaking though it's like if if if ransomware's landed it doesn't matter whether
it's going to take four hours to encrypt it's it's not going to make that much difference
yeah you've already lost your stuff um the other thing that was interesting to me,
the West blocking Russia's access to weather data.
Yes.
And the reason they're saying they're doing this is,
yeah, so they're curbing Russia's access to meteorological data
over fears that the country may use such information
to attack Ukraine with biological or chemical weapons.
So this is to prevent them from getting sort of instant
access to wind speed and direction uh and sunlight which is uh you know these are different threat
models that i guess we wouldn't really consider no no i i mean like reading it now it's like wow
like you said this is a very different threat model. Because I'm thinking like, sitting there like, ah, should I water the plants today
or will there be rain?
I have no idea.
We're doomed.
Oh, man.
Tough stuff.
What do you have on that Indian police bus online helicopter scam?
Do you have on the Indian police bus online helicopter scam?
So there's basically a criminal selling fake helicopter tickets to a pilgrimage site.
There's some sort of like shrine on some hills.
And they would like, yeah, buy your helicopter tickets rather than walking all the way up the mountains or whatever.
And they've arrested the gang.
So it's not your most important, but, you know.
It doesn't have to be, right?
No, no.
You can be dead and just say my name's John Johnson.
Passport.
Oh, thank you, Jeb.
That was this week's.
That was this week's.
Damn.
That was this week's.
We've lost it.
Right.
The soundboard's gone.
Oh, no. Oh, no.
Oh, no, I've got a...
Okay, I've got the preview back.
No, we can't go live with the soundboard anymore.
Okay, no worries.
No, that was this week's Industry News. Industry News.
So, this is probably where we play a sweeperer but you can't play a sweeper now so
we will move on to uh oh the favorite uh jingle that we can't favorite jingle
yeah oh do you know i think i've got it i think we've gone live again
this is the podcast the Queen listens to, although she won't admit it.
This is what happens when you go live, people.
So, yeah, so it's just time for this week's Tweet of the Week.
Tweet of the Week.
Wait, did you do that or did I do that?
I did it twice.
You did it twice, yes.
Excellent.
Loaded up twice.
Right, so our first tweet uh i don't know so i did
actually two tweets this week because i didn't realize we were going to um slip in a rant of the
week uh so two so first one is from a guy called andrew schmellian and he says here's why i bought
a receipt printer every time one of my github repos gets a new issue, I now get a
physical ticket printed out on my desk. And it's fantastic. And unfortunately, there is a video
with it. So you're gonna have to click into the show notes, click on the tweet, and you can see
it in action. So he gets a new GitHub ticket and an actual paper ticket as if like, you know,
you're in a restaurant, whatever, comes out and he can read it and it just looks fantastic to do that so spice up any uh sort of sock or you know if you use salesforce or any other like jira ticket
assignment spice it up get a ticket to your desk and he's uh published instructions on how he's
done it with his um uh uh how he's done it with a raspberry pie and everything but uh yeah whilst you're in the
show notes just click uh subscribe yeah but the uh second tree this is uh in relation to
uh i thought i'd slip it in because the uh creator of this um actually died earlier this week so
malware unicorn says uh you know she had a conversation with her wait wait wait did she die
no no not malware unicorn.
Sorry.
No,
I phrased that really badly.
No.
So the subject that she's my best,
the subject she's talking about.
Okay.
Okay.
Okay.
So that,
yeah,
it's the inventor of the gif passed away earlier this week.
So she had a conversation with her mum.
Her mum says,
I was sent a gif.
And she says, no, mum, it's gif.
She says, but this person pronounced it gif.
And so she says, don't trust people who pronounce gif as gif,
which I think is sound advice.
It is sound advice.
It is a gif.
There is no debate about it at all.
Yeah.
So, yeah, there are those that will die on that hill and those that are just plain wrong.
Yes.
And it is absolutely a gif.
Yes.
I mean, this is the litmus test for, I think it should be in every interview.
Can you please read this word out?
And if they call it a gif, I don't care how good they are professionally.
They're not getting the job.
No, exactly. Simple test. Yeah. Brilliant. Right. how good they are professionally they're not getting the job no exactly simple test yeah
brilliant right that was this week's tweet of the week the host unknown podcast orally delivering
the warm and fuzzy feeling you get when you pee yourself that was a uh mistake to click on that
one uh that was that was the one that was missing before when I couldn't get the sweeper in.
That's OK. No worries. I don't think anyone's really, really going to notice.
Yeah. If you're still with us 40 minutes on. Congratulations.
Yeah. And we can tell you exactly how long the episode is because we're not going to edit it at all.
No, no. I think we probably only got Tom by this point. congratulations. Yeah. And we can tell you exactly how long the episode is because we're not going to edit it at all.
No,
no.
I think we probably only got Tom by this point,
maybe his mum,
because we're talking about her son.
Hello,
Duchess.
Yeah.
Yes.
Hope you're doing well.
So,
yeah,
so again, we won't prolong it.
We won't do the,
bye-bye,
bye-bye,
bye-bye. Oh, no no you you you hang up first so uh yeah all there is left to say is uh thank you very much sir and have a good
weekend thank you i'm surprised that you're talking to me i always think there's a third
person in the room who you might be talking to thank you i will have a good
weekend and uh you'd kill you son of a you've been listening to the host unknown podcast
if you enjoyed what you heard comment and subscribe if you hated it please leave your
best insults on our reddit channel worst episode ever r slash smashing
security so talking about tom's mom i met you remember feisel he used to work at ifc squared
now he works for firebrand training or something oh yeah yeah and he used to rent a car i can't
remember the name of the app but there's a car sharing app so if you have a car that's spare you can rent it out through right of course Mr Langford would have spare cars right
yeah exactly so he was renting out this car from this lady like a couple of times and her name was
Mrs Langford and one day he was just like oh you, you know, I know this guy called Langford. And it turned out it was Tom's mom.
And then he video called, they video called it.
It was the most bizarre thing.
I'm going to hit stop on that one.
Hold on.