The Host Unknown Podcast - Episode 82 - The Irishman
Episode Date: November 19, 2021IRISSCON - https://www.iriss.ie/ This week in Infosec (12:19)With content liberated from the “today in infosec” twitter account15th November 1994: The earliest known example of the Good Times ema...il hoax virus was posted to the TECH-LAW mailing list. Variants of the hoax spread for several years. In 1997, Cult of the Dead Cow (cDc) claimed responsibility for initiating the hoax. Good Times Virus Hoaxhttps://twitter.com/todayininfosec/status/119535364385739162312th November 2012: John McAfee went into hiding because his neighbor Gregory Faull was found dead from a gunshot the day before. Belize police wanted McAfee to come in for questioning, but McAfee stated the police were “out to get him”. John McAfee hiding from police after businessman's murder in Belizehttps://twitter.com/todayininfosec/status/1326993312247656451 The Box © Charlie Langford Rant of the Week (18:52)Amazon tells folks it will stop accepting UK Visa credit cards via weird empty emailHow will you be able to buy things you can't afford now?Amazon has confirmed it will no longer accept payment via Visa credit cards issued in the United Kingdom after several Reg readers wrote in complaining of a cryptic message they'd been sent this morning.The online sales giant has indicated the move was "due to the high fees Visa charges for processing credit card transactions." Billy Big Balls of the Week (26:22)New Memento ransomware switches to WinRar after failing at encryption(The embodiment of: Improvise, adapt, overcome)A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software. Industry News (33:15)FBI Fixes Misconfigured Server After Hoax Email AlertCryptojackers Disable Alibaba Cloud Security AgentChina Telecom Appeals Against US BanEmotet is Rebuilding its BotnetGhostwriter Disinformation Operation Linked to BelarusUS to Sell $56m in Seized Crypto-CurrencyThreat Actors Discuss Leasing Zero-Day ExploitsChina's APT41 Manages Library of Breached CertificatesRussian Cybercrime Forums Open Doors to Chinese-Speakers Tweet of the Week (39:15)https://twitter.com/benawad/status/1460738174783791105 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
so what it reminded me of is do you remember that film anchor man with ron burgundy where all the
all the rival news stations get together and and have that sort of street fight out back
and the rest of the world's got no idea what's going on yeah that is us and smashing security
right yeah and it doesn't help when when clue and Jav start ripping chunks out of each other
on Twitter as well during the week.
I mean, Jav, you even did a bloody film.
You created a film to make your point.
I mean, jeez.
Well, to be fair, I was only sticking up for the team here.
He insulted Host Unknown, and I was defending its honour, unlike you two. I thought he he insulted host unknown and i was defending its honor unlike you two i i thought
he just insulted you no if you say no me and host unknown are inseparable we are one and the same
entity you're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning, good afternoon, good evening.
And welcome to episode 82.
86.
Of the Host Unknown Podcast.
Welcome one and all.
Gentlemen, how are we this week?
Jav, what's been going on? Well than um you know putting clueless in his place
and um it's it's been good it's been good you know um tomorrow i'm actually taking delivery
of my new motorbike oh what are you getting ducati it's one that goes vroom vroom when you twist the accelerator i don't
know what it's called i just know the sound it makes no it's not it was it the nrg like the
little 25 cc like twist and go what why aren't you getting an electric one one because i'm not worth the money tom no dinosaur is all i can say to that yes it runs on
dinosaur it runs on dinosaurs exactly electric vehicles aren't there yet tom like the cost of
them is just too much it is it is yeah but, but the cost to our children, though.
Well, that's China's problem now, as they say.
It's certainly not America's or Australia's problem.
No.
Yeah, we agreed to everything two days later.
No, we didn't agree to anything.
Oh, dear. So what made you get back in the saddle, as it were?
You know what?
Saddle is a very good term.
It's like I walk into my garage and I see this empty spot
and I feel like a cowboy that's lost his horse
or a Texan that doesn't have a gun in its hand.
Or Andy without a bowl of Haribo's on his desk.
I think that's it.
Wake up!
Wake up!
I'm waiting for what my comparison
is, but let's move on.
Children listen to these episodes.
Tom with a full head of hair.
Oh, okay. That's easy yeah i i gave up on
that dream a long time ago so uh it's coming tomorrow when um when should we expect your
first hospital visit well i i you know it's a friend of mine told me that, you know, like the all-in-one leathers that you get?
They're really good because doctors appreciate.
Not those leathers, Tom.
Doctors appreciate you keep all the organs in one bag so that it becomes easier.
Mobile organ donation unit.
That's it.
I'll speed to wherever it's needed the most.
That's right.
Yeah, because you're picking it up just as winter takes hold.
Brilliant.
So, well, I guess it'll keep nice and clean inside your garage
during the winter months.
The genius is that it's cheaper in the winter because people are all selling.
No one's really buying their bike or they're just locking it in the garage.
Even if it's not a new one it is a new one sorry sorry you're talking about what you said to your wife versus what actually happened right exactly she even said to me last night i know
you're not going to tell me how truthfully how much paid for it, so I'm not even going to ask you.
I said, finally, after 21 years, you're catching on.
And you said, and anyway, it's winter, so people are selling them and they're much cheaper to pick up.
Yeah.
So whatever figure you think it is, it's obviously much less.
Yeah.
Oh, dear. Andy, how about you what's been what's been occurring uh so i got to uh besides london
my first conference for the first time in what 18 months maybe even two years maybe even since
last besides who knows i mean about 20 21 months or something like that i already thought
jeez yeah no it's good to get out it's good to see people again yeah it was uh very well run um it was and i think it was uh definitely felt old for the
there was a one particular talk with the um the girls from ncc talking about how they got into
security and yeah i think these days i think these days you have to call them women
women sorry yeah but uh the when she posted her username like on twitter on how to uh contact her
and it was um it ended with a 98 and you realize that that's not her year of graduation or the
year she created the account it's the year she was born it's right oh way wow yeah i mean you you and i watched it we
we both attended it and it was a good talk but you know we we came out sort of saying to each
other well you know so what but actually it wasn't aimed at us but you know not our kind of thing
but as we're not trying to break into the industry tom Tom. No, exactly. And we're not young women, right?
Yeah.
We're not young anything.
But as they came out, they were surrounded by people.
They were swarmed.
They were like rock stars.
And it just showed really how much they connected with the audience,
which I think was so important.
It wasn't just some fucking dull, crusty, bearded, techie guy
talking about code and stuff.
They were talking their language, and they were talking about how,
you know, I didn't do computing or cybersecurity at university,
but I fell into it, and I love it, and this is the reason why I love it,
and these are the things I can do about it.
And, you know, they were their people talking to you know to to their people um and it
and it did go to show a little bit how out of touch we were you know well more yourself obviously
i mean i was i was just humoring you right i understood everything right yeah i can tell by
that really faintly confused look on your face all the way through and as we walked out.
I know exactly how to hack cars.
Don't worry about it.
It's all good, man.
You know, this reminds me of like those boxers
that just stick around for one fight too long.
Just going in there way past your prime.
No one's swarming you like the has-beens in the corner.
That's why I didn't go.
I'm enjoying a dignified
dignified retirement exactly exactly you know and you know i rock up expecting to find a whole
bunch of host unknown groupies and find that actually they died they died last year
you know there's a whole new band in town at the end of the day what no but it was good it was good robinwood
wasn't there no no that's right best groupie ever apart from martin hepworth you know oh yeah
but i did um i did miss out on iris con unfortunately i didn't get to ireland this
week but i understand tom you did I did I'm I'm in
Ireland right now so was it last week um we did it from my hotel room in Berlin in Berlin Berlin
and this week for my hotel in Dublin so yes uh it was excellent it was really good you know how
most conferences you get you know I wouldn't say 80% dross but 80% talks are, you know, either not relevant or just don't talk to you.
And there's a couple of real gems.
It was the other way around entirely.
Really high quality content, as you'd expect.
Great speakers, really good angles ranging from the technical through to the, you know, the strategic and the slightly, you know, more sort of esoteric side of things.
Great venues at the
aviva stadium the the home of um uh irish rugby um and uh yeah very brian looked after us well
uh i was i was tasked with making sure each talk started and stopped on time so
uh we were only 10 minutes late um So, yeah, it was good.
Very good.
So based on what you just explained about B-Sides,
I'm assuming this was filled by a lot of old people talking about old stuff.
And you were happy giving a stopwatch and the glasses.
Well, click, start.
Click, okay, time to end.
Get off stage.
Not far off, Not far off. No, it was a very, very inclusive speaker lineup, actually.
You know, not just the token woman or whatever.
It was very broad, literally ranging from, you know, the ex-head of the NCSE to, you know,
NCSE to, you know, a young woman from J.P. Morgan through to,
I'm trying to think of some other examples.
A security someone from Snapchat or something that you don't have, right?
Yeah, exactly. Exactly.
Obviously, the main topic of the day was ransomware, hard to get away from.
But it was superb, very well run.
You know, I think it was 50 euros and you know i'm i made up for that it's a great diet coke great price that is
oh it's stunning and the quote like i said the quality speakers and international speakers as
well you know loads of people you know were flown in for it it was it was great it was really good
and it goes to a great course which is the irish
of course um the uh computer emergency response team which um brian honan friend of the show
brian honan actually heads up and founded so so yes uh not my first conference obviously because
obviously i was at b-side as well which also wasn't my first i, obviously, because obviously I was at B-Sides as well, which also wasn't my first. I think it was my
fourth,
fourth,
I think,
in the last three weeks.
Check you out
getting out and about.
I know.
I know.
Tom,
super spreader Langford.
Getting it out there.
Getting it out there.
Of course.
In more ways than one.
The irony being
you're the most vulnerable
out of all of us,
right?
Yeah,
exactly.
I mean,
I only got vaccinated to protect
you tom so i've got my booster shot tomorrow nice oh dear so let's find out what we've got
coming up for you in the show today uh this week in infosec takes us back to the good times. As always, Rant of the Week is a story about a greedy giant
annoyed with another greedy giant for, guess what, being greedy.
Billy Big Balls is the very embodiment of the saying,
improvise, adapt, overcome.
Industry News brings us the latest and greatest security news stories
from around the world.
And Tweet of the Week confirms that the geek shall really inherit the earth so let's move straight on
shall we to our favorite segment of the week right in front of us to this week's
this week in InfoSec.
It is that part of the show where we take a stroll down InfoSec memory lane with content liberated from the Today in InfoSec Twitter account.
And I'm conscious that every week that calculator sound does get longer and longer as I work out the
years so our first story takes us back a mere 27 years to the 15th of November 1994
when the earliest known example of the good times email hoax virus was posted to the tech law
mailing list and then obviously variants of this hoax spread was posted to the tech law mailing list. And then obviously variants of this
hoax spread for several years after that and still continues. It's probably one of the most successful
virus hoaxes of all time. You know, Good Times has been scaring people since 94, still going strong,
various iterations on platforms like Facebook, you know know despite the fact it is completely untrue
there is no such virus and it is indeed impossible for a virus to do what is claimed
in the good times text so it simply warns people not to read or download an email with the subject
of good times because the message contains a virus and would
erase your hard drive um and then as it grew you know more detail was added telling people the
damage that would be done to the computer system and it always ends with a note saying forward this
to all your friends it may help them a lot and obviously people wanting to be good netizens
obviously share and still do forward it
on or you know send it to all your friends lists in facebook or whatever other social media platforms
and it's a the success of the hoax is purely down to the fact that it taps into people's fears about
computers uh you know security in the internet and it contains a sort of pseudo-technical babble
that sounds convincing um and you know the variants just continued to the late 90s, early noughts.
And I don't think we're ever going to see the end of it.
But it was 27 years ago that the first known version was around.
Cult of the Dead Cow did a whole bunch of tools as well, didn't they, at the time?
Oh, you're right.
I should actually add, it was actually, you know, three years later in 97, Cult of the Dead Cow claimed
responsibility for initiating that hoax, CDC.
So, yeah, it was...
I used some of their tools to justify the...
Back Orifice.
Yeah, Back Orifice, to justify the expenditure
of 20-odd grand on a firewall by using it to break the leadership team's passwords.
And pray tell, Tom, how does a firewall prevent the leadership team's passwords
from being cracked?
Yes.
This is going to be a good one.
Well, this was back in the day when, you know...
When firewalls would defend against that kind of thing.
Well, no, where, you know, I would either dial in or connect in,
because we didn't have a firewall, but connect into the network,
because it's just an IP address, and scan for NT hashes and found them
and then ran, you know, the tools to decode them found their usernames
and passwords and said look anybody from the internet can do this because we are you know
our entire office network is open on the internet and that's how i got a firewall so yeah so no so
no i did know my stuff back then not Not now, obviously, but back then.
It's a tenuous link, I'll be honest.
But, OK.
I also knew how to get budget out of a leadership team who knew nothing.
They knew nothing and you got budget out of them.
That's not really bragging much, is it?
Well, they knew nothing and so said, we don't need a firewall you took candy from a baby good yeah good work that's uh management material right there yeah
so our second story takes us back a mere nine years to the 12th of november 2012 when the late
great john mccaffeyee went into hiding because his neighbor
Gregory Fool was found dead from a gunshot the day before and this is when Belize police wanted
John McAfee to come in for questioning but he was convinced that the state police were out to get
him he said he knew nothing about the murder but he was worried that he may have been the attacker's
intended target rather than Gregory Full so it was actually quoted saying I thought maybe they
were coming for me they mistook him for me they got the wrong house he's dead they killed him it
spooked me out and then he reportedly buried himself in the sand covered his head with a
cardboard box while he was hiding but throughout that, he was always suspicious of the Belize government,
which he accused of poisoning.
I think it was four out of the 11 dogs that he kept on his property.
He did later escape to Guatemala.
But obviously, his exploits on the run would consume a whole episode.
So for this week, we'll just touch on the spark that ignited this whole chapter in his life which seems a lot longer than nine years ago but it wasn't um and i do normally
say that everything old is new again but i do think that in the case of uh mr john mccaffey he
was an exception and i certainly don't anticipate seeing uh stories like this for a while it was
larger than life to say the least but the paranoia you know i'm living
in this country and the government is you know killing my dogs maybe i should move to a different
country maybe i should maybe i shouldn't be hanging around here rather than publicly claiming that
this government who who has control over me is killing my dogs and complaining about it maybe
i should just say nothing and get out. That's classic paranoia, right?
Yeah.
Certainly one in a million.
But yeah, rest in peace, Mr. John McAfee.
This week in InfoSec.
It doesn't matter if the judges were drinking.
Host Unknown was still awarded
Europe's most entertaining
content status in your face clearly you're not letting that go are you jeff
listen up rant of the week it sounds a mother rage and it will come as no surprise that uh this is now me uh rant of the week so i got earlier this
week i got what i was convinced was a spam email although i could not work out what angle it was
trying to take it wasn't asking me to log into anything it wasn't asking me to to check my
credentials it didn't tell me that my account was in danger. What it was was an email from Amazon saying that they will no longer from, what was it,
January 2022, I can't remember the actual date, but they will no longer be accepting
UK visa credit cards on their websites, which seemed like a very odd kind of piece of spam or phishing email or whatever,
but could not work it out until I found out it was actually true. The reason being that Visa are
raising their fees to a huge amount, I think it's from something like 0.2% to 1.3%
that Amazon will have to pay on every single transaction, which Amazon is saying is far
too expensive and we're not going to allow it. So therefore, we will stop using it.
Now, my initial thought here is that this is Amazon calling Visa's bluff.
But then I looked into it a little bit more, and whilst that may be true,
it turns out that Visa is raising their fees basically because of,
you guessed it, Brexit.
Oh, Jess, certainly not the Brexit that most of the, you know, the nation's gammons have voted for.
But but, yeah, because of the increased costs of doing, you know, European transfers and operating in the UK, blah, blah, blah.
They're raising the fees. So really bizarre.
And in fact, quite a bold move that Amazon would say it's because they're reducing
I mean I don't know the statistics but let's just assume by a good 40 plus percent I would imagine
the methods of payments that they would accept on their sites. I also thought wow you know
Mastercard is going to benefit massively from this. Apparently, MasterCard are planning the same thing at some point.
Yes.
And so will Amazon then stop accepting MasterCard credit cards,
which frankly would reduce efforts of payment for Amazon,
would go through the floor?
Obviously, debit cards still work.
So those of us in the world that know how to budget
and not use credit cards, which I think is actually just you, Jav.
Well, no, because you've got to say, right,
there are benefits to using credit cards as well.
Well, you get protection, right?
Exactly.
So it's not just about budgeting.
It is actually genuinely consumer protection that comes into play.
Yeah, of course. And you know consumer protection yeah of course and
and you know what all those years people laughed at me when i had an amex who's laughing now
yeah exactly well back then no one used to take amex yeah yeah you tried traveling through you
know europe with an amex it's challenging at best um but um but that that does basically leave what was it amex
and uh what's the other card the other card that nobody uses uh discover uh as they even get
discover in the uk no i don't think you can but it it's kind of like although i'm sure you could
use one to pay for stuff in the UK. But that severely limits things.
So I can't help but think this is Amazon calling their bluff.
Because Amazon must account for probably double digits when it comes to the amount of transactions that go through and the volume of transactions.
The amount of transactions that go through and the volume of transactions.
Go on, Jav. What are the chances next year Amazon's going to release their own credit card?
They might do.
They could do.
And this is the perfect justification for it, right?
It's not like they know exactly how to avoid paying fees and taxes anyway.
Yeah.
But a major competitor to Visa and mastercard that's quite dramatic
because i think even apple's card is is that mastercard bank backed by goldman sachs um
is that you're the apple man i don't i can't get an apple card in the uk that's the thing but uh
but even so they're still using one of the're still using one of the two or three major
payment providers, as it were. So yeah, I just, well, one, this is a rant. One, because
for goodness sake, Brexit, just can you stop kicking us now? We know that you're a bastard.
Just get on and let us live our much more expensive and more difficult lives now
uh but two i just find i well i think our our intro title summed it up greedy giants
you know fighting other greedy giants for being greedy um you know if there's any company that
can suck up this kind of cost it's amazon right all you have to do is not knock 10 pence off what
they pay their their warehouse workers you know they'll easily be able to make it solved yeah
exactly but a day not an hour yeah yeah probably a day yeah exactly you're right but uh yeah uh
not good not good at all not good for um uh for users of amazon not good for users of visa uh and all around just not good
generally you know consumer wise so yeah bloody hell bloody hell but we have taken back control
so that's all good we've got control of our borders and i can tell you what coming into a
country with a blue passport whoo i tell, I just look down on all these silly Europeans
with their silly red passports,
and I've got my blue made-in-France passport in my hand.
You know, everyone always calls it blue,
but when I was younger, I always thought it was black
because it's a very dark shade.
It was black. The original one was black, yeah, so I was black because it's a very dark shade. It is black.
The original one was black.
Yeah.
So I don't know why they're talking about blue.
Yeah.
It's bizarre.
I've still got my original one.
You know,
the one with the little cutouts on the front with the numbers on and stuff
like that.
I still got it.
The handwritten one from the 1800s when you had to.
Yeah.
Yeah,
exactly.
The one that cost me seven shillings, six pence,
and a small child.
Yes.
So, yeah.
So, oh, my God.
Anyway, this is an infosec show,
not a Tom ranty Brexit red-faced gammon show.
And that was this week's...
Rant of the Week.
This is the Host Unknown podcast.
The couch potato of InfoSec broadcasting.
And talking of couch potatoes, let's move on to Billy Big Balls and Chav.
Billy Big Balls of the Week.
So, like you said, Tom, ransomware is the topic that nearly everyone talks about.
And you said that IrisCon was dominated by that topic.
And I suppose if you're a criminal mastermind dabbling in the cybers, you will have some ransomware
of your own.
And I think ransomware, if you want to draw the analogies, there's the AK-47 or the
Kalashnikov.
And then there are some Chinese made rifles, which they just saw a picture of a Kalashnikov
and they made something that
resembled it. And we see a lot of these kinds of ransomwares out there, which aren't as good as
some of the, the not pet years of the world or, or, or what have you, but they're just kind of
like replicas. So what happens is the security researchers, they're able to find them quite easily and build in detection or signatures or IOCs, sorry, IOCs as they like to call them.
We don't call them signatures anymore, but we call them IOCs or whatever.
They're getting very good at spotting them and basically defeating them.
So they can't go about encrypting your files. So there's a ransomware
called Memento, and it was detected and their basic ability to encrypt files was taken away.
It was neutered by those pesky security products, such as, you know,
all the good ones that you're familiar with. So they switched their tactics.
And I think this is what makes this a proper Billy Big Balls move. Instead of encrypting the files They would Use WinRAR
You know WinRAR
The old competitor to WinZip
Of course
Good guy WinRAR
You never had to license
You just had to click OK
Exactly
That was the same with WinZip though
Yeah
You have minus 9000 days days remaining on your free trial
that's it that's it you know i i'm actually worried one day when they're going to hire a
debt collection agency and they're going to go around everyone's houses you are for 52 years
of winter our licenses mate we're taking that tv that's the type of shithouse we the oracle would do if oracle
acquired them but that's literally every single major operating system has built-in support for
zip files now it does yeah yeah exactly you don't need raw you don't need winzip or whatever you
don't need that raw was a far superior compressor back in the day that's why people had it yeah yeah i remember
even on the torrents you'd download them as well that that that extra 0.2 percent of compression
made all the difference far better than that yeah yeah and it was far more reliable and splitting
into multiple files as well this is this is clearly i'm talking to a man that never
i was going to say for the illegal torrenting of files.
No, it wasn't illegal.
It was an off-site backup that we were sharing.
That was shared amongst thousands of people.
It was crowdsourced backup.
Crowdsourced off-site backups.
Okay, okay, back to the story.
They meant to use WinRAR.
So instead of trying to encrypt the files, which they can't,
they just create an archive within WinRAR
and set a really strong password on it.
And then they encrypt the password,
and then they're like, give us about a million dollars in Bitcoins
if you want it back.
So, you know, they want 15.95 Bitcoins, which is, I don't know,
at the time of going to print, it was $940,000.
I just think it's genius.
It's like you have this one thing lying around.
And, you know, we talk about legacy software
and legacy systems and how many people actually think about something like winrar on your on your
on your machines and even if you don't have it someone else pushing it on there just so they can
like screw you over i think it's a it's a really good billy big balls move so they basically
couldn't get their encryption to work so they're like damn what else we got
yeah yeah what's so what's so out of date and unused that we might just get this slip past
wow that's brilliant it's got to be an old school uh hacker that's doing this
many people know about winrar these days days. Yeah. But did it work?
Did it work?
Well, they have successfully infected organizations and are using this process.
Now, according to the story, the organizations that were infected,
they had backups, so they were able to restore the files from there.
But, you know, it's an approach that does work that you can't
really like crack into it so they'll likely try it against other organizations so did the criminals
get enough money to actually pay for the raw license why would you want to do that that's
the last thing you want to be well or maybe that's that that's the the canary in the coal mine like the fbi work with winrar
say if anyone pays for the license let us know let us know yeah yeah it's just one guy at winrar
that answers the phone winrar that's a name i've not heard for a long time
sitting in the in his room and like this one phone rings and it's underneath some papers like,
that phone hasn't rung for 20 years.
Red hotline.
Sorry, wrong number.
It's called the subscription line.
Yeah.
That's genius.
I do like that one.
Yeah.
Very, very good.
Excellent.
Thank you very much, Jav, for this week. Billy Big Balls of the Week.
Andy,
I think,
uh,
well,
we've done this 80,
between 82 and 85 times now.
Um,
you know,
what's coming next.
What do you,
I don't suppose you have the time,
do you?
I do. I have the time, do you? I do.
I have the time.
And it is that time of the show where we head over to our news sources over at the InfoSec PA Newswire,
who have been very busy bringing us the latest and greatest security news from around the globe.
Industry News.
FBI fixes misconfigured server after hoax email alert.
Industry news.
Cryptojackers disable Alibaba cloud security agent.
Industry news.
China Telecom appeals against US ban.
Industry news.
Emotet is rebuilding its botnet.
Industry news. Emotech is rebuilding its botnet.
Ghostwriter disinformation operation linked to Belarus.
US to sell $56 million in seized cryptocurrency.
Threat actors discuss leasing zero-day exploits Industry News
China's APT41 manages library of breach certificates
Industry News
Russia, cybercrime forum opens doors to Chinese speakers
Industry News
And that was this week's
Industry News and that was this week's Industry News
Can I just point out
your attempt at a Russian accent
there which you decided
the bester of and decided to
stop halfway through but still made
it sound like you were putting
a Welsh accent on as a result. I have no idea
what you're talking about, Comrade.
Do you know what?
Funny story.
I met the chap.
Who is our PA Newswire?
One of them.
One of many.
One of many.
I thought he was the one we had the beef with, right?
Did we?
You told me to give him a hard time, so I gave him a hard time.
Well, Andy said that.
Made him cry.
And now you're telling me I didn't have to? You beat him up, took his lunch money.
It might have been a case of mistaken identity, Tom.
Oh, jeez.
I'll let the judge know, shall I?
We'll issue an apology next week, depending on the pending charge.
We admit nothing yet.
After you beat him, I would say,
you realise that he's like the only fool.
Do you have any idea who I am?
It's like, no.
I include the name.
Yeah, yeah.
So, anything in there that's interesting yeah i i really like the fact that u.s to sell 56 million
dollars in seed cryptocurrency because i assume they seized these like 10 years ago when the
cryptos were like you know five or each and now they're like hey we should sell them because
why why do we want to hold them on to them? Yeah.
Yeah.
Dave, have you still got that hard drive?
Yeah.
No, no.
It's here somewhere.
I think it's next to the WinRAR subscriber phone.
You know what? I actually, whilst we were in between, I went on the WinRAR website.
Yeah.
And it looks like it's still the same as what it was from the 80s it has not been
updated at all i'm gonna have to do that now i'm going i'm going it's the same guy right it's the
same person that's running that phone line it's definitely got that uh office 95 style color style colour scheme. It is. I think Web 2.0 passed this guy
off, you know,
unawares.
Unawares.
Hasn't it been version 6.0.2 for a
long time?
I have no idea. We need to find
out who the guy is behind this.
Homework for next
week's episode. Find out who runs
WinRAR.
In fact, if WinRAR, perhaps you'd like to sponsor Host Unknown.
I mean, it'd be a perfect combination.
A perfect combination.
You know, three crusty old men out of touch with the industry
partnering with RenoIMWA.
Yeah, yeah.
Partnering with Andy.
How about this?
WinRAR will make a deal.
We'll give you a free trial sponsorship slot,
which will expire in seven days.
But if you click OK, you'll be valid for another seven days.
Oh, dear. days but if you click okay you'll be valid for another seven days oh dear all right i i clicked on the story about uh the russian cybercrime forums opening doors to chinese speakers um
and so they are basically just adapting to the uh Chinese language, Mandarin.
Customer service.
Yeah.
They've gone global.
Yeah.
It's amazing.
It's like WannaCry offering itself up in 20 languages back in,
what was it, 2017 or whatever.
Yeah.
But now they're actually getting Chinese adverts on the site as well.
Chinese adverts?
It's out on the encryption notice
and it's got... We noticed
you were shopping for a bed earlier.
Would you like to buy...
You were looking for WinRAR.
WinRAR's also available
in Mandarin.
It's a link to Alibaba.
We can get WinRar custom
installed on these OEM
devices that look suspiciously like iPods.
Very good.
Oh dear.
Excellent.
Well, thank you gentlemen
for this week's Industry News. The Host Unknown Podcast. Orally delivering the warm and fuzzy feeling you get when you pee yourself.
Ah.
So very true.
Right, let's move on to the final segment of the week.
The segment we like to call...
Tweet of the Week.
And we always say that one twice.
Tweet of the Week.
of the week and we always play that twice twice suite of the week uh so you have me again uh to give you this week's tweet of the week and this week's tweet is a clap back from a 24 year old
spectacled software engineer on tiktok called ben awad um so essentially the author of an article
in vox wrote about how she pulled up to the comment
section in one of his uh tiktok videos and she almost choked on her coffee after reading some
of the comments that this guy was getting um and she left a couple of the examples about uh you
know the lewd comments he's he's getting uh ranging from um things like i'm leaking all over the floors here
ben um you know as an example or uh you know ben it's been 48 hours since my wax i'm allowed
friction now ben uh you know all these sort of comments that this uh this poor guy is getting
on his videos um poor guy yes poor guy yeah it's a thirst trap so it's why i had to turn off comments on youtube
for such a long time yeah i get it yeah no i understand uh so anyway vox has uh they published
the article and they link to it uh obviously on twitter as they do and they advertise their
uh stories and it's called the anatomy of a tiktok hunk And it says, they basically title it,
On TikTok, even regular average-looking people
have thirsty fans flooding their comment sections.
And Ben obviously saw this, and he quote-tweeted it and said,
On Twitter, even average news outlets can write articles on you.
Which I think is just a brilliant clap back to uh you know to what is
kind of an underhanded compliment i think in terms of what you received uh by these guys at box but
absolutely love that ben you are a superstar to us very good very good i i love these um
these these sections that we do that are so wholly related to InfoSec for our InfoSec podcast.
I'm just saying, he's a software engineer. He's done a few TikToks on security.
He ticks all the boxes.
He ticks all the boxes. The geek shall inherit the earth.
I need to dust off my TikTok account.
Dust it off from 4am this morning?
No, I mean, I haven't uploaded to TikTok for a long time.
Dear God, you upload to TikTok?
Yeah, have you never seen any of my TikTok videos?
He rehashes his old YouTube videos.
He doesn't do anything new.
It's just recycling content for a new platform.
No, I actually, there's a couple there that I made just for TikTok.
And then I cross-posted them to YouTube for their shorts, which is basically their...
How'd that work out for you?
Got more views on TikTok than I did on YouTube.
Nobody's on YouTube anymore.
I use YouTube all the time,
just not the shorts.
I don't need to, right?
I've got a perfectly good platform
called TikTok that does it better.
It does.
Maybe we need to get onto TikTok
as Host Unknown.
Well, YouTube anyway.
Do you think people would do that?
We could do it.
There are some accounts
where really old people give advice to younger people, which guess you know you could be quite a big start on
yeah i could do that we could do those what those sort of reaction videos where we explain a trend
to tom and then he just sits there looking work. I could see myself doing that, absolutely.
Absolutely.
So thank you for this week's...
Tweet of the Week.
And that brings us swinging very swiftly and Tarzan-like
into the end of the show.
Gentlemen, what an interesting cornucopia of aural delights,
or aural delights, I should say, that we've had for our listenership this week.
Jav, thank you very much as always.
Thank you. Me, Tarzan, you, Jane.
Yeah, that works. And Andy, thank you, sir.
Stay secure, my friends.
Stay secure.
You've been listening to
the host unknown podcast
if you enjoyed what you heard
comment and subscribe
if you hated it please leave your best insults
on our reddit channel
r slash
smashing security
so do you think
maybe next week you might actually be
in a place with a stable wi-fi
and um you know a desktop setup a non-mobile setup yeah possibly possibly uh actually next
week i should be in the country uh we'll see a week after i'm going to be in copenhagen
but i'm i think i'm back in time for the podcast unless we make it earlier i don't know
whatever what you're saying there's a problem with this so this has been seamless this has been an utterly seamless experience see this you know the the the tom
langford ai was a more seamless experience who's to say that this isn't the tom langford ai the bad
jokes