The Host Unknown Podcast - Episode 40 - Mathematics Isn't Our Strong Point
Episode Date: January 29, 2021This week in Infosec19th January 2012: US federal authorities shut down /Megaupload.com, a popular hub for illegal media downloads, and arrested its leaders. Hours later, the hacktivist collective Ano...nymous, knocked the US Department of Justice website offline.https://en.wikipedia.org/wiki/Seizure_of_Megauploadhttps://twitter.com/todayininfosec/status/1219086142428999681?s=2025th January 2003: The SQL Slammer worm was first observed. Slammer spread to the vast majority of all vulnerable hosts worldwide in 10 minutes. Yes, 10 minutes.Though Microsoft released MS02-039 to patch the buffer overflow vuln in SQL Server six months earlier, many orgs hadn't patched.https://www.wired.com/2003/07/slammer/https://twitter.com/todayininfosec/status/1221132001501007873?s=20 Tweet of the Weekhttps://www.mirror.co.uk/tv/tv-news/bbc-wales-today-viewers-gobsmacked-23391438https://twitter.com/Lovehoney/status/1354378061635063809?s=20https://twitter.com/BCredibility/status/1354514912299593729/photo/1 Industry NewsMore Malware May Be Lurking on Govt School LaptopsRussian Government Agency Warns Firms of US AttackMisconfigured Cloud Server Exposes 66,000 GamersTikTok Bug Gave Access to Contacts’ Profile DetailsUK Spies Called on to Help in Fraud FightManufacturing Giant Suffers Major Cyber-DisruptionMore Security Vendors Admit to SolarWinds AttacksConsumers Falling for $100m Clone Firm ScamsRemote Workers Could Offer Brexit Britain Cybersecurity Lifeline Javvad’s Weekly StoriesFears over cyber crime tool that can build phishing pages in real-timeShould We Be Cautious About Law Enforcement Requests for Digital Data?Nefilim Ransomware Gang Hits Jackpot with Ghost AccountLaptops handed out by Department of Education found laced with malware Billy Big BallsThe greatest pyramid scheme of 2021 so far...https://imgur.com/a/DCCpuZAhttps://www.bbc.co.uk/news/newsbeat-55841719https://twitter.com/swardley/status/1354482558147448835?s=20Thom: Financial industry wrecks entire economyJav: "we must bail them out"Thom: Senators do insider tradingAndy: "nothing we can do"Thom: Covid shuts everything downJav: "bail out big company stocks with $4 trillion"Thom: Random people do a stonk on redditAndy: "halt trading & bail out hedge funds they bankrupted" Sticky Pickle of the WeekIn October 2020, Kanye West bought Kim Kardashian West a hologram of her late father, Robert Kardashian, to celebrate her 40th birthday, bringing to the wealthy the idea of digital representations of the dead that can more authentically communicate with the living.The hologram spoke for around three minutes, directly addressing Kardashian and her decision to become a lawyer “and carry on my legacy”.Imagine you had a bank balance like Jav, and you wanted to do something for your loved ones when you’ve departed this life, how on earth do you get started with a trusted company to preserve your legacy? What would you do in this situation?This is what someone else is doing...Microsoft has been granted a patent that would allow the company to make a chatbot using the personal information of deceased people. The patent describes creating a bot based on the “images, voice data, social media posts, electronic messages”, and more personal information.https://www.independent.co.uk/life-style/gadgets-and-tech/microsoft-chatbot-patent-dead-b1789979.html Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
So are we good with what we've got for today?
Yeah, have we got a rant of the week?
Still not got one.
Okay.
Actually, frankly, I don't think anybody will notice, will they?
Nah, let's just roll with it.
You're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning, good afternoon, good evening, wherever you are.
Welcome to Host Unknown Podcast. We have got an absolutely full show for you.
We've scoured the internet so you don't have to and we've got stories abound.
Folks, how are we? Andy, good morning.
Good morning.
Not doing too bad.
Thank you very much.
Looking forward to the weekend.
Unfortunately, I do need to do my tax returns, but that's definitely a weekend job.
Oh, I got mine done two weeks ago.
I even got some money back.
Not much, but I got some money back.
I already know that I owe money.
I've had this conversation with them earlier in the year.
Have you not done your tax return?
The one that's due 31st of January 2021.
Why would I do that now?
So you'll get it 2nd of February like you do every year.
Yeah, that's right.
Jeff, how are you? I had my accounts filed in August last year.
Seriously?
Yeah.
You know, like, once you've been burnt once, Tom,
you don't take any chances, right?
Well, this is true.
Once you get onto a certain list,
you tend not to piss them off again.
You know, it's why I arrive at the airport
six hours before my flight,
so that I can make it on time.
Arriving at the airport in August time for a September flight.
Yeah, exactly.
No shoes, no belts, see-through underwear.
Make it easy.
See-through underwear.
Oh, my God.
Your own tub of Vaseline as well, right, that you just hand them.
Oh, God. Well, this could turn. underwear oh my god your own tub of vaseline as well right that you just hand them well this can only be like only 100 mil so it's like a little wow okay that went uh in a direction yeah no actually i i i i i may fall asleep during this
podcast because this morning uh woke up and my daughter was awake
about seven and she goes oh do you fancy going for a cycle ride because because she's home you
know she's studying from home at the moment and you know I was like okay then let's go for a cycle
ride and I haven't been cycling for years and she took me on a little ride for a five mile round
trip and you know what?
Those hills, like they look really small and like my legs were absolutely killing me.
She was like, she was like all halfway through.
Come on, old man, hurry up, hurry up.
Was it just like riding a bike?
It was just like riding a bike.
I think, well, actually, I think it was harder than just riding a bike? It was just like riding a bike. Well, actually, I think it was harder than just
riding a bike.
So, I am going to
tomorrow get on my motorbike
and say I identify as a
cyclist.
Alright.
You get on your motorbike in Lycra.
I don't even know how to cycle in Lycra.
What makes you think I'm going to get on a motorbike oh that's where
you're going wrong that's where you're going wrong jab if you're not cycling in lycra it's
you've got to be a mammal everybody knows you've got to be a mammal it's it's the the additional
resistance you're getting that's why you're finding it so tough well with all that hair definitely
yeah hold on let me lie down in the grass and get out the lawnmower today.
Oh, man.
Just don't get too excited.
The visuals are flowing in today.
Let's move on.
Yeah, let's move on.
Where have we gone?
Tom, how are you doing this week?
Because you've been very quiet all week.
I don't think we've spoken much at all.
No, I have to say I'm
a little bit pre-engaged. I've had
quite a few deliverables
that the work's hotting up
somewhat.
Deliverables, deadlines.
I know, I know.
And then just when I thought,
why did I make this move? I got paid.
And I thought, ah, that's why I made this move.
And it's that, why I made this move. Well,
and it's that.
And I also took delivery of a,
of a,
of a new 58 inch television.
So,
so I've been watching that.
Excellent.
So payday came straight to apple.com slash UK.
No,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no,
no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no. I can't get that yet. I can't get those. Why don't you just get a 58-inch monitor and that could double up for work and teaching.
He doesn't need two of them.
But it's been great. It's great because it's a Philips Ambilight one.
So what it does is it lights up the wall behind as well,
which depends upon what's on the screen.
But I've also got, obviously, Ambilight in the house,
so I've arranged some other lights,
so it actually illuminates quite a large space.
And it's really impressive.
Until you see it in action, it sounds like a gimmick, honestly.
Yeah, yeah.
I'm totally with you because often I'm watching TV and I'm like why is the wall behind the tv so freaking dark i need to light on it and it just completely ruins the
experience i mean yeah i'm always thinking like as this car explodes it'll be really good if the
wall lit up purple and you know it's the orange and red girl no me. And until you see it in action, it really, you can't imagine it.
Honestly, it's a bit like,
it's a bit like going from color to black and white.
It does change, change everything.
Not that anybody's going to believe me and I'm going to get, you know,
even, even more email complaints this week as a result.
But there you go.
So yeah, that's it.
It's been a busy week another
busy week next week um march is hotting up i was just saying earlier i've got 13 events in march
uh so far um 13 events yeah as in webinars or talks or something like that you're not going
to do a jab and just record one and replay that on the others, no? Actually, one of them is a pre-recording and I'm sure we'll use it again.
But I've got this great idea of how I'm going to pre-record it so it looks awesome and everybody talks about it rather than looking at the actual content.
Refer to the game last night, right? Hey, did you see that game last night? Who could have predicted that?
that game last night, eh?
Who could have predicted that?
Are you going to light up the wall behind you and that's what's going to make
it really engaging, Tom?
Shush, you're giving away the trade secrets.
It's going to be awesome.
Trust me.
So, folks,
I think Tom and I have a confession
to make, actually. Andy, you just reminded me
while talking about the game.
Shall we tell them, Tom?
Go on then.
So a few days ago, I was on Twitter and there's a trending topic about
Frank Lampard being sacked as the manager of Chelsea Football Club.
And Tom and I are not into football at all. Not at all. As the manager of Chelsea Football Club.
And Tom and I are not into football at all.
Not at all.
Tom's into rugby.
Tom's into box hunting and polo.
You're a Kabaddi man, right?
Yeah.
It was a quiet morning.
And I messaged Tom and I say, hey, shall we get Wind Andy up?
What's that? And I took a screenshot of it and I posted it in our chat group.
And I was like, oh, look, you know, Chelsea getting rid of this guy or what have you.
I'm assuming it's a big deal or something. And then Tom, he, you know, we waited a few
minutes, no response. And then
Tom dived in. He's like,
was Frank Lampard also a player?
I said, who's Frank Lampard?
Yeah, who's Frank Lampard? That's it.
And then I said, yeah, was he a player
as well? Or was it just a man?
And that was the pinball that we were
going through.
My phone was like...
After essay from Andy.
Did he?
Did he?
Oh, dear.
He really educated us that day.
Even I have heard of Frank Lampard.
But in fairness, it wouldn't be beyond the realms of reason
that Andy would think that I wouldn't know who Frank Lampard was.
Well, you've probably got the same accountant or something, haven't you?
Yeah, he's the fellow who I just saw the other day
leaving his accountant's office laughing and smiling.
After that payout.
Oh, dear. Right, right okay let's move swiftly
on what have we got for you this
week well it's a completely full
show completely full
you won't miss anything we've got
this week in InfoSec tweet of the week
Billy Big Balls industry
news and
I don't think we have a little people but
I do believe we might have an
infosec host unknown sticky pickle of the week trademark uh so
it should be good i listened to i listened to their podcast the other day and they keep saying
sticky pickle of the week tm are they getting nervous do you think
so right as long as our application comes
through before theirs we're good oh dear you know well you know stealing is a form of flattery isn't
it and we're feeling very flattered
it's okay i've got our lawyer off fiver,
we're good.
As long as I don't
get theirs off tenner.
Right,
let's move,
let's move straight on,
shall we,
into this week's
This Week
in InfoSec. So one which stood out for me this week was, well, almost just a week ago, 19th of January 2012.
So a mere 11 years ago.
And this was when the US federal authorities shut down a site called MegaUpload.com, which was a popular hub for illegal media downloads and arrested its leaders.
downloads and arrested its leaders um the great thing about this was hours after this site had been shut down the hacktivist collective anonymous knocked the u.s department of justice website
offline now this was a fantastic so i'm sure you guys will probably remember mega upload
back in 2012 and also you know the years prior to that is if you needed files um you know if you
were looking for unlicensed software for educational purposes you know to do a bit of analysis on it or
something like that or uh you know pornographic content you could always find it on mega upload
and all you needed was a direct link to the site you could just download pretty much
anything was available it's just like free storage um you know if you think back then you obviously
had the big adverts you know flashing on the screen you always had to choose the right download
uh i think a lot of advertisers started using those sort of banner ads that made it look like
it was a download link but um yeah so i thought this was
a real uh you know watershed moment in the of the internet and it probably brought to light a guy
known as kim.com yes that's right yeah quite a famous guy he's on twitter as well at kim.com
and that's the full word.com did he actually change his name legally to.com
i well i assume that is his name yeah
obviously he wasn't born with it but yeah i've only ever known him as uh kim dot com like i'm
sure that all the uh legal uh you know paperwork has his name but uh as part of the indictment
there are some uh you know some sort of key points about the business model which were the evidence used for the criminal intent and this was uh that you know um i think one of the the damning things
was that the executives of mega upload themselves used mega upload to download pirated copies of
the sopranos which you know it's kind of ironic that, you know, these guys pretending to be a legitimate business downloading illegally
a very popular show about criminals.
Well, why wouldn't they? It's there. It's free.
Well, exactly, yeah.
So easy.
Yeah, and it was just fantastic.
A lot of data was lost as, you know, as part of that deal,
you know, when it was shut down.
But I don't think we've seen a site like it.
So for those who were not around on the internet at the time,
if you imagine something like, let's say Dropbox,
but, you know, open to everyone and more web-based
rather than, you know, app-based and, you know, you could,
there was just anything goes really, just unlimited storage.
But yeah, shame to see it go but uh i
guess dropbox went legal and filled that gap the thing that really bothers me about this story and
partly the way you delivered it andy as well was since when was 2012 over a decade ago it's pretty crazy what the hell yeah like uh just uh yesterday i know um but uh yeah so still uh on
that theme of uh just about yesterday 25th of january 2003 so a mere 18 years ago? 19 years. 19 years ago?
No, 18 years ago. No, you're right, you're right.
Oh, God.
This is why we have accountants.
Come for the accuracy, pay for the mathematics.
This is the story about the sequel Slammerworm being first observed.
And Slammer, for those who are unaware,
spread to the vast majority of vulnerable hosts
worldwide in just 10 minutes and yes to confirm that was just 10 minutes around the world there's
only seven vulnerable hosts though in fairness i think something around 75 000 if yeah i know it
was it was huge wasn't it yeah and uh so although see uh microsoft actually
released the patch for this uh obviously six months prior to the exploit going out
uh many organizations still hadn't patched so you know a reminder of the importance of patch
management in those days didn't you have to wait for patches to come out on cds on the cover of magazines uh 2003 no i know no i was
gonna tell i'm sure that uh you had you you were sus server or yeah exactly windows update.com i
love that song there's a new update keep keep track of it keep track of it uh did this apply
to us the only saving grace about this
worm was that it stayed in memory so you could reboot the server and um you know it would recover
however if you hadn't had experience all over again yeah i was gonna say if you hadn't patched
it would be uh uh you know reinfecting you very quickly um and the company i was at at the time
did get impacted i remember coming in
the morning and everything was uh you know running running hot but uh yeah apply the patch as you say
andy the importance of patch management absolutely yeah that was just you know to me yeah to me it
was uh you know just something we did uh once a quarter. You just accepted the risk, yeah?
Accepted the risk, man.
I was going to patch that server, but I accepted the risk.
Very catchy.
Almost sounds like a song.
Dutchie song.
Yeah, Dutchie song.
Definitely top three, probably number three.
Yeah.
However, in the show notes i have included a link to uh the what a link to the patch so uh if you are running seagull server uh 2000 i highly recommend you patch it especially if it's
internet facing as well uh but no there is a sort of like a blog from a guy who was
responding you know one of the internet
responders at the time
and what he went through during that
that
days following the slammer worm
nice
nice excellent excellent
thank you very much
Andy
this week in InfoSword Excellent. Excellent. Thank you very much, Andy.
This week in InfoSoul.
I must admit, I do like that segment because it does bring back an awful lot of memories.
Right. You know, it does.
But throwing your mind back, I mean, it's almost like the point of the segment.
But how things were then.
You are right in that, how can this be over a decade ago?
Yeah.
It does feel much more recent than that.
I mean, the scary thing is there are kids who are driving,
who are probably even breaking into the industry now,
who have no idea about these things.
Well, weren't even born in 2003, I think a lot.
I remember when NT4 came out and you could you could do things without having to reboot it every time that was a game changer that was a
game change that's right you can even do things like change the graphic settings
and then suddenly what i don't have to reboot
but you remember with uh ias uh you know as the web server, in order to lock it down,
when they say, you know, you need to lock this down before it goes on the internet,
that literally meant running IISlockdown.exe.
There was a tool provided by Microsoft that did it for you.
None of this tuning malarkey you have to go through these days.
for you none of this uh tuning malarkey you have to go through these days but you know what that would be handy today because there are so many different security settings and all that sort of
thing i just want to press a button and know that it's going to be you know reasonably well hardened
for the internet yeah you do that in the build phase these days tom you don't you don't have to
install it and then then roll back the open
gaps. No, no, no. You have someone do it for you.
Well, that is worth it.
Download the CIS
I know these things, Andy.
Oh dear, this stuff
just happens automagically.
Yes, it does. Yes, it does.
Go! Recording from the uk you're listening to the host unknown podcast yes you are yes you are indeed indeed
i have thought they were listening to something else there for a minute.
Although it could happen.
I mean, Jav basically recycles content from this podcast on about four other podcasts that he's a host of, right?
You know, this meeting that he's got at 11.30 and he can't be late for.
Podcast number two.
Yeah, podcast number two to the Jerick show.
Yeah, exactly.
He literally copies and pastes
the content out of this show
into that show.
The Jerick show,
for the last couple of months,
we actually record it yesterday.
We record it a day before
we record this.
So if anything,
I'm bringing content
from there over here.
OK.
As soon as you're ready
with that content, drop it in the show notes.
Now, what he does is he takes
content from today to next
Thursday.
So the Jerick show is always a week
late. But, you know, that's fine. We're at the
cutting edge here. Don't worry, don't worry. In
a year's time, the Jerick show will
be doing this week in InfoSec
and I'll be bringing today's shows
show notes for next year so it's all good and you know where all the jingles are as well so
it should be it should be very easy to give in yeah exactly hey it's all about sharing and
sharing alike right so uh talking about caring and sharing, let's move on to this week's tweet of the week.
I've got to play that every time twice because I think it's just so cute.
Tweet of the week. That's awesome.
Oh, man, that's cute. But that bird's going to have its innocence ruined.
You might have seen Yvette at at Amos um trending on Twitter this week um Yvette is from
Wales and um she was she was on BBC being interviewed about something I have no idea
what she was being interviewed about I don't think anyone knows what she was being interviewed about because uh she uh wow you know there was a bit of a
um an oversight on her behalf in in her zoom or whatever the video called background
uh where she sat there um talking to the camera in the background is a bookshelf
uh with lots of books and a very interesting um item item yes so so jeff what's it what i like about
this and before we sort of give give the game away as it were one thing that i like to do and i know
friends of the show graham clearly likes to do is to look and zoom in on people's backgrounds when
they've got bookcases to sort of see what books they read and what you know what books they've got because it's a fascinating insight into somebody right so um what we will say is that
you didn't have to zoom in on this this particular bookcase because it was it was writ large shall we
say yes it was uh you know at first you thought it might be a model of the Leaning Tower of Pisa.
Or the Bending Tower of Pisa.
Yeah.
The Wobbling Tower of Pisa.
Yeah.
So we can conclude Yvette is either single or unsatisfied with her current partner.
That's a giant cock on the shelf.
Yeah.
And it's also a big leap of a statement of yours there, Jav.
I know, I know.
Actually, like what we were saying,
it could be her partner that could have left it there on purpose.
Yeah, I think that's more like it, or a housemate or something like that.
Or even her herself, because actually when you look at the screenshot,
it's quite weirdly framed where she's actually on the side of the screen and i don't know just how this the screen
capture has been taken so it that the bookshelf is in it is quite probably it's not like it was
directly behind her or she was centered and you can just see it so part of me is skeptical that this is a ploy by by miss
amos to uh gain uh to use up some of her 15 minutes of fame or 15 inches of fame yeah no
that is not 15 inches that's at least 20 yeah it's brilliant it's brilliant and i i part of me hopes it was done on purpose
uh at least by somebody um see part of me hopes it wasn't done on purpose i would love
for her to be the type person that just leaves a dildo on the bookshelf
well you know why should we be ashamed of this stuff, to be honest with you?
You know, let's... I was going to say, let's not kink shame.
It's not even a kink.
It's just, you know, it's a thing.
A thing of beauty in many people's eyes.
You've got yours on your desk, though, don't you, Tom?
But you keep it behind you.
I did have, yeah.
I did have, and I believe that we had a little blurry shot of it
at one point.
But, yeah, I i mean why wouldn't
you have one of these it's they've been making these throughout history um there's drawings on
cave walls of um phallic objects yeah of the old gentleman's friend um for for millennia
um fertility symbols all that so maybe that's where it is and we're assuming
it's rubber yeah i should say maybe it's stone um this reminds me of that awesome scene from um
austin powers where the rocket's taking off and everyone's describing it and it cuts to someone else that every scene.
That's a giant.
Johnson, get over here.
That looks like my husband's
Woody, Woody Holstein, is that you?
Well, I think fair play to Yvette Amos.
You know, more power to her, I say.
I suppose what this does bring up, though, and this is interesting you mentioned graham likes to zoom in and what have you i think
most people are doing this now and and i i've become very very judgmental when i see people's
rooms and backgrounds and i think people are aware of that so i've seen quite a few people
they actually like i mean i know sometimes in the laptop,
the camera's in a weird place,
but they actually angle the camera at a weird place.
So you see a lot of ceiling and you don't see directly behind them.
You see up their nostrils.
Yeah, all that kind of stuff.
But this is one person, they were on a call the other day.
And honestly, it looked like they were sitting in in like a you know like
a teenager's bedroom it was so messy absolutely everywhere and like have some pride in your
appearance at least put up a virtual background or something yeah but uh there was that case
recently of somebody doing an audition and it was a British director and he was auditioning people via Zoom.
And this particular person was in California or US or somewhere.
And the director didn't know that the audio had connected or whatever.
And this guy was, you know, on screen and could see his background and his apartment. And the director said something along the lines of,
just look at these people in their tiny apartments
and crappy decor and small TVs or whatever.
And this guy said, yeah, exactly.
This is why I'm auditioning for this job,
because I need the money.
I'm always paranoid about whether, you know, I've got a mic built into one of my cameras
and always like just stare at that light to see when it goes off and then it's a case of still
don't say anything don't say anything but i've just dropped in the show notes you know so while
we're talking i just had a look that picture that obviously we see in this tweet is kind of uh
framed uh but there's someone else who's got a picture in the full screenshot is
actually a bit more believable that it could be a natural shot.
It's got a much wider background.
And although she's not at center,
it does look plausible.
You know,
because if you look at the way she's looking,
she's looking to monitor a bit further down.
Okay. So, yeah, so...
It could have been an accident on her part.
It could have been zoomed in, yeah.
Yeah.
Fantastic.
But, I mean, yeah, I mean, yourself,
I know you're not fans of the fake backgrounds.
I've been using fake backgrounds myself in recent weeks.
Even though I've redone my office,
I've still got a lot of crap sitting in the background, so I just blur it. Well, the thing is with the fake backgrounds myself in recent weeks even though i've redone my office i've still got a lot of crap sitting in the background so i just blur it well the thing is with fake backgrounds and
certainly with people who wear wear glasses as well is that um is is that it doesn't keep up so
i get odd reflections on my glasses because of the anti-reflective coating and then it doesn't
fill the gap so when you look through the glasses and then it you know
sees the wall behind you so you get this weird effect of you know um wall behind my head um
when there should be a beach or whatever uh and the other thing i've noticed as well is that and
this hasn't happened to me but anybody who's got anything larger than a, or anything more than just a regular short haircut,
it can't cope with hair at all.
Right.
You know,
it kind of creates this weird outline and it's just,
it looks awful and it's extremely distracting.
I personally think so.
That's,
that's why I've got sort of like,
that's why he's got no hair,
right?
Well,
exactly.
I shave it off.
You went for the new corruption.
Exactly.
It's so much easier.
But I've got just some branded boards
that are on the cupboards behind me.
So thankfully, I don't have to worry
about what's behind me anymore.
Anyway, awesome story, Jav.
Awesome tweets.
I like that one a lot.
And, Anovect, more power. awesome story Jav awesome tweet I like that one a lot and and Yvette
more power
did you even explain
that the tweet of the week
was from a sex toy company
and they basically posted
warning this interview
contains product placement
no
no he didn't
he didn't
I don't know why you bother with these show notes
oh dear well anyway um i have some news that uh our source on probation over at the infosec pa
news why has been very busy bringing us the latest and greatest security news from around the globe
industry news Security news from around the globe. Industry news. Misconfigured cloud server exposes 66,000 gamers.
Industry news.
TikTok bug gave access to contacts profile details.
Industry news.
UK spies called on to help in fraud fight.
Industry news.
Manufacturing giant suffers major cyber disruption. Industry news. Manufacturing giant suffers major cyber disruption.
Industry news.
More security vendors admit to SolarWinds attacks.
Industry news.
And tumors falling for $100 million clone firm scams.
Industry news.
Remote workers could offer Brexit Britain cyber-
Industry news.
And that was this week's
industry news i put in the blanks huge if true absolutely absolutely i think should we just go
straight on to um onto this week's javad's weekly stories thank you thank you so the real stories
that you're here for fears over cyber crime toolcrime tool that can build phishing pages in real time.
Industry news.
Should we be cautious about law enforcement requests for digital data?
Yes.
Industry news.
Nephilim ransomware gang hits jackpot with ghost account.
Industry news.
Laptops handed out by Department of Education found laced with malware.
Someone's deleted my other two news.
I'm back.
That was this week's.
Javad's weekly stories.
I was going on a bit.
Come on.
Well, huge I wanted to see how prepared you really were
Well, I had
stuff in the show notes, how much more
prepared do you want me to be?
So what is this, as you are the
expert on this one, Jav, as it's your story
what are the fears over the cybercrime tool that can build phishing pages in real time?
So this is a new tool out there.
I can hear you clicking on the link.
No, no, I haven't clicked on the link. No, no.
It's already open in the background.
No, no, no, no. So basically what it does is that it allows criminals you can send
out just one um you only need to set up one phishing page and you know wherever it's hosted
on on oracle or microsoft or wherever so it's white listed um but i i can then send you different
phishing links so i can send say like andy i can send you something that claims to be from netflix
and tom i can claim to be something from Apple.
And when you click on it and it comes through to the page,
it knows where you've clicked through from.
And it pulls the logos and builds the template in real time for you.
So you don't need like different pages.
It's just all dynamically created on the fly.
Nice.
So it's pretty convincing.
So they'll always have the latest logos and content and what have you.
So it's just essentially a white label fishing site.
Yeah.
Okay.
Thank you very much.
Industry News.
All right.
Let's move on.
I'm going to go.
I think I'm going to go on to the Billy Big Balls actually
I think that one's for me so here we go
Billy Big Balls of the Week
I love that one
I absolutely love that one
so
Billy Big Balls of the Week
the greatest pyramid scheme of
2021 so far.
I love this. This is all to do with GameStop.
And you may have heard about this, but how Redditors on WallStreetBets,
sorry, r slash WallStreetBets bets have effectively made at least one hedge fund go
bankrupt, uh, because they've rallied around and, um, effectively increased the share price of a
particular share, um, causing the hedge funds, uh, short, short bets to fail uh and to lose money now it took me a
little while to get my head around this uh but bottom line is uh and i'll explain how the the
shorting works in a moment but the bottom line is that um by rallying around a particular share and a particular company, in this case, GameStop, the value of that,
of the company's shares has gone through the roof. It's gone from single digit
to triple digit figures in literally just a matter of weeks.
Now, here's the thing with shorting. And it's a little it's weird because the way shorting works is that people make a profit over people make a profit over a loss, which I'm not going to lay claim to. And they said, so, you know, imagine
you're borrowing some Pokemon trading cards from somebody because you think those cards are going
to drop in value at some point in the future. So you borrow them and agree to give them back in a
month. And then you sell them to someone else for five pounds per pack.
Right. And then you work on the assumption that you're going to be paying less than a fiver for them in a month when they're not so new and exciting anymore. So let's say you buy them back for three pounds. So you've made two pounds per pack.
So you sold them for five. You bought them back for three. You've made two pounds.
And then you hand back the Pokemon trading cards to the original owner.
And you walk away with two pounds per pack.
So the concept is the same. You effectively borrow somebody's shares and you sell them to someone else.
The share price goes down. You buy them back at the lower price, pocket the difference and hand the shares back to someone else. The share price goes down. You buy them back at the lower price, pocket the difference
and hand the shares back to someone else. The hedge fund managers were assuming that the GameStop
share prices were going to continue to go down, which was not unreasonable given the fact that
the company's fortunes have gone down over the last year.
Lots less people out shopping, more digital downloads on games, etc.
The people on r slash WallStreetBets, however, all had an affinity for GameStop.
They'd spent much of their time there, which is where it started.
So they decided to start buying
the stock. And by buying
that stock, the value
of that stock went through
the roof because it was becoming popular
and people were, oh, there's something going on here.
Maybe we should buy the stock, etc.
So the value went through the roof.
The people who had, the hedge fund managers
who borrowed the hedge fund managers who
borrowed the game stock shares to sell and then profit from of course were in the hole they
couldn't buy those shares back to give back to the original owners uh except for massive losses
which which they're obligated to do and, at least one hedge fund went out of business.
Pretty heavy stuff for a bunch of folks just hanging around on Reddit.
I'm trying really hard to feel sorry for the hedge fund, but I am struggling.
Exactly, because frankly, you know, how often have we heard, you know, your investment may go down as well as up, you know, don't invest money if you can't afford it, etc. I think a lot of these folks were American, obviously, because it's on the NASDAQ. And we're putting, you know, their $600 stimulus checks into this. So, you know, which, which frankly, is, it was obviously a sensible investment.
Some of them have made life-changing amounts of money as a result.
I mean, in the last week alone, I think these GameStock shares,
if you look at the charts, they make Bitcoin look stable.
Yeah.
Absolutely bananas.
And now there's, you know all sorts of you know all sorts of financial
institutions have stepped in and they've stopped the uh uh stop the buying of of game stop shares
etc this is like trump saying stop the count yeah exactly buying in the greatest um the greatest Except for Boeing. The greatest level of cognitive dissonance that I've ever come across for a very long time.
And given that Trump's only been gone a week or a week and a half, that's quite incredible.
A trading platform called Robin Hood, which is about offering trading to people, the people, not institutions, suspended the GameStop shares from being bought and sold on their platform.
Robinhood. The irony is not lost here around taking from the rich and giving to the poor,
which is exactly what's happened here.
You know, although in fairness, I mean,
do these people actually realise that, you know,
the very people that they're affecting here may have to sell one of their
yachts to fund what they're losing?
Yeah, exactly.
I think you've hit the nail on the head.
I think, Jav, you said that it's very hard to garner sympathy for these
people. You know, Jav, you said that it's very hard to garner sympathy for these people.
You know, this is what they do. They, you know, they make profits by, you know, forcing share prices down in companies and, you know, hedging against them.
So it comes back to them now. They don't like it, you know, because people who aren't traders, just absolute amateurs, are following a few people who do have some good knowledge about this
on a subreddit and just following what that guy does.
And he's just like Puppet Master, controlling his bots.
So let's play a little game here.
Let's run the past.
Just before we do that,
I'll just roll in a bit of a rant into this as well.
Go on then.
Andy, you mentioned there's some amateurs here and what have you.
I think we've got time for a second rant.
It's all right.
I haven't even had a first rant yet.
But one of the big things that irks me about this is how this is meant to
be a free economy a free market anyone can and technically can uh invest and you know do whatever
they want but if they're not experienced enough they can give it to these big boys but you know
when you look at a lot of the media and simon wardley pointed this out on on a bbc article on twitter he goes like that the article uses phrases like amateurs upstarts frenzy vigilante herd you know all
these terms to describe these people and uh and and he says like i'm surprised the article didn't
start with up to little oinks forget their place and their betters yeah i think that's a very
important narrative that's underpinning all
of this is like you know uh the money's only meant to flow one way and the shit's meant to go the
other way and and people don't like it when it's going the other way so yeah that's right i i
completely agree completely agree so so yeah let's play a game so let's let's look at the last uh
well maybe since 2008 you know when the first um well or when we had the big crash right let's look at the last, well, maybe since 2008, you know, when the first, well, or when we had the big crash, right?
Let's play a game.
I'll make a statement and then you can sort of respond.
One of you can respond with, you know, what's happened, if you see what I mean, and what the response has been.
This is maybe, you know, primarily US-based, but I think it applies elsewhere.
be primarily US based, but I think it applies
elsewhere.
Let's go back to
2008.
The financial industry wrecks
entire economy.
We must battle them out.
We know that's what
happened. More recently,
actually, just beginning
of last year when
COVID happened, senators do insider trading.
Nothing we can do.
Nothing we can do.
Again, very recently, or shortly after that,
COVID shuts everything down.
Bailout big company stocks with $4 trillion.
Yeah, that's exactly what happened.
And $600 stimulus checks that happen very rarely.
And finally, random people do a stonk on Reddit.
Halt trading, bail out the hedge funds.
Yeah, that's true.
I mean, again, cognitive dissonance abounds on this.
So we say we never get political, but, you know, we always do.
This is absolutely outrageous.
The thing that really pisses me off is that I missed this
and I could have bought some GameStop shares.
Well, if you want to get in, DodgeCoin, they're taking it to the sun.
That's right. That's what I heard about Dogecoin.
Yeah, that's right.
So I'm not sure where I can buy that from
because I don't think my bank allows me to trade in that yet.
They trade in Ethereum and Revolut.
Oh, you use Revolut for your crypto.
Yeah.
You know, that's about as dangerous
as I like to go.
Anyway,
that was this week's
Billy Big Balls
of the Week.
That was a big one.
Oh dear.
We don't have a little people.
Jav's late for a meeting,
so we're going to crack straight on very
quickly with this one
for this week's
Sticky Pickle of the Week
Sticky Pickle of the Week
Sticky Pickle of the Week
Love that, right
so in October
2020 Kanye West apparently bought kim kardashian
uh kim kardashian west a hologram of her late father uh robert kardashian to celebrate her
40th birthday um so what it did was it brings to life this idea of digital representations of the dead that can be that can sort of authentically communicate with the living.
Sounds a bit weird. The hologram spoke for around three minutes.
Did it say, help me, Obi-Wan, you're my only hope?
Directly addressing Kardashian and a decision to become a lawyer um and in inverted commas carry on my legacy so can you imagine
kim kardashian being your lawyer
can you can you imagine the late robert kardashian popping open a bottle of um bubbly on
his booty no carry on his legacy not her legacy anyway kim kardashian may make a very good lawyer
we don't know we don't know so this is this is uh similar to um is similar to an event called Coachella,
which happens in the US.
And this sounds very much like back in 2012,
I think, when Dr. Dre and Snoop Dogg were on stage
and they had a hologram of Tupac or the late Tupac.
And is this what they're getting at?
I guess, yeah, I guess it's similar.
I don't know whether it was like a little handheld hologram saying,
help us, Obi-Wan, you're our only hope,
or whether it was carried around by a little droid or something,
or was, who knows?
Who knows?
It's like at the end of Avengersgers end game when um one of the main
character dies and avoiding spoilers there yeah yeah i know and then you know that person had a
hologram talking to oh the last will and testament yeah yes yes exactly yeah but you know i go on go
on sorry i was gonna say so let, here's the sticky pickle, right?
So imagine you've got a massive bank balance,
not unlike Kim Kardashian or even Jav for that matter.
And you wanted to do something for, you know, your loved ones.
After you have departed this mortal coil or shuffled this mortal coil how do you get started with a
company that allows you to preserve your legacy what would you do in this situation so um if you're
you know let's say micro so currently microsoft has been granted a patent that allows the company to make a chatbot that can communicate with people and talk very, very sensitively, talk coherently to them and all that sort of thing. Where would you go to to get the data to support and, I don't know,
educate and build the AI required for a decent chatbot?
Where do you think you could go for for something like that?
Well, certainly not Microsoft if they've been grinding the paydirt
because do you remember what happened when they put their chatbot on Twitter?
It became a Nazi.
It became a Nazi, yeah, very, very quickly.
Was it Microsoft that did that?
Yeah.
Oh, fantastic.
Yeah, it was.
They've got very good PR agencies and SEO.
I remember that.
I think it spent like an hour on Reddit, didn't it?
It came out just...
I think it was over about four weeks or something like that.
Yeah, I was just joking.
Partly because I think people were feeding it Nazi ideology.
Yeah, yeah.
But nonetheless...
It took them a while to cotton on that,
hi, if we tell it this, this is what it's going to learn.
Yeah, it's right.
Okay, so how would you feel if, for instance, they were able to harvest your social media, all of your data, all of your documentation, maybe search history, all that sort of stuff to create, you know, to help build this persona?
How would you feel about that?
That would be no.
That's a no from me, from me bob yeah i'm out yeah but if you were in a position to not say no uh you see this is yeah i think
we're delving into territory we shouldn't be playing with here because obviously your loved
ones want you know i think your loved ones will take any chance they can to say, you know, you always say, if I could just hear their voice one more time.
Here's the thing, exactly. The patent describes creating a bot based on the images, voice data, social media posts, electronic messages of dead people.
dead people yeah so i mean i've got different um i won't say personas but you know how how i you know used to be on twitter is one way how i present myself on instagram is another way
um you know what would have a multiple personality disorder yeah yeah yeah quite possibly but then
if it favored my tiktok history i'd'd be You'd be arrested.
I'd just be dancing all the time, you know, which isn't me.
There's
that
Japanese saying, I believe, like everyone
has three faces.
Yeah, that's right.
There's a one for the public, there's a one for your friends
and family, and then there's the real you.
And I'm just afraid that this chap would portray the real you that i don't want anyone to see
but the best part about this is there was an episode of black mirror about just this
oh and you know what the dead person ended up living in the loft. Yeah.
Oh, I remember that one.
It started off literally a chatbot, you know,
so you enable it and a chatbot and it starts chatting.
And then halfway through the episode, a clone body is shipped to her.
Yeah.
Which downloads this.
And so a dead husband is walking
around her house.
Oh, man.
So it's not going to take long.
I'm telling you. And every now
and then, you're going to have to reboot
your husband because it's going to reboot
Blue Screen.
But then, I mean, you've
obviously got the chances of misuse
as well. Is there a rule as to who can order which person
you know i'm saying it's like can it only be can it only be
next door's dead husband exactly yeah but it's always a good guy to have a beer with like you
know yes can i order an andy and i'll be able to do the show notes for whatever podcast i'm doing
i'm going to uncheck the parts with the tiktok history though
this is a bit like have you seen that show altered carbon
yes yeah yeah it's got the same principle
everything's downloaded onto stack and you can just take it out
and plug it into whichever new body you want
sleeve
they call the body a sleeve
they create the sleeve
or use an existing
body
and then upload the stack into it
that's a good show. The second season wasn't
as good, I didn't think. No, first season I
really enjoyed. Second season,
I'm not really a big Anthony Mackie
fan, to be honest. Yeah, I remember you saying.
I remember you saying. I mean, he seems like
a really, really nice guy, but
I don't think the tough
man roles really suit him,
to be honest. Well, that's what he's
doing now. That's all he's doing.
Yeah.
It's like I saw him in an episode of Black Mirror,
and he was really good in that because he was, like,
more middle-aged, a bit more vulnerable.
That's right.
That's where the virtual reality gay love affair.
That's it.
Well, it wasn't really gay, was it?
Well, they did say no homo before.
Yeah, no.
It was a very interesting mind twist homo before. Yeah, no,
it was, it was,
it was very interesting.
Mind twist that one.
Yeah,
it was.
Remind me of chat rooms back in the midnight.
Right.
Right.
We did say nobody would notice if we didn't have a rant of the week,
but I think we managed to get away with it.
Don't you?
I think so.
I think we,
we ranted about plenty of things in the meantime.
Yeah, exactly.
We're in the hood.
Sticky Pickle of the Week.
Sticky Pickle of the Week.
Sticky Pickle of the Week.
Which brings us nicely to the end of the show.
Thank you, gentlemen.
Really appreciate it.
Always been a pleasure. Indeed. Indeed. Thank you, gentlemen. Really appreciate it. Always been a pleasure.
Indeed. Indeed.
Thank you.
Jav, have a lovely weekend.
Thank you. I'll be resting my legs.
On your motorbike.
And Andy, you have
a lovely weekend too, sir. Thank you
very much. Stay secure, my friends.
Stay secure. Get you very much. Stay secure, my friends. Stay secure.
Get your own way.
You've been listening to The Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
R slash Smashing Security.
I hope when they bring my body back and download it,
that I can at least specify that certain parts of my body are improved.
So you want a completely different body?
I'd like some hair for a start.
I've got plenty to spare.
He doesn't want it on his back, though.
This can't be choosers