Gym hacking, disappearing DNA, and a social lockout
49:31 Share

Hang on, hang on. He did A D, N, A test today. Oh, my god.

Yes, Jerry L.

Smashing security episode three hundred and ninety five jim hacking, disappearing DNA and a social k out with Carol ario and gram, 你 welcome hundred my names is grown clearly .

and i'm Carol tario and cruel .

today were joined by a very special guest。 Can you please introduce them in your own intimate, able fashion?

I don't think he needs any introduction.

Does he is an a brading. Hello, how are you too? Welcome back.

It's good to be back. Anything you wants to share with .

our listeners before we kick off? No, it's really Christmas.

Oh, thank goodness your hate to remind.

Okay, let's get this show on the robot first. Let's think this week's wonderful sponsors, one password, venta and red locker, now coming up into a show. Gram, what you got.

i'm going to be talking about hacking might not help you get hired. OK.

Anna, you .

talking vanishing genetic testing company?

Oh, okay, i'm gonna. Look at how odds plans to d hook its kids from the socials all this and much more coming up on this episode of smashing security.

Now, chm champs, as anna just mentioned, its almost Christmas. The end of the year is rapidly approaching, always a glorious time of the year. Everyone enjoys all that, the passing of time, the speeding up of our lives to the inevitable.

Dm, no, I am looking forward to the holiday. Yes, I think we all need a bit .

of chair and looking .

i'm looking forward to Christmas markets. I'm looking forward to mod wine and Christmas quiz and little dinners with friends and the people actually .

like mode wine. Yes, I didn't.

I love mode.

I know there's a reason that only served IT once a year.

People like minions as well. You would eat them in june. Yes.

I would often be stuck in myself with my spies. I would have no problem in that, maxing out the credit cards as another great thing to enjoy.

Well, IT is nearly black friday.

finding pine needles in your socks for weeks afterwards, where in big baggie jumpers needed for you by your anties, some would say, is the most wonderful time of the year. They and then january hits and you're bloated on quality street jobless. You never want to see another slice of cold turkey ever again yet.

In worse, many people who do dry january, which I will be doing this year or so, you have that first week after over intel gent during the Christmas, like basically sweating out the alcohol. Maybe that's just me.

A lot of people feel little bit the worst for where and they come the new year, and they think this year is gonna different. This year i'm going to make a resolution. I'm going to join the gym.

The gym, yes.

but I won't just join the gym are actually and this is different from join the gym. I'll go to the gym. It's what you're say OK who cares what the weather like?

I'll be going out in all weather. I'll go, yes, of course I go to the gym. I don't mind that IT cost fifty pounds a month. It'll be worth IT you say to yourself, you convince .

yourself I think fifty would be a barking. I think it's more .

like a hundred yeah of my good. I live .

right near two games, right? There's two games like on my block. yes. And come january boy or those places, juan, like there's a line up for machines, everyone's got their brand new sports .

gear on my paton petal are gonna be falling off in january the moment that's of .

stationary. And maybe you do go to gym may be go to the gym twice, but you can't get out the contract, can you? And so you're still pain for the gym and not going to IT in April.

And I wonder if that's what happened to a chap called Nicholas cluster because he turned up to his local health club on April twenty six, two thousand twenty four earlier. The shin April may be joined IT in the january. He showed up there just before midnight. Now you tell me, girls, is, is that Normal to at time throw .

back .

to one thousand .

nine ninety?

Well, boy, let me tell you, uh, I do. I did resent twenty four our games near where I live. And when I drive past IT, there is often people, there are all sorts of times yeah the .

one of my blocks at twenty for our team, sometimes people work really late at night, right? If you're doing shift work and you want to put a sweet on before .

you hit the sheet, goodness, maybe you're right. Maybe he was going for the late night session. Maybe he was just trying to cancel his membership until it's less embarrassing in, I thought, trying to do IT at midnight.

Not many people see. Maybe he was too embarrassed to go to the gym. You're in Normal gym opening times because he'd let himself go bit too much.

So basically he went late at night. Okay.

he went very late tonight. So just before midnight.

he was there at the gym.

Normal to say, the next day allegedly dropped a em out, the owners of the gym. This is a company which wants multiple health clubs across kansas as and missouri. And he claimed they had gained access to their computer systems.

Yes, there is a cyber security element to my story. And what he claimed in the sima was that he could easily hack into the company's I. T.

systems. So he wasn't on the rain machine, he wasn't pumping. And IT sounds like he was well doing.

What manifest for exercise? You participating in erotic c activity, various fingertips on the keyboard. I mean, no, that's what that is, a formal of exercise.

You can burn calories just at the keyboard if you want to. Ultimately, if you did enough typing, you know, people come out with diet books all the time. Different ways to lose weight. I think you could probably sell a book about how you could get a workout at your computer.

Yes, wouldn't be on my top ten less time.

Is there way to count your fingertips? Strikes like your steps because my apple watch doesn't count .

that smart rings. They exist.

Instore k lo ga, you could just just count the key Prices. You would work perfect. You have to turn off full therapy.

S he can't cheap. I just told him down a key press in fifty eight times. Anyway, this chat cluster, he's alleged to send an email from his working and address, anne said.

The following said, i've managed to circumvent the logging for the security cameras, the gym, by using their visible I P addresses. I've also gained access to the google fiber reuter settings, which allowed me to use. And at this point, the feds have reduction.

A word is the name of the tall, which is, but anyway, says, allowed me to use something rather to explore user accounts associated with the domain. He said, if I can reach the files on a users computer indicates potential for deep system access. So he saying, there's a security vne ability, right? Yeah, yeah. He says he was able to access security cameras, able to access and fiddle .

around with things. And he's told this to the company question, not advertised IT on some forum.

That's right. And he went on to claim that he assisted over thirty other small to medium sized businesses in the kansas city area. Little digital vigilant here.

a very interesting point.

Any attached the file now you probably remove contents that are, well, were they malaise where they know where where they rent somewhere.

where they something they open IT and they and then get infected and help that for rent.

Exactly what I was is what he described as his resume, his C. V. So according to the fb, I have been in place this case. And they charged cluster IT was quite different from his Normal resume.

That one he Normally hanged IT out so we don't know exactly the details, but IT sounds awfully like he sent an e mail to the gym owners claiming attacked into their systems in their computers and was looking to get hired by them the security consulting services at the same time. So he's done the advert for his services at the same time as broken into systems. And my question, sugar, I think I already know the answer from .

muko is do you think that's okay? Ah I think is if he's responsibly disclosed, I suppose he's hacking rather than he is.

Don't a ton of legit company ies do this all the time? We'll send your report going. We found five hundred and forty six problems in your system.

But generally they're invited aren't like to do a penetration test on our company.

not always.

Certainly, facebook big companies have hired people after they hacked into their system, but they've .

announce a bug bound. They're given a rules and they said, if you find a vulnerability or you're welcome to do this, to do this kind of testing, you're not welcome to do other kinds of testing, but this is the kind test you can participate and and if you do get in touch with us and then we may send you A T share or something like that.

Yeah, but I think I think they've hire people that have like stolen stuff.

And I would argue I think that depends on his next actions as well. So if they say, hh, thanks so much, we don't have an opening there, but you know thanks so much for the information and then he then holds them to rent them advertisers to everybody what he's done or you know retaliates in some way, then that's the issue.

I don't know there's much of an issue and saying, if someone came to me and said, really love your press release, go but there's a mistake here, right? You made a mistake here in this paragraph. And boy, I can help you in future doing those much Better.

Isn't that how you hired make?

There you go.

But really mean, I agree with you. I think it's a grey area, at least based on the information that we know so far from this Price. But he doesn't the apartment is is a term, and there are some what I did, I don't know. This is a twenty four, our gym a and I wanted maybe whether he had gained access. Well.

perhaps because .

IT turned out, the staff at the gym found out shortly afterwards that he'd done some other things, for instance, had deleted his photograph from the gym's database. He had stolen the staff members name tag. I don't know that something which might have helped him gain access to areas of the gym. And also he reduced his monthly gym membership to just one develop a month.

I think that's a that's .

a that's .

expensive. The gym .

and those photos .

are never know exactly. Now, some weeks after sending the emails to the company, this chat cluster is set to have posted an image to social media of what appears to be a screen shot of is a detox computer showing control over the security cameras of the gym.

All right?

And there's a chat box window. How to get a company to use your security service? You see? great.

I don't know if it's fair that you ask because these questions.

This is a new OK, okay.

but you ve got us to kind of give our point of view but say this is the information when you know like by the way, the gym is not a twenty four, our job and .

I have they .

broke in. I don't know.

I don't know.

Well, okay, well, lad, you don't know because we don't know OK.

Again, i'm not sure about this, right? He posted on social media a screen cap of his desktop showing he had control of the security cameras. You do see vulnerable.

Research is sometimes sharing information of that to prove that they had access to a system. The chapo x says how to get a company to use your security services. Again, he's not saying i'm gonna screw these guys up or i'm gonna wipe their tape. Anything like that .

is he did he, did he list the gym? The name did he name in shame?

Don't know, don't know that the name of the gym has been removed from all of the .

court documents. So I been through. right? Because if you identifies the company and says these guys have a security vulnerability and I cracked in, I think that IT tells other bodies, uh, that there may be a way for them to access, although he was on premise. So no.

so I dd brother images like what's like the images? I think it's a great exelon questions.

Yeah no, I think I think you're right because we don't know enough. We haven't had this picture shared .

with us and what you're telling us, which is less than what's telling .

you everything I know, everything I know and he's everything I haven't told yet, which is IT was now the following months, right the months after send the emails that may have twenty twenty four and cluster allegedly end the premises of another company, a nonprofit organization, into an area that wasn't supposed to be accessible to the general public. right? Gin, send a bit shady.

He access to computer with internet access, and he said to have used a boot desk is how IT describes IT to access the computer through various user accounts. He circumvented its password protection. I installed up on this computer, A, V, P, N, possibly to maintain access to the company systems.

make them more secure, of course.

back the most. So yes, he, he's identifying security holes .

and helps them along.

I help them produce a report that's illegal.

though, like that's illegal, missing around with someone else. The system, right?

He's breaking in a lot. What is illegal to access the system is not just to deal with the system, but to access the system without permission is as well. So you could argue accessing the camera feed is a breach of computer criminals.

And right, this non profit, they say they suffered losses over five thousand dollars as a result, trying to remediate this security breach. And you remember that I told you that when he sent the initial eam out to the gym, he went from his work email address. Well, the feds have been rounded there as well.

And the people who hired him there, they say that he used stolen credit card information from them and used IT to purchase, quote, hacking some drives. So on the company that you had a company credit card, whether allowed to or not, unclear. I was purchased in potentially tools which could be used maybe as a penetration tester, maybe as a hacker.

Yeah, in fact, that the tool that he used at the gym is not being disclosed, just that perhaps IT maybe a tool that shouldn't be you .

could be file manager. He could have been what he was right, would just been the command like what could be we don't know what IT was. So some lessons in I think it's all suspicious if you go to the gym. No, it's late at night.

Gym is closed and you break in. That's a little suspicious. There's a twenty four hour gym. You were a tesco s at two in the morning buying diapers.

We would be like I don't .

have oh.

that .

wouldn't be suspicious. That based for things to prove.

Anna, what have you got for us this week?

Well, coral and gram, do you know your .

heritage? Hitman, I know my parents are.

Yes, I, I think I do. yes.

Do you have .

a very exotic mix? Yes, as you can imagine. Yes, I am. You could have pick that up. Yes, i've got a bit, i've got a bit of a water shin me from help share. Yeah, I have IT got a bit of that.

And my father was born in the middle ast, albeit one of the period tish places before we got kicked out. right? So yes, so you know quite .

exotic exotic? Yes, kind of like mine actually I don't think is a part english. 好， jack.

you from 芝麻。

Part gmac, there's a danish, Scottish, french.

Do you know this?

Do I know this? Thanks to one of my parents who paid to find out I D N A testing.

Hang, hang on, hang on. you. One of your parents was this, your father patches, who was interested to what your ship D N. A test to you?

Yes, just.

oh, hold the front page. We this, we need to put you at the start of the show. This is great. Okay.

so yeah, did the doors to check my heritage. And but the parents that did this is not the only one, because, as we know, many people have sent their live off to D. N. A testing labs in the hope of finding out more about themselves.

And there will .

lose these companies.

I say, I have not.

I have not. No, I have not either.

No, because we are sensible, right? But the problem is that other people inside our family can do IT yeah and maybe revealed something about us.

People didn't think forward about the implications. But anyway, so there's ancestry, there's my heritage and there's twenty three. And mako, if you spoke about on a recent show, then there is atlas I am made. Have you heard of them?

I've heard of them, but I don't know anything about them.

right? So I haven't heard of them, but they're based here in the U. K. yeah. Lisa topping from mistakes, heard of them, and SHE paid about hundred pounds to get a personalized genetic report from them. Alles said they could not only tell her about her heritage, but also about diseases and injuries that he might be pretty posed to. Yeah, I looked to at their instagram post and there's a lot of talk about learning about you'd micro bio some guesses this a popular features as well um yeah because people .

want to know about health issues that seems to be a really big driver twenty three and me or doing the same thing like find out about family traits and get ahead of the illness that you might be facing yes.

Keep tell you so alive y you don't have to send them something .

else about that's what .

i'm thinking about how anyway this is got .

her results through at first everything was fine or SHE couldn't downal any the information, but that seemed like not Normal for Alice but he could access that all online, which he did every day off o until one day the website didn't work. He tried to contact the company, but there was no answer. Another customer, kate lake, hard to say, sent in her sample.

I didn't receive anything back. SHE contacted atlas and they said they sent her a refund, but that didn't arrive. In fact, the company appears to have done a complete finishing.

So how long was this company around for quite a long time?

I'm not sure exactly, but is yeah okay.

So it's like IT was established. IT wasn't just like a pop a pop a way yeah and IT .

looks from their social media. IT looks like they were using influences. It's quite glossy and shiny.

What they were posting if they're charging one hundred twenty, I mean, you would hope you would be quite a luxury service and you would have an expectation, a lot of money because, cro, Frankly, you could send me some of your spit and I said, oh yeah, you seem a bit canadian to me. You may be a little yeah okay.

thanks.

whatever else. You know, like I I could do that. But you know, they are proper scientists in White coats.

You know it's yeah. Anyway, you you would expect the service to be up and running for. You'd expect quality services .

I would have. But no, not at all. Their websites down, they haven't posted on social media since june twenty twenty three and their accounts have have been submitted to company's health.

nothing. Uh, according to the BBC who vote about the story, artless by made appears, have links to russia. Two, these officers are listed at the same addressing moscow, along with a russian, along with a russian bilan .

at the fsb headquarters. Two officers of the company.

Yeah, so the russian billie e is a resign director for Alice. I mean, we can't speculate on what those times to russia being, but we do no.

I think I think we think would quite happening. But what's going on.

I don't think that based on where it's no.

we can't reasonably but we cannot reasonably speak by .

across great does regularly here.

But we do know that whatever the is out of russia is not just the company that disappeared. It's also all the customers DNA data, of course. And that is like the most valuable data, is literally what makes you you I worked for american company. They often talk about social security numbers that are breached. And there are nightmare because you only have one, but they actually can be changed, is just a massive fah DNA can and and even if you give IT to a company that doesn't disappear like out less or isn't breach like twenty three a minute, you're still trusting that data to a company and hoping that their security and privacy and ethics hold up because you don't know what they doing with that or what the future holds because we are looking at a future where health insurer put a higher premium on those with predispositions to send diseases. Drug makers could target us with ads for us that we might have, but we haven't even to a doctor .

about and millions of people have done this right? Yes, millions of people with black a mira out of different .

companies yes. And law inforce was already using DNA data um and IT doesn't even need to be your own DNA data IT could be your close relative D N A data that you know if you've committed the crime IT could be that much to you and we don't know all the implications because we don't know what the future holds.

So news says father's DNA can't be matched to you. There's no link there, apparently. So do we know how many people have been affected?

No, I I don't think IT was a huge cup is not twenty three and me, which is obviously much, but it's still so IT could .

have been someone like me just collecting jam jars full of spitten sweats but bottle fluid and and writing back sort stuck that was say, yes, appeared to be a bit english. Everyone likes to be a bit exotic, don't they say, oh, you have a pace to be a little bit of egyptian princesses, you or something?

Well, i'm a dan's cream.

So yeah, yeah, I you're related to marian to IT.

So what have you got for us this week?

Okay, so, uh, this stories is a Better a little who hog going on down under, uh. Like many countries around the world, australia's government has voiced concerns about the impact of social media on Young people, and the aussie powers that be have taken a bold approach to effectively ban under sixteen s from having accounts on this platform. really? Yes, so this was announced just last week, so they say social media harm to our kids. And i'm calling time on IT, said the prime minister. Now you both our parents, right before we get into any the me of this, what's your immediate reaction both of your kids under sixteen .

so yeah I know like really under sixty, they're under ten and I like my one hope is that it's all figured out 不服 they get smart phone and social media because IT does terrify me。 IT really, really worries me. Um I worry about the fact that if they are having a orrible time at school, they won't able to escape IT because they will be concerned on social media.

I worry about the effect of a friends they might make. I worry about bullying this so much. Yeah.

my child does have a phone and he is on some social media. You have a .

favorite.

I would think that one he's on the most is snapt apparently gives you a score as to how many snaps you've received or sent does IT so .

they've game a fight the use .

oh yes oh and if I will go up like five thousand in a day, i'd love that kids weren't using social media. I think I would be fantastic.

Yeah so the bill that was introduced in parliament just last two week wants to address the concerns about online safety and the negative impact of social media on Young people's mental health check. And this approach has backing across political divides. The leaders of all eight australian states and mainland territories have unanimously backed the plan. Opposition party said he would have done the same thing after winning elections due within months if the government had been moved first.

Yeah, yeah, we have done that. We'd actually, i've done that. You just got that before us. But we thought of IT. We thought IT before you.

Well, nobody that's interesting. They're not saying IT a should idea.

No, no. yeah.

It's kind of sometimes refreshing to hear political rivals singing from the same him shewell .

is not the the sixteen to have voting for the political party is that I think the grumpy old people like myself, the ones you like, yes, this is a really bloody good idea.

I really wanna believe that because if this lap is the aussie legislation will put the social platforms in the financial hot seat. If they failed to have bouncers at the digital door, you know, blocking entry to the youth. So in other words, they need to take a reasonable steps to stop people under sixteen from creating and holding accounts.

Okay, that's so about creating and holding accounts. And if they fail, they could impose fines up to fifty million australian or thirty two million U. S. For non compliance.

That doesn't feel like very much. Not a huge amount for the social media companies maybe, but I I I guess that would escalate if they continued, you know if six months they continued to allow under sixteen zone.

but how they are going to prove that? How like what are we all going to be uploading our as if we haven't already?

Interesting point.

I think they should do a facial scan of yourself if you have some your hair.

I like very Young gram.

so well, I think you think anyway, might be able to be something like that.

Yeah, the case is a dear point, anna. right? Both of you are think were concerned effectively, right? And of course, other countries are trying to figure out ways to medicate the risk of the evils of social for gensec in like in june this year, ten U. S. States of pass laws required children access to social media be restricted or parental consent gained last year, friends reduce legislation to bend children under fifteen from accessing online services unless they have parental permission.

Last tRicky because my son last year really wanted to switch for Christmas and really, really wanted one. And we thought, like a nice Christ present is fine, appropriate for his age, if we get the right games. We bought him one, and lots of his friends got one.

One of them didn't. And so the data actually went out and bought like after Christmas, said that his son could be the same as the other boys in his year. And so you only takes one parent to give in yeah. And then IT becomes like a snowball effect because IT is hard if one of them doing something and the others are you don't want your child be left behind, you'll be like the weird w absolutely.

And puts the honest on you be like, no, we are not going to be doing that. yes. So what's interesting is no jurisdiction so far has seemed to have used age verification methods like biometrics or government fiction to enforce the social media age cut off.

These are two methods that are apparently being tried in australia. That's not to say that they gonna be implemented, but they're being trialed at this point. And the other interesting thing is the bill won't stop people under sixteen from watching videos on youtube, seeing content on facebook. It's primarily designed to stop them from making account s. And this means that the wider college of anonymous web based forms, including problematic spaces .

like maybe four .

or even twitter OK, that's noodle. A few points of contention here that people have brought up. One of them is this is the word first proposal to set the highest age limit by any country, apparently. And there is no exception for parental consent, and there is no exception for preexisting account holders. So who should be boss?

Parents or government is a bit like buying alcohol isn't IT it's in the U. K. They went on 想 干 ah I could easily go into pobs。

I could go into shops and buy alcohol. No one really like they might have said, are you routine and odd say yes. Even now me and i'm still a very Young vic sly, but I get asked idea lot, especially going into pubs.

But what's happened to us? Anna, you and I were together and we were buying a bottle of champagne for some special occasion. And because you were with me, they would not sell me the champagne. E SHE had to produce her own, her own ID in order for me to able to buy IT.

I do. You buy, a few do, but the owner is on the the staff in the shop and the shop themselves and the pubs and they get big friends if they don't.

I R, I just fancy you and wanted to know your name so they can look up on social media. I didn't think you're under age. They saw a hello, hello.

yeah. You probably didn't think that the grand y that served us crack on and .

I think is the illnesses on the hubs and and the restaurants and the shops. Where is when you give the responsibility to the parents? It's much easier for them to just be a bit more wish, wish you with there.

Yes, if IT was like drinking and there was no law against people would may be tough.

but they wouldn't able to do anything. I think IT needs to be the companies themselves.

I think the company's very responsibility, I think as a parental responsibility as well. But IT is, as anna describes, extremely hard because the whole nag factor of children and so much, I think, of kids social interaction these days, actually does happen online then, much as in my goal, as they're not getting together quite as much maybe as we would like to imagine we did when we were kids. And so, you know, joy locked down, for instance, things like fortnight. We're fantastic that their kids play with each other.

Yeah, my son would love to watch youtube kids, and he'd be allowed to watch youtube kids by the companies. But I don't let him watch IT because the stuff that is on there is just rubbish that has been consideration. But I think there needs to be more put in place where it's harder for them to access IT in the first place.

It's interesting because, of course, not everyone is a fan. M sc international australia say removing the benefits that social media brings will not achieve the government subjective of improving Young people's lives and ignores the fact that the harms extend beyond children and Young people to marginalize groups and people yeah and the australian human rights commission says, given the potential of these laws to significantly interfere with the rights of children and Young people, the commission has serious reservations about the proposed social media ban. The appointed cybrids are, uh elon mask has also publicly pup oed IT coc has yeah wonder why? Seems like a back door way to control access to the internet by all australians.

So I can understand some of these arguments on my son, for instance, when he was really very Young, used to enjoy watching history documentaries on youtube. They were like little cartoon months, which would explain, you know, about the king's of england, or about various wars and battles which had happened around the world. And you learn a lot about world war two and, you know, politics, wars and things like this.

And this wasn't harmful time. This was his way of educating himself. And IT wasn't just entertaining IT IT was i'm learning.

I wondered about youtube as well. So listen to this this final point here. So the bill is focusing on live in facebook, instagram, tiktok, Snapchat and twitter x also many more minor platforms and services.

I'm sure they're be able to add to that list as they see fit. Interestingly, the legislation has exclusion framework that exams messaging apps such as WhatsApp online gaming platforms and services, with the primary purpose supporting the health and education of users. So things like google classroom.

So I was watching some of the parliamentary discussion on this and one of the questions raised was, how do you define a social media platform from, say, a messaging APP? And they got specific like why band snatched t but not what's up. And there was a little bit of foundering.

But I think I have a reason that I feel, but I want to see if you guys have any thoughts. I mean, the game unification of snape chat that you mentioned earlier, that's one difference. I've never seen them on. What's up? I don't get awards for sending more messages or less messages.

Let's get a .

good at world.

I be blatant baby. I think I I don't know ough about house natural t works yeah.

there's a lot more features and filter is all kinds of stuff. But one thing that I noticed was that what's up unless ssn, what's up business, but what's up IT for consumers doesn't have ads, right? And Snapchat itself boasts itself potential advertisers.

As I went to the website and says, rich jensie millennial with snaps, chat ads, and it's a snap chap, reaches ninety percent of thirteen to twenty four year old population, twenty five plus countries. Ah I wanted to what about youtube as well? And the advocacy group that put together the reports suggest that youtube remain accessible to kids, but they remain concerned by Young people being able to start their own accounts in the blood videos.

I think it's interesting that they are focusing here on accounts, right, because it's about them being tracked. I suppose it's not so much. But then seeing content all because .

they recognize that the creation of an account, the use of an account is a gateway through which potentially a check could be made. Whether if you just anonymous ly go to a website, you were given that the analogy of having a bounce around the door, but the bound the door is at the point where you went to your credentials to log into a site.

I mean, obviously can't stop someone looking over your shoulder as IT, but if you don't have an account for instagram, for example, you can't. C, L, and .

brilliant, you could blame the politicians love you to if you have this one. Unfortunately, the evil prime minister.

Do zero day exploits and supply in attacks keep you up at night, worry no more, you can harden your security with threat locker.

Imagine taking a proactive deny default approach to library security, blocking every action process and user, unless specifically authorized by your team, thread locker helps you do this, and providing full audit of every action for risk management and compliance on boarding and Operation is fully supported by their U. S. Based support team.

Stop the exploitation of trusted applications within your organization to keep you running efficiently and securely worldwide. Companies like jet blue trust threat locker to secure their data and keep their business Operations flying high. To learn more about how threat locker can medicate unknown threats, ensure complaints for your organization, visit smashing secure dot com slash threat locker that smashing security dot com slash threat locker. And thank you, the threat locker .

response ing the show, whether you're starting or scaling your company's security program, demonstrated top note security practice and establishing is more important than ever. Venter automates complaints for sock to I saw twenty seven O O one and more, saving you time and money while helping you build customer trust.

Plus you can streamin line security reviews by automating questionnaire and demonstrating your security posture with a customer facing trust center, all powered by venture ai. Over seven thousand global companies like a tassie flow health and cora use venture to manage risk and prove security in real time. Get one thousand dollars of venture when you go to venture dot com slash smash that da don't come flashed flashing but one thousand dollars of.

Quick question. Do your end users always and I mean always, without exception, work on company owned devices and I T approved S I didn't think so. So my next question is how do you keep your company's data safe when it's sitting on all of those unmanaged debs and devices? Well, one password has an answered this question, and it's called extended access management.

One password extended access management helps you secure every signing that every APP on every device. Because IT solves the problems, traditional im and m, dm can't touch, go and check that out for yourself at one password dot com slash smashing. That's one password dot com flash smashing.

And thanks to the folks of one password, the support in the shop. And welcome back. And he joins that. Our favourite part of the show, the part of show that we like to call peak of the week.

pick up the week.

pick the week, quick of the week.

is the post the show where everyone choose the same.

like could be a funny story, a books that they read, A T, V show movie, a record to podcast, to website, or a APP, whatever they wish. Doesn't have to be security related necessarily Better.

Do not be. Well.

might I pick the week? This week is not security related. excelled. My pic of the week is a bit of a throw back because I don't know if you remember croll back in episode hundred and thirty nine. No, I talked about hobs with knobs and how hobs needed to have nob.

Oh, I, how could I forget?

Can you point me, obviously, listen every episode.

but let me do a grame just to show how I pay attention to the show.

Okay, let's say.

let's say gram was lamenting he had moved house and lamenting that he could not find a hub with nob. Speak of all the panels and the gizmos and made a huge ten minute rent that I probably shorten to as much as I possibly could to save our listeners from the show box appeal. A listener did come back and gave him some advice, I believe.

think I found the solution I I recommended IT to people. So what happened, I hope, by the way, for the benefit of our american listeners, is a stove top. And the problem is that a lot of induction stove tops or induction hobs these days have touch sensitive c controls. And you you present, and I don't really work well and I just wanted a nob you could turn.

And who is getting old, right? Yes, I found .

one for proper physical control. And I recommended IT in episode es three hundred and thirty nine and croll, who got a little bit annoyed about me going on about my hubs so much with its nobs, said SHE didn't wants to hear about IT for at least a year and he said, i'd love you to come back on and tell me how you're getting .

on with everyone.

I I suspect I did not say love. I suspect that's a paraphrase.

the highest order. But OK. Anyway.

here we are. Here we are.

And i'm excited and I am back with an update. And I have to say that the hob with the nobs was fantastic. IT worked very well and continue to work very well until last month, when two of the hopes that won a problem with the nobs, two of the hopes stopped working, which means that half of my stove top is no longer work.

Oh.

even if you can turn the knobs really easily.

I can turn the knobs. But those two hobs .

so IT .

turns out it's not the knobs that are super import interesting.

So naturally, I contacted the company and said, i've been a great ambassador for your product .

because hashtag ad.

yeah hashtag ad and hashtag, you know me followers I have.

And I said there is a problem with two of your hubs, not with the knobs. They no longer coming on. I don't understand why Christmas is coming. We can be making Christmas dinner. And they got back to me and they said, unfortunately, your warring ty ran out two weeks ago.

Oh, so this is not a .

pic of the week. This is a net pick of the week you see about done IT. It's a new pic because it's about electrical items which fail within days of your warranty running out.

okay.

Gram, yes.

I think good advice for our listeners here is maybe when you're purchasing some White goods that cost a lot of wang A.

I didn't cost a lot.

We didn't cause very much interesting.

that's the problem or so .

you bought a piece of shape.

I have no IT was the only one I able to find which had nose.

Can I just say I have got induction hope with nobs and I bought IT this time last year is a range master hash. I get only this.

There are any problems with IT.

Anna, no is not. But I just cost me a lot of money, and that's why you've gone wrong grain because you bought cheap. And you know, if you buy cheat, you buy twice. So that's what you will be doing.

Maybe you can send me a link because I could be in the market for a new hub with knobs for Christmas .

so that more the story, don't buy hubs with nobs unless you listen to anna.

I could have helped. You wanted a love research.

I research. I know. What's your pick of the week?

Well, so I, I love A P, C. Show, A T, V show. I loved osc. Love breaking bad love, happy vali. Did you watch them?

yeah. All three loved them. Yeah.

yeah. I watch breaking out and happy valley.

Yeah, yeah. So I am always on the look out for something that will give me that you know, like as you're going to be just one more, I just watch one more. That's someone. So the latest show i've been enjoying this day of the jackal, have you heard of IT?

H, no, no.

I've i've in the movie with that would folks?

yeah. So that that was great. That was the book. And then the film in the seventies. And so this is a reinach.

There was a Bruce willis make, I think i'm sure that was shit.

I can't speak out of Bruce now.

Yeah, you're not allowed.

I don't know.

OK right. sorry. You can speak out of him if you want, by a add red man. And it's A T V show. And he starts as the jackal.

So she's a ruthless succession who kills people, and he takes on their identities and then he becomes them in order to kill more people. But is like a top high level ascension. There's an E R mosque ch guru called U D C. There's lots of rich people trying to get one over on each other. Um but was interesting about this show is that they also show his human side so he's like a family .

man and he appears to .

love his wife and his is the stuff going on but the .

is is is conflicting is conflicting .

yes so lame but we all loved him too so IT .

becomes a cat and mouse chase between the jacque and uh british intelligence officer, the anchor, as she's trying to hunt him down and stop him.

Oh, that sounds right up, my ally actually. And i'm looking for a new show.

So I watch IT. Yeah, with IT on is on sky. I be watching you two. Sky is also now TV. Sorry guys, sorry, i'm very rich.

And did you hear anus kids? Did you hear that she's got now TV she's got sky. He's very rich. Well SHE give you youtube kids and know he was .

but I did spend a lot of money on um but you can also I think you can danny IT from other places, legal places and is on P O. Can the U S if you're U S does not take a week.

So what you'll pick the week.

So last night, one of my girlfriends took me out on a movie date and this was quite exciting because he has Younger kids so we never go out of. And SHE took me to see the twenty twenty four palm door winner, a movie called a ora note grave, yet not narrowly miss the palm door, which h we recommend to, great. And I don't recommend for reasons we can talk about another time.

But the winner, okay. So the premise just quickly, you've got this back american season stripper anna, and he knows all the moves, and she's interested by her boss to do the sixty routine for any russian speaking clients. And one day he meets a kid or Young adult calvada the sun of a gazza lian, a russian ali garc and SHE dancers for him, he swings, they hit IT off A A pretty woman, and he turns her life upside down because he is beyond wealthy, completely free, and only twenty one, and life is good.

You know, in order can believe that she's finally been chosen for this wonderful world. Like what could go wrong more than you can imagine is the hands. Er this is like inderal la minus for adults, minus the second ending.

But IT is wise cracking world wind of a film like that has romance, that has loads of sexy times, starts with IT right at the beginning. But IT has action and comedy gold moments, like people were in history s in the theater. And it's two and a half hours long, apparently.

But IT flew by, like, literally, I was thinking, I am a probably about halfway and the movie was ending. Strong acting, strong directions, strong script. Uh, there's a few camels like our olive AR kids slides into the first scene like tom cruise in what is IT business? Sky risky business? exactly.

And there's like a word for word saying that's taken out of pretty woman a camo for that. So it's genius and it's a Lucy for all adult movie buts. But the movie buts movie movie buffs yes.

good movie bets.

Yeah but this is perhaps not for a first day. Okay, because like there's ut there a of the mouth are on but yeah and he has he has a strong message you know IT talks, you know the kind of fruits with the whole concept of class wars, general money, flood humanity .

stuff um .

I loved loved, loved IT so that's an a winner of the palm or my pic of the week. Go see IT if you're over eating .

well that just rap up the show for this week and I thank you so much for join us some show lots of our listeners would love to find out what you are up to and follow you online. What's the best way for first to do that?

Thank you for having me i'm still on next twitter and Operating. I have got my username on blue sky, but get me a linked in if you had eggs and you can find smashing .

security on blue sky unlike twitter, which wouldn't let us have A G and don't forget to ensure that you never miss another episode follows smashing security your favorite podcast step, such as apple podcast modify and pocket casts and huge.

huge thank you to our episode sponsors. Thread locker, fanta and one password. And of course, to our wonderful paton community is thanks to mall that this show is free for episode show notes, sponsorship info guessed less, and the entire back catalogue of more than three hundred and ninety four episodes check out smash security out com until next time.

Sherry o bay.

bye, byebye.