This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.

---

GEOFF WHITE. This is 19th century masturbation. I shall see you in the drawing room for some mutual masturbation, Mr. Falsworthy.

---

GRAHAM CLULEY. Shall we just now leave the womenfolk on their own with the port and we'll take our cigars and penises? Retire to the drawing room for some onanism.

---

UNKNOWN. Smashing Security, episode 320: City Jerks, AI Animals, and It's the BBC Hacking Again with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security episode 320. My name's Graham Cluley.

---

CAROLE THERIAULT. And I'm Carole Theriault.

---

GRAHAM CLULEY. And this week on the show, Carole, we are joined by a very special guest, someone who's been on the show plenty of times before. It is the co-host of The Lazarus Heist, as well as cybercrime author Geoff White. Hello, Geoff.

---

GEOFF WHITE. Hi, hi, how you guys doing?

---

CAROLE THERIAULT. Oh, Geoff, it's so good to have you back. It's been months actually since we've spoken.

---

GEOFF WHITE. Feels like only yesterday.

---

CAROLE THERIAULT. I don't know if that's a good thing.

---

GEOFF WHITE. You were hounding me to appear on your podcast again. It's been a while.

---

CAROLE THERIAULT. Yeah. You're a busy guy though. What have you been up to?

---

GEOFF WHITE. Yes, I've been writing a book and the book is about money laundering and technology. It's going to be out next year and it's basically leading on from a lot of the work I've done around sort of North Koreans and other cybercriminals because I've sort of realized the one thing a lot of them have in common, a lot of, along with a lot of other criminals, is money laundering. You know, they all, when they make their money, they all need to wash it somewhere. And tech has played a huge and pivotal role in that activity. So I'm exploring that, which has been fun.

---

CAROLE THERIAULT. Oh my God, I bet it has.

---

GRAHAM CLULEY. So Geoff, I was wondering, is it because you've learned so much about how much money can be made through North Korean hacking and cybercrime and all the rest of it, and your podcast and your books and everything, that you're now showing this interest in money laundering, what to do with all this money you're making?

---

GEOFF WHITE. Yeah, yeah, I'm trying to pick up some tips so I can wash the millions pounds I've got stacked in my room. That's actually the soundproofing for this podcast. That's why the audio sounds so good, because I've stacked up my banknotes behind me in a huge pile.

---

CAROLE THERIAULT. Brilliant. But before we kick the show off, let's thank this week's wonderful sponsors: Bitwarden, Kolide, and Outpost24. It's their support that helps us give you this show for free. Now, coming up in today's show, Graham, what do you got?

---

GRAHAM CLULEY. I'm going to be taking you to a couple of rather unsavoury websites.

---

CAROLE THERIAULT. Oh, I don't know if I want to go there. Geoff, what about you?

---

GEOFF WHITE. We'll be talking about scammers and telly.

---

CAROLE THERIAULT. Cool. And I'm talking about AI, robotics, and the animal kingdom coming together. All this and much more coming up on this episode of Smashing Security.

---

GRAHAM CLULEY. Now, chums, chums, you remember, of course, Ashley Madison, the popular adultery website hacked back in 2015. So long ago now, but it seems like yesterday.

---

GEOFF WHITE. Blast from the past, yeah.

---

CAROLE THERIAULT. Was it not made popular because it got hacked?

---

GRAHAM CLULEY. I think that certainly, it certainly made it a household name, didn't it? Yeah. Previous to that, if you did hear about Ashley Madison in your household, then that wasn't necessarily good news. But suddenly it was being mentioned in the mainstream newspapers, on the TV, after the Impact Team, a hacking gang, demanded that it got shut down and some of its sister sites, CougarLife and Established Men and some other—

---

CAROLE THERIAULT. Great reputable sites.

---

GRAHAM CLULEY. Yeah, oh, absolutely, absolutely. And there was a huge furore about it because the database was being shared publicly.

---

GEOFF WHITE. Just to chime in, the sites you mentioned there, it's interesting. Ashley Madison, they went after, but you're right, there were two other sites, Established Men and CougarLife. Established Men was for older men looking for younger women, and CougarLife was older women looking for younger men.

They demanded the closure of Ashley Madison and Established Men, but I think they were okay with Cougar Life, as I remember. I don't think they wanted—

---

CAROLE THERIAULT. That's what I own secretly, so we'll leave that one alone.

---

GRAHAM CLULEY. Yeah.

---

GEOFF WHITE. Sorry, I had to chime in there. As soon as you mentioned those names, I remembered that was the case.

---

GRAHAM CLULEY. All of them, as far as I know, are still operating.

---

GEOFF WHITE. Yeah, yeah, actually.

---

GRAHAM CLULEY. I think Madison claim to go from one success to another. And I remember when I visited their website once, purely for research, they said, as seen on Channel 4 and ITV.

Oh yeah, of course you have been. So, anyway, the database which was stolen from Ashley Madison of people who were looking to commit adultery, looking for someone to hang out with even though they were in relationships, that was shared publicly.

---

CAROLE THERIAULT. I just bet a lot of them actually aren't committing adultery, they're just pretending to commit adultery. They're actually just single, right?

---

GRAHAM CLULEY. Well, that certainly is possible. And of course, it did turn out there were a lot of fembots up there as well.

So Ashley Madison claimed if you did create an account on there, you'd very quickly get a message from a woman, or someone claiming to be a woman at least, saying, oh, you know, maybe we can chat. All you have to do is pay $15 to sign up for the VIP membership.

And it turned out that a lot of that was actually automated. But anyway, this database of users leaked onto the internet and websites sprung up which made it easy for anybody to search for their partner, their boss, their neighbor, their politician to see if they were a member of the site.

You know, pretty embarrassing for those millions and millions of Ashley Madison users who are affected.

---

GEOFF WHITE. They did it on air, didn't they? On a radio station in Australia, live on air.

---

GRAHAM CLULEY. It's amazing, isn't it?

---

GEOFF WHITE. Yeah, it was incredibly contentious, that story.

---

GRAHAM CLULEY. And they didn't properly verify people's identities. So you could create an account claiming to be Tony Blair at Downing Street or something like that.

And bing, bing, bing.

---

CAROLE THERIAULT. Is that the most exciting person you can think of? Really? It's Tony Blair?

---

GRAHAM CLULEY. He's a pretty sexy man, isn't he? Really? Really? Wow.

---

GEOFF WHITE. Who would you want to see on the Ashley Madison database then, Carole? Go on. This will be revealing.

---

GRAHAM CLULEY. I think, Carole, who would you like? Lionel Richie? I mean, who would you be looking for?

---

CAROLE THERIAULT. Geoff Goldblum, obviously.

---

GRAHAM CLULEY. Oh, Geoff. Okay. Well, if you thought that Ashley Madison was pretty not safe for work, I've got some news for you.

---

GEOFF WHITE. I'm totally wrong. No, no.

---

CAROLE THERIAULT. They say government employees are encouraged to install this app.

---

GRAHAM CLULEY. It was obviously not safe for work, but something even worse has happened because hackers have once again stolen email addresses, direct messages, other personal data, including profile pictures, sex orientation, date of birth, city, state, IP addresses, biographies of people on a couple of different sites. I wouldn't necessarily call them conventional dating, however.

They serve a somewhat different niche. What kind of niche? I have to say, Carole, I'm a little bit nervous about going into this story because I know how you like me to be a bit more prudish.

You think sometimes maybe—

---

CAROLE THERIAULT. You're a pervert.

---

GRAHAM CLULEY. I'm pushing things a little bit too much.

---

CAROLE THERIAULT. Yeah.

---

GRAHAM CLULEY. Well, I don't know about pervert, but it's slightly on the borders of the normal. So there is a website which has just suffered a breach.

77,000 of its users have had their details leaked. They've come out.

---

CAROLE THERIAULT. Sometimes it's just the details, it's a good thing, right?

---

GRAHAM CLULEY. Well, so the site is called City Jerks.

---

GEOFF WHITE. Oh, God.

---

GRAHAM CLULEY. Cityjerks.com. It's not for people who cut you up going around the roundabout.

It's not for people who work in finance who are a bit of an asshole. City Jerks is a website which is devoted to the subject of mutual masturbation.

So if you— the way in which it sells itself is if you are in a relationship and you don't want your relationship to go sour, but things are getting a little bit dull, to prevent you—

---

CAROLE THERIAULT. Go Wank with a Friend.

---

GEOFF WHITE. Wanking with Friends would have been a better— Wanking with Friends, the website for you.

---

GRAHAM CLULEY. Yeah, yeah, we've had Words with Friends. This is Wank with Friends.

---

CAROLE THERIAULT. Yeah, and then you can feel totally— you can feel totally, you know, angelic that you haven't cheated. Is this on Zoom or something?

Is this—

---

GRAHAM CLULEY. Well, I think those sort of details are really up to the individual users.

---

CAROLE THERIAULT. Oh, right. Sorry, I haven't looked into it.

I'm sorry.

---

GRAHAM CLULEY. If you did exchange details, maybe you could have a video link up. But I think from my browsing of the site, can I say, with a VPN through a private browser window, from my browsing of the site, it does appear that there are all kinds of sub-communities on cityjerks.com depending on what your particular thing you're looking for.

Some people do go for in-life meetups where I think they go into a, you know, a drawing room, a group of them, and they jerk off together.

---

GEOFF WHITE. Drawing room? This is 19th century masturbation.

I shall see you in the drawing room. It's mutual masturbation, Mr. Fosworthy.

---

GRAHAM CLULEY. Shall we just now leave the womenfolk on their own with the port and we'll take our cigars?

---

GEOFF WHITE. Retire to the drawing room. For some onanism.

They would call it onanism as well. Onanism in the drawing room.

---

CAROLE THERIAULT. Just, okay, okay. I'm just trying to, let's get out of the gutter.

---

GRAHAM CLULEY. Okay, of course we are, of course we are.

---

GEOFF WHITE. Or the drawing room, sorry.

---

GRAHAM CLULEY. So yes, so some people meet in person, some people maybe do it on the phone, maybe some people do it on email. I don't know, say, okay, you know, I'm having a tug now, and the other one replies back to you.

Okay. I don't know. I don't know exactly what's happening.

But anyway, the fact is that these details have come out. Regarding this site.

Now, this is obviously quite embarrassing for these individuals.

---

CAROLE THERIAULT. You wouldn't have a business card, would you? Well, hi, CEO City Jerk.

---

GRAHAM CLULEY. Right. No, it turns out the City Jerk Empire doesn't stop at jerking off because they have a sister site which has also been breached. Oh, God. Now, I'm somewhat less comfortable naming this site than the previous one. Maybe you'd like to guess what this other site might be called. So we've had City Jerks.

---

GEOFF WHITE. Guess the sexual activity.

---

GRAHAM CLULEY. Guess the sexual activity. Yes, that's exactly what we're doing. Yeah, we have some quiz music. Okay, so the first one—

---

CAROLE THERIAULT. Oh no, we're not playing, Graham. We're not playing.

---

GRAHAM CLULEY. The person who gets closest wins.

---

CAROLE THERIAULT. All right.

---

GEOFF WHITE. You're on your own.

---

GRAHAM CLULEY. Let's open this up. Geoff.

---

GEOFF WHITE. Oh, drop me in it. Right. Well, how about Farm Frottage, then, in that case.

---

GRAHAM CLULEY. Farm Frottage, really? People who like to hang out on farms and rub themselves against things.

---

GEOFF WHITE. That's my guess. Come on, off the top of my head, that's pretty good.

---

GRAHAM CLULEY. That's pretty good, yeah, very good. You've got to admit.

---

GEOFF WHITE. Almost a viable business.

---

GRAHAM CLULEY. Carole, do you have any suggestions?

---

CAROLE THERIAULT. An obsession with large monuments.

---

GRAHAM CLULEY. Oh, okay, right. So, you know, maybe someone who, for instance, is going to trifle around with the Eiffel Tower or something like that. Exactly, exactly. Right, okay. Neither of those. No. I think maybe what you're not thinking of is TruckerSucker.com. Oh, God. Oh, God. Please, it's not for real.

---

CAROLE THERIAULT. Who comes up with the names?

---

GRAHAM CLULEY. Seriously. Well, I think they're geniuses. TruckerSucker is the online social home and dating app.

---

GEOFF WHITE. I think I know. Yeah, which one?

---

GRAHAM CLULEY. I think I've guessed.

---

CAROLE THERIAULT. I think I got it.

---

GRAHAM CLULEY. For real truckers, it says, and real men. So, if you are looking for a relationship with a trucker, or if you are a trucker and you want to be hooked up, then this is the site to go to. And they invite men to join. It seems a bit sexist to me.

---

CAROLE THERIAULT. I'm literally on the treadmill right now listening to this. Just at breakfast.

---

GRAHAM CLULEY. Right. Well, the thing is, these users are encouraged— well, they're told actually under the terms of the membership. And by the way, you can pay up to $20 a month for membership of these sites. They ask you to upload photographs, not of anything rude, of your face. And they say it has to be your full face, no mask, no cartoon images, no deepfakes. And so people's real images, and I've been to TruckerSucker.com, are on this site. And you can, just as with City Jerks.

---

CAROLE THERIAULT. Okay, how many do you think really used their face as opposed to their Uncle Dave's or something?

---

GRAHAM CLULEY. Well, poor old Uncle Dave.

---

CAROLE THERIAULT. I know, I agree.

---

GRAHAM CLULEY. And I wonder as well, what email address are they logging in with? Because it's an interesting question, isn't it? If you are going to join City Jerks, for instance, do you use your personal Hotmail address, which maybe your wife can log into, or do you use your work email address, your government email address instead? Lots of potential here for blackmail and for abuse.

---

CAROLE THERIAULT. If you're an idiot, yeah.

---

GRAHAM CLULEY. Yes, obviously. But people will, I suspect, be using these details. And according to Troy Hunt, who of course runs the Have I Been Pwned website, he's saying that the encryption used on the passwords was really monumentally weak. And so it's likely it will be cracked.

And those passwords, if you're using the same password for City Jerks as you're using for your I don't know, as you're using for your bank, as you're using for your Amazon, as you're using for your work account. All kinds of calamity could be taking place.

---

CAROLE THERIAULT. You know, it bugs me though, because I had a friend around this weekend, she's in dating, right? And she just went to a brand new dating site.

So she tried all the big ones and she said she didn't like it. So she's gone for one. She's quite a— she's curvy, right? She's a curvy girl. And so she's gone for a dating kind of site that is bespoke for that. So if you like curvy women, come here. You like curvy people come here and she says it's fantastic. She's dating left, right and center and having the time of her life.

---

GRAHAM CLULEY. Oh, cool.

---

CAROLE THERIAULT. But to your point, it's a smaller place. Who knows how good its security is?

---

GRAHAM CLULEY. On City Jerks, you can be sure there'll be an SSL handshake at the very least, right?

---

GEOFF WHITE. This was all leading up to that.

---

CAROLE THERIAULT. I know. Exactly.

---

GEOFF WHITE. One gag at the end.

---

GRAHAM CLULEY. Come on, come on, come on. We all need to come together.

---

GEOFF WHITE. So let's—

---

GRAHAM CLULEY. I think we shouldn't be too snobby about these sites. Obviously, people are using these maybe for legitimate reasons. Who are we to judge? Who are we to shame?

---

CAROLE THERIAULT. Nobody. We're judging the companies that are putting up these sites and not actually protecting them.

---

GEOFF WHITE. Security, yeah.

---

GRAHAM CLULEY. And the cybersecurity experts should be offering them a helping hand, I really— otherwise, we're all going to end up in a great big mess.

---

CAROLE THERIAULT. Who's the CIO of Trucker Sucker? That's what I want to know.

---

GRAHAM CLULEY. Well, I haven't looked him up on LinkedIn. Shall I look him up right now?

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. Let's look up LinkedIn. All right, so— OK, LinkedIn. I'm logging in right now to LinkedIn.

---

GEOFF WHITE. Cohen Company, Trucker Sucker.

---

GRAHAM CLULEY. Trucker Sucker. Let's just see.

---

GEOFF WHITE. Oh God. Are you using an anonymous window again?

---

GRAHAM CLULEY. No, I'm not. Oh damn, now he's going to know that I viewed him.

---

CAROLE THERIAULT. Quick, go. So many people get caught.

---

GRAHAM CLULEY. Reverse, reverse. I'll delete my account.

---

GEOFF WHITE. I mean, I'll advise people to delete their accounts, right?

---

CAROLE THERIAULT. Yeah. Really glad you came on the show, Geoff. Glad you came on the show.

---

GEOFF WHITE. Yeah, it's too late to back out.

---

GRAHAM CLULEY. Geoff, what have you got for us this week?

---

GEOFF WHITE. I'm going to go down a slightly more serious and certainly less sexual route. I'm gonna be talking about a programme, BBC programme called Scam Interceptors, which your august listeners, some of them may be forgiven for not having come across because it's a daytime TV programme.

So Scam Interceptors is a 10:00 AM BBC One programme. And it has to be said, among the sort of pantheon of daytime TV programmes, Scam Interceptors for me aims conspicuously higher than a lot of the daytime TV fodder you get.

The idea is it's about, as the name suggests, scammers, internet scammers who make these scam phone calls and try and trick people into paying money or their credit card details or installing software in some cases, all those types of scams. And I will say, I just want to set it at the beginning, I have conflicted feelings about this.

So I'll try and make that clear as I go along. I am no friend of the scammers, as anyone who's followed my career will know.

I have covered multiple instances of venal fraudsters, and these people are horrible. There is a certain level of hell reserved for people who phone up, particularly older people.

They seem to target older people and trick them out of their money and actually listen to the person on the other end, in some cases crying. I think you are a person who's dead inside if you do that.

So I've got no friend of these people. However, I have got some concerns about the program and sort of the way it's done because they are intercepting these calls as they happen, and these communications as they happen.

So the scammers will phone a victim, the TV crew, the people in the program, intercept these calls, listen to them, and then try and contact the victims and say, hey, that guy you just had on who said he was from HSBC, or that woman who said she was at Amazon, these are fakers, they're scammers, please don't pay them. And in some cases, they try and actually terminate the scammer's call and interfere and cut them off.

---

GRAHAM CLULEY. Yes, I can see on my system that you're looking for a loan amount of £1,000 for 2 years with a monthly installment of £70 a month, right?

---

GEOFF WHITE. Okay, I'm calling her now.

---

GRAHAM CLULEY. Okay, no problem. As we're trying to intercept, the first scammer has handed the call over to a more experienced colleague.

So give me 1 minute only, I'm doing some legal formalities, I'm making a file over here. He'll be a closer, the person who takes the payment for the fake loan.

So the scammer's now taking her through the final stages of this. Just give me one minute.

She's not answered.

---

GEOFF WHITE. So if we can't get through to this woman, she's going to pay out right now.

---

CAROLE THERIAULT. So how do they know about it? I'm sorry, I'm missing some point.

So there's an older lady, she's getting a call. How do they know?

---

GEOFF WHITE. Excellent question. An excellent question.

This is where the concerns come in. There was a chap who's quite well known called Jim Browning.

---

GRAHAM CLULEY. Yeah.

---

GEOFF WHITE. Who is a sort of scam baiter kind of person, scam targeter, does a lot of research about this and has worked himself with the BBC before, as have I, by the way. I've not got a problem with the BBC.

I freelance for them myself. He worked notably with Panorama on a program a few years ago, and he actually got footage, CCTV footage from inside one of these scam factories, which I'm pretty sure was in India.

---

GRAHAM CLULEY. Yeah.

---

GEOFF WHITE. And this became a program Panorama made about inside the scam factory. Now, again, perhaps I didn't read the right article, but I couldn't quite figure out how that access had been gained to that CCTV. This program is again working with Jim Browning, which by the way, isn't his real name, to basically penetrate these kind of scam exercises and scam factories that are operating.

And that's how they're able to work out who they're phoning and to intercept those calls and apparently sometimes hang up on them. Don't get me wrong, I'm not a fan of the scammers' work, but I'm also cagey about how this access is being gained and yeah.

The BBC are incredibly risk-averse, and I say that as somebody who's worked for them. So I can't believe they haven't gone through all the right processes.

But I just, I don't know, is it just me who's thinking a bit like, well, I'm not sure about this, how's that? Interested in your thoughts.

---

GRAHAM CLULEY. I think you're right, because it's basically the TV programme which has made the decision, well, this kind of crime is okay to commit. Because chances are, this is happening because in some fashion, the systems being run by these Indian call centres have been compromised.

And so they're able to find out who's being called and listening on the calls and cause mischief and so forth. So that sounds like hacking to me, doesn't it?

And if you start hacking into scam companies and scam call centres, there's the potential that you are damaging evidence which police could be gathering against those criminal groups because you're compromising the situation, as well as, of course, committing a crime yourself. It doesn't— purely for entertainment, or is this really, I don't know, spreading the word?

I haven't seen the program, so I don't know.

---

CAROLE THERIAULT. But what are the people? Are they mostly older victims, or—

---

GEOFF WHITE. It's a variety. In fairness, the new season of this started yesterday, so I've watched a couple of programs from the previous one.

---

CAROLE THERIAULT. I've never watched it. I'm gonna watch it.

I just, I'm not a normal TV— I love TV, but I just tend not to do it in the day.

---

GEOFF WHITE. When I say it's daytime TV, it is on iPlayer, so you can watch it at any time.

---

CAROLE THERIAULT. This has now become work for me, so I can watch this tomorrow morning.

---

GEOFF WHITE. Look, you know, there are possible answers to this. It may be that there is a way to, you know, lawfully intercept this kind of— 'cause it does seem to be interception— lawfully do that.

I'm sort of struggling to think how that would be, but it could be there is a way of doing that. And actually, to answer your question, Graham, part of the point of the series is they say, look, you know, we've tried to tell the police in countries like, for example, India, where some of this is based, and they haven't done anything about it.

And let's face it, police in the UK are overwhelmed. So that's perhaps, that's how they'd argue and say, look, you know, we would report it to the police if we think they'd do anything about it.

And in a way, that's what makes it great TV. It is on the borderline of quite contentious issues.

But I just thought I'd bring it up because I'd be interested. I was interested to hear what you guys think of it.

Your listeners can go away and have a look at it and see whether they think.

---

GRAHAM CLULEY. I'm definitely going to watch it. It does make me feel uncomfortable. And there are things which I know the BBC have done in the past as well.

Years ago, BBC Click, which is their technology spot, if I recall correctly, they compromised a botnet and then they did something with the botnet to prove their point. And it was like, well, hang on, you're using other people's computers without their permission. We're not saying that the crime isn't taking place, which is being run by criminals.

But what you're doing as well hasn't really, you know, they didn't really step carefully enough about it, and I didn't really like what they did there. And sometimes they're doing things to make an impressive TV program, I think, without necessarily thinking of all this.

Who are we to judge if this is better than not doing anything?

---

GEOFF WHITE. Well, this is the thing, I think without watching it, nothing. No, I recommend people have a watch of it, and I'm well sending viewers their way, which I'm happy to do for the purposes of judging this kind of thing.

Have a watch of it, see what you think. But yeah, I just think it's an interesting debate and it's one I think needs to be had.

Whichever side you come down of it, you just have to think about, you know, what you're happy with and what you're comfortable with. But yeah, interesting.

---

GRAHAM CLULEY. If we really don't like what these scammers are doing and we're capable of intercepting their phone calls, couldn't we play the latest episode of ITV's Loose Women at them down the phone? Or maybe Piers Morgan on his YouTube channel?

Something like that. Let's really make life hell for the scammers.

---

GEOFF WHITE. Just Baby Shark over and over again.

---

GRAHAM CLULEY. Baby Shark. Now that I would tune into.

I would love to watch that. Just play them Baby Shark.

---

GEOFF WHITE. Hacked your phone, doo doo doo doo doo. Hacked your phone, doo doo doo doo doo.

---

GRAHAM CLULEY. Krow, what story have you got for us this week?

---

CAROLE THERIAULT. So robotics, right? Specifically AI and robotics together.

It's a pretty exciting field right now. And I thought we could talk about how animals other than humans and AI-powered robotics are intersecting.

It's not something I've ever covered before in the 319-odd shows that I've done, which is saying something, isn't it?

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. Although I don't think you've covered anything like Trucker Sucker, so.

---

GRAHAM CLULEY. No, I've actually covered quite a lot of stories like that to my shame. Let's be honest.

---

GEOFF WHITE. Every time I've been on from what I've seen.

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. So I've narrowed my story down to two pieces of academic research where these two worlds collide in interesting ways. And the first kind of animal robot research I want to introduce— actually, I'm just going to start with a quote of the Science Daily article from last week.

So it starts, humans and horses have enjoyed a strong working relationship for nearly 10,000 years. A partnership that has transformed how food was produced, people were transported, and even how wars were fought and won.

And the question is, can these age-old interactions between people and their horses teach us something about building robots designed to improve our lives?

---

GRAHAM CLULEY. No, no, they can't. That's my quick answer.

---

CAROLE THERIAULT. University of Florida says yes.

---

GRAHAM CLULEY. Well, the answer is yes. Oh, okay.

---

GEOFF WHITE. Right.

---

GRAHAM CLULEY. Good.

---

CAROLE THERIAULT. But we have a few findings and I'm interested in your thoughts on it. So the article talks to a researcher from the University of Florida about her recent paper called How a Horse Whisperer Can Help Engineers Build Better Robots. And the idea came as researchers wanted to improve how humans interact with autonomous vehicles and other forms of AI, right?

It has to be able to say how far something is, don't hit this thing. And the researchers were like, this has happened before, right? Horses, you know, can do this intuitively. We've taught them how to do it in our relationship, working with them over a millennia.

---

GEOFF WHITE. To tell us how far we are. I've never had a horse tell me how far it wants to go.

---

CAROLE THERIAULT. But that's a really good point. How much does the horse like this relationship, right? Who's asked the horse?

---

GRAHAM CLULEY. Yeah. I would think horses wouldn't like it. You'd be like, why the long face? No, come on, guys. What's the problem?

---

CAROLE THERIAULT. Yeah, yeah. I'm loving all the heavy machinery that you're tying to me so I can pull it through a field. Love the tourists in the crowded cities. Love all that. But maybe they didn't have much choice in the matter, right? And maybe in the beginning, robots won't either.

---

GEOFF WHITE. It's interesting, isn't it? This comes down to one of the things about robotics and AI is that because AI is so difficult to sort of pin down, it's such a sort of nebulous and thorny topic. Certainly whenever I was trying to do it, you know, do it as a journalist, particularly for TV, they'd always want you to film a robot and you'd have to sort of say, well, that's not necessarily AI.

You can put AI into a robot, but the two things aren't equivalent. You can have robots that aren't AI and AIs that aren't robots. So it strikes me with this, they're sort of — quite a narrow field of where robotics and AI will come together. Yeah?

---

CAROLE THERIAULT. Well, it's — yeah, so apparently this multidisciplinary collaboration involved expertise from engineering and animal science and qualitative research methodologies. And they, you know, contacted equine behavior and management programs at the university and spent months observing classes.

Horse experts were involved, thoroughbred trainers, devoted horse owners, and they collected all this data. Which presumably they used AI to crunch. And do you want to know what they've learned? They learned two interesting things. One is a horse speaks with its body, right? So its ears point to where something catches its attention. And the thought is that perhaps they could build similar types of nonverbal expressions in robots, like ears that point when there's a knock on the door. If you had a digital, you know, a robo dog or something, or something visual in the car when there's a pedestrian on the side of the street, for example.

---

GRAHAM CLULEY. See, I thought you were going to say if you had a horse in your living room, if you were deaf, it would tell you there's someone at the door. That's what I was picturing. I thought this maybe — wouldn't a light bulb be easier?

---

GEOFF WHITE. You know, how is this helpful? How is this helpful to have a robot in your house? You have to look at where its ears are bloody pointing to work out what it's doing. Just tell me, tell me where the problem is.

Don't point your ears at it. I don't want to interpret the modern dance signals.

---

CAROLE THERIAULT. Oh, is this your nightmare? See, I quite like this. I think these things would help. I think that what they're trying to achieve — Of course you'd like it, Carole.

---

GRAHAM CLULEY. Years ago, you told us all that you wanted to marry a horse. You said if you couldn't find the right man —

---

CAROLE THERIAULT. Well, that was just to entertain a dinner party, en passant. Oh, okay. There's another thing they learned, which was, or they are thinking about, is the notion of respect.

So when a horse trainer first works with a horse, they look for signs of respect from the horse for its human partner. And the idea is, could that notion not be applied to a robot?

Would we be more comfortable with them if they had tells to show us that they respected us as masters or as partners? You know, it'd be like, "Hey, Graham, you're such a swell guy, and I'm loving this request. Loving it. High five." Or, "Oh my God, Geoff, you're the smartest man out there."

Would they be disappointed I couldn't swivel my ears though?

---

GRAHAM CLULEY. I mean, it is— because I can't.

---

CAROLE THERIAULT. No, no, but you talk with your face, right? Your eyebrows will rise. One of the places, yeah.

---

GRAHAM CLULEY. A little bit, yeah.

---

CAROLE THERIAULT. Not very much. Well, I have another case study, and I'm going to flip this whole notion of animals helping us with robots on its head and look at how AI robots are helping us better understand animals.

And this is all about digital bioacoustics. Okay, this is from an article in Scientific American.

The concept relies on a very small, portable, lightweight digital recorder, which are miniature microphones that scientists are installing everywhere from the Arctic to the Amazon. And you can put these microphones on the backs of turtles or whales.

You can put them deep in the ocean or on the highest mountaintop or attach them to birds.

---

GRAHAM CLULEY. I'd be pretty pissed off if I was a tortoise.

---

CAROLE THERIAULT. I know. What if you were just walking through nature thinking you're completely on your own and you burst into song?

"I'm a little teapot," say, right? You don't want that recorded.

---

GEOFF WHITE. But yeah, who owns the rights to all this stuff exactly? Does Simon Cowell know about all of this?

You know, a tortoise doesn't move fast enough to avoid the microphone being put on them. At least, you know, faster animals can outrun you.

---

CAROLE THERIAULT. So they can record continuously 24/7 in remote places that scientists can't easily reach. Even in the dark, they can record without— How are these powered? I don't know.

---

GRAHAM CLULEY. How do they collect the recordings?

---

CAROLE THERIAULT. I don't know, but they get a lot of data. There's a data deluge that comes from this.

And this is where AI comes in because it's the same natural language processing algorithms that we use to teach other things to be able to detect patterns in non-human communication. So there's this researcher from Berlin, University of Berlin, who studies bee communication.

And when honeybees speak to one another, apparently it's with their body movements, right? As well as sound.

Now computers, and particularly deep learning algorithms, are able to follow this because you can use computer vision combined with natural language processing. So they've reportedly got these algorithms to a point where they're actually able to track individual bees, plus they're able to determine what impact the communication of an individual might have on another bee.

And so the next step was to encode this information into a robot they called RoboBee. Okay.

And after 7 or 8 prototypes, our Berlin-based researcher came up with a bee that could enter a hive and it would essentially emit commands that the honeybees would obey.

---

GEOFF WHITE. That's so interesting, isn't it? Yes, it's crazy.

Scale that up, you've got world domination, haven't you? I mean, basically, if you could get— if you could do humans and do the body language and the communication just run the same thing as in the bee colony.

Whoa, you know, yeah, that's impressive.

---

CAROLE THERIAULT. So apparently RoboBee goes in there and says, hey everybody, shush your shusher signal, and all the bees quiet.

---

GEOFF WHITE. Make more honey. Make more. Okay, make more honey. Fine. All right, stop making honey. Stop making— this is brilliant.

---

CAROLE THERIAULT. Absolutely amazing. You know, there's so many things like, do animals lie to each other? And what do you do if, you know, do they recognize a fib? Do they trust them repeatedly?

---

GEOFF WHITE. That's so interesting.

---

GRAHAM CLULEY. I know you should never play cards with a cheetah. I know that.

---

GEOFF WHITE. That's one thing to watch out for. I think this is genuinely fascinating, Carole, but I have to say, as you were saying it, the one place my brain went was if I was in control of the robo bee, I'd just do something stupid like trying to get them all to dance in a conga.

---

GRAHAM CLULEY. The Macarena.

---

GEOFF WHITE. Yeah. That'd be the first thing I'd do. To get them to do the Macarena.

---

CAROLE THERIAULT. Yes, exactly. So you would ruin our honey harvest.

---

GRAHAM CLULEY. But imagine the TikTok views that Geoff would get if he did that. That's the thing.

---

GEOFF WHITE. That's why he's doing it. Seriously, Geoff White is dancing bees.

---

CAROLE THERIAULT. This week's sponsor, Outpost24, delivers smarter cyber risk management, making it easy to identify security gaps in your attack surface and prioritize the vulnerabilities that matter. With Outpost24, you get the most complete view of your attack surface and threats targeting your organization, helping your security team understand what's real, what's dangerous, and what's important to fix in the environment right now.

Application security, vulnerability management, cyber threat intelligence— they've got it all covered. They can even protect your remote workforce and critical data by blocking weak and almost already compromised passwords.

Sign up for a free attack surface assessment from Outpost24. Get insights into exposed domains and web applications, leaked credentials, and more.

Sign up for your free attack surface assessment at smashingsecurity.com/outpost24. That's smashingsecurity.com/outpost24.

Now there's some big news from our sponsor Kolide.

---

GRAHAM CLULEY. If you are an Okta user, they can get your entire fleet up to 100% compliant. How do they do that, you're asking yourself?

Well, if a device isn't compliant, the user can't log into your cloud apps until they fix the problem. It's that simple.

Kolide patches one of the major holes in Zero Trust architecture, which is device compliance. Without Kolide, IT struggles to solve basic problems like keeping everyone's OS and browser up to date.

Unsecured devices are logging into your company's apps because there's nothing there to stop them. Kolide is the only device trust solution that enforces compliance as part of authentication, and it's built to work seamlessly with Okta.

The moment Kolide's agent detects a problem, it alerts the user and gives them instructions on how to fix it. If they don't fix the problem within a set time, they are blocked.

Kolide means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Visit kolide.com/smashing to learn more or to book a demo.

That's k-o-l-i-d-e.com/smashing.

---

CAROLE THERIAULT. Smashing Security listeners, did you know that Bitwarden is the only open-source, cross-platform password manager that can be used at home, on the go, or at work. Bitwarden's password manager securely stores credentials spanning across personal and business worlds. And every Bitwarden account begins with the creation of a personal vault, which allows you to store all your personal credentials.

These are unique and secure passwords for every single account you access. And it's easy to set up, it's easy to use. I honestly love Bitwarden—I use it at home, use it at work, use it on the go. Get started with a free trial of a Teams or Enterprise plan at bitwarden.com/smashing, or you can even try it for free across devices as an individual user. Check it out at bitwarden.com/smashing, and thanks to Bitwarden for sponsoring the show.

---

GRAHAM CLULEY. And welcome back. And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.

Pick of the Week.

---

CAROLE THERIAULT. Pick of the Week.

---

GRAHAM CLULEY. Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, movie, a record, a podcast, a website, or an app, whatever they wish.

Doesn't have to be security related necessarily—better not be. Well, my Pick of the Week this week is not security related. My Pick of the Week was spurred by a listener—a listener got in touch with me. His name is Randall Stanley. Thank you, Randall, and he suggested this topic. Now, we were talking about singing tortoises just now in the Amazon or whatever. Thinking of singing tortoises, Paul McCartney, obviously these days— Why do you call them tortoises? Well, because, you know, obviously I'm a huge fan of the Beatles, right? But I also recognize that Paul McCartney is 80 years old or 81 years old—he's getting on a bit.

---

CAROLE THERIAULT. Is he younger than Biden or older?

---

GRAHAM CLULEY. Oh, good question. I think he's about the same. Anyway, whatever—he's old, he's an old geezer, and his voice is not that great. A couple of years ago, Paul McCartney—he's not putting his face on the front of his LP covers anymore, he tends not to appear in his videos.

A couple of years ago, they actually made a deepfake video with a 1965 version of Paul McCartney rather than the old crotchety one, probably to appeal more to the kids. He made this video with Beck. Anyway, having done that, I discovered that in the last few weeks, something extraordinary has been happening with music and, dare I say it, Carole, AI as well.

---

CAROLE THERIAULT. Is this the Drake thing? There's basically a rap duet that was done, and one included a rapper and the other one was an AI of another very famous rapper.

And it made it to number one before everyone started freaking out and taking it offline. So it was removed from TikTok, removed from YouTube, removed from everywhere. And there's a big argument about copyright now—do you own the sound of your voice?

---

GEOFF WHITE. I was gonna say, did they not have the consent of the person who they AI'd?

---

GRAHAM CLULEY. Oh gosh, you are so cool, Carole, knowing all this. I knew nothing about this. All I knew was Francis Drake and the Armada. Didn't know anything about all this other music stuff that's going on.

Anyway, someone has been using AI to enhance songs or create new versions of songs. And for instance, they have sampled, taken thousands of samples of Paul McCartney singing, and they're using it to get him to sing other songs. So I have, for instance, I've listened to Paul McCartney singing Goodbye Yellow Brick Road by Elton John, and it's McCartney singing it. Oh, wow.

Well, I'll tell you one which I was really impressed by. Paul McCartney put out a song called I Don't Know 4 years ago at the age of 76, and it's all right, it's okay song, but he sounds like an old man. What they did with AI was they got a Paul McCartney in his 30s to sing it. So they've redone the entire vocal track with a young Paul McCartney.

And so you think, oh, this is a much better song than I ever realized. Now it's been sung properly. I also heard there have been some songs, there was a song which has also been released, which was a Paul McCartney song, which has now been augmented with John Lennon singing the middle 8.

---

CAROLE THERIAULT. And in these situations, the guy is saying, this is AI-generated, this is me just having fun and trying to produce cool stuff.

---

GRAHAM CLULEY. Yes, it's all upfront, it's all open and no money's being made. The lawyers are going to jump on this. From a great height and stop it.

But I'm really impressed. I also heard a Paul McCartney singing God Only Knows by the Beach Boys. So there's all kinds of impressive stuff going on with AI. We haven't yet got Yoko singing anything in tune, which really will be the ultimate test.

---

GEOFF WHITE. It's great they've started on Paul McCartney. That is fantastic. But I just think there's so much room for maneuver. I would love to Katy Perry doing Napalm Death.

---

CAROLE THERIAULT. You just want a big mashup.

---

GEOFF WHITE. I do. You know, Björk doing Slayer. I just think there's a lot of potential here. We really need to push the boundaries of this. Let's not stop at Paul McCartney is my message to whoever's behind this.

---

GRAHAM CLULEY. I don't think they're going to. So I'm really impressed by the technology. All kinds of questions as ever, as we've been raising all throughout this show.

Anyway, so I'll put some links in the show notes if other people want to check them out, and an article about some of the videos which have already been produced by these clever, clever people before they get shut down. So if you want to check them out, you can. That's my pick of the week. Geoff, what's your pick of the week?

---

GEOFF WHITE. My pick of the week is a podcast. I had a long and boring journey over the bank holiday weekend, and so I was asking on LinkedIn podcast recommendations, and people came up with some really, really good stuff.

---

GRAHAM CLULEY. On LinkedIn?

---

GEOFF WHITE. On LinkedIn, yes. I've started to come off Twitter. I'm not so keen now on Twitter for a whole variety of reasons. And so I've been embracing LinkedIn and it's been embracing me.

Anyway, but no, so they had podcast recommendations and the favorite, the one that I picked that I really liked, I had a really good time listening to, was a podcast called The Evaporated, which is a really fascinating subject. I think this is what all the good podcasts, or ones I like anyway, do. They introduce you to a world that you didn't know existed and you feel like, oh—

---

GRAHAM CLULEY. Truckersucker.com, for instance. Oh God.

---

GEOFF WHITE. That introduced me to a world I didn't want to know anything about. Yeah, so The Evaporator is about people in Japan who disappear. I think I remember the figure rightly, it's something like 80,000 people go missing in Japan. It's some astonishing figure — I may have got that completely wrong.

---

GRAHAM CLULEY. Well, how often? 80,000 what, in a century?

---

GEOFF WHITE. No, no, in a year.

---

GRAHAM CLULEY. 80,000 a year? Yes.

---

GEOFF WHITE. Now, what's interesting in this podcast is they go into the reasons why and things about Japanese society that mean that a lot of people want to go missing. So they go down the whole organized crime, yakuza kind of route. There's also, very sadly, quite a lot of domestic violence and familial abuse in Japan.

So there's quite a lot of women actually in the series who, or they reference a lot of women who want to escape the relationships and so on. There's a whole industry called the Night Movers, who will come along at night and basically move you out while your husband or wife or your people threatening you are—

---

CAROLE THERIAULT. Remove you and what, kill you? Or remove you and give you a whole new life?

---

GRAHAM CLULEY. No, the removal men.

---

GEOFF WHITE. Take you to a safe house. And there's these little manga cafes — so manga, the comic books, sorry, graphic novels, I should refer to them as.

Those manga cafes often have little rooms in the back where you can stay, like cheap accommodation for people. Sometimes they'll ship you into a manga comic cafe where you can hang out and lay low for a while.

Other times they'll just get you to a different location, you can try and get yourself a new identity. There's a whole culture of this that they go into.

It's really good. It's by Jake Adelstein, who people might know from Tokyo Vice, was his big book, and Shoko Planbeck, who's his co-presenter, who also writes some of the episodes.

It's really interesting. It's a really interesting little glimpse into not just a world, a country that I don't know a lot about, but also a world within it that a lot of people don't know about.

---

GRAHAM CLULEY. Really good. How many episodes is it, Geoff?

---

GEOFF WHITE. I think it was 6 or 8. It seemed like a limited run — it's not an ongoing one. So 6 or 8 in that season anyway, and they've got other seasons.

---

GRAHAM CLULEY. So that sounds very interesting. Cool, Carole, what's your pick of the week?

---

CAROLE THERIAULT. My pick of the week is the movie Tetris — not the game, though the game is awesome — but the movie currently streaming on Apple TV+. And this is probably not the type of movie I would watch just of having heard about it obliquely.

I would just assume it was for kids or like that Emoji Movie, Tetris the Movie. But my sister-in-law recommended it, and on the weekend during a lazy afternoon as it drizzled, we slapped it on.

And it's great. Our lead character is Henk — he's a Dutch-born gaming entrepreneur raised in the US and now living in Tokyo with his family.

That's where we kind of meet him in '88, and he is trying to sell a self-designed game at a convention, and it's a bust. And his failure leads him to another stall where a Russian game called Tetris is being peddled, and he's immediately addicted and starts a quest to find out how he can become part of its inevitable success.

So that's the story plot, and it's obviously based on a true story. Although that always bugs me — based on a true story — what does that mean?

You could tell me, Geoff, you have to use these terms. How based on the real story does it have to be to be based?

---

GRAHAM CLULEY. 1%? 10%?

---

GEOFF WHITE. There is tremendous creative license that you've got in that. The only thing that arbitrates about how much liberty you can take is what you can get away with with the audience. If you really think you're going to annoy them—

---

CAROLE THERIAULT. Yeah, the movie is great because it's all about trying to get licensing rights for the arcade, for the computer game, and the handheld devices that are soon gonna be hitting the streets. And Henk is— Henk, his name is H-E-N-K, right?

Henk. He's a beautifully computer nerdy, but also salesy and ballsy character. And he's disarming as well, so he's really interesting to follow. And you know, you've got all the greedy paws — you've got the Maxwell Empire trying to get its arm in there, you've got Nintendo, you've even got members of the KGB playing more comic light roles and some more serious ones. But everyone's trying to get their mitts on a piece of the Tetris pie because they know it's going to be huge.

---

GRAHAM CLULEY. And because when this came out, the Soviet Union still existed.

---

CAROLE THERIAULT. Yes, Gorbachev is still in charge. So it would be complicated, the intellectual property rights side of things, as to who's going to make money out of this.

Exactly, and obviously, it's Western scum capitalism. So anyway, it's 2 hours of great fun — I really, I was okay, we'll do it, we'll see, and I really, really enjoyed it. So did John, and it has super cute 8-bit graphics and some fab '80s fashion and tunes. So my pick of the week is Tetris streaming on Apple TV+. It gets 2 thumbs up from me.

---

GRAHAM CLULEY. Wonderful. Well, thank you very much, Carole, and thank you, Geoff. I'm sure lots of our listeners would love to follow you online, find you, find out what you are up to at the moment. What's the best way for folks to do that, Geoff?

---

GEOFF WHITE. As I said, LinkedIn is probably the best way now. I'm Geoff with a G, Geoff with a G and White the color. You'll find there all my stuff.

---

GRAHAM CLULEY. Super duper. And you can follow us on Twitter @SmashingSecurity, no G, Twitter doesn't allow us to have a G. And of course we also have a Mastodon account — look for us up there. And make sure never to miss another episode — you can follow Smashing Security in your favorite podcasts such as Apple Podcasts, Spotify, and Overcast.

---

CAROLE THERIAULT. Massive thank you to this episode's sponsors, Kolide, Outpost24, and Bitwarden. And of course, to our wonderful Patreon community — it's thanks to them all that this show is free. For episode show notes, sponsorship info, guest list, and the entire back catalog of more than 319 episodes, check out smashingsecurity.com.

---

GRAHAM CLULEY. Until next time, cheerio. Bye-bye, bye-bye, bye-bye. Thank you very much, Geoff.

---

GEOFF WHITE. No problem, no problem. We always get some interesting tips and interesting stories from you guys.

---

GRAHAM CLULEY. It's good. Well, you know, I'm interested in this Scam Interceptor show — that certainly sounds interesting. I mean, the Jim Browning videos in the past have been extraordinary sometimes.

---

GEOFF WHITE. They have, but I say, it's just this thing. I suspect the reason they— we don't know how they do it is because they don't want to tell us how they did it. But on the other hand, that does leave open the fact of, well, are you hacking? And I say, I'm pretty sure the BBC's lawyers' answer would be no, but it does raise this whole thing of it makes other people say, oh, will it be fine to do it because they're doing—

-- TRANSCRIPT ENDS --