This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.

---

---

CAROLE THERIAULT. Hello? Are you there? Okay, I've got my tea. What kind of tea are you drinking? I think it's just regular tea.

---

GRAHAM CLULEY. What we call builder's tea.

---

CAROLE THERIAULT. Yep.

---

GRAHAM CLULEY. Have you ever built anything in your life?

---

CAROLE THERIAULT. Lego?

---

GRAHAM CLULEY. Yeah, I don't know if that counts as an almost 50-year-old.

---

CAROLE THERIAULT. I've built up a podcast.

---

GRAHAM CLULEY. Have you on your own done that? Well done for you.

---

CAROLE THERIAULT. Well done you. Well done you. No, listen to what I said. Listen to the recording. I said with your help. That's what I said. You just jumped in too soon. Rewind. Rewind.

---

GRAHAM CLULEY. I built a podcast with your help.

---

UNKNOWN. Smashing Security, episode 100. One flippin' hundred. With Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security, episode 100.

---

GRAHAM CLULEY. My name is Graham Cluley.

---

CAROLE THERIAULT. I'm Carole Theriault. Carole.

---

GRAHAM CLULEY. Graham.

---

CAROLE THERIAULT. We made it. We made it through the rain.

---

GRAHAM CLULEY. It wasn't without its ups and downs. But, yeah.

---

CAROLE THERIAULT. 100. What an achievement. What a long way we have come.

---

GRAHAM CLULEY. Yeah, we should write a book about how to keep peace and how to finish a job without losing your shit.

---

CAROLE THERIAULT. I don't know if there is a finish line. With a podcast?

---

GRAHAM CLULEY. Well, there might be.

---

CAROLE THERIAULT. Really?

---

GRAHAM CLULEY. Let's see how this one goes.

---

CAROLE THERIAULT. You know, do you remember way back when, when we started?

---

GRAHAM CLULEY. We were once three.

---

CAROLE THERIAULT. Yes, we used to have Vanja with us. That was fun, wasn't it? Smashing Security 001. One cup, two hotel guests. And here are your hosts, Carole Theriault Vanja Svajcer and Graham Cluley. And, well, exciting time.

---

GRAHAM CLULEY. You're doing great. You're doing great. Carry on. It's really, it's riveting. It's riveting.

---

CAROLE THERIAULT. And then he mysteriously disappeared.

---

GRAHAM CLULEY. Well, because we kind of needed that foil, didn't we?

---

CAROLE THERIAULT. Yeah. It's good having guests. We don't have a guest this week. Because who's worth it?

---

GRAHAM CLULEY. I was just going to say, I mean, who would you choose?

---

CAROLE THERIAULT. You know? Yeah. So we won an award as well along the way.

---

GRAHAM CLULEY. We won an award.

---

CAROLE THERIAULT. We lost an award along the way too.

---

GRAHAM CLULEY. We lost an award.

---

CAROLE THERIAULT. Yeah. Yeah. It was your idea, of course, to do a podcast.

---

GRAHAM CLULEY. It was my idea. I'm surprised. You're saying that now, because about 10 minutes ago, you took full credit for it.

---

CAROLE THERIAULT. About 6.

---

GRAHAM CLULEY. And now you're trying to sound so magnanimous. Thank you very much, Graham. Yes, it was mine.

---

CAROLE THERIAULT. But what, when was that? About 6 years ago?

---

GRAHAM CLULEY. Well, if you remember correctly, I started a podcast when I worked at Sophos.

---

CAROLE THERIAULT. Oh, yes. Yes. Yeah. I was a guest on it.

---

GRAHAM CLULEY. I think you were my first guest.

---

CAROLE THERIAULT. Was I?

---

GRAHAM CLULEY. I think you might have been.

---

CAROLE THERIAULT. Oh, cool.

---

GRAHAM CLULEY. I don't even know if those episodes still exist.

---

CAROLE THERIAULT. I expect they're out there somewhere.

---

GRAHAM CLULEY. And then I stopped for a while.

---

CAROLE THERIAULT. Yeah.

---

GRAHAM CLULEY. And then I really wanted to get one when we decided to leave Sophos. I wanted just to start a podcast and you were like, oh, Krul, I'm going to be way too busy. I don't want to commit to anything. And then a few months went by and you missed me and you thought, I know how to get Krul back in my life is to play the podcast card.

---

CAROLE THERIAULT. I remember our meeting with Vanja at that cafe.

---

GRAHAM CLULEY. In Oxford.

---

CAROLE THERIAULT. In Oxford where we discussed it.

---

GRAHAM CLULEY. Mm-hmm. So, well, that wasn't that long ago, Graham. I'm glad you can remember it.

---

CAROLE THERIAULT. And I remember us discussing what we should call the podcast as well. Do you remember some of the alternative names other than Smashing Security? Because Smashing Security wasn't my favorite. I was outvoted, can I say.

---

GRAHAM CLULEY. Did you look this up?

---

CAROLE THERIAULT. No, I just remember it.

---

GRAHAM CLULEY. Do you really? I don't remember any of the names.

---

CAROLE THERIAULT. I remember my pro— well, I don't remember all of the suggestions, but I remember—

---

GRAHAM CLULEY. Okay, give me some, give me some.

---

CAROLE THERIAULT. I'm, well, when I say I don't remember all of them, I only remember the one I actually wanted.

---

GRAHAM CLULEY. Okay. Which was?

---

CAROLE THERIAULT. Which was, I thought, very clever. I really liked the idea of The Safe Word. Do you see what I've done there?

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. It's a little bit sexy, but it's also a little bit security, a little bit passwordy. I thought that was clever.

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. Is it too late to change it?

---

GRAHAM CLULEY. Bit mucky. Bit mucky. I don't know. Maybe now actually we should change our name.

---

CAROLE THERIAULT. Because then, you know, It could be about anything, couldn't it? If it's the safe word. Yeah.

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. Someone else is going to pinch that now.

---

GRAHAM CLULEY. Well, yes.

---

CAROLE THERIAULT. Start their own one.

---

GRAHAM CLULEY. It's a good name. But Smashing Security without the G, you wouldn't have, we wouldn't have our Twitter joke every show.

---

CAROLE THERIAULT. No, no, that's true.

---

GRAHAM CLULEY. Right? And that's very important.

---

CAROLE THERIAULT. It is, yes.

---

GRAHAM CLULEY. We've even made a t-shirt with it, you know, so.

---

CAROLE THERIAULT. Well, we've got mugs. We don't have a t-shirt at the moment. We have mugs and we have a pic. In fact, I am drinking right now. From a Smashing Security mug. I've got a cup of tea here to celebrate with you.

---

GRAHAM CLULEY. Do you know what? I am drinking from a wine glass.

---

CAROLE THERIAULT. Right.

---

GRAHAM CLULEY. Because I'm having a glass of wine to celebrate our 100th.

---

CAROLE THERIAULT. Is that safe?

---

GRAHAM CLULEY. Well, we'll find out. So cheers to everyone.

---

CAROLE THERIAULT. Cheers.

---

GRAHAM CLULEY. Hey, Graham.

---

CAROLE THERIAULT. Hello. Hello.

---

GRAHAM CLULEY. I need some advice. Yes. I need some advice. I use a cloud service. I put all my files and data up there, and I'm kind of nervous about prying eyes looking at it. Any advice?

---

CAROLE THERIAULT. Yeah, you've got to encrypt it.

---

GRAHAM CLULEY. Before I load it up?

---

CAROLE THERIAULT. Well, I would recommend so, because any file which you put on Dropbox or Google Drive or OneDrive or those other cloud services, it could be accessed by that company or indeed law enforcement or any hacker who broke into your account. So what I would recommend is use a piece of software like Boxcryptor. It's what I run on my computer, and any file before it gets uploaded to those cloud services gets encrypted with my own keys, which I control.

---

GRAHAM CLULEY. Ah.

---

CAROLE THERIAULT. So the cloud service itself can't see the contents of the files which I'm putting on the cloud drive. It's all encrypted.

---

GRAHAM CLULEY. Cool, I'll check it out.

---

CAROLE THERIAULT. Go to Boxcryptor.com, and thanks to Boxcryptor for supporting the show this week. Many of us have worked in big companies, right? And we know that it only takes one person to make a boo-boo to allow the hackers in. Imagine running a company, hiring new staff, and worrying that one of them might bring their bad password habits into the office. Horrendous nightmare. That's one of the reasons why businesses small and large need a password management solution like LastPass Enterprise. LastPass brings a vast array of features for enterprise users, including company-wide policies, reporting, user groups and roles, and new support for Microsoft Active Directory. As an administrator, you can create highly secure passwords for your new starters right from the onset. Means no snafus. Listeners can check it out for themselves by visiting lastpass.com/smashingsecurity. No more password snafus, no more Boo-Boos, just LastPass. Well, Carole, my story this week is about the company Yale. Are you familiar with Yale? As in Yale locks?

---

GRAHAM CLULEY. Yes. I mean, I'm familiar with them like everyone is. Like, I probably have one and don't even know it.

---

CAROLE THERIAULT. Are they just a British company or are they—

---

GRAHAM CLULEY. No, no. I certainly knew them before I moved here. Yeah.

---

CAROLE THERIAULT. Oh, okay. All right. So, yeah. Okay. So people know them elsewhere.

---

GRAHAM CLULEY. Well-known name. Yeah, right.

---

CAROLE THERIAULT. Well, they don't just make keys and physical locks anymore. They also make a range of smart home security devices driven by smartphone apps. How cool is that? It means you can set your burglar alarm, remotely unlock your front door, check CCTV cameras to make sure that your goldfish is eating while you're on holiday, all those sort of things from far, far away. Absolutely marvelous. Nothing at all can go wrong. With that, right?

---

GRAHAM CLULEY. I don't know how people can tie IoT to their, their actual physical security in these— today, today. I'm sure one day we're all going to do it and this is going to seem— but right now it seems crazy to me.

---

CAROLE THERIAULT. It's 2018, people love this kind of thing. And just after 4 o'clock in the afternoon last week, on Wednesday, Yale tweeted that they were performing some unplanned network maintenance. And the customers may experience connection issues.

---

GRAHAM CLULEY. Okay. So they warned their clients, we're doing something, watch out if there's any glitches.

---

CAROLE THERIAULT. Yes, yes. If you're the sort of person who actually follows the Twitter account of your front door lock, then you would have seen this.

---

GRAHAM CLULEY. So they tweeted, they tweeted, they didn't send a letter, an email or anything like that?

---

CAROLE THERIAULT. No, no, no, nobody sends letters.

---

GRAHAM CLULEY. So one tweet went out.

---

CAROLE THERIAULT. This was unplanned network maintenance crawl. You know what that is code for, don't you?

---

GRAHAM CLULEY. Wah wah.

---

CAROLE THERIAULT. It means ah ooga, ah ooga. Exactly. What the fuck is happening? Yeah. You need to fix this pronto. Like they found a big problem, right? Mm-hmm. And of course, 4:00 PM, that's when kids start returning home from school, isn't it? Yeah. And you can imagine—

---

GRAHAM CLULEY. Oh yes, we're talking about door locks, not Twitter, of course.

---

CAROLE THERIAULT. Right, right.

---

GRAHAM CLULEY. So they're, okay, so kids are coming home from school.

---

CAROLE THERIAULT. Kids are coming home from school.

---

GRAHAM CLULEY. Planning to put in their code.

---

CAROLE THERIAULT. Or maybe they've, you know, oh, I've forgotten my door key or something, or my my fob, you know, and I'll just text mum and get her to remotely unlock the front door, you know, so I can get in. And it's not that long before, uh, parents will be coming back from work as well, you know, commuting back after a hard day's work. Or what if you were running an Airbnb property, for instance? Maybe you've got one of these things in place. Well, their unplanned network maintenance had something of an impact. Um, when they talk about connection issues, users began to complain that they were unable to open or lock doors with that app or disable alarms.

---

GRAHAM CLULEY. So people weren't able to get out of their houses and people were able to get in?

---

CAROLE THERIAULT. This is the thing. There are people who tweeted and saying, I'm stuck in my home because of this. Now, I think that was a little bit misleading because—

---

GRAHAM CLULEY. Because you're thinking there's sliding doors, there's back doors, there's garage doors.

---

CAROLE THERIAULT. Even if you have a smart lock on your front door, there's always a physical handle, which will allow you to get out because of fire and things like that, right? It's not going to prevent you from getting out of your house if you want to, but there may have been people who felt like they had to stay in the home because they couldn't set their alarm with their app. So that may have been why they were complaining that they were stuck inside. I don't really believe this, they were physically stuck inside. You may remember we did a story about a hotel in Bavaria or somewhere, which got hit by ransomware. And they, there was a claim that guests got stuck in the hotel rooms and we were quite skeptical of it way back when in the early days of Smashing Security. By 7 o'clock, so 3 hours later, things were taking a turn for the worse because Yale then tweeted that they were working to fix the app, but while we've been doing that, we've been— we've experienced an unforeseen issue and now the app is temporarily unavailable. Oh dear. And so you couldn't access the app at all. So things have deteriorated. And as a consequence, if people were reliant on the app, they couldn't unlock doors or they couldn't change their alarms.

---

GRAHAM CLULEY. Do you happen to know if all the locks actually have a key insert section? Like they're all manually overridable?

---

CAROLE THERIAULT. So what I think these locks have and what the— is you normally have like a key tag or a key card.

---

GRAHAM CLULEY. Yeah, like a hotel.

---

CAROLE THERIAULT. Or you may have a PIN code which can override or turn off an alarm. But the problem is, Many people won't carry those kinds of things around with them.

---

GRAHAM CLULEY. When they get used to having the technology work every day.

---

CAROLE THERIAULT. Right. Or if you're a kid and you've forgotten your key fob and you left it in your bedroom or something like that, and you're just going to text your mum and say, "Can you remotely unlock the house for me so I can get in?" Or it's an Airbnb-style property where you don't give people the thing, but you say, "Look, as soon as you get there, text me and I'll unlock the door for you." So this was just, this was a serious inconvenience. Oh yeah. And there were customers moaning left, right, and center. There's a guy called Paul Morgan, for instance. He told Computer Business Review that due to the app not working, he couldn't gain entry to his house. 4 people, he said, lived in the house. 2 of them have got key fobs, which aren't affected by the outage, but both of them were out of town. And, you know, he just assumed that it could be relied upon to work. And it's like, you know, Well, he should listen to our show more often. Well, you know what? I kind of agree with you. I mean, obviously—

---

GRAHAM CLULEY. We've only done 100 of them, for God's sake.

---

CAROLE THERIAULT. Obviously it's not good what happened with Yao, but I also think, what were these people thinking? How are these people planning to enter their properties if their phone was ever lost or broken or simply ran out of battery? Were they planning to keep a fully charged phone with the app installed underneath their flower pot? Like you would with a key.

---

GRAHAM CLULEY. It's just a plan B, right? It's just, that's what you want with these new technologies. It's like, okay, great, you want to adopt it, you've read all the risks, go for it. But you know, if it doesn't work, what's plan B?

---

CAROLE THERIAULT. Yeah.

---

GRAHAM CLULEY. Like, why wouldn't they have a key, you know, in a lockbox somewhere?

---

CAROLE THERIAULT. You'd need a key to unlock the lockbox, Carole, wouldn't you, to get to your key?

---

GRAHAM CLULEY. No, lockboxes are, no, they're done with passcodes as well. So you could have 1, 2, 3, 4.

---

CAROLE THERIAULT. Oh, good one. Yeah, you can tell everyone that. Nice one. Have you learned nothing?

---

GRAHAM CLULEY. Well, you know, my pretty little head, so crammed with dresses and pretty things.

---

CAROLE THERIAULT. So Yale's response is no one should be locked out of their house this end because you should have a spare key fob or know the PIN or something like this. But—

---

GRAHAM CLULEY. Right. But you didn't give us 10 key fobs and 10 people live in the house, for example.

---

CAROLE THERIAULT. And furthermore, if you're carrying around a key fob with you, isn't that just the fricking same as carrying a key? You know, it takes up as much room. The whole purpose, I presume, of having an IoT lock is that you don't have to carry so much around with you because you've got it on your smartphone. So I have some sympathy with Yale, but I do think people haven't entirely thought this through. They thought this is a really cool thing. Mechanical locks actually have some big advantages, right? They don't fail because the cloud has gone down, or they don't fail because there's been a power cut. And the big benefit is you need to be physically present at the lock when you want to unlock it rather than someone remotely doing it.

---

GRAHAM CLULEY. You know, totally. But I suppose the appeal, one of the mega appeals, is that you can just go around with your phone, you know, you use contactless, you know, and you use an app to buy everything. You can unlock your house and car with your phone. You know, you can find everything so you don't have to carry keys. And right now that's annoying.

---

CAROLE THERIAULT. But if you only rely on the phone, it's a single point of failure. So if your battery does run down, or—

---

GRAHAM CLULEY. Totally understand that. I'm just saying that's what the appeal is, right?

---

CAROLE THERIAULT. Yes, that's the appeal.

---

GRAHAM CLULEY. That's the appeal. But you know, not having a plan B, disasters. In these situations. Yeah. This is just an example of how it can suck.

---

CAROLE THERIAULT. Another reason though, Carole, why you don't want to— this is me urging you to never get a smart lock. Not that I suspect you're planning to get one. Right. Well, you have an internet-enabled thermostat though, don't you? Or something like that.

---

GRAHAM CLULEY. We do. We do.

---

CAROLE THERIAULT. How's that working out?

---

GRAHAM CLULEY. Well, it's pretty good so far. I do think there are some issues with it. I mean, I can see, but I also have a failsafe. Right?

---

CAROLE THERIAULT. Oh, do you? Oh, what, you can just twiddle it?

---

GRAHAM CLULEY. No, I've got a fireplace.

---

CAROLE THERIAULT. Oh, good one.

---

GRAHAM CLULEY. Thanks.

---

CAROLE THERIAULT. Well, I'll tell you another reason why a physical lock is a good thing. Because yes, a burglar can break down, smash your door if they really want to gain access to your property, but that is going to leave physical damage, right? And physical damage is actually something you want because that is something which you can use as proof to your insurers there was forced entry. So when you claim that your video recorder or your Nintendo DS has been stolen or whatever, you can say, oh no, no, no, it's not me putting them on eBay. You know, these were actually stolen. If you have a smart lock, there aren't going to be any clues like that, are there? Mm-hmm.

---

GRAHAM CLULEY. Mm-hmm.

---

CAROLE THERIAULT. So there you go, folks.

---

GRAHAM CLULEY. That's a very good point.

---

CAROLE THERIAULT. Yeah. Thank you very much. Well, it isn't the first time smart systems have failed, of course, way back in episode 38. Yeah.

---

GRAHAM CLULEY. I was just going to say, we've talked about these before.

---

CAROLE THERIAULT. Yeah. There were some smart locks then, which were bricked after receiving a duff over-the-air firmware update. And there was an outage at Amazon Web Services last year, which prevented people from being able to turn on their lights and control their locks.

---

GRAHAM CLULEY. You see, you see, I should never have gotten this internet-enabled fricking heat thing.

---

CAROLE THERIAULT. Imagine not being able to turn it on.

---

GRAHAM CLULEY. I got talked into it by my husband. It's so cool, Carl. He went on for a year about how we should get it. I really, I held off for a year.

---

CAROLE THERIAULT. I know your husband and I suspect he wants to. Make it a little bit hotter at home, if you know what I'm saying.

---

GRAHAM CLULEY. Well, thank God it's not his anniversary today.

---

CAROLE THERIAULT. It's not just his pelt keeping him warm. He also—

---

GRAHAM CLULEY. It's just Smashing Security's birthday, not his.

---

CAROLE THERIAULT. Well, once again, episode 100. Why would we finish any other way than to say IoT, not always the best thing?

---

GRAHAM CLULEY. We didn't. We're not finishing.

---

CAROLE THERIAULT. Hmm?

---

GRAHAM CLULEY. We're not finishing.

---

CAROLE THERIAULT. Not yet.

---

GRAHAM CLULEY. We've got a lot more content coming up.

---

CAROLE THERIAULT. Have we?

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. Well, what have you got for us this week?

---

GRAHAM CLULEY. Well, it is our 100th episode, and we are two happily married cool cats. Thank God married to different people.

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. So I thought a virtual swim in the dating pool might be fun.

---

CAROLE THERIAULT. Oh, hello.

---

GRAHAM CLULEY. So first, do you think opposites attract? Like, what's the story with you and Mrs. Clueley?

---

CAROLE THERIAULT. Me and Mrs. Clue?

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. Um, well, you know, um, she's got everything a man could want, you know, so like hairy chest, muscles, you know, it's like nice.

---

GRAHAM CLULEY. She's gonna love you.

---

CAROLE THERIAULT. She doesn't listen. She doesn't listen.

---

GRAHAM CLULEY. Yeah, you know what, I'm doing a test with my husband too because we're very similar, my husband and I, as you know. We're two peas in a pod, right? We're both quiet thinkers, introverted, shy. He's a little bit bigger than me, being a ginormous beef bus of a man, but otherwise, right, we're the same, right?

---

CAROLE THERIAULT. Yeah, you're quite smart. Yeah.

---

GRAHAM CLULEY. Now we've all heard of dating sites for the rich, right? Or for the beautiful, or for the insert religion here. But say hello to a new one that's focused on a relatively new group, and that is the group of Donald Trump supporters.

---

CAROLE THERIAULT. Ah, that particular gene pool. Yes, it'd be good if they started dating, wouldn't it?

---

GRAHAM CLULEY. It seems, it seems that Donald Trump supporters may be facing a little dating problem. No one wants to date him.

---

CAROLE THERIAULT. What?

---

GRAHAM CLULEY. A 2017 Tinder survey kind of supports this. It says 7 out of 10 would kick a date to the curb if they had misaligned political views.

---

CAROLE THERIAULT. Yes, but that's not just true of Trump supporters. I mean, Trump supporters presumably don't want to date a Democrat either, do they?

---

GRAHAM CLULEY. Sure, sure. But maybe they're having trouble finding themselves, or maybe they live in a very small town right out in the middle of nowhere and they're trying to online date, and there's a lot of people out there that that are a little bit mean to them.

---

CAROLE THERIAULT. Yeah, okay, right.

---

GRAHAM CLULEY. All right, now thankfully there's an answer, okay? There's a dedicated Trump supporter dating app which launched last week. This is called Donald Daters. Their slogan, their slogan, get ready folks, make America date again.

---

CAROLE THERIAULT. That's quite clever actually. Okay, I don't love the name Donald Daters. I'm not sure that— no, sort of increases my ardor in any way or romance, but Make America Date Again. That's all right. Okay.

---

GRAHAM CLULEY. Quote from their website: Without bias, judgment, or liberal intolerance, with the free Donald Daters app, you have the power to quickly find the right partner near you.

---

CAROLE THERIAULT. All right.

---

GRAHAM CLULEY. See what they did there?

---

CAROLE THERIAULT. Yeah, I got it. It's Alexei, right?

---

GRAHAM CLULEY. Now, how is someone to test a lady's true support for the Donald? Grab them by the pussy? I mean, really, I suppose it would be a good way to show your support for misogyny.

---

CAROLE THERIAULT. Oh, crow.

---

GRAHAM CLULEY. I digress, I digress, I digress. So Donald Daters was the brainchild of Emily Moreno. She was a former campaign aide to Florida Senator Rubio.

---

CAROLE THERIAULT. Oh yes, little Marco.

---

GRAHAM CLULEY. She told Fox News, for many young Trump supporters, liberal intolerance has made meeting and dating nearly impossible. Support for the president has become a deal breaker instead of an icebreaker. So no PR help there.

---

CAROLE THERIAULT. Yes. If they're suffering from romantic challenges because of their support for the Donald, there might be another solution to this rather than just getting the app. Just putting it out there. You know, if they're getting a lot of feedback saying, uh, no, you know what? No, thank you. Hmm. Interesting. All right.

---

GRAHAM CLULEY. So Moreno wants Monero, right? And see what I did there. I've worked on that one. So Moreno wants Monero, and she launches this Donald lovers dating app. And things kicked off with some fanfare, presumably due to its inflammatory name, Donald Daters, and political ties, right?

---

CAROLE THERIAULT. Yep.

---

GRAHAM CLULEY. The dating app launch got decent amount of press coverage from the likes of Fox News and Newsweek and others.

---

CAROLE THERIAULT. Does this app also give you tips on how to have a more successful date? You know, like, topics to discuss.

---

GRAHAM CLULEY. Wear your Make America Great Again hat.

---

CAROLE THERIAULT. Exactly. Walls.

---

GRAHAM CLULEY. Yeah. A red scarf always goes a long way.

---

CAROLE THERIAULT. It does. His goes a long way, doesn't it? I mean, you know, how to do your hair nicely for a date, that sort of thing. I mean, who would—

---

GRAHAM CLULEY. Where the best tanning salons are.

---

CAROLE THERIAULT. Are you actually serious? Is this actually a real app or is this a joke?

---

GRAHAM CLULEY. Yes, this is a very real app. Now, see where we are now, right? The app is launched, the press lapped it up.

---

CAROLE THERIAULT. Of course they would write about it. Yes.

---

GRAHAM CLULEY. And a few measly hours later, TechCrunch, Motherboard, and other security or technology-related publications report that the app has 1,600 users and counting so far.

---

CAROLE THERIAULT. Okay.

---

GRAHAM CLULEY. And the question is, how do they know that? Because it wasn't a big celebratory tweet from the Donald daters. No, it was a huge privacy blunder uncovered by Robert Baptiste.

---

CAROLE THERIAULT. Oh, hello, ding dong.

---

GRAHAM CLULEY. Robert Baptiste is a security researcher who tweeted that DonaldDaters effectively had piss-poor data privacy and security in place. Now, he tweeted this via his Elliot Alderson Twitter handle. Okay, this is a nod to the Mr. Robot main character. And Baptiste tweeted, hi @FoxNews and @RealDonaldTrump supporters, you should not use this app. In 5 minutes, I managed to get The list of all the people registered, names, photos, personal messages, token to steal their session. Ouch. In other words, Robert claims to have the names, photos, and tokens of the 1,600 or so registrants on this pro-Trump dating site. And the full tweet thread actually, Graham, is rather juicy. This guy has been working it like mad. I doubt he has slept since Monday. So he's tweeted things like, currently there are 1,607 users in the application and 128 rooms.

---

CAROLE THERIAULT. So what's a room? What's it?

---

GRAHAM CLULEY. I don't know. I guess from what I saw on the website, there's a room where you can go and chat, right? Like you're like-minded. You're like-minded Trump supporter.

---

CAROLE THERIAULT. Welcome to the room. Let's talk.

---

GRAHAM CLULEY. Red door.

---

CAROLE THERIAULT. Red door.

---

GRAHAM CLULEY. Choose the red door. He directly tweeted Emily, goading her to reply with like a hi. He created a video to prove his findings, or to attempt to prove his findings. And Baptiste says at one point, that's the whole point, hire competent programmers. So the driver in here seems to be clean up your backend, Donald Daters. Um, now Baptiste has since tweeted that the vulnerability has been closed.

---

CAROLE THERIAULT. It's filthy.

---

GRAHAM CLULEY. Well, you're— it's your mind that's filthy.

---

CAROLE THERIAULT. It's just vulgar. Carry on. Carry on.

---

GRAHAM CLULEY. Since tweeted that the vulnerability has been fixed and congratulated Emily for the quick response, right? But was it quick enough? There is that saying, you live and die by the sword, right? And the same goes for PR. You launch something with mega media appeal, like a site called Donald Daters, and you better get it right. Because any faux pas is going to be much juicier to the press.

---

CAROLE THERIAULT. It's an interesting theory, Krill, and it's one which I would have ascribed and agreed with prior to 2016. However, I think recent experience has shown that you can get things massively, massively wrong or incorrect and not be punished at all. In fact, you can go from—

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. You can carry on seemingly without a care in the world with nothing happening to you.

---

GRAHAM CLULEY. Nothing at all.

---

CAROLE THERIAULT. So the press is irrelevant, right? This is all fake news. What does it matter? 'Who cares the app was rubbish? Now it's brilliant. Stop being so negative.' It's a great app.

---

GRAHAM CLULEY. It's the best app I've ever seen. Everyone should use this app. I endorse this app. Okay, now there's another issue here. And that is that Robert went nuclear on this site's incompetence. It seems that rather than telling them privately, and getting Donald Daters to fix the vulnerability before shouting publicly about it, he went straight for the PR jugular and started tweeting and leaking out little bits and bobs of information.

---

CAROLE THERIAULT. Oh really? Yeah.

---

GRAHAM CLULEY. So it's a hard one because on one side, it is really shameful that a site that, let me tell you this, on their FAQ, on their FAQ, they say, question number 2 is, is my information kept private on DonaldDaters? The answer: yes, all your personal information is kept private. We encourage safe online dating, so please be sure not to share any private information on your profile before vetting anyone you may be interested in meeting in your community. They don't say anywhere we're gonna leave, leave this open for everybody to come and sniff at.

---

CAROLE THERIAULT. Well, they obviously created the app with the best intentions. They had no clue as to what they were doing. That's the problem. It's a bit like—

---

GRAHAM CLULEY. speculating. I hope you're right.

---

CAROLE THERIAULT. It's a bit like the lock company deciding, oh, we're now going to be a software company, rather than a software company saying, who may have some background in security, saying, we're going to become a lock company. Sometimes these things are the wrong way around. These guys obviously saw a problem.

---

GRAHAM CLULEY. Okay, by that argument, you're saying, hey, Facebook, you're an excellent internet company. Why don't you do dating stuff?

---

CAROLE THERIAULT. Well, which they've done.

---

GRAHAM CLULEY. Which they've done. And hasn't that gone well, Graham? I'm just gonna have a little sip here. Hold on. Happy 100th, by the way.

---

CAROLE THERIAULT. Happy 100th, by the way. Yeah, I finished my tea. I'm afraid I haven't got any more here, but yeah. Yeah, it's— the news is full enough of data breaches and you would like to think that they, before going live, before doing the big push and getting Forbes and Mashable to write about the app, they would—

---

GRAHAM CLULEY. They do a bit of testing.

---

CAROLE THERIAULT. They get some competent people. I'm sorry, my voice has gone so high pitched.

---

GRAHAM CLULEY. It's either the wine It's almost as bad as mine. Or the shock, right? The shock that in 2018, a website that deals with personal and private information at a launch wouldn't have checked their backend.

---

CAROLE THERIAULT. Including people's messages. Yes, don't keep mentioning that. Including the private messages that they would be sending each other, which could be quite flirtatious, couldn't they?

---

GRAHAM CLULEY. What would a Trump supporter say to another Trump supporter? Um, if they thought, we're alone now, right? Let's cue Tiffany. Cue Tiffany. I think we're alone now.

---

CAROLE THERIAULT. Fancy coming back to my place for an impeachment? Boom boom boom boom.

---

GRAHAM CLULEY. I'm sure I could have done better than that, but I don't think I got Comey.

---

CAROLE THERIAULT. Comey.

---

GRAHAM CLULEY. Yes, Comey over here, baby.

---

CAROLE THERIAULT. Very good. That's good. Very good.

---

GRAHAM CLULEY. Mullah yogurt, anyone?

---

CAROLE THERIAULT. It's a bit kinky.

---

GRAHAM CLULEY. Hey, Graham, you were talking about Brox Scripter earlier.

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. What about price? Is it super expensive?

---

CAROLE THERIAULT. Oh no, it's free for non-commercial use. And if you have a company and want to take advantage of some of the enterprise features, and obviously you spend a little bit of money, but they have flexible licenses as well. But your data is encrypted before it reaches the cloud, works with lots of cloud services, and it's cloud security made in Germany. And that's cool, isn't it?

---

GRAHAM CLULEY. Yeah! Thank you, Boxcryptor.

---

CAROLE THERIAULT. Boxcryptor.com, go and check it out.

---

GRAHAM CLULEY. Hey Graham.

---

CAROLE THERIAULT. Hey Carole.

---

GRAHAM CLULEY. I have a question for you about these password manager things you keep talking about.

---

CAROLE THERIAULT. Alright, go on then, shoot.

---

GRAHAM CLULEY. What happens if you forget your master password? What are you going to do about that?

---

CAROLE THERIAULT. Oh, you think you're really clever, don't you?

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. You think if you've forgotten your master password, you can't access any of your other passwords anymore. Well, piff-paff-poof, Carole, because if you're running LastPass Enterprise, you can integrate your password manager with Microsoft Active Directory. And that means the same password that your employees are already comfortable with using to log into your system will unlock everything. It will unlock their passwords, it will unlock their work, It makes it super easy to bring LastPass into your enterprise.

---

GRAHAM CLULEY. Seriously? And it's still super safe?

---

CAROLE THERIAULT. It's still super safe. Wow! That's kind of cool. It's a great way of getting new employees using passwords safer and more securely.

---

GRAHAM CLULEY. Rock on, LastPass, I say.

---

CAROLE THERIAULT. And Carole, if you, or indeed our listeners, want to try it for themselves, all they need to do is go to lastpass.com/smashingsecurity. And welcome back, and you join us at our favourite time of the show. It's the part of the show that we like to call Pick of the Week.

---

GRAHAM CLULEY. Pick of the Week. It's not our 100th Pick of the Week.

---

CAROLE THERIAULT. No, we didn't have them from the very beginning, did we?

---

GRAHAM CLULEY. No, you see how the show evolved. Maybe in the next 100.

---

CAROLE THERIAULT. It's when we fattened up. It's when we went from 20 minutes to about 45 minutes.

---

GRAHAM CLULEY. Thinking it wouldn't add anything to our workload. Ah, remember the naivete.

---

CAROLE THERIAULT. For some people, this may be their very first episode, so we should explain what Pick of the Week is. It's the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they like. Doesn't have to be security related necessarily.

---

GRAHAM CLULEY. Should not be ever security related, though I think both of us have broken that once in a while.

---

CAROLE THERIAULT. Occasionally.

---

GRAHAM CLULEY. Very rarely.

---

CAROLE THERIAULT. But not this week.

---

GRAHAM CLULEY. Not this week.

---

CAROLE THERIAULT. My Pick of the Week is not security related. My Pick of the Week is A birthday. Someone who is celebrating.

---

GRAHAM CLULEY. Ours?

---

CAROLE THERIAULT. No.

---

GRAHAM CLULEY. Oh.

---

CAROLE THERIAULT. Blue Peter, British television institution, is 60 years old. 6-0. And that is quite an achievement. It's a British TV show. Probably don't see it elsewhere in the world, so this won't mean much to people. But the thing which I actually wanted to direct people to, because I know we have a lot of British listeners, is a poem. Performed by none other than Tony Walsh, who some of you may know because he famously performed a poem called "This Is the Place" after the Manchester Arena bombings. A fantastic poem. Tony Walsh, also known as Longfella, has put together a little poem celebrating Blue Peter. And if you are of a certain age, or if you grew up with Blue Peter and you've enjoyed some of their last 5,000+ episodes, Wow. Yeah, you might. Yeah, it makes us seem like small fry. You might get a little bit of—

---

GRAHAM CLULEY. physically small.

---

CAROLE THERIAULT. You might get a little bit of grit in your eye when you listen to this and you see the footage. It's rather wonderful.

---

GRAHAM CLULEY. You trying to pretend you have a heart. So this is lost on me, having not grown up in the UK and having come to the UK after Blue Peter, you know, of the age.

---

CAROLE THERIAULT. I would be interested, Carole, if you were to click on the link which I've included in the show notes there. And if you watched it, what kind of impact it might have on you. Now it's about 8 minutes long.

---

GRAHAM CLULEY. Oh, great.

---

CAROLE THERIAULT. I'm not saying watch all of it now. We each have our Blue Peter. It's dependent on our age. From being small to growing tall, then—

---

GRAHAM CLULEY. Oh, inspirational music.

---

CAROLE THERIAULT. —it's that age. Oh yeah. So are these your time's presenters then? Or these guys? Maybe those? Is your here and near or nearer yesteryear? The Early Show.

---

GRAHAM CLULEY. Hello there. Hello.

---

CAROLE THERIAULT. Because since 1958, it's been a fixture in our lives, and now 6 long decades later, it still lives and breathes and thrives. And so for 60 years of mums and dads and countless boys and girls, it is the longest-running children's TV program in the world. From a jolly different brick in a world of black and white to this technical that the internet ignites. It's a diary, it's a record, it's a time capsule unsealed. So here's one we made earlier. Let's see what is revealed. Blue Peter, I'm afraid, isn't what it was. I'm a Peter Purvis, John Noakes— ah, John Noakes— Valerie Singleton, Leslie Judd kind of guy. That was my era of Blue Peter, and the last 6 years or so, it's not even shown on the main BBC channel anymore. It's been siphoned off to the BBC's children's channel and You know, they don't— it's not really the institution which it once was.

---

GRAHAM CLULEY. Sadly, you have a crush on a Blue Peter presenter.

---

CAROLE THERIAULT. Ah, this is what's going on. Not— well, there was an incident with me and a Blue Peter presenter.

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. What? What? I can't remember. It was a Blue Peter— I'd forgotten about this— the Blue Peter presenter called Janet Ellis, who is the mother of Sophie Ellis-Bextor.

---

GRAHAM CLULEY. Yes. A British pop star who's famous for looking like a cat.

---

CAROLE THERIAULT. And Janet Ellis is quite adorable.

---

GRAHAM CLULEY. It's nice and furry.

---

CAROLE THERIAULT. And I once chopped Janet Ellis's arm off on stage with a magic trick with a guillotine.

---

GRAHAM CLULEY. Yeah, it's good that you put the magic in there late in the sentence.

---

CAROLE THERIAULT. But that is as close as I've ever got to Blue Peter. But anyway, for many British people, it is a part of their growing up. And I think Even if the show isn't as beloved by the BBC as it once was, I think 60 years is tremendous. So I am actually choosing Blue Peter as my pick of the week rather than the return of Doctor Who, which has also been rather magnificent in the last week or two. But there you are. Oh, so that's, that's what I'm—

---

GRAHAM CLULEY. put that in there.

---

CAROLE THERIAULT. That's what I— that's, that is my pick of the week. Go and check out, it's actually the poem. That's my pick of the week. The poem by Tony Walsh. Go and check it out. It's wonderful.

---

GRAHAM CLULEY. There you go, that's a bit more timely. Thank you, Carole. So my 100th pick of the week— oh no, it's not my pick of the week. Yes, as you know, I've started off talking about, you know, Donald daters. I thought, why get off the political train now?

---

CAROLE THERIAULT. Yeah, it's not like talking about Donald Trump hasn't got us our fair number of bad reviews. Yes, on iTunes in the past. So let's carry on doing this.

---

GRAHAM CLULEY. Maybe we will get some positive reviews to counter the upcoming reviews we will get because we talked about this. Who knows? It is our 100th episode after all. Yes. Um, so I am showcasing a new song called A Scary Time, written by a US-based dance teacher, so not someone big celebi, called Lindsay Lab. And I choose it because it is super cute and catchy as shit. It is very timely, hashtag MeToo.

---

CAROLE THERIAULT. By the way, I don't think shit is that catchy.

---

GRAHAM CLULEY. If someone throws some shit at you It'll stick to you, honey.

---

CAROLE THERIAULT. Okay, okay, fair enough. All right. Sticky as shit rather than catchy as shit then. All right, fine.

---

GRAHAM CLULEY. You mean you're not gonna put your hands out? Go, yeah. Probably not. What are you gonna do? Back away?

---

CAROLE THERIAULT. Just put up an umbrella or something. I keep one on me along with my IoT key fob.

---

GRAHAM CLULEY. The song is kind of cheeky, but it drives home a really important message. And basically, any listeners out there, who want to relate better to women should have a listen. I can't walk to my car late at night while on the phone. I can't open up my windows when I'm home alone. I can't go to the bar without a chaperone. I can't wear a miniskirt if it's the only one I own. I can't use the elevator after 7 PM. I can't be brutal. You love it. I love it. So So, so you, what have you learned about women? Just as a, just interested.

---

CAROLE THERIAULT. I found out, well, maybe I already had a hint of this, that it's, it's not great being a woman all the time.

---

GRAHAM CLULEY. Oh, actually, no, it's pretty great being a woman most of the time.

---

CAROLE THERIAULT. Is it really? Yeah. Apart from the men? Yeah.

---

GRAHAM CLULEY. It's not all men. Not all men. Just specific men. Just a tiny, tiny, tiny proportion of men.

---

CAROLE THERIAULT. So there might be like one.

---

GRAHAM CLULEY. A few rotten apples.

---

CAROLE THERIAULT. Right. So then there may just be a few men in your life who you have to interact with who are a complete pain.

---

GRAHAM CLULEY. No, I'm saying hurrah to all the good apples out there. Graham, you know what side you're on. Oh yeah. Right?

---

CAROLE THERIAULT. Yeah, totally.

---

GRAHAM CLULEY. You're not rotten, are you?

---

CAROLE THERIAULT. No, no, no. I'm woke, man. You're woke? Yeah. Isn't that what they say? I love this video and this song, um, because it's clever. The words are clever. It's beautifully sung. The melody. It's satirical, a little twist in the end. And you think, oh, she didn't really mean all those things she was saying. And yeah.

---

GRAHAM CLULEY. Oh yeah. Did you need to get to the end? Did you need to get to the end to get the message? Because now everyone who's listening needs to go listen to this song just to marvel at how long it took Graham to figure out the song's meaning.

---

CAROLE THERIAULT. And on that note, it's almost time to say farewell for this 100th episode of Smashing Security. It's been a ride. We've got to thank some people. We do. Let's thank everyone. I think we need to. Why don't we thank all of our guests? Every single one of them. Every single one. Alex, BJ, Dan, Dave, David, David, David, Duck, Geoff, Iain with an I, Iain without an I, James, Javad, John, John, Kevin, and Lisa.

---

GRAHAM CLULEY. Maria, Martin, Michael, Miko, Nick, Peter, Phil, Bob. I was gonna say Phil Fobb. Phil, Bob, Rich, Scott, Tommy, Troy, and of course, Fanya. Who? Who's that?

---

CAROLE THERIAULT. I've never heard of him. We need to thank the celebrities who we wanted on but turned us down. Gary Kasparov. I never wanted him on.

---

GRAHAM CLULEY. Well, I hate chess now.

---

CAROLE THERIAULT. Chess is stupid. I bought him a bottle of vodka. You'd have thought he'd have joined. Piers Morgan. We didn't invite him on.

---

GRAHAM CLULEY. Yeah, we didn't invite him. He's not invited.

---

CAROLE THERIAULT. But, you know, and we need to thank our listeners.

---

GRAHAM CLULEY. Every single one of you. There's a lot of you. Can you, can I just say, you guys are basically, if we were all in one spot, it would be, uh, it would be Glastonbury. I was gonna say that.

---

CAROLE THERIAULT. It would be, it would be. There'd be a lot of mud, rain, misery, camping, bad toilets.

---

GRAHAM CLULEY. But hey, some excellent content.

---

CAROLE THERIAULT. And we got some fantastic feedback. So we put out the call, didn't we, a couple of weeks ago saying, if you've got a favorite bit of the show, if there's something you really enjoyed, drop us a line. And people did. They sent us tweets, they sent us private messages, emails. It was lovely. It was lovely hearing.

---

GRAHAM CLULEY. We won an award this year.

---

CAROLE THERIAULT. Yeah. And we lost an award this year. And we lost an award. Yes. We are going to put some of your favorite bits together in a little oral montage.

---

GRAHAM CLULEY. Thank you everyone who sent in your favorite episodes.

---

CAROLE THERIAULT. We will put some of that after the theme music, but for now, I think it's time to say cheerio. Bye!

---

GRAHAM CLULEY. See you again next week. Won't be that long. It's not that exciting.

---

CAROLE THERIAULT. Look, many films these days, there's lots of sex and violence, isn't there? But there's too much of that, some people say. Personally, I can't get enough of it. I love that stuff. But when I'm fed up with flesh, I'm not afraid. I'm not afraid to turn to fur. And so I—

---

GRAHAM CLULEY. this weekend— I knew you were a furrvert.

---

CAROLE THERIAULT. I knew it. I, this weekend, saw Paddington 2. Did you fall asleep? No, I didn't fall asleep.

---

GRAHAM CLULEY. Not once?

---

CAROLE THERIAULT. No, not once.

---

GRAHAM CLULEY. Did you close your eyes for a ridiculously long time and call it just blinking?

---

CAROLE THERIAULT. I did actually fall asleep, but I only fell asleep sleep for a small part. I haven't even dared watch it, but just because so many times Hollywood has taken a big steaming dump on my childhood, and I just wasn't prepared to, to, to, you know, to let that happen again. So none of you guys have echoes? I can't shout activation commands down the mic at you? Oh no, please don't ask her to do anything, she's listening. I just said her name.

---

GRAHAM CLULEY. It's actually not even Houston Airport, it's LaGuardia Airport. So it shows you all the people sharing it, you know, can't even recognize it.

---

CAROLE THERIAULT. Oh Oh yeah, criticise them for that, Carole, that they can't tell the difference. So all the people who are real airport nerds— I think you'll find that's actually LaGuardia, Nick. You will accidentally maybe make a mistake, or you will delete a file, or you will change some code, and you want to move back in time.

---

GRAHAM CLULEY. Yeah, or you've had a virus threat, for example, or someone's stolen your data. Your house burns down, cat pukes on your disks, whatever. Right. That has never happened to me, that's why I would never mention it.

---

CAROLE THERIAULT. They recognized that they needed to keep really tight control of the fingerprint so that it's stored in a secure enclave on your typical iPhone. And with this new iPhone as well, it's storing that facial information on the device as well. So it's not—

---

GRAHAM CLULEY. I don't know why I do any research at all, really. Yeah, why do you? I don't know. I should just let Graham just do my whole story for me.

---

CAROLE THERIAULT. I'm just— well, I'm not trying to steal it. I was just— I was like, no, it's fine, go. A little bit of tension.

---

GRAHAM CLULEY. Good.

---

CAROLE THERIAULT. They have made a candle which makes your home smell like a brand new Apple Mac.

---

GRAHAM CLULEY. Oh, for God's sake.

---

CAROLE THERIAULT. Oh, they say with every whiff of our Inspire candle, you'll find strong notes of bergamot, lemon, and tarragon. Scent profiles that clear your mind of clutter and stimulate creativity. A unique blend of bergamot and armoise with hints of lemon, tarragon, amber, and musk create a fresh aroma that will liven up any home or office. This is ridiculous.

---

GRAHAM CLULEY. I don't think I can do this podcast anymore. Am I in your favorites list, maybe?

---

CAROLE THERIAULT. You are one of the people who I FaceTime most often.

---

GRAHAM CLULEY. No, no, I understand that, but there's this option, I think, to say this is a favorite person. On FaceTime.

---

CAROLE THERIAULT. And, uh, not a favorite, but yeah, I was about to say, hashtag awkward. You're not one of my favorites. Commissioner Gordon had the Batphone, right? He could do the Bat Signal. If the Penguin was coming in and causing trouble, he knew he could get hold of Burt Ward and the other guy. Adam West. Adam West. Sorry. They're a Hong Kong-based maker of what they call wearable toys.

---

GRAHAM CLULEY. All right. Okay.

---

CAROLE THERIAULT. They're also very fond of the term "teledildonics," obviously. Who isn't? So they've admitted what they call a minor bug in their Android app, which basically resulted in sound recordings being captured while the app was in use and stored on your phone's local storage. So, whoa, whoa, whoa, whoa, whoa.

---

GRAHAM CLULEY. And they were recording the sound?

---

CAROLE THERIAULT. Yeah. So this guy, some guy on basically on Reddit, where everything comes from, He was cleaning up his phone and he stumbled across this audio file that he hadn't expected to be there, and it turned out that it was a 6-minute recording of his session using the Lovense Remote app. No way! 6 minutes, eh? What is a hamburger? A hamburger is different from a beef burger, right?

---

GRAHAM CLULEY. Because hams comes from pigs. Yeah, that's not where the name comes from. It's Hamburg, the place.

---

CAROLE THERIAULT. Oh, really? Yeah. And it's nothing to do with hamburglers? No.

---

GRAHAM CLULEY. Sorry, would you consider yourself a privacy wonk?

---

CAROLE THERIAULT. Are you asking me or Peter? Well, you, Graham, because you just mentioned it. I think in some way, yes, absolutely.

---

GRAHAM CLULEY. You just said it disparagingly, and I was thinking, well, you're in that group, I think. Oh no, there's nothing—

---

CAROLE THERIAULT. don't be ashamed if you're wonking. There's nothing to hide, right? I think we may have forgotten what it was like to be in the middle of the Cold War. I mean, I'm of an age. Graham fought at the Bay of Pigs, man. Maybe not Bay of Pigs, but suddenly in the early 1980s— No, I can't. I just can't. Sorry. With his little spectacles.

---

GRAHAM CLULEY. I'm just amazed that you knew Robin, but not Batman. Graham is an unusual beast.

---

CAROLE THERIAULT. And they can even determine whether you swiped left or whether you swiped right. Left, by the way, Vanja, is rejecting, and right means, oh yes, this is woman who could throw potato over house and would be good match. She would be able to pull plough through field. This is just a little stink pad. They had no computer power. You weren't controlling nuclear weapons from your laptop, for old And, you know, if you're installing Angry Birds, yeah, maybe it's not that big a deal, is it? Sorry, do you understand? One petaflop! One petaflop is what I'm talking about.

---

GRAHAM CLULEY. And yet Facebook still runs really slow.

---

CAROLE THERIAULT. It's because these days with domain names, you don't just have characters A to Z. You've got all those crazy, kooky other countries contributing. I'm sorry, what?

---

GRAHAM CLULEY. Excusez-moi, monsieur.

---

CAROLE THERIAULT. I have to get how you did that. How are you going to listen to Smashing Security podcast while you're in the secure room? Right. No, no, no. So I'm not going to say no speakers. My idea, it's ultrasonics, right? Get a chihuahua. Every office needs a chihuahua. A little Maltese. Or a lovely Maltese. I love Maltese. I love those. A Pooberdor. What's that? It's the opposite of a labradoodle. And it could pick up, it could pick up the high frequencies and go yep yep yep yep yep yep.

---

GRAHAM CLULEY. Poopador could be pug and Labrador actually.

---

CAROLE THERIAULT. That's a poor Labrador.

---

GRAHAM CLULEY. Poor pug. I then deleted my Facebook account and then re-upped it in 2005 and have not been able to get off the stupid thing since. So I am a super— So why can't you get off? What are your— You guys!

---

CAROLE THERIAULT. In fact, a US judge controversially ordered her to unlock an iPhone with her fingerprint. Now, the rule is, if you ever get caught by the authorities, by the feds— cut your thumbs off. Yeah, cut your thumbs off quick. Yeah, preemptively, just in case. You can never be too careful. Bite it off with your teeth. Bite it off and swallow those thumbs. Yep.

---

GRAHAM CLULEY. And then hope the fingerprint disappears.

---

CAROLE THERIAULT. Before. Oh my goodness. Hope you have strong stomach acid.

---

GRAHAM CLULEY. That's right.

---

CAROLE THERIAULT. They went to his house and they found a USB thumb drive hidden inside a box of tissues.

---

GRAHAM CLULEY. Are you sure it's a thumb drive that he was smelling? No offense, but he is a teen boy, right?

---

CAROLE THERIAULT. I wonder what that thumb drive's got on it.

---

GRAHAM CLULEY. Cuz I understand spreadsheets a bit, but I'm no expert in all this stuff. Why are you guys giggling? He's thinking it now. He's trying not to laugh. Is this because of the term backend guru?

---

CAROLE THERIAULT. They also got hit in late July by a type of ransomware called BitPaymer, also sometimes called Frydex. I don't know if it's called Frydex because, uh, Basically, you've— what's the bacon joke? You've lost your joke. I don't know. What's the phrase? What? Is there a bacon joke? Fried eggs and bacon. I don't know. Let me say this again.

---

GRAHAM CLULEY. I just think if you're going to do jokes, Graham, you should just know the punchlines.

---

CAROLE THERIAULT. Yeah. I don't know. You're literally halfway there.

---

GRAHAM CLULEY. I know, but it kind of matters.

---

CAROLE THERIAULT. The last few steps, right? Let me introduce to you my pick of the week, which is— Oh, oh, shit.

---

GRAHAM CLULEY. I'm sorry. Graham, the book that you bought me called The Triceratops Who Loved Me has just been soaked.

---

CAROLE THERIAULT. I was always expecting that to be a book which might get slightly damp. I think you're fine. It does have wipe-down pages. No, come on, what are you talking about? No, no, I'm serious. And so the phone does a very high-pitched squeak that you can't hear outside your hearing. But if they're having a conversation with someone and asking them, when was the Battle of Hastings? When? What? What? What? It's not like they can say it in a really high-pitched tone, is it? It's not like they're a dolphin.

---

GRAHAM CLULEY. I mean, imagine, for example, Ice Road Truckers, right? And you're trying to train them for their first journey out on the ice up north, and you would have a nice calm scene as they're kind of simulating the drive along the mountain, and suddenly hit them with a huge storm.

---

CAROLE THERIAULT. Piers Morgan's in the middle of the road. Will you avoid him or not? No, you're going to hit him. Oh, what a shame. Unfortunately, it turns out that the app has a vulnerability. Unfortunately, my wife is also now printing a document behind me. She's somewhere else in the house.

---

GRAHAM CLULEY. I was wondering what that sound was. Are you Xerox copying your butt right now? Are you paying attention to the podcast? Because this is business, not the app. The app vulnerability was that printing is going to happen.

---

CAROLE THERIAULT. That's my guess. So I don't know how many pages there are going to be.

---

GRAHAM CLULEY. Maybe it's a book. Read a few lines. Read a a few lines. What is this?

---

CAROLE THERIAULT. Let me just find out how much she's actually printing, okay?

---

GRAHAM CLULEY. Now I'm done. I've said myself.

---

CAROLE THERIAULT. You're done. We're done. Close down the podcast. Turn off the internet. Take all the episodes off the internet. Yes. Yeah, we're gonna delete them off iTunes right now.

-- TRANSCRIPT ENDS --