This transcript was generated automatically, and has not been manually verified. It may contain errors and omissions. In particular, speaker labels, proper nouns, and attributions may be incorrect. Treat it as a helpful guide rather than a verbatim record — for the real thing, give the episode a listen.

---

CAROLE THERIAULT. Okay, so are you suggesting that just because he sent the picture of the Deputy Prime Minister of Latvia, that in fact is the Deputy Prime Minister of Latvia that's causing all this hullabaloo?

---

GRAHAM CLULEY. What other possible explanation could there be?

---

CAROLE THERIAULT. Oh, I don't know, just stole a picture off the web?

---

UNKNOWN. Well, well, well, oh, that sounds rather extreme to me. Anyway, Sharon, Sharon was— Smashing Security, Episode 307. ChatGPT and the Minister for Foreign Affairs with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security episode 307. My name's Graham Cluley.

---

CAROLE THERIAULT. And I'm Carole Theriault.

---

GRAHAM CLULEY. Carole, this week we are joined by absolutely nobody again. We had a guest and then—

---

CAROLE THERIAULT. Illness.

---

GRAHAM CLULEY. Yeah, they got the lurgy.

---

CAROLE THERIAULT. Yep.

---

GRAHAM CLULEY. And so it's just you and me. Is that all right? Is that okay with you? Do you prefer doing a show with me or do you prefer having a guest?

---

CAROLE THERIAULT. I'm assuming that's a rhetorical question.

---

GRAHAM CLULEY. Okay.

---

CAROLE THERIAULT. Before we kick off, how about we thank this week's sponsors, Bitwarden, Sealit, and DigiCert. It's their support that helps us give you this show for free. Now coming up in today's show, Graham, what do you got?

---

GRAHAM CLULEY. I'm going to be telling you a torrid tale of love over lockdown.

---

CAROLE THERIAULT. Okay. And I will be looking at OpenAI's GPT service and checking out some use cases. Plus, we have featured interview with DigiCert's Brian Trzupek. He's a senior VP of products at DigiCert. And what a great interview. All this and much more coming up on this episode of Smashing Security.

---

GRAHAM CLULEY. Carole, I am going to show you the picture of a young man. Well, not that young. I'll put it up here. And you can also, if you're listening, you can check it out in the show notes. Take a look at this guy. Let's describe this guy who we're looking at. He's quite a handsome fellow, wouldn't you say? He's probably in his 50s or 60s. What are you seeing, Carole? What are you seeing?

---

CAROLE THERIAULT. Oh, I don't really like to judge. What am I seeing with my eyes?

---

GRAHAM CLULEY. Yeah.

---

GRAHAM CLULEY. Yes. No, what are you seeing with your feet? Yes, with your eyes. Yes, what do you see?

---

CAROLE THERIAULT. He looks very vanilla. You know, he's wearing a blue suit. Yeah. He's got silvery hair. He looks like a sales guy.

---

GRAHAM CLULEY. He looks like a silver fox, if you ask me. He looks lovely. He's got kind eyes. They're sort of a beautiful deep brown, the sort I'd love to sort of dive into. He looks trustworthy. He looks kind of dreamy.

---

CAROLE THERIAULT. No, not to me at all. I'm sorry. I'm sorry.

---

GRAHAM CLULEY. Oh, okay. Well, to me, he just looks like a decent fella. This person you are looking at is Artis Pabriks. He is three years older than me, so he clearly has a bit of maturity about him. And he's from Latvia.

---

CAROLE THERIAULT. Are you into this guy? Is this your new boyfriend?

---

GRAHAM CLULEY. No, not— no, not me. Oh, right. Not me.

---

CAROLE THERIAULT. Okay. No, no.

---

GRAHAM CLULEY. I'm going to give you a warning about him. Back in the day, he completed his mandatory two-year stint in the Soviet Army. Like I said, he's from Latvia. Then he got a degree in history at the University of Latvia and later completed his PhD in political science. He is a doctor. Dr. Artis Pabriks, I imagine he could call himself with that qualification. He used to be the Minister of Foreign Affairs.

---

CAROLE THERIAULT. For Latvia?

---

GRAHAM CLULEY. For Latvia. There is your first clue as to where this story is going. Minister for Foreign Affairs. And now he's the Minister for Defence and Deputy Prime Minister of Latvia. And I have to tell you that he's been a very, very naughty boy indeed.

---

CAROLE THERIAULT. Naughty boy? Okay. Yes.

---

GRAHAM CLULEY. Because you would think being Deputy Prime Minister and Minister of Defence of a country that is, well, frankly, teetering on the brink of World War III because of its proximity to Russia and all the hullabaloo that's going over in that part of the world at the moment, you would think that he'd be keeping his mind on the job and protecting his country and doing the right thing. But oh no, oh no, no, no, no.

And no, he is not, because I have discovered that he has been wooing, wooing vulnerable mothers of two in the UK.

---

CAROLE THERIAULT. Mothers of two.

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. Mothers, mothers of two, of mothers who have given birth twice. Yes.

---

CAROLE THERIAULT. So he goes after people with two children.

---

GRAHAM CLULEY. I don't know. I don't know if he only woos mothers of two.

He might also woo just ladies, spinsters, mothers of three. I don't know. But the whole intent of this, this wooing which is occurring over the internet, is the intent to con these vulnerable people out of money. And let me give you an example.

---

CAROLE THERIAULT. Poor mothers of two.

---

GRAHAM CLULEY. Okay, these mothers.

---

CAROLE THERIAULT. Yes, watch out there, girls.

---

GRAHAM CLULEY. Watch out there. And I know we've got a lot— I've checked our demographic.

I know we have a lot of vulnerable mothers of two listening. Now, mothers like Sharon Bulmer from Manchester. She is 51 years old, and she was on the internet. She was on social media. She was on Facebook, and she got chatted up by someone who was 56 years old called Murphy Townsend. And Murphy said he was from Washington, D.C. He said he was serving with the 37th Infantry Brigade combat team in Syria. So, you know, he was— you know, he's probably quite fit.

---

CAROLE THERIAULT. Right. So she's in Manchester chatting to some guy who says, "I'm from Washington, but right now in Syria." Exactly. Right?

---

GRAHAM CLULEY. Yes.

---

CAROLE THERIAULT. Right?

---

GRAHAM CLULEY. Yes. Already I'd be, "Too complicated." Well, maybe you would, but Sharon was in an unhappy relationship.

She had been dating a fella for the last 29 years. Right. She'd had two children with this guy up there in Manchester, and it wasn't going so well. Things, you know, things had got a little bit humdrum.

---

CAROLE THERIAULT. Right. So spice it up by having some— An affair. Okay.

---

GRAHAM CLULEY. So she said she got these messages, and this guy who called himself Murphy Townsend said he was lonely. He was serving in Syria.

His wife had passed away. He just wanted someone to speak to, and he said he'd been watching her on Facebook.

---

CAROLE THERIAULT. What? Okay.

---

GRAHAM CLULEY. Yeah. Yeah.

---

CAROLE THERIAULT. Now it's not only complicated, it's creepy.

---

GRAHAM CLULEY. Right. Okay. So yeah, I mean, what does that mean, watching you on Facebook?

---

CAROLE THERIAULT. I've no idea.

---

GRAHAM CLULEY. Yeah. You know, cover it with a Post-it note, for goodness' sake, or check out your privacy settings.

But there was a few messages going back and forth between Sharon and Murphy. And Murphy, if that was his real name, because it wasn't, because of course it was the Deputy Prime Minister of Latvia, which was proven when Murphy sent his photograph, but actually sent the picture of the Deputy Prime Minister of Latvia instead.

---

CAROLE THERIAULT. Okay, so are you suggesting that just because he sent the picture of the Deputy Prime Minister of Latvia, that in fact is the Deputy Prime Minister of Latvia that's causing all this hullabaloo?

---

GRAHAM CLULEY. What other possible explanation could there be?

---

CAROLE THERIAULT. Oh, I don't know, just stole a picture off the web?

---

GRAHAM CLULEY. Well, well, oh, that sounds rather extreme to me. Anyway, Sharon, she didn't know how to do a reverse image search or anything like that. So she doesn't know at the moment that she's actually speaking to the Latvian Deputy Prime Minister. She thinks she's speaking to Murphy Townsend.

Now, they're not doing video calls because Murphy, in quotes, or let's call him Artis, he said he wasn't allowed to do that when he was in the field in Syria. Right, he's not allowed to do it.

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. The relationship is going on, you know, it's going wonderfully, everything, you know, albeit via text. And Sharon decides that she's going to ditch her partner of 29 years, who she's had two kids with, instead to go off with this guy who she doesn't realise is the Latvian Deputy Prime Minister and thinks is just a soldier out in Syria instead.

---

CAROLE THERIAULT. Okay, I'm following.

---

GRAHAM CLULEY. Here's the shocking thing. Artis Pabriks, the Deputy Prime Minister of Latvia, hadn't just sent photographs of himself to Sharon. He'd also sent them to about 100 or so other women, trying to woo them as well.

I mean, if he'd been smart, you'd have thought he would have been with his education and so forth, could he not have found pictures of someone else online rather than choosing his own photograph? I don't know.

---

CAROLE THERIAULT. You better tell me it's not him. I'm waiting.

---

GRAHAM CLULEY. Well, you're jumping ahead now, Carole.

---

CAROLE THERIAULT. No, I know. I think all our listeners are with us here. I think everyone is in the know. We're all tapping our noses and just waiting.

---

GRAHAM CLULEY. All right. All right. Okay, so turns out one day, surprise, surprise. One day, Murphy Townsend, if that is his real name, Murphy Townsend says, "Look, I want to come and visit you, Sharon, in Manchester." And she says, "Oh, that sounds lovely. I'll pay for your flight, £1,400." And he says, "Could you pay in bitcoin? That would be easiest."

---

CAROLE THERIAULT. And do you mind if I wear a balaclava?

---

GRAHAM CLULEY. Complicated.

---

CAROLE THERIAULT. It's complicated.

---

GRAHAM CLULEY. He says, "It's the safest to use bitcoin, then it doesn't get stolen on the way." And so she pays the £1,400. And she doesn't hear from him for a few days.

---

CAROLE THERIAULT. Oh!

---

GRAHAM CLULEY. Right? Mm-hmm. But get this. After a few days, you know, she's thinking, "What's happened?" She receives a message from a different email address, also claiming to be Murphy Townsend. And that message says, "Oh, I need a bit more money for the plane ticket." How much more? £15,000.

---

CAROLE THERIAULT. Oh, okay. Yeah, no problem. No problem. Wiring that to you now.

---

GRAHAM CLULEY. It's obviously a private jet.

---

CAROLE THERIAULT. Of course. Because everyone who is— Oh, Jesus.

---

GRAHAM CLULEY. So she's now spent about £16,400 on this plane ticket. And Murphy hasn't shown up. It's the end of the month. He's not shown up. She receives a message from someone claiming to be a doctor. Who says that Murphy's been taken to hospital out in Syria.

---

CAROLE THERIAULT. And they refuse to operate on him unless—

---

GRAHAM CLULEY. Well, funny you should say that, because yes, he's unconscious. He's all right. He's unconscious. Everything's going to plan. We're keeping him in hospital.

---

CAROLE THERIAULT. Do they let her hear him breathe? She can hear him breathe a bit.

---

GRAHAM CLULEY. But there's going to be some payment required. And now Sharon is no dingbat, right? She's suspicious. Oh, she is now. She's thinking— And she thinks, hang on a minute, I'm being scammed by someone who's using a different email address, but pretending to be Murphy. And when she gets to speak to Murphy, he says, "Oh yeah, I got shot in the side, you know, on my way to the airport. I'm going to be in hospital for 6 weeks. But yeah, but—" and she thinks, oh, she said, "Do you know what's happened? I got this email from someone else." And she says, "You know what? That's probably scammers. Did you give them any money?" She says, "Yeah, I did. I gave them £15,000."

---

CAROLE THERIAULT. Oh, right. Because then he goes, "Yeah, yeah, yeah, yeah."

---

GRAHAM CLULEY. And so he's like, "Oh, well, that's terrible. It's terrible. Don't do that again. Make sure, you know, because we're all in this together." Anyway, turns out for the next 2.5 years, Sharon kept on sending money in the form of bitcoin to Murphy Townsend. Nearly £80,000. £80,000.

---

CAROLE THERIAULT. That's not that much money, is it, Graham?

---

GRAHAM CLULEY. It's quite a lot of money.

---

CAROLE THERIAULT. It's a lot of money. Okay. Does Sharon not have anyone in her life who has tried—

---

GRAHAM CLULEY. Who's Latvian.

---

CAROLE THERIAULT. Who has tried to say to her, "I really don't think you're currently with the Latvian Deputy Prime Minister, 'cause I've just done an image search on the picture." She has a 17-year-old daughter called Hela.

---

GRAHAM CLULEY. Yes!

---

CAROLE THERIAULT. She has two kids!

---

GRAHAM CLULEY. Yes. So they're not young kids. You know, they're not super young kids.

---

CAROLE THERIAULT. They know how to use the computer, presumably.

---

GRAHAM CLULEY. They use— I mean, no. And, but it appears that she wasn't really listening to anyone who was warning her of that. She's totally sold on this. She's thinking, you know, yes, he's constantly hammering me for money, but, you know, love is just around the corner, you know. And she thinks it's all going to happen. But yeah, £80,000. This poor woman who worked in some sort of COVID testing centre is given to this suave Latvian politician who's scamming people left, right, and centre.

---

CAROLE THERIAULT. I sound like, how is this possible? Possible, but I think I know a person who is going through this right now with some guy that she's met. He lives in another city. They've never met. They've been dating a year. They can never do video chats because he has some excuse. He never comes and visits her, but plans all kinds of holidays that they put money down for, and then they don't go. And she won't hear of it. She will not hear of it. She is completely smitten and loving telling everyone how smitten she is and how great it is. She has two pictures of this guy who looks similar to—

---

GRAHAM CLULEY. No.

---

CAROLE THERIAULT. Looks very similar to the Latvian—

---

GRAHAM CLULEY. It's the Deputy Prime Minister of Latvia.

---

CAROLE THERIAULT. Deputy Prime Minister.

---

GRAHAM CLULEY. Have you got the pictures, Carole? No. Have you tried reverse image search them? To be honest, and here's my piece of advice for any scammers out there, stop stealing the pictures of suave politicians and— celebrities and things like that. Why not just deepfake a picture and then you won't presumably have its double anywhere on the internet, right? It's weird.

---

CAROLE THERIAULT. Yeah, great advice. Great advice.

---

GRAHAM CLULEY. Well, good advice, but for bad people. That's what this podcast is all about.

---

CAROLE THERIAULT. No, it's not.

---

GRAHAM CLULEY. No. Okay, fair enough. Just to be clear, I don't believe it's the Deputy Prime Minister of Latvia, but it might be. It might be. 'Cause that would be the ultimate cover story, wouldn't it? To say, "Oh, someone's taken my photograph." But in fact, it is him. But it's not.

---

CAROLE THERIAULT. I'm leaving you hanging.

---

GRAHAM CLULEY. Carole, we haven't got a guest this week, so what's your story?

---

CAROLE THERIAULT. Well, we are going to chat ChatGPT because it has just been 3 months since November 2022 that this thing has launched. And this wee service has certainly become the darling of the internet. Everyone and their dog wants to have a go.

---

GRAHAM CLULEY. Yeah, it's been huge, hasn't it? Everyone's talking about, I mean, this new version of ChatGPT, I think it's ChatGPT-3.

---

CAROLE THERIAULT. 4 is on its way.

---

GRAHAM CLULEY. Oh, it's 4? Yeah, I mean, it's scary, isn't it? It's scary in all kinds of different ways.

---

CAROLE THERIAULT. We're gonna explore that here. But first, for the one or two of you that live under a rock and have never heard of ChatGPT from OpenAI, okay, it's an online tool powered by AI and a ginormous dataset taken from the vast web in order to craft responses to our burning questions, right? And it's pretty impressive at what it does.

Like, it's not flawless, but wow. Anyone who's played with it has to say wow.

---

GRAHAM CLULEY. Yeah.

---

CAROLE THERIAULT. Soon after its launch, it had more than a million users from people trying to generate speeches, write school reports, computer code. And there is competition to this, right?

Other tech companies like Google and Meta have developed their own large language model tools, which use programs that respond to human prompts and devise sophisticated responses. But OpenAI, in a revolutionary move, created a user interface that let the general public experiment with it directly. And that is apparently its little secret sauce.

---

GRAHAM CLULEY. Yeah, it is very easy to use, isn't it? You can say anything.

You can say, you know, write me a story about Doctor Who arriving on a planet and being attacked by Cybermen, and it will come up with, you know, multiple paragraphs of a plot of a Doctor Who story. Not just for Doctor Who. I've seen examples where you can give it a proper question you might be asked at a college or university, and it will go and write the essay for you. Maybe not of A+ standard, but certainly good enough to get you probably a passing mark in many occasions.

---

CAROLE THERIAULT. Yeah, yeah. So far it's been free, but I'm hearing it's going to be a fee service soon, and I'm hearing the number $42 a month being bandied around. Would you pay that for access to this?

---

GRAHAM CLULEY. No, I wouldn't. But $42, is that 42 because it's the meaning of life and deep thought and things like that? Yeah, that's what I'm guessing.

---

CAROLE THERIAULT. Okay, so we're going to skip through an eclectic list of use cases, okay, involving GPT. So one is making money. So people are trying to use it to get a raise.

---

GRAHAM CLULEY. Oh.

---

CAROLE THERIAULT. One person was asking for advice and asked, how do I phrase my pay request? And it put up an answer.

This was shared with experts on salary negotiation and was given a total thumbs up. Do you want to hear a bit of it?

---

GRAHAM CLULEY. Yeah, yeah. I'm desperate to hear.

---

CAROLE THERIAULT. I've been working at the company for insert amount of time and have been consistently meeting and exceeding my performance goals. I've also been taking on additional responsibilities and have been a key player in the success of several projects.

I believe that my contributions have added value to the company and have been vital in achieving our goals. Research and data shows that the average salary for someone with my qualifications and experience in this industry is research data. So, you know, sounds pretty good, right?

---

GRAHAM CLULEY. It's a good framework. It's a good skeleton.

---

CAROLE THERIAULT. Absolutely. Yeah, it's like a template. And hey, we used to use those things in the early days of running my company. I used to go to these, give me some legal document to help me make a contract with a company that I might be working with, right? So we all have used templates to write CVs and all this, but allows it to be much more flexible.

There's also real estate. What do you think real estate would use this for, ChatGPT?

---

GRAHAM CLULEY. Would you use it for negotiations? Negotiating the price of a house if you're buying one, or maybe for describing a house in florid terms.

---

CAROLE THERIAULT. Exactly. If you come across a 4-bedroom, 3.5-bathroom home listed for sale recently in a quiet cul-de-sac near Cedar Rapids, Iowa, you might not think twice about the listing and who wrote it, because it will even include things like ideal for entertaining and ample space for relaxation. Not written by a human.

Takes all of 5 seconds to pull together for the agent though, and they're saying the time save is incredible.

---

GRAHAM CLULEY. Are estate agents really human though? I mean, you say not written by— were they human in the first place, I wonder?

---

CAROLE THERIAULT. The article also referenced a woman who had moved into a pre-construction home and couldn't open her windows. So she had attempted to contact the developer for months, no response.

---

GRAHAM CLULEY. Right.

---

CAROLE THERIAULT. A copy of her email was run through ChatGPT asking it to rewrite it with an emphasis on the liability implications. And it worked like a charm because all of a sudden the developer showed up at the house to fix the issue.

---

GRAHAM CLULEY. Oh, I see. So she was describing all the ways in which they could be legally liable if they didn't come and fix all this.

---

CAROLE THERIAULT. She didn't say it. ChatGPT pulled it all together for her.

---

GRAHAM CLULEY. Right.

---

GRAHAM CLULEY. Gotcha.

---

CAROLE THERIAULT. Yeah. In health, mental health company Koko came under fire this month after its founder wrote about how the company used GPT-3 in an experiment to reply to users. And the co-founder Rob Morris had to clarify on Twitter that users weren't speaking directly to a chatbot, that the AI was used to help craft responses.

This is all according to Business Insider. But that's a bit, I can see the temptation, right? It's the same as an estate agent, but then you're dealing with people with mental health difficulties.

---

GRAHAM CLULEY. Yeah.

---

GRAHAM CLULEY. Yeah. You want this to be overseen by a sort of competent grown up really, don't you, rather than left to computers.

---

CAROLE THERIAULT. I think in all of these, you would always want oversight of them because even in the real estate market, it's like they didn't get everything right. We had to go over it and just clean it up, but it saved me so much time.

Copyright is interesting as well. Gizmodo write that ChatGPT has been making the tech industry sweat and now Amazon is feeling the heat because according to internal communications from the company, an Amazon lawyer has urged employees not to share code with the AI chatbot. And they have seen evidence, because it's so close to the real stuff, that people probably have been doing that in order to generate code more quickly.

---

GRAHAM CLULEY. Oh, so they're working on code, they share it with ChatGPT saying, "Can you improve this code or fix a bug?"

---

CAROLE THERIAULT. "Can you find a mistake?" Yes.

---

GRAHAM CLULEY. And who are you giving your code to? What?

---

CAROLE THERIAULT. Exactly, right. So fascinating. And of course, as you mentioned, education and research, right? So I don't know if you know, but I've heard this last week, professors at Wharton School of the University of Pennsylvania released a research paper. And it's called "Would ChatGPT Get a Wharton MBA?"

And they document how ChatGPT wrote and passed one of the final exams to pass their MBA. And one of the profs said it did an amazing job.

---

GRAHAM CLULEY. So here's my question to this, right? I'm just asking the questions here. Does that really matter? Because isn't it a bit like using a calculator?

So you might use a calculator to do the complicated multiplication by 17 equations or whatever, in which case you can't do it in your head and maybe you can't even do it on paper. But as long as you've always got a calculator, you're fine. Similarly, should you have to go through the whole process of proving you are capable of getting an MBA or whatever the thing is, you know, whatever the qualification is, if you're going to have access to something like ChatGPT or that kind of AI technology to help you whenever you find yourself in a predicament?

---

CAROLE THERIAULT. Yes, I think you're right, but I think we're not there yet and we won't be there for years. I mean, think about it, it's totally changed how we can cheat.

In schools, for example, plagiarism has become a huge, huge problem. Public schools in New York and Seattle have decided to block ChatGPT from their devices and Wi-Fi networks. Give me a break, that's going to work.

---

GRAHAM CLULEY. Yes, exactly.

---

CAROLE THERIAULT. Yeah, but to your point, I agree, right? In France, the prestigious Sciences Po University in Paris has also just announced a strict ban on its use.

So we need to find a way to work with it, right? In fact, there was an article in The New York Times about this really recently. We have to, but right now, people are just slamming the brakes on. There's no legislations, there's no oversight, it's kind of Wild Westy, right?

Market is going nuts as well, 'cause there's rumors that investors are tripping over themselves to get into the action, right? Microsoft this month reportedly invested $10 billion into ChatGPT's parent company OpenAI. And with the rise of OpenAI's language tool, Wall Street traders are increasingly betting on chipmakers like NVIDIA.

And they have climbed more than 34% this month alone. So NVIDIA's co-founder, Jensen Huang, has seen his wealth grow by $5 billion so far this year, according to Bloomberg. And they say he's had the largest percentage gain to his net worth among US billionaires so far this year.

---

GRAHAM CLULEY. Because his chips are going to be powering systems running ChatGPT.

---

CAROLE THERIAULT. Yes.

---

GRAHAM CLULEY. Well, ChatGPT, so its way of making money, it sounds like, is it's going to be some kind of subscription service. So you'll pay so much per month to access it, what they're going to do, are they?

---

CAROLE THERIAULT. Well, for the initial pay hump, yeah.

---

GRAHAM CLULEY. Right, I guess they could also probably build some kind of API and they could license people access to it if they want to build it into their own systems. Or maybe they could integrate advertising into ChatGPT so it subtly starts talking about particular products like Coca-Cola in the middle of your essay about Thomas Hardy and Tess of the d'Urbervilles.

---

CAROLE THERIAULT. It's scary, isn't it? It's like it can do anything. But apparently, do you want to hear something it can't do very well?

---

GRAHAM CLULEY. What's that?

---

CAROLE THERIAULT. This is according to a journalist for Business Insider. She used it to craft responses to matches on Hinge.

---

GRAHAM CLULEY. That's the dating app, right?

---

CAROLE THERIAULT. Yep, that's the dating app. So she writes, one person said their most irrational fear was flying. So I asked the chatbot to come up with a funny reply. It said, quote, no problem. I'm more than happy to hold your hand and provide moral support during turbulence. If the plane goes down, at least we'll go together in a romantic blaze of glory.

---

GRAHAM CLULEY. No.

---

CAROLE THERIAULT. So she said she sent it, never heard back. Okay. There was this other one on Reddit someone pointed out. So apparently it said, how much is 2 + 5, right, to ChatGPT? And it said 2 + 5 is equal to 7. And the guy replies, my wife says it's 8. And the reply from ChatGPT, I apologize, I must have made an error. My training data only goes up to 2021 and I may not have the most current information. If your wife says it's 8, then it must be 8. Goodbye, to rate.

---

GRAHAM CLULEY. We all know that data is the most important asset of any business, and the value and usage of information makes data very tempting to thieves. With Sealit, however, you can protect, share, and monitor confidential emails and files without passwords, and it's all integrated with Gmail, Outlook, and file systems. Deploy Sealit across your organization within minutes and achieve peace of mind. Thanks to its end-to-end encryption that relies on the Zero Trust security model. Get the right tool to own your data and gain great Sealit benefits.

Plus, Sealit is offering a very special deal for all Smashing Security listeners. Anyone who signs up for the professional plan can grab 30% off Sealit for a year. And if you sign up to Sealit, listeners can also grab a free Sealit Signature No Trust t-shirt. Woo-hoo! Check out more about Sealit and take advantage of these offers at smashingsecurity.com/sealit. That's smashingsecurity.com/s-e-a-l-i-t. And thanks to Sealit for supporting the show.

---

CAROLE THERIAULT. You've probably heard that organizations are experiencing increased pressure to manage digital trust at scale across multiple functions in IT. The problem is many have a lack of centralized visibility and control, and this is why companies are looking for a unified digital trust strategy. Enter DigiCert Trust Lifecycle Manager.

The Trust Lifecycle Manager from DigiCert sets a new bar for unified management of digital trust. DigiCert Trust Lifecycle Manager is a full-stack solution that unifies CA-agnostic certificate management, private PKI services, and public trust issuance for seamless digital trust infrastructure. Find out how you can implement a full-stack solution in a single pane of glass that offers superior performance, handling, and automation with a single vendor accountability. All you gotta do is visit smashingsecurity.com/digicert. That's smashingsecurity.com/digicert. And thanks to DigiCert for sponsoring the show.

---

GRAHAM CLULEY. So there's probably a lot of Smashing Security listeners out there who might be concerned after hearing about the data breach which recently occurred at LastPass. Now, that allowed hackers to steal customers' password vaults, and unfortunately there were parts of those password vaults which were astonishingly unencrypted. There's no doubt a lot of questions users are going to ask LastPass about how that could have happened and why some of that data was left in that insecure state.

But one password manager that isn't making that mistake is our sponsor Bitwarden. Customers of Bitwarden know that their vaults are entirely end-to-end encrypted with zero-knowledge encryption, including, unlike LastPass, the URLs for the websites which you have saved passwords for.

You can learn more about that in the Bitwarden Help Center and at bitwarden.com/privacy. And if you happen to be looking to switch password managers right now, well, Bitwarden makes it easy.

They support importing from lots of other solutions, and there's even a LastPass migration guide available. Learn more at bitwarden.com/migrate.

That's bitwarden.com/migrate. Smashingsecurity.com/migrate and stay safe.

And welcome back. And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.

---

CAROLE THERIAULT. Pick of the Week.

---

GRAHAM CLULEY. Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app, whatever they wish. It doesn't have to be security-related necessarily.

---

CAROLE THERIAULT. Better not be.

---

GRAHAM CLULEY. Well, the other day I was plowing through the internet, you know, looking at this, looking at that, and I stumbled across a message on Mastodon sent by somebody I follow, which included a very short link to a clip from the BBC 1980s sci-fi show Blake's Seven, which I'm quite a fan of. Sort of camp, sort of Dirty Dozen in space thing.

It's just a little clip of Avon, I think it was, who was the sort of the anti-hero of the show, saying something sardonic as he always did, wonderful Paul Darrow. What about you?

What about me? Why don't you go?

---

CAROLE THERIAULT. You are expendable. And you're not? No, I'm not.

---

GRAHAM CLULEY. I am not expendable. I'm not stupid and I'm not going.

And I thought, oh, that's wonderful. And it turned out that this was a Blake bot.

And what it does is it tweets regular little clips from Blake's Seven, and you can link through to them. You can search for particular parts of the script, and it will show you that little clip of Blake's Seven.

I thought, what a great idea. And then I looked a little bit more deeply, and I found out that there are websites which do this not just for Blake's Seven, but do this for all manner of—

---

CAROLE THERIAULT. Geoff Goldblum?

---

GRAHAM CLULEY. Well, probably, yes. All manner of TV shows, movies, etc.

So I'm going to introduce to you a website called GetYarn. It hangs out at getyarn.io.

---

CAROLE THERIAULT. Okay.

---

GRAHAM CLULEY. And if you go to this website, you can search for a phrase. So imagine you are in some sort of social media conversation with somebody and you want to say, "Whatever," or, you know, come back with some witty riposte, a bit like ChatGPT would.

But you need a clip or a meme or a GIF of someone saying a particular word. You search for it at getyarn.io.

And it comes back with all these suggestions from different TV shows of just the little snippet of one of the characters saying this word or phrase, which you can then turn into a GIF or a video or whatever. And then you can put it in your presentations, social media shitposts, however you want to use it.

And I thought that's probably copyright breaching in all kinds of ways, but I was quite impressed with it. And that is why my pick of the week is getyarn.io.

---

CAROLE THERIAULT. Is this brand new?

---

GRAHAM CLULEY. Oh, I don't know that it is. It's new to me. It doesn't look new. The website design doesn't look very new.

---

CAROLE THERIAULT. No, it doesn't. I was just thinking, yeah, I'm sure kids have been using this for a decade.

---

GRAHAM CLULEY. Maybe they have, but I've only just discovered it.

---

CAROLE THERIAULT. Yep. I didn't know about it either. So, you know, no shame.

---

GRAHAM CLULEY. No shame. So it might be fun to some people, particularly if you're posting memes all the time.

---

CAROLE THERIAULT. Memes.

---

GRAHAM CLULEY. You know, things that. Anyway, Carole, what's your pick of the week?

---

CAROLE THERIAULT. I'm showcasing a brilliant podcast for my pick of the week.

---

GRAHAM CLULEY. Oh, a podcast.

---

CAROLE THERIAULT. Yes, 6 out of 5 stars.

---

GRAHAM CLULEY. Oh.

---

CAROLE THERIAULT. And you're gonna love it too. You're gonna love it too. It's called—

---

GRAHAM CLULEY. Yeah, will I?

---

CAROLE THERIAULT. Seriously, it's called The New Gurus. It's a podcast from the BBC hosted by the wonderful Helen Lewis. She's a British journalist who works for The Atlantic magazine, and she also hosts The Spark on BBC Radio 4. And in December, she published this podcast, The New Gurus, and it's a series which gives us a shrewd look at some of the most well-known self-appointed internet gurus we have jostling for position out there.

---

GRAHAM CLULEY. Who? What sort of people are you talking about?

---

CAROLE THERIAULT. Well, Jordan Peterson or Joe Rogan or Russell Brand or those kinds of people.

---

GRAHAM CLULEY. I think I'd have vomited at a few of those, not just Russell Brand, but yes, okay.

---

CAROLE THERIAULT. Yeah, yeah, yeah, yeah, yeah, totally. He's just the worst. Worst for me. We also have a few crypto bros, some wellness influencers, some productivity hackers, dating coaches.

---

GRAHAM CLULEY. But don't we hear enough about these people already? Do we really want to listen to them more on this podcast?

---

CAROLE THERIAULT. You're not listening to them. We're having an analytical look at how did these people get to become gurus? And more importantly, what is it doing to us, the people that fall in and get snagged in?

---

GRAHAM CLULEY. Oh, right. Yes.

---

CAROLE THERIAULT. So each show takes on a particular form of guru-ness or guru-ship, right? So they analyze from a specific angle or industry. And I was listening, I was "oh yeah, I was pretty deep into that for a bit." So I find it quite interesting because often we think, oh, it's the other people that fall for this stuff. But I think it does a good job of making you feel get off your high horse, you're not immune. It's wonderful. And actually, Graham, the name of this podcast episode gives away the clip that I want you to hear. Okay.

---

GRAHAM CLULEY. Right.

---

CAROLE THERIAULT. But I want you not to look at it. So I'm going to send you a link right now. I'll put it in the document.

---

GRAHAM CLULEY. I'm covering my eyes.

---

CAROLE THERIAULT. Okay. If you want to bring it into 1 minute 10, something that. Okay. Without looking at the name.

---

GRAHAM CLULEY. Okay. 1 minute 10. Yeah. I'm covering up the title with my hand. Oh, how do I move the— Oh, I have to press play.

---

CAROLE THERIAULT. Yeah.

---

GRAHAM CLULEY. Play. 1 minute 10. All right. I haven't seen what it's called.

---

CAROLE THERIAULT. Okay, good. Listen, and then we'll listen to your reaction.

---

GRAHAM CLULEY. Okay.

---

CAROLE THERIAULT. Listen, there's certain wellness practices that people are doing online that are— that they're really rigorously promoting, such as extreme veganism, or on the other side of the coin, extreme carnivorism. And I kind of go, can't we have a balance? How can I find a way that makes me feel the most juicy and excited to be alive? And for me, it's drinking my piss once a day makes me feel good.

---

GRAHAM CLULEY. I'm so sorry if you were having breakfast. I wasn't— I've just seen the title of the episode as well. Yes. Oh dear.

---

CAROLE THERIAULT. Wonderful. So that was one of the episodes, right? One of these weird health gurus. So it's just really interesting and very varied. And I loved it and I love her and I think it's great.

And so check it out. This is my pick of the week, The New Gurus. You can find it on BBC Sounds or wherever you get your podcasts.

---

GRAHAM CLULEY. Thanks very much, Carole. Now, you've been chatting to the folks at DigiCert this week, haven't you?

---

CAROLE THERIAULT. Yes, I have a lively interview with DigiCert's Brian PKI Trzupek. We ponder how organizations can know what they don't know, and Brian's got the answer, so listen up.

So listeners, today I have the pleasure of introducing Brian Trzupek. He is the Senior Vice President of Products at DigiCert. Welcome to the show, Brian. I am totally thrilled to speak with you.

---

BRIAN TRZUPEK. Oh, thank you for having me. I'm excited to talk about this too, Carole.

---

CAROLE THERIAULT. I'm glad because this is not my forte, the world of PKI and certificates. So I hope you don't mind that you're going to be educating me as we chat.

---

BRIAN TRZUPEK. No, no problem. It's a weird world I've been a part of for too many years. I think it's been about 20 years at this point.

So, you know, I'm definitely used to helping people understand this crazy thing called PKI.

---

CAROLE THERIAULT. Okay, fantastic. Well, you do seem to be the guy to chat to because I see in your bio that it says you're a crypto and security tech by day and night and that you worked on the Internet of Things before it was cool. And that PKI is your middle name.

---

BRIAN TRZUPEK. You know, you got to put things on LinkedIn people remember.

---

CAROLE THERIAULT. So, well, there you go.

---

BRIAN TRZUPEK. And they're true though, too.

---

CAROLE THERIAULT. So maybe you could expand on this a little. How did you end up as Senior Vice President of Products at DigiCert?

---

BRIAN TRZUPEK. Oh, man. Gosh, how long is this podcast?

The short version is, you know, I've been just inquisitive my whole life. I have been taking things apart, building things. I'm a software engineer by nature. I still code every single day, right?

On all kinds of stuff. But that kind of exploration that got me into the security— breaking things is fun, fixing them and trying to prevent other people from breaking them is even better.

And my paths led to PKI, you know, quite a while ago. And, you know, then I kind of just sunk into this space and, you know, worked with DigiCert.

Now this is my second time with DigiCert. So I'm a boomerang. I left and came back.

And, you know, this coming back into it this time is kind of after we bought Symantec and pulled that and rolled that into the business. And I kind of helped grow the unified business moving forward and picked up a number of roles.

And for the last, probably the last 5, 6 years I've been on the product side and, you know, kind of helping lead the strategy and vision and the product teams to execute against what we're trying to do to help make PKI easy for people because it is esoteric and kind of a weird thing, but it's at the heart of everything. And so that makes it really important.

So, you know, we try and help make that easy for people.

---

CAROLE THERIAULT. It's atoms, you know, they're there, you know, you're completely dependent upon them, but you don't actually think about them very much.

---

BRIAN TRZUPEK. That's right. I talk to people all the time at parties.

They're like, you do what? I'm like, it's on everything in your pockets, your phone. You know, you have it, you just don't even know.

---

CAROLE THERIAULT. Yeah, exactly. Now, you must have been busy with your new job because times, they are a-changing. There's been a lot of flux in the ecosystem in the last few years.

Apparently, we've seen 3 times increase in remote workers, and that means companies have to move to the cloud. And I mean, this must be jarring, to say the least, for a lot of companies out there. And it must expose pain points. What have you seen?

---

BRIAN TRZUPEK. Yeah, no, you're right. I mean, it's one of the big things we saw, right, as all the pandemic stuff shifted in and people working from home.

You don't think of it right as a worker, you know, somebody who's employed somewhere and trying to get a job done. But there was other people at those companies who had to make that work, right? And so that meant bandwidth, that meant compute, that meant systems, that meant security so you could access things remotely that you once weren't accessing remotely.

There's this domino effect of all of these things that needed to happen to get those people working remote. Those happen very, very quickly, Carole, because the companies needed to do this on a dime.

And so as they were moving forward and doing these things, you know, I'm not going to say every company out there made bad security decisions, but certainly we have seen people cut corners and went very quickly to support what was a very dynamic change at the time. And now we're seeing on the tail end of that, right?

Companies are returning to the office and things are happening. And there's all these systems now that they're looking at and the infrastructure that came with it. And they're saying, man, oh, okay, is this secured the way we want it to be? And is this operating in the way that it should?

Are we meeting the corporate policy and risk profiles of how we deploy these systems, manage these systems? And so there's this renewed look at that infrastructure that grew unbounded very quickly from a security perspective. And so, yeah, we definitely see that growing.

---

CAROLE THERIAULT. I mean, it makes sense. Even if someone said to me, here, plug this TV and this whole sound system together really quickly, I'd make a mess of it. It would probably work.

---

BRIAN TRZUPEK. Right, the right speaker works, but the left one doesn't.

---

CAROLE THERIAULT. Right, but it would be a bit of a mess because when we have to work really quickly, we can't sit there and pay attention to every single thing. Okay, so you've got this environment where people are now back in the office and they want to fix things.

Are they aware that they have a lack of visibility? Is that something that most companies admit to?

---

BRIAN TRZUPEK. It is. It's maybe one of the most surprising things, right? We see— we sit down with customers. You know, I was just in Australia and Malaysia and kind of did a tour out there a couple months ago talking a bunch of customers and that, you know, just the recurring theme from everybody is we don't know where all the stuff is, right?

They're trying to, you know, they have this infrastructure that they're trying to manage and the perimeter of that infrastructure has changed because maybe they had everything kind of in-house or in their data centers or a cloud or something, however they had it configured. And now they've got all this other stuff, right? And it continues to grow.

And then maybe not even related to, you know, pandemic stuff, but just natural growth of the business. They got multi-cloud environments. They've got, you know, different things that are happening.

How do they view security across that whole thing? And, you know, there's somebody who's a CISO or there's somebody that is thinking across the organization about security and how it rolls into all these different things and functionalities that are rolling out in systems and things inside of a company.

But then you kinda have the challenge we hear and see from the customer perspective is, there's always these pockets, right? It's kind of almost an internal, political problem at the companies because, you know, team A and team B, they don't have the same reporting structure, and they maybe view that this is their area and for team A, and this is their area for team B.

And they choose different technologies, or they deploy things with different risk profiles, and nobody's kind of coordinating that. You know, when something happens or a review or an audit or something, you know, something occurs to look at the system, inevitably, you said with your stereo, they find that somebody didn't plug the right speaker in, and you're always supposed to plug the right speaker in per corporate policy first. Right?

And so these are the things that they see happen. And so then they're, man, we just don't have the visibility across all those kind of different silos of operation as to what is happening from our digital trust footprint with the assets in our environment. And it's— we hear it everywhere. It's the starting point of the conversation with the customers.

---

CAROLE THERIAULT. Right. And it makes sense because, you know, you don't know what you don't know, right?

---

BRIAN TRZUPEK. Exactly. And you're right, because they will tell us, hey, look, this is— we know about these things over here. We got these things under control, but we know we don't know what is over there. And that scares us.

---

CAROLE THERIAULT. Yeah.

---

CAROLE THERIAULT. Because we don't know what it is, so we don't know how to fix it. So we don't know. So help us.

---

BRIAN TRZUPEK. Okay.

---

CAROLE THERIAULT. So they come to you and they go, DigiCert, help us. Brian, help us. Right? And you go, well, I have this brand new DigiCert Trust Lifecycle Manager available. So this is a brand new service you guys are offering.

---

BRIAN TRZUPEK. Yeah.

---

CAROLE THERIAULT. Congratulations. That must have been a lot of work.

---

BRIAN TRZUPEK. Thank you. Yeah, you're talking years of work here. So we're very happy.

---

CAROLE THERIAULT. Okay, break it down for us. What can you tell us about it?

---

BRIAN TRZUPEK. Yeah, so I think that the thing that's interesting, so this is a new service that we're offering, new product, but it's built kind of on the shoulders of giants, right? We have all of this technology that goes back literally 18, 20 years in some cases to some of the Symantec and Verisign things that we've acquired through the years, right?

There's all this best of breed. Remember I mentioned PKI is just this nuance. It's kind of this difficult thing to understand.

So there's all this tooling that's developed over the years to make it easy to use. And so we as kind of the leaders in digital trust and PKI, we have just this wealth of these tools and I kind of refer to them as Lego bricks.

And so what we've done is taken all those Lego bricks that make it very easy to manage things related to PKI for users or for their devices or for the servers in a company. We've taken all those Lego bricks, put them together under a single pane of glass for that visibility you were talking about to allow customers to have that central management and control plane across that digital trust, those digital trust assets so that they centrally control.

And there's kind of this, the way that we approach what the customers are doing kind of tells it best because the customers first want to inventory everything. They want to find everything.

And there's a variety of ways to do that. That's a whole other podcast, but there's all kinds of stuff that they want to do to build that inventory.

And then they get to the stage of saying, okay, now we know where all the things are. Tell me what I care about.

And I don't because there's some things I'm never going to care about. Don't ever talk to me about them again.

But then there's the things I really do care about. Keep me notified and updated and get that information to the right people at the right time so they can make the right decisions on those things.

And then because PKI is so complex, don't allow those people to make silly decisions on their own. Automate it for them, right?

Automate how all of that stuff works when you replace it, when you rotate it, when you put a new one, when you fix an old one, just automate that so it follows a central policy. People aren't deviating from it.

It behaves the same way across all the systems in the enterprise. And then that's kind of the last lane is this technology with all those Lego bricks is able to connect to all sorts of technology in that enterprise, which is critical because again, PKI is used everywhere in everything.

And so us having that ability to interconnect and talk to all of those things, it's kind of the table stakes to make the whole system work. And we just skin that all on top of it with, again, that single pane of glass so customers can control all of that from one central place.

And then they can deploy that how they choose. They can use that as a service from us, completely managed and do what they're going to do with the assets that they're managing, or they can deploy it in their cloud side by side with their assets that they're managing there.

Or if they have an on-premise need, third party, country where they need data residency, PKI key sovereignty, etc., they can do that too. And so it's just that flexibility and that whole use case that we're covering and really allowing customers to have that full stack completely integrated top to bottom to solve their problem and reduce outages and mitigate risk.

---

CAROLE THERIAULT. It's like you're the superstore of certificates, just a one-stop shop.

---

BRIAN TRZUPEK. That's right. Yeah, we're keeping everything running for them and trying to just reduce that risk footprint for them.

---

CAROLE THERIAULT. But that is, it's not just a risk footprint that it reduces. It's also a time footprint, right? If you have one point of contact where you can go, hey, I need some help, or hey, can you explain this to me?

---

BRIAN TRZUPEK. It is. Yeah, you're right. And it's probably, you know, obviously these organizations have a ton of servers, you know, depending like an enterprise, average enterprise has something like 50,000 certificates that they manage. That's let alone on me or servers, just servers.

When you look at the user side of the house, Carole, it's insane because you look at a Fortune 500, they have on average about 50,000 employees. If each of those employees has an iPad, an iPhone, and a laptop, they probably have 3 to 5 certificates that company has issued to make all that infrastructure work.

So their VPN works, their Wi-Fi works, all these things are happening. And how do you get all that stuff onto those devices without that user calling support and saying my thing didn't work, right?

Yeah, that's what our technology solves is making sure that all that works transparently. So you wake up in the morning on Monday, all of your devices are secure, they're working, they're configured, and you as a user never even knew the better. And you certainly didn't have to call anybody to go ask for help and suffer downtime and incur costs to help try and fix that stuff.

---

CAROLE THERIAULT. Well, when I was a warrior bunny that had to— road warrior, that's what we used to call it— and had to travel and had to use— I worked for a security company and I couldn't ever get my computer to work when I was in a hotel.

---

BRIAN TRZUPEK. You know the pain.

---

CAROLE THERIAULT. I know the pain. I know the pain. This sounds all amazing and you've summed it up so well. Is there anything that you would like to add?

---

BRIAN TRZUPEK. Yeah, I mean, I think the one thing that's interesting just from a differentiator indicator for how we're doing this that is super valuable and it's driven by customers, right? I'd like to say we're geniuses and we figured everything out, but our customers really are just wise and tell us what to do, right?

And what they have said was, and they've been asking us for years to deliver this product in a way that it is fully integrated top to bottom, right? So we're doing this technology in a way that our DigiCert certificate authority that issues publicly trusted and our private authority that issues, you know, enterprise trusted certificates can all be managed under the single pane of glass and it's fully integrated.

So there's no points of breakage for a customer. Everything just works top to bottom.

But with that same infrastructure, we've also extended that coming in Q1 here and then moving through the year, they'll be able to use any other certificate authority that they want, both public and private, and manage their certificates as well from the full lifecycle perspective through the same product. And so that's one of the key things that we built this whole infrastructure, this whole platform architecture to be very extensible to support things like that.

And now we'll get those rewards as the year goes forward because customers will be able to make a lot of decisions. No customer has an environment where they're using just one thing. We're going to allow them to manage all the things in those environments.

---

CAROLE THERIAULT. Wow.

---

CAROLE THERIAULT. Brian Trzupek, Senior Vice President of products at DigiCert. A huge thank you for taking the time to chat to us and educate me. I'm practically an expert.

---

BRIAN TRZUPEK. Yeah, you are welcome. I'm glad to be here. Thanks for having me.

---

CAROLE THERIAULT. Listeners, you can learn oodles more about DigiCert and their brand new lifecycle management service at smashingsecurity.com/digicert. That's smashingsecurity.com/digicert.

DigiCert. And thank you so much to DigiCert for sponsoring the show.

---

GRAHAM CLULEY. Very interesting. Well done. Excellent.

Well, that just about wraps up the show for this week. You can follow us on Twitter @SmashingSecurity. No, Twitter allows to have a G.

We're also on Mastodon. You can find our Mastodon account if you go to smashingsecurity.com/mastodon and look up the Smashing Security subreddit on Reddit.

And don't forget to ensure you never miss another episode. Why would you want to miss another episode?

Follow Smashing Security in your favorite podcast apps, such as Overcast, Apple Podcasts, and Spotify.

---

CAROLE THERIAULT. Huge high fives to the episode sponsors, Bitwarden, DigiCert, and Seelet, and to our wonderful Patreon community. It's thanks to them all that this show is free.

For episode show notes, sponsorship info, guest lists, and the entire back catalog of more than 306 episodes, check out smashingsecurity.com.

---

GRAHAM CLULEY. Until next time, cheerio. Bye-bye.

---

CAROLE THERIAULT. Bye.

---

GRAHAM CLULEY. La di di.

---

CAROLE THERIAULT. Yeah, you'll really the podcast, man. It's great. New Gurus.

---

GRAHAM CLULEY. All right. Yeah, I will subscribe to it.

---

CAROLE THERIAULT. Yeah, yeah, it's great. And she's got a great voice.

---

GRAHAM CLULEY. Tremendous.

---

CAROLE THERIAULT. Mhm.

---

GRAHAM CLULEY. Well, she's BBC talent.

---

CAROLE THERIAULT. Mhm.

---

GRAHAM CLULEY. You expect that.

---

CAROLE THERIAULT. She's just good.

-- TRANSCRIPT ENDS --