Reply All - #91 The Russian Passenger
Episode Date: March 16, 2017Somewhere in Russia, a man calls for a car. Somewhere in New York City, a stranger's phone buzzes. Email us at replyall@gimletmedia.com and use the subject "theory" if you think you can provide us add...itional information. Further reading haveibeenpwned.com A good article on how and why you should use password managers, and the best password managers out there. Further listening Simplicity by Macroform Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
From Gimlet, this is a reply all.
I'm Alex Goldman.
And I'm PJ Boat.
This week we have our boss, Alex Bloomberg, in the studio.
Alex actually just got back from a vacation in the Bahamas.
How was it?
It was great.
So, Alex, you asked us to come into the studio, and I don't have any idea why.
So lay it on us.
I need some super tech support help.
Whoa.
You're crossing segments.
I am.
That's right.
What's your super tech support question?
So I was coming home.
So I got home from vacation.
I woke up the next day, and I look at my phone, and I see some Uber notifications.
And this is weird because I haven't called Uber because it was like 6 in the morning.
And that was weird enough.
But the really weird thing is that the Uber notifications were in Russian.
Here's a screenshot.
And I actually speak a little Russian.
Oh, right.
So what does it say?
This one says,
Vash Uber Puti,
which means your Uber is en route.
Arthur, 4.9 stars,
will be there in one minute.
You know, then the next one,
Dennis is arriving in a Mercedes-Benz E-Classis.
Nice.
Play, blah, blah, blah, blah, blah.
Arthur is arriving in a Kia Rio.
So it's more than one ride,
it's more than one ride.
Two different people have called Uber's.
in Russia.
And the notifications are being sent to my phone.
All right.
So I have some questions.
Yes.
Did you check your Uber account to see if these rides appeared in your history, if that's possible?
Okay.
So I checked my bank account.
And in fact, my bank account had been charged with two rides, $25.
So, like, what my brain is saying is somehow someone in Russia,
got the password for your Uber, and it's just like...
And hacked my Uber account, right?
It's still being charged to my bank account.
Yeah.
Right.
This actually, this seems annoying, but it seems like you call Uber, you tell them this happened,
they refund the charges and they change your password.
How naive.
How innocent.
You're like an innocent, naive little lamb.
Okay, so what happens?
All right.
So then I like press the Uber icon on my phone to like go in.
And instead of the normal thing that happens when it shows up and it says,
Hi, Alex Bloomberg, blah, blah, blah, where would you like to go?
Whatever, the normal screen.
I get this screen.
And it says...
What?
Uber, get moving with Uber, enter your mobile number.
So it's treating you as a new user, basically.
It's treating me as I've just downloaded the app, and they have no record of who I am or anything.
Which is weird because you're on your phone.
It's on my phone.
It's the app that was installed on my phone, but when I open it up, it doesn't recognize me.
So then I'm like, uh-oh.
So then the next step would be to call Uber.
It's impossible to call Uber.
Right.
So we emailed help.uber.com and I got a email response from them saying, like,
we are unable to find any account associated with this email and mobile number.
And then I wrote back and I was like, that's really weird because that's my phone number.
It's definitely associated with this account.
I have, I just received notifications this morning to this number.
I have credit card charges from your company.
I have credit card charges from your company, et cetera, et cetera, et cetera.
and they wrote back the same thing.
And they wrote back, sorry to hear your trouble.
We were unable to find an account associated with an email number.
For security reasons, please email.
And so then I kept on writing, and then they kept on sending the same form email back and forth.
And so then I was like, okay, what do I need to do?
How do I, how am I going to get out of this machine loop that I'm in here, right?
Like where they keep sending me the same form letter back over and over and over again.
And so then I was like, maybe if I.
I wrote the word escalate
And then I started typing something in all caps
And I started cursing
Just is this gonna like get me
To a higher level of service?
When you get a robot on the phone sometimes
It's like you say the right word
Agent agent agent, agent, agent, yeah
I was doing the email equivalent of agent
Were you sending these always individual emails?
Yeah, yeah, no, so I have, yeah
It's like one, two, three, four, five, six, seven, eight, nine, ten,
you know, it's like basically 15, 20 emails back and forth
between me and Uber.
And it's all getting the same.
And it's all getting the same thing.
So, by this time, I'd roped my wife, Nazny,
and helping me with this.
And we found, and she still,
her Uber app was still working.
And so she found, inside the app,
there is a number that you can find.
And it's the number that you are supposed to call
if you've been assaulted or endangered.
That's the one number that is an actual human being
on the other end.
Huh.
So I called that number.
And I said, I haven't been assaulted by a driver,
but I need to talk to a person.
But I need to talk to a person.
Because, and then there was a very, very nice lady who was like, I will try to, let me try to help you.
Explain her the whole story.
And she was like, okay, give me your phone number.
I gave her the phone number.
And she was like, there's no, I have no memory of this phone number.
Get out of here.
And she was like, hold on.
And then she came back and she was like, there's one more thing I can do.
This is a little unorthodox, but if you give me your credit card number, I think I can call up your account through that.
And I was like, okay.
And I gave her my credit card number.
the credit card number that had been charged that very morning from Russia.
And she was like, I have no record of this credit card ever existing at Uber.
That's so weird.
That's bonkers.
My entire existence has been erased.
It feels creepy.
It's super creepy.
And then I was like, is there anybody that can help me?
And she was like, there's nothing I can do.
So then I was like, okay.
So then I started emailing some more.
And what were you getting any variation in response?
And then they stopped.
And then they just stopped even auto responding.
They stopped responding to your emails at all?
Yep.
So I have not heard from them in three days.
Okay.
And here are my questions.
Yeah.
Go for it.
I want to know.
How did this happen?
And then did somehow I do this
or is this purely like a data breach at Uber?
Okay.
I think that I hope that I can answer that.
I will look into it for you and I will get back to you.
Okay, a week ago, yes.
You came to me with a problem.
I did.
And the first thing that I wanted to know was like, is this a freak occurrence or does this happen all the time?
And almost immediately, I heard that our coworker, Christia Liberty, had a story that I needed to hear.
It was in early January, 2016.
I started getting these notifications in the middle of the night that,
there was somebody, it was like, your Uber is arriving, but it was in Arabic.
And there was this guy that was taking trips around Casablanca in Morocco.
And so at first I was really freaked out because the amounts were really high, like 50 or something or 60 MAD.
It'd be like 50 mad.
And I'd be like, whoa, like, I don't even take $50 Uber's on my account.
Like, who are you to be like taking these like expensive Ubers?
And then I did the math
And then I was like, okay, no, that's like a dollar.
And so it's like, okay, like I could be fine with this for a little bit
Because I wanted to just keep on seeing where he was going.
Hold on, you were just like, okay, I'm fine with this for a little bit.
I'm just going to let this go.
Yes.
He was pretty respectful about it.
Like, it was like towards the end, it was like a couple times a week.
And I sort of became like weirdly addicted to seeing these trips
and like Googling where he was starting and where he was going.
And it was actually upping my Uber rating.
Because I had a fairly bad Uber rating because I always like requested and then I take a really long time to get to the car.
So I was like, this is great.
Like this guy is like so punctual.
Like he like requests a Uber.
He's down there.
He gets in the car.
And so I'm like, okay, this is actually like very symbiotic.
And also I'm like helping somebody out, you know?
Like this is so weird.
So I let it keep going for about a month.
And then I was like, okay, well like I probably do have to do something about this because I was fine with this guy taking the ubers.
but I didn't want necessarily like everybody in Morocco
to start taking a burst in my account.
So Chris ended up changing his password
and that put an end to the rides around Casablanca.
But what I was struck by
was just how common this Uber hacking turned out to be.
Like, it wasn't just you.
Right.
It wasn't just Chris.
Right.
It's not a Gimlet exclusive thing.
That would be weird.
I went on Twitter and found a ton of people
who were having similar problems.
Like I found people who were reporting
that there were.
rides that they'd never taken in places like London and Hong Kong and France and Indonesia.
Like, it's happening all over the world.
Wow.
And what I was curious about is, like, where these hacked accounts were coming from.
Like, how were people getting their hands on them?
And I saw that Joseph Cox, who was a writer for motherboard, and he was on the show the other week.
Helping me hack your phone.
Helping you hack my phone.
Yes.
So I saw that he had written about exactly this problem.
Hello, can you hear me?
Yes, I can hear you well.
Joseph?
Yeah, how you doing, man?
So I called him up in Berlin.
And he told me that a while back, he was browsing the dark web.
And if you don't know what that is, that is just a part of the internet that is not easy to get to.
It requires special software to get on.
And a lot of illegal stuff is sold there.
So I was just browsing one of the dark web marketplaces, which I actually spent a lot of time doing.
You will just go through the listings like you're on Amazon or eBay or whatever.
and you'll come across something pretty interesting, like 70% of the time.
Can you give me an example?
Hasmat suits, AK-47s, you know, all the good stuff, really.
So Joseph was just poking around, not really looking for anything in particular.
And I just came across this vendor who said he was selling Uber accounts.
And I thought, well, that's pretty interesting.
Then we looked into it, and there were a hell of a lot of people selling stolen Uber accounts on the dark web.
And Joseph told me that they're relatively cheap.
How cheap is cheap?
They're between $4 and $7 each.
So you can buy somebody else's Uber account for $4 to $7.
Right.
And then basically what you're doing is you're buying my password and login.
Your username and password.
The fact that like, oh, there's all these accounts, like to me that suggests that it's not everybody's fault.
That like somebody isn't getting, if somebody shows up and they're like, I got a thousand Uber accounts.
You want to buy one?
It's not because they guessed a thousand passwords.
It's because, like, Uber made a mistake.
Totally. And that's what I assumed was the case also.
Except Joseph specifically asked Uber if they had gotten hacked.
Uber, they totally denied that they had a data breach.
And then as I continued to report and spoke to these hackers who said that how they were accessing accounts,
that kind of backed up what Uber said.
We found no evidence that there was a data breach actually at Uber itself.
And so I decided to go on the dark web and just ask people like, hey, where are you getting these Uber accounts?
And you would be surprised to learn. I'm sure you'll be shocked. They're not super stoked to talk to people who want to talk to them about their criminal activities.
Well, they probably just don't listen to podcasts.
But this one guy went by the username Passman. I sent him a message saying, did all of these Uber accounts come from some huge hack of Uber?
And he told me the same thing that Joseph told me, which was he didn't think that anything like that had happened.
Okay.
And I said, interesting.
Can you do me a favor and see if any of these email addresses are in your cache of hacked Uber accounts?
And you gave him a bunch of Alex's email addresses?
A couple, yeah.
Okay.
And his response was, and I quote,
Why are you giving me your boss's email addresses?
Do you want me to take a crack at his other accounts?
That's daring.
I kind of agree with them.
Yeah.
So I went to all the local muggers, and I showed them a picture of you and your wallet.
And they said they didn't recognize you, but it seemed like you have a lot of money.
Oh, my God.
Okay.
Look, whatever, it's done.
I can't take it back.
Regardless, Joseph told me that he had a theory for what might have happened, and it's this thing that hackers do that's called credential stuffing.
That sounds gross.
It does sound pretty gross.
Joseph told me how it works.
So companies' websites are hacked every single day.
Last year, we had LinkedIn, MySpace, VK.com, all of these other breaches of tens, if not hundreds of millions of accounts, with email addresses and passwords being traded amongst hackers.
But if you're a clever hacker, you're not only going to use those details to break into accounts on that one site, you're going to see if they work on something else.
The problem there is that people are using the same password on multiple websites and services.
All they're doing is reusing the password, but they'll have a special piece of software
which can just churn through hundreds, if not thousands, very, very quickly.
The more that me and my colleagues report on these data breaches every other day, every week,
it is password reuse. That is the main threat to ordinary users of the internet, for sure.
So at this point, I'm thinking, like, this might have been the thing that happened to you.
Someone got your password from some other account, like your diapers.com account, and it was the same password that you use for Uber.
I mean, who uses a different password for every single online service they've ever?
Yeah, I totally agree.
I don't do it either.
And I am definitely rethinking that now that I've reported this story.
And to that point, Joseph had a piece of advice.
Get a password manager, which is a piece of software which will generate unique, strong passwords so you don't have to remember them.
But since I know you don't use a password manager, I wanted to know if someone had found your password in some hack that had made its way onto the internet.
And luckily, there's a guy who can tell us if that happened.
My name is Troy Hunt. I am a security researcher.
and I am recording from my home on the Gold Coast in Australia.
Which Troy makes kind of sound like heaven on earth.
Sunny, it's going to be 30 degrees.
That's Celsius, so nice and warm.
I think I might go out on the water.
It's clear skies.
Troy's an internet security researcher.
So he knows that the more a person uses the internet,
signs up for new services, new websites, the more vulnerable they become.
You sort of leave these little traces of yourself all over the internet.
And as time goes by, those traces just get larger and larger.
And the chances of one of the places you've left your data being breached and that data then being leaked continues to go up.
So in 2013, Troy started a website that's called Have I Been Poned?com, P-W-N-E-D.
It's a way for people to find out whether their personal information has ended up on the internet.
So when we see data breaches where a company, like say, LinkedIn,
in is hacked and their data is ultimately spread across the internet. I grab these data breaches.
I aggregate them into a service and I make them searchable so that people can discover where
they've been exposed. So what did you find? Well, PJ, why don't you put your personal email address
into this? Oh boy. This is uncomfortable. Okay. Oh, no. Wow. I've been poned.
On how many different sites?
Two.
That's crazy.
Like, these are, it's Adobe and Tumblr.
Both of these are accounts I've had forever.
Oh, that feels horrible.
Your username and password is on the dark web.
That is right now.
A really bad feeling.
That's wild.
Alex Bloomberg, would you like to take a look and see what's going on here?
Have I been poned?
This is terrifying to type this in.
Good news. No ponage found. Wow. All right. Alex, I don't want to rain on your parade, but Troy told me that just because the website shows that you haven't been poned, that doesn't 100% mean that your credentials have never been part of a data breach.
Yeah, there are a heap of unknown unknowns. You know, there are all these things that happen that we simply never hear about. There's stuff that has already happened that will come to light later on.
There's also stuff that will never come to light.
So, for example, in 2016, 360 million MySpace accounts were put up for sale on the dark web,
but they had actually been taken in 2013.
So for like three years, someone was sitting on them, maybe using them, and Troy couldn't put them in his database because he didn't know they'd been hacked.
So even though I got the message saying that I have not been poned, I may still be poned.
Yeah, somewhere.
Should we interrupt the super tech support to do a very quick?
Yes, I know on the origin of Pohn.
Yeah, it's very easy.
You ready?
Yeah.
Most people know it because in video games, when you beat someone very badly, you say that they're owned.
Right.
And the P is right next to the O.
So people frequently misspelled it, and they misspelled it frequently enough that it just became its own word.
Gotcha.
I could have told you that also.
I didn't know that.
So have I been Poned.com?
Right. So based on talking to Troy and to Joseph, my working hypothesis has been that, like, your friendster account got hacked and it made its way into the internet somewhere and it's just never come to light.
But then I got in touch with Uber. And what they think happened actually might be a lot worse than that.
What?
What did they tell you? I'll tell you after the break.
Oh, Goldman.
Welcome back to the show.
Okay, so Alex, let me explain what Uber things happened.
Okay.
So you told me at the beginning of the show that your account just disappeared altogether,
like Uber did not recognize its existence.
Yes, exactly.
And what they told me was when someone changes their account info,
like their email address or their phone number,
the support team only has access to the new information.
So the way that they found your hacked account was the screenshots that we sent them of your...
phones lock screen, which had driver names and driver's licenses on them.
And from the license plate numbers, they identified the rides that were taken.
And from those rides, they identified your account and got it back for you.
But once they got your account back, they took a look at it.
And they told me that they're pretty sure that not only was your Uber account hacked,
but your Gmail account was hacked.
What we saw on our end was some suspicious logins for,
Alex's Uber account. So whoever was trying to log in did have his password, but we have systems that
will detect logins that look suspicious. That's Melanie Ensign, and she is the person whose job it is
to talk about security at Uber. And Melanie told me that when Uber saw your trips in Moscow,
the ones that you didn't actually take, they sent you an email that said, you have to click
on this link to verify that you are actually now in Moscow. And so whoever had actually,
access to his email account was clicking on those links, verifying it was him, and then deleting
the notification before he saw them.
Oh.
And that's why, since Alex doesn't have any memory of ever seeing the email, why we believe
that somebody had access to his email account first, because somebody was taking action on those
emails and then deleting them.
This is where I'm like, okay, maybe, but there's one thing that still does not make
sense to me. I have two-step verification. And the purpose of this is that is to protect against
just the thing that Uber is saying happened to my account. In theory, even if hackers got my password
information from the dark web, they go to their Russian computers and their Russian cyber cafe,
they log in, and then they're going to get a message that says, please enter the code.
And so, and I would be getting a text to my phone saying, here's your authentic.
authentication code and I'd be like, what in the world is going on here?
And then I would like sound the alarms.
So this, that's what I don't understand.
Like how, because I have two-step verification, how did somebody manage to do this from a
remote computer?
I mean, is the question you're really asking just, is Uber lying basically?
Like, are they saying that they sent suspicious activity emails that they didn't really
send and they're trying to cover their asses?
I don't think Uber's lying, but I want to find out, can we determine there's got to be
somebody that you could call in to tell me
if my account has been hacked or not, my
Gmail account. All right. And then, yeah.
And is it hacked still? Am I, at
this very moment,
poned.
All right.
I'll try and figure it out.
All right.
Okay, so it's been a couple
days, and I just sort of wanted to
recap where we're at. Okay.
At first, I thought that Uber had
some kind of data breach and your username and password
had made it out into the world. And that
does not appear to be the case. And then I thought that maybe another account of yours got hacked
from somewhere else, and people used that username and password for your Uber, but that also seems
unlikely. And when I went to Uber, Uber told me that your Gmail account had probably been hacked.
And so, like I said, I've been looking into this, and I don't know what happened to your Gmail.
Okay.
And in the past, when tech support problems have gotten bigger than me, or at least once, we brought in a ringer.
Okay.
Sort of like a super Alex Goldman.
He, yes, we brought in someone who is basically a super version of me.
His name's Dave Maynard.
He is a security researcher.
He lives in Atlanta.
And I have him on the phone.
Howdy?
How are you guys doing?
Good.
Hey, Dave.
So, Alex, I've already briefed Dave on what's going on with you.
So you can ask him any question.
you want. So that, my question is, did somebody take over my Gmail account and does somebody
still have access to my Gmail? Because that would be scary. And it doesn't seem possible because
I had two-factor authentication. Let's start with your questions. First of all, is it possible? Yes,
this happens all the time. The next step to kind of narrow down this mystery is to take a look at
the access logs for your Gmail account and see if there is anything suspicious. Okay. So,
So where do I find the access logs?
So there is one where you can go to like,
it's my account.
Google.com slash device dash activity.
Slash device.
Yes.
Slash activity?
Device dash activity, like hyphen.
All right.
Yeah, Mac, and it's got a bunch of NASA,
the Bahamas, Windows, the Bahamas.
Wait, Windows the Bahamas.
It shows a Windows machine, which Alex does not have.
accessing his account from the Bahamas.
Oh.
Yeah, but no, I did, because my dad had his, yes, no, my dad had his Microsoft tablet.
So I tried to log on.
That's right, I tried to log on to a Google Docs thing.
But my account was compromised three days or four days after I accessed the surface.
So it wasn't like it happened right away.
You're a bad guy in the credential harvesting business, right?
You're getting a lot of information in at once.
You've got to classify it.
Right, got it.
And then you've got to sell it off to somebody to use.
Right.
Right.
So it's not like it's an instantaneous thing.
Got it.
And how would they do that without him noticing?
I mean, malware works in the serious ways.
So it's like, so it's in the background.
Right.
I see.
So it's in the background.
It's running in the background.
It's mimicking an actual legitimate user accessing Gmail,
even though it's not showing up on the screen or anything.
Right.
Gotcha.
Yeah.
All right, let's call my dad real fast.
Do we call your dad's name is Richard?
Richard.
Do we call him Mr. Bloomberg?
No, you can call him Richard.
I don't know if I can call him Richard.
You can call him Richard.
I tell you I'm going to call Mr. Bloomberg.
Okay.
Hello, dad.
Hello.
Hi, Mr. Bloomberg.
Hey, Mr. Bloomberg.
You guys both went for Mr.
I told them to go Richard.
If you're going to be PJ and Alex, I'm going to be Richard.
So Alex caught Richard up on everything that had happened so far
and explained that we wanted to check his tablet
to see if that's how hackers got into Alex's Uber account.
There was one time when I logged into my account
that was on a computer that people say could have been compromised.
And that is when I tried to log into my Gmail account
from your tablet.
Surface Pro.
Yes.
Well, I will say,
that sometime in the last few weeks, and it may have been when we were in the Bahamas.
I got an email from Google saying that someone had tried to log into my Gmail account from a computer in somewhere that I'd ever been.
I can't remember where it was.
And so I deauthorized that.
I said, no, that's not an authorized computer.
And then I went out, and I changed my Gmail password immediately.
You know, I haven't used the Surface Pro since we got back from the Bahamas,
but it had gotten so buggy.
It had slowed down so badly that I figured that,
Something was wrong with it.
Do you have any malware detecting software on there?
A lot of Windows devices come with something called Windows Defender.
Yeah, I think there is Windows Defender on that.
Okay.
Is there any way to look at Windows Defender and see if there's anything?
Yeah.
Let me get the Surface Pro and I'll fire that up.
I've had Windows Defender up.
So I'm going to ask you to do a full scan, if you can do a full scan.
The problem is that a full scan takes a...
So what's the verdict?
Did it find anything?
The scan completed on 718,8561 items.
No threats were detected on your PC during this scan.
Interesting.
I'm legitimately so angry.
Why?
I'm so frustrated by this.
Because it's just unanswerable.
It's not unanswerable.
It obviously cannot be answered.
Uber was compromised, and they're blaming it on me.
and my dad's surface pro.
They found innocent,
they found scapegoats
in the Bloomberg family.
Would Windows Defender
have definitely found
the spyware?
I mean,
this is like
the default Windows
antivirus program
we're talking about.
So it totally
could have missed something.
I don't know.
The tablet still just feels
like the most likely suspect
to me.
This stuff's hard
to actually say
with any certainty.
You know,
it's like trying to
figure out who got you sick.
Kind of. I mean, the virus analogy
is actually very apt. It can
make its way in from a million different places.
But if we were, if we were
to just back up some distance
and look at this, like, big picture,
Uber,
a
multi-billion dollar company
employing, I'm sure,
gazillions of
cybersecurity experts to keep its data safe
or the Bloomberg family.
You are sharp guys.
But not very suspicious in general by nature.
Yeah, that probably, I guess that does seem to be probably where the breach occurred,
much as I hate to admit it.
And we can't, and it is troubling that we cannot find exactly.
It's infuriate where it came through.
Now, I'm not mad at you.
Yeah.
I'm mad at my soul.
I came here to super tech support you.
I know.
And at the end of this, I've got like a lot of best practices.
It's like, use a different password on every website.
Check out, have I been poined to see if your data's out there.
Always be super, super diligent.
Blotty, blah, blah, blah, blah.
Still at the end of the day, I have no idea what happened.
Can I tell you a story?
Sure.
My dad's like a very good athlete and a former baseball coach.
And we would play catch.
And like, no matter how bad a ball I threw,
he would always catch it, like crazy bad throws.
And so I got in my head that he was invincible.
And then one day I took my favorite toy.
I went to the upstairs bathroom or a house.
I threw it out the window at him where he was, like, down on the patio below.
And when it was like three feet from it, I was like,
Dad, catch!
And he jumped out of the way and my toy broke.
That's sort of how I feel about you right now.
Like, we asked you to answer a question that is very hard to completely 100% answer.
and you did your best, and that's just really too bad.
I thought this was going to be a story that would be somehow inspiring.
Make me feel like not an abject failure.
You're part of the human race.
You didn't catch the toy.
You didn't catch the toy.
It's shattered now.
Yep.
Listen, Richard, thank you for indulging us on this.
Yeah.
Thank you.
Yeah, thanks, Dad.
I'm sorry I couldn't be of more help.
But I'm glad that my...
I'm glad that I have no virus.
All right, Dad.
Thanks.
Bye.
Alex, I love you.
I love you too.
We'll see you all later.
Okay.
Bye.
Bye.
So I'm pretty sure that we got this one right, that Richard's tablet is probably how hackers got access to Alex's Uber account.
But I'm willing to bet that there are people out there who think that I am dead wrong.
So if you are a person...
who believes that you have a better theory as to how this happened, or even just a different theory,
email us at reply all at gimletmedia.com, use the subject line theory.
And we will take a look at it, and if it turns out that you're right, I'll send you a personal pan pizza.
Also, if you want to read about password managers, or you want to go to have I beenponed.com,
check out the description for this episode.
Reply All is hosted by PJ Vote and me, Alex Goldman.
Our shows produced by Shruthy Penaminani, Fia Benin, Chloe Prasinos, and Damiano Marquetti.
We're edited by Tim Howard and Jorge Just.
We were mixed by Rick Kwan.
Our theme music is by the Mysterious Breakmaster Cylinder.
Our ad music is by Build Build Buildings,
and the song at the end of the episode this week is Simplicity by Macroform.
Our logo is by Matt Lubchanski.
Fact-checking by Tom Cody.
Matt Lieber is four extra beers in the fridge that you forgot were even there.
You can visit our website at replyall.diams,
and you can find more episodes of the show on iTunes or Spotify
or wherever you personally decide
you would like to listen to podcasts.
Thanks for listening. We'll see you next week.
This reply all is produced by Breakmaster Cylinder.
Oh no.
My friend Jade says the internet's taking a hug.
Schneider.
This won't stand.
Alex Goldman.
Hi, PJ.
I want to find that puppy.
Okay. Let's get to work.
Yeah.
Oh, there he is.
He was hiding in the internet.
He's small and cute.
Reply all is.
hosted by PJ Vote and me, Alex Coldman.
We're produced by Breakmaster Cylinder.
We're edited by Breakmaster Cylinder.
Matt Lieber is Breakmaster Cylinder.