FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house... virtually.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.
Visit https://www.smashingsecurity.com/221 to check out this episode’s show notes and episode links.
Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Special Guest: Thom Langford.
Sponsored By:
- 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.
Links:
- FatFace would like everyone to keep its data breach “strictly private and confidential” — Graham Cluley.
- Retailer FatFace pays $2m ransom to Conti cyber criminals — Computer Weekly.
- Streisand effect — Wikipedia.
- 'We have your porn collection': The rise of extortionware — BBC News.
- Mobikwik Data Breach: Data of 10 crore Mobikwik users for sale on dark web, say cybersecurity experts — The Economic Times.
- Mobikwik data breach said to be largest KYC leak, personal data of 3.5 million users up for sale on dark web — India Today.
- Rick Beato — YouTube.
- What Makes This Song Great? Ep.94 Gordon Lightfoot — YouTube.
- Adriano Celentano - Prisencolinensinainciusol — YouTube.
- Ember: The World’s First Temperature Control Mug.
- Slow-cooked guide to Sous Vide Eggs — Serious Eats.
- Art History 101 — YouTube.
- Chris Luedke, art historian — Twitter.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript +
This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.
GRAHAM CLULEY. And the attackers posted on a blog that they had compromised the computer of the firm's IT director, and they had found his secret porn stash. Now, I don't know if either of you have a secret porn stash. Normally a mustache is fairly obvious, but depends where you keep it, I suppose. You could grow it anywhere.
CAROLE THERIAULT. So basically you're saying the IT guy, the IT guy had his porn stash on his work computer.
UNKNOWN. Like you do. Smashing Security, episode 221, God Bless His Hairy Palms, with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security, episode 221. My name's Graham Cluley.
CAROLE THERIAULT. And I'm Carole Theriault.
GRAHAM CLULEY. And we're joined this week by returning guest. Thom Langford from the Host Unknown podcast. Hello, Thom.
THOM LANGFORD. Hello. Hello. Thank you very much for having me on again.
CAROLE THERIAULT. Yes, we're delighted to have you here.
GRAHAM CLULEY. Delighted, interesting choice of words.
CAROLE THERIAULT. I mean, you're right. I forgot for a second.
GRAHAM CLULEY. There have been rivalries between our podcasts.
THOM LANGFORD. They're friendly rivalries, like local friendly derbies.
CAROLE THERIAULT. Yeah, says the person who thieves from us on a regular basis.
THOM LANGFORD. Oh, imitation is the sincerest form of flattery. I'm sure you know that.
GRAHAM CLULEY. Uh-huh. He'd probably say inspired. Shared by a scroll, an embellished scroll.
CAROLE THERIAULT. Yeah, yeah, yeah.
THOM LANGFORD. I recall a conversation you had with the other fellow on our podcast, Andy, that you were inspired by our podcast, Graham.
CAROLE THERIAULT. I'm sorry?
THOM LANGFORD. The fact that we only did one back in 2015 has got nothing to do with it.
GRAHAM CLULEY. I have seen this claim made on your website.
THOM LANGFORD. I don't know if he has it in writing or not. Of course it's in writing. It's on our website.
CAROLE THERIAULT. Okay, whatever. We have a fanboy here, Thom Langford.
THOM LANGFORD. Yes. Ah, I've been on here 4 times now, which tells me that you've had at least 4 guests, um, pull out, drop out last minute. Yeah, exactly. So, which is great, you know, I'm your go-to guy.
CAROLE THERIAULT. Well, thanks to this week's sponsors, 1Password. Its support helps us give you this show for free. Now coming up on today's show, Graham, what do you got?
GRAHAM CLULEY. Oh, sexy extortion stuff.
CAROLE THERIAULT. Oh, wonderful. And Thom, what about you?
THOM LANGFORD. Oh, I've got a, uh, a blame the intern scenario with a twist.
CAROLE THERIAULT. And I'm gonna take us house shopping. All this and much more coming up on this episode of Smashing Security.
GRAHAM CLULEY. Now, chums, chums, have either of you ever been blackmailed, or maybe been a blackmailer yourself?
THOM LANGFORD. Are we talking professionally or as a hobby?
GRAHAM CLULEY. Have you ever kidnapped the grandson of a shipping tycoon, cut his ear off, send it to the family through the Royal Mail?
CAROLE THERIAULT. Let me think.
GRAHAM CLULEY. Kroll, have you ever had a neighbour threaten to report your Wookiee to the nearest zoo because you won't stop playing the music so loud? Thom, do you have a— have you ever been tempted to tell someone you have a very particular set of skills that you've acquired over a very long career?
THOM LANGFORD. I think I have on at least one occasion recently, actually.
GRAHAM CLULEY. Well, as the Chinese like to say, we live in extorting times, and that has never been more true than when it comes to ransomware, of course. Every time I turn on my computer, I am reminded of the ransomware peril, not because my computer has been infected. I was gonna say.
THOM LANGFORD. Touch wood.
GRAHAM CLULEY. Let's hope not. But because of the headlines all the time, new companies being hit left, right, and center, left with their trousers around their ankles, all their data hanging out for anyone to see. Bad guys breaking in, stealing information, encrypting computers. It is extortion a go-go out there. It's horrendous. Just in the last week, for instance, did you hear the story about Fatface?
THOM LANGFORD. Yes, and their very interesting approach to being breached.
GRAHAM CLULEY. Yeah.
CAROLE THERIAULT. Is this Fatface the retailer?
GRAHAM CLULEY. Yes.
CAROLE THERIAULT. Not your friend or—
THOM LANGFORD. Yeah, his mate, Johnny Fatface. I was just checking.
GRAHAM CLULEY. So for those people who don't know, Fatface is a UK fashion retailer. You'll find them in malls. Thom, you dress very young for your age. Have you ever—
CAROLE THERIAULT. It's kind of semi-beachy, surfy clothes, but with long sleeves because it's actually quite cold around here.
THOM LANGFORD. Yeah, and I don't want to show my undeveloped arms.
CAROLE THERIAULT. My white pasty skin.
THOM LANGFORD. Shh, shh. You've obviously seen my dating selfie.
GRAHAM CLULEY. Now, in the last week or so, Fatface has sent an email to its customers. Disclosing that it suffered a security breach and that names, email addresses, postal addresses, partial credit card details have all been nabbed by cybercriminals. They discovered this breach on the 17th of January, and they've just got around to telling customers about it, 'cause it's now the end of March. And so far, so normal, right? They've dilly-dallied.
CAROLE THERIAULT. So this is anyone that has purchased something from Fatface online might be at risk of this? Well—
THOM LANGFORD. Who has an account?
GRAHAM CLULEY. Yes, someone who's got an account, which most likely has been set up online, yes, rather than going into stores.
CAROLE THERIAULT. Can I ask a question? I know, but it's related. Like, so in these, these online stores, you know, sometimes you're asked, do you want to create account or do you want to purchase as a guest? And if you decide to purchase as a guest, I guess you wouldn't be locked in their account details in that way.
GRAHAM CLULEY. Well, they might still keep a record.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. Because of course they're still posting you something, so they're still going to store some information about you. I think it probably depends on the organization, how long they keep it.
THOM LANGFORD. Yeah.
CAROLE THERIAULT. Okay. Sorry.
GRAHAM CLULEY. Yes, carry on.
CAROLE THERIAULT. That's all right.
GRAHAM CLULEY. No, no, it's interesting. Well, what was unusual is the email which they sent to customers, which had in its subject line, strictly private and confidential. And later on in the body of the email, telling people about the breach which happened, it said, please do keep this email and the information included within it strictly private and confidential. Confidential. And which is more than they did with their own data, of course. They weren't able to keep that strictly private and confidential.
CAROLE THERIAULT. So what were they sending? What were they sending in the email that had to be kept strictly private and confidential? The fact that they were admitting you've been breached?
GRAHAM CLULEY. Exactly. It's because, shh, shh, shh. Hey guys, huddle, huddle, huddle. We've had a security breach. Don't tell anybody, right? Let's keep it between ourselves.
THOM LANGFORD. We take your security seriously.
GRAHAM CLULEY. And this, of course, is what we call the Streisand effect, because if they hadn't done that, probably half of the articles which were written about Fatface wouldn't have happened. And so less people would probably have heard about the Fatface breach if they hadn't told people, don't talk about the Fatface breach. It's a bit like Fight Club.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. Right? The first rule of the Fatface breach is we don't talk about the Fatface breach. But of course, people did.
CAROLE THERIAULT. So, so they have to follow the law and tell their customers, but they kind of said to the customers, now don't tell anybody. And then And maybe 5% sent it to places like the Register tip line or on Reddit.
GRAHAM CLULEY. Yep.
CAROLE THERIAULT. Beautiful.
GRAHAM CLULEY. So, a bit of an own goal.
CAROLE THERIAULT. Oh, so have they apologised for this?
GRAHAM CLULEY. Well, you know, as much as any corporation actually apologises. What they've actually gone further than apologised. What they've done is they've offered a reward. They've offered $2 million, and that $2 million has been given to the Conti ransomware gang. And they said, thank you very much. So they've actually paid. This is the thing. It's just emerged that Fatface have actually paid the ransom.
THOM LANGFORD. As if their clothes aren't expensive enough, now they're going to go up in price.
GRAHAM CLULEY. So you may have had trouble in the past, Thom, taking your hoodie back to Fatface and saying it doesn't fit me and getting your money back. Right.
THOM LANGFORD. And they'll look at me and say, not surprised, mate.
GRAHAM CLULEY. But they've got no trouble at all paying out $2 million.
CAROLE THERIAULT. And what's worse is you're probably going to get that in the clothes you buy, you know, a little trickle effect of getting the money back from you. But you know what? The hackers still have the freaking information.
GRAHAM CLULEY. Yeah, well, they're honorable hackers, I imagine, like all ransomware.
CAROLE THERIAULT. Oh, I'm sure we should always just believe that the best in everybody.
GRAHAM CLULEY. So initially, the Conti ransomware gang, they demanded $8 million, and the negotiations between them actually have leaked out. Computer Weekly have published some of the communications between—
THOM LANGFORD. Yeah, isn't it great?
GRAHAM CLULEY. Between—
CAROLE THERIAULT. Oh my God.
THOM LANGFORD. Probably because the attackers are still in there.
CAROLE THERIAULT. This is a shit show.
GRAHAM CLULEY. So they initially asked for $8 million. Fatface managed to convince them that we can't afford that. And Conti, the ransomware gang, they came back and said, well, look, we know you've got cyber insurance with Beazley because we found that document on your network. You're covered for £7.5 million. So we think it's quite reasonable. We're asking for $8 million. Fatface came back and said, well, you've got to understand there's a global pandemic going on. There's a lockdown. Our revenues have been slashed because normally we sell in the high street. We don't sell that much online. And that's how they've settled on $2 million instead. Now Conti, for their part, the Conti— I don't know why they're called that. Well, they—
THOM LANGFORD. because they're a bunch of Contis.
GRAHAM CLULEY. Well, maybe they are. They have actually, aside from promising not to leak any of the data, they've actually given FatFace a whole bunch of IT security advice, which you can read on the Computer Week, about how to better protect their networks, use encryption, segregate sensitive information, lock down accounts. It's all quite sensible stuff. You wouldn't normally spend $2 million for it.
CAROLE THERIAULT. Well, I suppose they don't want anyone else going after them because when they hit them again in two years, they wanna make sure they've got the money and they're still alive been well.
THOM LANGFORD. And did they also include a link to a download that they said would protect all of their workstations?
GRAHAM CLULEY. Yes, here's a PDF with the instructions.
CAROLE THERIAULT. You know, it's really hard, right? Because you don't like the fact that they pay. Maybe it's just because of what we work in, in our industry. I just don't like it, right? That you have to pay up. You kind of want to fight it and have the backups. But if they had no backups, or if they lost the information, or if they decide to trust the group, the hacker group, I don't know, like, I mean, I know the, the official line from the is you shouldn't pay.
GRAHAM CLULEY. My view is, business-wise, that may not be the pragmatic best decision because often recovering can cost you an awful lot more, and you won't get the advice on how to fix the problem.
THOM LANGFORD. Maybe they priced up their backup solution to being at $2.5 million, and so therefore this was cheaper.
GRAHAM CLULEY. Maybe.
CAROLE THERIAULT. But it's interesting that they go after people with cyber insurance because it's kind of—
GRAHAM CLULEY. Oh, yes.
CAROLE THERIAULT. Well, I remember advising people years ago going, you know, that's something that's coming, you know, cyber insurance. Every company is going to need it to cover to cover their asses.
THOM LANGFORD. And now, yeah, cyber insurers are being attacked so that they can find out their customer list.
CAROLE THERIAULT. Yeah.
THOM LANGFORD. Their client list, and therefore know how much that they're—
CAROLE THERIAULT. They're cashing in on the industry.
THOM LANGFORD. Yeah.
GRAHAM CLULEY. We've just, in the last few days, we've seen a giant of cyber insurance, CNA/Hardy, they've been hit by ransomware. And chances are that the bad guys stole their customer list, so know who's got cyber insurance, know who's more likely to pay before they hit the actual insurers themselves.
THOM LANGFORD. Yeah.
GRAHAM CLULEY. So it's going on a lot. But I liked the fact that they were offering IT security advice on how to— I thought that was, that was going beyond the call of duty and kind of thing any half-respectable IT director would, would probably enjoy. But there's another little wrinkle in this story of the coming wave of ransomware which is occurring right now, and that comes courtesy of BBC News. This time, an attack against a US firm. There is an unnamed US firm which was reportedly attacked by cybercriminals. And the attackers posted on a blog that they had compromised the computer of the firm's IT director. And they had found his secret porn stash. Now, I don't know if either of you have a secret porn stash. Normally a moustache is fairly obvious, but depends where you keep it, I suppose. You could grow anywhere.
CAROLE THERIAULT. So, basically you're saying the IT guy, the IT guy had his porn stash on his work computer.
GRAHAM CLULEY. Like you do.
THOM LANGFORD. He shouldn't have put it in a folder marked porn. He should have put it in a folder marked homework. That's, you know, standard OPSEC.
CAROLE THERIAULT. Wouldn't you say, "Obviously I have this. This is all the porn I've confiscated off my network from my employees, and I'm keeping tabs on them in case they pop up again." Quick thinking, Carole.
GRAHAM CLULEY. I guess you've been in this kind of scenario before.
THOM LANGFORD. Well, that's what you said to HR last time, Carole, and it seemed to work.
GRAHAM CLULEY. So the bad guys posted a screengrab of the folders, which all got sort of names of fruity porn stars and websites.
THOM LANGFORD. Fruity porn stars?
GRAHAM CLULEY. Well, you know, sort of peaches and things, I suppose.
CAROLE THERIAULT. Did he have a special penchant for—
GRAHAM CLULEY. I haven't examined it that closely, Carole. I'm not that familiar with the names and what their niche is. I wouldn't want to get into that particular niche, maybe. But anyway, but they also posted this message and they said, thanks God for beep, name of IT director. While he was wanking away, we downloaded several hundred gigabytes of private information about his company's customers. God bless his hairy palms, they said.
CAROLE THERIAULT. Oh my gosh. Can you imagine having to go report this to the upper management? You know, and the guy's like, "Send me the logs." And you're like, "I don't want to send you the logs." You're saying they posted something on a blog?
GRAHAM CLULEY. Can we see a printout of that? Legal need a copy of it. But it raised an interesting question, which was, why would anyone store porn on their computer anyway?
THOM LANGFORD. Well, where else are you going to put it?
GRAHAM CLULEY. Well, Thom, there's this thing called the internet, and basically porn So I'm led to believe.
CAROLE THERIAULT. Some people don't trust the cloud. Yes, but they don't trust the internet.
GRAHAM CLULEY. Porn on the internet is always available, isn't it, to stream? You don't need to download it.
CAROLE THERIAULT. But he maybe doesn't want to— he wants to keep that private on his work network, right? This way he's just opening up a folder called, um, you know, I don't know, IT something something boring boring boring.
GRAHAM CLULEY. Different kind of boring.
CAROLE THERIAULT. And then he goes and looks at boobies.
GRAHAM CLULEY. It seems a bit old school to me.
THOM LANGFORD. I love your view of what Paul means, Carole.
CAROLE THERIAULT. Hey, was he working it from home?
GRAHAM CLULEY. Well, quite, quite, quite likely.
CAROLE THERIAULT. Well, then that changes things slightly.
THOM LANGFORD. Define working it.
CAROLE THERIAULT. No, but come on, right? So during the pandemic, loads of people have got combined machines of both home and work going on in the same place.
GRAHAM CLULEY. We can't assume that You know, you don't need to put it on your hard drive, do you?
CAROLE THERIAULT. No, I agree. I mean, I haven't, so don't worry.
THOM LANGFORD. But here's what I think it comes down to for me and how I've had to explain it to—
GRAHAM CLULEY. As a single man, explain it to us, Thom.
THOM LANGFORD. Yes. Sort of thing. And that's someone in his position. He's an IT director. He's fairly well paid. He can afford another computer.
GRAHAM CLULEY. Yes. With a wipe-down keyboard.
THOM LANGFORD. So he can look at whatever he wants as long as it's not illegal. It's not up to us to decide whether it's immoral or unethical or anything like that. As long as it's not illegal, then he can look at whatever he wants. But why is he doing it on his company computer when there's always the risk of it being found? It just shows he's an idiot. He deserves everything he gets.
CAROLE THERIAULT. I don't know if I have a problem if he has porn on his work computer. If I were the boss, would I care?
THOM LANGFORD. Yes, because if you get hacked and the contents of your computers are sort of displayed to all and sundry, And then it's like, okay, so this high-profile company, oh, so all their employees are, you know, whapping off to porn.
CAROLE THERIAULT. Can we say no, just one?
THOM LANGFORD. Yeah, yeah. I know, I hear you. Reputationally, you know, it's problematic.
CAROLE THERIAULT. I mean, it's not illegal.
THOM LANGFORD. No, I'm saying that's precisely what I'm saying. Absolutely.
GRAHAM CLULEY. Yeah, it does suggest a certain level of IT incompetence, maybe some Encryption or something.
CAROLE THERIAULT. Or an addiction.
THOM LANGFORD. Yeah, or just—
GRAHAM CLULEY. You think it's Michael Douglas?
THOM LANGFORD. I don't care what he looks at. Just use his own computer. And hand sanitizer. God.
GRAHAM CLULEY. That's the kind of content you can get on Post Thunder. Thom, what have you got for us this week?
THOM LANGFORD. Not so long ago, we heard the story of a very large company who got hit with the Sunburst malware and they were dragged in front of Congress or some one of those big buildings in Washington. And when asked to explain themselves, said, it's the intern's fault. Yes. So that's obviously almost been turned into a meme now, but there's a new version of this now. So Indian fintech firm MobiKwik, and you know they're wrong 'uns when they spell MobiKwik With an I and a K, two Ks actually. Fintech firm Mobikwik expressly deny any kind of breaches occurred of their data despite millions of records showing up on the darkweb. Now, I first heard about this through marvelous friend of the show, Troy Hunt.
GRAHAM CLULEY. Oh, yes.
THOM LANGFORD. And he tweeted, if any friends in India have data from the @mobilequick, sorry, Mobikwik breach, DM me. From what I've seen so far, they're going all Iraqi information minister on this.
CAROLE THERIAULT. What does that mean?
GRAHAM CLULEY. So it's another meme, Crow.
CAROLE THERIAULT. I know, I just need to—
THOM LANGFORD. So during the Iraq War, there was— what was his name? Something Ali? I can't remember his name.
GRAHAM CLULEY. Oh yeah, yeah, yeah.
THOM LANGFORD. Literally, as American tanks were rolling into Baghdad, he was telling us about how his forces had beaten them back at the borders and stuff like that.
CAROLE THERIAULT. Yes, okay.
THOM LANGFORD. Yeah, yeah, yeah. I can't remember I remember his name and it was very funny.
GRAHAM CLULEY. Mohammed Saeed Al-Sahaf, I believe.
THOM LANGFORD. There you go.
GRAHAM CLULEY. Baghdad Bob, also known as Comical Ali.
THOM LANGFORD. Comical Ali, there we go.
CAROLE THERIAULT. Yes, yes, yes.
THOM LANGFORD. Okay, good.
CAROLE THERIAULT. Okay, thank you. So what happened with this company?
THOM LANGFORD. A security researcher called Rajshikhar Rajarya, in early March, he highlighted that there were data leaks from MobiKwik on the darkweb and that they contained huge number of records, anywhere from 3.5 million to 110 million, depending upon who you talk to and how they define what a record is. He pointed it out to them and they allegedly did a quick bit of analysis with a third party.
GRAHAM CLULEY. Yeah.
THOM LANGFORD. And said, no, not us. We did not lose this data. And they released a quote that said, and I quote, some media crazed so-called security researchers have repeatedly attempted to present concocted phishing files, wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure.
CAROLE THERIAULT. And are they saying this while their data is actually out on the darkweb, like, available?
THOM LANGFORD. Yes.
CAROLE THERIAULT. So there's that immediate kind of clear, like, well, how did it get there?
GRAHAM CLULEY. And it's a way to rile people up, isn't it? To look for more of their data on the web.
THOM LANGFORD. It's almost like this thing called the Streisand effect, which, you know, so they then also released another statement, say, as part of the statement saying it is entirely possible that any user could have uploaded her or his information on multiple platforms. Hence, it is incorrect to suggest that the data available on the darkweb has been accessed from MobiQuick or any identified source. So in other words, Every single user of MobiQuick have decided on their own to upload your data into a tabulated and formatted format that includes password hashes and salts.
GRAHAM CLULEY. Oh yeah, because you would upload one of those.
THOM LANGFORD. Yeah.
GRAHAM CLULEY. How many records are we talking about here? How big is the scale of this?
THOM LANGFORD. I've read a few articles here. One suggested it was 11 crore records.
CAROLE THERIAULT. What?
THOM LANGFORD. Now, a crore in India is 10 million.
CAROLE THERIAULT. Oh, so 110 million.
THOM LANGFORD. Yeah. Another allegedly said 3.5 million user records, but you don't know if they mean a record as in a single line of a user or every single item.
CAROLE THERIAULT. So let's, let's call it 1 million.
THOM LANGFORD. Let's call it millions of records. But it does total over 8 terabytes of data.
GRAHAM CLULEY. Wow.
THOM LANGFORD. Including customer names, hashed passwords, email addresses, residential addresses, GPS locations, list of installed apps, partially masked credit card numbers, thank goodness, connected bank accounts and associated account numbers, and know your customer documents. Ah, here we go. Know your customer documents of 3.5 million users.
GRAHAM CLULEY. Ouch.
CAROLE THERIAULT. But hey, it's not their fault. It's not their fault.
THOM LANGFORD. But here's the kicker. Here's the kicker. So according to some sources, MobiQuick, which sounds like a, you know, a cut-price you know, DJ who used to do, you know, songs in the '90s.
CAROLE THERIAULT. Don't be mean, Mist.
THOM LANGFORD. But anyway, it is alleged that MobiQuik is in their pre-IPO stage. And so they are scrabbling to cover their asses because, of course, if this gets found out—
CAROLE THERIAULT. well, it is found out.
THOM LANGFORD. Well, well, yeah.
CAROLE THERIAULT. I mean, I don't— yeah, I think that— I think that ship has sailed.
THOM LANGFORD. Yeah, absolutely, said Sean Connery there. But Mish Money Penny. But yeah, I think, you know, someone somewhere made a terrible decision and said, if we deny this and blame everybody else, it'll go away. It'll go away and we'll be able to maintain interest in our company and the value will not go down. Yeah, this could actually scupper any chances of an IPO purely because they decided to allegedly lie through their teeth.
GRAHAM CLULEY. So you're saying this is the Streisand effect at work again? You're saying Barbra Streisand hacked into Moby Quick?
THOM LANGFORD. She's got a lot to answer for, I tell you. Not only that, she's also got my porn stash.
GRAHAM CLULEY. Carole, take us somewhere sane, please.
CAROLE THERIAULT. Oh, we're gonna have some fun. We're gonna have some fun, boys. Now, we're all buddies, and maybe once this pandemic is over, I was thinking we should all move in together. Wouldn't that be fun?
GRAHAM CLULEY. Oh, hello.
CAROLE THERIAULT. Yeah.
THOM LANGFORD. All right. Like the Beatles.
CAROLE THERIAULT. Exactly. Now, I've been doing some house porn research, right? Find us a nice place to live.
GRAHAM CLULEY. Yeah.
CAROLE THERIAULT. And I found a place that if we pool our cash, we've got something pretty sweet. So let me just give you the link here.
THOM LANGFORD. Yeah.
GRAHAM CLULEY. Okay.
CAROLE THERIAULT. So let's first look at the floor plans just so you can kind of see the layout of the place. Maybe you can describe the place a little bit.
GRAHAM CLULEY. Okay. It looks like it's got a big garden, big white house and long green garden. Lovely. And what have we got here? How many bedrooms?
THOM LANGFORD. Only 3 bedrooms. That's like £250,000 a bedroom.
GRAHAM CLULEY. Let's be honest, that's 2 more than we need, right, Thom?
THOM LANGFORD. Well, this is true. This is true. I bagsy the dungeon.
CAROLE THERIAULT. Yeah, yeah, good, because I've obviously bagged the front, you know, the upstairs, because, you know, I'm going to have that, thanks very much. Okay. Okay, so I'm thinking we desperately want this house. We want to get this house, and we know there's a ton of interest because it's a total steal. So why don't we go on a virtual tour and take a look inside at the place?
GRAHAM CLULEY. Okay. What, what, what do we click on here?
CAROLE THERIAULT. So that video thing right near the—
GRAHAM CLULEY. Oh, okay.
THOM LANGFORD. Oh, right at the beginning. Yeah, yeah, yeah.
GRAHAM CLULEY. Oh, virtual tour. Yes, I'm clicking on that.
THOM LANGFORD. Oh, how cool is that?
CAROLE THERIAULT. So listeners, you click on the video and it opens up this like 3D model of the house that spins around and then it throws you into the living room. And in there you have these spot checks, a bit like Google Maps, where you can just move ahead or to the side, zoom in, and look around the house.
GRAHAM CLULEY. Yeah, it's, it's, this is like augmented reality, virtual reality, isn't it?
CAROLE THERIAULT. Exactly. Now I'm thinking we can look around their place, learn some stuff about the owners that we can then use when we chat to them to endear ourselves a bit to them, right? So you guys look around. We start off in the sitting room, don't we? Yeah. So we've got like a 3 of— we've got some very jolly cities here.
THOM LANGFORD. And by jolly, you mean absolutely vile.
CAROLE THERIAULT. And we've got— so let's look in the books.
GRAHAM CLULEY. Oh my goodness, I've got the bookcase in front. I can read what all their books are.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. A lot of political biographies.
CAROLE THERIAULT. Margaret Thatcher, I see that.
GRAHAM CLULEY. Boris Johnson, I see.
CAROLE THERIAULT. Yeah, Alan Clarke, a few of his.
GRAHAM CLULEY. Sharon. These are obviously well-read people, or people who want to appear well-read. I love looking at people's bookcases. Very—
CAROLE THERIAULT. It's like a puzzle.
GRAHAM CLULEY. Very stripy sofa there.
CAROLE THERIAULT. Yeah. Okay, we can move around. Let's move around. Let's see what else we got.
THOM LANGFORD. There's an elderly person here, because they've got one of those recliner chairs with a remote control.
CAROLE THERIAULT. Yes, I didn't spot that.
THOM LANGFORD. Yeah. Yeah. So, maybe mother-in-law lives there as well. Or maybe they're an old couple. Who knows?
CAROLE THERIAULT. Yeah.
THOM LANGFORD. Although, oh.
GRAHAM CLULEY. They've got a Helen Mirren DVD. Course, a good liar. They've got something called Manon, whatever that is.
CAROLE THERIAULT. Oh!
GRAHAM CLULEY. Another DVD. Is that a bit kinky?
CAROLE THERIAULT. No, I'd have no idea.
GRAHAM CLULEY. Krul, this is incredible. I can see the jigsaw on the tape. They haven't finished the jigsaw.
CAROLE THERIAULT. Look on the wall there. They've got plates. Let me do a reverse image search on one of these, 'cause I don't know a lot about plates. Let me just take a screenshot here.
GRAHAM CLULEY. They've got family photographs. Now, the family photographs I'm looking at, they've sort of fuzzed out the faces. They've been blurred out there.
CAROLE THERIAULT. Yeah, proof that they're taking security super seriously, right? So the plate, that's Portmeirion. So they like Portmeirion stuff.
GRAHAM CLULEY. Oh, okay. Yeah. In North Wales.
CAROLE THERIAULT. Good to know.
THOM LANGFORD. Country Life in the magazine rack. So, yeah, definitely. They've got money, these people.
GRAHAM CLULEY. I'm going into another room.
CAROLE THERIAULT. Yeah, let's go downstairs. Let's go downstairs.
GRAHAM CLULEY. Let's do that. This is great.
THOM LANGFORD. I know.
GRAHAM CLULEY. Okay. Nice big kitchen. Ooh, what's up here?
CAROLE THERIAULT. Oh, handbag. There's a handbag there in the kitchen.
GRAHAM CLULEY. This is actually all the fun of burglary.
THOM LANGFORD. Without any of the risk.
GRAHAM CLULEY. Without the risk. Yeah. Well, at least just—
CAROLE THERIAULT. Oh, look, there's her wallet. Her wallet's lying on the kitchen counter.
GRAHAM CLULEY. I found some toys on the bed.
THOM LANGFORD. I found a stash.
CAROLE THERIAULT. Now, did any of you guys at the bottom of the stairs, have you seen the art on the wall?
GRAHAM CLULEY. So, if you could run— I went straight to the bedroom. I'll come downstairs. Hang on.
THOM LANGFORD. Oh, there's another downstairs. I see.
GRAHAM CLULEY. Okay, so here we are.
CAROLE THERIAULT. There's a picture of 5 dogs that, Graham, I'm dying for you to see. Oh, oh, there we go! With their names. Look, their names of all the dogs are written there. So I think these are dogs that they've had through the years, a bit like, you know, the Queen's corgis.
GRAHAM CLULEY. Yeah, they're little Maltesers or something, aren't they?
CAROLE THERIAULT. Yeah, so that would be, uh, that's quite— oh, I'm really zoomed in here. I have all their names.
THOM LANGFORD. Yes.
GRAHAM CLULEY. Let me tell you what I find astonishing. I've gone to their hallway, and they have a little hall side table, and on there they have the details of another property they're obviously looking at. I can see the address of that other property.
CAROLE THERIAULT. It's a little bit more expensive than the one they're selling. It's double the price, that one.
GRAHAM CLULEY. Have you looked it up?
CAROLE THERIAULT. I noticed. Yeah, I looked it up.
THOM LANGFORD. I can also tell you that the person who took all the photos uses a Manfrotto tripod.
CAROLE THERIAULT. Yes, I saw that in the mirror as well. Yeah, there's a lot of information here, isn't there?
THOM LANGFORD. Yeah.
CAROLE THERIAULT. And I'm thinking, God, if a fisher decided to do this research on you, because then of course they can call the estate agent if they're interested in you, get your actual address, can't they, saying you're interested in a viewing?
THOM LANGFORD. Yeah. Uh, I reckon these guys are pro fox hunting as well.
CAROLE THERIAULT. You reckon?
THOM LANGFORD. Yeah. There is. I know the reason I say that. In that hallway, on the floor where there's a dog bowl of water, next to it is a brass fox's head with something next to it.
CAROLE THERIAULT. It's not stuffed though.
THOM LANGFORD. No, no, no.
GRAHAM CLULEY. Maybe it's been dipped in brass.
THOM LANGFORD. Game of Thrones style. But no, it's that sort of paraphernalia.
GRAHAM CLULEY. Oh my goodness. Guys, I'm in their study.
THOM LANGFORD. Oh, where's that?
GRAHAM CLULEY. And their little bureau, their bureau is open. Uh-huh. And there are insurance policy documents left open there. I can read their address. There's a postcard. There really is. There's also some sort of, it's not a credit card. What is this? There's some kind of credit card size thing where I—
THOM LANGFORD. Where's the study?
GRAHAM CLULEY. Okay.
CAROLE THERIAULT. Where?
GRAHAM CLULEY. It's go past the dogs. There's a little funny little bit behind. It's off a little bedroom.
CAROLE THERIAULT. This is our podcast room, guys. This is where we're going to do our podcasts. Yeah, yeah, it's a little annex at the very end.
THOM LANGFORD. Ah, yeah, yeah, yeah.
GRAHAM CLULEY. And they've got all these documents lying around.
CAROLE THERIAULT. Yep, insurance documents.
GRAHAM CLULEY. What the hell is going on?
CAROLE THERIAULT. Um, so the reason I'm talking about this is because from a security point of view, this is outrageous. And what I imagine happens is you want to put your house in the market, estate agent says, great, come over with a funny little camera and take pictures. And they— and you go, oh, but I don't know about my privacy. And they go, don't worry, dear, we're gonna blur out any pictures with faces on it, so everything is safe. And then this is slapped up online for people like you and me just to look around, which is why I haven't detailed— given details to the house, because there's actually huge security risks here.
GRAHAM CLULEY. They ordered a Stannah stairlift. I can see the letter.
THOM LANGFORD. I told you there was an old person. I told you.
GRAHAM CLULEY. I've seen the letter. They have made an order for a Stannah stairlift. And I can also see a dividend cheque lying around here as well. This is— the amount you can zoom in is bonkers.
CAROLE THERIAULT. Yep. Are you shocked?
GRAHAM CLULEY. I want to do this. This is fun. Just poking around people's houses. Even if I wasn't a criminal, just being nosy.
CAROLE THERIAULT. Well, yeah, great.
THOM LANGFORD. I'm not actually— business cards on the wall.
CAROLE THERIAULT. Anyway, so all this to say, people, if you're going to put your house on the market, okay, in this new technofangled world, make sure you don't leave anything private lying around for Carole to find. Yes, because Graham has now decided this is his new fun-time hobby. He's going to be doing this every time I call him from now on. He'll be like, like, oh my God, look at this one!
THOM LANGFORD. You can delete that stash at last, Graham.
GRAHAM CLULEY. Serious.
THOM LANGFORD. You got a new hobby.
GRAHAM CLULEY. I can see a share certificate. I've got her name. I've got her address.
CAROLE THERIAULT. Yep.
GRAHAM CLULEY. I could ring her up claiming to be the stairlift company.
CAROLE THERIAULT. Yes, you could call up and say, I'm Country Life and I want to give you a lifetime subscription.
GRAHAM CLULEY. My goodness.
THOM LANGFORD. This person has asthma because they have an inhaler next to their bed.
CAROLE THERIAULT. Hi, this is the NHS hospital. Yeah.
THOM LANGFORD. Exactly. Yeah.
GRAHAM CLULEY. Invite her on a fox hunt. Well, this is—
CAROLE THERIAULT. I have all their keys and the names on the keys in the front hall with all the— what they open.
THOM LANGFORD. That is scary.
CAROLE THERIAULT. Isn't it scary? We even have her mask, so we know what mask she wears outside.
GRAHAM CLULEY. They've probably paid extra for this service, haven't they?
THOM LANGFORD. Yep. And they will be paying for it.
CAROLE THERIAULT. Yeah.
THOM LANGFORD. Maybe we should tell them.
CAROLE THERIAULT. Yeah.
THOM LANGFORD. I feel like we should tell them, you know? Yeah.
GRAHAM CLULEY. Yeah, we got their details. We've got their details. They won't understand.
THOM LANGFORD. No.
GRAHAM CLULEY. Wow.
CAROLE THERIAULT. So this is a tough one. So be really careful, people, because it is unbelievable.
GRAHAM CLULEY. This isn't on an obscure website.
CAROLE THERIAULT. This is doing a house search in England looking for a house.
GRAHAM CLULEY. So we're seeing this on the website, and now the estate agents are someone else, right?
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. Yes, we can see their details as well, obviously.
CAROLE THERIAULT. But we should shut this down, right, from a GDPR point of view as well. Yeah, yeah, like, this is a huge infringement.
GRAHAM CLULEY. Yeah, but it's fun poking around, isn't it, Carole?
THOM LANGFORD. And we know where they live. This is brilliant.
CAROLE THERIAULT. I have to say, I did— I landed on this just by accident, this house, just doing house porn fun. But most houses seem to have it all tidy, tidy, right? Because you obviously want to try and get a few extra grand if your house is vacuumed, I suppose.
THOM LANGFORD. I don't know.
CAROLE THERIAULT. Most people seem to hide things away. But if I were a fisher, this is exactly the kind of market that I might want to go after. I don't want to go after the people that are buying in the lower income bracket. This is perfect. They're old, they're vulnerable, and they have a lot of money.
THOM LANGFORD. And the thing is, they did tidy up. They just didn't hide the stuff they needed to hide.
GRAHAM CLULEY. Links in the show notes, everybody. Links in the show notes.
CAROLE THERIAULT. Certainly not. I was thinking, as a fit, you could call and pretend you're from the Dog Trust Society. And would you like to make a donation in the name of one of your beloved pets?
GRAHAM CLULEY. Seriously though, you could completely freak out somebody.
CAROLE THERIAULT. Yep.
GRAHAM CLULEY. Couldn't you? Because of how much you know.
CAROLE THERIAULT. And rob them.
THOM LANGFORD. Yeah.
CAROLE THERIAULT. You could blackmail them.
GRAHAM CLULEY. And they're not going to be that much trouble, because they've got to stand a stairlift. So they're not going to be that— give you that much trouble, are they?
THOM LANGFORD. They're not exactly going to chase you down the street. No.
CAROLE THERIAULT. Anyway, there you go. Be careful when you put your houses for sale. And shame on you estate agents for letting this happen. Like, someone must have vetted this and gone, oh, that's an insurance number, I better not put that online.
THOM LANGFORD. You're presuming they looked at it that closely.
GRAHAM CLULEY. Yeah.
CAROLE THERIAULT. Yes, that's the problem. They've automated it and they're not being caught.
GRAHAM CLULEY. Well done, Carole. Amazing find.
CAROLE THERIAULT. Thank you very much.
GRAHAM CLULEY. Kind of content you don't find on other security podcasts.
THOM LANGFORD. Yeah, yeah. Until this Friday anyway.
CAROLE THERIAULT. Okay, pop quiz: how do you get the highest level of privacy without sacrificing convenience? Choosing 1Password for your business, that's how. It offers end-to-end encryption you can count on. You get auto-lock and manual lock for the 1Password app, multi-factor authentication, safe autofill on secure websites, privacy cards, and loads more. Plus, if you switch to 1Password, you can receive its switching bundle. It includes a subscription credit towards your current password manager, hands-on migration support, and free family accounts for every single member of your team. Go to smashingsecurity.com/1Password, and thanks to 1Password for sponsoring the show.
GRAHAM CLULEY. And welcome back. Can you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
CAROLE THERIAULT. Pick of the Week.
THOM LANGFORD. Pick of the Week.
GRAHAM CLULEY. Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security-related necessarily.
CAROLE THERIAULT. Better not be.
GRAHAM CLULEY. Well, my Pick of the Week this week is not security-related. It is instead music-related. There is a chat on YouTube. He's quite popular. He's got like a couple of million subscribers because his content is terrific. His name is Rik Beato, and Rik Beato is a bit of a musician himself. And one of the series of videos—
CAROLE THERIAULT. Why are you talking so weird?
GRAHAM CLULEY. What do you mean, why am I talking so weird?
CAROLE THERIAULT. Rik Beato.
GRAHAM CLULEY. I'm just trying to be—
THOM LANGFORD. That's how he's pronounced. Rik Beato.
GRAHAM CLULEY. Yeah, that's how he's pronounced. Beato. Beato. Hey, it's a me, Eric Capriati. One of the things that Rik does in his videos is he does a segment called What Makes This Song Great? And he's analysed plenty of songs. Now, I do not understand the science of music. I am not a trained musician. Surprise, surprise. But I still find it fascinating to hear how songs are constructed and to revel in that. And you, of course, Carole, are something of a guitarist.
CAROLE THERIAULT. Oh, failed, failed. I learned a lot of music theory, though.
THOM LANGFORD. Yeah, I mean, I did learn a ton, but you might find these terrific.
GRAHAM CLULEY. I will put in the show notes a link to Rik Beato's YouTube channel, and I will direct you to his analysis of a song we all know. He's looked at loads and loads of songs, but this one really touched me. Do you remember If You Could Read My Mind by Gordon Lightfoot?
CAROLE THERIAULT. Sing a bit of it.
GRAHAM CLULEY. If you could read my mind, love, what a tear a tune would do. You know, you know the song.
CAROLE THERIAULT. You don't know the words?
THOM LANGFORD. No. Gordon's in the room.
GRAHAM CLULEY. Yeah. It's a beautiful song.
CAROLE THERIAULT. It's a bit like Shooting Stars. Remember Vic Reeves with Shooting Stars?
THOM LANGFORD. You could read my mind.
GRAHAM CLULEY. What you find out is here's a song which I would imagine most people know. Most people of a certain age will know this song. I think that's a terrific classic song, but you don't know everything that happens in that song. It's only careful listening to it and someone like Rik pointing out what just happened, which makes you think, my goodness, that's clever what they've just done there. So that is my pick of the week.
CAROLE THERIAULT. Down there.
THOM LANGFORD. That actually reminds me, if I may, of a chap called Adriano Celentano, who— and this has been around on Reddit a little bit recently, so forgive me if you've heard it before— but he did a song in the late '60s And it was like a protest song, effectively, because the Italian public loved English songs, right? And he felt that, you know, we're Italians, we should be singing in Italian. So he actually recorded a song called— and bear with me here— Prisencolinensinine Suasol. Oh, and it's basically— it's a made-up language that sounds like he's speaking English until you try to listen to the words. And it is a fabulous song. I played it to my kids the other day and they loved it. It's like literally in their heads as a— as a real— wow. And they loved it. Oh, absolutely. The video is fantastic, beautifully shot, black and white, brilliant song. And it was literally because he was pissed off that Italians wouldn't listen to Italian songs.
GRAHAM CLULEY. Well, give us the— give us the link.
CAROLE THERIAULT. Yeah, I think he overshot. I think his pick of the week might be better than your pick of the week, Graham.
GRAHAM CLULEY. Well, I'm going to up that because, of course, I'm sure many of us remember in the 1980s, Joe Dolce doing Shut Up in Your Face.
THOM LANGFORD. Shut up in your face.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. And in fact, he was Australian.
CAROLE THERIAULT. I'd like you to shut up in your face now because we're going to go to Thom's pick of the week.
THOM LANGFORD. Thank you. My pick of the week is based on a phrase I would I never have imagined I would have heard until just a few weeks ago, which was— or read, I should say, in this case. I completed something on my iPhone and the message came up, "The firmware on your mug is now up to date." What?
CAROLE THERIAULT. You've got like a smart mug?
THOM LANGFORD. Not a smart mug.
GRAHAM CLULEY. I've seen Thom. His mug is not smart.
THOM LANGFORD. Not smart, no. No, I have shaved since then. But it's by a company called Ember, ember.com. Go there. There's two sizes, a regular mug and a large mug. And then you've also got like a travel mug, you know, with a lid on it.
CAROLE THERIAULT. Okay. What makes it smart?
THOM LANGFORD. They have a battery in the bottom and you connect to your mug by your phone and you can control the temperature of the liquid inside your mug. So if you like, you know, I like my coffee at 57 degrees centigrade. And so when I put my coffee in it, up on my watch pops, what have you put in here? You know, what profile would you like to set? I'll set Thom's coffee, 57 degrees. And as it cools down, as soon as it hits 57 degrees, the heater kicks in and maintains it at 57 degrees on battery for up to an hour and a half. Now it also comes with a saucer which you charge the battery on, but If you have this saucer on your desk and you put the mug, and I'm acting this out, you can't see this obviously, but I'm acting this out with the mug as I speak. You put the mug on the saucer, the battery gets disconnected and it just powers off the mains effectively. So you're saving your battery power. So I finished a cup of coffee at half past 10 that I made at half past 6 because I forgot about it. And that's why I got this mug was because sat behind a desk all the time, you know, I forget to drink my coffee and then I, you know, go to go and I'm throwing coffee away.
CAROLE THERIAULT. Can I ask you a question? Can I ask you a question?
THOM LANGFORD. Yeah, yeah.
CAROLE THERIAULT. Okay, so, uh, what temperature can you go up to in terms of, uh, like, can you go to like—
THOM LANGFORD. you can warm up, you can definitely warm up, and so you can brew.
GRAHAM CLULEY. Oh, I've got it here, Carole. It goes up to 62.5 degrees centigrade.
CAROLE THERIAULT. 62.5? Okay, perfect. Okay, so what you're gonna do for me is you're gonna sous vide cook an egg in a cup on top of your firmware. I'm gonna send you the recipe, but basically you cook it for about 10 hours, the egg at that temperature, and then you've got this perfect soft-boiled egg.
THOM LANGFORD. All right, I'm gonna give that a go. Yeah?
CAROLE THERIAULT. It's like for poached and soft-boiled eggs. So, I don't know, I'll send you the recipe. All right, you're gonna report online.
GRAHAM CLULEY. I know you're a bit of a fan of gadgets and things.
THOM LANGFORD. I don't know, whatever gave you that idea, Graham.
GRAHAM CLULEY. The question I have is, how much does one of these mugs cost?
THOM LANGFORD. £100.
GRAHAM CLULEY. Bargain.
CAROLE THERIAULT. Who's the mug now?
THOM LANGFORD. But the price is just— It's just a figure.
CAROLE THERIAULT. Say no more, Thom.
THOM LANGFORD. Just a figure is all I can say, is it's just a figure. And I've got a second saucer as well. Because I got one in my kit, in my, on my breakfast table.
GRAHAM CLULEY. Which cost you even more. What happens if hackers hack into your phone and make your drink scalding hot and so your beautiful little lips?
THOM LANGFORD. Well, then I'll come on here and tell you all about it from my hospital bed. We won't.
CAROLE THERIAULT. His lips will be all burnt.
THOM LANGFORD. I absolutely love it. So I've got one in white. You can get them in different colours. And the mug, the travel mug, little digital display on the side, and you can push the temperature up and down with your finger on the side of it. It's brilliant.
GRAHAM CLULEY. Oh yeah, I'm looking at it now. It looks a bit like a flashlight or something like that. Well, you know what I mean.
THOM LANGFORD. I saw one the other day called a Materbator.
CAROLE THERIAULT. Can we get to me please?
GRAHAM CLULEY. Yes, quickly. What's your pick of the week?
THOM LANGFORD. Moving on.
CAROLE THERIAULT. Okay, I'm upping the tone. Okay.
THOM LANGFORD. This is—
CAROLE THERIAULT. Yes. Yeah. So this is basically a celebration of all good teachers out there. So as many of you know, I've been spending much of the pandemic arting it up, right? Painting, inking, drawing, all that stuff. But it's hard sometimes to get information that's, I don't know, interesting and informative and a good introductory level. Because if you don't know a lot, you can be left out because of all the terminology that's within that industry or whatever. Anyway, I have found a YouTube channel with over 50 hours of content on art history. And like everything is there. And there's no ads yet. And they only have— the guy only has like 3,000 watchers at the moment. And it's just like an astounding found, like a treasure trove. Because he's really interesting. He's got lots of good art. He's got lots of info. You go by playlists, he playlists them up so you can get about 2 hours of, say, Renaissance art, or Egyptian art, or African art, or art of this particular period. So there's loads of different play channels or playlists you can choose from. It's incredible.
GRAHAM CLULEY. And these are videos he's made himself. He's not just ripped them off.
CAROLE THERIAULT. I think he's a teacher, and I think he's doing this for his class. So I think this is a teacher that decided, if I'm going to be stuck at home doing Zoom classes, may as well record my lectures and then just throw them up online and let people, other people enjoy them. It's really, really good. And if you are thinking, I just, you know, if you want to go to museums or, you know, it's just much more fun if you know something about what you're looking at, right? It's just more fun to you can just enjoy it more rather than just being, oh, a pretty picture or disturbing picture or whatever. So if you're into art history, check this out. It's very difficult to find because YouTube obviously aren't making cash out of it yet. It's called Art History 101. Okay. There'll be a link in the show notes and I'll slap up his Twitter as well. But what a great find. And thank you so much for posting all that stuff up.
GRAHAM CLULEY. Very, very cool indeed.
THOM LANGFORD. I'm always amazed by how much time people have to do this sort of thing. You know, and this, and this is a good thing. You know, many times you see something on the internet and you think that person has far too much free time, or why are they doing this? But, but stuff like this, they've got all this free time and they're doing this for free for everybody to just imagine what you could have done rather than researching your mug, for example. Yeah, I know, I know, I could, I, I could have, um, just remembered to drink my coffee.
GRAHAM CLULEY. Well, on that marvelous uplifting note, we've just about wrapped up the show this week. Thom, I'm sure lots of our listeners would love to follow you online and find out what you're up to. What's the best way for folks to do that?
THOM LANGFORD. Oh, let's do Twitter @ThomLangford, one word, T-H-O-M-L-A-N-G-F-O-R-D.
GRAHAM CLULEY. Do you have a podcast which you appear on, which you wish to promote?
THOM LANGFORD. Funny you should mention that. We do. We do. We have the other best information security security podcast, Host Unknown. And if you go to podcast.hostunknown.tv, you will find us there.
GRAHAM CLULEY. Marvelous. Well, you can follow us on Twitter @SmashingSecurity, no G, Twitter doesn't allow us to have a G. And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Google Podcasts.
CAROLE THERIAULT. And big fat thank you to this week's episode sponsor, 1Password. And to our amazing Patreon community. It's thanks to them that this show is free for all. For episode show notes, sponsorship information, guest list, and the entire back catalog of more than 220 episodes, check out smashingsecurity.com.
GRAHAM CLULEY. Until next time, cheerio, bye-bye.
THOM LANGFORD. Bye-bye. Goodbye.
CAROLE THERIAULT. Farewell.
GRAHAM CLULEY. Auf Wiedersehen.
THOM LANGFORD. Goodbye.
GRAHAM CLULEY. Okay. Marvelous. Well, some very interesting stuff this week, I think.
THOM LANGFORD. Did you think?
GRAHAM CLULEY. Yes.
THOM LANGFORD. I really liked the house one.
GRAHAM CLULEY. The house thing, Crowley's very interesting.
CAROLE THERIAULT. Yeah. It's incredible.
GRAHAM CLULEY. Find. Yeah, pretty juicy stuff.
CAROLE THERIAULT. And, uh, TM Carole Theriault. So if you write about it, anyone
-- TRANSCRIPT ENDS --