The Host Unknown Podcast - 233: Doorbell surveillance, Audits, and Office Space
Episode Date: March 4, 202619th February 1999: The movie "Office Space" was released. With a budget of $10 million, it grossed a measly $13 million worldwide, but became a cult classic with its homage to Superman III's salami s...licing and Jennifer Aniston's rant against 37 pieces of flair. Now where's my stapler? It's a masterclass in a fraud , a segregation of duties failure, or a monitoring gap — but back in 1999, it was just a comedy plot. Leaked Email Suggests Ring Plans to Expand ‘Search Party’ Surveillance Beyond Dogs Ring’s controversial, AI-powered “Search Party” feature isn’t intended to always be limited only to dogs, the company’s founder, Jamie Siminoff, told Ring employees in an internal email obtained by 404 Media Just found out we’re being audited by our cyber insurance provider Industry news Tweet of the weekhttps://x.com/whoaish/status/2024344477465456936 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
Got your caffeine?
Well, he's finally back with us.
I guess we can probably start the show, can't we?
Yeah, I know.
He's always late.
You guys recording already?
Yeah, of course we are.
We've been here for hours, mate.
Oh, I need another coffee.
Last I heard, it was Ramadan.
It was time to get a drink.
Listening to the host unknown podcast.
Hello, hello, hello, good morning, good afternoon, good evening,
from wherever you are joining us
and welcome everybody, welcome one and all
to this week's host unknown podcast.
It is episode 229.
23.
Exactly.
We are both accurate as always,
according to our own internal clocks.
Well, between us, we'd be right twice a day.
We'd be four times a day.
We'd be correct between us, wouldn't we?
So, well,
How are we?
This is the second week in a row.
What's going on?
It's like the third time of the year, but two weeks in a row, that's quite a shock.
I know, I know.
Well, don't jinx it yet, because we might record two weeks in a row.
The real question is, will it get edited and pushed out?
Will you publish two weeks ago?
Because we're not going to record next week because I can't make it next week.
So.
Well, you can't make it.
It doesn't mean we won't record it.
Yeah, but I also know you guys don't need much of an excuse to not record.
You know, I'm coming back early from Denmark next week just to record,
and now you're dropping this on me.
Oh, really? You are coming back specifically to record?
Yes.
I love that slightly longer pause than was technically necessary.
It was just checking the flight time to make sure it was an accurate statement.
No, no, I do what's accurate.
I took a super early flight to come back because later in the afternoon,
I do have a webinar to present.
So I'm not complete incorrect when you said you came back early to record.
And I said, yes.
So technically I am correct.
Not necessarily recording this podcast.
Yeah, yeah, exactly.
But recording something.
But how are you, Jav?
Anyway, how have you been, sir?
I've been good.
I've been good.
So Andy was scaring me.
He said with my health and stuff,
I shouldn't be fasting this year.
But I was like, I never listens to doctors.
so why should I start listening to Andy?
Yeah, that's right.
You know, there is that.
But other than that, it's been good.
But let's just clarify,
did your doctor basically not say,
I have no idea what's going to happen,
just do it, and we'll figure it out together?
Kind of, yeah.
He was like, let's just see what the symptoms are.
All your doctor is seeing is his name on the cover of the Lancet.
That's all he's seen.
There's a paper to be written here.
Yeah.
Yeah, dear me.
Any news on your back passage and stuff, Jav?
I think, you know, since that came back into focus.
Yes, yes, yes.
So two of my neighbours, despite the fact that it's been raining,
non-stop pretty much, and everything,
they went out to Selco, I believe,
and they bought three bags off MOT number one.
Which is?
Selko, the builder's merchants.
Yeah, Selko is a builder's merchant.
It is like gravel type stuff.
It's like a sub-base thing.
I don't know.
It's like a hardcore.
When they were talking about MOTs,
I was like, what does this have to do with the cars?
Someone's car being damaged while going over there.
Anyway.
But they had him at hardcore.
He's like, take my money.
Hardcore, what?
Two of them bought three bags.
Cost equals 15 pounds.
So they...
These are not big bags that we're talking about.
No, no, no.
These are small bags that they could get in their car.
A potato sack size of...
Yes, yes, yes.
Yeah.
I'm guessing it didn't go far.
They're doing a test just to try out a couple of the potholes to see how it goes.
Now, apparently, the way it is is that the MOT gets...
more solid over time. So the more you drive over it. Well, you have to compress it. Yeah, it's compressed.
Yeah. It compressed and it does. So, uh, we're going to see. So the scientific method is being
used here. We're going to try the MOT one place. We'll probably get a bag of gravel and cement
someplace. Someone's going to come in with a digger. Maybe the odd body. I say, you know,
to speed this up, you literally just get a steamroller and go over it back and forth a few times.
You don't have to wait weeks and weeks for this.
Steamroller, Grandad.
What would you call it?
Steamroller?
Who are you, who are you bloody Fred Dibner?
That's the one.
What would you call it?
Well.
A roller.
Yeah, just a roller.
Steam's got nothing to do with it.
Mine's environmentally friendly, I'm sorry that you want to destroy the planet.
When Andy was talking about his commute, he said,
well, I took the locomotive.
It took the locomotive.
Yes, well, I was steeple jacking up a chimney just the other day.
Anyway, talking of erect objects, Andy, how are you?
I'm not doing too bad.
So, question, Jack, why do they call it fasting when it goes so slow?
Oh, sorry, hang on, hang on, hang on.
Every year, right?
Every year.
Every year.
Or twice a year.
Yeah.
No, wait, wait.
Not even water.
Not even water.
That's the one.
I'm not doing too bad.
My week is, I'm actually on holiday at the moment.
Oh, are you?
Yeah, so it's half-term.
What are you doing in the country then?
Well, funny, you should say that.
I will be flying out this week.
Oh, your membership year is coming up.
I have absolutely zero chance of hitting the points I needed,
but I don't need to anyway because I would give an extra year gratis.
Oh, very good.
Thanks to some IT failings.
somewhere along the way, so I'm just going to keep them.
I shared with you my dilemma, I need one more flight.
With all my work flights.
37 quid to get to Bordeaux.
I was looking at this one.
Gatwick to Bordeaux, 37 quid out and back in the day.
Gatwick, though.
Yeah, but it's going to be 200 quid all in at the end of the day once you bought lunch and travel.
Well, he's fasting.
He's not eating, is it?
He goes out.
There's a day trip.
This is a perfect time for him to be doing it.
He has a point.
That's true.
But, but, oh, and does it matter at altitude?
Does that, I mean, can you have water at altitude?
No, no.
What I could do is I could fly to a mosque in Bordeaux, like, go visit a mosque there.
And then they'll be like, he's a traveller, we should feed him.
But, but they're also an hour ahead.
Oh.
Come on.
You know, so I'm getting sidetracked here, but I'll tell you very quickly.
There's some family friends of ours.
and the son, he really struggled with fasting all his life,
all through his teen years, his early 20s.
He never managed to do a whole month ever.
Did you introduce him to his M-PIC this year?
And then, no, no, no.
And then one year, a few years ago,
he's like in his 50s now.
So when he was in his 40s, he thought,
I'm in a 40s, I need to do a full month of Ramadan.
So he looked on Google, before AI,
and said, where's the shortest days this year?
Dubai.
And he, like, fly out everywhere.
He went to South Africa.
He went to Cape Town.
He booked an Airbnb right next to a big mosque there.
He goes, he landed there.
And he was like really happy.
Then he was like, oh, crap.
I'm on the other side of the world.
I know nobody.
I'm just here for a whole month, not eating.
But he goes, he went into the mosque the first day.
And he got chatting to a couple of people.
And news just spread.
This guy has just come just because we've got short days.
He goes, he did not pay for any.
food for the whole month because people were inviting him around for dinner or they were bringing him
food for the morning.
What?
He even got hosted on one of their local Islamic radio stations.
They were like, what do you think people traveling all this way just for a shorter day?
Is it, is it halal or not?
And like, you know, all that kind of stuff.
It was really good.
Wow.
What's your excuse for all the traveling, Andy?
Uh, loopholes again.
Tax write-offs, putting through my company's job done.
Yeah.
But talking to loopholes, Mr. Langford, how are you this week?
I am good. I am very good.
I'm just about to start my sort of travel season next week.
I've got a, God, where am I going?
Oh, Arhus next week.
Don't even know what that is.
I know, it's Denmark.
It's, it's, uh, Nordic.
Are you there for V2 security?
Yes. Oh, I'm there next week.
Oh, fantastic. What time are you speaking?
I don't know yet.
Well, I'm on at 2, 2 till 230.
What day is it?
Wednesday and Thursday. Wednesday and Thursday.
So I'm on at 2 to 2.30. Now I've got to fly back
because I'm hosting a conference on the Thursday in London.
Are you at Tice on Thursday?
Yeah. Are you there?
I land Wednesday night.
Oh well
Maybe I can be
Where are you coming from?
Portugal
Ah nice
So you're speaking on the Wednesday
Tom
Yes just the Wednesday
Oh so me too
I'm speaking on just the Wednesday at 1230
Oh excellent
We can see each other
And then I'm flying back on the Thursday early
But I couldn't find a direct flight
So I'm going via Amsterdam
Because I've got a webinar to deliver that
Later there are no direct flights
No, so going in, I'm going in via
to where Lego headquarters is,
Billand. Billand, okay.
I'm going in via Oslo, of all places
and then to ROSC and then out to Copenhagen
and back to, it's bizarre.
I'm going to Billand, because...
This is the perfect time to get a KLM status match.
If you were going via Amsterdam,
take a KLM flight back, Amsterdam's their hub,
and you can match your BA Silver status
to the Star Alliance gold.
How'd you do that?
They've got a promotion on to a 23rd.
They're trying to get all the BA customers.
But then I have to take care of it.
I don't know.
Well, no, because then you've got options, right?
It doesn't matter who you fly with.
You've got status.
Oh, yeah, because it's not like I leave that.
Interesting.
I'll pin you a link afterwards.
Anyway, if you just join us,
welcome to the Host and then Travel Show.
But let's just move swiftly on from that,
and let's see what we've got coming up for you this week.
This week in Infosec asks us all,
what would you say you'd do here?
Rant of the week is the Orwellian nightmare coming true.
Billy Big Balls is a new story
about how we used to do things in the old days.
Isn't that right, Andy?
Instagram news brings us to the latest security news stories
from around the world,
and tweet of the week proves that disappointing our parents
happens whomever you are.
So, moving swiftly on show,
Let's move on to our favourite part of the show.
It's the part of the show that we like to call.
This week in Infosec.
It is that part of the show where we take a trip down Infosec memory lane
with content liberated from the Today
Infosec Twitter account and further afield.
And today, our story, one and only story,
takes us back, Amir.
Hang on.
Oh no.
Wrong one.
Still works.
Thanks back a mere 27 years to the 19th of February,
1999, when the movie Office Space was released.
Now, with a budget of $10 million, it grossed a measly $13 million worldwide,
but it did become a cult classic with its homage to Superman 3 salami slicing,
and Jennifer Aniston's rant against 37 pieces of flare.
Now, where's my stapler?
But taking us back to that February 1999 when it hit the cinemas.
Not only did it go on to become a cult classic,
arguably one of the most accurate portrayals of corporate life ever put on screen.
So the film follows a group of bored, frustrated employees working at a soulless tech company,
dealing with bad management, pointless processes,
and that one printer that definitely deserves what's coming to it.
But here's an interesting bit from an Infosec perspective.
while we're talking about this.
The plot centres around the scheme inspired by Superman 3
where they siphon tiny fractions of money
from company transactions into their own account.
So in other words, we're talking inside a fraud.
So this disgruntled employee,
access to systems, bit of scripting,
a belief that no one's going to notice, sound familiar.
Today we call that fraud scenario, you know,
segregation of duties failure, monitoring gap,
but back in 1999,
It was just a comedy plot.
And the other thing, it nails motivation.
You know, people don't usually turn road because they're evil masterminds.
They're frustrated, disengaged or just fed up with corporate nonsense.
Which, if you think about it, makes office space less of a comedy and more of an early case in insider fraud.
It's so true, is it?
Very rarely do people turn up to do a bad job or even an illegal job?
Just want to get the job done and get paid and, you know, spend time with family.
Yeah, I'm with you two every week.
Tell me about it.
Exactly. Exactly. And yet you still managed to do your best to cripple us by not doing the recording, not publishing it. But there you go. Okay. That was this week's. It's right. I'll start. And that was this week's.
This week. In Info, sir.
Are you not entertained? What?
The judges were you're listening to Europe's most entertaining content.
Bro, what are you talking about, man?
The Host Unknown Podcast.
Right, let's move swiftly on to this week's.
Listen up!
Rent of the week.
It's sad to a motherfuckin' rage.
So the headline reads,
leaked email suggests ring plans to expand search party surveillance beyond dogs.
And it doesn't mean cats, unfortunately.
So almost the tagline.
for this was it's just for dogs
calm down. This is
where Ring had
enabled this feature where
they could help
connect ring doorbells
around a neighbourhood so you can find
lost pets. You could sort of
effectively send out an APB and
people's ring doorbells would
look out and see what they could find for your dogs.
Effectively,
your doorbell is now part of a neighborhood wide,
excuse me, AI surveillance network.
And their whole principle was,
but don't worry because it's just for finding dogs and stuff.
Nothing to see here, nothing to see, move along.
They called it Search Party, which, on by default, by the way,
links together cameras across your neighborhood
and uses AI to scan for stuff.
Apparently, it's only looking for pets.
Fantastic, wonderful community spirit.
Except an internal email, the founder basically says,
yes, it's for dogs, for now.
And that's a quote.
Because the real ambition, and I love this,
is to zero out crime in neighbourhoods
with your doorbell camera.
I mean, that's not just an ambition.
That's kind of like superhero origin stories here.
I mean, how do we go from, have you seen my schnauzer to we've solved crime in one feature update?
But let's be honest about what this is.
It is effectively a distributed surveillance network.
Cameras linked together, scanning areas, looking for patterns.
Today it's dogs.
Tomorrow it's suspicious behaviour.
And next week it's, I don't know, maybe your...
You know, your neighbour's son who's just come out. Who knows? You just don't know. Anything that's
out of place. Anything that doesn't look right. Maybe there's somebody who's using your street as a
shortcut and they don't dress right. So therefore, they're going to be targeted. We just don't know.
Somewhere along the line, we all just agreed to this because it just started with a cute puppy.
And this is my favourite part. It's all framed around community safety, which sounds great until you're
that that same system now includes police being able to request footage,
AI analyzing what's happening, features like familiar faces,
recognizing people, and a company talking about eliminating crime entirely.
But that, of course, crime is defined effectively by whomever is in power as well.
So what is perfectly legal today, could be illegal tomorrow.
you could be effectively snooping on your neighbours as a result.
And, you know, it's part of a system, and I get it because lost pets, fire alerts, useful tools.
It's all genuine value here.
But it's every time you see this, it's start small, start friendly, start with somebody, nobody can't argue against, argue against.
Who doesn't want to find lost dogs?
Or wouldn't somebody think of the children?
You know, what if somebody's, you know, oh, well, there's pedophiles operating in this area,
which is a narrative that is often used and clearly used to enact certain laws and powers.
But, you know, you quietly expand it.
You've suddenly built something that's more powerful, really, than anyone actually signed up for.
But don't worry, because it's just for dogs.
And if there's one thing that we've learned in tech,
it's that systems designed for surveillance never expand beyond their original purpose, do they?
Bastards.
This is pretty...
Yeah, I mean...
Scary.
Yeah.
I know this, but this is mostly US-based, right?
So I'm not sure...
For now.
No, no, totally.
I totally agree.
But in the UK, we don't have to worry...
I wouldn't say too much, but I don't believe...
We've already got AI facial recognition cameras that...
rallies and peaceful protest.
Well, this is true, yeah.
And it's not a big step for police being able to sort of forcibly, you know,
request ring footage or whatever.
Because, of course, it's not in our control, is it?
It's not stored locally.
No, they just deal directly with Amazon.
They don't have to deal with people.
Yeah, precisely.
But, oh, my God, this.
It's scared.
From a financial perspective, it's genius.
Because rather than the government investing or the council's investing in,
extensive CCTV cameras everywhere.
They get you to pay Amazon to buy the cameras.
Then you pay a ridiculous subscription fee on top of it if you want the real time.
You can guarantee the local council is going to have to pay a subscription fee as well.
They just have a big package.
Well, yeah, no, but they're double dipping now, isn't it?
Amazon's double dipping.
And then like, you know, you've got built this network.
Like, I'm sure he was inspired by the Dark Knight where he taps into every,
phone, creates his own sonar sort of network,
except we don't have a Lucius Fox equivalent
who's morally and ethically
Toronto controlled stuff.
Do you know, I watched that film the other day,
and I did comment at the end of it,
because he types his name in it
and the system, you know, deletes itself.
But when, whenever you've done,
I don't know, RM did star dot star,
or whatever the old co-was.
RM minus R-R-M. Yeah, exactly.
Whenever you run that,
I don't remember there being sparks and smoke coming out of the machine, right?
Why is it in Hollywood?
Every time you shut down a system permanently,
there's sparks and smoke and things falling over.
Why is that?
Dramatic effect.
You got it by...
Yeah.
Yeah, but it pulls me right out of it.
It's like how cars always explode when they crash in movies.
Yeah.
Yeah, but it pulls me right out.
I mean, that's fun.
That and helicopters.
But you do it with a computer.
Come on.
Anyway, sorry.
Just being ranty.
You know, Jeff White, friend of the show, he explained this to a point.
He was talking about the award-winning journalist.
Award-winning journalist, who the same year, the Lazarus Highest was nominated at the podcast award.
The we won.
We won.
Yeah, exactly.
That Jeff White.
Yeah. Context.
So he was talking about, he was working with Channel 4 at the time, I think when the Grenfield disaster happened.
Yeah.
And for those not familiar, like Americans, Grenfield, it was like a big fire in a house of, in a block of flats because they use the wrong cladding on the outside.
And these issues were known.
And so he was like the media, where people were questioning the media, why didn't you cover it before?
And he goes, it's a simple fact.
He goes, there's nothing to point the camera at.
He goes, you cannot.
Yeah.
He goes, it's a very boring story to go up and point the camera to a block of flat and says, these are dangerous.
These could burn one day.
Because when it's on fire, then you've got something to point the camera out.
And this is what Hollywood is all about.
It's they need you to point the camera out.
Otherwise, you don't have a movie.
You just have a podcast.
It's also why CyberSkir, I think, is often not taken as seriously.
There's nothing to point the camera at half the time, as you say.
You know, it's just like, you know, oh, this attack is going on.
Where?
Where is this attack happening?
I can't see it.
That's, we, you know, the story a few years back, we, you know, one of our biggest
competitors had a major breach and all of a sudden all of our security budgets got approved overnight
everything that had been pending deferred because it was very close to home you know and it didn't
matter what you said before hey this is serious this could happen until well it did happen somewhere
else luckily it happened down the road and everyone's like whatever you need make sure this doesn't
happen to us yeah this is a lot worse than you said it would be it's almost like an executive
protection scheme.
Did he?
All right, that was this week's.
Rent of the week.
This is the podcast, The King, listens to.
Although he won't admit it.
He's got a lot going on this week.
He's a bit busy, isn't he?
Do you know what I've got to say, for some reason,
the media board is a little slow this week.
I'm clicking it, and I can see you two looking at me like,
We'll click it
and then
nothing's happening
and then it eventually plays
anyway, that's my excuse.
We're just like that all the time there
well this is true
I'm all over it at the moment
it's just, I mean apart from occasion
of clicking the wrong one
alright
anyway let's
talking of
clicking something and then having to wait
a long time for it to actually do anything
let's move over to you Jav
and
Just can't get the staff, can you?
Anyway, this is something that was posted on X,
and I'm just going to read it out
because I think this story speaks for itself.
It's posted by IT underscore unprofessional.
So, he goes,
just found out we're being audited by our cyber insurance provider.
They want to verify we actually have all the security controls
we claimed we have.
So, problem. We don't have all the security controls we claimed we have.
When we applied for the insurance, the application asked if we had MFA on all admin accounts.
I checked yes because we were planning to implement it. We never implemented it.
Now the auditor wants to see our MFA logs. I have 48 hours to either. A. Admit we like.
and probably lose our coverage.
Two, implement MFA across the entire company in two days,
or three, get creative.
I'm going with option three.
I just enabled MFA on every admin account, forced enrollment.
Everyone had to set it up in the last hour.
Then I backdated our MFA implementation logs to show
it was enabled six months ago.
Is this fraud?
technically maybe, but the security is actually in place now. We're just adjusting the timeline
of when we claim we did it. The order comes on Monday. By then, we'll have 48 hours of MFA logs
that are present as our recent activity from our six-month implementation. Did we lie on the
application? Yes. Are we fixing it before anyone finds out? Also, yes. Corporate compliance is just
staying one step ahead of getting caught.
And I'm looking at the screen and I'll see Andy's face beaming brightly like a proud dad.
He's a proud man at the moment.
Hey, I grew up in the dot-com era, okay?
We didn't have much money.
You know, we're a survivalist.com organisation that knew how to play the game.
We did what it took to get through things.
Cracked copies of Windows 95 on the system
Not a problem
It's called it the Belgrade edition
Exactly not a problem
Not a problem
Windows 2000 data center
Data Center
Belgrade edition
Yeah
Brilliant
But that is a
Like it's
It's a Billy Big Bulls
I mean they said the quiet part out loud
Didn't they?
Yeah exactly
It's just the admission
publicly
Yeah
And everyone's looking around
Well, not that publicly.
Not that publicly, because we don't know who it is.
I mean, I'd love to find out who.
It's probably, well, who knows, but, yeah.
But do you know what?
I wouldn't surprise me if this is how a lot of companies,
certainly in the sort of medium enterprise side of things.
You're not endorsing it at all, but, because, you know, now I'm holier than now.
I can put back in so well.
Hey, what are you guys doing?
But, you know, I understand our companies.
But legally, you have to say that they shouldn't be doing this.
No, but, you know, when you're working for a company that literally can't get investment,
because they've got lawsuits hanging over them,
they can't even afford to pay staff because they don't have any money in the accounts.
And then you've got some guy from compliance come in and say,
hey, we need to spend 50,000 pounds implementing this thing
because we signed a form that said we would.
Yeah.
You know, you're going to get...
You get laughed out of the room.
Yeah, get to the back of the queue.
We're trying to figure out how to pay the staff.
Yeah.
Yeah, exactly.
You got a choice.
You either pay for MFA
or you pay for the data center hosting.
Yeah.
All different nowadays, though.
We didn't have MFA back then, hey?
It was just two FAA in my day.
Two bits of fuck all.
As opposed to many bits of...
Excellent, that was...
of the week.
Feeling overloaded with actionable information.
Fed up receiving well-researched,
factual security content.
Ask your doctor if the host unknown podcast is right for you.
Episode, side effects may include nausea, eye-rolling and involuntary swearing in anger.
Sounds like the side effects you two are having.
Right.
Well, it's that time of the week, isn't it?
And Andy, what time is it?
It is that time where we head over to our news sources over the Infosec PA Newswire,
who have been very busy bringing us the latest and greatest security news from around the globe.
Industry News
SMEs wrong to assume they won't be hit by cyber attacks, NCSC boss warns.
Industry news.
Vulnerabilities in password managers allow hackers to view and change passwords.
Industry news.
Low-skilled cyber criminals use AI to perform a vibe extortion attacks.
Industry News
AI assistance used as covert command and control relays.
Industry News. Star Killer, new commercial grade fishing kit bypasses MFA.
Industry News
Industrial scale fake Cortax apps drive $2 million fraud in Indonesia.
Industry News
Remcast's rat
expands real-time surveillance
capabilities
Industry news
Android malware hijacks
Google Gemini to stay hidden
Industry news
dramatic escalation
frequency and power
off in DD
O
off in D
who wrote this headline
Hold on
let me try to make sense
a dramatic escalation frequency and power in DDoS attacks.
Industry News.
And that was this week's.
Industry News.
It would be huge if it was true that we pre-read these beforehand.
Huge of true.
Huge of true.
I love the fact that half of these headlines are all,
new technology has new applications for criminals.
I know, it's like water is wet.
It's true news.
Water is not wet.
It's not wet.
I think I threw that into a blog post the other day.
I was writing something and I do the analogy of like,
and this is like complaining that water is wet.
And then I put in brackets that by someone.
It's a sensation.
Yeah.
Yeah.
No, wetness is what it creates on another object.
Anyway, there we go.
I'm interested about
vulnerabilitiesities and password
which password managers more
importantly
I'm all about
the low-skilled cyber criminals
using AI to perform vibe extortions
because I see this something that
Javs interested in because you know
Oh the vibe coding
He's all about the vibe coding
Anything that doesn't require
him to actually study
Oh come on
In order to learn a skill
Tom was vibe seesoing for years
Come on, you never called him out.
My've seen so before it was a thing.
He was like, he reminded me of, you know, Frank Abing now.
What's that film with Leonardo?
Get catch me if you can.
Where he's the doctor in the hospital.
And he's like, hmm, do you concur?
I just imagine Tom in the boredom.
I concur.
I agree with him.
I agree with Nick to quote Gordon Brown.
Oh dear.
So apparently the password, man,
Bitward and Last Pass, Dash Lane and one password.
Oh, wow, a lot of the big boys.
Yeah.
Yeah.
Sorry, big players.
It's gender neutral.
Absolutely.
So what else have we got here?
This rat expands real-time surveillance, Kate.
Is this just not they've brought a subscription to the ring cameras?
Yeah.
And what's this Star Killer one?
Commercial grade fishing kit bypass.
How does it bypass an MF?
What?
Well, not all MFA is equal.
So it's not fishing resistance.
It's not the Fido2 MFA.
It's like your bog standard MFA.
And sometimes it sort of like prompt bombs you and what have you.
So they're saying, so they describe it as a commercial grade cybercrime platform.
Have we stopped saying military grade?
I hope so, because military grades are very poor analogy.
Yeah, but commercial grade, that doesn't mean anything to me either.
Yeah, you can buy it in a shop.
Yeah.
It's not open source.
They charge for it.
Yeah.
And it goes up 4% every year.
Other than that, it still doesn't actually describe how it bypasses.
So it kind of, yeah, so they basically do it through a proxy,
So you're actually logging into the real site.
So you actually think you're logging into the real thing.
To a man in the middle attack then, effectively.
We've got to keep rebranding, Tom.
Can't keep doing the same stuff.
This is true.
Well, we are the travel podcast at the moment.
Indeed.
We've always been a travel podcast.
New markets are waiting to be conquered.
All right. Actually, that was this week's.
Industry News.
This is the easy jet of security podcasts.
Let's be honest, your cheap ass couldn't tell a difference between us
and a premium security podcast anyway.
Never a true word said.
Andy, why don't you take us home with the final part of the show this week's?
Sweet of the week.
And we always play that one twice.
Sweet of the week.
And this week's tweet to the week comes from Aishwara,
who is basically quoting a story about Sundar Pitchai,
the CEO of Alphabet Inc.
And Ashwari says this is a reminder that impressing Indian parents is impossible.
And so the quotes about Pitchai mentioning taking his 83-year-old dad for a Waymo ride.
And his dad remarking, he'd be more impressed if autonomous cars,
worked on Indian roads.
So Sundar saying, still working on that, Dad.
I love it.
I love it.
There's just no way you can impress your parents sometimes, is there?
No, no.
It's brilliant.
I saw this similar thing the other day.
And you know what?
I just started trying to look for it on my phone
and now I've completely forgot what I was looking for.
where I was.
So basically what you've just said is that last 20 seconds of commentary was for nothing.
Just pause and I'll remove it in the edit.
38 minutes, okay.
Yeah, exactly.
What are you going to remove in the edit jav and why are you going to remove it in the edit jav?
Just see how long we can keep this on.
And if I just go directly into the outro, then you can't remove it from the edit, can you?
Watch me.
The tweet of the week.
Anyway, we have come barreling into the end of the show.
Gentlemen, thank you so much, Jav.
I'm wondering quite how many minutes of this
you're going to be removing in the edit.
Or indeed, even if you do edit it,
because let's face it, it doesn't happen very often, does it?
So, Jav, thank you very much, sir.
So it's like, let's throw like all these layered inside
on Jab and then say, thank you very much, sir. I mean, could you be any more British if you tried?
So, you're welcome. Okay. So I can do my bit. Okay. I'm going to come over to your house and
claim it as my own. How's that? Thank you, Jav. You're welcome. And thank you, Andy.
Stay secure, my friend. Stay secure.
You've been listening to The Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
Our slash smashing security.
Now it's going to bug me.
What was that meme I was looking for?
Well, you're definitely going to have to leave it in the edit now.
I'll tell you what it was.
It was someone said that they texted their dad to say that their blood test.
result came back and they're anemic. And the dad went on a long run about this is what happens when
you don't eat when I tell you to eat. You're always dieting. You don't eat healthy food. Even when
you're dead, you're not going to eat. I'm going to throw a can of sardines on your cremated body.
And then you'll be, then you have like, you know, no deficiency. Something like that. It was just,
uh, oh, there's not a punchline. It literally just is just the dad being like, cool.
Maybe it sounded better.
You know what? I'm fasting.
It's nearly sundown.
So I'm going to leave you guys and I'm going to go get some food now.
So love you long time.