Members of The Bored Ape Yacht Club get that sinking feeling, a face unwittingly launches hundreds of romance scams, and is an as-yet unseen Kim Kardashian sex tape a load of old Roblox?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the BBC's cyber correspondent Joe Tidy.
Visit https://www.smashingsecurity.com/272 to check out this episode’s show notes and episode links.
Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Special Guest: Joe Tidy.
Sponsored By:
- Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
- Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
- Try Kolide Free for 14 Days; no credit card required.
- NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.
- Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.
- No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.
- Learn more and try it for yourself at netfoundry.io/smashingsecurity/
Links:
- Jimmy Fallon and Paris Hilton show off their Bored Ape Yacht Club NFTs. — Twitter.
- NFTs Stolen After Bored Ape Yacht Club Instagram, Discord Hacked — CoinDesk.
- Image of scam posted on Bored Ape Yacht Club's Instagram account — Twitter.
- Bored Ape Yacht Club confirms it had two-factor authentication enabled — Twitter.
- Kardashians deny faking Roblox sex tape scene — BBC News.
- How an Army colonel became the face of romance scams around the world — Task and Purpose.
- Army Col. Daniel Blackmon: The accidental face of military romance scams — Task and Purpose.
- Daily Dorries — Twitter (parental discretion advised)
- Hacking the House: do MPs care about cyber-security? — BBC News.
- Rob Brydon's Directors Commentary — YouTube.
- "This Is How Michael Caine Speaks" from The Trip — YouTube.
- American Vigilante — Crowd Network.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript +
This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.
JOE TIDY. But there's also an advert for an as-yet unseen sex tape of Kim Kardashian.
GRAHAM CLULEY. It is a bit surprising that there is an as-yet unseen sex tape of Kim Kardashian, isn't it? Uh, it's—
JOE TIDY. no comment.
CAROLE THERIAULT. How long have sex tapes been like a big driver for celebs that need to have a little boost?
JOE TIDY. Mine hasn't taken off.
UNKNOWN. Smashing Security, episode 2. Episode 272: Going Ape Over the Kardashians and the Face of Romance Scams with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security Episode 272. My name's Graham Cluley.
CAROLE THERIAULT. And I'm Carole Theriault.
GRAHAM CLULEY. And Carole, we are joined this week by someone who's returning to the show. It is the BBC's cyber correspondent, Joe Tidy. Hello, Joe.
JOE TIDY. Hello.
CAROLE THERIAULT. Welcome back, Joe.
JOE TIDY. It's good to be back. I'll try not to spill my tea this time. Do you remember that? I sent my tea, launched it through the air, and it landed all over me and my wife's knicker drawer.
CAROLE THERIAULT. So you've been busy.
JOE TIDY. Yes, it's been quite busy. I've been doing some strange stories lately. But yeah, it's a very busy time.
GRAHAM CLULEY. And you're off to El Salvador, is that right?
JOE TIDY. Yeah, yeah. So I'm flying out in a few days' time. We've been trying to get out there for a while actually, but we're going out there to do a documentary for the BBC about cryptocurrency because El Salvador is the first country in the world to make bitcoin legal tender. And it's been a sort of semi-success slash we don't really know, we're going to go and find out.
GRAHAM CLULEY. Ooh, you go digging around and see what's really going on out there.
JOE TIDY. Exactly, and see actually whether or not people are using it. Because the president, Bukele, he loves it. He's a proper crypto bro. And he's trying to get the whole world using it. But actually, I think the truth on the ground is different.
CAROLE THERIAULT. Crypto bro. I love it. I can't wait to watch it. Now, how about we thank this week's sponsors, Kolide and NetFoundry? Their support helps us give you this show for free. Now, coming up on today's show, Graham, what do you got?
GRAHAM CLULEY. Oh, I'm going to be going ape over the latest theft of NFTs.
CAROLE THERIAULT. You're NFT mad these days. Joe, what about you?
JOE TIDY. Well, I told you I've been doing some weird stories lately. I'm going to tell you about the mysterious case of the Roblox sex room that Kim Kardashian's son apparently found.
CAROLE THERIAULT. Oh well, I think we should stop there. I don't need to have a story at all. No, and I'm going to talk about the face behind thousands of romance scams. All this and much more coming up on this episode of Smashing Security.
GRAHAM CLULEY. Now, chums, chums, um, are you property magnets? Have you ever been interested in investing in property? You know, becoming a landowner? That's where all the money is, isn't it?
CAROLE THERIAULT. Yes, I would love to do that. It just needs a lot of wonka, doesn't it?
JOE TIDY. Yeah, same.
GRAHAM CLULEY. Well, I think a lot of us, we look back jealously at ages gone by and people who invested in property long ago or land and now continue to live off the riches and think, well, how can we jump in? Well, the answer might be, of course, with virtual property and virtual land. If we aren't successful at actually buying real land here on planet Earth, Maybe we can buy it in the metaverse instead.
CAROLE THERIAULT. What? You could actually just kill me and put me in a coffin and I could just live in Metaville of my—
JOE TIDY. Metaville.
GRAHAM CLULEY. I think you're thinking of Farmville. I think you're a little bit 2005 there, actually, Carole. But anyway, let me get to that in a moment because there is more bad news from the world of cryptocurrency and NFTs. You'll remember last week I told you about a man who had his cryptocurrency wallet emptied after hackers craftily gained access to his Apple iCloud account. Because it turns out Apple on your iPhone are backing up all kinds of data from your apps unless you specifically tell it not to. And the data it backed up included his MetaMask crypto wallet seed phrase.
JOE TIDY. Oh dear.
GRAHAM CLULEY. And so when the hackers gained access to his iCloud, they were able to empty out his wallet. Oh dear. Oh dear. Oh dear indeed. Now, this week, word reaches us of another attack, this time not involving a phone call coming out of the blue, but instead a message which was posted on the official Instagram account of the Bored Ape Yacht Club. Now, these chaps, these bros, these simians, we've talked about them before. The Bored Ape Club, for anyone who hasn't heard us talking about these before or somehow missed this phenomenon, and I can understand why you might want to choose to ignore it, The Bored Ape Yacht Club is the cool place to be if you're into NFTs, non-fungible tokens. What they are selling are NFTs, which are algorithmically generated cartoon apes, each one unique.
JOE TIDY. Yeah.
CAROLE THERIAULT. Anyone who's listened to the show will have heard this dozens of times.
GRAHAM CLULEY. You'll have heard this already. Exactly. And there are all kinds of perks which you get.
JOE TIDY. And anyone who watches Jimmy Kimmel or follows any rappers, I mean— Yeah, that's right. These NFTs are the NFTs, aren't they? They're the big ones.
GRAHAM CLULEY. Snoop Dogg, Justin Bieber. Madonna.
JOE TIDY. Eminem.
GRAHAM CLULEY. Yeah, Eminem. Paris Hilton went on the Jimmy Fallon Show. They compared apes with each other. Really weird stuff. Now, another way in which the hype continues, apart from the celebrity endorsement, is that Yuga Labs, the parent company of the Bored Ape Yacht Club, announced airdrops. And an airdrop, it's sort of asking you, well, you know, if you could own something in the cryptoverse, why does it have to be a picture of a cartoon ape? Why couldn't you also own virtual land. So what Yuga Labs is saying and what they're about to launch is something where they'll have this Otherside metaverse. They're calling it the Otherside, which is where there'll be virtual land and you can buy plots and maybe you can sell the plots to other people, all in the form of NFTs. And obviously, 'cause it's virtual land, they have an unlimited amount of this and they can choose when to release new stuff. But what you do with an airdrop is you can say to people who've already bought some of your NFTs, we're gonna give away some of our virtual land space to you for free.
CAROLE THERIAULT. Can I ask a question?
GRAHAM CLULEY. Yes.
CAROLE THERIAULT. I just wanna know, is this virtual land space limited in size or is it infinitely sized?
GRAHAM CLULEY. Well, I imagine it's going to be limited, isn't it? 'Cause it's, they obviously want to bump up the price. People who buy it want to feel like there's a limited number, just like there's gonna be a limited number of apes.
CAROLE THERIAULT. Right.
GRAHAM CLULEY. But there's always the potential for YugaLabs to roll out more if they want to in the future.
CAROLE THERIAULT. We've just extended it by 8 bazillion fake miles.
JOE TIDY. So the one you bought last week is worth half.
CAROLE THERIAULT. Exactly.
GRAHAM CLULEY. But it might be a particularly attractive place, or you might be located next door to Kim Kardashian or whoever it is. You know, there's all kinds of ways in which they could make these locations, you know, just like you would choose between the old Kent Road and Mayfair, and one of them is going to be more attractive than the other and worth a different value. So, The value of these land could be at different prices as well. So, the idea is that if you've already got a Bored Ape NFT, if you get airdropped, you'll be given some land for free. And so people think, whoa, blimey, that's fantastic.
CAROLE THERIAULT. This is so generous. I can't believe it.
GRAHAM CLULEY. That's a reason why I want a Bored Ape NFT. And so at the start of this week, the official Instagram account for the Bored Ape Yacht Club posted an image saying that an airdrop was happening right now and that fans should claim their virtual land. All they had to do was click on the link in the Instagram's account profile and connect their wallet and bingo.
CAROLE THERIAULT. Are you kidding me? Okay.
GRAHAM CLULEY. I think you're ahead of me, Carole. What could possibly go wrong?
CAROLE THERIAULT. Mm-hmm.
GRAHAM CLULEY. Well, of course, what went wrong was although that message was posted in the official Bored Ape Yacht Club Instagram account, wasn't posted by the Bored Ape Yacht Club. Someone had hacked that account and posted the message, and they'd linked to a lookalike page in order to trick people to do this with their wallets. And their wallets were instantly emptied by the hackers of their NFTs. Millions of dollars worth of Bored Apes and Mutant Apes and all the other NFTs were transferred out of those wallets and instantly sold to the highest bidder on NFT auction sites.
CAROLE THERIAULT. If this is not a reason to discredit these stupid algorithmic ape designs and say, actually, they're worthless, because then they will have gotten away with nothing as opposed to something. But that's too much to ask.
GRAHAM CLULEY. Well, they are of questionable value. What's your opinion on NFTs, Joe?
JOE TIDY. Well, I love this story. And you hear these stories all the time. There's something about NFTs and cryptocurrencies that make them extremely hackable. Of course, this was actually a really simple, fiendish hack because of course they didn't hack the NFTs or anything like that. Yeah, just took over the Instagram account. And of course these guys are the pioneers of the, the NFT world, the metaverse, the future Web3 that we're all kind of hurtling towards, whether we like it or not. But at the same time, they all have— probably they all share the same Instagram. There's probably an admin password. It was probably admin123. And someone thought, you know what, instead of going after the actual NFTs, why don't we just take over their Instagram and get people to send the NFTs to us willingly. It's really clever.
GRAHAM CLULEY. Yeah. What is interesting is that the Bored Ape Yacht Club say that they had all the security measures in place on their Instagram account. They say they had two-factor authentication enabled, and one assumes it wasn't via SMS, you know, which is obviously a much weaker form of two-factor authentication. You think they're probably too smart to use that, which makes me think, well, How did that account get hacked?
JOE TIDY. It's a good point. Yeah, I mean, I assumed— I didn't read that about the two-factor, but yeah, I mean, that does add a whole other layer of complexity, doesn't it? Because obviously the SIM swapping side of things, that's kind of been solved by the hackers. So doing two-factor over your text or whatever isn't that secure, because if someone knows your number, then they can spoof that number and get the code they need. But I mean, yeah, now you see, Graham, you've just got me very interested in this story. I wasn't going to cover it on the BBC, but now—
CAROLE THERIAULT. well, yeah, well, just cut and paste, cut and paste.
GRAHAM CLULEY. Well, I think there's three possibilities. I think one possibility is that the hackers— and you can do this with two-factor authentication. Two-factor authentication is not 100% security. There are ways of getting around it, although it's much more complex. One way would be that at some point someone at the board Ape Yacht Club had their two-factor authentication code stolen. So maybe they were phished. They were sent to a page where they were asked for their two-factor authentication code. It wasn't the real Instagram login page, it was somewhere else. And at that instant, in real time, the hackers used the two-factor authentication code which was entered to gain access to the Instagram account themselves. So you can do this using a sort of proxy phishing attack.
CAROLE THERIAULT. And the person didn't notice and didn't do anything about it. And they worked so quickly.
GRAHAM CLULEY. Well, there's—
JOE TIDY. Item 1.
GRAHAM CLULEY. Item 1. Okay.
CAROLE THERIAULT. 2.
GRAHAM CLULEY. That's one method. The second method would be if the Bored Ape Yacht Club had more than one person using the Instagram account.
CAROLE THERIAULT. Which of course they probably did.
GRAHAM CLULEY. Which, yeah, it's quite possible they would. Then they need some mechanism for people to share the two-factor authentication code, whether it be via a password manager or a Slack channel or whatever it is.
JOE TIDY. Now you're talking.
GRAHAM CLULEY. And now if that got hacked and someone else gained access to that, visibility of the two-factor code, then that would be a way for them to get in. So that's a possibility as well. My third theory, and I can't think of any more than three at the moment, so I'm interested if anyone else, you know, any listeners have an idea as well, is that Instagram has a problem. And you do find on the underground cybercrime forums people who claim that they can hack basically any Instagram account. And that would probably be done either via vulnerability or, to my mind, more likely via rogue insider at Instagram who might have the ability to restore people's access to accounts. And if they were a bit dodgy or if they were bribable, then they might be able to do it. You remember, of course, when Twitter got hacked and lots of celebrities—
JOE TIDY. Yeah, the great Twitter hack. That was the same thing, wasn't it? That was someone getting access to the backend through an employee. And we're seeing this a lot with the— Have you seen the Lapsus$ cybercrime gang? Yes.
GRAHAM CLULEY. Yeah.
JOE TIDY. That seems to be like their specialty. They are very good social engineers and they can get, get into the backend of systems. And sometimes they have been advertising on their Telegram, hey, anyone work for any of these big companies, please talk to us. We'll pay you for access.
GRAHAM CLULEY. If you're a company who thinks you might get targeted, it'd probably be wise to subscribe to that Telegram channel and keep an eye open, see if your name gets mentioned.
JOE TIDY. It's a pretty good channel, to be honest. I've been on there quite a bit. It's got about 50,000 followers.
GRAHAM CLULEY. It's amazing.
JOE TIDY. Yeah, get the popcorn out.
CAROLE THERIAULT. Don't you think it's kind of in the name though? Maybe they just got so bored, the guys at the Bored Yacht Ape Club, that one of them just thought, you know what, I'll just rip off all our users and slam that money into a secret account. And then we'll just say, oh God, I have no idea what happened. Let's reinvest. We're good guys.
JOE TIDY. And here's some Bored Frog Yacht Club NFT things.
CAROLE THERIAULT. Yeah, TM that, Joe. TM it. Could be worth billions.
GRAHAM CLULEY. I've got another theory as to why these NFT-related scams keep happening, which is, In effect, NFTs themselves are a bit of a scam, right? Because if you want the image or if you want the song, you can just download it, just right-click on it, save as, and copy it to your hard drive. You don't have to own the NFT or the link in the blockchain to it. So maybe NFTs and cryptocurrency are really focused on the gullible anyway, in which case maybe you are more prone to getting hacked or being duped or connecting your wallet. Maybe there is a sort of inherent background radiation of gullibility here, which the bad guys are taking taking advantage of. Am I being harsh?
JOE TIDY. No, I think there's something there. And I also think there's even more to it than that. I think that perhaps people who are involved in NFTs and crypto schemes, they might be on the more kind of trusting— maybe I wouldn't use the word gullible. Maybe I would say they are very trusting of new ideas on the internet. But also, they want to get rich. If there's one thing we know about NFT or crypto bros, they want the next thing that's going to go up in value. I think very rarely will people admit to— well, they would probably lie, actually. But I think very rarely would they say, oh, I'm doing this for the art. I'm doing this because I like the image. No, you're not. You're doing it because you want to get rich or you want to be part of a rich boy club. And I think this story with this latest hack is also indicative of the direction we're going in because NFTs historically have been looked at by nonbelievers as, as you say, a bit of a con because you don't even have the copyright for the image. All you've got is this bit of code on the blockchain.
CAROLE THERIAULT. And no one even knows what ownership means.
JOE TIDY. Yeah, but with Bored Apes, what we're seeing is These guys, they recognize there's the flaw in the system. So now they're saying, "No, no, no, it's not just the code in the blockchain, you're part of our club." So we're now releasing land in the metaverse, we're doing these things with toxic— they're combining two apes with some toxic thing and then you get another ape. And then they're starting to do physical events as well. So they're having to work a lot harder, I think, to convince people that actually these products are worth it. And this post that caused this hack kind of shows that.
CAROLE THERIAULT. Yeah, interesting, interesting.
GRAHAM CLULEY. Mm-hmm.
CAROLE THERIAULT. Great, Graham. Well, thanks. I'm loving learning about NFTs every single week.
GRAHAM CLULEY. You can be quite catty, can't you, Carole?
CAROLE THERIAULT. Occasionally, yeah.
GRAHAM CLULEY. Yeah. It's just, you're not the Bored Ape, you're sort of the Bored Carole Yacht Club.
CAROLE THERIAULT. Yes.
JOE TIDY. The Bored Cat. Yes. There are some really popular cat NFTs actually out there.
CAROLE THERIAULT. Oh, really? Oh my God.
GRAHAM CLULEY. Oh, don't tempt her. Now she's interested. So Joe, what have you got for us this week?
JOE TIDY. Well, as I say, this isn't really cybersecurity, but my brief does extend in other directions. And this one, I just couldn't resist looking into. So do any of you watch, or have you watched, Keeping Up with the Kardashians?
CAROLE THERIAULT. No.
GRAHAM CLULEY. My only contact with Kardashians has been in Star Trek: Deep Space Nine and things like that. Is she in that? I think so. I think I've heard of the Cardassians. That's it though.
CAROLE THERIAULT. What is this? This is Cardassians. Is that— What are you doing that for? Shields?
GRAHAM CLULEY. Yeah, they've got sort of like bumpy foreheads, haven't they? And they're not the Ferengi ones.
JOE TIDY. Oh, are they not— They're not Klingons?
GRAHAM CLULEY. No, no, they don't—
JOE TIDY. They've got bumpy heads.
GRAHAM CLULEY. Well, they've got bumpy— Basically every alien in Star Trek has a bumpy head.
CAROLE THERIAULT. That's how you show aliens from people in Star Trek.
GRAHAM CLULEY. They have a Cornish pasty sellotaped to their forehead. That's how they do the makeup on them.
JOE TIDY. The creativity on that show, eh? It's amazing. So anyway, so okay, you are Kardashian non-believers currently.
GRAHAM CLULEY. Newbies. Yes, happily so. Okay. Happily so.
JOE TIDY. Well, there was a show called Keeping Up with the Kardashians. It was massive, and then they had a couple of years' pause. They're back with a new show called Kardashians, which again took a long time in the creativity department to come up with that. And this one's on Hulu and Disney+. It launched a couple of weeks ago, and in the first episode, The whole episode revolves around this dramatic moment when Kim Kardashian's son, Saint, runs into the room with his iPad, and he says, "Mummy, mummy, look what I found on Roblox." Roblox, of course, this ginormous game.
GRAHAM CLULEY. Yeah.
JOE TIDY. Where lots of mini games inside a big game. Really, really popular with young people. So he runs in and says, "Mummy, I found a Kim Kardashian experience on Roblox." Look at this on Roblox!
CAROLE THERIAULT. Who made that? Who?
JOE TIDY. Who made that?
CAROLE THERIAULT. Let me see.
GRAHAM CLULEY. Let me see.
CAROLE THERIAULT. Click on it.
JOE TIDY. As you see on the screen, um, they all look very shocked.
CAROLE THERIAULT. There was a picture of my cry face, and then I looked at it and it said something super inappropriate, like Kim's new sex tape. No, it was an inappropriate thing that popped up on his Roblox about me. That says they're leaking something that someone said.
JOE TIDY. And Kim is very upset to find not only is it a room with her— lots of pictures of her cry face, as she calls it, but there's also an advert for an as-yet unseen sex tape of Kim Kardashian.
CAROLE THERIAULT. This is supposed to be unreleased footage from my old sex tape. The last thing that I want as a mom is for my past to be brought up. 20 years later.
GRAHAM CLULEY. It is a bit surprising that there is an as-yet unseen sex tape of Kim Kardashian, isn't it? It's—
JOE TIDY. No comment.
CAROLE THERIAULT. Has she done these before, sex tapes?
JOE TIDY. Oh yeah, so in 2007, there was a sex tape released of her, and I think it was a rapper, I think. Anyway, that in some ways put her on the path to become this incredible reality TV star and businesswoman that she is. Right. So, there are tapes out there. Anyway, so obviously very, very serious. You know, this is her 6-year-old son. He stumbled across a room with pictures of his mum crying, which is, you know, maybe a bit disturbing. And then there's this advert for a sex tape. Very, very serious thing. And as Kim Kardashian says in the show, you know, thank God he can't read, because that would be pretty disturbing.
GRAHAM CLULEY. Like the other members of the Kardashians are.
JOE TIDY. Again, no comment.
CAROLE THERIAULT. Yeah, me neither.
JOE TIDY. Anyway, so normally you'd look at that thing and you think, yeah, all right, whatever. But Roblox came out last week and said, yes, there was a Kim Kardashian experience room and this message was there. We deleted the room and we've banned the creator. And I thought, wow, there's a story there. You know, that's pretty shocking that that was on there. Then when you start looking into it, and this is why I'm really fascinated by this story, Roblox says Only a few dozen people actually discovered that room. Of the hundreds of millions of players out there, and of the millions of rooms on Roblox, only a few dozen, according to their data, actually found that room. So the chances of that being Saint completely on his own—
CAROLE THERIAULT. Yeah.
JOE TIDY. I mean, as one Roblox developer put it to me, it's astronomically small that he would have stumbled across that room while they were rolling. I might add.
GRAHAM CLULEY. Hmm. Oh, oh, oh, hang on a moment. Hang on a moment. I think I know where he's going here. Are you suggesting that maybe this was done for the cameras a little bit?
JOE TIDY. Whoa, whoa, whoa. I would never say such a thing with such a litigious family as the Kardashians. But I spoke to their family representative for the BBC article I wrote. And they said lots of things to me which they won't allow me to comment on. But they would allow me to say that it was not falsified. The scene was not falsified. So—
GRAHAM CLULEY. but maybe reenacted.
JOE TIDY. Well, yes, I think he wasn't reading a script because—
GRAHAM CLULEY. I mean, okay, so you say it's astronomically small that they would discover these things. I have a son who quite likes watching YouTube videos, and I think he's done jolly well keeping up with the number of videos posted on YouTube. I think he is catching up quickly.
JOE TIDY. What, 100 hours every minute?
GRAHAM CLULEY. Exactly. There seem to be very few Minecraft or Fortnite videos that he has now not seen. So maybe Saint Kardashian could be put to work on finding other material. If Roblox isn't very good at policing itself, maybe they could actually put this young lad— maybe he's the most talented member of the family.
JOE TIDY. As a super moderator.
GRAHAM CLULEY. Yeah.
CAROLE THERIAULT. Could it be like some kind of weird algorithm thing because they're like close in geographic location based on pseudo-anonymised personalised information, so they would be delivered to them? But as a kid?
JOE TIDY. Yeah, quite possibly. But according to Roblox people—
GRAHAM CLULEY. Yeah.
JOE TIDY. I spoke to a few of them. They said the only possibilities are he did completely stumble across it. Astronomically small possibility of it happening. He searched for his name or her name, and then spent a long time going through all the various keyword rooms.
CAROLE THERIAULT. And can't read.
GRAHAM CLULEY. Apparently.
JOE TIDY. And can't read.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. God help him if he ever does that on Google and finds out more about his mother.
JOE TIDY. Yes. And the other possibility, which I'm afraid the community is leaning towards, is that either the producers made it and handed in the iPad, or they found it and handed in the iPad. Mm-hmm.
GRAHAM CLULEY. How dare you?
JOE TIDY. Well—
GRAHAM CLULEY. What a terrible theory.
JOE TIDY. It is an accusation.
CAROLE THERIAULT. It's a theory. It's a theory.
GRAHAM CLULEY. It was a theory.
JOE TIDY. But as far as the Kardashians have said, and Hulu, they are just saying, "Hey, thanks for making it the most watched episode on their platform ever.
GRAHAM CLULEY. How convenient.
CAROLE THERIAULT. Of course. You see? How long have sex tapes been like a big driver for celebs that need to have a little boost?
JOE TIDY. Mine hasn't taken off.
GRAHAM CLULEY. Link's in the show notes to Joe Tidy's sex tape. Crow, what have you got for us?
CAROLE THERIAULT. So recently, a friend dropped by for dinner. Okay, we're gonna call, we're gonna call them Dodo. Okay, and, and Dodo has been single for a while, right?
JOE TIDY. Not Dido.
CAROLE THERIAULT. No, not Dido, we're just gonna call him Dodo. And so, you know, I was encouraging Dodo to consider pursuing a few online dating sites, you know, just to peruse them and just see what spring 2022 post-COVID has done to online dating. And Dodo grumbled saying they weren't ready, yada yada. But as you know, Graham, I like to push people. So I said, why don't we just build a free account, you know, with your middle name or something, and we can go see what's out there?
GRAHAM CLULEY. This is purely for your own entertainment, isn't it? It's purely for you just to have a more fun dinner party.
CAROLE THERIAULT. No, no, it's not. It's not. It's not. It's also to help these people, you know, get out there again.
GRAHAM CLULEY. It's altruistic.
CAROLE THERIAULT. Ah.
GRAHAM CLULEY. Okay, all right.
CAROLE THERIAULT. Anyway, so my thinking was to show them, you know, there's quality people that are there. So I randomly chose Match.com, because I've not been on online dating, right, in what decade? So, or how long have I been married? And, and you anyway, so you, you know, I just chose it rando, and I have to fill in this huge number of forms, and in order to peruse these potential datees. And a mandatory element in this process was uploading a photograph.
GRAHAM CLULEY. Right.
CAROLE THERIAULT. A picture of Dodo. Now, of course, Dodo was not ready to do this because, well, you know, they just weren't. But they suggested that we grab any random photograph from a Google search that looked vaguely matchy to the profile that we put together and post it.
GRAHAM CLULEY. So you just go to Google Image Search, you look for BBC Newsround presenters of roundabout year 2000. Oh, here's one. A guy called Joe. Okay, well, we'll put that up. Something like that, yeah?
CAROLE THERIAULT. No, but have you heard of people doing this before? Not to be bad, but just because they wanna—
GRAHAM CLULEY. Yeah, because they don't wanna use their own photo. I get that.
CAROLE THERIAULT. Yeah. So someone could be using my photo to do this.
GRAHAM CLULEY. I don't think— Can't help them. I don't, yeah, I don't think, Carole, come on. I don't think anyone—
CAROLE THERIAULT. As I have purple hair at the moment.
GRAHAM CLULEY. Anyone going on a dating site is gonna use your photo.
CAROLE THERIAULT. Okay, so I get it. I get it that people wanna do this to stay anonymous, right? That's probably why they're doing it. But at the same time, it's really freaky that photos can just be uploaded willy-nilly.
GRAHAM CLULEY. I think the photos should be willy-nilly, ideally. Otherwise, you're definitely not gonna get anyone liking you. Sorry, it's a grubby joke. It's gone above your head.
JOE TIDY. And mine.
GRAHAM CLULEY. Yeah.
JOE TIDY. Something about willies.
CAROLE THERIAULT. Yeah, something about dicks.
GRAHAM CLULEY. I don't know.
CAROLE THERIAULT. Exactly.
GRAHAM CLULEY. Just let's move on.
CAROLE THERIAULT. So this whole process, right, got me to thinking about the people whose faces are used in things like romance scams. I mean, a scammer doesn't throw up his or her own face up there, right? Their mug is never used. Ideally, they find one that's attractive, more beautiful than them, and, you know, someone to kind of woo the victim. And the question is, how do they find these faces? Like, do they just do a Google search like my friend Dodo, or what? So I was surfing the web looking for the story, and I landed on this article on how a US Army colonel had been the face of thousands of romance scams around the world for almost a decade now.
GRAHAM CLULEY. That's a bit like Alex Ecclebury. Do you remember Alex came on the show and he said his photo was often used in romance scams?
CAROLE THERIAULT. Yes, that's right.
GRAHAM CLULEY. He's middle-aged looking. Well, he's quite good looking. In a sort of George Clooney sort of, you know, in other words, barely good looking at all.
CAROLE THERIAULT. It all starts with, you know, typical romance scam stuff, okay? So take Brandi's mom, Deborah. So she gets a message on Facebook from a hot military guy called Colonel Blackmon, right? And they get to chatting, and he asks about her family, what she does for work, does she have any grandchildren, tells her how beautiful her smile is. He says his wife had left him after trying to kill their son, Alvin. So, you know, has stories.
GRAHAM CLULEY. Blimey.
CAROLE THERIAULT. And it wasn't until he started asking for money that the daughter, Brandy, felt something wasn't right.
GRAHAM CLULEY. Good for her.
JOE TIDY. Right?
CAROLE THERIAULT. Blackman was telling Deborah that doctors had found tumors on his son's stomach, that he desperately needed surgery. This was typical romance scam stuff at the moment. And when Brandy searched Daniel Blackman, it wasn't what she expected because the real Daniel Blackman, the Army colonel in Oklahoma and happily married with kids, And so when they contacted him, you know, they said, hey, do you know that your face is being used? He's like, oh yeah, it's been used since 2014.
JOE TIDY. Oh, he knows about it.
CAROLE THERIAULT. Yes, he knows. Most of the profiles use Blackman's full name and photos he'd shared previously on Twitter, though some used only his photos and a different name. His selfies were their profile photos. They'd rip off pictures he posted online in uniform and shared them with women they spoke with. There's this other woman who I just had to put in because her name was so fantastic. Connie Poindexter.
JOE TIDY. That's made up. That's not real.
CAROLE THERIAULT. It's gotta be. It's gotta be. Surely.
GRAHAM CLULEY. That's a deepfaked name if ever I've heard one.
JOE TIDY. Well, I was gonna say, you can get AI-made faces, can't you?
GRAHAM CLULEY. Yes!
JOE TIDY. So you can, with your friend, Carole, you could have used a person that doesn't really exist. I think the website is called This Person Does Not Exist.
CAROLE THERIAULT. Yeah.
GRAHAM CLULEY. Yeah.
CAROLE THERIAULT. Yes. And it is pretty scary how accurate they're getting. It's getting just too spooky. But this apparently happens all the time. Military romance scams are really common. And the Army's Criminal Investigation Division has an entire webpage dedicated to informing people on how to spot and report them. So if you kind of have a woo romance on one of these socials with someone who's military-ish, you should go and check out because they often say things like, oh, I'm off on, you know, I'm deployed and I can't get access to my bank account. Can you fire me some money? Seems to be a huge scammy bit. Clever they use.
JOE TIDY. Did you watch this, what's his name? The Tinder Swindler, Simon.
GRAHAM CLULEY. Oh yeah.
JOE TIDY. Did you watch that one?
GRAHAM CLULEY. Yeah. Yeah, it was good, wasn't it?
CAROLE THERIAULT. Unbelievable.
JOE TIDY. It was about twice as long as it needed to be, but I thought it was very good.
CAROLE THERIAULT. Yeah, well, a lot of things are that way now, right?
GRAHAM CLULEY. Why not drag them out? Including our podcast.
CAROLE THERIAULT. So the thing is, though, is how— I was wondering, like, how is this for the real Colonel Blackman, right? Like, this has been going on for 10 years. So I was reading through all these articles and You know, basically he gets regular messages on Twitter telling him that his profile is being used. In fact, he's updated his Twitter profile to say, I'm the real Daniel Blackman. I do not follow if I don't know you. I'm only public on Twitter. I'm happily married, not deployed, and won't ask for money. And that's just sitting there on his Twitter thing. He spends his time looking for fake accounts. He goes out, he goes and tells people, hey, I think you're being scammed by someone pretending to be me. And he says often the people don't believe him.
GRAHAM CLULEY. Yeah.
JOE TIDY. God, he must spend so— must waste so much of his time.
CAROLE THERIAULT. Well, that's what I'm thinking. He says his wife doesn't even talk to him about it because it frustrates her so much. And because the scammers often pretend that Blackman's now a widower, you know, like she's been killed off in multiple different ways.
JOE TIDY. You could write fan fiction about this guy.
CAROLE THERIAULT. Right?
JOE TIDY. The backstory's amazing.
CAROLE THERIAULT. And when he reports these scams to socials, He gets a report in 12 hours that says it doesn't violate community standards.
GRAHAM CLULEY. Can I say, I don't want to watch the Kardashians. I want to watch the Blackmans. I want a reality fly-on-the-wall program following him and his wife. I can just imagine.
JOE TIDY. It sounds horrendous.
CAROLE THERIAULT. And this is a victim that we rarely think about. The person— we always think about the person who's being targeted, but not the person who's being used. And what I'm amazed at is he's been used again and again and again. He says, you know, an account gets closed down finally, and then there's 5 new ones. And it's been going on for almost a decade.
GRAHAM CLULEY. He must be a pretty hot hunk of love. Have you checked him out, Kiril?
CAROLE THERIAULT. Yes, he's, you know, a distinguished gentleman.
JOE TIDY. Distinguished, yes, that's how I'd describe him. We did a story on BBC about a woman who was deepfaked in a romance scheme. So she was doing FaceTime calls with this individual, and the signal was always quite bad, which obviously meant that the the picture could be wrong, but his mouth was moving and the picture seemed okay. And it was this, um, I think he was some sort of surgeon in Turkey, but that wasn't who they were talking to. It was someone else in Nigeria. And, um, the BBC reporter tracked down the actual surgeon in Turkey and said, how do you feel about this? And they were really upset and angry about it. This was a professional, you know, person who was trying to do a good job as a surgeon, and there he was, his image being used, um, and abused by these, by these scammers.
CAROLE THERIAULT. And who knows if Mr. Colonel Blackman's going to be walking around sometime and get clocked in the face by some outraged woman. Yeah, who just thinks, you, you know, you stole my cash. Anyway, so it's pretty insidious. And just, just, Joe, get the BBC to do more work on the poor people that are used.
JOE TIDY. I will, I will do my best. I, I tell you what, if someone hadn't have done that story already, that is a brilliant story. The fact that it's been happening to him for so long.
GRAHAM CLULEY. Yeah.
JOE TIDY. I mean, the rows with his wife about it, the time he spent. It reminds me of that guy on Twitter who's called John Lewis. And every Christmas, everyone has a go at him for the Christmas ad or something. And he's like, I'm not the real John Lewis. Please leave me alone.
GRAHAM CLULEY. Collide sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices right inside Slack. Kolide is perfect for organizations that care deeply about compliance and security but don't want to get there by locking down devices to the point where they become unusable. So instead of frustrating your employees, Kolide educates them about security and device management while directing them to fix important problems. Sign up today By visiting smashingsecurity.com/kolide, that's smashingsecurity.com/kolide, enter your email when prompted, and you will receive a free Kolide goodie bag after your trial activates. You can try Kolide with all of its features on an unlimited number of devices for free for 14 days, no credit card required. Try it out at smashingsecurity.com/kolide, that's smashingsecurity.com/kolide.
CAROLE THERIAULT. Smashingsecurity.com/kolide.
GRAHAM CLULEY. And thanks to Kolide for supporting the show.
CAROLE THERIAULT. The network is dead. Long live the network. This is the tagline from our sponsor this week, NetFoundry. Protecting applications is getting more complicated. We all care about security, but man, it's hard. You see, all networks according to NetFoundry are insecure. Period. And the Zero Trust security model is the way to go. It was created with the idea of never trust, always verify. But historically, this has been seriously hard to implement. Netfoundry have created OpenZT to provide an open source, free, and easy way for you to embed Zero Trust networking into anything. Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an edge router for any cloud. And the best bit, no networking engineering skills required. This is something you guys definitely want to check out. Visit smashingsecurity.com/netfoundry. That's N-E-T-F-O-U-N-D-R-Y. And thanks to Netfoundry for sponsoring the show.
GRAHAM CLULEY. And welcome back. Can you join us at our favorite part of the show? The part of the show that we like to call Pick of the Week.
CAROLE THERIAULT. Pick of the Week.
JOE TIDY. Pick of the Week.
GRAHAM CLULEY. Pick of the Week is the part of the show where everyone choose something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security related necessarily.
CAROLE THERIAULT. Better not be.
GRAHAM CLULEY. Well, my Pick of the Week this week is not security related. My pick of the week is, you know, in the UK, I'm sure many of us are aware of the continual dumpster fire, which is the state of British politics. There's all kinds of things. There's parties going on. There's Sharon Stone-style allegations, all sorts of extraordinary stories going on from the House of Commons. And one of the key players who works for the government is Nadine Dorries, MP. Who is Secretary of State for Digital Culture, Media and Sport. Currently she is trying to sell off Channel 4, I believe, and she's not necessarily a fan of BBC either. So Jo might choose not to say very much during this segment. I don't know.
CAROLE THERIAULT. I will. I love BBC.
GRAHAM CLULEY. We said this last time. We love the BBC.
CAROLE THERIAULT. More than I love Nourrice.
GRAHAM CLULEY. Yeah, the current government is not so keen. But anyway, never mind. Never mind. Because Nadine Dorries, aside from previously announcing how much she shared her password with her colleagues in the office and all sorts of bad advice she has given about computer security over the years. She used to be an author. She used to write romantic fiction. And I have been following, and thanks to our listener Yogi for pointing out this Twitter account for me, 'cause I've become addicted to it. She used to write sort of romantic fiction. And there is a Twitter account. No, no, no.
JOE TIDY. I had no idea. I'm looking at it now. It's amazing.
GRAHAM CLULEY. There is a Twitter account called Daily Dorries. Dorris is D-O-R-R-I-E-S, where they choose a segment of one of her books.
JOE TIDY. Usually quite racy, I see.
GRAHAM CLULEY. There's a lot of raciness.
CAROLE THERIAULT. Okay, can we read one? Can we read one?
JOE TIDY. I've got one here. Pinning her to the wall with his forearm across her chest, Patrick fumbled with his free hand at his belt and trousers. I won't say any more. Family show.
CAROLE THERIAULT. Okay, it's a bit like my dad wrote a porno.
GRAHAM CLULEY. Yes, yeah, but more embarrassing. It is rather fun. She has some habits in terms of her terminology as well. I've been looking at quite a few of these. So I'm going to give you a quick pop quiz, okay? Which of the following is a term commonly used by Nadine Dorries to describe the male appendage? Okay. Does she use the word langer? B. Or langer, or langer. Which of those is the one?
JOE TIDY. Ooh.
GRAHAM CLULEY. Ooh. B. Yes, yes, B, langer, is correct. So for instance, we have, John McCarthy whispered to Tommy, 'Aye, Tommy, keep your fly buttons done up tight. If ye have to go into Molly Barrett's, put a shovel head down your trousers and over ye langer. The feckin' cat's a lunatic, so it is.' I don't even know what half of this means.
JOE TIDY. Oh my god. Which one was that from? I see she's done quite a few. There's 'From the Ballymara Road', 2015. 'The Angels of Lonely— of Lovely Lane', 2016.
GRAHAM CLULEY. Mine was—
JOE TIDY. 'Hide Her Name'.
GRAHAM CLULEY. 'Hide Her Name'. That's the one which I was just quoting from. There's another one here. So, 'She stared in transfixed terror, her mind screaming a rejection of what she was seeing, as the final flow of his exudate slowly oozed out onto the end of his langer and formed into a threatening drop.' So she is in charge of culture in the United Kingdom. So check out the Daily Dorries Twitter account.
JOE TIDY. I will downstream that, as she calls it. Did you see that story?
GRAHAM CLULEY. Oh yes. She's been talking about downstreams, hasn't she? Yes, bless her.
CAROLE THERIAULT. These are not old. She's got some written in 2018.
GRAHAM CLULEY. Well, yes, she's a popular— Before she became an MP, I mean, she's—
CAROLE THERIAULT. The Velvet Ribbon, written in 2020.
GRAHAM CLULEY. She's cranking them out.
CAROLE THERIAULT. While she's working! She's probably doing it while she's at work.
JOE TIDY. So I can see on here— Oh my god! There's probably about 6 different novels. And I don't know much about publishing, but you can't self-publish 6. So she must have a deal and—
GRAHAM CLULEY. wow.
JOE TIDY. I had no idea.
CAROLE THERIAULT. Or a ghostwriter?
GRAHAM CLULEY. Yeah. No, no, no, I think this— she had a name for herself.
CAROLE THERIAULT. Wow.
GRAHAM CLULEY. She's quite fascinating in all kinds of ways. But we won't go into all that right now. But that is my pick of the week.
CAROLE THERIAULT. I like it. I'm going to as well.
GRAHAM CLULEY. Joe, what's your pick of the week?
JOE TIDY. Well, I have recently discovered a very obscure late-night ITV comedy starring Rob Brydon called Director's Commentary. Have you ever heard of it?
CAROLE THERIAULT. Oh.
JOE TIDY. No. I'm not surprised. It was a one series. I wouldn't say it was a hit, but it's brilliant. And I've just— me and my mates used to watch it. Late night, usually intoxicated. And it's got a really weird kind of brand of humour, which— So basically the premise is, they take really old, pretty naff programmes like Bonanza, which is like a Western from, I don't know what it was, like '70s, something like that?
GRAHAM CLULEY. Early '60s, I think.
JOE TIDY. Oh, okay, that old. I don't know.
GRAHAM CLULEY. Yeah, it's quite old.
JOE TIDY. Stuff like that. And they— He pretends to be the director who directed that, the scenes from that. Do you remember those old director's commentaries you used to get on DVDs?
CAROLE THERIAULT. Yes.
JOE TIDY. Where you'd have a director sort of—
GRAHAM CLULEY. Love them.
JOE TIDY. —smoking a cigar and telling you how they came up with the genius ideas for various shots and things. So he's one of these insufferable directors. And the character he plays is cool. He's called Peter Delane. And he talks like that. And I just love it. And I want everyone to watch it. And I want it to come back. And I want there to be another second and third and fourth series. Maybe Netflix will pick it up.
GRAHAM CLULEY. I'm definitely going to check this out because I really like Rob Brydon. I find him funny. But I know Carole has a bit of a problem with him.
CAROLE THERIAULT. I do, but you know what? Do you know what? This might work for me because he plays someone unlikable, right?
JOE TIDY. Yeah, he does. He's a prick. He's a complete prick.
CAROLE THERIAULT. I don't like when Rob Brydon is being all nice and kind, and I just think he should be a bad guy.
JOE TIDY. Oh, yeah. I don't think he's played a bad guy, has he? No, and he'd be a great bad guy. It's not a bad idea. There's some really good lines in it. So, in Bonanza, someone walks into a house, And the guy shouts on the programme, "It's open!" And the guy walks in and he goes— And there's loads of these little lines I remember. And he goes, "Yes, because of course in those days, you didn't have to lock the door. You didn't have to carry a gun." Stuff like that. It just sticks in your head.
GRAHAM CLULEY. Carole, have you ever seen The Trip, which is a series he made with Steve Coogan?
JOE TIDY. Did you find that? No. Oh, that's brilliant.
CAROLE THERIAULT. No, I didn't, because I was afraid that I— wouldn't like it, but maybe I should. I don't know.
GRAHAM CLULEY. There is a culinary aspect to it. They go to lots of restaurants and check out the food. You might find it repellent if you don't like Rob Brydon, but— Yeah, I've never seen it. I found it very, very funny.
JOE TIDY. It's one of those kind of sit back and let it wash over you type comedies, isn't it? Yeah. And you're just in their company, basically. Yeah, Steve Coogan and Rob Brydon.
CAROLE THERIAULT. Well, I love Steve Coogan actually, but—
JOE TIDY. And they do impressions quite a lot. That's the best bit. They have competitive impressions.
GRAHAM CLULEY. So they will compete as to who can do the best Michael Caine, for instance.
CAROLE THERIAULT. Sounds like a drive that you and I I once took, Graham.
GRAHAM CLULEY. Carole, what's your pick of the week?
CAROLE THERIAULT. Oh, controversial one. Okay. Yeah, it's called American Vigilante. It is a podcast. I was compelled to listen to the entire podcast in just a few days, which is unusual when I race through that quickly. But I was baffled and annoyed by what I was listening to, yet I wasn't putting it down. So I'm bringing it to you, my dear listener, to spread the pain. Spread the pain. And I made Graham listen as well. And I— So, well, let me just give the premise, Graham, and then you can dive in with your view, okay? So, it's like an interview, an interviewee setup. Former BBC journalist Sam Walker. See, Graham, not Samantha Fox, as I told you it was.
GRAHAM CLULEY. I was pretty certain it wasn't Samantha Fox.
CAROLE THERIAULT. I know, as soon as I said it, I knew it was not. Anyway, so she, Sam Walker, is having these long chats with this character called KC. This is our American vigilante. Like a smart, contradictory, violent man who leads a group of men to distribute justice for people that have been wronged. And he is— the pitch is that he's basically recalling the missions that he and his cohorts have been on over the years.
GRAHAM CLULEY. And the missions are like, you know, people who've lost their children or had their kids kidnapped. And when the police have failed to get people back, he and his team will go in and find the missing person and bring them home.
CAROLE THERIAULT. Yeah. And the way they do this is fairly violent. Like, all in all caps violent. Yes. Right? Like action movie level violence. What does all caps mean?
JOE TIDY. I just think that means shouting. So they're just shouting the whole time. Yes, well, no.
GRAHAM CLULEY. They're not using cap guns, if that's what you're thinking.
CAROLE THERIAULT. A lot of guns. A lot of guns. A lot of knives. A lot of explosives. A lot of trucks that are armoured.
JOE TIDY. All kinds of stuff. And does that come out well on audio then, on the podcast?
CAROLE THERIAULT. He's retelling these stories. You're not kind of live with him. He's like, "This happened, this happened, this happened." And our journalist, Sam Walker, is kind of like, "Do I believe him? I don't know. Do you? I don't know. Let's see. Carry on listening and we'll figure it out together." They're very good at that, aren't they?
JOE TIDY. Some of the American podcasters, they're very good at that.
CAROLE THERIAULT. Drives me nuts!
GRAHAM CLULEY. And this guy, KC, who claims to be a vigilante, he's a compelling storyteller, isn't he? I mean, he— He knows how to tell the yarn. It's just the question of, did this actually happen or not?
CAROLE THERIAULT. And does it matter, is my question.
GRAHAM CLULEY. Of course it matters, Chris.
JOE TIDY. I think, yeah. The journalist in me, I want to know the truth. I want to know what happened. Well, you're going to have to check it out. Yeah, I know. But I don't want to if it doesn't tell me, because I'll just have the frustration at the end.
CAROLE THERIAULT. Well, maybe it does tell you. Graham's not finished it yet.
GRAHAM CLULEY. I haven't finished it yet. Are you going to make me listen to all of it to find out?
CAROLE THERIAULT. I'm not gonna make you do anything. But I think you will, because it's compelling.
GRAHAM CLULEY. It is interesting, because there are points where you think, "That cannot be true. That is just nonsense." But the amount of detail he gives sometimes, apparently off the cuff, about things which happened, you just think, "How could he just make this up?" But see, that's what I'm thinking.
CAROLE THERIAULT. I'm thinking, yeah, no, I was the opposite on that. I think there's so much detail. In everything that it makes me feel contrived at times.
GRAHAM CLULEY. Yeah. Sometimes I just think, yeah, I think it's impossible for that to have happened. But there's also another part of me which wonders, would it be possible to create a podcast where you don't say whether it's fiction? I mean, this doesn't say it's fiction. It doesn't say it's factual. Where you interview someone and you present it as though it were true. And it turns out actually this is just an actor I hired and now I've got a top top podcast with hundreds of thousands of people listening to it, believing that this guy really did this.
JOE TIDY. Because it's like the programme, Would I Lie to You? The panel show.
GRAHAM CLULEY. With Rob Brydon.
JOE TIDY. They just make up stories. With Rob Brydon.
GRAHAM CLULEY. We're back there. I don't know, but it is interesting. I have listened to about 5 or 6 episodes so far. So clearly, I'm slightly intrigued. Right, I'm downloading it.
JOE TIDY. Thank you for the recommendation.
CAROLE THERIAULT. And I look forward to getting a few messages about it once you've—
JOE TIDY. either, "Fuck you, Kroll!" A few frustrated messages in caps.
CAROLE THERIAULT. Anyway, that's American Vigilante. It's from Crowd Network, and you can find it wherever you get your podcasts. Enjoy. You've been warned.
GRAHAM CLULEY. Terrific. Well, that just about wraps up the show for this week. Jo, thank you so much for coming on the show. We really appreciate you spending spending the time. Thanks for having me. I'm sure lots of our listeners would love to follow you online. What is the best way for folks to do that?
JOE TIDY. I'm afraid I'm one of those journalists that's addicted to and constantly posting on Twitter. So it's @JoeTidy, J-O-E-T-I-D-Y.
CAROLE THERIAULT. We're going to start calling you guys musky babies.
GRAHAM CLULEY. Yeah, I think Elon's about to rename it, isn't it?
JOE TIDY. Isn't he going to? My account?
CAROLE THERIAULT. He could do. What, to twatter?
GRAHAM CLULEY. He said he was gonna call it Titter at one point, or maybe give it the, I don't know what he's gonna, anyway. And you can follow us on Titter at Smashing Security, no G, Twitter aren't allowed to have a G. Maybe Elon will allow us in the future. And we're also on Reddit, there's a Smashing Security subreddit. And make sure never to miss another episode, follow Smashing Security in your favorite podcast app, such as Apple Podcasts. And if you fancy it, leave us a review. Really appreciate it.
CAROLE THERIAULT. And huge thank you to this episode's sponsors, Kolide and NetFoundry, and to our wonderful Patreon community. It's thanks to them all that this show is free. For episodes, show notes, sponsorship info, guest list, and the entire catalog of more than 271 episodes, check out smashingsecurity.com.
GRAHAM CLULEY. Until next time, cheerio. Bye-bye. Bye. Bye-bye.
JOE TIDY. 271 episodes. So how long has it been going for?
GRAHAM CLULEY. Ah, tell me about it, man. Insane. December 2016, I think we started.
JOE TIDY. Yep. That is awesome. Congratulations. Thanks. Thank you.
GRAHAM CLULEY. I think it's just stuck to the weekly schedule basically, other than the occasional holiday.
JOE TIDY. Do you have like seasons or something? Or do you literally every week?
GRAHAM CLULEY. We just take, take off Christmas and so a couple of weeks around then, and sometimes we might take a couple of weeks off around August. But other than that, that's amazing. It's insane.
-- TRANSCRIPT ENDS --