Unknown
I go home, I wait for them to come back, and I say, oh darling, you've been working so hard, haven't you? You've been working so hard. Have you been all right?
Have you been all right? Yes, I've been all right. Oh, that's so good. Did you have any fun at all? Were you able to— no, I had no fun at all. You had no fun at all with that redhead?
Smashing Security, Episode 279: Encrypted Notes and a Deadly Case of AirTag Spying with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security Episode 279. My name is Graham Cluley.
CAROLE THERIAULT
And I'm Carole Theriault.
GRAHAM CLULEY
And this week, Carole, we are joined by absolutely no one. And we nearly, we nearly didn't have you either, did we?
CAROLE THERIAULT
Well, yes. The reason we don't have anyone today is my fault because I'm actually on holiday today. Well, for this week.
I'm actually in beautiful Croatia, and I love our listeners so much that I've kicked everyone out of the house. And here I am on a travel mic.
So if I sound a little different, that's why, to do the show.
GRAHAM CLULEY
Ah, well, you do love our listeners very, very much. And the other person who loves our listeners very, very much is last week's guest, Geoff White.
You will recall, folks, that Geoff ran a little competition for a signed copy of his new book, The Lazarus Heist, we asked people to write in for a chance to win a free signed copy of his book.
And I can announce that we now have a winner. So please stop writing in.
CAROLE THERIAULT
We've had so many people who want a free book. You know, Geoff would love if you bought the book, just saying.
CAROLE THERIAULT
For those of you that can afford it. I mean, I know it's always nice to get a freebie, but—
GRAHAM CLULEY
And it was also nice seeing the little begging emails from people where they were trying to win us over by saying, oh, we really love Smashing Security. And Geoff is amazing.
CAROLE THERIAULT
I think you're outrageous. I loved every single one of those emails. They were glorious.
GRAHAM CLULEY
Well, I'm not saying I didn't love them, but well done to Joss Kulunzyk of Queensland, Australia, who was pulled out of the hat and won the signed copy.
Thank you very much, Joss, for taking part and everybody else as well.
CAROLE THERIAULT
Shall we move this show along so I can get back to my friends and family?
CAROLE THERIAULT
And thank this week's sponsors, Bitwarden, Drata, and Kolide. It's their support that helps us give you this show for free. Now, coming up on today's show, Graham, what do you got?
GRAHAM CLULEY
I'm going to be talking about sax and the Soviets.
CAROLE THERIAULT
Such a crazy title.
CAROLE THERIAULT
And I'm talking AirTags.
CAROLE THERIAULT
All this and much more coming up on this episode of Smashing Security.
GRAHAM CLULEY
Now, Chum Chum, have you ever been a member of an orchestra?
GRAHAM CLULEY
A musical group.
CAROLE THERIAULT
I'm not very musically gifted.
GRAHAM CLULEY
Oh, come, come. I've heard you playing guitar.
CAROLE THERIAULT
I tried for 3 years. My music theory is quite up there, but I just did not have the je ne sais quoi to be the next guitarist.
GRAHAM CLULEY
Je ne sais quoi. That's French, isn't it?
CAROLE THERIAULT
Yes. Well done.
GRAHAM CLULEY
Yeah, right. Do you know what for?
GRAHAM CLULEY
Right. Okay. I thought you'd say—
CAROLE THERIAULT
Do you want me to tell you?
GRAHAM CLULEY
I thought you were going to say, I know not what it is for. No.
CAROLE THERIAULT
I'm not as clever as you, honey.
GRAHAM CLULEY
Anyway, I was surprised to see a musician lined up to speak at the RSA conference. Not Bono. Why would you? Not Mary Hopkin.
CAROLE THERIAULT
No one that.
GRAHAM CLULEY
Well, no, because they do. They have had a series of crazy people speaking at the RSA conference in San Francisco in the past.
GRAHAM CLULEY
Oh, yeah, yeah, yeah. Oh my goodness. They're such publicity whores. They will hire anybody. They've had Sean Penn.
CAROLE THERIAULT
The well-known technologist.
GRAHAM CLULEY
Yeah. Shatner.
CAROLE THERIAULT
Well, William Shatner, I get. That's not crazy.
GRAHAM CLULEY
George Takei, Monica Lewinsky. The guys from MythBusters, Stephen Colbert.
GRAHAM CLULEY
The one who caught my eye this year was not a security expert speaking, but a saxophonist.
Now, I wasn't at the RSA conference this year, but it's always great to see the reports of what's going on there.
And there was a woman called Meryl Goldberg who was speaking, and she was talking about her experiences way back in 1985. As you know, I like to keep things topical.
CAROLE THERIAULT
Yeah, you do a great job at it too, honey. Great.
GRAHAM CLULEY
1985. Wonderful things happened in 1985. Live Aid, of course.
GRAHAM CLULEY
Give us your beeping money.
CAROLE THERIAULT
Give us your money to save the people that are starving, though.
GRAHAM CLULEY
Yes, that's right. Yes, yes, of course. The Rainbow Warrior was sunk. The wreck of the Titanic was found.
CAROLE THERIAULT
Oh, is that right? I didn't know that.
CAROLE THERIAULT
I mean, I knew it was found. I just didn't know it was found that year.
GRAHAM CLULEY
Yeah, yeah, yeah. The first .com domain was registered.
CAROLE THERIAULT
Shut up.
GRAHAM CLULEY
Do you know what it was?
GRAHAM CLULEY
You'd expect it to be something like internet.com, wouldn't you?
CAROLE THERIAULT
I would've thought helloworld.com, but yeah.
GRAHAM CLULEY
It was actually symbolics.com.
GRAHAM CLULEY
Symbolics was the— A company called Symbolics was the first one ever to register a domain. What do they do? Oh, I don't know. Something. Something technical.
CAROLE THERIAULT
Something that demanded way more research than we were willing to give the show. Right? Carry on. You're doing great.
GRAHAM CLULEY
It was also the year of Roger Moore's final James Bond. Where do you stand on Roger Moore as James Bond? Have you seen A View to a Kill with Christopher Walken?
GRAHAM CLULEY
Appalling. It's an appalling load of old rubbish. Goodness, he was eventually replaced by the Welsh James Bond, Timothy Dalton.
CAROLE THERIAULT
Timothy Dalton.
GRAHAM CLULEY
Yes. Well, that was 1985. And Meryl Goldberg, this woman who was chatting at RSA, in 1985, she travelled to Soviet Russia because that's what it was then, wasn't it?
It was the Soviet Union. It wasn't really Russia then.
GRAHAM CLULEY
That's right. She went to Moscow. With some fellow— I'm just trying to make you feel comfortable. Do I say Moscow in Canada or Moscow? Moscow. Oh really?
So you say Moscow north of the border and Moscow beneath. Okay. And she went there with some other musicians. And she had a great story to tell.
Now, unlike Timothy Dalton in The Living Daylights, she did not get entangled with some KGB agents and then escape down a snowy mountain on a cello case.
CAROLE THERIAULT
I don't think they would call that.
GRAHAM CLULEY
That would've been a good story though. Yeah.
GRAHAM CLULEY
It would have been. Why didn't they get Timothy Dalton to show up at RSA? I don't know. Is it because he's Welsh?
Is there a Welsh agenda keeping Welsh people out of the RSA conference? Well, no, she was a saxophonist and she was playing in a band called the Boston Klezmer Conservatory Band.
And they decided as some sort of cultural expedition that they would go to the Soviet Union and play with Soviet musicians.
And this was a thing which didn't happen that much at the time.
It was quite rare for the musicians to sort of get together and meet over there and play music together because generally the Soviet authorities thought that was perhaps not the thing to have some of that crazy saxophone music in the USSR.
You know, it may sort of corrupt the youth or something like that. But she wanted to meet up with a group called the Phantom Orchestra.
GRAHAM CLULEY
The Phantom Orchestra was a dissident group.
It was a group of Jewish people in the Soviet Union who maybe weren't too happy with how the authorities were running the Soviet Union at the time.
So, Meryl Goldberg, her trip was backed up by a non-profit group that was helping Jews in the then Soviet Union emigrate to the United States and Israel.
And if you can throw your mind back that many years, you would know it wasn't—
CAROLE THERIAULT
I was very, very young.
GRAHAM CLULEY
Yes. Well, you weren't that young.
CAROLE THERIAULT
Oh, I think you're talking to our listeners. Okay, sorry.
GRAHAM CLULEY
But it wasn't that easy. It wasn't that easy to get out of the Soviet Union. They weren't very keen on people leaving.
CAROLE THERIAULT
Yeah, exactly. Right.
GRAHAM CLULEY
So you had to behave yourself, basically.
So this group of American musicians, including our hero Meryl, went out there, and she realized, "Oh boy, it'd be kind of handy if we could smuggle some information in and out of the USSR, including maybe details of who was looking to escape the Soviet Union," because there were people who were, you know, looking to relocate, as I said, to Israel and the United States.
And to get out. But it turns out that the Soviet authorities were onto this sort of thing.
And so if you tried to go into the Soviet Union, they would search all your belongings, right?
They would go through your cello case, they would go through your handbag, they would look between your toes, they would look everywhere imaginable to see if you had secreted some information or were trying to take in something.
So if you had documents which had, for instance, people's names and addresses of you are planning to meet, then that would be something which they'd say, maybe they wouldn't have an accent like that, but they'd say, what's all this about then?
What are you up to here? Why are you taking this information in and out?
CAROLE THERIAULT
Yeah, it would be pretty scary.
GRAHAM CLULEY
What would you do, Carole? Would you stuff it up your saxophone?
CAROLE THERIAULT
No, I would probably. I find that all very frightening.
I am very glad that I haven't had to deal with that instance of having to try and be subversive against, you know, the country that I was based in or get other people to do it.
It's very complicated, hard stuff. Yeah.
GRAHAM CLULEY
Oh my goodness. Imagine being questioned. You're in a foreign country, you're questioned, you're being searched. I was once questioned about a murder case, right?
I wasn't expecting the police to come round and interview me about it. By the way, I didn't do the murder. I didn't know the victim.
I didn't know the murderer, but I was interviewed about a murder case.
And I thought, oh my goodness, you know, oh my God, you think everything you're going to say is going to incriminate yourself.
CAROLE THERIAULT
Yeah, and they weren't even Russian, right?
GRAHAM CLULEY
No, I don't think so. No, they were from London, these cops. They'd come up all that way. And I said to them, I said, look, if you told me you were on your way, I'd have tidied up.
Because my place at the time was a bit untidy. It looked like I could have been a murderer. And they said, oh, we don't normally ring ahead to warn you that we're coming.
Okay, fair enough. Anyway. It's fine. I'm just a podcaster now. It's acceptable. But anyway, I can imagine the stress. I can imagine that.
So the group, Meryl and her pals, her, you know, performing pals, they had been told to expect to be under surveillance, treated with suspicion, etc.
And they had found that everything was being— even apparently their Tampax was unwrapped. And everything that they were— yeah, exactly.
Because they're just looking for anything, right? They know that you might buy things.
CAROLE THERIAULT
You can't reuse a Tampax once it's open. That's a, you know—
GRAHAM CLULEY
Well, I suppose it depends on what you're trying to use it for. Maybe for its usual purpose, no, you can't. But—
CAROLE THERIAULT
If you have a nosebleed. I did see a guy once in a car next to me when I was driving back from work.
CAROLE THERIAULT
No, I'm not kidding. I'm driving back from work at the place we used to work at together.
And I look over and this guy has two tampon strings sticking out of his nose at the driving wheel of the car next to me.
GRAHAM CLULEY
So I guess he must have had a horrific nosebleed and thought, "I know!" You don't think he'd just accidentally inhaled a couple of mice or something, and there were tails hanging down from his nostrils?
Anyway, so Meryl Goldberg, she thought, "Well, how can I sneak information through?" And what she did was she devised a way of coding information into the musical notation.
And so she handwrote out musical scores And of course, the music, as you may not know, Carole, only goes from A to G, right?
You get flats and you get sharps, and maybe you can go into other— what are they called?
CAROLE THERIAULT
Complicated chords?
CAROLE THERIAULT
Other octaves. Yes, yes.
GRAHAM CLULEY
Other octaves, or you know, you can have a treble clef or something.
Anyway, so she managed to encode all this information into this music, and what it turned out that was the KGB agents who were spying upon them.
They just thought, oh, this is just bloody music, you know, I'm not interested in this.
They didn't go and try and play it because if they tried to play it, it would probably sound like modern acid jazz or something really horrendous, or Stockhausen, you know.
It would just sound like, oh my goodness, what on earth is this? Someone described it as sounding like a cat walking across piano. You can imagine that kind of music.
CAROLE THERIAULT
No, but God, you'd be shitting yourself, wouldn't you? Because if just one of them could read music—
GRAHAM CLULEY
That would be a way to distract the agents, of course, as if they are getting a little bit warm on what they're looking through. If you actually defecated. Lovely.
And then I suppose they'd have to sift through that, looking for— yeah. God, gross. Anyway, they were tailed constantly. They did manage to meet up with these dissidents.
They eventually had their passports seized, they were expelled, but they managed to get information both in and out of the country.
And some of apparently the people they met up with, some of the Soviet activists, did face consequences for the visit. In the reports I've read, that's sort of been glossed over.
Oh, there were consequences for some of the people they met up with.
CAROLE THERIAULT
Yeah, they were jailed for 20 years in a hard-working camp. No problem, don't worry about it.
GRAHAM CLULEY
But others were eventually able to permanently leave the USSR. But I thought it was a great story from a bygone pre-internet age of a way of not really encrypting information.
Meryl Goldberg does admit that, you know, if someone actually analyzed it, it was more obfuscation perhaps than encryption, but it was still enough to serve its purpose.
And as a consequence, the groups obviously achieved their ambitions.
CAROLE THERIAULT
Can I tell you something?
CAROLE THERIAULT
Symbolics.com still exists.
GRAHAM CLULEY
Oh, does it? Yeah.
CAROLE THERIAULT
Download our free mini book, Internet History in the Making.
GRAHAM CLULEY
Ah. Oh, didn't some chap buy the domain from the Symbolics company? Because he wanted to own the very first domain. Who knows why?
CAROLE THERIAULT
Yeah, he says here, our museum is like any other with various wings to explore and unique historical items to visit. Yeah.
100% free, and we aim to continually update it with relevant exhibits and information.
CAROLE THERIAULT
Yeah. And very interesting.
GRAHAM CLULEY
There you go. Very good. I'm glad that's the bit of my story which you enjoyed, right?
CAROLE THERIAULT
That was my favourite bit. Yeah.
CAROLE THERIAULT
Hey, I'm on holiday. I'm on holiday. I'm not taking anything too seriously today.
GRAHAM CLULEY
Carole, what have you got for us this week?
CAROLE THERIAULT
Well, Graham, I'm gonna set a scene for you, okay? You are dating a lady friend.
CAROLE THERIAULT
Let's say that this lady friend, this fictitious lady friend, has been acting a little bit weird recently.
CAROLE THERIAULT
Weird in a way that makes you think that perhaps she is interested in sniff testing someone else's nether regions, if you get my drift.
GRAHAM CLULEY
I'm sorry, sniffing someone's neck? You mean she's interested in—
CAROLE THERIAULT
You think maybe she's stepping out on you.
GRAHAM CLULEY
Oh, I see. Nothing to do with farts or anything, bottoms and things. Okay. She's maybe interested in somebody else. Okay.
CAROLE THERIAULT
Yeah. Okay. And you know, it's kind of eating at you, right? You just want to know if she's cheating.
And the problem is you don't have any proof and you want proof to help you decide whether you're a paranoid freako or a bona fide Columbo?
GRAHAM CLULEY
Right. I don't think anyone would ever cheat on Columbo.
CAROLE THERIAULT
I mean, it's hard to ignore when you're in these situations.
It's hard to ignore the extra-long poop breaks, phone in hand, of course, or late nights out without you, obviously, you know, or the faint smell of new love in the air.
You know, maybe she's always humming suddenly, or things this. And basically, you just want to know what the eff is up. So I want to know what steps you would take at this stage.
GRAHAM CLULEY
Oh, what? I might say to her, hey, you seen anyone other than me at the moment? You could try the direct approach.
CAROLE THERIAULT
Yes, yes. You could just ask her. Yep.
GRAHAM CLULEY
Yes. You could— Ooh. You could notice if she's suddenly calling you by somebody else's name.
If she starts calling me Geoff or something, then I might think, oh, I wonder who this Geoff guy is.
CAROLE THERIAULT
But what if she covered her tracks and said, oh, but you look a Geoff. I just love the name Geoff. You look exactly a Geoff.
GRAHAM CLULEY
You might fall for that.
CAROLE THERIAULT
I'm okay. Okay, call me Jack.
GRAHAM CLULEY
Okay. I mean, it's not uncommon to look at somebody else's phone, is it? I mean, it's not really a very attractive attribute to do it.
CAROLE THERIAULT
Yeah, but sometimes people lock their phones, right?
GRAHAM CLULEY
Ah, right. Yes, true. Maybe they've changed their wallpaper on their phone to the picture of their new loved one. You might be able to see that even if you don't unlock the phone.
That would be telling.
CAROLE THERIAULT
But Graham, these are amazing suggestions. Very amazing. But no cigar. What if I told you that there may be an Apple AirTag involved?
GRAHAM CLULEY
Ah, yes. Now we've talked about this possibility before, I think, haven't we? So these AirTags have a sort of lost mode.
So if you lose your AirTag, you can sort of get where it is, can't you? You can get some sort of location information.
CAROLE THERIAULT
Well, the whole point is to lose your AirTags in a way. That's the point of them is if you, for example, you slap it in your luggage, you've lost your luggage.
It's basically a Bluetooth, private Bluetooth device that pings out and finds any Apple device in the vicinity and uses that device to inform Apple to inform you that here is where your device is.
So it activates the GPS in the device that it, you know, the iPhone, for example, that it can connect to.
GRAHAM CLULEY
It's very clever. I've never owned one of these AirTags. No, me neither. I've never played with one.
GRAHAM CLULEY
But I know people who have, and it sounds like they're jolly clever.
CAROLE THERIAULT
Well, they are clever when they're used for good, but sometimes they are not, especially if it's used by someone who wants to know what their partner is up to.
So this is where Miss Gaylynn Morris apparently did to her partner, Andre Smith. Both these people are 26, and earlier this month, Miss Morris was convinced that Mr.
Smith was cheating on her because basically he wasn't coming home at night. So that was kind of a tip-off, right?
GRAHAM CLULEY
That's a clue. Yeah, it's a clue.
CAROLE THERIAULT
Well, he could be working hard. Who knows?
GRAHAM CLULEY
Yeah, right. 3 in the morning.
CAROLE THERIAULT
Yeah. Now, so she decides to use an AirTag because both she and Mr. Smith were iPhone users. Right?
CAROLE THERIAULT
So my guess is, this is how I'm playing it out in my head, right? Mr. Smith decides to piss off for an evening with what Miss Morris thinks is a flimsy excuse.
And she probably gave him no heat and said, "Have fun, honey bunch." But really, she was probably waiting for him to go so she could follow him and find out where he is.
CAROLE THERIAULT
Because she hid an AirTag in the cup holder of his car.
CAROLE THERIAULT
And it turns out she was successful eventually tracking him to a place called Tilly's Bar in Indianapolis.
GRAHAM CLULEY
Okay, do we know what this chap Andre actually does for a job?
GRAHAM CLULEY
Because maybe he's a bar—
GRAHAM CLULEY
Health— Yeah, but yes, a bartender, or a sort of health and safety person for bars. Or maybe he's an electrician or something. Or a patron.
CAROLE THERIAULT
Or a patron.
GRAHAM CLULEY
Or yes, a professional drinker, maybe. He could be any one of these things.
CAROLE THERIAULT
So, Miss Morris arrives in the parking lot. And she sees some people loitering.
GRAHAM CLULEY
Oh, she follows? She goes there while he's there?
CAROLE THERIAULT
Yes, she goes there, right? She wants to catch him.
GRAHAM CLULEY
Oh my goodness.
CAROLE THERIAULT
And there's a few people loitering around. And she goes up to them and she goes, "Hey, have you seen a guy that looks like this?" So she describes Mr.
Smith's appearance to the other patrons lurking outside and says, "Look, he's my boyfriend. I think he's cheating on me, and I want to know if he's in the bar."
GRAHAM CLULEY
Okay, I wouldn't personally say to complete strangers, "I think he's cheating on me," at this stage. That feels a little—
CAROLE THERIAULT
Oh, I don't know. You're pretty close. No, but you're being honest. You're just being straight up. You're like, "I think he's cheating on me.
I want to catch him out." So it turns out Miss Morris seems to enter Tilly's bar, and she quickly spots her man, Mr. Morris. And guess what? He is not alone. She was right.
He's obviously playing the Judas, and by having a drink with a lady who is not Miss Morris.
GRAHAM CLULEY
Is it his mum?
CAROLE THERIAULT
No, it is not her mum. Although I don't know who this is. This woman has remained anonymous in this whole—
GRAHAM CLULEY
All right. Okay.
CAROLE THERIAULT
So we don't know who she was. Okay. So you get there. Let's go back to you, right? So you've done all this. You arrive at the bar.
You see your girlfriend with some hot hunk of love that you're not comfortable with. What do you do now?
Do you just go, okay, now I know, and I'm leaving, and I'll let her know when she comes home, or what?
GRAHAM CLULEY
Oh yeah, so I would go home. I wouldn't let him see me.
CAROLE THERIAULT
Would you wear a mustache when you went in or something just to—
GRAHAM CLULEY
Yeah, yeah, I'd be wearing a big raincoat. I'd probably be standing on someone else's shoulders as well so it looked like I was taller than I really was.
CAROLE THERIAULT
Yeah, that wouldn't attract any attention. No one would see you then. You're right.
GRAHAM CLULEY
With a long red coat. Anyway, or maybe I've dressed up as a pantomime horse. Something like that, not to draw attention to myself, right, to disguise my true identity. I go home.
I wait for them to come back. And I say, oh darling, you've been working so hard, haven't you? You've been working so hard. Have you been all right? Have you been all right?
Yes, I've been all right. Oh, that's so good. Did you have any fun at all? Were you able to? No, I had no fun at all. You had no fun at all? No fun at all with that redhead?
CAROLE THERIAULT
So you would have the WTF conversation or WTF chitchat at home is what you would do?
GRAHAM CLULEY
Well, I think rather than in public, yes.
CAROLE THERIAULT
Well, Miss Morris, slightly different from you.
CAROLE THERIAULT
Miss Morris goes up to the table and has a serious WTF chitchat. And according to witnesses, Miss Morris seizes an empty bottle and swings at Smith's companion.
GRAHAM CLULEY
No way. Yes.
CAROLE THERIAULT
And Smith, however, gets in between them and says, "Hey, hey, calm down. Calm down, Miss Morris." The bar owner sees all this and asks all three of them to leave.
But the companion says, "Actually, I'm waiting for food that I've paid for, so I'm gonna stay right here." Who ordered the calamari? Yes.
GRAHAM CLULEY
Someone— I'm having calamari.
CAROLE THERIAULT
If someone just tried to deck me with a— crack my head open or whatever with a bottle, I don't think I'd be worrying about my French fries or tacos, right? I don't know. Anyway.
GRAHAM CLULEY
Okay, so if I was going to stay in the bar to do the confrontation, I would do it differently. First of all, I wouldn't swing at someone with a bottle.
I wouldn't do the WTF, girlfriend, who do you think you are with my man kind of thing.
First of all, she should be, surely if she's upset with anyone, she should be upset with her guy, not with the woman.
But anyway, regardless of that, because the woman may not know that he's in a relationship. But wouldn't it be cooler just to sit down at the table and just go, hi?
CAROLE THERIAULT
Yeah, you know, I think that's great, but I think sometimes when people are in these situations, they don't have the clear reasoning available to them.
They're kind of in this fog of what? WTF? Jealousy, crazy.
GRAHAM CLULEY
Yeah, I guess they're seeing red.
CAROLE THERIAULT
However, I've never been so enraged that I wanted to crack someone's head open with a bottle.
GRAHAM CLULEY
So, you know, good.
CAROLE THERIAULT
However, now, it doesn't stop there, okay? This gets a little bit more disturbing. I'm warning you all out there as well.
Miss Morris does decide to get the heck out of Dodge, gets into her car and drives off. And Mr. Smith also leaves, right? And he steps out onto the sidewalk.
Miss Morris zooms back, mounts the sidewalk with her car, and literally runs him over. Like, literally.
CAROLE THERIAULT
Now I get that cheating sucks, but I'm not sure that running someone over for this misdeed is a fair response. Do you have any thoughts on that?
GRAHAM CLULEY
Do you? I tend to agree. Is it possible she's exhibited some crazy behaviour in the past, which maybe has driven Mr. Smith elsewhere? Possibly.
Maybe he's been seeking some assistance from outside of his relationship.
CAROLE THERIAULT
This all becomes clear in a second because this is not the end of the story. Because she decides that running him over, that running over trick, was not quite enough. So she then—
GRAHAM CLULEY
Puts the car in reverse.
CAROLE THERIAULT
Yep. And backs over the boyfriend.
CAROLE THERIAULT
And there's a report that witnesses are there, right? There's people there watching all this.
They saw the bottle incident inside the, you know, probably people came outside to see what was going on.
And there are reports that this guy witnessing all this tries to step in front of the car to protect Mr.
Smith, but Morris, alas, drives around him, hitting him in the left hip with her car mirror before running over Mr. Smith for a third time.
GRAHAM CLULEY
Well, this is a—
CAROLE THERIAULT
A registered nurse is on the scene, and she tries to help Mr. Smith, right? But he's completely under the car. His head is under one front wheel, and his feet are under another.
The passenger side front wheel, and she can't get to him. And when the cops arrived, are you surprised that Mr. Smith is dead after being run over 3 times?
GRAHAM CLULEY
Well, no, I'm not surprised. I'm just surprised at you. Why do you tell us this story? Are you going to blame all this on Apple or something for their—
CAROLE THERIAULT
I cannot believe this because I just have here written in my notes, I have a question for you at this point. Who's at fault, Miss Morris or Apple?
Now you all know that we are big fans of password managers at Smashing Security because it's an important tool for generating and saving secure credentials for every online account.
Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments.
Bitwarden is transparent and secure using end-to-end and zero-knowledge encryption with source code that can be scrutinized.
Now you can go to bitwarden.com/smashing and try it for free across devices as an individual user, or you can start a free trial of a Teams Enterprise plan.
And the thing I like about this, a good password manager is robust and cost-effective.
As it can radically improve your chances of staying safe online, all without requiring super high-tech expertise. Go to bitwarden.com/smashing.
Start your free password manager trial today.
GRAHAM CLULEY
Collide Security sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices right inside Slack.
Collide is perfect for organizations that care deeply about compliance and security but don't want to get there by locking down devices to the point where they become unusable.
So instead of frustrating your employees, Collide educates them about security and device management while directing them to fix important problems.
Sign up today by visiting smashingsecurity.com/collide. That's smashingsecurity.com/collide.
CAROLE THERIAULT
K-O-L-I-D-E.
GRAHAM CLULEY
Enter your email when prompted, and you will receive a free KOLIDE goodie bag after your trial activates.
You can try KOLIDE with all of its features on an unlimited number of devices for free, no credit card required. Try it out at smashingsecurity.com/kolide.
That's smashingsecurity.com/kolide. And thanks to KOLIDE for supporting the show.
CAROLE THERIAULT
Is your organization finding it difficult to achieve compliance and scale its security posture?
At G2's highest-rated cloud compliance software, Drata streamlines your SOC 2, your ISO 27001, your PCI DSS, your GDPR, and your HIPAA compliance.
Plus, it provides 24-hour continuous control monitoring so you can focus on scaling securely. Drata is the only compliance automation platform with a private tenant database.
They say it's having your cake and securing it too.
Countless security professionals from companies including Notion, FullStory, and BambooHR have shared how crucial it is to have Drata as a trusted partner in their compliance process.
Listeners, you can get 10% off Drata and waived implementation fees by visiting smashingsecurity.com/drata. That's D-R-A-T-A. And thanks to Drata for sponsoring the show.
GRAHAM CLULEY
And welcome back. Can you join us for our favorite part of the show? The part of the show that we call Pick of the Week. Pick of the Week.
CAROLE THERIAULT
Pick of the Week.
GRAHAM CLULEY
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app, whatever they wish.
It doesn't have to be security related necessarily.
CAROLE THERIAULT
Better not be.
GRAHAM CLULEY
Well, my pick of the week this week is a little bit security related.
CAROLE THERIAULT
I'm on holiday. It's just unfair. But anyway, go on. Let's see if it's worth it.
GRAHAM CLULEY
I found a website called web3isgoinggreat.com.
CAROLE THERIAULT
Sounds riveting.
GRAHAM CLULEY
And web3isgoinggreat.com was created by a software engineer called Molly White. This is how it describes itself.
It says Web3 is going just great and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.
CAROLE THERIAULT
You know, I'm thinking of Mark Stockley right now who was on this show complaining very intensely about Web3, so I hope he's listening to this.
GRAHAM CLULEY
I think he'd like this website. It is a project to track some examples of how blockchain, crypto, Web3 stuff isn't actually going as well as its fans might you to believe.
GRAHAM CLULEY
And so it is a timeline of cryptocurrency and blockchain-based cock-ups dating back the last couple of years.
And so it's basically stories of hacks, of scams, of money being lost, of everything.
CAROLE THERIAULT
The shit show. The shit show that is Web3.
GRAHAM CLULEY
That's right. And I found it quite entertaining.
The site even includes what he calls its grift counter, which is a running total of the amount of money lost so far to Web3 grifts and scams and crypto nonsense increments as you scroll through the page.
Currently it's at about $9 billion, they reckon.
CAROLE THERIAULT
Oh, chump change. Fantastic.
GRAHAM CLULEY
Yeah, exactly. Exactly. So I found it quite amusing. I think many of our cynical and skeptical listeners might enjoy it as well.
And so that is why web3isgoinggreat.com is my pick of the week.
CAROLE THERIAULT
You don't mind if I don't look at it until I'm finished my holidays, right?
GRAHAM CLULEY
That's fine. That's fine.
GRAHAM CLULEY
What's your pick of the week?
CAROLE THERIAULT
I've got a good one. My pick of the week is an app called Audem, A-U-D-E-M. Now, I quite like long-form journalism, right? And I used to love reading all this, right?
I'd read it online all the time, but honestly, I'm just in front of the screen just too much for me.
GRAHAM CLULEY
I can guess what it does. Yeah.
CAROLE THERIAULT
They narrate them. So I prefer to listen to these stories.
And now I can with Audem because Audem is an app that curates the best long articles from about a dozen pretty high-caliber publishers like The Atlantic, The New York Times, the wonderful New Yorker, Rolling Stone, and others.
GRAHAM CLULEY
Oh, wonderful. That sounds great. Yeah.
CAROLE THERIAULT
And they have about 3,000 articles available so far, and you can download and listen away. You can even jump to any paragraph in a story by tapping on it.
So you have also the written version in the app. You could choose your narration speed. So if you need it to be really slow, really fast, you can do that.
And what's cool about it is rather than paying every single publisher their fee to have access to their content, you can pay the price of Audible to get access to many great stories from many different publishers, which I like.
GRAHAM CLULEY
How much does Audible cost?
CAROLE THERIAULT
Well, you can try it for free for 3 days, or you can even go to the daily because I do listen to the daily. This is the New York Times podcast.
And occasionally on Sundays, they play an Audem version of a long-form New York Times article. And after that you're charged $9 a month, which is pretty reasonable.
Because you could hoover up a lot of content in that time.
GRAHAM CLULEY
Yeah, I guess so. Yeah. Well, I'm really pleased to hear that things like The Atlantic and The New Yorker are in there because they have tremendous articles, don't they?
CAROLE THERIAULT
Yeah, I really think it's great. And the app is pretty slick. And I think it's great.
So I think if any of you out there rather listen than read sometimes, this is definitely worth checking out.
GRAHAM CLULEY
And does it sound okay? Or does it sound like this?
CAROLE THERIAULT
No, no, they have very good readers. Now I'm always on the hunt to see if they're automating it, and I'm sure one day they will. I mean, why wouldn't they, right? That makes sense.
But at the moment, I think there may be some automation because, you know, sort of pauses are the same length, that kind of thing.
CAROLE THERIAULT
But I find it pretty easy listening. I don't find it too automated that it puts me off. So it's called Audem, A-U-D-M. You can find it in any of your app stores.
And I hope you enjoy it. That's my pick of the week.
GRAHAM CLULEY
That sounds fantastic. And that just about wraps up the show for this week. Carole, I hope you enjoy the rest of your holiday out there in Croatia.
GRAHAM CLULEY
Are you gonna come back to the UK? No. Oh.
CAROLE THERIAULT
It's super sunny here and beautiful. I've got dogs to play with, a husband that snoozes constantly. It's great.
GRAHAM CLULEY
Well, you can follow us on Twitter @SmashInSecurity, no G. Twitter allows to have a G, and we also have a Smashing Security subreddit.
And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast apps such as Overcast, Spotify, and Apple Podcasts.
CAROLE THERIAULT
And a massive shout out to this episode's sponsors, Bitwarden, Drata, and Kolide. And of course, to our wonderful Patreon community. It's thanks to them all that this show is free.
And as always, for episode show notes, sponsorship info, guest list, and the entire back catalog of more than 277 episodes, check out smashingsecurity.com.
GRAHAM CLULEY
Until next time, cheerio, bye-bye.
CAROLE THERIAULT
Bye. I should have probably made Croatia my pick of the week. Can you make a country a pick of the week?
GRAHAM CLULEY
Of course you can.
GRAHAM CLULEY
As long as it's not security-related, necessarily.
CAROLE THERIAULT
Yeah, well, you have trouble following that.
CAROLE THERIAULT
Talk to you next week. Maybe.
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.