147: Don't Snapchat and drive

How is private medical data leaking onto the streets of Milton Keynes, what is widening the cybersecurity skills gap, and how is Australia controversially tackling the problem of drivers using their mobile phones?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.

Visit https://www.smashingsecurity.com/147 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Joe Carrigan.

Sponsored By:

Support Smashing Security

Links:

50 reasons to love Milton Keynes (what, only 50?) — The Guardian.
Logan's Run movie trailer — YouTube.
Understanding Milton Keynes — YouTube.
A Festival of Creative Urban Living.
Tweet by @Costermk about "Utopia Station".
Unshredded NHS records were dumped in a town centre to weigh down scaffolding at art festival — The Sun.
Outrage as thousands of NHS patients' medical records are dumped in town centre — Daily Mail.
The Cybersecurity Skills Gap Won't Be Solved in a Classroom — Forbes.
Cybersecurity Skills Shortage Soars, Nearing 3 Million — (ISC)² Blog.
What Cyber Skills Shortage? — Dark Reading.
Australia Is Using New Technology to Catch Drivers on Phones — Time.com.
Texting And Driving Statistics In America — Simply Insurance.
Distracted Driving Worsens As Drivers Use Phones In Riskier Ways — Forbes.
Restrictions on cell phone use while driving in the United States — Wikipedia.
RAC research: dangerous phone use at the wheel rockets among some age groups — RAC.
Really Rude Map.
Shitterton comes on top of list of Britain's worst place names including Pratts Bottom, Crapstone and Slag Lane... but those who live there insist it's still a lovely place to live — Daily Mail.
Heavens-Above.
Shower Orange an Enlightenment of the Soul — Reddit.
Carole's shower adventures with an orange — @caroletheriault on Twitter.
Graham's shower adventures with a banana — @gcluley on Twitter.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Privacy & Opt-Out: https://redcircle.com/privacy

This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.

CAROLE THERIAULT. Dad, this is NHS Patients, Graham. Our stuff will be there. You know, remember when we talked about when you had to go see a doctor about, you know, the mm-mm?

GRAHAM CLULEY. Oh, don't talk about my mm-mm again.

CAROLE THERIAULT. Right? That might be there. That might be floating around the streets of Milton Keynes as we speak.

UNKNOWN. Smashing Security Episode 147: Don't Snapchat and Drive with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security Episode 147. My name is Graham Cluley.

CAROLE THERIAULT. You don't need to sound so bored saying that. I'm Carole Theriault.

GRAHAM CLULEY. I'm not bored. It's quite exciting. 147. That's the biggest break you can get in a game of snooker. Did you know that, Carole?

CAROLE THERIAULT. Is it? I didn't know that. It's also the longest show I've ever worked on, so that's cool too.

GRAHAM CLULEY. Oh, well, well done to you. And we are joined this week by returning guest. It's Joe Carrigan of the Information Security She's a student at Johns Hopkins University. Did I get that right?

JOE CARRIGAN. Yes, it's Johns Hopkins University.

GRAHAM CLULEY. Oh, so I did get it right.

JOE CARRIGAN. Yes, and we like to enunciate the S at the end of Johns.

GRAHAM CLULEY. Yes.

JOE CARRIGAN. Because many people call it John Hopkins and it makes the hair on everybody's neck stand up when they do that. I bet, I bet.

GRAHAM CLULEY. And of course you're also from the Hacking Humans podcast with some, I believe you got some sort of, I don't know, some sort of minion who helps you out there called Dave. But Carole, are you familiar with Hacking Humans too?

CAROLE THERIAULT. Oh, I am. I'm necessarily regular, but I do interviews from time to time for Hacking Humans.

JOE CARRIGAN. We have Carole's interviews on frequently.

CAROLE THERIAULT. Yeah, I would say, I'd say a few times a month. Yeah, and it's a great show. So if you guys don't know it, you should definitely check it out. You learn lots. It's a very educational but fun show.

JOE CARRIGAN. I would like to tell you that sometimes when I'm typing out my notes for what I'm going to talk about, I hear your voice in my head for some reason.

GRAHAM CLULEY. I'm like, horrified.

JOE CARRIGAN. Why am I thinking of how Carole would sound rather than how I would sound?

CAROLE THERIAULT. I'm taking that as an absolute compliment. Really?

GRAHAM CLULEY. Okay.

JOE CARRIGAN. I even mentioned it to Dave once and he goes, that's weird. And I said, yeah, it is.

GRAHAM CLULEY. Carole, what's coming up on the show this week?

CAROLE THERIAULT. Well, first, thanks to this week's sponsors, LastPass and Detectify. Their support helps us give you this show for free. Now, on today's show, Graham takes us to Milton Keynes. This is a medium-sized town in the UK to share with us a very wacky data privacy snafu. Joe tries to uncover why there is such a skill shortage gap up in the cyber world, and I'll be sharing the ins and outs of illegal phone use at the wheel. All this and loads more coming up on this episode of Smashing Security.

GRAHAM CLULEY. Now, fellows, fellows, last week I went to university. I know.

CAROLE THERIAULT. First experience?

GRAHAM CLULEY. Well.

CAROLE THERIAULT. Were you intimidated?

GRAHAM CLULEY. I have been to universities in the past. In fact, Carole, the college I went to long, long ago is now a university, although it wasn't technically a university. What was it then? It was a polytechnic, which which is in many ways much more sophisticated than university. But last week, I went to Milton Keynes to give a couple of cyber awareness talks at the Open University, which is a marvelous institution. And I was marvelous as well, of course. But Milton Keynes, maybe we should try and explain Milton Keynes to Joe, because chances are he's never been to Milton Keynes.

JOE CARRIGAN. Okay, is this named after the economist?

GRAHAM CLULEY. A lot of people think that. They think it may have been named after Maynard Keynes. Oh, wrong Keynes, okay. And also, was it Milton as in Paradise Lost? Lost. I'm not sure, but I think actually the name predates the city. The city's been around for a little more than 50 years. It was born in the Summer of Love, 1967. Carole, how would you describe Milton Keynes to a newcomer?

CAROLE THERIAULT. Okay, so I would say it's a bit like one of the suburban car parks out in an American or Canadian town, right? So, it's outside of the centre of the city, and you've often got like a suburban kind of house, housing estate around there, and then you have like your big Walmart and maybe a grocery store, and a pet store and it's huge. And so it's kind of like that. And there's lots of roundabouts, which I've noticed.

GRAHAM CLULEY. Oh, yes.

CAROLE THERIAULT. Canada's starting to get them a lot, certainly in Ottawa.

GRAHAM CLULEY. It's—

CAROLE THERIAULT. there's a lot of them now.

JOE CARRIGAN. We do that a lot here in Maryland, too. We've had a lot of roundabouts installed over the past 20, 30 years.

CAROLE THERIAULT. They're great, right? I love them.

JOE CARRIGAN. I love them, too.

GRAHAM CLULEY. Yeah, they're all right in reasonable numbers. I think Milton Keynes, after about the 908th— It's true.

CAROLE THERIAULT. You do get a bit of vertigo almost.

GRAHAM CLULEY. I mean, I would— I mean, you paint a rather charming picture of Milton Keynes. Milton Keynes. I would describe it more like hell on earth.

CAROLE THERIAULT. It's not where one goes for fun, right? You go there out of necessity.

GRAHAM CLULEY. There are some fun things there. It's famous for its concrete cows, of course.

CAROLE THERIAULT. What do you do with them, Graham?

GRAHAM CLULEY. You look at them. You don't do anything else with them. Are you some kind of pervert? No, you don't do anything like that. But driving into Milton Keynes, especially for someone like me who lives in Oxford— Oxford has been around for over 1,000 years, predates the Battle of Hastings, the Norman invasion. It's been around for an awfully long time. Milton Keynes has only been around for about 50 years. And so when you go there—

CAROLE THERIAULT. A lot of cities have only been around for 50 years.

GRAHAM CLULEY. Not in our country, not in our country. They haven't. A lot of them are much older.

CAROLE THERIAULT. Oh, Joe, I'm so sorry.

JOE CARRIGAN. Not in my country.

CAROLE THERIAULT. Yeah.

GRAHAM CLULEY. Driving into Milton Keynes is a bit like traveling into the future. Everything feels so high-tech. You feel like you're in an electric vehicle. You feel like—

CAROLE THERIAULT. It does not feel like that to me.

GRAHAM CLULEY. Have you ever seen the movie Logan's Run? Came out in the 1970s.

JOE CARRIGAN. I watched that when I was young. I haven't seen it in years, but it was—

GRAHAM CLULEY. Jenny Agutter may be the thing that you remember most about it. But basically it was a sci-fi story about people living in this incredible city, but by the age of 30 you got killed.

JOE CARRIGAN. Right.

GRAHAM CLULEY. And if you tried to escape death, they sent someone to chase after you and just hunt you down.

JOE CARRIGAN. And they called you a runner.

GRAHAM CLULEY. That's absolutely right. And it was all kind of concrete and it was all, you know, it's all a bit weird. Now, That's how I feel when I go to Milton Keynes.

CAROLE THERIAULT. You want to die.

GRAHAM CLULEY. Well, it's a little bit odd.

JOE CARRIGAN. He wants to float up into the air and explode is what he wants to do.

GRAHAM CLULEY. But I did have a good time going and giving some talks there. I enjoyed that. And they were lovely people despite where they live. But anyway, the point which I'm coming to is for the next 3 weeks, Milton Keynes is hosting the first ever Festival of Creative Urban Living.

CAROLE THERIAULT. Okay, hold on. Festival of Creative Urban Living.

GRAHAM CLULEY. Yeah, FUKUL.

CAROLE THERIAULT. Yeah, I was just trying to see if there's something in there.

GRAHAM CLULEY. And it claims to bring together citizens, artists, architects, designers, urban planners— there's a lot of urban planners in Milton Keynes— and thinkers. And I'm wondering, Carole, do you have a ticket? You're a bit of a thinker, aren't you? Are you going?

CAROLE THERIAULT. I think I might. I think I like this idea.

GRAHAM CLULEY. It sounds like the kind of pretentious arty thing that you would enjoy doing, doesn't it?

CAROLE THERIAULT. Yes, it does, exactly. Yeah, I'll don my cashmere roll neck and off I'll go.

GRAHAM CLULEY. And as you're there, you know, with your Apple Mac under your arm, having a great old time— Flat white. Yeah, yeah, there you are admiring the installation art and say, "Oh, you know, well, I wonder what the blazes all this is about." You might come across outside the main shopping centre in Milton Keynes a 4-storey structure made out of scaffolding.

CAROLE THERIAULT. Okay.

GRAHAM CLULEY. Which is, to be honest, a bit better than the typical thing you find in Milton Keynes. And it's called Utopia Station, which will be home to an internet cafe for the next 3 weeks.

CAROLE THERIAULT. Okay. And what, they're building it now or something?

GRAHAM CLULEY. They're finishing off building it now, because actually by the time the podcast comes out, it will be open, and any of our listeners in the area could, if they wanted, go and visit it. Maybe after hearing this, you will want to.

CAROLE THERIAULT. Hey, I know what I'm doing on Sunday. Right?

GRAHAM CLULEY. Well, I've been on Twitter to find out what the buzz is down on the street about Utopia Station.

CAROLE THERIAULT. I don't really understand what it is yet, really.

JOE CARRIGAN. Right.

GRAHAM CLULEY. Well, it's basically a load of scaffolding, and you sort of walk up it about 4 stories high, and there you go. Is that so you can get better reception?

CAROLE THERIAULT. I don't know.

GRAHAM CLULEY. Maybe, I don't know.

CAROLE THERIAULT. You don't want a view of Milton Keynes, I can assure you of that.

GRAHAM CLULEY. But it's— But yeah.

CAROLE THERIAULT. I'm sorry, people live there.

GRAHAM CLULEY. It's bewildering to me. It's bewildering. But anyway, but they've got some sort of internet cafe there. Anyway, a chap called Costa MK, he said, "Looking really good. Can't wait to climb Utopia Station." He's been posting pictures. Climb it? Yes, you climb it, because it's full of stairs.

CAROLE THERIAULT. Oh, of course. Of course, I understood that. I understood that completely from your description.

JOE CARRIGAN. You climb it.

CAROLE THERIAULT. You climb to the top.

GRAHAM CLULEY. Not like you're climbing the Eiger or the Matterhorn.

CAROLE THERIAULT. What, with your laptop firmly Plunged between your teeth?

GRAHAM CLULEY. For God's sake. No, there are steps, but it's sort of made out of scaffolding and there are steps inside. I mean, I'm sure that they are taking health and safety seriously, right? You can't let the great unwashed public, you know, climb it willy-nilly because accidents are going to happen, right?

JOE CARRIGAN. Yeah, this isn't Burning Man.

GRAHAM CLULEY. Right. I mean, you could go right now if you want, go and look up Utopia Station on the Twitters or something like that, or Milton Keynes if you do a search for it.

JOE CARRIGAN. Oh, this thing is hideous.

GRAHAM CLULEY. Thank you. Yes, well, I said Milton Keynes. It actually improves the look of the place, to be honest.

CAROLE THERIAULT. Why is it called Utopia Station?

GRAHAM CLULEY. Because they're arty. That's why, Carole. Because just saying it's a lump of scaffolding isn't gonna attract anyone. The more serious question is this: what are they going to do to prevent it falling over or getting carried away in a freak gust of wind?

CAROLE THERIAULT. What?

GRAHAM CLULEY. I'll tell you what they're going to do, Carole, right? 'Cause you're worried about that, right? And you, Joe, if you did happen to come over to go and check this out. What they've done is they've created 40 blocks of ballast, like giant hay bales, to weigh the thing down.

CAROLE THERIAULT. That's very eco to use hay bales.

GRAHAM CLULEY. Well, they're not using hay.

CAROLE THERIAULT. Oh.

GRAHAM CLULEY. They're using paper, right? But because they want to be eco-friendly, they're using recycled paper, right? To weigh it down. And these hay bales are bigger than people, right? They're bigger than the size of a man.

CAROLE THERIAULT. A man, you say?

GRAHAM CLULEY. Or a large, sturdy woman, right? They are big. Now you might be asking, Where have they got this paper from? What's all this paper?

CAROLE THERIAULT. Recycled paper. Right. Okay. Yeah.

GRAHAM CLULEY. Medical records.

JOE CARRIGAN. Oh, wow. Is that what that is? Because I'm looking at it right here and I see the bales of paper under it.

CAROLE THERIAULT. Magnify, Joe. Magnify.

JOE CARRIGAN. Magnify and enhance.

GRAHAM CLULEY. Enhance.

CAROLE THERIAULT. Enhance. Enhance.

GRAHAM CLULEY. So apparently these are people's private medical records from GP's offices and pharmacies, and some of them are peeling out of the blocks and scraps of personal data.

CAROLE THERIAULT. You are, oh my, you're not even joking.

GRAHAM CLULEY. They're flying around the street.

JOE CARRIGAN. Yeah, it's like a ticker tape parade of personal health information.

GRAHAM CLULEY. And people are picking them up and saying, "Hang on a minute, I can see someone's details here," because they haven't been properly shredded, right? These haven't been cross-cut shredded, some of them.

CAROLE THERIAULT. They're not even in netting.

GRAHAM CLULEY. No, some of them are just like a piece of paper just sort of roughly torn in half, sort of casually, it's just like, what? So this isn't part of the art. They're not trying to say something about privacy by saying, oh, we will use privacy, we will use private medical records to create this art infrastructure. No, they're not doing that. It's just that this has just been used to weigh it down. And it turns out it's private records.

CAROLE THERIAULT. Okay, so, okay, is this the case that they were trying to be eco-friendly, save the world, yet let's use recycled paper, we'll order it from the recycling plant. They're like, yay, finally. Someone's collecting all this crap and can use it. No one actually looked at what it was. They just had these bales.

GRAHAM CLULEY. That's exactly it, I think. So apparently what they did was they realized they needed—

CAROLE THERIAULT. This is mortifying.

GRAHAM CLULEY. They needed something to protect the structure and prevent it falling over. So they went to a recycling firm called CS Recycling based in Hertfordshire. They provided these blocks of recycled paper, uh, which they said, look, you know, this is what we've done is we, we sent cut and partly shredded paper that's been pressed tightly into blocks. These loose paper, which some people say contains prescription forms, clear names and addresses, details of surgery, are now sort of peeling off.

CAROLE THERIAULT. Yeah, this is NHS patients, Graham. Our stuff will be there.

GRAHAM CLULEY. Well, yeah.

CAROLE THERIAULT. You know, remember when we talked about when you had to go see a doctor about, you know, the—

GRAHAM CLULEY. Oh, don't talk about my mm-mm again. Right?

CAROLE THERIAULT. That might be there. That might be floating around the streets of Milton Keynes as we speak.

GRAHAM CLULEY. And that would only need a very Small scrap of paper, to be honest.

JOE CARRIGAN. I've got to go to Milton Keynes to find out what 'mm-mm-mm' means.

GRAHAM CLULEY. So, do you think it's likely criminals are going to be picking up this paper in the streets of Milton Keynes outside the shopping centre?

CAROLE THERIAULT. Okay.

GRAHAM CLULEY. It's going to be there for the next 3 weeks.

CAROLE THERIAULT. Yeah, so we need to be serious for a second.

GRAHAM CLULEY. Okay.

CAROLE THERIAULT. Has Milton Keynes apologised? Has the NHS gone, whoa, we really screwed up here, dudes.

GRAHAM CLULEY. Well, Milton Keynes Council says it's appalled by the mistake and says that they are going to cover up the bales and arrange for their removal. Presumably they'll replace them with people's Social Security numbers or something like that. I don't know. They'll import some recycled paper from America.

JOE CARRIGAN. They don't have Social Security numbers over there.

GRAHAM CLULEY. No, no, we'd get yours. That's the way it'd work, Joe. We'd import them. Yes, it's all part of our new relationship between America and Britain. It's part of the trade deal. You get our NHS, we get your private data. So they're probably investigating. The recycling company said, "Look, it's nothing to do with us, right?

JOE CARRIGAN. Our job was just to create the bales, and we're taking—" So, I mean, you're the recycling company for the NHS there in the UK, right? You know how this information has to be destroyed, and you know that what you're providing is gonna be out in the public space that's gonna be touchable by other humans. I think it's pretty reasonable to expect them to to properly destroy the information.

CAROLE THERIAULT. Or at least go, "Hi, NHS, you know that you guys just asked us to bail this. I'm looking at someone's Prozac and Viagra prescription.

JOE CARRIGAN. Do you think this is appropriate?" Well, I mean, that's fine if that's what you're going to do with it, and then you're going to dispose of it somehow, right? Yeah. And it's not gonna be out in the public. But when somebody comes to you from Milton Keynes and says, "We need some ballast for a tower of scaffolding." In the center of town. In the center of town. You go, "Okay, well, that's not suitable for this." Joe, what's your story for us this week? You guys are familiar with the concept of the cybersecurity skills gap, right? Yes. This is what we keep hearing about in the news. And, uh, there was an article I saw yesterday that said it's going to be 1.8 million by 2022. Hang on.

GRAHAM CLULEY. Let's just explain what, if anyone doesn't know what the cybersecurity skills gap is and is imagining something like the thigh gap or something like that, what is completely different than what it is different from that? Is it so what, what is the cybersecurity skills? I'm just I'm asking on behalf of one listener rather than myself.

JOE CARRIGAN. So it is the shortfall of qualified people to fill available positions, right? So right now there are somewhere between 1.8 and 3 million jobs that can't be filled globally because people do not have the skills to fill those jobs. All right. So my conjecture has been that the skills gap is overstated, and the people I blame are HR. And hiring managers who don't understand what the problem is. And I want to focus on what I think is a huge part of the problem here, and that is the pipeline into the entry-level positions. Okay, because everybody says you got to get into cybersecurity, it's great, there's tons of jobs in it.

CAROLE THERIAULT. And there's so many jobs in tech support. Right.

JOE CARRIGAN. When I talk to people who say I'm trying to get into cybersecurity, the complaint is always the same thing, that nobody will hire me. Right. Because I don't have any experience. Yeah. And that's part of the problem is that I don't think people understand what entry level is, particularly in HR. And I did a couple of quick searches on a couple of job sites like Indeed and Monster on entry level cybersecurity jobs. And here are some things I found that are required for these jobs. And the first one is huge. Many of them require a Bachelor of Science degree in computer science or computer engineering or IT or some related field. Right.

CAROLE THERIAULT. For an entry role, like, what's normally a typical salary for an entry role?

JOE CARRIGAN. Some of the jobs that had the, had the entry-level roles, they start at like $45,000 and go up to maybe $60,000 here in the US.

CAROLE THERIAULT. And can you live happily in the US for that money or not really?

JOE CARRIGAN. If you're young, yeah, you probably can. I mean, I couldn't live on that today, but my daughter just graduated with a degree in computer engineering. This past May, and she would not have considered a job that paid that little, right? Period. She would have laughed that off. So my point is, person who's posting this job, you need to ask yourself two questions. Does someone really need a bachelor's degree to do this job? And if so, the second question is, why am I so dense that I think that it requires computer science or computer engineering degree? That's, that's a great question to ask yourself. People should look at other degree fields, and I'm going to list some here. I think psychology. I think someone with a psychology degree would do great in cybersecurity because this is mostly about people. Yeah. Yeah. The security problem is mostly about people. Business administration is another great place to look for cybersecurity people because business policy plays an enormous role in cybersecurity. Security. It's how we dictate how the employees should conduct themselves, and we have to have that kind of expertise in managing the people. And a lot of people with computer science and computer engineering degrees do not have that expertise out of the gate. Okay? Yeah. And finally, I would say look at people with accounting degrees. In fact, I know a number of people who are GRC auditors, and they are CPAs. Yeah. So accounting is a great, a great place to look for people to fill these jobs as well.

CAROLE THERIAULT. I like the approach of looking into these different fields. What I worry about from a company's perspective is they're sitting there going, look, we are way behind our competitors, right? We do not have a robust cybersecurity or defense mechanism in place, and we need someone who knows how to do this. We need to find the guy or girl, right, who knows all this stuff across a huge amount of expertise. So it's a generalist, but they, but they only have $45K to offer as a salary. Right.

JOE CARRIGAN. Well, we're talking, we're talking entry-level stuff here for this stuff. Now, when you're talking more senior level, then you get into other issues, which kind of brings me to my next point for, for looking for entry-level people. Stop looking for people with 1 to 3 or even 4 years of experience. Right. Okay. I saw almost every job that I looked at yesterday required that a person who's going into a cybersecurity job, an entry-level cybersecurity position, have 1 to 3, and one even listed 4 years of experience. This is not entry-level. It's not even junior level, not in cybersecurity anyway. Exactly. Someone with 3 or more years of experience is looking for senior positions in this field, and instead look for someone who has good communication skills and is a quick learner and has a natural knack for this kind of thing.

GRAHAM CLULEY. Yeah, someone who's smart, someone who's keen, right? Exactly.

CAROLE THERIAULT. I mean, I used to work for a guy who always had all the developers he hired seem to have a philosophy degree because he just said, I know they can think, and I think they can think critically, and that's really useful to me.

JOE CARRIGAN. Yep. My first manager in, uh, development didn't have a computer science degree. His degree was in psychology. There you go. And, uh, he was doing agile development years before agile development was a thing.

CAROLE THERIAULT. But this is a really interesting point you're making because there are people out there who are coming up to finishing their psychology degree or their business admin job, and they're thinking, I'm not really sure what area to go in. I want to go into a hot area. We all know cybersecurity is a super hot area. It's going to probably stay for the next 10 years, so it's a guaranteed career if you're dedicated and interested in it. Yep. And I, I think a lot of people never even thought about approaching it because they don't have a background in it.

GRAHAM CLULEY. I regularly get people emailing me saying, oh, hi Graham, you know, listen to the podcast, whatever, can you give me some advice because I'm really interested in getting into your industry and what qualifications I need and what courses I should take? And I'm just thinking, for goodness sake, I didn't ask Carl, you think? Well, I should say that, shouldn't I should say, actually, just pass you on to Carole. Can you please answer this for me?

JOE CARRIGAN. But tell them to enroll in the Johns Hopkins University Information Security Institute's Master of Science in Security Informatics program.

GRAHAM CLULEY. Goodness gracious. You know, but I, you know, I don't have a degree. I didn't go to a real university. You know, I just sort of fell into this and, you know. Aren't we glad you did? Well, you know, I just feel incredibly unqualified to comment on these things. And I see all these people with qualifications, which I don't have. Yeah. So what's going on here? Is it that the HR people are just cutting and pasting job descriptions that they've seen online for other people and they're just thinking, oh, we have to ask the same? Is it management inside the company requesting these sort of things?

JOE CARRIGAN. I would really like to know what's going on inside these companies. Maybe that's an opportunity for a research study.

CAROLE THERIAULT. Yeah, well, there needs to be a come-to-Jesus moment between IT and HR, right? HR have to go, look, you guys are the experts in IT, tell us what we need to say and how we get the right people. And IT need to go, you guys are the expert at getting jobs, how do we recruit the right people.

GRAHAM CLULEY. Crow, Jesus may have had a beard and worn sandals, but he never went to university. I just think you've chosen the wrong person there.

JOE CARRIGAN. Finally, my point is that— yep, I'm just going to gloss over that. Good. Finally, my point, know the market and the certifications. If you're going to require a certification, make sure it's an entry-level security certification like the CompTIA Security Plus is a very good one. Cisco CCNA is good for network administration. Those are good basic security certifications that are relatively easy for people to acquire, and when people come in with those, you know, they have at least the basic understanding to do their job. HR people need to understand this. I actually saw a job posting yesterday that was looking for a Microsoft A+ certification. There, there is no such thing as a Microsoft A+ certification. There are entry-level Microsoft certifications, and then there's the CompTIA A+ certification.

GRAHAM CLULEY. Do you think they saw something like Microsoft C++ and they thought, oh well, we want better than that, and so we get Microsoft A+ instead.

JOE CARRIGAN. Exactly. Yeah, a whole mess of times before, and I can't believe I still have to say this, but for the love of God, stop putting CISSP in your entry-level job descriptions or even junior-level job descriptions. Nobody with a CISSP is going to look at that posting, okay? A CISSP requires 5 years of experience in the field. It is not an entry-level certification. Don't even put it as a preferred certification or a preferred qualification. Nobody's going to apply for your entry-level position that you prefer with the certification.

GRAHAM CLULEY. Joe, I think, I think you're holding back a bit. I think you should let us know how you really feel.

JOE CARRIGAN. This is something that just frosts me.

GRAHAM CLULEY. Is the real problem, Joe, that you've been looking for a new job, you're on these recruitment websites, and you just don't have the qualifications? Is that what it is? Could be.

JOE CARRIGAN. I'm not, I'm not looking for a new job. I actually like my job here very, Thank you very much.

GRAHAM CLULEY. Carole, what have you got for us this week?

CAROLE THERIAULT. Okay, I'm going to set a scene. So you guys are driving along. It's nighttime. The main road is quiet, right? The snacks are plentiful, Graham. Your favorite podcast is yammering in the background, and you open the window a little just to let out some of the stale, stinky air. Life is good, right? Life is good. But everything then gets interrupted by the shrill ring of your mobile. Right? You look down to your phone and you see that it's me calling. And obviously, without— goes without saying that you want to—

JOE CARRIGAN. I cannot tell you how much this speaks to me, Carole. I hate when I'm listening to a podcast or listening to a song and somebody calls me on my phone and it totally stops what I'm doing because I use my phone to play these things back.

CAROLE THERIAULT. Right? Right? Exactly. So what do you do? So, Joe, you're in that situation, right? Obviously without the stale air and all that. Your phone's ringing. You want to—

JOE CARRIGAN. how do you handle it? Well, I have a Bluetooth-connected set in my car that's integrated with my car. So I just push the answer button and answer the phone.

CAROLE THERIAULT. And that's on your dashboard?

JOE CARRIGAN. On my dashboard, correct. Yeah.

CAROLE THERIAULT. And you always Bluetooth it up when you get to your car? Yeah. It just pairs automatically?

JOE CARRIGAN. It does, because the sound system in my car is superior to the one on my phone. So I want to listen to the the music or the sound with good quality.

GRAHAM CLULEY. Welcome to the 21st century, Carole. I think most people are doing this.

CAROLE THERIAULT. Is that what you do as well, too? Yes, yes, of course. Really?

GRAHAM CLULEY. Of course. You wouldn't manually do it each time. What a pain in the butt.

CAROLE THERIAULT. Okay, what if you got a rental? Ah. Okay, what if you have a rental and it's someone you, not me, it's someone you really wanna hear from, right? And they've just texted you saying, "Hey, we still on for tonight?" Right? And you, what did you send them? A thumbs up?

GRAHAM CLULEY. Well, I don't know how to do emojis, so I wouldn't send a thumbs up.

CAROLE THERIAULT. You could type those words out. It's not that hard. I know you didn't go to college or anything, but—

GRAHAM CLULEY. It takes a little bit longer.

CAROLE THERIAULT. Maybe not. Right. Okay. But if you did that, do you know how much, you know what your fine could be if you got caught by a copper? Oh, tell me. So in the UK, you could lose 6 points and get a £200 fine.

JOE CARRIGAN. How many points do you get in the UK? I think it's 12.

GRAHAM CLULEY. I think 12 and you're out.

JOE CARRIGAN. That's what we get in Maryland here is 12. It's different state by state in the United States.

CAROLE THERIAULT. Yeah, exactly. So I was doing some research on this story.

GRAHAM CLULEY. So no one should send a text while they're driving or even an emoji. That's so bad.

CAROLE THERIAULT. How many, how many, you guess, how many admit to illegally making or receiving calls or sending a text while at the wheel in the UK?

GRAHAM CLULEY. Well, I think there's different things here, right? There's the way that Joe is answering the phone by pressing a button on his steering wheel.

CAROLE THERIAULT. Illegally making or receiving a call.

GRAHAM CLULEY. So how many people are sending texts while driving?

CAROLE THERIAULT. Yeah, while illegally making or receiving calls on a mobile while at the wheel?

GRAHAM CLULEY. I would think it's like 20%, but it's bloody dangerous.

JOE CARRIGAN. I mean, it's so stupid. That admit to it? Yeah. I'm going to say it's higher than 20%. My bet is at least 50% admit to it in a survey.

CAROLE THERIAULT. Okay. So remember, the survey will include people over 65. And they never do it.

GRAHAM CLULEY. It seems that they never do it. Well, they don't know how to send texts.

CAROLE THERIAULT. They don't know how to answer their phone. Right, exactly. What's that noise? Wait, you turned on the alarm? The number— Graham was pretty close. It's 1 in 4, right? But the number has been pushed up by younger drivers. So drivers between ages 25 and 34, almost half, to Joe's point, admit to doing illegal calls. So making or receiving calls whilst driving. And this is up 7% from the previous year. And overall, so everybody, right, including the people over 65 that never use it, 15 to 20% of us admit to texting, emailing, taking photos, and doing social media whilst driving.

GRAHAM CLULEY. Taking photos while driving? What, are you Snapchatting your genitals while you're driving down the motorway?

JOE CARRIGAN. Look at that funny vanity license plate. I need to get a picture.

CAROLE THERIAULT. Remember that you said that, Graham, because it's going to come back. To bite you. I wouldn't want that biting me. So I looked at a few countries— this short show, right? But basically mobiles and car driving is not a very good cocktail, and it's causing accidents the world over. In the UK, legislation was first introduced making it illegal to use handheld mobiles in 2003, and every 5 years they've upped the fine. So it started off at £30, and now it's at £200 and 6 penalty points, like we said earlier. So in the UK, Graham, you're asking, drivers and riders can use hands-free phones, sat navs, and two-way radios. Two-way radios, we need to talk about that.

GRAHAM CLULEY. Well, a CB, like on Ice Road Truckers. Got ourselves a convoy, big buddy.

JOE CARRIGAN. I know, I know what that is though. That's, that's a lot of amateur radio operators have mobile, uh, handset or sets in there.

CAROLE THERIAULT. They don't have to hold them in their hand like, yes, but they, but they used to in the '70s.

GRAHAM CLULEY. Well, I don't know. But they don't have friends, do they? So there's no one for them to communicate.

JOE CARRIGAN. They're all awesome.

GRAHAM CLULEY. Not really. Not really.

CAROLE THERIAULT. Okay, if the cops think that you're distracted or not in control of your car, Graham, you could be illegally stopped or penalized. Now, when we get to the US, things get a lot more complicated because, as you said, Joe, it's all state-run, right? And it varies quite crazily. So, you know, for all of you out there who, you know, jump over state lines quite regularly, don't assume the law is the same in your state than the neighboring state. I've got a link in the show notes if you want to take a look at the up-to-date table on Wikipedia. But 88% of drivers use their smartphone while driving, apparently, in the U.S., and cell phone use while driving leads to 1.6 million crashes each year in the States.

JOE CARRIGAN. That is absolutely enormous.

CAROLE THERIAULT. And they say 1 out of every 4 car accidents in the U.S. is caused by texting and driving. So, big deal. Now we go down to Australia, down under.

GRAHAM CLULEY. Could you say that again with an Australian accent, Carole?

CAROLE THERIAULT. It's way better than yours. You're just jealous. Now, in Oz, drivers are allowed to use phones in a hand-free cradle and through Bluetooth, but it is illegal to touch a phone while driving except to pass it to a passenger. And the ban even applies to drivers who are stationary at red lights or stuck in traffic jams. Now, I should state actually this is in New South Wales only because Australia, like the US, has state-run legislation rather than federal legislation like we do in the UK. New South Wales has been noticing an uptick in crashes and deaths and that they are correlated to mobile phone use. And they've come up with a new way to try and catch illegal mobile phone use. At the wheel. So government modeling found that the phone detection cameras could prevent 100 fatal and serious injuries over 5 years. These phone detection cameras are known as 45 Mobile Phone Detection Cameras. Nice name, guys. And they're already in operation in New South Wales.

GRAHAM CLULEY. So they are looking at cars and they're identifying people speaking into phones as opposed to identifying their license plate, for instance.

JOE CARRIGAN. I was going to ask if there's something Orwellian going on here for the solution.

CAROLE THERIAULT. Now you're thinking, how do these things work, right? So each unit contains two cameras, and these units are put on the side of the road or in a movable truck, a bit like speed cameras. One camera photographs the car's registration plate, and a second high-set lens looks down through the windscreen and can see what drivers are doing with their hands. Oh, hello. Right? So, the units— So, I don't know. I find that a bit upsetting. I don't know. I find that weird. I find that weird. You could be, I don't know.

GRAHAM CLULEY. Picking your nose. Or worse.

CAROLE THERIAULT. Right. Right. I don't know. I just feel it's a bit of an invasion of—

GRAHAM CLULEY. Well, I'm sorry, Carole. You may worry about your privacy, but I worry about the fact that there's some idiot driving down the road in the opposite direction to me who's Snapchatting rather than concentrate on what's happening on the road.

CAROLE THERIAULT. Okay, okay. My turn to get on a soapbox. Do you think that is worse than, say, someone spilling hot coffee on their lap? Are they not distracted like a mobile phone user? What about the person going, you know, eating a drive-through burger and stuffing it into their pie hole as they go around a tight bend?

GRAHAM CLULEY. I think the rule in the UK is that they judge whether you were in proper control of the vehicle. And it can be just the same if you're applying lipstick or drinking a coffee or doing anything else. Exactly. That the police may say that you weren't in proper control, just like with a phone.

CAROLE THERIAULT. Yeah. So I guess what I'm trying to underline here is whilst the phone is being highlighted here as the big bad thing, what was really bad is you're in control of a car. Yes. And you need to be in charge of that car. And whether it's lipstick or coffee or whatever, or you're, you know, a Snapchat, you need to ignore it till you get to your fricking destination.

GRAHAM CLULEY. Well, yeah, but people aren't, right?

JOE CARRIGAN. Right. People aren't.

CAROLE THERIAULT. So now what they're having to do is they're taking photos and photos that show suspected illegal behavior are referred for verification by human eyes before an infringement notice is sent. We're back in New South Wales here. It's sent to the vehicle's registered owner along with a— oh, sorry, $344 Australian fine. So $232 American. $1 million. And some cameras will be permanently fixed to roadsides, others are going to be on trailers. And, um, basically they're taking pictures of everybody and then wiping those, uh, that don't seem to have any illegal behavior going on. Sure. But what's illegal, right? What if you're like turn— what if you're like trying to hold your kid down because he's taken off his seat belt? You're not in proper control of the car, right? Right.

JOE CARRIGAN. You know, I've just looked up the Maryland distracted driving law and there's a list of things which count as distracted driving, including texting, using a cell phone or smartphone, eating or drinking, talking to passengers, grooming, reading, using maps, reading, using a navigation system, watching a video, adjusting a radio, CD player, or MP3 player.

CAROLE THERIAULT. People are watching fricking movies in their cars.

JOE CARRIGAN. I have seen where people have taken the airbags out of their car and replaced the airbags bag with a video screen so they can watch TV when they drive.

CAROLE THERIAULT. And you're worried about a freaking text?

GRAHAM CLULEY. I used to have a friend, Carole, but before I knew you— he's dead now, and this may be why he's dead, I don't know. But he used— I remember once I was in the car with him, he was driving, and I thought, oh, they're playing an episode of Dad's Army on the radio. And then I looked across and he had a little TV screen in front of him and he was watching Dad's Army, which is a BBC sitcom. Pom on his TV screen while he was driving. So, people do do this.

CAROLE THERIAULT. So, okay. So, basically, to all you kids out there, it's the kids' fault, it seems, right? You kids are the ones who are on your phone way too much. I think as soon as you have a kid or you have a small person in your life you actually care about, you suddenly think, "Oh, don't want these kids on the road," right? These young teens on the road bombing down looking at their phones. But, you know, if we don't stop, this kind of technology is coming here, and I'm a bit of a privacy buff, and I don't like it. We know. I'm a bit of a privacy wonk.

GRAHAM CLULEY. As well, and I think our privacy matters. But I do feel that society has rather blotted its copybook by the number of accidents and deaths which are occurring because people are messing around with their mobile phones. I absolutely hate it. And when I'm in a car with someone who's doing it while driving, I quite like to say, "Oi, what the bloody hell are you doing?" You're always fiddling with your freaking heated seat when you're driving.

CAROLE THERIAULT. I don't know why that's different.

GRAHAM CLULEY. No, I do not. I only turn off my heated seat when you turn it off, actually.

CAROLE THERIAULT. I don't know how it turns itself on. On, but it turns itself on. You get all excited and it's dangerous. It's dangerous, Graham.

GRAHAM CLULEY. Funny happens when you're in the car or your son.

CAROLE THERIAULT. I showed him how. You're welcome.

JOE CARRIGAN. So now you can pester him when you're not present, like a ghost.

GRAHAM CLULEY. Whatever your industry, Detectify can help you stay on top of security and build safer web apps. Just enter the name of your your website, and Detectify will run over 1,500 security tests against it, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 hand-picked ethical hackers. The service can even help you discover web assets like unknown subdomains and determine if they're vulnerable to hostile subdomain takeover. So what are you waiting for? Go hack yourself. Take a 14-day free trial at www.smashingsecurity.com/detectify. Detect with an -ify on the end. And thanks to them for supporting the show.

CAROLE THERIAULT. Don't you love a win-win situation? Imagine if you could have both enterprise-wide password management with single sign-on. What is single sign-on? Well, Graham, let me dazzle you. Single Sign-On is designed to connect employees to high-priority apps, all without needing the user to log in at every single hurdle. Now, by combining these two services, our friends at LastPass may have just revolutionized security at the enterprise level. Learn more at lastpass.com/smashing. You don't need to say the forward slash.

GRAHAM CLULEY. And welcome back. And you join us on our favorite part of the show, the part of the show that we like to call Pick of the Week.

CAROLE THERIAULT. Pick of the Week. Pick of the Week.

GRAHAM CLULEY. Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily. Better not be. Now, my Pick of the Week this week is not security related. Good. A couple of weeks ago, I found myself in the unfortunate position of going camping with my family. Not— it wasn't unfortunate that I was with my family, but it was that I was camping. I'm not a big fan of camping.

CAROLE THERIAULT. Graham's not a big fan of many things, and camping is on that list. It's quite high on the list. So is hiking, or skating, or skiing, or anything.

GRAHAM CLULEY. Yes, anal sex, these sort of things. So, but I mean, there's a few things which I have a bit of a problem with. But we did travel through a— we were endorsing Dorset, in the English countryside. Beautiful Dorset. Beautiful Dorset. Beautiful county. And I went through the town of Shitterton, which is the real name of a town in Dorset. And this amused my son a great deal. And I was telling him about some of the other funny-named places in the world, including there is a road in Oxford, where we live, Carole, called Crotch Crescent, which is quite amusing over in Eddington.

CAROLE THERIAULT. Yeah, we have Tootbutts Lane near us. Do you? Yes.

GRAHAM CLULEY. Well, maybe you will want to check out a website called The Really Rude Map. And I've put a link in the show notes so you can check it out. And this is a map of the places with really rude names. And if you're quite juvenile, you might find it quite entertaining. I can think of a number of people who might enjoy that. Right. Yes. So, if you can check it out right now.

JOE CARRIGAN. I have some pulled up from Maryland. Cockeysville in Maryland and Hancock in Maryland. Actually, Hancock is where Maryland gets the thinnest. It's the— And then out in, it looks like either Garrett or Allegheny County, there's a place called Shaft, Maryland.

GRAHAM CLULEY. Place called Lord Hereford's Knob. There's nothing in Canada.

CAROLE THERIAULT. Nothing rude in Canada.

GRAHAM CLULEY. Well, Canada's very polite, isn't it? Yeah. Oh, I'm seeing some in Canada. You've got to zoom in a bit. Are you? Yes. I'm trying. There's some over in Labrador and things.

CAROLE THERIAULT. Oh yeah, that's rude. Wow.

GRAHAM CLULEY. Yeah, so there's a place called Cli— oh, is that kind of— it's called Climax on the border there. Crotch Lake? Near Big Dick Lake. And yeah, anyway, it's all quite amusing. So next time you need a bit of a titter, maybe you will go and check out the really rude map. And don't forget to check out the scenic view from Upper Spunk Lake. Lake in Minnesota. Anyway, that is my— Oh, Graham. I know, it's highbrow. It's highbrow this week's episode. I just hope, you know, yeah.

CAROLE THERIAULT. When are you next going to wanky?

GRAHAM CLULEY. There's quite a lot of rude-sounding places in Asia, but I'm a little bit uncomfortable repeating them because, you know, over in Long Dong Avenue, for instance, there's— So anyway, but anyway, I think moving on. So Joe, what's your pick of the week?

JOE CARRIGAN. Mine is actually a little more classy than that, I guess. Not difficult. It's hard, hard not to be. But my pick of the week is Heavens Above, and if you go to their website, it's heavens-above.com. And they also have an app. I think it's only available on Android. I don't think it's on Apple. But I actually sprung for the, for the paid version of the app to remove the ads. But this is an app that lets you spot satellites as they're flying overhead. So there are satellites up there. The very space around the planet is filled with all kinds of space junk. And then, of course, there's the International Space Station, including Elon Musk's car, which is great. Great idea. Yeah.

CAROLE THERIAULT. So it's so cool. I mean, why not throw more crap into space so it can land on Earth?

JOE CARRIGAN. But if you, if you're ever out in the middle of the night in a dark area, and sometimes it doesn't have to be too dark, It just has to be nighttime, but if you look up and you see a light moving in a straight line that's not blinking, and then that light disappears, chances are that's a satellite. And this is an app that will let you go out there and find them and see them. Cool. And it also tracks—

CAROLE THERIAULT. You obviously don't live in England. I do not. Because we have this really crazy barrier called clouds. Ah, right. And they're around a lot.

JOE CARRIGAN. They're around a lot. They only seem to come out here whenever there's some kind of once-in-a-lifetime astronomical event. That's when the clouds come out in Maryland.

GRAHAM CLULEY. So you could see the International Space Station. That's probably one which is quite interesting to take a look at.

CAROLE THERIAULT. A North Korean satellite?

GRAHAM CLULEY. Yes. Whoa. Should we be worried?

JOE CARRIGAN. Tiangong is on there. That's a Chinese space station. I don't know if it's still habited, but it's there. A lot of Cosmos rocket boosters that fly by.

GRAHAM CLULEY. You see those? Hmm. This is kind of cool.

CAROLE THERIAULT. I might check into this.

JOE CARRIGAN. The International Space Station is very easy to see. See when, when it flies over. It's very bright because it's so big, and it catches the sun and shines a lot of, a lot of light down on the planet. So you can see it very easily. How cool.

CAROLE THERIAULT. Yeah, I don't know if mine's gonna be—

GRAHAM CLULEY. I like it. Carole, what's your pick of the week?

CAROLE THERIAULT. Remember how last week we had a bit of a different show and we didn't have a pick of the week?

GRAHAM CLULEY. Yeah, so you've been saving up a really good one, just like I did, right?

CAROLE THERIAULT. And well, a listener complained and they did so via Twitter. And it said, @SmashingSecurity, had no Pick of the Week this episode. I've got one sad boy with me here. Right. I know, totally. So I felt bad and I responded.

GRAHAM CLULEY. Well, because their son likes the Pick of the Week segment.

CAROLE THERIAULT. Yeah, I'm sure that they're not letting them listen to anything rude because that would be inappropriate. But I said, look, I was talking to Gabriel of Australia through his dad. And I said, why don't you help me out with this week's pick of the week? Now, some of you might have seen this thread on Reddit and in the media, and it's basically all dedicated to the art of eating an orange in the shower. I've heard of this. Right. Well, I love an orange, right? But I do hate the whole sticky mess, hands, all that stuff it leaves behind. And I was thinking this could be the answer. So I got quite, you know, I was like, hmm, this could be interesting. But I already have a kind of semi-weird routine, shower routine.

GRAHAM CLULEY. Oh, please tell us.

CAROLE THERIAULT. Doesn't involve calling you or anything like that, but I like to brush my teeth in the shower.

GRAHAM CLULEY. Okay, yeah, that makes sense. Is that gross? Is that gross? No, no, I don't think so. No. Good use of time, I think.

CAROLE THERIAULT. Right, you know, multitasking and all that. And we all know that brushing your teeth and eating an orange close together is not a nice thing. Or awful. Exactly. So this challenge demanded that I kind of, you know, demanded quite a bit of me. I had to kind of change stuff. And to my mind, the whole thing has to be a bit primal, right? You can't just cut up your little orange and have little segments. You got to kind of tear it open or bite into it.

JOE CARRIGAN. You're standing naked in the shower, it's time to— yeah, act like you're standing naked somewhere eating an orange, right? Yeah. So I did it.

CAROLE THERIAULT. Oh, you're naked? Okay. Oh yeah, you tried it? I did. And there's— I put pictures in the, in the show notes. You guys can see them there. That's my little toes. I see. Yeah. And I asked Gabriel. Gabriel had a go as well, my buddy over in Australia. He had a go and he reported back that he liked it, but he pointed out that a cold orange and a hot shower would be better. And I realized mine was also room temperature and I thought that was brilliant. So I tried it again the next day with a cold orange after I worked out. And can I just say, amazing. So Graham, I tried to challenge you to this challenge. Well, you did.

GRAHAM CLULEY. You did, Carole. You contacted me yesterday about about eaten an orange like a primal caveman. I was quite grumpy in the shower, and I didn't have any oranges in the house, but I did actually take with me into the shower this morning a banana. It's not the same. Well, it's what I had to hand, and so I took a banana in.

CAROLE THERIAULT. Why don't you take a sandwich?

GRAHAM CLULEY. Well, interesting you should say that, because I took— well, that would would get quite soggy, of course. Anyway, so I started the shower, I got under the shower, I took the banana. I hadn't peeled it, and I remembered that you'd said I had to eat it like a caveman. So I simply bit into— Okay, that's pretty good.

CAROLE THERIAULT. That's pretty—

GRAHAM CLULEY. So I bit into it sideways. So imagine that the banana is like a big smile on my face, and I go— It's hard to imagine. Yeah, a big smile would be difficult.

CAROLE THERIAULT. It's hard to imagine you happy.

GRAHAM CLULEY. And so I— and what I found is that when you bite into a banana like like that, the insides of the banana tend to squeeze out of the sides. Oh no. Right? Which isn't so good. But banana skin was actually quite pleasant. It was a bit like eating a banana sandwich. Not that I would ever eat a banana sandwich because that's the wrong kind of thing to put in a sandwich.

CAROLE THERIAULT. But I think you guys out there, you should try it. Challenge your kids to it. See what they think. It's a good way to get some fruit in. It's quite fun. Feels a bit naughty. And really, is it? Is it naughty? Not really.

JOE CARRIGAN. Come on. I wouldn't say it's naughty. No. Right. But your, your advice is definitely refrigerate the orange first.

CAROLE THERIAULT. Yeah. I mean, I like a little workout, right? Every day. So I like to do a little workout. Then you're, you know, cold orange is really nice afterwards. And now I've just moved my shower forward. So I'm combining the, the orange in the shower.

GRAHAM CLULEY. And I think also, I think also this is something to put on your CV, on your resume, and maybe it could help you get a job in IT or something.

CAROLE THERIAULT. In IT? Psychologically fascinating.

GRAHAM CLULEY. Yeah, if someone had that on their resume and came in for a job, I would say, yeah, we definitely got to interview this guy. We're going to ask him about the orange.

CAROLE THERIAULT. So, uh, this was all for Gabriel. Gabriel, I'm sorry, uh, we didn't do Pick of the Week, uh, but, you know, shout out, thanks for helping us out. And, uh, yeah, cool, good. Listen to the show never again because it's too old for you.

GRAHAM CLULEY. Well, that just about wraps it up for this Joe, I'm sure lots of our listeners would love to follow you online. What's the best way for folks to find out more about you?

JOE CARRIGAN. Okay, you can follow me on Twitter @jt_carrigan, and that's spelled C-A-R-R-I-G-A-N, the proper way of spelling Carrigan. And yes, Nancy and Ryan are both wrong. There is no K in the Gaelic alphabet. And you can also find me on Hacking Humans with Dave Bittner every week. And me occasionally. And Carole occasionally.

GRAHAM CLULEY. Yes. And you can follow us on Twitter @SmashInSecurity, no G, Twitter won't allow us to have a G. And maybe if you really like the show, you might want to support us on Patreon as well. We've got a couple of tiers up there. If you want to give us some monthly support, you can get, you can get bonus goodies and access to episodes earlier than they are released to the general public.

CAROLE THERIAULT. Ooh, fancy that. And once again, thank you to this week's Smashing Security sponsor, Sponsors Detectify and LastPass. Their amazing support helps us give you this show for free. And thanks to you listeners, reviewers, Patreon supporters, young and old and in between. Check out smashingsecurity.com for past episodes, sponsorship details, and info on how to get in touch with us.

GRAHAM CLULEY. Until next time, cheerio, bye-bye. Bye.

CAROLE THERIAULT. See ya. Wouldn't want to be ya. No, I would. I really would, guys. I would.

GRAHAM CLULEY. You want to be me? No, not you. Maybe not me. Oh, okay. All right. Fair enough. Joe, I'm sure lots of our listeners would love to follow you online. What's the best way for folks to find out more about you?

JOE CARRIGAN. Oh boy. What's my Twitter handle? I forget. Oh, you see, he's like, he's like, I love that.

GRAHAM CLULEY. Plug the podcast. If you prefer. I will do that. I will.

JOE CARRIGAN. I'll do both. I'll say— they don't show you what your Twitter handle is anymore. Oh my God, you'll find it.

CAROLE THERIAULT. Hang on, I'll find you.

JOE CARRIGAN. Oh, @JTCarrigan. Okay. Okay, you can follow me on Twitter @JTCarrigan, and that's spelled

-- TRANSCRIPT ENDS --

147: Don't Snapchat and drive

Transcript +